Malware Analysis Report

2024-11-16 10:44

Sample ID 240603-ls2yssae4y
Target 915520aa7041097c205140e9f4a7fac1_JaffaCakes118
SHA256 948ca5b59a4551aeba690ba3c5790d417f344cef7c42916641c3cfcebadf3ab6
Tags
banker discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

948ca5b59a4551aeba690ba3c5790d417f344cef7c42916641c3cfcebadf3ab6

Threat Level: Likely malicious

The file 915520aa7041097c205140e9f4a7fac1_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks if the Android device is rooted.

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

Queries information about running processes on the device

Queries the mobile country code (MCC)

Queries information about the current Wi-Fi connection

Queries the phone number (MSISDN for GSM devices)

Loads dropped Dex/Jar

Declares services with permission to bind to the system

Requests dangerous framework permissions

Checks if the internet connection is available

Acquires the wake lock

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 09:48

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 09:48

Reported

2024-06-03 09:51

Platform

android-x86-arm-20240514-en

Max time kernel

176s

Max time network

182s

Command Line

com.mobile.indiapp

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobile.indiapp/app_plugin/sdk.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobile.indiapp

com.mobile.indiapp:worker

cat /proc/cpuinfo | grep Serial

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 gjapplog.uc.cn udp
US 1.1.1.1:53 puds.ucweb.com udp
CN 59.82.23.82:80 puds.ucweb.com tcp
US 157.185.189.158:443 gjapplog.uc.cn tcp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 msg.api.9apps.com udp
SG 47.241.15.144:80 msg.api.9apps.com tcp
SG 47.241.15.144:80 msg.api.9apps.com tcp
SG 47.241.15.144:80 msg.api.9apps.com tcp
US 1.1.1.1:53 portal.9apps.com udp
SG 47.241.15.144:80 portal.9apps.com tcp
US 1.1.1.1:53 sdkupgrade.insight.ucweb.com udp
US 157.185.189.159:80 sdkupgrade.insight.ucweb.com tcp
SG 47.241.15.144:80 portal.9apps.com tcp
US 1.1.1.1:53 insight.ucweb.com udp
US 157.185.189.159:80 insight.ucweb.com tcp
US 1.1.1.1:53 adn.insight.ucweb.com udp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
US 1.1.1.1:53 gj.applog.uc.cn udp
US 157.185.189.158:80 gj.applog.uc.cn tcp
US 1.1.1.1:53 audid-api.taobao.com udp
CN 59.82.120.37:443 audid-api.taobao.com tcp
GB 172.217.169.66:443 tcp

Files

/data/data/com.mobile.indiapp/crashsdk/tags/unique

MD5 aa8b585208014ba19bf1f57fc5e3e8b4
SHA1 9c1fd7e7c61247845dbe50e3af1c7c3afa96d672
SHA256 23f714a35774f8da74f4b6c86deae1fbe3d0de97a5ef4f27651e2c71488480cb
SHA512 d7913fe42b5d2d4985a289a6def3d6e6a194a4f9dba863a429aa7b10dd9af08feef123cc85d360ef29c3441f95cc71af36337290160ae8b57b3973821016c257

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 36d8e727cbc6b46119bf6d22cfb0212d
SHA1 9e4057a4b451d0fceac7028ff42dcc6e5ac84457
SHA256 e927c9c1ea160b4288ebfa5ce098f08eed546b52d9b753ab4b7d080753470880
SHA512 0cb2ec6f4bcfa58914f41f008dd4d1063ff8178c77184dc186efd76d5a0ff031000afb09327f412a937b35a0034dab78a4311210de5bc84a3dfed0902625b5e4

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 2460c58f13eeb20a287efd0ab9f358cd
SHA1 9a528afcb98657e376def74aec1598b57c8bf5b0
SHA256 c984de66d30a794b8fa7b596cad5de17059c38a0b577d801c65cd3d103992cc8
SHA512 67c8cb3650485c1e00c732a9474347d5618159bed08eacb202e5260913e8b5223505f8391c37ad4a094afb93d084fdab0edecc7cf8bb477764b9fd343659ca0f

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 c6cb94beb5bdd11ab20a93cfd622bccf
SHA1 f9bb1e41a1b8410a8ed862a8253fef7a1a78a418
SHA256 6930c254e0af388260f3d7fa9f650c7ad0c6ca9e6a1244506b3972fc15852cd0
SHA512 779d54eb2c30ba589674393c1eb33184263864bd275c736b4bf526b141e3ce36ee0fed940f11b8d150b230954f18e82f60e6da971870393674c0fabee310ff3f

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 b67e94bf8a52319b6ca405a6e86fc8ca
SHA1 21c4259f3acb07b1040622071ae64ea813ba916b
SHA256 3b25cd0e3f4139735d37e7fcf48bade02f0a91ab697b6e002843483877d7a7e4
SHA512 09ea91f04cd46eb71125d384f228e809e0656bf8ff15cd7325271332f5609ca5d26ac64f844d5b9ae8972e4b671d5346a5c1e3ac40f8540e2024fe9ab3340141

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 cf63d26625b909cf4bdbab3c393928a8
SHA1 09a48464043ffcbca5b5436489e405259a76c7d2
SHA256 253e6fa40eac74fe700de0f1754ef75f743a553676957364bbb2f4807693e1be
SHA512 2a2b48485d4b3e5cb81990627eb32f776d89a376f19f8471041b5e174fd1ebb0d89d0263de40f154cfcc07723715624e8608d043854602abcddd6f4cb9978042

/data/data/com.mobile.indiapp/0384758BCF8C480E/1717408128140.wa

MD5 b844d684f2442b8ec928133a9d9de710
SHA1 f34b77fa1a59eb147828c5fbebbe28fddbbd8cda
SHA256 85a6f4f5d021b11876b2582207d13077a7bb819b8b83ef701e4e10e53c7dfd0d
SHA512 153f2cd63e0cf213f4da0a77b0e00bb4915c1c772c7da3bfadf0b20eb537f1f189ebb5bc4ce3fb41d4cc38222606578f51841942a558b295df14822e52d0a42d

/data/data/com.mobile.indiapp/cache/httpCache/journal.tmp

MD5 8c2c726317a81a4187d3f2c097d68737
SHA1 44ac9d1bc8e2df99519eb40db0ec03f0764577d5
SHA256 b32e3c6fd75464a22cc02834812ebb36792ad20936dfe77f56979854ffeabcf5
SHA512 c2d9bed5a997b904f6d9f77b516a5e871985bfa552d93ec23f25182a3e516e3f5c43565f2d285bad5dda8d35e80ccb879a47d0ca4c5fe201dd7c233af8aa6dc6

/data/data/com.mobile.indiapp/app_plugin/sdk.jar

MD5 4e193ee40974b27cfbaaae738c670d52
SHA1 43208c4de7a277ee19653807418cdcc32ab164af
SHA256 51867af300d957236f2cc616fa505fe20e7eb5e6dd2614c13c68ee2da2ef6028
SHA512 ce46b1938f3f84fe5101c8d922ebdf30f757ac401e608f43047d8472e07092f38da7557aca184652c0d3be033873616381a7d2471072544f6f0f911fa413b24e

/data/data/com.mobile.indiapp/databases/downloader-journal

MD5 63313eae34b9809c4275f6355f701db3
SHA1 940898e20707ce843b12ea6426b991df3a25ed8b
SHA256 e593ea987e1b982ce2075ffa2c0d3786916918c0eb9049a99e6cd592b0c3c261
SHA512 f39f323f7a7693d3ae1c66cd646e427aa05e14a28a28b908968a0e27cf68a9db38a7ad89f0df589ca1ed256ebf1711b64717cb03459ad0aecbbb53f7793fed62

/data/data/com.mobile.indiapp/databases/downloader-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.mobile.indiapp/databases/downloader-wal

MD5 40b11769b07efc52854a90dbf5944db6
SHA1 d58b854414ee93f738fd50bf50f195285758bd7d
SHA256 5a0e451666b650b3e3f171bf0997e6c0725cf8a92287661c2627f45bd08a0c79
SHA512 25e104caaab564f5497e7a7e49e8ea5daab55b8579649268acfe903e8cbd47f475737f98eba917a4fec3977cfe0b41fca0924b0a31b0d2fec381bed64725dcb9

/data/data/com.mobile.indiapp/databases/common_db-journal

MD5 790bea3e189a26d6b047e2837833c8ae
SHA1 a165d1d461b0656e47a312edee46592bbddd2307
SHA256 c041f9f146a3d352e7cf63258d79cb4a37fa7dfe32294a3ae3a73593f52eac97
SHA512 0719e8e92d2889db693876ea5b87223bf10e23d51e626753323b3263a445ad4cc02fa5dda3dba9cf95ec1ac7f4d7a13427f1ef5990b40a8b4daf38f4a7019f79

/data/data/com.mobile.indiapp/databases/common_db-wal

MD5 48c973c428ab48927b2481736530dd08
SHA1 5cc5a4925c15f5aa72e7d2d19860c68c061e7fdd
SHA256 1b2f796c92cbcff5e958cc51aab201825a977cbfdde6d6924d495eca1a41669c
SHA512 a7f6f1cc4b27af1725beff3c4e7c7ab5cd9ee4725627dad9af6448c9b587d0c086bf70d7d27dbd147cbcb862d5e3210b0391036e03a7617c9d3571f13d01dfbd

/data/data/com.mobile.indiapp/databases/WaSession.db-journal

MD5 88923c8c1f174e4e26e91e0566666161
SHA1 f6ffdb9f0527120a35873713e6b53834145ee6aa
SHA256 dbd75b9962383d6127b041dace7b243914925fc7bf0006dd981c013fb7f159ba
SHA512 112b03e319f92cb22e6d6c4f936ca3575a60509fa70c8884f19d15addaaf20490cb290006a16778d4fff244165c5bab2d8c128dac661b349b2686f6b02e25fd1

/data/data/com.mobile.indiapp/databases/WaSession.db-wal

MD5 4672cc64d4c4344f7885847d49e8935c
SHA1 c1232358c481d38cb301154355a19b8e9552358e
SHA256 fdaacd9ee1ed8156fca3607c0a0725d7fbcabfc58d5218a15457b09af5efc8c0
SHA512 62b3d269cba822b2a5316c8624587eebcfc6b07b1fd457f7bb2176fd3273e3a4f0985e4cd94fcafd3855d9b4c906ec63752069d54a42c39b76068080df554151

/data/user/0/com.mobile.indiapp/app_plugin/sdk.jar

MD5 98c34412ba00078ac3a9677fd20a8dd2
SHA1 1316dfef61e42910a7308458e0284a6d940cf177
SHA256 46453218eb570007381e5654e322b3598530610e518bacd75c85f86399727968
SHA512 520eaf9a3cd06f158263531e6dad15c1ba41946df5677545a37448fdf5c323eec4716e092de4e8634badcd19714155ba250021eacb5a48583732167ade8860e4

/data/data/com.mobile.indiapp/app_SGLib/app_1717408120/libsgmain_1528998880000.zip.tmp

MD5 40f15f4d0fe071d0652fd1e4e4d03d5b
SHA1 6b5fd02be0e736ca160406afbe3c790abd53f198
SHA256 d5f192d7f4c3b8ebd19206979d3ab50c5adc2821fd291fc58691cbfb8f344ab8
SHA512 9739ac9938524038a80e572354d901816c82f6f39a2d6f1c638a2db90b2ebfd10d8d11e26f9729adfaee00607d363acb5149d031d515ef8785bde86a3eafb83c

/data/data/com.mobile.indiapp/cache/httpCache/journal

MD5 7b1e4cd1b2a6dd8edfa845c5bcb53121
SHA1 9089324f6ef2ccf7dbeeec815f427959f8c2acd7
SHA256 290a5a1b86f0747446ba47f448b71f93e7309e1e9660d7839181d371a861fe8a
SHA512 87945a5e2c3dcd7ee7ce9aa1134c47187adf4921064df752367e61f22414962e96f1ca83c3c842406c216c175da9b6e819000cd7119777491d7ca31674f9367f

/data/data/com.mobile.indiapp/cache/httpCache/8e1eee55ea67745f25f2177c91c050f7.0.tmp

MD5 88c4d5e7c5702fea508388e697ae9aed
SHA1 b2f914193ca6e4f85acee5a13040992c578ed458
SHA256 7fac97d98ed36c1a467dcaa0579f0c4060c97a04d46ab5c7100cd561d7a09a21
SHA512 2458d49e48360ea96c237248dc1b5f64e422ee784bab34351bd36027e47d3887063432d92f1dc67ba91f1b1afe7fc4b8d2b74fe9d762a912ed606216918833ad

/data/data/com.mobile.indiapp/cache/httpCache/journal

MD5 7a497a754fc8c1212dce81cf6ed0f1fb
SHA1 9647b685df14b61f7c47de708ac1770cd1eac9b6
SHA256 9867e4b8ff6dc6b7da41138bb580dd0491528059e5a5d342ce03e84fcca0c8df
SHA512 8db7d813d9dda56b48d57162511838a459627557dbb7fff2179aabdd7c802e5cb32bf90e9b0d82346e5dee340f48440c993bd88a7ead0f178e221cfdc3a24189

/data/data/com.mobile.indiapp/cache/httpCache/07d39cf0ad09e42abb839d432dbe3625.0.tmp

MD5 01f6ab29d2d2a47647e66d8f96bb458e
SHA1 9affc0ea69e474e58060130ffb99d5d27b1bf70c
SHA256 8046ccd902ee23f2d6734873ea7d81748ef51293cb3a7bf43c732ad551c85e42
SHA512 3099dac422f6ebb3417b850ab8162ae111971c56721beb191e8afe2828964acab006402719359c753efaf0bdc29aa053afd62e5298a331cc6de2287351d69965

/data/data/com.mobile.indiapp/cache/httpCache/07d39cf0ad09e42abb839d432dbe3625.1.tmp

MD5 66559ac6e25f2275449213566d1e847b
SHA1 918e4d1bb264a34d62b9d80cf0f135d421aed3b8
SHA256 dd2b12be6e4c26f9b973672b032449f2a58796f070623cf81847bddc3ad7440d
SHA512 e5ca39856e93e36230ebf374321fbca1696eb772aef72f4f79c719c49c8297c968deea9d425232e42037088f360c992984d6803d0808d26185633fc9f24155dd

/data/data/com.mobile.indiapp/app_SGLib/app_1717408120/libsgmainso-5.3.7011.so.tmp

MD5 cf700b21ec224d3bd3bcd210e6424e00
SHA1 7c8bc069087cc119f08c236c435606b7c5d363f6
SHA256 24addb5e5a182e0f36634c2365606283343d75bfb28ac77a91394256b8b57bac
SHA512 a567d67c636ddb5fe32371d87a6375ae0016c90bc1200a0492b6dbd9f7452fb6e3cc0f2e48efbf83ff24d97b6f504afc7f59229546e9f6ea223fbbf31c129b55

/data/data/com.mobile.indiapp/cache/httpCache/3df030a6708223aaf51a4f90ba747bb1.0.tmp

MD5 126219e7426876ce4c448ce1824858b4
SHA1 e8953c7f9a9170abc62901071a740068c8a7bdbd
SHA256 ab0afac0946bd0a83341fb75dbc20eb8451c68c3cc92c4a4cc02eb0e8e062a28
SHA512 50f36414a5c9597c952e7db34d5c1b23aa4de4e727c6c82cc7fdec170f33e93d6a3d9b6f197fcbdbf724ab5d23c270d735953610f97361d30b0a06e962bd7dc2

/data/data/com.mobile.indiapp/cache/httpCache/3df030a6708223aaf51a4f90ba747bb1.1.tmp

MD5 5157bb34765f44081f9b705b1b7004ab
SHA1 dc88321aaa114aa216ef93639cb786448b8bb962
SHA256 62daed76253127994207a8fe9d0a87c0bd98fdba32d7cc24107106e2d637eb97
SHA512 cc6d3a60687cbb14f7b38d4d96ace1021188e91d7ddc108a070a6e21f8e695f1dc7c2f119c91ea6b5242118b8b59e7dac2844b76386a22666c64448eaf5913b4

/data/data/com.mobile.indiapp/databases/WaValue.db-journal

MD5 6a489c5904d78bec6a1d96701ef28f1a
SHA1 3bed7722858f4dd737172dbfa66b9b6b7fae1b23
SHA256 fa6a651787575a6c5ae582a52d13c65cacf6f01284424a9214b5ea2e59106642
SHA512 d7852315fd8b90f66b3914b447ea52360952b3da14107c278b0836f077d8e6bb2065cf632f25f5639f895e76a0bf1a45466aeb28ded70a85459ef17abe9df441

/data/data/com.mobile.indiapp/cache/httpCache/ffeb124d11be2b36816e4dd9553563e8.0.tmp

MD5 538ed712f1d3c34f328c4c369299be37
SHA1 03b0b856f4d42d8154167ef0e7606799fd686c45
SHA256 2b1d02f29a312a047c78847de961d19160a0b37937888f69d430770662df92e7
SHA512 6eacfd81641a8fd10e72b27d7be4c0ca4a4a227bcfe04af6157016a1e0c5ed217a76f9754865ae6c28dcc11110338adcbc30d86d499caf75d74d486ac36c4506

/data/data/com.mobile.indiapp/databases/WaValue.db-wal

MD5 7690a8fb37954165dd05501cf29b56c8
SHA1 e8c6643c6859e7eef0cc7e8e78cbe0eb1f99c210
SHA256 a8eb4079de95dd85061c93bcaeb3304f18ed992cdd4a6072b0ca8829ea57f69d
SHA512 d0da512362a7baafbf0cd97b6f78c21c8137c38fdaee8d5168f5a85ce97fc25daf90dd0b647484d3e7403235948cba0caabbfd961c71dcba216c9798994dac98

/data/data/com.mobile.indiapp/cache/httpCache/49ed1de5f27ca673b7d26f26db51c2e6.0.tmp

MD5 ccf59361da8a59dfe8323c7c79495ed9
SHA1 511c16a72032b6c9b92bca65f5e6124c7e256ea7
SHA256 904719a5eac711752aca3849cec5692ad3cbdaf7e048a6f514435a6b2982bbd0
SHA512 a378a361affcdf56404ec1a4bb9798e99a2b95ca6e2781e2bafdaef6bb88b3ca51ae00eab9b44e012e6a5bfcd29a0e78792caaf8c9fe55a9c258e35e273d8c99

/data/data/com.mobile.indiapp/cache/httpCache/49ed1de5f27ca673b7d26f26db51c2e6.1.tmp

MD5 d48850ffa9671bc0378da08505a4586a
SHA1 22a4a438a448c2ddb00d5fb6eb76a3c606c9dd49
SHA256 14958ea8eb4dd3f6aeb97fe3c06026a7562f260a7a2ebfd03050d1978f2abd49
SHA512 de95cfc91f96e060fa15937bbf345578851bb6f223aec48d1f1849774df29f70d725b4244d566ddd35995500af38d6cc4119b5f80966a30121e6191e630f8cdd

/data/data/com.mobile.indiapp/cache/httpCache/8d95f064ed2eebc9ac57a9e3f8b83fa8.0.tmp

MD5 ad6eb5e9ce34246b5581ecff6677102a
SHA1 d394c41bfecf3ad9fba3b724cd41f275318cecda
SHA256 88e53d73644786ce47e4bda72a9f4223e34b5a99a53f13dd3026ff787be26e40
SHA512 b6d4fcc19f75e9a3b22a2b006976827f3b3730d934d8801d19cced0b61b20d31fd31994c0eea634425066a76605e0ebdde5fc4f22915e29700a3eb51ef2b4e29

/data/data/com.mobile.indiapp/cache/httpCache/8511cbf74148c3d46007e483c829752e.0.tmp

MD5 ae63c8d2eb051f3a992bdecb065831f1
SHA1 00ddee42572af84bb9fe7e87dc8b3b24611eb979
SHA256 5f77943ef83d4325e1027b2919ed40c52e35c045858048481e31bfe2a6e99670
SHA512 767ac363bae467efeb6d6cf60b72dd620a4a03c340b6b1d5cf1bc564ab31576f9b4ef9f69b0dd39cb71bfd10cfbb7e3ecbcb5f07e49d7b9a09d8f7d983491c0e

/data/data/com.mobile.indiapp/cache/httpCache/8511cbf74148c3d46007e483c829752e.1.tmp

MD5 c5a1c2f1cd257d7eef3506981d7e5adf
SHA1 e11377f181ecfbdfc14de4a97d464dc7c89614f8
SHA256 78487640a46f32aaceb9145ddbe810499a1a772962b0a10ba33a6107597243fc
SHA512 e6edb8d0eefb882d09b0454d97350ace22f51db42c2c26bada3c679a647f413ce630e5f03798149b545a48414330a50d68d51c56365390225e4d5f7f1cc4cba4

/data/data/com.mobile.indiapp/cache/httpCache/3d3a673ece777a8d3ee7c385cdb53444.0.tmp

MD5 1d96a374264f961a301bc09ff4fc0737
SHA1 923188c5b62a2145f41b95afcf9883d3681651eb
SHA256 a7695e920e6b9dec52d192904622f76ef8b2fda185c172feffe4ff24c942dc5e
SHA512 2dea0c2663d318e5daa1eb72dc36effd07a52ba7fbecf21ff7989652621e263d5525e33545106d40a23af43125c5334c5337adb98d392b0d9d481de8844c143b

/data/data/com.mobile.indiapp/cache/httpCache/3d3a673ece777a8d3ee7c385cdb53444.1.tmp

MD5 1275b05ab05642255f4188ce7da01628
SHA1 3f6057fd3131c3d9fc42f9afedcf64de40832a5a
SHA256 f828a8421b4c618224397a7cb8ea3fc6e2d538ec891634506a10b35bffd34136
SHA512 c1a2530c2a309943dcd686126bb2529bdae9ee0210e3b122d10c09ccb75f9a59c14d7ffa0142e69a36d88cf015a21c35a677686d6954eb6696ade0673e2f6713

/data/data/com.mobile.indiapp/cache/httpCache/5f6860b01361bae48506bd671b7cdff7.0.tmp

MD5 ebaeb78ae7ebf105f68767a4ef41ec3a
SHA1 8e21406ce45e7a762278685e037a2e64d241f1a5
SHA256 774bae7594b688569d28cc2900b36bd51e5f02edb79c13e1e7e3d25f9b454d35
SHA512 6226a43906df3d91118e039c79a99942fdadb524e926c9f94408f95f8e4e15aa63b5e7763d35eb5c3cdd3de85e84ee50bc18c9d49b473c07048941bf97764881

/data/data/com.mobile.indiapp/cache/httpCache/5f6860b01361bae48506bd671b7cdff7.1.tmp

MD5 1ea16de94cf63536c1cf8cf959cfa276
SHA1 3647ab50ab9213b3ce16fc05c2b385452b8b81f5
SHA256 af66ea5376ba66de781722960cac72867bede156ecf3c7b286ec64cf1588deff
SHA512 3a39d5d3e8b470662f7821d7125fc1a24544801a085af5ce13fa6fabfe1ac769246cb7291adf5e2dddda593ef6ab1c548b974add40a39816ffc85502f4bffda0

/data/data/com.mobile.indiapp/files/work/PBUD-4345-1717408133709

MD5 ae5731424abf1d776bb8d874278f8a1f
SHA1 8ef49180aeb4dfb5be36000a341b898d9cd931a1
SHA256 d8181f54fe33dcf464d8f9807d65eaa1a5cfc0c824bb1ed342470c6dc48e4a7a
SHA512 9a23ecb1d52c5f265d7ac2d18d11429e46855f2a23007c0087b22c8bc7173521192f0f74d9e9d9e7beabd59d553c05e6226f444a9e6eb116fab090dd6512499a

/data/data/com.mobile.indiapp/files/work/ECPMD-4345-1717408134283

MD5 2fe58793f900d6495aee1ab3820e5b76
SHA1 72552e302a2bb3a98a357d2798a7d94689cdc9e7
SHA256 30da7393b2c1a47e803e7ad1a7f832e28b95177e743dd00e5c45d36d09b935cb
SHA512 3abab6c7182ff8a2b1eb647f51c3a18c969c119bb7f07f010e473b1e649834dd87e7b2cd6c1e9c9078d57aab4538644c8e2df83eebbf941142fffe81bb85f29f

/data/data/com.mobile.indiapp/files/work/ECBMD-4345-1717408134380

MD5 cd7aec959e4cd654df9e825d8a87ac29
SHA1 83b1d251b08a1098b6f22a8eac118e1c561f8820
SHA256 fd70b67907b7d956212f5fe3108599e94a5b0aa5357250ef542f281d6dceb7ac
SHA512 2cd1bca4e07874f8a687ffab5d9d199dc8e44d4d2fcab7b1b1356097d54f592af51d7579cac89d2c7d24ad70e5cc2b33de6d94c5e34174dae51b0faac5815de2

/data/data/com.mobile.indiapp/files/work/ECPMD-4345-1717408136232

MD5 c93c3b180e4a9db4316f74cfbfa188d7
SHA1 fb0e8ef48d80fe52a103900064ff7d2c021148c5
SHA256 21a957f1d92427e3f158c27bf7117c22e823082cfe33a12430804ce8e7fa9b17
SHA512 8d8155261f5cd403aac4e65f78d8a9f2f3e68f59371e677f901c5f68c3e7b2ba6e18b0e844a169a98116cb4e6be261105611a46faa82e5114bfa547c2c88666f

/storage/emulated/0/.UTSystemConfig/Global/322a309482c4dae6

MD5 a5d72c9f57ddbec78deabcf6d57daee2
SHA1 469effaf5166cfcc51f5ad521285f008ce17497e
SHA256 de7e5c12dc2f2acb53254d09bf0285edf708116766e25b36c60c1e252ec574c4
SHA512 4e7838eaee7c6161849df3cddd5a82d7b829b80b53ac00d19acfa70738dd2d84e5171dcbdcfaf147ed1a8fca67a2571dca237c01e95a1b17839be51fc5199b6c

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 09:48

Reported

2024-06-03 09:48

Platform

android-x86-arm-20240514-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.34:443 tcp
GB 172.217.169.42:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-03 09:48

Reported

2024-06-03 09:48

Platform

android-x64-20240514-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.179.234:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-03 09:48

Reported

2024-06-03 09:48

Platform

android-x64-arm64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A