Malware Analysis Report

2024-09-09 13:38

Sample ID 240604-lhdhfscb41
Target e-digital-kyc.apk
SHA256 de40a7bebe5b903abc30d2b028899afccaae9d6f1dc5c5e82424f16b30877c6e
Tags
discovery persistence evasion stealth trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

de40a7bebe5b903abc30d2b028899afccaae9d6f1dc5c5e82424f16b30877c6e

Threat Level: Likely malicious

The file e-digital-kyc.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery persistence evasion stealth trojan

Removes its main activity from the application launcher

Registers a broadcast receiver at runtime (usually for listening for system events)

Requests dangerous framework permissions

Acquires the wake lock

Checks if the internet connection is available

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-04 09:31

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 09:31

Reported

2024-06-04 09:35

Platform

android-x86-arm-20240603-en

Max time kernel

49s

Max time network

159s

Command Line

com.edigitalkyc

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.edigitalkyc

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp

Files

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 9eff932749a3dbc850132c9a71eca916
SHA1 29158f8b9ef6e67f2b5a899596711766ab2430b7
SHA256 e2354ba94ee8349b2bbb478e512dfd1bec877083ad24d9cade20ab190453a501
SHA512 3cc105e0c776efe092a5cc737e098d9cda4cafb3158d7770039d269b770acf651509616dbf36b8efb434dac80c8143d7642e226be5c35776f7942929b88f4215

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-wal

MD5 2b1ff344a2d9dfdf2a3131c9cff9bcc1
SHA1 054c1a3cd74e5f0661182daf24164f2117b6761a
SHA256 bd19a93236061aa2b517e07f8c26d3c1336a0f9f24c5c57ef5c2332264dadc33
SHA512 5309a797dd249f05f8ad337e8954d7f166f9de7d0cb920e6c43afd7acef28f942d048b54537e89adcb92fa317d90405d2d19d3ac601c33d87322ba06b74e3c18

/data/data/com.edigitalkyc/files/PersistedInstallation8679280141783203948tmp

MD5 86f23fc2bdab975cee58cf0ee6efc62b
SHA1 f827795a90a32829aa3502d95f2b63378e74d4e4
SHA256 4cec82b762eaff536105e98a50d656eed674ad7aa65b6ffbfe7dfb52baaa1ad1
SHA512 6cbb7cd793f0133a3533aad19225b7a252209188d36931b4f335091e3c0e5c1879ddf04027bb1d4304fb9aba20643af7e7e8e6d99a9e69ee52add147378b2b21

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 1eb097d1e567d2d90b3f85367cfce210
SHA1 819a8cad8812ea82f3469ee7939016ae483e768d
SHA256 24953017e4b3e772b221c2cf73d758d2455dabfc283022bc22d0e5b1e8c54f7d
SHA512 1fdb40ca25e6e4da8c55d2440da6c4dc3264e19de959d7262aa719a9a8b692dd70aad11c821ba1af265f0ae340501cd3b47384040a1b014b164b2dd2993af895

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 e02c2a8bcbc0613f5f0c302f77fc0fa0
SHA1 3b4103fbe49a79e106192732d7bc04246f03e500
SHA256 febd9432e97191223861a226f83987a08a0fd21c4b72cb7dbc9686897337e274
SHA512 a157a6120ed96451bcd7aa65e8041e28f5f5378b82f5f393e53237500aca8b2f588e12f936699a8a8e404b020618039ba43f8aa644d8499e5cc7ee0de9d065ce

/data/data/com.edigitalkyc/files/PersistedInstallation4001712428580828895tmp

MD5 1823026188f610b3ea9aa661562f6b33
SHA1 56fe8e06238fb73b5922a9c570b6b6faba5ac20b
SHA256 d432ff965bc3378679bf46720a64caa142d8e19f176bf405f1540788d0548ced
SHA512 39a6f8ea19de655f6ef538a2ce61e92b930eff3e2f1b12e499825c23ac49a7651abc80e01f0f6a030a7f2e8107b83a66a3fa90078fc5df461c1c872d331e2d3b

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 bf5d47eebb95db5336ce32256cfd98f0
SHA1 11671cb9bb7b9404018b1677f54d0b81495641e0
SHA256 eea4c4b6c3c1f884785acf74f658dfe7b14a64d0ab5319958e5f489f48f9bee5
SHA512 ab86d7be67ca45cef4e0c6f78ad78e4d88df91fed81dd7ec898de6690fca46960870faa67e4cfb1d0d0c59c39a5fd66d4f027192ecb080e69d67054b0e9e76e8

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 43122fe1f0e1b5ca5a3c6bf01c5d4d49
SHA1 ac5b1dd97d0e53f8f061dca148587a9348b48ee7
SHA256 ef52962bcd4016432df540649725f26fcdb466798d670cfd4662923d8f4723f3
SHA512 094eadb3a5d5e01ecf8343a730aca92573493b577e83611708ec03a4828c6c410c7f2504053694cc3b189951e1d206ac13a7123614eff371d98450f2d76eb14b

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 d07058959bbd6e547c181e0c0b69efc4
SHA1 5cce8e865a05dda3a5a23f3838fde6e90128562b
SHA256 25820c11cbf90bc6264c5bb524b851006b4b8b10ce441f11021f9fcf6b0ad1ba
SHA512 53aa30aeb476f6c1bbf3160670eee8db0c4ca2d837d146c3459f00b40ec450785517293e6ff6a7d14974791b689df45de4b4eaea1aa970f6b94973cbcb47aa70

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 373f74cbe6a54cdda695ec751ed389c2
SHA1 9f2709804f1a49083a6b2722822b983639960792
SHA256 6753fc794c46f7c7f183d8b81d846901c7dfdd5eb3c282f47900c2d9dbf07019
SHA512 3475ffc0e9c93336dc317de6ef0f64e5340b6209dee0d349919b7f10bb7aaedb8e534edbddb2dbefc0b7651c01d71e0768cf9ed21e4ed0450b04deca1597b5a0

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 beed639c9d3d1ea7a6b034f791974295
SHA1 ff6094d4abc2d352d83ca1aaa4aea7e509d29c33
SHA256 1669fc7e36f2d3c9993fbbfb603aebc964dfcad4e8d4346c10396eaf9f3bc86c
SHA512 4e5fe8f4dab4fb558bce26ccc7d9d2e4b1e2c92ca4ba504a431f6d172ca85c3f302723c55c122c3f2a997b5c147a66247e500da6789cbb4d228121d4f0509e60

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 504416cfa3f7fb5c6e77c704bed2085e
SHA1 7a205c46e030c4c8e4756d68457adc9b8e5eebc5
SHA256 632b68c054452e8b2d521944539a6793dc8328ac9271802e97782c90a21fe58d
SHA512 9a417a5a1b742195cc8edea3002a2164d21c441bd83ac975acc1fd8b6bec7a2aba1d8e5621fcde227d37bb31a5c660b4a64a8426fbc1d1df792709eae53fe53b

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 b7f4cd243e6d518acd41af2f7be46949
SHA1 1b9075baf7f2e7c5415f20e0d042f8e1dea374a5
SHA256 c96343feaf2462564d647a7a6241de54cfd3939178d8fa334ac5998ce651836b
SHA512 c5602fd9d18fbe6212a263fd0df35783740fdd5e0e8735724954c878e59d7daed77cff870abb0b1e8e2db6e8fb68ae544aba967d2a93834467fcc1988305c096

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 ce2b2490328e3d05ae132f68a7c8d490
SHA1 cf1b047d7c42afe1f159f9e1e17ca85c8497afbf
SHA256 e271cd31605dcebe73f715740bd40edfd973fa831e8c1f2873d70eeec026ad84
SHA512 1fd0894c00a80c6a69ebf769d88aaba85f6e640497ac374d04180255c85039ac3c86cf3e5a47eaa8818958efdd11e666a1a6c48ec6060d1a42dda6a4b2416ac2

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-wal

MD5 f7f762d83e5c82a2b7a8a68d8a57b8cd
SHA1 7a5a4e30ae54b80efbedf4e14fb80985ce8039dc
SHA256 9e6a1ea735ab3862e4ae5674baa57738556929f1ae604c6aee51076ba6978fc6
SHA512 8a0ce5577c19eee0c1359feaa3a5bbd405f869028103da551123bf8e327bb47f6fcd014e7babd5a6905bf711083a173bc504fb3a14af71c29382d900f64ac8d9

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 3bcfad8c1cce233337ddc03bcb326185
SHA1 521a77871242cdcd8b76b54619d6c8c3d99bcc95
SHA256 974e98f485e17a8ceca1d419222a93bdb596e2c71acab55c8494414317406e0e
SHA512 e5efcdae638db9b63e5e99909ad908bc808e3eb48f9c0ca419688f82f1550b77b7abb063aad69d298e9a0ac863159978f16ce9bc9ceb72e11a4e3d4ba21307c9

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-04 09:31

Reported

2024-06-04 09:34

Platform

android-x64-20240603-en

Max time kernel

126s

Max time network

171s

Command Line

com.edigitalkyc

Signatures

Removes its main activity from the application launcher

stealth trojan evasion
Description Indicator Process Target
N/A N/A N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.edigitalkyc

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.200.14:443 tcp
GB 172.217.169.14:443 tcp
GB 142.250.187.226:443 tcp
US 1.1.1.1:53 edigitalkyc-default-rtdb.firebaseio.com udp
US 35.201.97.85:443 edigitalkyc-default-rtdb.firebaseio.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.169.10:443 semanticlocation-pa.googleapis.com tcp

Files

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 41a73da31383b0195bddaaae004317d8
SHA1 2c5f7e0ac1724bc011948b2cd94da948a2eaf614
SHA256 80f8f14e4c7d6219df6b68834e2340a42025f000bca5e5474c09a34845d8509c
SHA512 6b92cee14044fe540394fa1f57816a31322a70e3a1d7a4ab7472258c641ae899055f4ab6bba67de00a9b51dd576382d009e080ea4ef2f89d3a0079e6e4d17d45

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events

MD5 cae0c8c4b4f9d4dcc4d80231d65b54fe
SHA1 6a95c64d6445ef88bb79fbccfee27b2cb857e892
SHA256 ef30a022a17f8266d1c59086399295f1fd86457aeb9e0fec094f1b27e84e64d3
SHA512 1f9bfd945e8066f7e2969284248d8928e503e96d184d4b6976dfca92d774b0a3ec8735ebe2b44449f5ebaded12e83602888286717b93a490416b59efde5e60a2

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 a7e1321008528ff82cdc9c8d5b7dbcc8
SHA1 7d0fc18d30484334b3ab7ff1432f955125c0b3e7
SHA256 559e8229d2409e2c89c2dcd637179b72adbc03a04f4487248437bc2a8cec3fde
SHA512 303a81dfa408ffeb592e3c0bcf218e71581295e30074a4646fd33d76883f50679517620a55632a6df5dbf3487999671f73199626113c1f3b8ecf22b02bac5258

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 b930fe2a288274a9df8c0d42f68e1795
SHA1 35f1e112a81684ddd9ca82f961336725fb08ca79
SHA256 47ba04b2edab1885fbd2df59739e44c9802d63809609d039713ccd57ae40bf3d
SHA512 d348f3549067df8a965fb8cfd122daee772d6fb631cc58c137a5c798bbcd60cbb51307b1e15e851d9fe564a556cd1ea3ceb895dc98e5a5363578edf787394ab3

/data/data/com.edigitalkyc/files/PersistedInstallation8255441122940439630tmp

MD5 3e62146526e167d9e8a93920f2e85d22
SHA1 83b681404d29658d1346940ac56f19fcddac4866
SHA256 876aaeec2c11421f37f7c44fd6208666234c0e0363366d4b6acdceff0c0a023d
SHA512 6f9d2cfac6b23a92518dfc5ae5e9f048ce530717d6bd57b6d7665c4e5f8d64a02a6918bf3347bdb6a0224e6ca27b0353a6b7d72cb4d2515aeee06318e31c5e4f

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 c99246dd3ef5b361c5de0fe95efbba6a
SHA1 ee7eb39478a19a1fbae73df12d0733f227a214cb
SHA256 c4e37f2a60ccf6720f204198851b3d2ab022753dcaa4ef07d120e5c8419b36d1
SHA512 707b907e56dfe78bd1708c1603e13806d613681b416b538ccfd02c2e7a505de25446a7c801644a14c4df1a866072ccda3d85bd395ff40c5f48d00d1f9f0130bc

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 4d140f80c0333fe3f05948f36eb74168
SHA1 1ae286d0e9e5c429079fba78bb8dcd54af46c27e
SHA256 effba100e70b48642146bdff7669df776e98256821ca80fe02e70b6ba80e3e94
SHA512 23d2d9c95a9605fff6e3e8d7b6d1a59d4a09a0d76cb1bb576023e75b8487fe8da968f8b9947f43f445ef01087be93d6038206ae070252c4531b3c6fae1acd7f2

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 f894b38d66abcb5517c7880af86fbc50
SHA1 859dc619e5a052f7e48c4256dae42d1fea665aa6
SHA256 7490ea5662a514031a24e469c4ff4d415be9fac2863f04c47ea55e0dc4ce4797
SHA512 48ee801ea7091192e30f8cb564edde2449a080d33b0cae9df74020fbeeb4e7c8ea62564ffccdcfb91ce1287b07ba05f30aaf45f95c041900cc24d9384a9295b5

/data/data/com.edigitalkyc/files/PersistedInstallation1546034009156250231tmp

MD5 6bdf199f722d84d67948a3cbdfcbd171
SHA1 1282fd6a6ed7d821e613b167b3e98c33b5dedbe7
SHA256 cfed0c1f9e2c8d8605b3f3799ec49a5f4cd297a7683cd2ff21212b30911b3783
SHA512 4f7610c82e5bed873e9b8f892205db4b53db693f91812f3d23eada99ae23fe298e7dc7919bfce1ac1a67f89bb375e7fe677985a2d0b00c92253f3070c7cf7082

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 7a965efc2a117ec11aaa4e682287d83a
SHA1 05882015398ec342e273575a460ece68a1a80fef
SHA256 31f5b0cce9f068131dd0e0954312aeb728fcc7f1e1b48a7916cc0fa7d0773684
SHA512 afce2fc0c0a1d43ba05b04467ed69fd79c840c93ba0076940b328018c2b92c8805842c0de8b74d07aed9aadfe7b88f6197a85bf67b20c22c1620338a30352fc6

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 07beb9f00ade176ec30ef481e46e2dc4
SHA1 fa3b738577e9b04fb08890aa98a8ea73fd87b70f
SHA256 a17d57b3dfa2b9fa53989d545ab898e8ecd16c665d5b90e1af47bf62e478cef8
SHA512 461e74b4b9ff7b2dddd4ff42bd1ae61a8bc7be66c52bd2234a6babe54d1937365720fb7d45594072d13856b74a7f78bbfe22af19a25c357bd388236046d0e1bc

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 adec1b2bd66c7c1eaf53f3450b9eb378
SHA1 ac9671fa7c91f1c7e478c9377972150cce10220c
SHA256 a7bb7cdbb30c5d0dcd900870577d6eacd43ca0a9d9263686105eb0c9b1e545ee
SHA512 bde24fe531dbf147692ed1c42c6a131fdda98af3e108af9625945f6927569ec7d7edca57acdcc2b4d19c1fea348661a4b049a5f6d462ad374c14641b4cc5f898

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 4abef7060501f17357039fa858d8925e
SHA1 2f12e6a0f0b20c8823c96592b69a0f611a0aa792
SHA256 dc4e9c957b9a7bbefa14a8cf7e66bc74b15401fd95aed0fa18c493aad251018b
SHA512 e59e7f65f9f4fc92259fe4e9ab0f9c0b38e779f9f79ec197a378197992d7cf691c4278556f76e5f3aac0fa9c5af19e04d80fef10dbf743e89aad4ecfc738523c

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 1dde3361d1fb24aa3a1e3968a83aa177
SHA1 ba772a6c98bfed5aea397fbb7e8a03e8c6f37e1b
SHA256 85871b8951b389a4062ae33f1049812244c753bdf576b5690844ebb22b79ce30
SHA512 39471f2f2f361b0c92cfb82cc2dc2a77b4579ca0e60900279b293703e660ff67b956c7d970fb848b2ff81550e356e5b1d74cde69ccb43027645c83987a38b3af

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 e3f2d2966e8513932713fc534f462df2
SHA1 c14be526015230b5dea8952422afb6df8869fd31
SHA256 8b18e82f29059944bbfcd62fa8d9625424eff97882ee2ec133fd277e86a7e398
SHA512 bf18962f82151b141fd17d98ad049c02caaa03dc885d2526900a692669e09673b34d7c7867a1ebb40dfd62f3c46e9212d12f0bd64bfa74f74a663ad13f181162

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 f8c4235b3a971719417693d1349a66f7
SHA1 c54718c511c24bf9031753f413a9668d87733d72
SHA256 c139797a60f915f06b424dbab41a332671acbac9bb0c216324985e1291657108
SHA512 1317ce18abf624a3adba658c68e45f2cbd9c4e868e4d88336f83eaf5eb939c5568cc94e212c687afa22c713c96fd80a10fc3f47db19c7ee3d4ccc33e1e0bfb46

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 5e09e05028698be0813d45d62d9ef8d3
SHA1 a771d67116c78bb02f88429080d4453858104a1e
SHA256 75969cec85b7c9470746d05e45bff119acdd61c5fc1d9c1d3f7d3d8b048d28f8
SHA512 7f7a97b62d04f4a5052b2ba21722e136c4792a30b5ae4e1c10ba9aa99baccf8cbb15d8ee3acea0cea035eb3c9bfe413e6eee59fae4e54f1d828c631e059c54ee

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-04 09:31

Reported

2024-06-04 09:35

Platform

android-x64-arm64-20240603-en

Max time kernel

48s

Max time network

132s

Command Line

com.edigitalkyc

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.edigitalkyc

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.8:443 ssl.google-analytics.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp

Files

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 cdb71f503b89daecac3413d7808e1e47
SHA1 5df279ca59c0484b3526f24715f9f50908c42358
SHA256 6bd0239044f077f69be825f17a6c501ec06d93b95cde2fd033907c02e60fcb28
SHA512 9bc773979d13679bb054e5c0827dbca0cbb29c57b56d233939a930fdc21b4ab89b1ad12dfa786ce8187b12631fcdc0a5105bcca1bb748b32f326214fbbdfec90

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events

MD5 8c7194b5614a30138e16f8ed706b061f
SHA1 09ad77cc8cb4dc83af70b88ea22986a563f2f9b3
SHA256 820ab6befa1aeb7eefe80e7c7973d1264eeadf14a7b395e2e3fd845774bb0cd3
SHA512 bf8a868fd33cf0dc120bd20bb99eb68480b32193281c7484cf5fa261c35c25edc232a0c1e98611a92a3180aff7cd643d0a6a37013f193c4f21de3ed583e6540f

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 8a1fd76b57a658f8ed7daf8bc0551104
SHA1 8b201fed481e4656670447e452e06128b155c202
SHA256 a74130ab3fc3c36396bc4fb641ad985b0a51f2d1513fee6839d2f9d8ebac8a0e
SHA512 b108c1c8d6707a2a8cf83b30df4cc660dbb663e86b34f95449883c7c596d60337cfb3c1b10e6ba11535f0d9b373603c1f24fe7160d6537d8d18e692403617f38

/data/data/com.edigitalkyc/databases/com.google.android.datatransport.events-journal

MD5 afb736cd3ac784405b1406f4f3752b47
SHA1 213eb6385b4332398e070eeefc28d205591b2963
SHA256 c93b19b790476e79028c1b0473acdbe52dc14856c8a0df50c8e5c6a2d1c20b00
SHA512 0493b209dd9114635c86911fdd155ce290445b8d0af11aeb2f70a7b6c40df00b5567db48d24593d97117e587bead31cbcaa08ccf1858ba261857e04553448dc4

/data/data/com.edigitalkyc/files/PersistedInstallation8817285661426179036tmp

MD5 65a55a83262e58571ce78ad23bad6463
SHA1 abb4fe71475a54126ea09e5262ce650eb39910e1
SHA256 83d43d3796c3b1b3f77bd7072517439520a986fac7f18fd9cd66c0166edcdfb6
SHA512 c21db9497c0bb12ce774adec7078700641a3593d0cc854e45b81b53718a45926650fb30b62ce7902e87abf96c1de21e1e0b63e9f29cbdb676aebc367232ec40a

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 eada060f17642f9663436778ce94eaf6
SHA1 7879fad6a9da34f8f151410c3555ca3c25cbb78a
SHA256 45019c851c53397cefe6f6e50f9857f992294c0a0b060e51e6c9c14659f58458
SHA512 43333d7160adbeb7b9906f6543f0c62a215ae92e938cebbb32907cacef997f932978399a856d3ac3ea164371c4f01079d3f642499cd9417589eab101effd77ae

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 acff99350d7b96748ec8ff02695d9c70
SHA1 e0317dc72e1766b5d7776a8371a34647897d8170
SHA256 e2dc0e537f393c30c33f32c615a678c415bef100960fd9cd2466854dffc30dad
SHA512 71694c62121705a4f0f279fe97eb38759436d40bc598531edf46ec345f1e103101f0595b0f3542879d24189dd1f3dfe11c3f1298c3ec772d33e8aa2d0dcb081d

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 3b3f86bf3b0e866aeb76c3c85d8b0e74
SHA1 b46df2d709e244123cda2678b212621ce20616c9
SHA256 e3626a4f68970a050338aba4f745ec5c9b01b89cf37470c5e1d955970645594f
SHA512 3267e2e54a0fa9283e5752551ad1cdb55a981afe0ac42a7c315f4bc10f6b09e5e13d94c94894337e06f5396f6fd92714b8ca88fcb8bcca6ff6212b7eab649158

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 2cdc1df5acbb2bbc14aabb8007782ba3
SHA1 65b3067ef0c2a64cc3cc4d4448bf4063ed225c8d
SHA256 67b45fa07beb91b509436d02592b32e9e2b6a509d7e36ef63f26fd5961000db2
SHA512 169d8e485c3c9c0db7713b4682748e3da4995efe97567aa03c4182d426f3d025f36bd92e853b7a187787cdea4f5cf2adf045b09e09ea600c53811e1ccb792ed7

/data/data/com.edigitalkyc/files/PersistedInstallation5000812603070209143tmp

MD5 d19b1bff5ef2ebaad5a5f98aa0d299b6
SHA1 d677ce08437f91d07ae37b5401e11485844aed9f
SHA256 bfd55e68764024ea9b5f1074d183e7df2e216e9c906287e88b6ac295bfc88054
SHA512 f3b646e686d1611f3bab403e28807a444f7f43ba9ba6e8bf2758173a607a9017c1e321dea003e979da033391133a57c90ff385049d4f03b46bd5f9fd99cdb37d

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 99760d225af58fc6000cc6f165c1320f
SHA1 4a5265655dc795460fd3e16ec172f76582c9ccb5
SHA256 2a11f41fb0c0014a9930128732f7c81a44a81d3285339d94150bc5da4e412ce9
SHA512 d1a109d3f5eb64089279012c80c456f594ba55fde6416fd9fce632bf9244c43626023c280a0a8d035acd28cbc7ca5b91c3f02cd3f20e80ce342682d34d3e2d67

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db-journal

MD5 44bb27af04eebcc50af39abc0e96d298
SHA1 9f3563aaec2cfcb88942b1889ab6f273d956beda
SHA256 d2a84b7497a626eda4bd3c7b0c1524d172031c4428af0bd9614c7af32a4ad9ee
SHA512 146afad3b49bdd08ee54e6bd10409ffd2c68384252c45596709e4ee4051a4512d0dd292f410048e35e155ea888f9b7fc8677d6e47fed6b63d8f8c4f49d9c24f0

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 e4476d67333c6e737129448a39e2d5f4
SHA1 afc1a055f2364603f3c04914f7a812f7c519bfa1
SHA256 425857bc5852eb59b6aea336373b5d65239b53bedaac289070ab50d562f5c0b4
SHA512 7127e2c076d715c87adcfd1b1a4c50af93f7b73c7debcddbdd4d39524845ae4569cf833846ebec8eea49fee8570938c6222dcd3d73e41b540f668876f40a19dc

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 80c255c9798844039f6393cc3fe11e59
SHA1 902f22986dec246476279217e40df50aa88e6029
SHA256 5ab7ba882b49c2e36141a0712b0b88af38d83ce0bc101a97d036f35f07c34144
SHA512 68cccc4e1b6c6f827f6b2389656aeffb03929113fcb442f52b73d4cae9ec4c84f63c829f0d275ab848418d46986e6d9fc80c7b7c577191a8e5f22ecc104b4652

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 98991959f72170fe4dcebf2fbb484af8
SHA1 a444c678638aee16535593211e08ae505b41f013
SHA256 7f1c6c18ca28bd54446a3b941c7646ea024d31bad1515812a2b79a14b64e4147
SHA512 de5c88faa230f097d5f2af35979b3475fb34bad3cae1d40d131e56778adf82791d0f1103d63dc2f2aca20d44fea8322efbd73fab4c28fd73e6efc7bb213aab12

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 ee104a900bb706ba0ab250c3fab8b25d
SHA1 fda470351e2aaaab546121a3b605e9758e6a140f
SHA256 9b84f0b6eade132807ceb89eb99f2f6dd33ad9ada0c0835f96a81421a846f6c3
SHA512 fa5ffbf579a530cfacfb0bd5ebf85e1fd281fd6f779fd7be2fa06418c775ca49dddaaf6f74214aaa72661084c705e5bf8e28918ee44983c0d20343ac2fc149f8

/data/data/com.edigitalkyc/databases/google_app_measurement_local.db

MD5 ad22b18b5d504a6fc24de7a474c0404e
SHA1 010745c4139e627f0db21acc16e33be769980dd9
SHA256 896bbf2ec783b1ebf023641cc22cfa2c059873ce9c5f9f40b9b3f4e734c2c815
SHA512 77aba4a74ddb7d5c2b2c340b7aec79f004f97af49916dad8f430e6f675df613c0e6098cf8fc8519032e47993281c9677b226e2379d895ed4a4c7cf0c59a40023