Analysis Overview
SHA256
da685282a15b8481cc7a8e8924f350830f3f197d208acfeed67dc0c4c7c5f708
Threat Level: Likely malicious
The file 99abbda11ec5969113bbe95637096f8e_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about the current nearby Wi-Fi networks
Requests cell location
Queries information about running processes on the device
Requests dangerous framework permissions
Queries information about active data network
Queries information about the current Wi-Fi connection
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 01:00
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to collect component usage statistics. | android.permission.PACKAGE_USAGE_STATS | N/A | N/A |
| Allows an instant app to create foreground services. | android.permission.INSTANT_APP_FOREGROUND_SERVICE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 01:00
Reported
2024-06-06 01:03
Platform
android-x86-arm-20240603-en
Max time kernel
11s
Max time network
168s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.lushi.zhuanbao/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.lushi.zhuanbao/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.lushi.zhuanbao/.jiagu/tmp.dex | N/A | N/A |
| N/A | Anonymous-DexFile@0xd576e000-0xd577a338 | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.lushi.zhuanbao
getprop ro.build.version.emui
ls /sys/class/thermal
ls /
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | dig.bdurl.net | udp |
| US | 1.1.1.1:53 | sf3-ttcdn-tos.pstatp.com | udp |
| CN | 139.224.56.191:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | is.snssdk.com | udp |
| US | 163.181.154.235:443 | sf3-ttcdn-tos.pstatp.com | tcp |
| US | 1.1.1.1:53 | mhtj.baomihua.com | udp |
| SG | 103.136.221.67:443 | is.snssdk.com | tcp |
| US | 1.1.1.1:53 | mhtj.baomihua.com | udp |
| US | 1.1.1.1:53 | mhtj.baomihua.com | udp |
| US | 1.1.1.1:53 | game.lushihudong.com | udp |
| US | 1.1.1.1:53 | a.tn990.com | udp |
| US | 1.1.1.1:53 | mhtj.baomihua.com | udp |
| US | 1.1.1.1:53 | sf3-fe-tos.pglstatp-toutiao.com | udp |
| CN | 139.196.208.61:443 | dig.bdurl.net | tcp |
| CN | 119.23.61.87:80 | game.lushihudong.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 163.181.154.237:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 119.23.61.87:80 | game.lushihudong.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| CN | 119.23.61.87:80 | game.lushihudong.com | tcp |
| US | 1.1.1.1:53 | dm.toutiao.com | udp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| GB | 79.133.176.222:443 | dm.toutiao.com | tcp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| CN | 101.132.170.46:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | dm.bytedance.com | udp |
| US | 163.181.154.231:443 | dm.bytedance.com | tcp |
| US | 1.1.1.1:53 | dm.pstatp.com | udp |
| US | 163.181.154.237:443 | dm.pstatp.com | tcp |
| US | 163.181.154.237:443 | dm.pstatp.com | tcp |
| US | 163.181.154.237:443 | dm.pstatp.com | tcp |
| GB | 172.217.169.74:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/com.lushi.zhuanbao/.jiagu/libjiagu.so
| MD5 | 98736de515958ae37ae93a0a0e997098 |
| SHA1 | 72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9 |
| SHA256 | 335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421 |
| SHA512 | cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf |
/data/data/com.lushi.zhuanbao/.jiagu/classes.dex
| MD5 | 9c033bd10b44e5d5131977e80ecafc1b |
| SHA1 | 77a150c14bb65f172c5df57b4b303524a9d4ffe8 |
| SHA256 | b0d84fc74b15d0726030b79fe0b72c02515c3f4098d4947ef6aa86cbc4c324da |
| SHA512 | e0dd9ea7c661f965e641085d90b88f0548e4751161740d60f212ac57745088eb09b19c45255b517a3436308632605ed5dcf9553f658189e304f88eb272404b49 |
/data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex
| MD5 | 7a640e93fe289fda6a4b087a1924de12 |
| SHA1 | 440183491f1f3f644c755cd38ca7f1e04e00462b |
| SHA256 | 1589c969ba5be207938c9483fcbccc27a660f29a56d904753a05f0a134158a4d |
| SHA512 | 315d58dc78ceee663f64ac7f312cf505d3b318c197aa190061d6b7cf067a39cd820ce921b91f257504f7407b649808e29106005cadfbe6a513a30ca4674bea4b |
/data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes3.dex
| MD5 | e3cca5affb2b13e55b7bb73c397b11d3 |
| SHA1 | 25110f9caf2ad6bc62bdafdb4e3b70cd93396d23 |
| SHA256 | 10dc27451938c6a4ff8874099824dee1ed9dc23c74cae0924da7f39ccc8c554f |
| SHA512 | 917425ed6e8ac57037867b98f93d786b1162806ed18765b20673103471d6eae331840ff5e81f5d3ff166fd488b57947e345f5cafca16b4f63b5694d23e5efcfc |
/data/data/com.lushi.zhuanbao/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri
| MD5 | 977618bbab25ba4d306e84ad7d27ff38 |
| SHA1 | 7d829827b9bdc68bd397ae04d289af7c10d2a6ad |
| SHA256 | 7dfd35c2b1dca04d7df9b2a616b13f256b378e673998aaf4aa14208a7d0e7aed |
| SHA512 | fc2d72eea5ab72a731ebca308f052ae3c4dfe66dd13241611af72a7632f4cf4283a96a755a945c1f9def64c5309609fbbfda2aaae3f8726705c22d0ba09a59a3 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri
| MD5 | 82d871d7a78c67f431d78f17ea1bfc55 |
| SHA1 | d8879c4900b86ff9ec63d82925f625a7eb9dd266 |
| SHA256 | e8e4af5843005c876db22518d188220f67090c187d6b9ab5b0fc57317c654cb8 |
| SHA512 | e20f92d4724464582559f80bc8c9180d4371d3cce5764637d9991cfe97e882c12bae8296d5d6eb373e332f5551ef7759380b9781242e5a86477d7fbcd49f7b1a |
/data/data/com.lushi.zhuanbao/files/.jiagu.lock
| MD5 | 4580857b58fc139f1391f1009170133d |
| SHA1 | bb8ad40af33b3151c6154cac2331ff11953ca441 |
| SHA256 | 202016a119f12a7809be623c747a0063a1dcbfd8c06d695f9e3f6ba4e34683bd |
| SHA512 | e4f47857cddcc6b0f4af228209c0381f19852e7b02531084e9082676e242217b6d49fd7e697dd3c920c7a8c76ba8745b98cbfb108c4be798de7e80ea8e3d2991 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.rd
| MD5 | 1d2ea4b5d937561a94a9a3a39976081a |
| SHA1 | 6e745905dd297b4ac6b2d423777e84cba406bfa9 |
| SHA256 | 472d7e167a6f26d7223a7ff84053df9b1d083484ba1299223551bccb31ad7537 |
| SHA512 | 109deed33298ff01e28dc7d44c04eca3dfbc94c1a7ed034920c60be4ab543f501485f65e9a963857b3480cb85191ca6714a8c94c5f7a619733f9e1e1e99fb224 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_cf
| MD5 | 5007307710aa02ef54e9c52620567eff |
| SHA1 | e2c9146571581a3cd686689818e1b00a14d61c32 |
| SHA256 | 8f7bb88998b3e94f74ee7e3b2fcb85b218fc76dae157dbdf351c0f6345a10c88 |
| SHA512 | 6f456322312bf236786b003fba4c2580aaf93569f17d985b57a1486f90cff86ebba708f8c8edabaca82b48425ae07a5dc702d2859af7dcd6921fbe577c2f0d6e |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_pid
| MD5 | ef5deb235397f07548506e64c37f7677 |
| SHA1 | 00b24a7cb177ba9db01d6636058c72477f0bd7b9 |
| SHA256 | af7b021d73886155de7f474f254874043c81cbe14983c6340dee71714ac23cba |
| SHA512 | 76ea307987f6e0c8c9a03bdea8a32c9b93f44f6a8de6891aa6ffb3e3a4590d6ded4ebffdc98c3fae2edca7e1ababd44d5dba5996a19d7e60125fd6c28f673be9 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri
| MD5 | 2761c6bf49eac0c9c610b440b3536de6 |
| SHA1 | cf2b8f1b4cf4b18ff7d0893186315d030fa6af39 |
| SHA256 | ec600305deffe07d086eb66eb4984ae681f0b1e84366cbda3f3cd075c4008d32 |
| SHA512 | cfc63564b5f2f5708cad9472b0ee24d63a7a3f24b4a40385d9a4e74b9cfe5e074171c3d155ab8c36b433eee1c1705c61cc8ab67aadf4f5ec4796df5294cba0ca |
/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex
| MD5 | 75d46252620a12dd7343e91c8ba209bb |
| SHA1 | 6615b67e21963e5689685f8494f442dcd729d4d1 |
| SHA256 | c433c8e3f847da2b98ee8b704ea3b7d0f38d6249626dfe26a22bef0c08e5fa71 |
| SHA512 | 9ae5f0ae0a77bc8c9a27a43252ba01d4bbb69a326eb028d2e887d701b202b66a7065765f2f0214d2b0701493634ff33c2104becdb80bf7e8c2657175857b7af8 |
/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex
| MD5 | 4e93a7a07efedcc6e3c741526d2d89a7 |
| SHA1 | e25833d7a51783c17978a7c5e7953d7cf1df80f5 |
| SHA256 | 26fd97dcb56a0ae4ffee7b9514cb697de101ad39e3b2af2933b1eadf409b740e |
| SHA512 | 94a5e0b50c0efc69b79fe9b46513537b798a45d00234a7fe1c529e7d5eb153704ec9966a0e0819983f726260579707d7b82e7b31f845fa7602e06c078b98319f |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk.h
| MD5 | 678d244849ea46b0e5e7ad988a147ef6 |
| SHA1 | 38f14e5f8f54898430708498a61f83d137626e75 |
| SHA256 | 8384b8c5a2aa1a042b8bc6dc8fa6da78260ecefda622c520bdcfc765142e6314 |
| SHA512 | 11f8772a9f83d34789dcc45b27f021b57be73ad58daa92257a131979d9df7cd95303aff24292b6b8a469a50483d0973691228271a57b6c1d31b03fda162f68b5 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk
| MD5 | 7185cffb69741d6fc9101133221a287c |
| SHA1 | c1f4fbde37dd4ae43c7f8b50c5cc079f4bc51f0f |
| SHA256 | a7dda74b143acfce1a566911a709d137d0118dfca53b03375cad84ed90d3631a |
| SHA512 | eea9e239065ae3965f8e4c531f189934563ee06692fd2ac8c82dc348069be784961b33bb7432c75715814ed92e04202cbd8b7194497b9f7ed6d2ef35ca0c9ae2 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ac
| MD5 | b9c64f04129ffc89111b5e5d879dc0d3 |
| SHA1 | 7fd48d28f8720e82108283d95d14b277731825a1 |
| SHA256 | 9261dcf52bcb9f2c8cbeebdb93f6f6d1ccecf1da6a5600d06afd3c78003ad89f |
| SHA512 | 1c3c28f3939fdfb3a06729c5d9d77f1c7a58b8850abbdbf89ac2eaedebcccbef5db1804ac07ad56224f9e060b2f2eb7e90bf7b450b89bd4bfa939646237ec9e4 |
/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ic
| MD5 | c45c23630cfcf468ad03b4e9877aa5f2 |
| SHA1 | cf30d569f48cdca48b50e4081915ea9fb9afe1a5 |
| SHA256 | db2142b77a6511c1f110f2e65c5b13e8456309d106e33b99ad7a7e3eb2f9fdc6 |
| SHA512 | a17cb02f69eb27f0ff3215380b398f8f16c8f3ea9fb787a5004ab6fcd0263fcf819f8e8fb19e8d529fcadc57b190f0191ff1c3ae4da5ed03316c29a5bc63dee2 |
/storage/emulated/0/com.lushi.zhuanbao/config/5ac714da7be6d534dd74c84a097f98e0
| MD5 | a376113c0d0b9abff1dab8a18ffcc64f |
| SHA1 | 8d2ae39484ed87ab9bc1da73a0b301d4ccbb312f |
| SHA256 | 097d02f9eb6d41e9de17c5afd81b20cb6ce1308243bff6e99bd3668bbfe30e86 |
| SHA512 | 7cad3278f53dc7dfe23408544f655c5ad59bf2c93c0b023ac4348818115b984ba26a8e975792d90ac64da9385fc5af31c8495be3c4738c9018e0766abeb14465 |
/data/data/com.lushi.zhuanbao/databases/npth_log.db-journal
| MD5 | cf4139bc4f17701ab1d6c65e8cd3d482 |
| SHA1 | 2c0e9c210ff7bf587b2ecb3fbed32f079e59a633 |
| SHA256 | 57e930bde1ee50df00f027a609c527411749548aa3bc71b25183eb65779cea76 |
| SHA512 | 93aa11911fb57fbaaa0d135a88b58915f48c30bd954e56a51c1cb01acba6e27703cd2f197fff2611de2aac2b6b709977b4b293b576fb4fa21385b15af16f4f5b |
/data/data/com.lushi.zhuanbao/databases/npth_log.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.lushi.zhuanbao/databases/npth_log.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.lushi.zhuanbao/databases/npth_log.db-wal
| MD5 | 5d0c6f958673773cad3395ea2a4d996f |
| SHA1 | fdb02c74808e295c5fec3cc6fd4ce02bf1e3c6f7 |
| SHA256 | 94f16ac6f30c82a09824bdc7e7bd6b53dc10380519ba150cd0cfc8ea7754a232 |
| SHA512 | 25840e587bf75bf0b08cb61c066932a88b50d44f5ed52159597775175dc3f8d6d69f930796e0944b9a184ff0382e961b207b347b2e942a3d59df8e9c8a8744c0 |
/storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat
| MD5 | 6a4926be795877132ddda663525daec2 |
| SHA1 | 021eadacda0f6fd359756b90339a95c49c1f1318 |
| SHA256 | 63f81a29171c83ad99c2cccbc00b3910252b12ada8daa9f1da6854db2ba54611 |
| SHA512 | 76e663d69b0b8d5f279c4082d3b5f5c4e7dcd2bce60c73f3e4e917e4e3caf184bfae36c88880df197d121f6c6442dcb22656a0021d534a902151bbae595440c7 |
/data/data/com.lushi.zhuanbao/databases/bytedance_downloader.db-journal
| MD5 | 2e63f04c03c15efea28d88875f219e09 |
| SHA1 | 543578e4928b3e7c9be3a93cce5b6afa1506f4e7 |
| SHA256 | fb23044592300dc63df84f4ba7fac4d4b99e03c5776f8805f8a6ede0019345c5 |
| SHA512 | fa97b8e9f24c462b1a270b8530c32187f540bbf53c99e62fca78dd75bd1b98c47674d3512596a5eef87356e4f3d229fe78bc71aecd5ccf0c2811ffdbdbe76767 |
/data/data/com.lushi.zhuanbao/databases/ttopensdk.db-journal
| MD5 | 9e20ee865ab19730df372be7a8bb726c |
| SHA1 | 8cd15f0dc87ac539000baadb3bcf0041926a27c4 |
| SHA256 | 7c0c860ffb31f2ed0d0af15c15bb3f1156afc87ecd6d5649b322687f86efd323 |
| SHA512 | 00ad1570a3941472461222926cf4606de3614ed3be6ecb239532f9250c663439a195fb286c77b393104684f333c3e16ff0ec76497774d320dabbeabcb89ef708 |
/data/data/com.lushi.zhuanbao/databases/bytedance_downloader.db-wal
| MD5 | f04a96bc546901590168a2e36f52cd5f |
| SHA1 | 7a656c0fe074ef016118618bc97771ced9403b63 |
| SHA256 | 9c8b67ae31c231846f97dffc79c40c3e75b7c236d40beec7a6caea32ad65508c |
| SHA512 | d3a871c80982fd728d08bdd7868ca79193f261916978c684aea889e818714c7e7163ba48b38f1fac1f4daab4bd706b8fbfe3f2f22a46b0996c513db2ce815d3f |
/data/data/com.lushi.zhuanbao/databases/ttopensdk.db-wal
| MD5 | b664a2e26b546a4efdf4fa3778f8eb3e |
| SHA1 | f37c9ea1bd39bfabbaa8cfe4fc6c70f117307568 |
| SHA256 | 894019b371b3a48a012e92ad73d90c0ed9613e7170f4eb568c7ffbb7dc3d4fff |
| SHA512 | 801e3e30c532f386319679ffb9ee12475f057f9103701a56f8df193ebf3bd56ad915d797df8cd2eebd8e889ba1e3f21daef003eae6dc98f08e89a9998a352147 |
/data/data/com.lushi.zhuanbao/app_crashrecord/1004
| MD5 | df010706abdbce9e452947d776d517ed |
| SHA1 | 1c0106bafddf5623ba7902e1de95ae1c6193eaf2 |
| SHA256 | f8b73716dd1650625df60df5126a1a837a9838f9e6337de8fbae0608bd79a09f |
| SHA512 | 389d54888418844784cb63ce3492c7244f804c60ef93c82d60d2728540c232df6ecd0ce616027ee21563e48587a087f6c4174994062ed907bdaa75d184a0d818 |
/data/data/com.lushi.zhuanbao/databases/bugly_db_-journal
| MD5 | cb57ed3c4e0b32bcd0310f8fbdcb3261 |
| SHA1 | de5d6cdb5f3c20de465f447acad64460706c0572 |
| SHA256 | e249f811f9b64df3ac8f96e2370dc86979f41b93e81d4569b3e9f8f630f96635 |
| SHA512 | a59c241fc3adf571cc98c173a01c7974b4c8727c3f368408bbec64278c06ed13b83813b086e696fcf5252d9cbf76703843754fb7936f3376ef6f70e5849733e5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 01:00
Reported
2024-06-06 01:00
Platform
android-33-x64-arm64-20240603-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.228:443 | udp | |
| GB | 142.250.187.228:443 | udp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-06 01:00
Reported
2024-06-06 01:00
Platform
android-x86-arm-20240603-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |