Analysis Overview
SHA256
3442d0064033d639fbda27e67b8275b66f798112ff8ed04ca1a55bcfe83c5dfe
Threat Level: Likely malicious
The file 99abeb17ff84cb1510ac4684851864d0_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Requests cell location
Queries information about running processes on the device
Loads dropped Dex/Jar
Makes use of the framework's foreground persistence service
Queries information about active data network
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 01:05
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to receive WAP push messages. | android.permission.RECEIVE_WAP_PUSH | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to monitor incoming MMS messages. | android.permission.RECEIVE_MMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to write the user's contacts data. | android.permission.WRITE_CONTACTS | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows read access to the device's phone number(s). | android.permission.READ_PHONE_NUMBERS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:08
Platform
android-x86-arm-20240603-en
Max time kernel
167s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
| N/A | /data/data/com.greenpoint.android.mc10086.activity/mix.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.greenpoint.android.mc10086.activity
/system/bin/sh -c getprop ro.board.platform
sh -c getprop ro.yunos.version
getprop ro.board.platform
getprop ro.yunos.version
/system/bin/sh -c type su
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.greenpoint.android.mc10086.activity/mix.dex --output-vdex-fd=58 --oat-fd=59 --oat-location=/data/data/com.greenpoint.android.mc10086.activity/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
chmod 700 /data/user/0/com.greenpoint.android.mc10086.activity/app_bin/daemon
com.greenpoint.android.mc10086.activity:plugin
sh -c getprop ro.yunos.version
getprop ro.yunos.version
com.water.richprocess.push.keepaliveservice
sh -c getprop ro.yunos.version
getprop ro.yunos.version
mars_d -p com.greenpoint.android.mc10086.activity -s com.water.richprocess.DaemonService2 -p1r 41 -p1w 56 -p2r 58 -p2w 59
getprop ro.product.cpu.abi
logcat -d -v threadtime
getprop ro.product.cpu.abi
logcat -d -v threadtime
/system/bin/sh -c getprop ro.miui.ui.version.name
getprop ro.miui.ui.version.name
com.greenpoint.android.mc10086.activity:plugin
/system/bin/sh -c getprop ro.build.version.emui
getprop ro.build.version.emui
/system/bin/sh -c getprop ro.lenovo.series
sh -c getprop ro.yunos.version
getprop ro.lenovo.series
getprop ro.yunos.version
/system/bin/sh -c getprop ro.build.nubia.rom.name
getprop ro.build.nubia.rom.name
/system/bin/sh -c getprop ro.meizu.product.model
com.greenpoint.android.mc10086.activity:remote
getprop ro.meizu.product.model
/system/bin/sh -c type su
/system/bin/sh -c getprop ro.build.version.opporom
getprop ro.build.version.opporom
/system/bin/sh -c getprop ro.board.platform
/system/bin/sh -c getprop ro.vivo.os.build.display.id
getprop ro.board.platform
sh -c getprop ro.yunos.version
getprop ro.vivo.os.build.display.id
/system/bin/sh -c type su
getprop ro.yunos.version
/system/bin/sh -c getprop ro.aa.romver
sh
getprop ro.aa.romver
/system/bin/sh -c getprop ro.lewa.version
logcat -d -v threadtime
getprop ro.lewa.version
/system/bin/sh -c getprop ro.gn.gnromvernumber
/system/bin/sh -c getprop ro.miui.ui.version.name
getprop ro.gn.gnromvernumber
getprop ro.miui.ui.version.name
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version
/system/bin/sh -c getprop ro.build.version.emui
getprop ro.build.tyd.kbstyle_version
getprop ro.build.version.emui
/system/bin/sh -c getprop ro.build.fingerprint
/system/bin/sh -c getprop ro.lenovo.series
getprop ro.build.fingerprint
getprop ro.lenovo.series
/system/bin/sh -c getprop ro.build.rom.id
/system/bin/sh -c getprop ro.build.nubia.rom.name
com.greenpoint.android.mc10086.activity:channel
getprop ro.build.rom.id
getprop ro.build.nubia.rom.name
/system/bin/sh -c type su
/system/bin/sh -c getprop ro.meizu.product.model
logcat -d -v threadtime
getprop ro.meizu.product.model
/system/bin/sh -c type su
sh -c getprop ro.yunos.version
/system/bin/sh -c getprop ro.build.version.opporom
/system/bin/sh -c getprop ro.miui.ui.version.name
getprop ro.yunos.version
getprop ro.build.version.opporom
getprop ro.miui.ui.version.name
/system/bin/sh -c getprop ro.vivo.os.build.display.id
/system/bin/sh -c getprop ro.build.version.emui
getprop ro.vivo.os.build.display.id
getprop ro.build.version.emui
/system/bin/sh -c getprop ro.lenovo.series
/system/bin/sh -c getprop ro.aa.romver
getprop ro.lenovo.series
getprop ro.aa.romver
/system/bin/sh -c getprop ro.build.nubia.rom.name
/system/bin/sh -c getprop ro.lewa.version
getprop ro.build.nubia.rom.name
getprop ro.lewa.version
/system/bin/sh -c getprop ro.meizu.product.model
/system/bin/sh -c getprop ro.gn.gnromvernumber
getprop ro.meizu.product.model
getprop ro.gn.gnromvernumber
/system/bin/sh -c getprop ro.build.version.opporom
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version
getprop ro.build.version.opporom
getprop ro.build.tyd.kbstyle_version
cat /sys/class/net/wlan0/address
/system/bin/sh -c getprop ro.vivo.os.build.display.id
/system/bin/sh -c getprop ro.build.fingerprint
cat /sys/class/net/wlan0/address
getprop ro.vivo.os.build.display.id
getprop ro.build.fingerprint
/system/bin/sh -c getprop ro.miui.ui.version.name
/system/bin/sh -c getprop ro.aa.romver
/system/bin/sh -c getprop ro.build.rom.id
getprop ro.miui.ui.version.name
getprop ro.aa.romver
getprop ro.build.rom.id
/system/bin/sh -c getprop ro.build.version.emui
/system/bin/sh -c getprop ro.lewa.version
/system/bin/sh -c type su
getprop ro.build.version.emui
getprop ro.lewa.version
/system/bin/sh -c getprop ro.lenovo.series
getprop ro.lenovo.series
cat /sys/class/net/wlan0/address
/system/bin/sh -c getprop ro.build.nubia.rom.name
cat /sys/class/net/wlan0/address
getprop ro.build.nubia.rom.name
/system/bin/sh -c getprop ro.meizu.product.model
getprop ro.meizu.product.model
/system/bin/sh -c getprop ro.build.version.opporom
getprop ro.build.version.opporom
/system/bin/sh -c getprop ro.vivo.os.build.display.id
getprop ro.vivo.os.build.display.id
/system/bin/sh -c getprop ro.aa.romver
getprop ro.aa.romver
/system/bin/sh -c getprop ro.lewa.version
getprop ro.lewa.version
/system/bin/sh -c getprop ro.gn.gnromvernumber
getprop ro.gn.gnromvernumber
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version
getprop ro.build.tyd.kbstyle_version
/system/bin/sh -c getprop ro.build.fingerprint
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version
getprop ro.build.fingerprint
getprop ro.build.tyd.kbstyle_version
/system/bin/sh -c getprop ro.build.rom.id
getprop ro.build.rom.id
/system/bin/sh -c getprop ro.build.fingerprint
cat /sys/class/net/wlan0/address
/system/bin/sh -c type su
getprop ro.build.fingerprint
cat /sys/class/net/wlan0/address
/system/bin/sh -c getprop ro.build.rom.id
getprop ro.build.rom.id
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.234:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | data.openspeech.cn | udp |
| CN | 117.48.148.47:80 | data.openspeech.cn | tcp |
| CN | 117.48.148.47:80 | data.openspeech.cn | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | log.tbs.qq.com | udp |
| HK | 129.226.106.211:80 | log.tbs.qq.com | tcp |
| HK | 129.226.106.211:80 | log.tbs.qq.com | tcp |
| CN | 117.48.148.47:80 | data.openspeech.cn | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | clientaccess.10086.cn | udp |
| CN | 117.128.1.81:443 | clientaccess.10086.cn | tcp |
| CN | 117.128.1.81:443 | clientaccess.10086.cn | tcp |
| CN | 117.128.1.81:443 | clientaccess.10086.cn | tcp |
| US | 1.1.1.1:53 | umengacs.m.taobao.com | udp |
| CN | 36.143.252.67:443 | umengacs.m.taobao.com | tcp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.46.246:443 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | amdcopen.m.taobao.com | udp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 117.48.148.47:80 | data.openspeech.cn | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.map.baidu.com | udp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 36.143.252.67:443 | umengacs.m.taobao.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | umengjmacs.m.taobao.com | udp |
| US | 1.1.1.1:53 | umengjmacs.m.taobao.com | udp |
| CN | 36.143.252.67:443 | umengjmacs.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 106.11.61.137:80 | tcp | |
| CN | 106.11.61.135:80 | tcp | |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 106.11.61.135:80 | tcp | |
| CN | 106.11.61.137:80 | tcp | |
| CN | 36.143.252.67:443 | umengjmacs.m.taobao.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
Files
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | 6199dccc3b11c24af384b32c89145caa |
| SHA1 | f338d68ba44d31c25bd1fbcb2ff5a27f947c3265 |
| SHA256 | af5636244e0b66f3f4b28062a1a448ead8284efe7dbbe8eca1d6330ff8fa2bfd |
| SHA512 | 34866ea7f9080fce4d44f703ebf3c7aa223b5a3d677c4eb1cab78a666e6ac06eb92d0508477ffcba2c6750e2c33a6802867627fe83f8f1232b8e3f700b140b9b |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu
| MD5 | e58ac133bcbf33448808d041857a5e3b |
| SHA1 | 649fba88fe56375d526656e8291b5f4d70fdd116 |
| SHA256 | 2fb7e9690949653a87d4ba118505e24ea5cd98df474889272cc0ce1da98c64a0 |
| SHA512 | 9322d1cba521e341cf2188b2e5c938fb4f3178496ce1bcf112dc615ea5116b253caf7b97c609734f276922f4a0004b0d1f677b727c6add59db53cc9c12752960 |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-wal
| MD5 | a90c2596df1aa6d82beecb02426d6040 |
| SHA1 | 8156b79bebba53b3f7e7452e2fbab0825189f4d7 |
| SHA256 | c65d686356e91b97a61d64ce75c569eae962b44b4f7843626687b49403f2b997 |
| SHA512 | 99746c5a66b9e670a16cef02c18f92c99bc5edcf449c14e817e527fa96aa1a26fbbb4a1b8e8dba73c69863a0438bd705ce6fa92c73c9bd50ee2a3f212274f5e1 |
/data/data/com.greenpoint.android.mc10086.activity/mix.dex
| MD5 | 45650ec66f7b34eb3aa25a1168f2980e |
| SHA1 | 0c0cbc9845f18729cacde1f5218d0f7e05d5dcf1 |
| SHA256 | ef9cd14cd506394de8cb57b8e6fc4a1b1d88f3edf1e867aa980311c572633a73 |
| SHA512 | 923fc5d84e533a4a5e0f7adb91026bd5c93889ba97cc154577a0b5c23c911785ed38cb4a01be1c9b75c60fc51dfcac5025abb9abcf212601692cfde076a224ee |
/data/data/com.greenpoint.android.mc10086.activity/mix.dex
| MD5 | 63f77f99bd2c2b772a479923bde11974 |
| SHA1 | c7632e7d301e4463fafce85f84e9c3d7da3fdbbe |
| SHA256 | 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615 |
| SHA512 | 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c |
/data/data/com.greenpoint.android.mc10086.activity/app_bin/daemon
| MD5 | f3464f5c2555bf3744751752350483b7 |
| SHA1 | ff9f4145a61b9d8f2c9bba398a89281edc1f6038 |
| SHA256 | d61a89aa4e45a89da6d468c955018ae0d4745cc73750e63bdace81bbf711122c |
| SHA512 | 5e2a9cf4bf54e9c38e26ce95c25b17dec6dffa3b4b89b76af04854e027fa1f1636f740f19a1f859c3848e7d895828834d8d439e882f577194a77c0a9cbccdb71 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-journal
| MD5 | 4f00d5ebcf46521967b444a00d1da7f6 |
| SHA1 | d47f0743df4db9bbcc5e86655309c948f8bef0d3 |
| SHA256 | 9b0519be6b35ee69eb27cc2be77c0da08ca4a1610aeb2a7b75d6455c9ffabedb |
| SHA512 | bf1d64167574ef280bedd2bc78ec43b8cd8b87042593530748b0fbf796d05bcbcb8f0fa5146ac5714fca1250063f089bcd79bf72f98ec9465003e95a30b3155a |
/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db
| MD5 | 174bbdcd3aa09c30e9b535671086d348 |
| SHA1 | 6ae1c38c419c490c5a503c08c239e468677701e9 |
| SHA256 | 755e7909b416d6b268312a9e2d3b87abad8a62efefe52b3199b84a01523c02b3 |
| SHA512 | ccf94c8f23b37c47d439e526679a50394a36fa71dd8f056fd683706f43102c3e45ef0430b2c13a847e6edf08d18b896a9f4e80823d2ed579586d528b33470d75 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-shm
| MD5 | e00787f2294ee3a23c8aaf8588404f33 |
| SHA1 | 1ce80c57cfaccdee272582ec63cd35dbb791ee3d |
| SHA256 | db0eb67730ee96b92eee9b6b018fd55e22de27709a7f4e9046cc64c2413df8f8 |
| SHA512 | ce63891705adf659c28f00c6a7c414aa6ae76bab7439fb32e458754514064c7e5512934aa067f12b1fccae9b653197de029df00b19802ee6e07d721dfb7bb421 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-wal
| MD5 | c29d519c95e1a24ccc55af260b7b3433 |
| SHA1 | f79e47d272f08be93f7a4b061c9e6f38983909f1 |
| SHA256 | 9936d04a14c4d85ee882a42eef39fec9594979f1288dae712007a020c6842329 |
| SHA512 | a1370119310b33248ddc33e86913bfe420332b907a78e5f412c389a4fae0d8f3c1d55fbf66d350a939830976ea92e4bb008110ec735e8c909ff500a30af15796 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-journal
| MD5 | bee59fc96ab2f7bf5018e54d88c20a7e |
| SHA1 | 813a1f336ce5e47d31161d8e6fc70ed186b21630 |
| SHA256 | ef2095403d0917d3375cee37edbfdb440b056b919f703605e5e6b40e619ed591 |
| SHA512 | c73267e7ebf2f414b50e1e20e1ae32726b02aced7e1f871602c61484e14ec9e04bd37b207ec6f26595bfa73686eec96dcc6c4903b6c56930859eadf6c1a55a9a |
/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db
| MD5 | f4ef90e024650d310ee0e226e4ccc75c |
| SHA1 | fadaefed09e2655e9106760170b924d802d0eec1 |
| SHA256 | 3c596fb4fdb917571203db863fb4b664625ea0cbe110e4eccc0a4133227cda70 |
| SHA512 | 92fbf09acc0f688fcd74bf6d9ae2901cb5df0d8e985750e789d51b4ae3fdf753e86dc6bdb12495079a1a89bc061f7ac67c53c426f6a031cdd02dbadc226a0450 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-shm
| MD5 | 361f07831b14036ee8705292e13bea88 |
| SHA1 | a3be1c22baa227f20b17a836fb01e55cceb506ab |
| SHA256 | 26d51b899cc703ada0c20a9eb62cafe85b6148afdadf03a7ecfc292532751236 |
| SHA512 | 13168228a9af1eddd9a7a90b49d248de8198ee324df0a1799fe1bcd735d2297a42ad7f78bd16e86edd54518c175beb67f408e899815cfcf11f477610872e8863 |
/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-wal
| MD5 | c109f09e9ee81a63adb740bcf9c10a02 |
| SHA1 | 0f7312e96743a3527f8040b0116e7937b88c94fc |
| SHA256 | 5f68844ed33511d9daea575255671d03ae74dec8f15178a3fc3f534936e000ce |
| SHA512 | 87c233730cd7bd604e2ce927c23e10cf421280ea6719d5f7f8ab3aa85615780f3a0574ee47480fcf95e3ab10612c747bb6fed7ad105bbdadf7c4b970d5225d42 |
/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-journal
| MD5 | 1c3c48ea88e3cc60eb95a02dfd4631d8 |
| SHA1 | fe043465a12e171fa3b3702944ebf7d40c92fa01 |
| SHA256 | f31649bfa093721dc7d0c710475f712c3e8f4b0f3c3d02ccf0d064d56aacd6e6 |
| SHA512 | 056cd0b8ccab74ea7dff13ebc8cf06c32776f45e8709524def783b2c2acadd8a7c71beddb0370718e3999c9e229cffa36f6bc0883b6ed72a8a3dd3799f68f027 |
/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db
| MD5 | c83b11958d3dba255133ab93e0bbeb47 |
| SHA1 | df355015a0979616da38801d21940e287727bb58 |
| SHA256 | b90ef0be2b838995e7e55f902b7592be50fb324ba0c290d6706446d4501f3c1d |
| SHA512 | cb2f10251682f92aef7ba49bac5e000e4d65b0e339250737c6f303ee18f08af36488e8c8267941b36347f73a294271eec3ca9894bef8c3328c684915606fbd73 |
/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-shm
| MD5 | 486e2bac2b3e9e1cb411d2838a4854bd |
| SHA1 | 81dd0a7537f4af319b830ae834908986be85da8b |
| SHA256 | 5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57 |
| SHA512 | c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681 |
/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-wal
| MD5 | ecc71552641a03214b8568f735fddc3c |
| SHA1 | e2e23aa27bc2991a8c95c8a2ef68baee76417841 |
| SHA256 | d920938e554771e25f42b1c18ffde17a173ae7856a6857203903c70f4150411b |
| SHA512 | 370f2e943792bd860971a170575b7ca48acc2a4bacf535ab05eb3a95974309c0b101cbbb481c9b8ca201fb1603d75108a050f011ce777708da175b8fd1faea99 |
/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-journal
| MD5 | 5bb6108b8bc72090e39129e0210108b7 |
| SHA1 | ee40e195f609951fac8ba0124e136b9a092c42ab |
| SHA256 | 16b951bde0d774a42c1a10ababb9c69caaab6a0fb5ad14c1ff476dcd01939e19 |
| SHA512 | ef62fbfd6a09b8bb4e57176a2071ef7ca304ed5a1d8c3aa1a72b8d0009779274ceb7c6388c19d77be10342c9b11fc151e0a3de3bebd434dd3903c0ee2fdc9a11 |
/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db
| MD5 | d3a8ca8e429a2f295ad37dc6cae6dec0 |
| SHA1 | acd5e97da2a72ea27595813c13fa6973c4b8b833 |
| SHA256 | e489077dbe67d3fff63d8ab3b01ce6f1b4cd357ce32133fc3acb3a1e779ad3ff |
| SHA512 | 869b1b4bf5de8d45b6a8dfbcbe75d11efa9c06c91995617cbe178f6d68a89b1c41467f4026828c704b53806fdf08c34cd9e41d64b62ce1576cb594bfe8f6bfa7 |
/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-wal
| MD5 | 9084e279ef84c3fdb64babde9ef975c4 |
| SHA1 | 13b16222d3437728c816c75685dea4c75c5bbbfc |
| SHA256 | ebddb0c17bdc578d9d5b6a472d6751a99f1897adb0e7f1211882189b41e9c370 |
| SHA512 | c018092c0c21c06eb1d615b37a04cecf9aa011289f8ca00df23c2d5878b0c4bc7629203fa265338fa6a07a8ad7989b3a5e254050fc210a90aa14e57bcefde239 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | f80867b387335580d6cf9e3377526b34 |
| SHA1 | 6bd33dc8db521f36bc220e5d45e6da5c70c253b9 |
| SHA256 | 720cab845cdf976669458660b4810e2f1f5e729fff2afe8114661b94dfc8edfd |
| SHA512 | 9aa4673c5e1dcc83e7630ab7e1e11a0590e8358968b34cc7541b10cc68c6c646b9b68e0bc2764dfcbd1cd04f3fa0373c13f8718f6c4dc9e7b2446a572ba3a67b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | c595238c5aaac8e624744151975edcac |
| SHA1 | ab3b6319279671e506d9069e905a386cd553d932 |
| SHA256 | 361970198dab67fd034cb4b75fd587d972d2a75cf9a5aad73295af45d49ac6a3 |
| SHA512 | 1ebc7b0e8fac1f5210aa53c1a40f04fa2f3967be8fa3fabf68c72a17123cb15a306e3d7e5fa868cdeca7c6bfb84859b9a468745610cb9e9670cec7208ce2d2fb |
/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-wal
| MD5 | 3f4d93a4f54f0818469208f618ebc349 |
| SHA1 | 70d89e580eee56499333b96f4c20e1737dbad59b |
| SHA256 | 0d6c7f51cd8bf4b33374534918387d99e48bb344a84dc10d4eb27b9f7101d3d8 |
| SHA512 | fde3850d73dea231d319acb1891241a904339aeeb28ebea815e47196057ab9950e088441fd372409b8c48597fa91a6dcecc3f09525870512494cd70ae6ca3a69 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | d5930b16e4fa67c19010bfdfcd2cc113 |
| SHA1 | 595dec1542dc8ca8e5f7bbaff52ebcc929267889 |
| SHA256 | e17fbd7f09bc53cb758615de5b7976b7a2e6810b8fb0df4e1a870c38b943210f |
| SHA512 | f00b0a0ebee69fc6d828e05ac9bb4b0553438734438f5062e7954a5a2481b530cfaa1f999c1337b76eb7a630f42f9de375f59e1d75e9882d7befb7504675be90 |
/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/tbslog/tbslog.txt
| MD5 | f0c9194eb1177aa6ac91920e457569df |
| SHA1 | 9129b5f8f9bac0606c7d86e49cc8217e92f5c519 |
| SHA256 | f5e7d3260ca49d96b1569d3ef7b2794b566eb6b81667f7ee139378901d4e1b05 |
| SHA512 | d555a3c3bdfaaa0e5e4469eedb9123fb47a789bb03a1579a9e0869eaea4cbddf2263be3d19c5b6f3995af8d0ae322a0ca965a02bc37139298b98b84098642048 |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-journal
| MD5 | b1c2c7223bcc44847f85b6d803ce6100 |
| SHA1 | d5b2bb267a49c35cba4290f95d8455a7b9519d52 |
| SHA256 | 331775ff22feb7fdeaf308e646db28a3740d3317480af1d57a7d6ff320a82b25 |
| SHA512 | d64a0864aef6ae64db1d846d7c3bbec49fb844a211717aa0b6a29bb92098ee8d8e06556d8574a692c17c4f75f859d07388654a91e369cfe9f62caca3aa93cfef |
/data/data/com.greenpoint.android.mc10086.activity/app_crashrecord/1004
| MD5 | 4634c3de9126787e9f7aed44b00816c6 |
| SHA1 | 03b893e4953fd1943dd672bf5c17beefca899f33 |
| SHA256 | c5ee5b73ff188b2b34fc49e448a70e329517c75213c0bfb275b6346c99b15e6c |
| SHA512 | 2d98131a32736d6bf18f1bda5d0c0018f128f7a81c767b73816bf4e424139555a0cf3e795e232291051988188eabf86f401631961e754286fc7a4ece45c39bf3 |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-wal
| MD5 | fc5f9c7bba89c714d63132bf16bc20d5 |
| SHA1 | 27773c312a7efed106270a374bafd8f068f815c8 |
| SHA256 | c5ea57d884012a298a97fb5bc61e388e3c11c1dfbf693401d10660c80c01b103 |
| SHA512 | 2a22da890a70f121e29692b2e2d21b774487ce1903404d38928cfeee51a2df5db81b5f53a98634039cb2214015f27cc9ba39487a51a054b38c552f31840a5503 |
/data/data/com.greenpoint.android.mc10086.activity/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | bc136ca7967ec5b3487f71389d988db0 |
| SHA1 | 036a202c764c6701f55814d806d1f0ad7490d219 |
| SHA256 | 195190d84052e0225dfcbb5c52884f917bedcc5961961aa0f234d413e5b35195 |
| SHA512 | c5b6a82f1f918cb90e81d1f8cf957e3576b7b8424943bc6a5a7a500344949ea747ea2bab5b1fe2902bee5b14220b1c6ccc73aaacd54a33225c9788a5e880b1a5 |
/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/tbslog/tbslog.txt
| MD5 | 8e2f6fd398aa68d92a26c1138c305855 |
| SHA1 | 8d01288bf8883f726b8f35d1b08e5c8b98355eea |
| SHA256 | d1b0e777b139d2d16db6ef7059c47ef456acfc03e97961394abdd83dfb2f3c21 |
| SHA512 | aefbaaf212edb6266fc197f6ea09b8534fd43cfe4f609bea87e21c31b9b572e289650da5bbc2a34e2507d3e33a1c129b94e56d2467948ffcacec7b6183eccace |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:05
Platform
android-x86-arm-20240603-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.234:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:05
Platform
android-x64-20240603-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:08
Platform
android-x64-arm64-20240603-en
Max time kernel
2s
Max time network
135s
Command Line
Signatures
Processes
com.leadeon.cmcc.plugin
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.169.42:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:08
Platform
android-x64-arm64-20240603-en
Max time kernel
3s
Max time network
134s
Command Line
Signatures
Processes
com.greenpoint.android.mc10086.activity
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | tcp | |
| GB | 142.250.200.42:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp |
Files
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | bb6185186f7c8a376900cb4176f2f888 |
| SHA1 | d327131e7120489217c93fc269c3ab4994626e46 |
| SHA256 | 04dbf20e740a616b24bbd294b8fe7f80be7ecb62e082363191fce84745019ccf |
| SHA512 | 495975e254efa358f954abcf7021e7dff80be53e773bc9003f9ff7a2472f5b848644bbc023f426757efe40d0e5e1faab2bee7c1d8566a202e8a8414233bf42be |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu
| MD5 | 420de4e72476da0331d4de518cc7e539 |
| SHA1 | 81e3f75a666a7896b59be648173b1b9d2bc1e19b |
| SHA256 | 8ac06e71be3c4a2bb8008eabae3df37eaa63be5fd165c5274e5608330d7b4e22 |
| SHA512 | d8978b27c4de2f0f352a5a0ae2a07478a730961e51f09b5c145c96a38cca6a04cea6edaae8427be71bf994a5b9efc067d14820ed32f72da4655ba061254c7db3 |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | 3c5fc3f7870a5c070eea67e771180ef9 |
| SHA1 | c9af03008f1f73714581658e92a8907fcf9ca29b |
| SHA256 | c85472c12922854d1716241f5da7d04283142569f9b69e089e6f9b474a6052c0 |
| SHA512 | b02ccf1fbc7f1ac92a04a0114692b753769ecdcba7872ea0744213854251d21760fffcf3533315e76e3f2777a63dc8c3804d0b9e77487bec8ed7af6a6de2a323 |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | cea4e1e5a4058827cc9ac7ebef5c43dc |
| SHA1 | 825aa17c98adca8de77fd299f0a48b72c837166f |
| SHA256 | 8ad84e8cd6f3b7ddb77ebf35d8fb0922541f23e3cde8653ee22eec4ce18ee46e |
| SHA512 | c433aafa614dae400bb0460caf43c3f3fb0ba2107975c08630f3d0d198052016408e65feba10cfada4fb5cf86fc816bf08ec7eb1291569039972c4621eebaff8 |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | 4b5ac19089c3d8a80df3bdc37746a879 |
| SHA1 | 95011b1ba688e667bfee92b3e9994c752a64d0b6 |
| SHA256 | 60907538fbf09a5f9cb6dc0b646dfcefc2766456fb7992bfbd7bbb80909146a1 |
| SHA512 | 1bc9c58c575ad46bd0c35e5ddf58608ec36853b8a4d2c6765bb89b377a2904ebe73a131a68528889c61db738fb6247feb70a6bbf8fc7bf9f0a30e6de1f8b0ca1 |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | 33bdd6ee76e69fd268e05969b26ff8ef |
| SHA1 | 9a0ad61735c52b32e3580b3ffbea4a08ca575e14 |
| SHA256 | f7a8e286bd90ff673588f25096a8747e845ee89c6fe1ac678a5cf27fa3caecc1 |
| SHA512 | 89273c906c45e40e6ccd1981b435531c13c10a01acab377e9fbb88782f0a32ab846736d4e562432e6c318d8f405bfb9deffaec0e1946d62f513a881f5edb6cbd |
/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal
| MD5 | f1113e55fbc3f0394601cb99cd53f359 |
| SHA1 | 168c8db37f6c0d64b53425542c74e3f0fe306ecb |
| SHA256 | c193330bef7850cccf1e613bb2a6991253527335697aef066fc78eb877cccceb |
| SHA512 | fa89070df37ebd46360b81607d2e7b7a2967dc47bb6cd238490b61f8ada35762dd96e09beb15fdcfa94fb985977fd1e61308a47049e9fb3fc50cd4791248c342 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:05
Platform
android-x64-arm64-20240603-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.179.238:443 | tcp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:08
Platform
android-x86-arm-20240603-en
Max time kernel
2s
Max time network
151s
Command Line
Signatures
Processes
com.leadeon.cmcc.plugin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.99:443 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-06 01:01
Reported
2024-06-06 01:08
Platform
android-x64-20240603-en
Max time kernel
2s
Max time network
133s
Command Line
Signatures
Processes
com.leadeon.cmcc.plugin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.213.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.180.10:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 142.250.200.2:443 | tcp | |
| GB | 172.217.169.78:443 | tcp |