Malware Analysis Report

2025-01-19 05:03

Sample ID 240606-bdqbcaeb53
Target 99abeb17ff84cb1510ac4684851864d0_JaffaCakes118
SHA256 3442d0064033d639fbda27e67b8275b66f798112ff8ed04ca1a55bcfe83c5dfe
Tags
collection discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

3442d0064033d639fbda27e67b8275b66f798112ff8ed04ca1a55bcfe83c5dfe

Threat Level: Likely malicious

The file 99abeb17ff84cb1510ac4684851864d0_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion execution impact persistence

Checks if the Android device is rooted.

Requests cell location

Queries information about running processes on the device

Loads dropped Dex/Jar

Makes use of the framework's foreground persistence service

Queries information about active data network

Queries information about the current Wi-Fi connection

Requests dangerous framework permissions

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation)

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 01:05

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to receive WAP push messages. android.permission.RECEIVE_WAP_PUSH N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to monitor incoming MMS messages. android.permission.RECEIVE_MMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:08

Platform

android-x86-arm-20240603-en

Max time kernel

167s

Max time network

184s

Command Line

com.greenpoint.android.mc10086.activity

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A
N/A /data/data/com.greenpoint.android.mc10086.activity/mix.dex N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.greenpoint.android.mc10086.activity

/system/bin/sh -c getprop ro.board.platform

sh -c getprop ro.yunos.version

getprop ro.board.platform

getprop ro.yunos.version

/system/bin/sh -c type su

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.greenpoint.android.mc10086.activity/mix.dex --output-vdex-fd=58 --oat-fd=59 --oat-location=/data/data/com.greenpoint.android.mc10086.activity/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&

chmod 700 /data/user/0/com.greenpoint.android.mc10086.activity/app_bin/daemon

com.greenpoint.android.mc10086.activity:plugin

sh -c getprop ro.yunos.version

getprop ro.yunos.version

com.water.richprocess.push.keepaliveservice

sh -c getprop ro.yunos.version

getprop ro.yunos.version

mars_d -p com.greenpoint.android.mc10086.activity -s com.water.richprocess.DaemonService2 -p1r 41 -p1w 56 -p2r 58 -p2w 59

getprop ro.product.cpu.abi

logcat -d -v threadtime

getprop ro.product.cpu.abi

logcat -d -v threadtime

/system/bin/sh -c getprop ro.miui.ui.version.name

getprop ro.miui.ui.version.name

com.greenpoint.android.mc10086.activity:plugin

/system/bin/sh -c getprop ro.build.version.emui

getprop ro.build.version.emui

/system/bin/sh -c getprop ro.lenovo.series

sh -c getprop ro.yunos.version

getprop ro.lenovo.series

getprop ro.yunos.version

/system/bin/sh -c getprop ro.build.nubia.rom.name

getprop ro.build.nubia.rom.name

/system/bin/sh -c getprop ro.meizu.product.model

com.greenpoint.android.mc10086.activity:remote

getprop ro.meizu.product.model

/system/bin/sh -c type su

/system/bin/sh -c getprop ro.build.version.opporom

getprop ro.build.version.opporom

/system/bin/sh -c getprop ro.board.platform

/system/bin/sh -c getprop ro.vivo.os.build.display.id

getprop ro.board.platform

sh -c getprop ro.yunos.version

getprop ro.vivo.os.build.display.id

/system/bin/sh -c type su

getprop ro.yunos.version

/system/bin/sh -c getprop ro.aa.romver

sh

getprop ro.aa.romver

/system/bin/sh -c getprop ro.lewa.version

logcat -d -v threadtime

getprop ro.lewa.version

/system/bin/sh -c getprop ro.gn.gnromvernumber

/system/bin/sh -c getprop ro.miui.ui.version.name

getprop ro.gn.gnromvernumber

getprop ro.miui.ui.version.name

/system/bin/sh -c getprop ro.build.tyd.kbstyle_version

/system/bin/sh -c getprop ro.build.version.emui

getprop ro.build.tyd.kbstyle_version

getprop ro.build.version.emui

/system/bin/sh -c getprop ro.build.fingerprint

/system/bin/sh -c getprop ro.lenovo.series

getprop ro.build.fingerprint

getprop ro.lenovo.series

/system/bin/sh -c getprop ro.build.rom.id

/system/bin/sh -c getprop ro.build.nubia.rom.name

com.greenpoint.android.mc10086.activity:channel

getprop ro.build.rom.id

getprop ro.build.nubia.rom.name

/system/bin/sh -c type su

/system/bin/sh -c getprop ro.meizu.product.model

logcat -d -v threadtime

getprop ro.meizu.product.model

/system/bin/sh -c type su

sh -c getprop ro.yunos.version

/system/bin/sh -c getprop ro.build.version.opporom

/system/bin/sh -c getprop ro.miui.ui.version.name

getprop ro.yunos.version

getprop ro.build.version.opporom

getprop ro.miui.ui.version.name

/system/bin/sh -c getprop ro.vivo.os.build.display.id

/system/bin/sh -c getprop ro.build.version.emui

getprop ro.vivo.os.build.display.id

getprop ro.build.version.emui

/system/bin/sh -c getprop ro.lenovo.series

/system/bin/sh -c getprop ro.aa.romver

getprop ro.lenovo.series

getprop ro.aa.romver

/system/bin/sh -c getprop ro.build.nubia.rom.name

/system/bin/sh -c getprop ro.lewa.version

getprop ro.build.nubia.rom.name

getprop ro.lewa.version

/system/bin/sh -c getprop ro.meizu.product.model

/system/bin/sh -c getprop ro.gn.gnromvernumber

getprop ro.meizu.product.model

getprop ro.gn.gnromvernumber

/system/bin/sh -c getprop ro.build.version.opporom

/system/bin/sh -c getprop ro.build.tyd.kbstyle_version

getprop ro.build.version.opporom

getprop ro.build.tyd.kbstyle_version

cat /sys/class/net/wlan0/address

/system/bin/sh -c getprop ro.vivo.os.build.display.id

/system/bin/sh -c getprop ro.build.fingerprint

cat /sys/class/net/wlan0/address

getprop ro.vivo.os.build.display.id

getprop ro.build.fingerprint

/system/bin/sh -c getprop ro.miui.ui.version.name

/system/bin/sh -c getprop ro.aa.romver

/system/bin/sh -c getprop ro.build.rom.id

getprop ro.miui.ui.version.name

getprop ro.aa.romver

getprop ro.build.rom.id

/system/bin/sh -c getprop ro.build.version.emui

/system/bin/sh -c getprop ro.lewa.version

/system/bin/sh -c type su

getprop ro.build.version.emui

getprop ro.lewa.version

/system/bin/sh -c getprop ro.lenovo.series

getprop ro.lenovo.series

cat /sys/class/net/wlan0/address

/system/bin/sh -c getprop ro.build.nubia.rom.name

cat /sys/class/net/wlan0/address

getprop ro.build.nubia.rom.name

/system/bin/sh -c getprop ro.meizu.product.model

getprop ro.meizu.product.model

/system/bin/sh -c getprop ro.build.version.opporom

getprop ro.build.version.opporom

/system/bin/sh -c getprop ro.vivo.os.build.display.id

getprop ro.vivo.os.build.display.id

/system/bin/sh -c getprop ro.aa.romver

getprop ro.aa.romver

/system/bin/sh -c getprop ro.lewa.version

getprop ro.lewa.version

/system/bin/sh -c getprop ro.gn.gnromvernumber

getprop ro.gn.gnromvernumber

/system/bin/sh -c getprop ro.build.tyd.kbstyle_version

getprop ro.build.tyd.kbstyle_version

/system/bin/sh -c getprop ro.build.fingerprint

/system/bin/sh -c getprop ro.build.tyd.kbstyle_version

getprop ro.build.fingerprint

getprop ro.build.tyd.kbstyle_version

/system/bin/sh -c getprop ro.build.rom.id

getprop ro.build.rom.id

/system/bin/sh -c getprop ro.build.fingerprint

cat /sys/class/net/wlan0/address

/system/bin/sh -c type su

getprop ro.build.fingerprint

cat /sys/class/net/wlan0/address

/system/bin/sh -c getprop ro.build.rom.id

getprop ro.build.rom.id

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 data.openspeech.cn udp
CN 117.48.148.47:80 data.openspeech.cn tcp
CN 117.48.148.47:80 data.openspeech.cn tcp
US 1.1.1.1:53 api.exc.mob.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 log.tbs.qq.com udp
HK 129.226.106.211:80 log.tbs.qq.com tcp
HK 129.226.106.211:80 log.tbs.qq.com tcp
CN 117.48.148.47:80 data.openspeech.cn tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 clientaccess.10086.cn udp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
US 1.1.1.1:53 umengacs.m.taobao.com udp
CN 36.143.252.67:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 loc.map.baidu.com udp
HK 103.235.46.246:443 loc.map.baidu.com tcp
US 1.1.1.1:53 amdcopen.m.taobao.com udp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 117.48.148.47:80 data.openspeech.cn tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 api.exc.mob.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 api.map.baidu.com udp
HK 103.235.46.245:443 api.map.baidu.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 36.143.252.67:443 umengacs.m.taobao.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 api.exc.mob.com udp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 36.143.252.67:443 umengjmacs.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 106.11.61.137:80 tcp
CN 106.11.61.135:80 tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 106.11.61.135:80 tcp
CN 106.11.61.137:80 tcp
CN 36.143.252.67:443 umengjmacs.m.taobao.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp

Files

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 6199dccc3b11c24af384b32c89145caa
SHA1 f338d68ba44d31c25bd1fbcb2ff5a27f947c3265
SHA256 af5636244e0b66f3f4b28062a1a448ead8284efe7dbbe8eca1d6330ff8fa2bfd
SHA512 34866ea7f9080fce4d44f703ebf3c7aa223b5a3d677c4eb1cab78a666e6ac06eb92d0508477ffcba2c6750e2c33a6802867627fe83f8f1232b8e3f700b140b9b

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu

MD5 e58ac133bcbf33448808d041857a5e3b
SHA1 649fba88fe56375d526656e8291b5f4d70fdd116
SHA256 2fb7e9690949653a87d4ba118505e24ea5cd98df474889272cc0ce1da98c64a0
SHA512 9322d1cba521e341cf2188b2e5c938fb4f3178496ce1bcf112dc615ea5116b253caf7b97c609734f276922f4a0004b0d1f677b727c6add59db53cc9c12752960

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-wal

MD5 a90c2596df1aa6d82beecb02426d6040
SHA1 8156b79bebba53b3f7e7452e2fbab0825189f4d7
SHA256 c65d686356e91b97a61d64ce75c569eae962b44b4f7843626687b49403f2b997
SHA512 99746c5a66b9e670a16cef02c18f92c99bc5edcf449c14e817e527fa96aa1a26fbbb4a1b8e8dba73c69863a0438bd705ce6fa92c73c9bd50ee2a3f212274f5e1

/data/data/com.greenpoint.android.mc10086.activity/mix.dex

MD5 45650ec66f7b34eb3aa25a1168f2980e
SHA1 0c0cbc9845f18729cacde1f5218d0f7e05d5dcf1
SHA256 ef9cd14cd506394de8cb57b8e6fc4a1b1d88f3edf1e867aa980311c572633a73
SHA512 923fc5d84e533a4a5e0f7adb91026bd5c93889ba97cc154577a0b5c23c911785ed38cb4a01be1c9b75c60fc51dfcac5025abb9abcf212601692cfde076a224ee

/data/data/com.greenpoint.android.mc10086.activity/mix.dex

MD5 63f77f99bd2c2b772a479923bde11974
SHA1 c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA256 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA512 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

/data/data/com.greenpoint.android.mc10086.activity/app_bin/daemon

MD5 f3464f5c2555bf3744751752350483b7
SHA1 ff9f4145a61b9d8f2c9bba398a89281edc1f6038
SHA256 d61a89aa4e45a89da6d468c955018ae0d4745cc73750e63bdace81bbf711122c
SHA512 5e2a9cf4bf54e9c38e26ce95c25b17dec6dffa3b4b89b76af04854e027fa1f1636f740f19a1f859c3848e7d895828834d8d439e882f577194a77c0a9cbccdb71

/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-journal

MD5 4f00d5ebcf46521967b444a00d1da7f6
SHA1 d47f0743df4db9bbcc5e86655309c948f8bef0d3
SHA256 9b0519be6b35ee69eb27cc2be77c0da08ca4a1610aeb2a7b75d6455c9ffabedb
SHA512 bf1d64167574ef280bedd2bc78ec43b8cd8b87042593530748b0fbf796d05bcbcb8f0fa5146ac5714fca1250063f089bcd79bf72f98ec9465003e95a30b3155a

/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db

MD5 174bbdcd3aa09c30e9b535671086d348
SHA1 6ae1c38c419c490c5a503c08c239e468677701e9
SHA256 755e7909b416d6b268312a9e2d3b87abad8a62efefe52b3199b84a01523c02b3
SHA512 ccf94c8f23b37c47d439e526679a50394a36fa71dd8f056fd683706f43102c3e45ef0430b2c13a847e6edf08d18b896a9f4e80823d2ed579586d528b33470d75

/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-shm

MD5 e00787f2294ee3a23c8aaf8588404f33
SHA1 1ce80c57cfaccdee272582ec63cd35dbb791ee3d
SHA256 db0eb67730ee96b92eee9b6b018fd55e22de27709a7f4e9046cc64c2413df8f8
SHA512 ce63891705adf659c28f00c6a7c414aa6ae76bab7439fb32e458754514064c7e5512934aa067f12b1fccae9b653197de029df00b19802ee6e07d721dfb7bb421

/data/data/com.greenpoint.android.mc10086.activity/databases/MessageStore.db-wal

MD5 c29d519c95e1a24ccc55af260b7b3433
SHA1 f79e47d272f08be93f7a4b061c9e6f38983909f1
SHA256 9936d04a14c4d85ee882a42eef39fec9594979f1288dae712007a020c6842329
SHA512 a1370119310b33248ddc33e86913bfe420332b907a78e5f412c389a4fae0d8f3c1d55fbf66d350a939830976ea92e4bb008110ec735e8c909ff500a30af15796

/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-journal

MD5 bee59fc96ab2f7bf5018e54d88c20a7e
SHA1 813a1f336ce5e47d31161d8e6fc70ed186b21630
SHA256 ef2095403d0917d3375cee37edbfdb440b056b919f703605e5e6b40e619ed591
SHA512 c73267e7ebf2f414b50e1e20e1ae32726b02aced7e1f871602c61484e14ec9e04bd37b207ec6f26595bfa73686eec96dcc6c4903b6c56930859eadf6c1a55a9a

/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db

MD5 f4ef90e024650d310ee0e226e4ccc75c
SHA1 fadaefed09e2655e9106760170b924d802d0eec1
SHA256 3c596fb4fdb917571203db863fb4b664625ea0cbe110e4eccc0a4133227cda70
SHA512 92fbf09acc0f688fcd74bf6d9ae2901cb5df0d8e985750e789d51b4ae3fdf753e86dc6bdb12495079a1a89bc061f7ac67c53c426f6a031cdd02dbadc226a0450

/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-shm

MD5 361f07831b14036ee8705292e13bea88
SHA1 a3be1c22baa227f20b17a836fb01e55cceb506ab
SHA256 26d51b899cc703ada0c20a9eb62cafe85b6148afdadf03a7ecfc292532751236
SHA512 13168228a9af1eddd9a7a90b49d248de8198ee324df0a1799fe1bcd735d2297a42ad7f78bd16e86edd54518c175beb67f408e899815cfcf11f477610872e8863

/data/data/com.greenpoint.android.mc10086.activity/databases/MsgLogStore.db-wal

MD5 c109f09e9ee81a63adb740bcf9c10a02
SHA1 0f7312e96743a3527f8040b0116e7937b88c94fc
SHA256 5f68844ed33511d9daea575255671d03ae74dec8f15178a3fc3f534936e000ce
SHA512 87c233730cd7bd604e2ce927c23e10cf421280ea6719d5f7f8ab3aa85615780f3a0574ee47480fcf95e3ab10612c747bb6fed7ad105bbdadf7c4b970d5225d42

/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-journal

MD5 1c3c48ea88e3cc60eb95a02dfd4631d8
SHA1 fe043465a12e171fa3b3702944ebf7d40c92fa01
SHA256 f31649bfa093721dc7d0c710475f712c3e8f4b0f3c3d02ccf0d064d56aacd6e6
SHA512 056cd0b8ccab74ea7dff13ebc8cf06c32776f45e8709524def783b2c2acadd8a7c71beddb0370718e3999c9e229cffa36f6bc0883b6ed72a8a3dd3799f68f027

/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db

MD5 c83b11958d3dba255133ab93e0bbeb47
SHA1 df355015a0979616da38801d21940e287727bb58
SHA256 b90ef0be2b838995e7e55f902b7592be50fb324ba0c290d6706446d4501f3c1d
SHA512 cb2f10251682f92aef7ba49bac5e000e4d65b0e339250737c6f303ee18f08af36488e8c8267941b36347f73a294271eec3ca9894bef8c3328c684915606fbd73

/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-shm

MD5 486e2bac2b3e9e1cb411d2838a4854bd
SHA1 81dd0a7537f4af319b830ae834908986be85da8b
SHA256 5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57
SHA512 c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

/data/data/com.greenpoint.android.mc10086.activity/databases/provider.db-wal

MD5 ecc71552641a03214b8568f735fddc3c
SHA1 e2e23aa27bc2991a8c95c8a2ef68baee76417841
SHA256 d920938e554771e25f42b1c18ffde17a173ae7856a6857203903c70f4150411b
SHA512 370f2e943792bd860971a170575b7ca48acc2a4bacf535ab05eb3a95974309c0b101cbbb481c9b8ca201fb1603d75108a050f011ce777708da175b8fd1faea99

/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-journal

MD5 5bb6108b8bc72090e39129e0210108b7
SHA1 ee40e195f609951fac8ba0124e136b9a092c42ab
SHA256 16b951bde0d774a42c1a10ababb9c69caaab6a0fb5ad14c1ff476dcd01939e19
SHA512 ef62fbfd6a09b8bb4e57176a2071ef7ca304ed5a1d8c3aa1a72b8d0009779274ceb7c6388c19d77be10342c9b11fc151e0a3de3bebd434dd3903c0ee2fdc9a11

/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db

MD5 d3a8ca8e429a2f295ad37dc6cae6dec0
SHA1 acd5e97da2a72ea27595813c13fa6973c4b8b833
SHA256 e489077dbe67d3fff63d8ab3b01ce6f1b4cd357ce32133fc3acb3a1e779ad3ff
SHA512 869b1b4bf5de8d45b6a8dfbcbe75d11efa9c06c91995617cbe178f6d68a89b1c41467f4026828c704b53806fdf08c34cd9e41d64b62ce1576cb594bfe8f6bfa7

/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-wal

MD5 9084e279ef84c3fdb64babde9ef975c4
SHA1 13b16222d3437728c816c75685dea4c75c5bbbfc
SHA256 ebddb0c17bdc578d9d5b6a472d6751a99f1897adb0e7f1211882189b41e9c370
SHA512 c018092c0c21c06eb1d615b37a04cecf9aa011289f8ca00df23c2d5878b0c4bc7629203fa265338fa6a07a8ad7989b3a5e254050fc210a90aa14e57bcefde239

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 f80867b387335580d6cf9e3377526b34
SHA1 6bd33dc8db521f36bc220e5d45e6da5c70c253b9
SHA256 720cab845cdf976669458660b4810e2f1f5e729fff2afe8114661b94dfc8edfd
SHA512 9aa4673c5e1dcc83e7630ab7e1e11a0590e8358968b34cc7541b10cc68c6c646b9b68e0bc2764dfcbd1cd04f3fa0373c13f8718f6c4dc9e7b2446a572ba3a67b

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 c595238c5aaac8e624744151975edcac
SHA1 ab3b6319279671e506d9069e905a386cd553d932
SHA256 361970198dab67fd034cb4b75fd587d972d2a75cf9a5aad73295af45d49ac6a3
SHA512 1ebc7b0e8fac1f5210aa53c1a40f04fa2f3967be8fa3fabf68c72a17123cb15a306e3d7e5fa868cdeca7c6bfb84859b9a468745610cb9e9670cec7208ce2d2fb

/data/data/com.greenpoint.android.mc10086.activity/databases/accs.db-wal

MD5 3f4d93a4f54f0818469208f618ebc349
SHA1 70d89e580eee56499333b96f4c20e1737dbad59b
SHA256 0d6c7f51cd8bf4b33374534918387d99e48bb344a84dc10d4eb27b9f7101d3d8
SHA512 fde3850d73dea231d319acb1891241a904339aeeb28ebea815e47196057ab9950e088441fd372409b8c48597fa91a6dcecc3f09525870512494cd70ae6ca3a69

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 d5930b16e4fa67c19010bfdfcd2cc113
SHA1 595dec1542dc8ca8e5f7bbaff52ebcc929267889
SHA256 e17fbd7f09bc53cb758615de5b7976b7a2e6810b8fb0df4e1a870c38b943210f
SHA512 f00b0a0ebee69fc6d828e05ac9bb4b0553438734438f5062e7954a5a2481b530cfaa1f999c1337b76eb7a630f42f9de375f59e1d75e9882d7befb7504675be90

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/tbslog/tbslog.txt

MD5 f0c9194eb1177aa6ac91920e457569df
SHA1 9129b5f8f9bac0606c7d86e49cc8217e92f5c519
SHA256 f5e7d3260ca49d96b1569d3ef7b2794b566eb6b81667f7ee139378901d4e1b05
SHA512 d555a3c3bdfaaa0e5e4469eedb9123fb47a789bb03a1579a9e0869eaea4cbddf2263be3d19c5b6f3995af8d0ae322a0ca965a02bc37139298b98b84098642048

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-journal

MD5 b1c2c7223bcc44847f85b6d803ce6100
SHA1 d5b2bb267a49c35cba4290f95d8455a7b9519d52
SHA256 331775ff22feb7fdeaf308e646db28a3740d3317480af1d57a7d6ff320a82b25
SHA512 d64a0864aef6ae64db1d846d7c3bbec49fb844a211717aa0b6a29bb92098ee8d8e06556d8574a692c17c4f75f859d07388654a91e369cfe9f62caca3aa93cfef

/data/data/com.greenpoint.android.mc10086.activity/app_crashrecord/1004

MD5 4634c3de9126787e9f7aed44b00816c6
SHA1 03b893e4953fd1943dd672bf5c17beefca899f33
SHA256 c5ee5b73ff188b2b34fc49e448a70e329517c75213c0bfb275b6346c99b15e6c
SHA512 2d98131a32736d6bf18f1bda5d0c0018f128f7a81c767b73816bf4e424139555a0cf3e795e232291051988188eabf86f401631961e754286fc7a4ece45c39bf3

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-wal

MD5 fc5f9c7bba89c714d63132bf16bc20d5
SHA1 27773c312a7efed106270a374bafd8f068f815c8
SHA256 c5ea57d884012a298a97fb5bc61e388e3c11c1dfbf693401d10660c80c01b103
SHA512 2a22da890a70f121e29692b2e2d21b774487ce1903404d38928cfeee51a2df5db81b5f53a98634039cb2214015f27cc9ba39487a51a054b38c552f31840a5503

/data/data/com.greenpoint.android.mc10086.activity/app_crashrecord/1004

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 bc136ca7967ec5b3487f71389d988db0
SHA1 036a202c764c6701f55814d806d1f0ad7490d219
SHA256 195190d84052e0225dfcbb5c52884f917bedcc5961961aa0f234d413e5b35195
SHA512 c5b6a82f1f918cb90e81d1f8cf957e3576b7b8424943bc6a5a7a500344949ea747ea2bab5b1fe2902bee5b14220b1c6ccc73aaacd54a33225c9788a5e880b1a5

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/tbslog/tbslog.txt

MD5 8e2f6fd398aa68d92a26c1138c305855
SHA1 8d01288bf8883f726b8f35d1b08e5c8b98355eea
SHA256 d1b0e777b139d2d16db6ef7059c47ef456acfc03e97961394abdd83dfb2f3c21
SHA512 aefbaaf212edb6266fc197f6ea09b8534fd43cfe4f609bea87e21c31b9b572e289650da5bbc2a34e2507d3e33a1c129b94e56d2467948ffcacec7b6183eccace

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:05

Platform

android-x86-arm-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.16.234:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:05

Platform

android-x64-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:08

Platform

android-x64-arm64-20240603-en

Max time kernel

2s

Max time network

135s

Command Line

com.leadeon.cmcc.plugin

Signatures

N/A

Processes

com.leadeon.cmcc.plugin

Network

Country Destination Domain Proto
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 172.217.169.42:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:08

Platform

android-x64-arm64-20240603-en

Max time kernel

3s

Max time network

134s

Command Line

com.greenpoint.android.mc10086.activity

Signatures

N/A

Processes

com.greenpoint.android.mc10086.activity

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
GB 142.250.200.42:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 172.217.169.68:443 tcp
GB 172.217.169.68:443 tcp

Files

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 bb6185186f7c8a376900cb4176f2f888
SHA1 d327131e7120489217c93fc269c3ab4994626e46
SHA256 04dbf20e740a616b24bbd294b8fe7f80be7ecb62e082363191fce84745019ccf
SHA512 495975e254efa358f954abcf7021e7dff80be53e773bc9003f9ff7a2472f5b848644bbc023f426757efe40d0e5e1faab2bee7c1d8566a202e8a8414233bf42be

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu

MD5 420de4e72476da0331d4de518cc7e539
SHA1 81e3f75a666a7896b59be648173b1b9d2bc1e19b
SHA256 8ac06e71be3c4a2bb8008eabae3df37eaa63be5fd165c5274e5608330d7b4e22
SHA512 d8978b27c4de2f0f352a5a0ae2a07478a730961e51f09b5c145c96a38cca6a04cea6edaae8427be71bf994a5b9efc067d14820ed32f72da4655ba061254c7db3

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 3c5fc3f7870a5c070eea67e771180ef9
SHA1 c9af03008f1f73714581658e92a8907fcf9ca29b
SHA256 c85472c12922854d1716241f5da7d04283142569f9b69e089e6f9b474a6052c0
SHA512 b02ccf1fbc7f1ac92a04a0114692b753769ecdcba7872ea0744213854251d21760fffcf3533315e76e3f2777a63dc8c3804d0b9e77487bec8ed7af6a6de2a323

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 cea4e1e5a4058827cc9ac7ebef5c43dc
SHA1 825aa17c98adca8de77fd299f0a48b72c837166f
SHA256 8ad84e8cd6f3b7ddb77ebf35d8fb0922541f23e3cde8653ee22eec4ce18ee46e
SHA512 c433aafa614dae400bb0460caf43c3f3fb0ba2107975c08630f3d0d198052016408e65feba10cfada4fb5cf86fc816bf08ec7eb1291569039972c4621eebaff8

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 4b5ac19089c3d8a80df3bdc37746a879
SHA1 95011b1ba688e667bfee92b3e9994c752a64d0b6
SHA256 60907538fbf09a5f9cb6dc0b646dfcefc2766456fb7992bfbd7bbb80909146a1
SHA512 1bc9c58c575ad46bd0c35e5ddf58608ec36853b8a4d2c6765bb89b377a2904ebe73a131a68528889c61db738fb6247feb70a6bbf8fc7bf9f0a30e6de1f8b0ca1

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 33bdd6ee76e69fd268e05969b26ff8ef
SHA1 9a0ad61735c52b32e3580b3ffbea4a08ca575e14
SHA256 f7a8e286bd90ff673588f25096a8747e845ee89c6fe1ac678a5cf27fa3caecc1
SHA512 89273c906c45e40e6ccd1981b435531c13c10a01acab377e9fbb88782f0a32ab846736d4e562432e6c318d8f405bfb9deffaec0e1946d62f513a881f5edb6cbd

/data/user/0/com.greenpoint.android.mc10086.activity/databases/bugly_db_legu-journal

MD5 f1113e55fbc3f0394601cb99cd53f359
SHA1 168c8db37f6c0d64b53425542c74e3f0fe306ecb
SHA256 c193330bef7850cccf1e613bb2a6991253527335697aef066fc78eb877cccceb
SHA512 fa89070df37ebd46360b81607d2e7b7a2967dc47bb6cd238490b61f8ada35762dd96e09beb15fdcfa94fb985977fd1e61308a47049e9fb3fc50cd4791248c342

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:05

Platform

android-x64-arm64-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:08

Platform

android-x86-arm-20240603-en

Max time kernel

2s

Max time network

151s

Command Line

com.leadeon.cmcc.plugin

Signatures

N/A

Processes

com.leadeon.cmcc.plugin

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.201.99:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-06 01:01

Reported

2024-06-06 01:08

Platform

android-x64-20240603-en

Max time kernel

2s

Max time network

133s

Command Line

com.leadeon.cmcc.plugin

Signatures

N/A

Processes

com.leadeon.cmcc.plugin

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.213.8:443 ssl.google-analytics.com tcp
GB 142.250.180.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 142.250.200.2:443 tcp
GB 172.217.169.78:443 tcp

Files

N/A