Malware Analysis Report

2025-01-19 08:05

Sample ID 240610-s5p84a1hpc
Target 9b3224782d88d8f311cd7e331263f45b_JaffaCakes118
SHA256 cbb52bf1476d865a7a8ba167868ba116a272c5d1e5f967422a0f8ab8645d07a6
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

cbb52bf1476d865a7a8ba167868ba116a272c5d1e5f967422a0f8ab8645d07a6

Threat Level: Likely malicious

The file 9b3224782d88d8f311cd7e331263f45b_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Acquires the wake lock

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

Checks CPU information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-10 15:42

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-10 15:42

Reported

2024-06-10 15:47

Platform

android-x86-arm-20240603-en

Max time kernel

175s

Max time network

190s

Command Line

com.android.comicsisland.activity

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.comicsisland.activity

com.android.comicsisland.activity:ipc

io.rong.push

com.android.comicsisland.activity:pushservice

/system/bin/sh -c getprop

getprop

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
CN 203.107.1.1:80 tcp
CN 203.107.1.97:443 tcp
CN 203.107.1.1:80 tcp
CN 203.107.1.1:80 tcp
US 1.1.1.1:53 stats.cn.ronghub.com udp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
GB 8.208.8.123:443 stats.cn.ronghub.com tcp
US 1.1.1.1:53 stats.mlinks.cc udp
US 1.1.1.1:53 nav.cn.ronghub.com udp
GB 8.208.102.120:80 nav.cn.ronghub.com tcp
US 1.1.1.1:53 redirect.networkbench.com udp
CN 123.206.5.129:443 redirect.networkbench.com tcp
US 1.1.1.1:53 cdn-api.appadhoc.com udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 c-gtc.getui.com udp
CN 115.227.15.14:80 c-gtc.getui.com tcp
CN 115.227.15.14:80 c-gtc.getui.com tcp
US 1.1.1.1:53 d.1391.com udp
US 1.1.1.1:53 experiment.appadhoc.com udp
US 1.1.1.1:53 mhjk.1391.com udp
CN 117.50.10.3:80 mhjk.1391.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
US 1.1.1.1:53 b-gtc.getui.com udp
CN 115.227.15.233:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 115.227.15.15:80 c-gtc.getui.com tcp
CN 115.227.15.15:80 c-gtc.getui.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 115.227.15.235:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 115.227.15.13:80 c-gtc.getui.com tcp
CN 115.227.15.13:80 c-gtc.getui.com tcp
US 1.1.1.1:53 httpdns-sc.aliyuncs.com udp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 115.227.15.237:80 b-gtc.getui.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
CN 115.227.15.16:80 c-gtc.getui.com tcp
CN 115.227.15.16:80 c-gtc.getui.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
US 1.1.1.1:53 alog.umeng.co udp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 115.227.15.239:80 b-gtc.getui.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 115.227.15.241:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.6:80 b-gtc.getui.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 115.227.15.7:80 b-gtc.getui.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 115.227.15.225:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 115.227.15.227:80 b-gtc.getui.com tcp

Files

/data/data/com.android.comicsisland.activity/databases/Comics.db-journal

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.android.comicsisland.activity/databases/Comics.db

MD5 44ef3571562d7dc3b3fc126d192f4020
SHA1 48529fb5101081d84787df92f1c51364880aaab7
SHA256 fddcabf76ab0e586bd4dc2822719ae1cefdbc6bcff385e94945e330fe82ea6b7
SHA512 be26b1bbe8343cae673023949333ebd11b3937f1c3bc12f7624e0ed12364d565a101e2eda849d5128029ab9936ad7ab5b207bd3568d15d7d8e269ee8d243faf8

/data/data/com.android.comicsisland.activity/databases/Comics.db-shm

MD5 5bcec26f5eae63891f8614f0d5c769d5
SHA1 4617369175d831cd7f96d2d861c1890de91ca362
SHA256 a445029736c2ceefc35bf6989783d89f982041b518a5379f5fad52a7a767bf88
SHA512 b5febbf81b2dafe271f93215132c85b2b9d02d607c88b72beb0c25aa52f361fc384ad70e24331e439c4619bf6cc4ddbbddbbb877871f4944b90689c5ae0e2a8c

/data/data/com.android.comicsisland.activity/databases/Comics.db-wal

MD5 d8895348ae3bb972b17755c3890c1828
SHA1 04b9be6700e1fc5ec38e1873631a4c8110d1481d
SHA256 10426c041e47537bbe142321cd932d279a0fa9806865ebd6a5cb438f0f91dca7
SHA512 451b9b3d8c3454de20e03d9f084a96d5255ce637d275bae4bea68e35400daabf5469363e40b19ab6cd27a8c227f35fbc98811bc91f9c742077f265d2ceef22cb

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/data/data/com.android.comicsisland.activity/cache/image/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 2c9897218f9e3331a5c1cb14ceced914
SHA1 87a69cc074e6ba9c586d37eb700ca0e966d25783
SHA256 3c49d8f37173ed139fc9f40820ff9cba1693f3a4ff5758cdb4f966adb2d219c7
SHA512 d7424470cb69aab34121292b88bca2d088567199b91a611f6138c1309a27ce635a1538c78bc3734dcad138a6123a992c9571c92ddfb19ab242b9519c0a9bbb79

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 d672cef3b92b8836dae21af4b5dbeb31
SHA1 0bcc233f610cf318049316d93da5f6f0a0cb258d
SHA256 c206e569ec983377173b952050701be2e9db81d850504ddd8ef6b3dc6bf5dc82
SHA512 271ff4963da445151c48efe0f138f82712ddf9e6961f46ae8dc175aa3170a8a1f6769330d27207afef5f9831ceeb425c9f0e06d2046ff4acfb016b1ccf1116f6

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 72c74294342d12092d288009c2b37134
SHA1 8c4cca4bad0a19f50ce3de5be630a49692e3f96e
SHA256 9505a80d4c811d6ae319a8d23318a1186fe4537f152c48b8585430254c4bbbb0
SHA512 b8747b135cef79ebf2bebf0af61acdf397a688fc672845a6356ef0a73d134e096e690e010a3da98d33024518e5d660523bae7c7efa4b06043c2d7ea248d67db5

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 c3cc59d3c73ffc171f9d0b4041f04a79
SHA1 a79116f6b3b4a2a751f596d88c1fed5657541c52
SHA256 72ad2a440d2c0e1ea51bbf9a9886e703cb3b9383b10f6ec290d22f9bf658d015
SHA512 07d7d64dadc94eac07a7a50a7708518c1bc6d3149a47f491a40a68d7f09c4fa767fa087c05ade0c5d043788fcc94872e6bc0464b8f3cccda588a86553e00580f

/data/data/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-journal

MD5 968f91c6eca9be7ca0f9e47d2e781249
SHA1 2d2fc484f9565bd8d44038c59590895ef1b28234
SHA256 666d30cfcb97918126566056edd8d40601d9b5adbdc6381ac47e9193e43caaf7
SHA512 5a887b6c5d49353d75fd2c218767f67c32177443f2328e306fbf0b098bd0547398c48f6d9fdbe30a8236056d1a1f2053b92d3fac9e855071b016aa02db90f086

/data/data/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-wal

MD5 8c31842c4b647c008cdfa75b3cb58ca0
SHA1 e325f0d6cd35532c77a97a50b0dfd04bd13701a5
SHA256 ea11abd0287351696e4f0474ed7d6fefbb91fef245b5c22e06a89cd900a38f9e
SHA512 d1be03fe914ae94524eb91561e509da140ac348a1820be3033e155c71ba54c236390f5fda1584afa25ceb256e33a4409d0e53ca4d91bd90371041a79b3a9ff19

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 fac8c75c07cdabae30f6f1a5b3a69378
SHA1 a96f4859aafac86cb5137bb0b55e65cda3003362
SHA256 65378fc8be32da7914d703df17c8b1e2aa4f7f12ee3c2d2875991e753a7781c5
SHA512 3d398f5862cf9ccd1da0b75f63f260c6b97294720aab75638dc2f1757b28529ce3fe221494d1b1062c10fceaa6ece575aa7fde76fbb7deb4a1a074cc37922315

/data/data/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 ab1586fa831b88b247673be7c1817832
SHA1 3ec7ccfd17b9bc1955d89de59e9cd0dd48b7e682
SHA256 8daa499162b01570e266b5372e7f72a570d1f12594a7f6eea8e2a3841ccd5978
SHA512 999e298ee10c104420355019fbb3ee158c0fd73227bdfd795c0796be70f3bf7e40350ae5903793f7be2a66a6eb589ed80e2bc505cdb8289fe3f133b71c70a882

/data/data/com.android.comicsisland.activity/app_crashrecord/1004

MD5 d03166f0191165c0308490f7a55ddbff
SHA1 cded66b51337a7cb762615c08870eb3c33c2d4b2
SHA256 d48830153c42059939025aec0da2112774e07dcef2fd9141ee84189eaabbffc9
SHA512 8329e5a030bea742ed7ceabdb6b570ef07a1cca3b49064d77a4e5bbf61ee1cd629a09765a85d6d2438ec4bb3b8e97beb4056fba4e4affd90b587e6034324f567

/data/data/com.android.comicsisland.activity/databases/bugly_db_-wal

MD5 bef44deeb8e52bd6fcf23630bb5f52a6
SHA1 0eb6d0ab644c94c261cdec2137028ad427ff717d
SHA256 b669cd1f04ee782bfae942ae023cc03889b61d340f9631416f1ff72fcee66a41
SHA512 060c759fc9637ac367d3955ef15550baf0e065fb318ced6b0ae94bda8f764b01207425c922f9a6fbdd5404231bf49d8fdb81da904111ff992618d430c4eda783

/data/data/com.android.comicsisland.activity/app_crashrecord/1004

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/storage/emulated/0/Adhoc/ADHOC_CLIENT_ID

MD5 fffcf2de58d2119fe308c1093940b2b1
SHA1 6c15fa20e98e9530250836e5a52ecf2fc896c380
SHA256 5acfe14b813b2d0c2f67a65511b5e0404b5d0189e1db20b1a052562d7bada8ee
SHA512 b456180bd8c623ab5e851bb09219cc4606c0cddfb8236bf893b84809176f51e1605c3f534bd89dbdac08be4cdbea0ea0d68d154dfe9b6b9e6b5ecb645fe647fd

/data/data/com.android.comicsisland.activity/databases/mwsdk_analytics.db-journal

MD5 6d1c6469fa47c9fdc3b060394e5a4d9e
SHA1 8564540625109f2bc87f996fe18fee1824a63482
SHA256 8a9f0a686614315f0a53532ad7d32160f00d33c9d6621dee04f69ff4a2077e32
SHA512 76574d9d6fd39888b719edae35d5e2a5b4e44999fd6a1818652970f1e203586b2ef836fed93f54762a71ad0982a06af01c999f5a2c45b8e25bcf7d5242e498ce

/data/data/com.android.comicsisland.activity/databases/mwsdk_analytics.db-wal

MD5 7dbb902c7a30b2a5d2a528f8fb007d24
SHA1 026cd8dad73967ce45bf38a30958302e79e5c8d5
SHA256 ee6644d742a8ba3e806c76bb2ae10e2ccd2250cb578dac91d3f10ae58fc35d11
SHA512 d14fdda977c0885edd597beeaae69d13a1eb4859da4d03e4a6b20b15f8f20da738a1bfcf8eebab445446230b42b2482c895a5e4f8118fe2877dcc4ce22be5341

/data/data/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 478760c6816cc5da7333f784c4b3b394
SHA1 e2ae17efc1c1e0d485eacf1f33cd77fcd4809b58
SHA256 168ae35252601e3358b6ebeaa0bb0d226cd35906f7ce8b2515ae34cfe39fc92c
SHA512 a2be407110afe2731b187b3d646979cfa9bba8f20e7f47bee8b62c93f1f82cdc90d0e3fb7f327614b6a154e02d52842bd4d5f7acd4b07e781cd37e9e8182e59f

/data/data/com.android.comicsisland.activity/databases/gtc.db-wal

MD5 2b156c7cf96a11343535844f54899b05
SHA1 83123955d0b5fedfde7a59668a6c628d03975f29
SHA256 4080a903d486d846e8a40ec8fee23a0a2f07bd3153f92f4fbfe97f471b53e611
SHA512 caaf53f6a9c7d820214b71da7a74c7465e5edee6e6d1decc8135400c4b36be9aeb1dcf869504106e91989194ce3211064c403b9c32b8ac92c9fc25696165a994

/storage/emulated/0/libs/com.android.comicsisland.activity_.db

MD5 29f02a157ca0bfbe5a91143372863115
SHA1 51913437631d299e6c8758f8c2cea2b2bbd71bbf
SHA256 6039a09cad66981f53fc22cbf3bba81f6e1c140e9d9076d0cd570dd910f99c49
SHA512 14405d97d021c40ed90cef8ed1aa037387778fc5a5f2445e1c48bd72cb3fc6de9ce05de0a8b5f096994e09653552093ec7ea2c8e1daf1ee58a30e569e9eb6358

/data/data/com.android.comicsisland.activity/files/umeng_it.cache

MD5 5067b1bc808255b4c1d777e492e314f2
SHA1 c266186aaeb036d775b23c3a00f36a118cb26eb7
SHA256 da74607ce4b0e8a4bc955f3c84d7379d8d2ec919a85264787f17f27556c7316d
SHA512 62d06282ed29b6a116d7c55d9ecd8563ece6a7c6e8ce3ee447e74ed95c36207144b077fe6c2be3732840dab9566e5bf129d37b5c846bf4d6e416e0ee342cedc2

/data/data/com.android.comicsisland.activity/files/NBSUserAction

MD5 80980ea109ad9fedfaaae3997e168818
SHA1 ff94d15e2e91cf8cb9753da7d8421f1797a814b4
SHA256 d909e23476b4d1ea1df5ab35e468a9d7a2c694110d5ac90add6723afd29ededd
SHA512 2bb857b9685e63d14226215c7e65616bd595b0b3a4e9e854cff1dd2b71efd385a4aaafbb82e4e7f0f3769f46b01bee868b91e94c62d979914de77d858c989a8c

/data/data/com.android.comicsisland.activity/files/.um/um_cache_1718034313167.env

MD5 a39c60c81d46f1113ccbf2d4c7dc487a
SHA1 475e0906f92e0aec221d96686f9cc244c616a96e
SHA256 768da377eacb3788c30bd5cc689d8006091b3ea741023509e2dec6d14f1892fc
SHA512 0037e5aaa4554660f9f073914cb8e8f7735468ac8d3af0f598fdf7537c22981d24578c0f186eaf00a010eecd694e570032424b7b2c65d8cec2f90ec6cac83e6f

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-10 15:42

Reported

2024-06-10 15:47

Platform

android-33-x64-arm64-20240603-en

Max time kernel

174s

Max time network

190s

Command Line

com.android.comicsisland.activity

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.android.comicsisland.activity

com.android.comicsisland.activity:ipc

io.rong.push

com.android.comicsisland.activity:ipc

com.android.comicsisland.activity:pushservice

Network

Country Destination Domain Proto
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.227:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
CN 203.107.1.1:80 tcp
CN 203.107.1.1:80 tcp
CN 203.107.1.97:443 tcp
CN 203.107.1.1:80 tcp
US 1.1.1.1:53 stats.cn.ronghub.com udp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 nav.cn.ronghub.com udp
US 1.1.1.1:53 stats.mlinks.cc udp
GB 8.208.8.123:80 nav.cn.ronghub.com tcp
US 1.1.1.1:53 redirect.networkbench.com udp
CN 123.206.5.129:443 redirect.networkbench.com tcp
US 1.1.1.1:53 cdn-api.appadhoc.com udp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 d.1391.com udp
US 1.1.1.1:53 c-gtc.getui.com udp
US 1.1.1.1:53 experiment.appadhoc.com udp
CN 115.227.15.13:80 c-gtc.getui.com tcp
CN 115.227.15.13:80 c-gtc.getui.com tcp
US 1.1.1.1:53 mhjk.1391.com udp
CN 117.50.10.3:80 mhjk.1391.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.141:80 alog.umeng.com tcp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
US 1.1.1.1:53 b-gtc.getui.com udp
CN 115.227.15.237:80 b-gtc.getui.com tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 216.58.212.234:443 remoteprovisioning.googleapis.com tcp
CN 203.107.1.1:80 tcp
CN 203.107.1.100:443 tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
BE 64.233.167.94:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 172.64.41.3:443 udp
BE 64.233.167.94:443 udp
CN 115.227.15.15:80 c-gtc.getui.com tcp
CN 115.227.15.15:80 c-gtc.getui.com tcp
GB 142.250.200.36:443 udp
GB 216.58.212.196:443 udp
GB 142.250.200.36:443 tcp
GB 216.58.212.196:443 tcp
GB 216.58.212.196:443 tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.239:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.14:80 c-gtc.getui.com tcp
CN 115.227.15.14:80 c-gtc.getui.com tcp
US 1.1.1.1:53 httpdns-sc.aliyuncs.com udp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 115.227.15.241:80 b-gtc.getui.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.16:80 c-gtc.getui.com tcp
CN 115.227.15.16:80 c-gtc.getui.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.6:80 b-gtc.getui.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.7:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 115.227.15.225:80 b-gtc.getui.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
GB 172.217.169.68:443 www.google.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 115.227.15.227:80 b-gtc.getui.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 115.227.15.229:80 b-gtc.getui.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 115.227.15.231:80 b-gtc.getui.com tcp

Files

/data/user/0/com.android.comicsisland.activity/databases/Comics.db-journal

MD5 dac4ef4bb925b69542fdbab202ccea7c
SHA1 23388eaf7dc0ab55674d09c1c2592b8189ccaecb
SHA256 e165b8fb35e19fcea9e79f4d0e669dbdc6668b3aa536875b1b360dba33747e2d
SHA512 7c77b3aa911e2041ac624e1013ad88a0f3bd6026ab9e8c922edca5b50eb640614c9283bad70344d2a57c54e34689ef14c24a47909ea8e2ba86afb541978530e8

/data/user/0/com.android.comicsisland.activity/databases/Comics.db

MD5 29027ebf1085361190f7c139ff20d510
SHA1 79d9faec0ff500056a4215bb8a64df30da10f5b1
SHA256 145ae8ec5c77b226d2d4b42cc8a5e4b00034a69323de9917340aba6d4fa0fa60
SHA512 3aabbbce6faa40996380684c7489fd08131552c8f30ce6d0721c89f66fd81290c6a334826e247f4d3f5e53b3e47cc7317e59c66649a2757dbe1a0eb26f7bb7dd

/data/user/0/com.android.comicsisland.activity/databases/Comics.db-journal

MD5 d7ff2a9fe8d9dbc9005d3feafc83ba12
SHA1 018577cf80387e3f681fa0ae5dd24f2467c68144
SHA256 b3522b5572424561700280d84a163872ebb73915624166a0c5ebd1c019efdd7f
SHA512 a973732a4d3d12ffc69bbfa6bd4cd10c97cd84fa46fd263d7c1fb74737daf6be8f46bfc8ac9ff1a814ca4761111b76a402b5022ab20589f9f755e24dba56f102

/data/user/0/com.android.comicsisland.activity/databases/Comics.db-journal

MD5 0c6328d50448ce234017937ef53aac2e
SHA1 5ffec5f0b51bb49c5610981f1eb4554ad180c9e5
SHA256 621aa000d8ae49adafa07d1872c121f467880b8e06520bd2ee8793a087f5e5d8
SHA512 11dc5b71821fe32ae897880074be66df3a0f5e281b98aa40dba658e4597680a478225cab2141d5e1e08ccf95cd5d8fcade8a77451f8058ec22726df9b69aa292

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 063b386bf9030b1f08eaae3cfec20718
SHA1 d7a2edfa0d82d4c1c173d9e225d81c896bb77fb7
SHA256 e2afe50223f436679c0d0bec35ee698afe4c426dfcbc375e6bd5987519e09c50
SHA512 6b25cc87131596f5c79fc25ec51cd6075823ef9a0dee7e363a26af05fd932f708156516ae5742affc3882beb4a8cc8936e2b4e4ef358b1d7a3d6c95c90068558

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 a0575144333ddaf6bb41e7a32c5a59e8
SHA1 55c3c921f566f6e399491c1a6edc44c28b725a7f
SHA256 03f5f888b272c04ff82519931e641072b2afcab2acd2c0115f0dd2d492b96033
SHA512 a4745feda9798bfe9f3d05a9acc87b9b1cee4b9aaacb6366afbadca714e7b5532f7b95bffa7d30edf779c28ef73a7a2e3b8c5a54677a45c40eec0d958ca380e5

/data/user/0/com.android.comicsisland.activity/cache/image/journal.tmp

MD5 b3afa0d6fb6231f17e73bf3b83c09611
SHA1 b08bae811157af02040d970419f7b69ffcea9734
SHA256 528766deeb5a80efb5d952163873eede9f0d168886b32dff19f3bcb0106c142f
SHA512 d7ad181b99a58cfbb5a09bf088d8c527e22a37b0b036f7cce78d446a4964fbd46d1acf72eab30e8a216089a461d0c00ef2061dbaab72a95ff661d12c712c166b

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 624b4ec61237c7ff149d473e75bf901b
SHA1 b68a3af6c4f7d03869bb6e1d5ecd7c1fc1721b6b
SHA256 7909f763369351a9da3973f0d06e82ad5c2b0e47a6bcb8d20813b50a95bf0f5e
SHA512 b0f1664d6ad20a3b6663daf5407df57164cba2616f7667128ec20902dd884283c7aa9f74695c0b2b18122371da0fed31454ca3aeb6a11a440f0d5168c0dd8cd3

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 729ae4eb68fd4d81b7ec6539f7d6bcc5
SHA1 27e75e1dc1acab8489656e2e34ec4b08b9920bb1
SHA256 03f3558479f7e89df880c3b367944af1bddfb1fb287c614e3c879a44508dd1b1
SHA512 183c959683bbb253ba12780a5c9ded62e6f7108ded5f47070e03a211ed424fb15a4fef5b0e8aa634a2b5a098dfd46c3e480f432a9940e5abaa2180ae228a4c3d

/data/user/0/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-journal

MD5 3da23c726f1f64fddb8ace69d783ad5a
SHA1 65805a331167330d508eeb503296acadc84a771c
SHA256 901f62c197f919f091740a23e01dd84698438cd0a9523625bd7d71c6ab2b353d
SHA512 28f82647ea463324ae35b4658d9fd1762b85f51ec97633ef121e3ad1f1cd5f880fe7e5deeed27390be857ef87bd8d8673ea05171bf90ddddfc22cf5f346d2cd5

/data/user/0/com.android.comicsisland.activity/databases/com.android.comicsisland.activity

MD5 b8c9a911fc0ea4cdc017f0af97d28ba1
SHA1 647deee264cf0e62104d19319bf3a3bca2279c54
SHA256 66223b73981dc9e68475dffd8387183be02c2387dfc2f34a23bf3d5e172559be
SHA512 24da48e4bd100e8436a712e96e8a65e2444ca3187cc020bc3105f50b6b487599cbcc64bfc3b0455619dfa942d3cc8bd59094c843ecb78a162013d2e96f5798dc

/data/user/0/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-journal

MD5 337c8327ff62afee185772f20f7b4643
SHA1 a6509cc8cfebfa5a8fa0d2a0eb8c993f3a98bc82
SHA256 7720b913ac5381553af7c87548de609e9e842d8f79df4f423a684729d9873074
SHA512 194f1fda7d780e20e1d39535f11b3402c54a9117a89bdd89b17abc682c8d7559d598dce7e0e4207ac7b1f104245f5ab474375205170adaf3341d9fe06308c22d

/data/user/0/com.android.comicsisland.activity/databases/com.android.comicsisland.activity-journal

MD5 71af038d989282c3ff1858fb1f6387c3
SHA1 e8e9c5182c27b3cf253a8b3bfc49b8d110003968
SHA256 06946c8dcb524f56d2a5de04225a08a1967e43e88ac6af0b10dac36ac5577261
SHA512 38609b1d799976ae67ebb4fd1eb30ef63e1b7a174a0bb667a3528538c97ac564c8ed267e60bdc32836ec07897015a81980087acea4e822e7f563162ca8c74437

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 93762430181bc4f75980219a01e61fed
SHA1 09366c3fe7f7f0bac78f34a5389f8b0ce1919b0f
SHA256 ab9e0a76c1330ffc5bd1c0f311074ec629b564ab5acaa2280c1a28f22cbb6760
SHA512 8f1ebe9ea6e2397b6933457bf6537bb0dc9afc70a2edf6e00ea106a2c2f56862d95d873abc1b7b1822396f6d761d3398293e435fc0e4cd40a3bdbb7f7644b691

/storage/emulated/0/Android/data/com.android.comicsisland.activity/cache/mw_cache/journal.tmp (deleted)

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 f3be136e7636c82700a381db865f6416
SHA1 d02541baf9492e5c7188b2c2a040ab18c64cdb91
SHA256 2f1d7d64dd592b67fe4238cdcf50aeedfb0afeed699ee8fee90078a0002b27a7
SHA512 d4d7656811818549448be66db3130bf9ebdfb72e2d322d290952472a54af0e5da18bda619089b8982173f843a0cc745e070a6e1e0ccdb5d3187e3c2d45143b98

/data/user/0/com.android.comicsisland.activity/app_crashrecord/1004

MD5 b8ba586dd98149957e5ba432c9c375db
SHA1 5462f01e90973b3179691f64357f511e6696149d
SHA256 75a586f3779f1b78c99dfe5fe5156d3ffacb2fd3bb4fb047a59c2c8ae508aea0
SHA512 84c6a7a64013a2f896597c03ebfdfc1ac0e524539117b8050124eed9bedbb544a81116f2e5e36cd61f5e3e77ca39b552bee9e88861ec54762ad1632ccf8ffa3f

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_

MD5 ae13c991a3251a4703cfafc0a30aeaf1
SHA1 1fd3d445b07cc0cbc0c715e9b1dadc562cdf1aad
SHA256 c2160ceeceaea9f3272aea34fd0ee2960ef8f9522fb97d7f20f9ba61a34eff6c
SHA512 7b4c19d990461fa0ae4dff1c79a69690628c20d827014e4fec244ca71a00c1aab9bced3fce9f13ebd27b6d7eb08de634a9606ac6af7bce40e053700cd4057965

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 53b8c29d7655cd498e93492e528f9915
SHA1 722fbbb3296975f0e68aa0b649b8ac59d4f940c9
SHA256 1ed9a18888fce391e8c15ccb59d2a785c5b2c9f0c52a71586d956739595410dc
SHA512 ca0b30379b837649a260009f283d4dd33a97e7258f4fcd43bef5aabfec713bee5bb63ca6922c748fc7c63c671e1de6a1d3a6b38e06376fafc2ec232264e26cf9

/data/user/0/com.android.comicsisland.activity/app_crashrecord/1004

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 1ac82dfadcbbb3e3c41d5edf1fd391a4
SHA1 6218702f8cb09defcadac003dbd0430da48ada8e
SHA256 67712dd1f2cc6a906ffbbaa40135cf07bb7b213da803cc50a010d43079c51a6d
SHA512 3a6e907d6137ad6867972f8b9d92ea5342ba523899f2901550678129a558f9b4b42a307231b91176b3e665b01da85a58dd97ffa43c4f9e46c6522d1e0688b470

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 1db990c5f9d6839404aa0b5ce34dc1be
SHA1 d5689b53a71be1e97d00c426e3eb2de58999cbaa
SHA256 0427c522307fcddede5af0b68e241a28eeec771c125409091cf5a777312e0b43
SHA512 13575f0ec5f27e8f9ea469bd7ecbf21839934420c045d3900c7450b0aea61e433a2923a273f3159873f71ce87cca817278c5c722d469b2856e514910ba8d92ee

/storage/emulated/0/Adhoc/ADHOC_CLIENT_ID

MD5 12f014aa238ad74520accd3091740205
SHA1 e267540f1c3478eae676441c0b72b0b690c69e4f
SHA256 4293304edf05144c4ebe840b8852d0cbdf77e0e76198c6290f64a0b44cbcbabd
SHA512 014598b74043435f59f8c4d4f77e76a36eb2e8519c1b9ac9d83ad425707a5ba0a62c14cc09352f27d9e33d2e47018eb7683194f244e8e11d4bdf31a6fae5c5db

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 584b545065bd7b65b713aaf8572e8f35
SHA1 29878cef51893a72324d96e6cc1da4b08e781c84
SHA256 ed4b733547c4c7154063be97d1086e41968331654dcfb9a1ba087a62420b2754
SHA512 73fe4ceda004ea896640aa7dbfd0f935d6b951137edd438dd112f9c68d5c1a83e534faadfa0c36c83d8bbac0d3a619aabf0c34195effa57eb302d2e9d8ba492e

/data/user/0/com.android.comicsisland.activity/databases/gtc.db

MD5 00f8a91e53dbc607364cdc41d829f71f
SHA1 ee515a06ecfc8f51d9a849543515e14bb6fdf68a
SHA256 cfa7ba982ecb6049bdc5f311119bfe4bf7fc1756e7d51c57d460e8c272c17245
SHA512 ebeda6978d7f9316155ac55b5c068a19987420821f697c91e3b1a2c9e2e5ddfd1ae6a8bed1dd9980d8f6e11defd8cdec73ec8993afd481eb8042b332c74b243b

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 1c97edec8ab0e9e28eeb6a6a33f486ab
SHA1 10a0abcd6091507fd19572e8310a2e96c8f78496
SHA256 ed37afa5cf622f92ea9593ec4257ba94e8296663f60705ee7db6af1a275e6f80
SHA512 be25067513478473b21569cc4370d8c67fafa80c0a7b7d1b770b0bc01919da77db7045f6a755b7b88f3e9b87317fb060d80d326a15d55d29b1999d8e5476cfc2

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 48e547ada8e2f482543866d62f8ae35b
SHA1 5fbe206bd209da9f366238ed745c2b12f2ad46a9
SHA256 5778827532dde922b5728a85d1a29ede480682272b1c42bb32c36cc8df876b67
SHA512 0a5ed07f9fda62b5f3232b50e618999bc257f4d9f437c4b1d66305b518be0d35096cd0cad5fe9d98317af15d2c5e93027dbfea0c6f49d903fa6e0f4dbb3ef91f

/data/user/0/com.android.comicsisland.activity/databases/mwsdk_analytics.db-journal

MD5 597399f0db0474e063b6f84526f91086
SHA1 1fb3c73566660d4cb40095020ef099bc1bccced1
SHA256 ec2ee0aa58fd9f144641b0d728c354f6f347d9187a7c5d54c880735d23eb2b5c
SHA512 1bc30c6dfbb04efd329f752da11e5bfc903de0c1f1c849f8560ce177478a9cb59284f4450cdcb7c582304e34e964ffd32adc080831ac92225db1646677fb4a43

/data/user/0/com.android.comicsisland.activity/databases/mwsdk_analytics.db

MD5 459d26c8ff9de775557113956f41c39c
SHA1 61d0e3f257693e9cb5d51e94874ef536f21aaa51
SHA256 1745eed209f43356276a4dadcdbb83a354818c8ff6be781b7fb05a7f13785491
SHA512 dac2c2b19980498c929be6baab23653c9ea53c3a696ea2d37ac60512d1b5934d4103a1b738adc5e4fc026ed1ce89322ba31d03b433883aac54b2ab16c14f6690

/data/user/0/com.android.comicsisland.activity/databases/mwsdk_analytics.db-journal

MD5 8de6c5206e6e550a947b10c820d3a2b8
SHA1 420b4bf4bec66497f43c1db6ea051c2e8b8276ac
SHA256 b337ea75abe6a18d96015ff5e49c87108e793df23c306f9ca9ec219b372cd7eb
SHA512 698802bd1142bd31ec5c505f07c97e4e075a0b0a839093b11e8810f457740dfe0338609b2c94feb7f974f96888b045ff83200c95b58c6223507a72a6bcc7acb2

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 0254e27d751568e64d58eecb0ec21909
SHA1 0eb12dc903909948f2307ce97e1884daf0963084
SHA256 afd315b30a4bfc64a50502da9799b69a139a9774a673f27ae723fdbd0ca0a29f
SHA512 b359bec1f4b198f41722879ba595aa8d6fd091a6002b1e10a9eb02aa34862c556844b010f2000c24d349938918c5d55358c27189b7501a45c33dfb575b4eaa28

/data/user/0/com.android.comicsisland.activity/databases/mwsdk_analytics.db-journal

MD5 3bee94964d8164deb4af07d82b5e56f3
SHA1 7e1129c28d202cbd1438ba6c4477ad9c9438a2ee
SHA256 e2d76c4631ceaaa2cc3dcabd1faad53cbee94cdb1f45f70e015fd517282fa6ea
SHA512 6f2121336c2d007244c2eebf1eb20b9188a5dc69fc8b329ce54a19a8734a63f6515a128c45b1b705542b5e9f3f5781f5bfdde3a8f9d95b2780d73cce9ec42f10

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 078fefe076868bdc02c2072b921c58fa
SHA1 c7b3382231e9e57acb8bd13faff014cb2c7c14c6
SHA256 fa01924b6c0e6274e96209a7653b99cd56b1ec77016bd0e5fb07850936eab96e
SHA512 fb9c3c50f7f3b5ce7f19ddac140db9451cdc85f8eb47607496cad88557323d9d3652441d4b754bad941b6d8f6e3a6ae58cf7d7f052e4edac26ff1725da30a2f9

/storage/emulated/0/libs/com.android.comicsisland.activity_.db

MD5 0ce08c9fa133fb39347ab6ca88969e84
SHA1 a8de13ae3cf79c38cd43f7bc57d1063af824283a
SHA256 6a48d592bee46e338839cc702ef913ef7f31c4f73b0e00b4ad56d304393f84f0
SHA512 3484de5f9874179e4d89bdc1caeeb31aa3e9c415b269a39e9badfc89e517db9a279a671b1f17655a5bd52a6a20ff98604b5276edb1b1c9ab572802435898cefb

/data/user/0/com.android.comicsisland.activity/databases/gtc.db-journal

MD5 0153c9ef9cb9cf46aee22fff59a78b0d
SHA1 4b6f6c36f24ae9e438de49a02f6965f9be4bfb49
SHA256 1137964e588eb27b75d164cfc5d502106c2b45a5ff34b2049913fa1e3438bf57
SHA512 8ddbb8931961e350502add972021f9e459186f708f3d10e26549a0066c9592fd766a9bb92c05094aa79c83a58d301e588c98592322c183970a03772135e370ad

/data/user/0/com.android.comicsisland.activity/databases/mwsdk_analytics.db-journal

MD5 d2939a34e8b77d0b8f5937d10f065348
SHA1 de4e58d3552c6e06061993ecd7fa34f9cdd5514a
SHA256 bc2b710c7b712e488461fa9bc1e2c93654053fff20560bebe2aa28dd69d6c632
SHA512 a40bdfbe4d2b9c91c98a454c1d67dc21c30605894a6292320be4c30327008be6e26b30df423608b193c343ed1f6f7d6abe04bc6a97b8ddabd7cd0b75304414f8

/data/user/0/com.android.comicsisland.activity/databases/pushsdk.db-journal

MD5 5f99e7fbc3e85fdc898e5e90508f5f0b
SHA1 7144b872abc9aa458a81b7205dba7ae86be256d4
SHA256 b46d93dabbc990c7e4496f3bd18ea7424e02b583609ae4887938ba4c4efa50bc
SHA512 503d139b47e8fca66628095cc27a3c7b41b1747a99e2fe6f319ef5509bdc6384af03086589ee0094512573d24ff9a5284d62e6c437b79c26a23db75fb38d986d

/data/user/0/com.android.comicsisland.activity/files/umeng_it.cache

MD5 9513e937660e5632cc4e53e3875534bb
SHA1 159cce406e7f9e805c8442a20dc8c71e9233279e
SHA256 dfba09ed7eb8d94d7241dee42738a8845a68191f6e0202e6f4956a96c94e19f7
SHA512 e17a619b8c050f840f71c5251dd9b201a14ed9e9219c7efe81721a06b4a45acea8a13203d3f566b2941469192b7d4a87b46f680606553ac18eed8aeb240710b8

/data/user/0/com.android.comicsisland.activity/files/.imprint

MD5 58fa0fe26866cd8fe7b127068c40146d
SHA1 79f7039695761ed581386d6eb0fc64fafb81b879
SHA256 61674bc1a2a6d64d761d6a815e21ab58b6c0ec463072addee2e20f49be0432e5
SHA512 7db0e9d95470bf9dd35ae14732252bf7d4f851b582573eeaa6a5935aad9f099da108ac33962afa1eb3708d15451af612f76d23aff0fa44594449332c0632c0d2

/data/user/0/com.android.comicsisland.activity/files/umeng_it.cache

MD5 647c951c6ec31cb1703684fc8d788307
SHA1 538c47c5a7b1adb303de1b1b54924edf06053129
SHA256 daf77ca6b3fd96dc5efa0a2ad8fecdc759540dddd0e98577dc8cbe5ccab00d3c
SHA512 4b0f0d73ffd40753b031b8b2cb341d782210c028539d067317b532d25825384deb3c10475067bf0cb2dd3bff6cd1f99dde3a8085bbc84e5d9054cc2a8736d939

/data/user/0/com.android.comicsisland.activity/files/NBSUserAction

MD5 80980ea109ad9fedfaaae3997e168818
SHA1 ff94d15e2e91cf8cb9753da7d8421f1797a814b4
SHA256 d909e23476b4d1ea1df5ab35e468a9d7a2c694110d5ac90add6723afd29ededd
SHA512 2bb857b9685e63d14226215c7e65616bd595b0b3a4e9e854cff1dd2b71efd385a4aaafbb82e4e7f0f3769f46b01bee868b91e94c62d979914de77d858c989a8c

/data/user/0/com.android.comicsisland.activity/databases/bugly_db_-journal

MD5 05999fd5cea51035baa15e646fe31c43
SHA1 e2e70278b5f0f37c931ecf4b66944c5f05fbe9ca
SHA256 9daef6bb5c28b78fa47c27672afb14cb06ee0aa5dce35df7a5bdec5a10e1be7c
SHA512 fe00e8b0d35a21525a2982b28d3e9806f08405f93f9e9a0d1fb725aa11091633f5ddeced7c5f1b8f367e219d11a18570e0effd12be8bc330da2e5c599726ccd7

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-10 15:42

Reported

2024-06-10 15:43

Platform

android-x86-arm-20240603-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-10 15:42

Reported

2024-06-10 15:43

Platform

android-x64-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-10 15:42

Reported

2024-06-10 15:43

Platform

android-x64-arm64-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A