Malware Analysis Report

2025-01-19 08:03

Sample ID 240610-ta1xsaserr
Target 9b383620bbb6a1f38a912f5d6ac48427_JaffaCakes118
SHA256 04a7b4f642c6b6c0b7072c5cb140debc7024c9e49c5bbb40660f7827e764b0fb
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

04a7b4f642c6b6c0b7072c5cb140debc7024c9e49c5bbb40660f7827e764b0fb

Threat Level: Likely malicious

The file 9b383620bbb6a1f38a912f5d6ac48427_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about active data network

Declares services with permission to bind to the system

Requests dangerous framework permissions

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-10 15:52

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers. android.permission.BIND_WALLPAPER N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x64-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x64-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x64-arm64-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:55

Platform

android-x86-arm-20240603-en

Max time kernel

104s

Max time network

181s

Command Line

com.dolphin.livewallpaper

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.dolphin.livewallpaper

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

/system/bin/sh -c type su

logcat -d -v threadtime

/system/bin/sh -c getprop ro.miui.ui.version.name

getprop ro.miui.ui.version.name

/system/bin/sh -c getprop ro.build.version.emui

getprop ro.build.version.emui

/system/bin/sh -c getprop ro.lenovo.series

getprop ro.lenovo.series

/system/bin/sh -c getprop ro.build.nubia.rom.name

getprop ro.build.nubia.rom.name

/system/bin/sh -c getprop ro.meizu.product.model

getprop ro.meizu.product.model

/system/bin/sh -c getprop ro.build.version.opporom

getprop ro.build.version.opporom

/system/bin/sh -c getprop ro.vivo.os.build.display.id

getprop ro.vivo.os.build.display.id

/system/bin/sh -c getprop ro.aa.romver

getprop ro.aa.romver

/system/bin/sh -c getprop ro.lewa.version

getprop ro.lewa.version

/system/bin/sh -c getprop ro.gn.gnromvernumber

getprop ro.gn.gnromvernumber

/system/bin/sh -c getprop ro.build.tyd.kbstyle_version

getprop ro.build.tyd.kbstyle_version

/system/bin/sh -c getprop ro.build.fingerprint

getprop ro.build.fingerprint

/system/bin/sh -c getprop ro.build.rom.id

getprop ro.build.rom.id

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp

Files

/data/data/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 1af9ef0ce00035c3d593b93888249068
SHA1 414bfb1e8f1162289d0fdad8e75d7f94b343b81d
SHA256 b33479da7828b1376ba9203b6a96ac6975c506ad6be61de0da21b1464fd09061
SHA512 1b27e5a370283907f82fab85487a42fdbae73eeadab59e2d1a9b1bd9a16b189b13fcaf7003f24c310a673277044a38374dfc4445affae2c58e97dcac6ec40892

/data/data/com.dolphin.livewallpaper/databases/bugly_db_legu

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.dolphin.livewallpaper/databases/bugly_db_legu-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.dolphin.livewallpaper/databases/bugly_db_legu-wal

MD5 e99be14530489cc7b9d4bf1b9b82d100
SHA1 3a4fbbda1f956e842367eff6ef92ed58b488fdc9
SHA256 95733d1e09af21c1bc39702f95978c6cbf3dae0c101495aaf04294dc2015ac5d
SHA512 e292657beb0af7283b4706c395771c42fd9fe19c25ec277e695dbe3bab9b82698d793d4bd54489842090b60a6ea664e06271d125644a99433457555381225a58

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:55

Platform

android-33-x64-arm64-20240603-en

Max time kernel

24s

Max time network

185s

Command Line

com.dolphin.livewallpaper

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.dolphin.livewallpaper/mix.dex N/A N/A
N/A /data/data/com.dolphin.livewallpaper/mix.dex N/A N/A
N/A /apex/com.android.wifi/javalib/framework-wifi.jar N/A N/A
N/A /apex/com.android.uwb/javalib/framework-uwb.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-tethering.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-connectivity-t.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-connectivity.jar N/A N/A
N/A /apex/com.android.sdkext/javalib/framework-sdkextensions.jar N/A N/A
N/A /apex/com.android.scheduling/javalib/framework-scheduling.jar N/A N/A
N/A /apex/com.android.permission/javalib/framework-permission-s.jar N/A N/A
N/A /apex/com.android.permission/javalib/framework-permission.jar N/A N/A
N/A /apex/com.android.os.statsd/javalib/framework-statsd.jar N/A N/A
N/A /apex/com.android.ondevicepersonalization/javalib/framework-ondevicepersonalization.jar N/A N/A
N/A /apex/com.android.mediaprovider/javalib/framework-mediaprovider.jar N/A N/A
N/A /apex/com.android.media/javalib/updatable-media.jar N/A N/A
N/A /apex/com.android.ipsec/javalib/android.net.ipsec.ike.jar N/A N/A
N/A /apex/com.android.conscrypt/javalib/conscrypt.jar N/A N/A
N/A /apex/com.android.btservices/javalib/framework-bluetooth.jar N/A N/A
N/A /apex/com.android.appsearch/javalib/framework-appsearch.jar N/A N/A
N/A /apex/com.android.adservices/javalib/framework-sdksandbox.jar N/A N/A
N/A /apex/com.android.adservices/javalib/framework-adservices.jar N/A N/A
N/A /apex/com.android.i18n/javalib/core-icu4j.jar N/A N/A
N/A /apex/com.android.art/javalib/apache-xml.jar N/A N/A
N/A /apex/com.android.art/javalib/bouncycastle.jar N/A N/A
N/A /apex/com.android.art/javalib/okhttp.jar N/A N/A
N/A /apex/com.android.art/javalib/core-libart.jar N/A N/A
N/A /apex/com.android.art/javalib/core-oj.jar N/A N/A
N/A /apex/com.android.wifi/javalib/framework-wifi.jar N/A N/A
N/A /apex/com.android.uwb/javalib/framework-uwb.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-tethering.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-connectivity-t.jar N/A N/A
N/A /apex/com.android.tethering/javalib/framework-connectivity.jar N/A N/A
N/A /apex/com.android.sdkext/javalib/framework-sdkextensions.jar N/A N/A
N/A /apex/com.android.scheduling/javalib/framework-scheduling.jar N/A N/A
N/A /apex/com.android.permission/javalib/framework-permission-s.jar N/A N/A
N/A /apex/com.android.permission/javalib/framework-permission.jar N/A N/A
N/A /apex/com.android.os.statsd/javalib/framework-statsd.jar N/A N/A
N/A /apex/com.android.ondevicepersonalization/javalib/framework-ondevicepersonalization.jar N/A N/A
N/A /apex/com.android.mediaprovider/javalib/framework-mediaprovider.jar N/A N/A
N/A /apex/com.android.media/javalib/updatable-media.jar N/A N/A
N/A /apex/com.android.ipsec/javalib/android.net.ipsec.ike.jar N/A N/A
N/A /apex/com.android.conscrypt/javalib/conscrypt.jar N/A N/A
N/A /apex/com.android.btservices/javalib/framework-bluetooth.jar N/A N/A
N/A /apex/com.android.appsearch/javalib/framework-appsearch.jar N/A N/A
N/A /apex/com.android.adservices/javalib/framework-sdksandbox.jar N/A N/A
N/A /apex/com.android.adservices/javalib/framework-adservices.jar N/A N/A
N/A /apex/com.android.i18n/javalib/core-icu4j.jar N/A N/A
N/A /apex/com.android.art/javalib/apache-xml.jar N/A N/A
N/A /apex/com.android.art/javalib/bouncycastle.jar N/A N/A
N/A /apex/com.android.art/javalib/okhttp.jar N/A N/A
N/A /apex/com.android.art/javalib/core-libart.jar N/A N/A
N/A /apex/com.android.art/javalib/core-oj.jar N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.dolphin.livewallpaper

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 tcp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
GB 216.58.212.227:443 tcp
GB 142.250.187.228:443 udp
GB 142.250.180.4:443 udp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
GB 216.58.201.99:443 tcp
US 172.64.41.3:443 udp
GB 216.58.201.99:443 udp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp

Files

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 30b20c4f1048714df307f9e758fb9186
SHA1 9bf21b130a4f28fd32d5ed404ae498eba3804a6f
SHA256 9f9bfc9fc8760db25cbc1bd7aaccaca5ef85274409349775ebc1694ab5fa9862
SHA512 c5fa690c90914a07c9f18f92251de5a46585221aaf80905b5fa635c1a165e1017234ccb934469c95ff3304bedeedab76e7e3b5743197b51c10ad3344cde1fb95

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu

MD5 4faf47c763de6ee6b2e5c6c2c9ae17c5
SHA1 6038ce6465c9c048ac4fd7244a873b0e38f2afd0
SHA256 fcf024de57e0e68ec493de4598145c3dbf2ec96a567b3373ddf1c04be5be8b22
SHA512 d6285ad8dc0cf1101ec4cef5a0ec2f5bb650270c470555a2ba4442dbcc6003d9f3c0b12bd033e5770c17986df68e5d5c5691a1cfe31331108d22b9693c81c812

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 bc7731e032a7bf4d702130c82709d5fc
SHA1 b35019df3d929b1615bcb8558809903e4253d5db
SHA256 d22c54bbe9c7ba895f30e498652e627997d7ca2e6da1428879b790e38d48416c
SHA512 9a5745ceec249d0b1b6d273ad5860119705df153eb9ec2fce80d706eff59b64769e713e230bcd098fe6a7caddf79d9e281922db3412452b207fad12ce82d251b

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 350a5c3643c5604de46cf0e9efdae427
SHA1 ec35adf6765aef1f30023dbce5c70f9a94c70afe
SHA256 ee4aa91afde7ff350eb59b1427271279ef157cd4e18dfee293e094b102d107e0
SHA512 a44fa4c26c626e344ffbc79ba7f229e733c31a04c2a7c4665a9ce809399ed3c6879bd1569c428b42a750ae8b72284150191d293a4c35b20af017dbb4dab55aca

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 270efdc9f7ff23e370c7bc00f214aa42
SHA1 dde58880e3f27f79b9d7eeeecc2e3ee184092300
SHA256 8f985f8469268599db9b9820856d3fd20b7e4e2652ec6ac9862936f49f934ed1
SHA512 5add6202905c45b3ef74729cad517bfe41755d98f24c221da1df056fd25aaf6edc388d020ac7483eba4b1d4d1b0eccbbcca4668bd365af33ea16f934e736d75a

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 8cb462912f3a758e1b91b7ca3d4392d7
SHA1 285c1318bf7d278ee3cb152d24e84203b55333ef
SHA256 24f35f3265e2e4eb241b23934982c88a3b620e066fca47f94247223bf3b5e49a
SHA512 0a300b959349c37a34593da0314e6208dbf5367348e631d46609512d8bdebb57fbbb7321ce9669e3bd302652f6464d688a3487358b0e2fa9415dae6065485562

/data/user/0/com.dolphin.livewallpaper/databases/bugly_db_legu-journal

MD5 d2fc8f637f4ab222cf04577fa6ee64a4
SHA1 7c1e7df50819d23c609b80d4a73288965538fa8c
SHA256 42733cc2feb393f8bb9f810c439f29ff0ea0fc7be0e981e04d2d8f6069713fa4
SHA512 1a50e807672ec0d35d25ab13a820e01ec8b65badf6871ae27d971d7c0be435552686e7f5d10b2f81bb22865eb9f5b64dd0fbfc7a86befeeda4e6c372778e1c65

/data/data/com.dolphin.livewallpaper/mix.dex

MD5 63f77f99bd2c2b772a479923bde11974
SHA1 c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA256 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA512 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

/apex/com.android.wifi/javalib/framework-wifi.jar

MD5 38bb2ecc2647701304bb9980e35480fd
SHA1 1bfc5c534617cbd176268d6a267abd59959f3184
SHA256 79bb444346e1086292f96dfd8f859fe6e72fb439c1426db6915aaddb5bd30a65
SHA512 02fc2026b43e02c25cb370606ff2adfc3c9b66b393250ca92b2d5eabbfbd2568c391d8932ba774bd5c5661c850bd71157a0ce454b195658066b65b7363a1f551

/apex/com.android.uwb/javalib/framework-uwb.jar

MD5 7f8f7e544abbf10bf9d0623e09aabe34
SHA1 ee06d0f1adc3ce304d2b4dde0bc043b37a0e32fb
SHA256 31ec5ef294c561e6ead889767bd0656714f42998717a947427150d51dbc3b367
SHA512 8c49570f530b73c9edeb948ff89f1d4491273e4c5ae7a79156d38f12d5cc93076f325913107848cf91f566ee7b59c30b86db213c078fd0a635e9aa6eb9a99ddb

/apex/com.android.tethering/javalib/framework-tethering.jar

MD5 d81b5e468aa772e188d4d826bea7022b
SHA1 a95510ede5c549b29c6778b235863a6c817d982e
SHA256 fdabd2584172b86fb29014cb70f61e5995c229db5fe098a80244809bb7bca7cc
SHA512 bcec5c487477d83cc8aa43c75bc1eec9d3e50cf34960c302ace30d8a91a1ed298b5314dcf83845dd142be202cf960a4514eeb8dd376fb7947c7728349d940ae3

/apex/com.android.tethering/javalib/framework-connectivity-t.jar

MD5 6af554dbf0735cde24b20ffcbc996fc7
SHA1 2f8e3e13b167f5a619b4a4aba6e735516a04f68c
SHA256 595956d19b204fce5ae88e02999467cd6bee084158ef209fce06958d76806608
SHA512 b450779b88d6e07537e6cb39e413ae69c8b60e4e18786d9654f5d610abbe404f83c9ed9036977051766a1b414d7434383c6dfab7edda3d854b0a16562d41f6ab

/apex/com.android.tethering/javalib/framework-connectivity.jar

MD5 4f7a254ff28a65ea2a4cffe24b1339ce
SHA1 5c2861faf85e3086eb0144bb6006099503b5e283
SHA256 13f8f21e0f6c093ce54e81bbd0e169f605060d68a60070bffb0e1ba2e54a40c0
SHA512 53357cfbdaf076104dc6d6feeeabe1235d8e4214bc4b5b3a70eab2107799be19efc0b970add2eb65e8c099b4f0dfce72a309842a5d0bf6c266e3707b73311a2d

/apex/com.android.sdkext/javalib/framework-sdkextensions.jar

MD5 dde2bd24649e82bea6ea5d8bcf7c0589
SHA1 ad1b2b9ffeb9e87ce85db2d47a896c551990a985
SHA256 835e58ff912600ddef1b3fa9adaff5d7e2c4b379fbe8adaac065122777b204a5
SHA512 2b9b75466911a0e7f75b02d7132a497017873752a4310a2c79251b546e0c5e426f90ac460fed1e932e6119738cada32cc6df041d4b9c49200675dac9d470abe1

/apex/com.android.scheduling/javalib/framework-scheduling.jar

MD5 9667a58cf7cbf24089068395a663542d
SHA1 233b15ea03809e8d55249ecc2a386ed8d6f1b05c
SHA256 a80d2a1dd96cbfd38ed68d8934611f2294ff8f85fce7378500570814d571ce7e
SHA512 21b7e60d5e299fae15d61212f657504aa429120ed90f0facae98b5e04b16f35fd79b63a6668c9a1bfa799e47f42f42ce9495e475b86e01837cfcab88111f92be

/apex/com.android.permission/javalib/framework-permission-s.jar

MD5 dddbffa4fb9866e65e46ddedbfc917eb
SHA1 d1b1e3f5e3596544a4259a019607d93b31d2a271
SHA256 25c24c41332b5886427c5864067ac491e163a6c729bc219b31183b229e5d3219
SHA512 6a55f0c915ebfcff4fcd928dc67a0126ae7a0467c8ba39028996c219d089312872f8a2f672ba9b3886d003726961da10d66a8459bee91934fcde28ec8ea110d1

/apex/com.android.permission/javalib/framework-permission.jar

MD5 11055bb5f97d6dac0aa37bfeca7051e8
SHA1 b71d72d66800f512b9ccdbe3e3b1028f8e1090a2
SHA256 e62333a706d04ca49f917826f49770ad089d134580f050567de912ecac31302c
SHA512 787b6f40c233eae5c0e5d84c178f02f755cb0c8ba9ad3991e145841fcc05da69573d489f3331f46a778c365e25d3cfd20a1388d2cd6ee4dd99a0381feb90b2d9

/apex/com.android.os.statsd/javalib/framework-statsd.jar

MD5 c62549e4c3dc3dc6828b5930a696d82e
SHA1 a19f79ea7a2fb4a730e20817b52a51625ab23dcf
SHA256 22481f2149c6f9b6e8873c4419c8fd33fd72c7dd1ef8e968c63ba3a1c8eab914
SHA512 cef48a5871c75d214a74fdc2907bcb6052b7a6fee03c7463ee0922fb1158d08e770a0a6fa5412fc69bd5704b65800c9cf875a563a560a864778e873772747d9a

/apex/com.android.ondevicepersonalization/javalib/framework-ondevicepersonalization.jar

MD5 a226d2dab862fc8e24ab338ca5eefd26
SHA1 d424730e7a0ab29a2ef906b7e71e50f857d24856
SHA256 f2d356c75b62b631972f29ed268497b3088e80676f34c4f8ea779d30be959b4f
SHA512 df211db5e4b6dfaeb74f5cdbe9d776486753dec9d527364ffe3d38a1ccdc5718f8edf1d59a4a9bc1d0fe6cc568de9a43a46510a7cf2ea5c93cd3fd0cdf9adc17

/apex/com.android.mediaprovider/javalib/framework-mediaprovider.jar

MD5 5f147ff03fa6df46871cc7988719efff
SHA1 1bcc3c94c4edaec0c4b71d619ad6e93834c98420
SHA256 6ae5b642fe117238ea95d6f39931c86cc3e784115a0874e8b742dab88ef9629b
SHA512 d6d6e022fe31d6aed2663ffcd7c909aa22d93e4389f8c4930c32bf4b49062e57c4481f9c551cb2963457a0418cdef8acb24c123204127b0873e8b18e89a591d2

/apex/com.android.media/javalib/updatable-media.jar

MD5 5b75de85d1963c518cc39440e203e80a
SHA1 cd199428ef27a5e6c42462a600fe572a0c8cdfd3
SHA256 19eb02aed8c826a9a4b74d11a345e8ecbe1fe5562c5b9d13ac1286efaa4771e9
SHA512 de7ac7c3d55f36d9efe66d7fce049543fcf2e37c24e50f8e593c50b71e3d77271f50723a223e5b6877248ae0c53f9dcfd450dfe428e2b4e6ea5e5c8195ef0ea1

/apex/com.android.ipsec/javalib/android.net.ipsec.ike.jar

MD5 5041171aeeffa6ae45eef650b594445b
SHA1 cc2a8d2577fedf8cf3f5c146a7874a3420a9015e
SHA256 dbf99fd2ecc3f0a085855d9a53881b91132da8f0e85dd11d92ee46db01d6ab83
SHA512 79201fe62462460065e376879ff014232394dc608e838fee0e2391b4f01fa1e8c76866398894b8195e23d45e2ae56ce348930d9abbb14e622a0874df0f4f66d7

/apex/com.android.conscrypt/javalib/conscrypt.jar

MD5 7ce91e3f14e20db318e38b3fb497984f
SHA1 068ebff84b6fcb998fa518e39b78b4d52707edae
SHA256 787aa8fdbb20b5a4df8a61213c8df30de929dc610967f32712611b323d89d32d
SHA512 54ffec1ac57503575b6a2f471f8eb895b1042b2592b5febe63377e11522103dee0f70f01ae52cb2081b06dfd16ef79723cdc1b40680a6d2622fa0a5067b5267d

/apex/com.android.btservices/javalib/framework-bluetooth.jar

MD5 dfeab0380131c54e132e010995886029
SHA1 8d99f8257731637cace5f413916741a94fe5e460
SHA256 9f51175dca7d241cff99acba4f8e29a1b781f3d16a72baebc8ab7434ded1869c
SHA512 2f101e3e655e0d6ce4952ba462692d706752491d5ff3b8528d0331f1523ac227c0830a26c74bc850117f7bf028d1547cf190bdac02f647ca245e83d60f9715d9

/apex/com.android.appsearch/javalib/framework-appsearch.jar

MD5 45f2b5cef7279c9e721764da4618a83d
SHA1 c3b16d4e71bb29955481eba3d2e7bac78292d1ac
SHA256 a77cfbc9d66d3fde22540b2e6a5bee8ce21dbeb3f66c0d9121764513188252f7
SHA512 fbbdefd3117f8af38dc60676b85a86e7d38009bf839aca2d1d7f38960e05942befa7d5645f218cdbdba56aef6d7d1f5794ed3fb53c0f2134ec782323b03d7c9e

/apex/com.android.adservices/javalib/framework-sdksandbox.jar

MD5 898c6c1597e17488fff3ad1f075b126d
SHA1 ded41197706768e8fb5a27211091710de74f87cf
SHA256 e71199d47af29d61859792529bfee051ebb23b92747d57e402d6af30c8d2a9c2
SHA512 34126bb4f7e75a9386c5960685c2d6107b547ca545643a4158f09876d62e4a04e48961e01664ef9bebf2faa165952adb29d447281178fbdc4f157a079a2159dd

/apex/com.android.adservices/javalib/framework-adservices.jar

MD5 b7378810aaedc21703a206caa03483f6
SHA1 c7f25825108746487b3845bf92a050cd58d8696f
SHA256 ebf554eca9585be7cc99314e35c844d481ab811456055a1127b3df4641cf2ffb
SHA512 29dc68938e9ed5cf0ce51ed35ba10496ce703a9099a4a2dc4849470aa8f567b3052e08515dfee102f22c5b5bb6f2a4d21daf03b97a61e3d1d2964bc450956d37

/apex/com.android.i18n/javalib/core-icu4j.jar

MD5 baf8aae4583bf6989f30a3512d36cdf4
SHA1 b8623c5c6be23f8201cc1b826f83eaa6ac8f7b46
SHA256 baa7c3b0f8df0cb4e6b925b44ccf99dbe35dbf4be00a0ae33c5e4eeb173ce7f5
SHA512 420c583336e62cd5137809fc6d2267344d1d52fe5edd3e0ed8385207f6731d17a6370b61b6418260039266c2ae2c5e814c5eb9b16b4e672a6b0e3b1e5714f11f

/apex/com.android.art/javalib/apache-xml.jar

MD5 5c1dc5d635f8e0de770c930b244d72ab
SHA1 1cfab9c114f0e14bef8f58bbb5c46ea5c7f45581
SHA256 a592316ce171525b731179a84d91a1f7824d5e7c2c6f713d038163a95f7f3626
SHA512 fbe9dead311f0279587006fd60f13759635ae39f81f3eaaac71db264e2ef773788162fccaf6537f87e7b7b9d5a7e8cf0ff31561774686e1bc3fed0ec9bdbd363

/apex/com.android.art/javalib/bouncycastle.jar

MD5 610cf8fc8e3b9316656d5d8562edf98f
SHA1 6c628e96dcc908ef390c46a67de435b06607a2fb
SHA256 b12a49fda7dec105cac09b6d77b083d37b1be5d52f4f265790f2e348e5783f06
SHA512 3adc4a3bea3ce819f1b5eeff0988d5cb131d850f2a3ac6c484e4b7f4ced566dbd081d0cc6042ab3caa344098650c0b1a4c5f691f7921d2cf1ca395e08e3222b7

/apex/com.android.art/javalib/okhttp.jar

MD5 a4b2495e244595af5f3e3ef446f3fb05
SHA1 5a19ef43d0ffe4cb740cefd5bef48da5bf60e774
SHA256 14d759d0257e1be79263f4ff0bd41548af7f83f7d5f8f5029dae5e58a4687ada
SHA512 5fe72bbed317af46c385cde578bbb9d47e429ff192f96799ce81e891098ee45ce5d6287373cc78ae07b664af168e0ed7e516184883442132664e659ae5d0aba8

/apex/com.android.art/javalib/core-libart.jar

MD5 9dfc76933503bef1af365e42ed68879c
SHA1 65c92169881f1a10fb26a407494f9c4b383ef84d
SHA256 eb3b040c7700fccdc6a637ff9628c0867b6f48ebac4b09c2b5bb4dd77baf3d38
SHA512 f8ffef274eae3e01003cc8643de1eade69a5747978f3ec60d910a02d18445d776d997024130dc42dd92287900c6ba57463bbddedf045064bc2374669f00a792d

/apex/com.android.art/javalib/core-oj.jar

MD5 f1a98ecb23b9134c358015fcab1f0215
SHA1 e71c1849677f17d5aa83a20853f3483136d449e4
SHA256 d9d541d074d858571d60e2964fd39fb74130217fa7c92d74ed1695b0962837cf
SHA512 8e2a6dd96a89d2195ac770320933a1938977dd55ac98bc822bf33646fec208a2354f1e2dee14463eb776da13b737517affe9bc336093fec1fa9bbc6c7b67f1d2

/data/user/0/com.dolphin.livewallpaper/app_bugly/tomb_1718034757437.txt

MD5 bd0f8f8f3ad93fa07623422ec6e72003
SHA1 c3589295e7a4ddcf35bcd7a2c13bfd381783821a
SHA256 7fe875398dea7537a57a77c5275cbc8647aaf63ab6fd9148443b65df2e1d0647
SHA512 2ec3e073321262b667afbf98fe4e9f51e4c0c58baaad506b120239031f10699d699b94470bef13007bd6199df3d3b03f1eaf147c0cba5178aee7e267072b1c0b

/data/user/0/com.dolphin.livewallpaper/app_bugly/rqd_record.eup

MD5 6ed05b9ef5440c5d27f8411297a2b3db
SHA1 7ac51f87452162cedf1c3ac8842735e4e02fc67a
SHA256 3d8efdb02901c4f1376cb80766f49a152512a964104e2a644a433e0edb25e713
SHA512 6cc31e5a41f2ce6d4ff4560f2f8d9d22478ba5b5b83d04b952ae8160e3fb53fc38a0210e6a39cf17db229382d6b0474b657c3f36b5331139e3626f85ca6b94fb

/data/user/0/com.dolphin.livewallpaper/app_bugly/rqd_record.eup

MD5 09a6771145110ef914b86bcb1143b61c
SHA1 4dd8bb936dcad33b1e249215616df0e4899c8dcd
SHA256 e31b98895ce0dededec29b04541535c8793fdfdf0da7469b0a9d2e39ad2eeb82
SHA512 cb8895244e33726acd39d502353e094ffbc17425e5942dbd0598cacdaa867fbb5d95dd4591e7864f6ef91e3843feafabe9f99e30b9214b3851868abb0c26bb35

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x86-arm-20240603-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x64-arm64-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-10 15:52

Reported

2024-06-10 15:52

Platform

android-x86-arm-20240603-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A