Analysis Overview
SHA256
e3f416a2211dcd463faed04703c51ae58ce6f288ff43e63b72b00cb817abb06e
Threat Level: Likely malicious
The file a401e40b619c172ed746298a29bc1bc4_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about active data network
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Queries information about the current Wi-Fi connection
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-13 05:32
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:35
Platform
android-x64-20240611.1-en
Max time kernel
175s
Max time network
187s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.tencent.tmgp.ksmysjhzol
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | cgi.connect.qq.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | cloud.egret.com | udp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| US | 1.1.1.1:53 | rqd.uu.qq.com | udp |
| HK | 43.135.106.212:80 | rqd.uu.qq.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.187.226:443 | tcp | |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
Files
/data/data/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar
| MD5 | d428e23060b3b30cd1926a33a17f96a4 |
| SHA1 | 37eb661405ebe0cad99e83ed625cf2bc2e1ae612 |
| SHA256 | 1f88fdf320cae29d1fd7c639b09ce4d4b468e349cd8bc71376d7c928ffa66f6a |
| SHA512 | daac098768844f55ee1528f40b334b50928ad1862b948a5c942338a36c7cfd947356bbe605bd554e9ac85c00f6a39022c30374625311ce17c36734e291daf2db |
/data/user/0/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar
| MD5 | 9b20e11634237a1f000b7afb886dadfd |
| SHA1 | 004892c488dd2bacf9309dc19497364571804181 |
| SHA256 | f77c4b20ed10a4c168f723d502fb277391a2fa8ac9d189a4085928609b551acb |
| SHA512 | 3d23490c2dcd16f998d7665208efb7a5dad0ec3c6755f06a5885197cb4d3fd3ec49ba4db16a841057abadc7f25533f1edd5b598a2419e4fea2a57c5fb76cdbd6 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-journal
| MD5 | f13413e2e98f9e95d73e41fa4d641890 |
| SHA1 | b6dc04db98e708180713f5577c4582cff9d1af2c |
| SHA256 | 08e2fb8ffb21774e81475e66f45bfa42b87349fa3ec16836321b5863bc9489fc |
| SHA512 | e7107f793340363ba7def32f2da4d7e9ac719d87200e0f8c60e76e8640e099a9e91c552bb1fe636845806c2f1e25671ca24a304dc3a635de3b71b8b8567f5e0a |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser
| MD5 | bcf7470dfc6928837ffe2df3debdc52e |
| SHA1 | 15eaa9939a3a7cb25318dad747b0cffddc0da38f |
| SHA256 | 1e80dd637b83f0706fbc0457a10c93427c2c13b98e7edbbd5194610b71da39b0 |
| SHA512 | 514643df4ff3a15cc6ae80952e27e0e14e0242691b644f875f4d4bad9d4d312e47213cb6a31cf1fc5b075ed9cd3a98b4e1558a224819ff97bf609f8ef6757e10 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-journal
| MD5 | 0021e267d16bacbaaeb9d6aff4ca0422 |
| SHA1 | a0b5168ea929515dcf93c373e100a2b2506ca789 |
| SHA256 | 3ddae809f6ea42c1812cb58ef507da9b807536df155f7d6f697124818fcbe42d |
| SHA512 | ad5ff0f4a496c20512c15da249c59222325fb62a51ab6e522ff6654e75c08dcfb0b6fd5617051f3d3e839341e97efec0036be81a48df898627a9432c39ba9afd |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-journal
| MD5 | 1797461730ae7af4b065ef8677d2ed67 |
| SHA1 | 14d1c49fab989a70dc2c5f9886edf7076a17277d |
| SHA256 | b7258e9972385e0d24113900a34024bebb44954b14c711a1a23b95140ae017cb |
| SHA512 | 7177b3963b4cfbd29c222e670dcfd8c1d2a16eea3c7fd9ababd84c4640a4477d2be505f75fe12b9b906e58f32fa92b87feb4ba7f144a3f4ccabdec6ab826e92a |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser-journal
| MD5 | e17ccfd24fb96d70a363addbb46a6a4f |
| SHA1 | 635e31aa6e629e737b5ae343bb1d147a55694e9d |
| SHA256 | 0f4af7d625a50dea9370a75917c79ded03294ad2f83dac8686b59d0d7e4fd88f |
| SHA512 | f9f91c7f096d557c73419dc932eef1e7807233b76056df459e1300e2e47404e0da2508dc18d76d66f957a684bac6ac07d55660d766511a9bb1e634f3dd55133a |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser
| MD5 | 71c0874a95c09eb36da7f9eeec056db7 |
| SHA1 | 958b1db3db7701bad70400fb86659f58c429f8bf |
| SHA256 | ba94677766163c6cb73a49a8880cb2236333258166a20ee0c1170177c86cfbf3 |
| SHA512 | 10811058db6ca2bdb50614b9f6b894d7e587ad5f6af36396d5c40ebe1a459e6e15fc5f9ed653645dd7ba92ce69a675c903096932bb3ade5a000ae1e70edb2cd6 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser-journal
| MD5 | 77e066c1b4b4c743b63441b4377acee3 |
| SHA1 | 4f731098b709154ac38630f25a0c8be1e0779423 |
| SHA256 | eef6b9a63217e7769b71f2129ec3506e6da589e4cb03a08867dbb52188af9b3f |
| SHA512 | fe1345a34cfaab42f01ee3775f6ac2869a7957a7d51779ec10b4a9c697bb459b55279de30553ed9b6b8a6573da90dd85412a94f58d3784af6259cbe746ead326 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser-journal
| MD5 | d9dec2a8027fc83c3f110a2247ba5f25 |
| SHA1 | 5bf0dc3a5a6faab3d7183c4e44d1bd0aa6fdb76c |
| SHA256 | 0c9fd0ee037a8fbf1f4e0c7b59a663557b722e3f4b79900173c3fc6d215c1228 |
| SHA512 | 454048a9c55a5a5209e4413d22841e18ee3f80fdc1157f49cbc1508fea3a4e4f68f3bb2cc3a955792b93c710784d78487dd2c8cd0377dc70bfbf84dfddfdc462 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | 7e0e32d921a1551045b5b8c25cf0b9a7 |
| SHA1 | d290592f6d2e41e8d6ce6aebe0035ab82760e6b1 |
| SHA256 | 459f1d92f95f483073f33cf9b622d69b6a77ee564633281c32855b07f0c3b8f5 |
| SHA512 | 471a22339026fa59c969bf5d50eb6fac82f8d6dbf278388a308086e94d08d9fd2c6743caf8f508708ff0c32f5b7e23bd77775fe84558a2c62da57e80e035ab27 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame
| MD5 | d8d49081fa48b00e3dddc59a5fa9e9c6 |
| SHA1 | 98f944994b01f097ec87b3701b1a8d0a384350f2 |
| SHA256 | 8260dbc64eb882f370cbf72959cc6bf7d6453dab07acf30659877c891113ddc7 |
| SHA512 | da1e692b21dca48796d9980bf04dd8763a93956e63b42f51c1c46145be5e37ae01867694f155f8af88ba46678be8ccfca19b20170e710762086e81fa8ab35837 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | 81b1f9345f4da45ac4076b128eec7b73 |
| SHA1 | 1df38b742077a6e13dd7f50d8af99b57888e8456 |
| SHA256 | b0c52ef74bdddc4de0fff7572be209ec78197e36dd492f7de2cf3ec580997865 |
| SHA512 | f409f5fcdb25cb39eef33888d205346ad1a6e8fd7e690f61e39c9be59e81947a73be4843c32256a172d0badb511e74fd18136df7485130b2cbbd383cf04d19bf |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | d80f7446674e11c59202a87a3a5f18bd |
| SHA1 | f2312a1ca1e6a07d1287b3602524a21efb600c76 |
| SHA256 | ddb6148676fd16f5768a97ce28d79ae8c1470311b1264456cd47695e5003bd92 |
| SHA512 | f780f8d11ad21fe4baace8d32a96f393675f3fcf572ed8115b71280ef8a90e4d93b65022394f17ec97baa2632d5248fde06fd5cc912b7ae32756104fb090cc01 |
/data/data/com.tencent.tmgp.ksmysjhzol/files/com.tencent.open.config.json.1108203999
| MD5 | f526172de1566b34fdcea744710d9559 |
| SHA1 | 000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d |
| SHA256 | 8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940 |
| SHA512 | dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | 2b399b152af1cb9123f8472fcc61db09 |
| SHA1 | 0a90f3647899736727e948d427ff4367bd553941 |
| SHA256 | 571410fc0707f5420f6ddf49141d8460056b8f6481528514baa633b319eb5c3a |
| SHA512 | b96418c230d335d8dc264ce57b7405002f21413e843424b7d698d4b36235c471663e69bcb57b8c4d0d99d486304149a192e6cacfb5cbbd474dc448fb36d9265c |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | fe91155f778b69a91f53b8c0b893aeda |
| SHA1 | 179eea3307a134fa2553eb4e0467eb4a99320191 |
| SHA256 | 61da0ab12beb5b779c1ce32406d29a8004dc7a930f85dd8747d3189f4b107dd6 |
| SHA512 | 8e935235d936548cd6b16c6f7ec349be524e2ca93b5411853def1d2383917fe623cd45375ac1569f8eb2f607272b6bef5112f59c5bc204175079a76fc1b73d3b |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | e4d349db1d4aa04b1ce73ef802d58636 |
| SHA1 | 32359f738593d8da86411f9eeea518a57debc263 |
| SHA256 | 753e2180151f174bc643adaf7be2cba3d44a3ff3b077a913634ab56db3742160 |
| SHA512 | 1517e9c2ddb96578e273bfa6f5b9fce9d8580606e82ee6f870bee9f1c1903ea9913c5ada99eed7227579ded90099c3550ff582b70fde2ae72020d17bdf635029 |
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x86-arm-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:35
Platform
android-x86-arm-20240611.1-en
Max time kernel
175s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.tencent.tmgp.ksmysjhzol
/system/bin/sh -c getprop ro.board.platform
getprop ro.board.platform
/system/bin/sh -c type su
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | cgi.connect.qq.com | udp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | cloud.egret.com | udp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| US | 1.1.1.1:53 | rqd.uu.qq.com | udp |
| HK | 43.135.106.212:80 | rqd.uu.qq.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
| CN | 49.4.115.180:443 | cloud.egret.com | tcp |
Files
/data/data/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar
| MD5 | d428e23060b3b30cd1926a33a17f96a4 |
| SHA1 | 37eb661405ebe0cad99e83ed625cf2bc2e1ae612 |
| SHA256 | 1f88fdf320cae29d1fd7c639b09ce4d4b468e349cd8bc71376d7c928ffa66f6a |
| SHA512 | daac098768844f55ee1528f40b334b50928ad1862b948a5c942338a36c7cfd947356bbe605bd554e9ac85c00f6a39022c30374625311ce17c36734e291daf2db |
/data/user/0/com.tencent.tmgp.ksmysjhzol/app_dex/ysdk_hackdex.jar
| MD5 | 9b20e11634237a1f000b7afb886dadfd |
| SHA1 | 004892c488dd2bacf9309dc19497364571804181 |
| SHA256 | f77c4b20ed10a4c168f723d502fb277391a2fa8ac9d189a4085928609b551acb |
| SHA512 | 3d23490c2dcd16f998d7665208efb7a5dad0ec3c6755f06a5885197cb4d3fd3ec49ba4db16a841057abadc7f25533f1edd5b598a2419e4fea2a57c5fb76cdbd6 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-journal
| MD5 | b73fa037db8c5148f97a8eec9c23af2e |
| SHA1 | 1e7240de488b787ebb1089fea7909f8f821feca1 |
| SHA256 | 4756eac895eba3a501cce1d94094b41ae7a6c04564073c23619d5109fe67b947 |
| SHA512 | 9684ecfbf947d99d5c049f12922b7f7a1de8de233f4c3c76a0b570243b99b7d807cc692cdff03d37765be47af6a8941bce93aab54f1eef215623bb7347b6031e |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/QQUser-wal
| MD5 | 099af28a32d42c8b4d043babe77c4d46 |
| SHA1 | 5adee9da8d55384a3d1d296fc92064e9b6880e41 |
| SHA256 | 61906914a6de58e2fec4b1e4158570db7a2e4e0298f6c58152ba821cd4441c6d |
| SHA512 | dff0723ebb0c7daf19d95e1a4302b59bf07655cb2229f7591eb433e5b6229a35b54a1d86d030fbb950cabb0c234820580f8525435b3a323e20d03ceeb4f84941 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser-journal
| MD5 | c2c88462057b0d1f7b381a7f6bfa8efb |
| SHA1 | 24201ffbfda9f59ce718f9b0fe4929aa5e03b785 |
| SHA256 | b8a57f03bd28e1466c0cfa8d079338a00123f1933c60a215393b59a42a4ad801 |
| SHA512 | 93ef057238af78aa1a86739222708d765a84f40b081d57f17bd36a300668dc494ad58cc02c79593c409bca5e76120505dfcbb68ff98164a1be969e35c1083c8b |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/WXUser-wal
| MD5 | bd4b892700dfe2b94e8a43fe55b93340 |
| SHA1 | 11e00150247f1ca4384a271eb755bf91c1d45006 |
| SHA256 | ad62b9da33f5344fa20b8da2a9cc52c4fe80aee0934b0df6ded872334060a7fe |
| SHA512 | 67fbac2133a1f30def6e2b363cfb138e9f2c5b20fda9fb58bb51eca5ef8f54cf3806a3f1b9d3634353df2d2e8f4043037b9defa3f0e5c5fceff051cf251960c3 |
/data/data/com.tencent.tmgp.ksmysjhzol/files/com.tencent.open.config.json.1108203999
| MD5 | f526172de1566b34fdcea744710d9559 |
| SHA1 | 000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d |
| SHA256 | 8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940 |
| SHA512 | dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-journal
| MD5 | 70efb2969c43c4fea76efcd9cf419cb8 |
| SHA1 | d86f4a67b8abf3943539a3080349994b25cad164 |
| SHA256 | 6633c9b29c918905565a462111330c7e59568123ae70d89a34987b61a1520126 |
| SHA512 | f9d3eeb5c4da4085be773dfa1017e9061f854a7db31b0c6018e7b8b213308be163a54c6b1d7c828ef89b7b39610bad7363c9df37262c9e543bd1dd3920248bd2 |
/data/data/com.tencent.tmgp.ksmysjhzol/databases/bugly_db_opengame-wal
| MD5 | e639850bbf313479991a3842d8a4ccf5 |
| SHA1 | 286a2602ac1c904d158168e3f9476d7b66e9cff0 |
| SHA256 | 0651ed2fd8fd96a34cacb94a49aaf8094e146df84f22c96648e8971cbae0f299 |
| SHA512 | 6539d1db0ee66dc07deaea809e751c291dd04325fe30ea30940d3edb66ee78627573a3a0d2917ecd91be376c765571e18264e10a1f70f90b18b7af2780fbb29b |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x86-arm-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x64-arm64-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-13 05:32
Reported
2024-06-13 05:32
Platform
android-x64-arm64-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |