Malware Analysis Report

2024-09-09 13:22

Sample ID 240613-hdhpts1hrn
Target a43c9c4ccb1443e27941fd10647b995d_JaffaCakes118
SHA256 a4f7e29df5da319660298e43ac4933ee54b149abc5eebddfb336f44c58141f94
Tags
collection discovery evasion impact persistence upx
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

a4f7e29df5da319660298e43ac4933ee54b149abc5eebddfb336f44c58141f94

Threat Level: Likely malicious

The file a43c9c4ccb1443e27941fd10647b995d_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion impact persistence upx

Patched UPX-packed file

Requests cell location

Queries information about the current nearby Wi-Fi networks

Queries the phone number (MSISDN for GSM devices)

UPX packed file

Queries information about running processes on the device

Queries information about active data network

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 06:37

Signatures

Patched UPX-packed file

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 06:37

Reported

2024-06-13 06:40

Platform

android-x86-arm-20240611.1-en

Max time kernel

178s

Max time network

184s

Command Line

com.yixuan.swimming

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.yixuan.swimming

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.202:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 api.exc.mob.com udp
US 1.1.1.1:53 log.umsns.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 59.82.29.162:80 log.umsns.com tcp
US 1.1.1.1:53 abroad.apilocate.amap.com udp
CN 59.82.44.11:80 abroad.apilocate.amap.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
CN 59.82.29.163:80 log.umsns.com tcp
CN 59.82.44.11:80 abroad.apilocate.amap.com tcp
CN 59.82.29.248:80 log.umsns.com tcp
US 1.1.1.1:53 restapi.amap.com udp
CN 106.11.43.113:443 restapi.amap.com tcp
CN 106.11.43.113:80 restapi.amap.com tcp
CN 59.82.29.249:80 log.umsns.com tcp
CN 106.11.43.113:80 restapi.amap.com tcp
CN 59.82.31.154:80 log.umsns.com tcp
CN 106.11.43.113:80 restapi.amap.com tcp
CN 59.82.31.160:80 log.umsns.com tcp
CN 106.11.43.113:80 restapi.amap.com tcp

Files

/data/data/com.yixuan.swimming/databases/logdb.db-journal

MD5 555636b740da2c7f9a921da7de71981e
SHA1 2bfe03688ec066158de645c6eb686e179a8e9cbf
SHA256 06b9588343a240f9f9e41cea76e53bcfddacb6a1fa3b9097bae6328cd702f19a
SHA512 a0fa67676dadd614024a67db8c6ab8d1e88082999aa35a9a79a572156ec3e4b1eb83dd97590464c2716591e7820e4273d7d341c70a0ea3d1ba66567fc1d946c0

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 a7b5debf648af8527d38065f285c6754
SHA1 ad8513c878ca1483a2472c7f8dfc8a416418517e
SHA256 0d8f1987d41b042ee7aa1ae97d1950a40884ff4ed620fd02371017160e50eaf5
SHA512 c879b912d723e9c382e547f605dea4d77830d9300c3cdb1a14c2758cf4e895000c7ba2afe37584ed2fb94a9893e8ff47bdfda4dfbf2dc47aca75efc5d28984e4

/data/data/com.yixuan.swimming/databases/logdb.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 2644b91152588c5663bcc44c4cac7d7b
SHA1 db0608c417f3745c9e63de69b27f6120092cf10a
SHA256 5cfe32251c289a36eaf7eaf42cf9a0dfb1f7f3b3e1675d2283f1074b519ea629
SHA512 c3c553faff61c297e300af18f1b9d23484e73b27a4b730764344b7996b5a4d1b7d0a8d0bd238360cb4ba63cddc78e32414c6bca8aec9e45c3a09fe0a9e8a6f0f

/storage/emulated/0/Mob/com.yixuan.swimming/cache/comm/.mps

MD5 4f5f34df76245c42b0a37b73251fab3e
SHA1 c4198d27cf678996ee41eb1ebdc438311366955e
SHA256 ecacd8375cf87a21102bc51d5e06a379be0d6cb0ace66a51b07fcffb895f801d
SHA512 64d53dba6149d237b15856cbb470ef3a47cfd89656cbfd51540d48df36d689e9e9f2f5596c3cd13007ff4d39cf9d89178df06bcbe6a7e2ffe1ae17295b6a5fcd

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 91d7f35b8d5787eb6291ee7d22f51654
SHA1 817feb003c817b091762bcf36886cdb65900039f
SHA256 851f7d09c707c17c1b1f5f0840e451480e31bbde8b925fddbe93742bc3e06a73
SHA512 0e03880125f0857733570c9456d7f75a034b373722bf51562d5b117cad1e2b063268ddad12c577c570e505f043d444a82594fa5b5d1889639be400519bffa5a5

/data/data/com.yixuan.swimming/databases/hmdb-journal

MD5 09f69e783e02a2c40340ff6a17782e32
SHA1 c1764bca383c706552969a105f354654adf4373b
SHA256 3d4201b970a75f12aeaf486995dd0ea98f34af82d98157928675f930c60ff959
SHA512 cddbb291811d70446dd5d3150d55afd873c28e680451044aa08f735392bcb3dded9adab76995dfd2db0aa0138056d6b6ad1e6b2955a981d046741379c877f089

/data/data/com.yixuan.swimming/databases/hmdb

MD5 3fe30614d7e0d11db870b4624f6c50e0
SHA1 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA256 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512 c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

/data/data/com.yixuan.swimming/databases/hmdb-wal

MD5 b4d132682f7fec4c4fb47d5e50c4b9e2
SHA1 df8fbf1c01e703cfb94591037fbe2b5f6759920c
SHA256 5333886cf249904f59ae6026d44a862bacbc869e2ceac2730b1fb9a2d383c95a
SHA512 41e20eee027daeccc9cb7c031991e977c6bf75e47c719abaa97984741a6db55e8b7aa3627b229d7b1b5a1b6e35b283218824d72ca7f1592cdac873067d6ff93a

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 43e6fb71a53646f62a7aba022b253aab
SHA1 2a7ac1cc33bf44a50e9d897a26df401bc37a6dd0
SHA256 bac7a36c3aecb036179b30ac22edd26d8cece8218190e8b86ebf38273e5884b6
SHA512 7bc5bd42e8fe6507df04c2d94f3dd99d3665325c882bd6285ce2fffcc817731c89cc474521423c5455f01ca6607e213b79d9634c975126d4a99882bf48cad177

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 933bc61b5a90b9dafd7523305d6ead5d
SHA1 6c0e821c433db55f34e79fec79507c1d0c92bc77
SHA256 fd187a39151104caa9233410cbc4afc7c6870a9095ed2cbb2a8a1b46a0187bfa
SHA512 95f598da93662d29e0fbf3469e9bfb33148bd7da1c30bc6ee2e5980bf7d4ec8ba8b0ad3b5a9be6c35ea0f550b7d350e62a9e618f5edcca3c8b2dc64c7f2e299c

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 60e918a66670488ae5e111bdcbcfa95d
SHA1 ee81e2f5ad9a7301adfce5999095370e532a43d9
SHA256 0126f776c2c01bb621001c4d80787b706902fa8fdd89fd1f062d063ec74d5313
SHA512 1abb9311fce204649d299a19efab820981c427a8f3778a9848fdfe99aac19fbb3d62bdc4f5fc93bad66c090d198e9db33c23066041207272f2942272167796d2

/storage/emulated/0/Mob/.iew

MD5 d62b25791b9f8972176645601373ffbf
SHA1 03bb840c1867ffda55c486a53fc36a9ad95ef4fc
SHA256 2050f5a0e4bce2cc95fedb74e8438f87814131057ba93f8b5e175be144bd5ae9
SHA512 21de1d2fced190df5709a7444cc2300c850537aa91a26a2ddb6d87fe59321f54e1b96e616ad1462f41a1d73db837beaa36333bcd6b7e2be29dd25c261e29c112

/data/data/com.yixuan.swimming/files/a/k.store

MD5 41a74d7265d074d175b2371f73f454a6
SHA1 4d487999582d4a9331680d1a3a5ee53f4c4b678e
SHA256 216f52fd59fe19b11fa8a4b463ff7b653aa535aeea94dc9d5b39287412d27cff
SHA512 034191db8faa02a62bc8f3aa5059f22ad15ae1cf05f15faa30c384b16811bb8f96c2baa7452c46b43118e2ba076ba69aeebd0653961329739e73834763b11ec3

/storage/emulated/0/data/.push_deviceid

MD5 491d5752e8abdc4182a05cc18a6656ca
SHA1 5000469d9f292367dd2f7566536be8c24eae1566
SHA256 b781b732cf1bd5ecd477d58b65904efcd3ed03d33df535a360332145c02108bf
SHA512 9c8d9e220b46b3b2faa5f194bbc7ea34bfe799b87de57d7937ff4ec4b7d337e8fdd8e114cbab206c6cc244fffcdfad330bbc238686152ea5463ed0a109ddbdd8

/storage/emulated/0/Mob/comm/.di

MD5 70a42cba408700f9a6c01c7941a8829e
SHA1 eab01cc2c0671538795fb0b1146017dc099d0984
SHA256 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f
SHA512 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

/data/data/com.yixuan.swimming/files/jpush_stat_cache_history.json

MD5 03b0476956777849ca498aa99296bc41
SHA1 48e8fc64db081414df864b36b3c5a6c912659c3e
SHA256 410f2e0a9638e727036671f8816ce652b0aab3dafdcc1e51e78d4454158674f6
SHA512 7af41142767eba4b260591fdb8f0d317e1230ea4c51c776faee08081866f45619ef4534cae5a7f433bb6818e17558e241ebfa1664990655e675029a03104abae

/data/data/com.yixuan.swimming/files/jpush_stat_cache.json

MD5 0d37bd83de26315db8da7cded3466cfc
SHA1 383b4b7c402dfea26821cac751343613148ca50c
SHA256 548560b203b9c6710d086bbcc0ae5e7a290097119e5b493e412f1807f5d876ca
SHA512 a811a49399c05d869f841ce862c433d13977330a55138b0e1486a246bc6b42438686f24ff05e94c48e86af7c2d34a43fc59c3d71e0d5945ef5878e24620fa9be

/data/data/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 93fe2d28ff069e2bb635216b52b3adab
SHA1 71b40b8a411d5d8a8bae6740bff9d2ac888927fc
SHA256 fa6e94ac32866b7c37ff859967f3cbf1066dfd0571567f2e5ae68b2ea462d5aa
SHA512 de290b45266f7f55c580480e949465b06ef7baa84e08b0acdda73ecdb79b45408142b191c63d449ed13372c64e22d5010c39474a46afbd349a10f2d02c25b77d

/data/data/com.yixuan.swimming/databases/ThrowalbeLog.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.yixuan.swimming/databases/ThrowalbeLog.db-wal

MD5 89609a0eeebfc3c61919f8fc721381bc
SHA1 8753ca5e048bd6a30fc96b4e09d3e7650fe26f07
SHA256 1c682ca96ddca6e712cbbdebed1053277c1dd3195179751301247d0a36a4514d
SHA512 eb30426f433318d7887142f1f17b6e27762086353f17a9f3cf52c002af3c34a49554f49412cf914e3255132b91b068f9b6b6111ae302f2085e0cd07f8b1a0ad9

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

MD5 f5cb48fe032871b0a8c80331ce1c58da
SHA1 16e6142e0d55dc4e6f906e4c06cb04a201479efe
SHA256 434211a3247941030e630dab94760f3334b95888e9437d39ae372c5a5af522f0
SHA512 d37998fb3af8a1b790ace67eb756d791c0aed07e82d6f8adeff94663b51167ec9e877b7d48a0aeeca4b3658ee0aea498cde9d7df3296348a060f2073f59165ae

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db

MD5 731fba9d21f23915576ea5dc2ea3ffb8
SHA1 d1fdbc209db8b71d1b4e5341e75b8cc88647146a
SHA256 87510194f38897a04cd1f80bd6fffc3344fa8ef21baa61de020a2e790a7268ab
SHA512 b643177cf3a30543342d3a521a2dcfce70df4ec450b040e2b61d8692bbed4b3cde2f9f304cbf496869b89455e3cc6a501e8ff720edbdf0f6898e6a5f31fec25d

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-wal

MD5 e8e7dcb69fe06e7798905d0e03949727
SHA1 2503032d00174691d21cf63139cf189e46d31fe3
SHA256 dfb09d013cf0e6183e3265d7e537c7af031c7b7efbc31a015e20842654d4a358
SHA512 13d604f31fe04dbfc44519d2e908afe463f4ac8c674f448d28c7b1c948431a6e7453e9eef46d3ab976321aeea00dbedf5ae1177e5091d36be53dc9482d04b088

/data/data/com.yixuan.swimming/files/a/b/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.yixuan.swimming/files/a/b/journal

MD5 adf74c6eeb18424ae96792f31795a85e
SHA1 2a1791759434831de0bde90fb1016ae02fb44875
SHA256 9dfe39523699289bddc58b5d35346e131916607ca6cba18336133700429c065a
SHA512 e39604cf92527f820533f60fb94ec3bce2a75d5192e9009bf1218b6a570fe53c791a0d23860ffe33517431d00d7e98763f9c930992b68ef430a9d7f72ec0a5ec

/data/data/com.yixuan.swimming/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp

MD5 9dfa3165b4e3152e06ee6dab04874b7f
SHA1 2e0b68f6934068848b6c4da1fcc295be055cf9e9
SHA256 9dfd6aaa5206c6c715ad0c6871873c71dafbec8b14d062d8d432f92e9ad5d8bc
SHA512 987c35fd955a678e7b8bec014ce7a125da5d7a4f5f02fd493ff5def54083a8e336d46e8b57edbb98c1ddf4030991bd056417336e139e1e42a3dbc76611349ae8

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 4f15bc9359fe07e8fd9816bdd25854c4
SHA1 41b900967360552e6863e275aa3d58d618bee69f
SHA256 49ded6248875584dccc4b07c6ae2e2c74338270fd22db4aa7f458301f3846a58
SHA512 f7575499e84261514b79e9aac30ebff43b75ce6b131aa595b413f9a6d5add24ac8621d41b8d56fd0716a7260e775ee13b70e97f00634bb372b2282232d9274a4

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 ea8985a75b326163e0c57f365935a741
SHA1 65ffcd52aacf9bcdb776149626cfaa9c9556f147
SHA256 b096245a8bdabebe026ddc838db0b4f9eac5f0219101066b318c024aa3a50421
SHA512 a8a6489f1825e71a73d4d96d27d0759b410b78684c190511b2b98ed4741b18cc6d03412ac994bddadb862c5dbc433a2e7ac34419ee50d2b0179933a72866943c

/data/data/com.yixuan.swimming/files/a/b/journal

MD5 5e35c852bb1cd4d3321c28193e135856
SHA1 27b0569d4b298eeacb67d0399428c0eae5490b79
SHA256 54fe2f86841cff94835c1390c315464e40258c1b2486bda31251e99c29e9d364
SHA512 3ca12fb5e47ca8b77c75c23284719ee1aa8edad4d4124ccdb9c9e8fd21b2cdde4e4425ef9a6a31d41eaf0962345dd09ebea0664ad841bb97b9e70db1adb76fd1

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 76c2c519a9a6a003278ebc99b720c7ac
SHA1 541e94d23dbe7d4269c41c200d4aa1fb90a4f57a
SHA256 02d343b7f830fd2721b79a26e126ec084d38fe75a1289e917cb892940919faef
SHA512 1ee5889eda38a130e1dfe8106b5c9913cbaa063a36d64120198cecdf75f429e5aac249da1770c676222b0a923a9a6d908dd8eb2968e77b86de1600746747330b

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 959177b652430ececcad3cebf98ab4b6
SHA1 e10289fea59894e0f876657d735314b46bfb9f3d
SHA256 da3b572632962dc0e1536124c3eb87d509e05f72d7f734d81816593979d4d03e
SHA512 6389bc2c4092da1a7bfa969e6d855a91ab840a9b358b5205428fc5de5e8dc87c7369d925c16abda5d409e54c3c7389c9ce63b72376d0354a3a7815da310aa551

/data/data/com.yixuan.swimming/files/a/b/journal

MD5 f4a98020a103b00e74abadae06f2445c
SHA1 87d6ee6ff238b968e5ae9dc6acf4f355cf9859af
SHA256 b1ec2833f6714dde2630971a9eebcd2c043b55652180dfa5b3d9c3570f108483
SHA512 75942fd50b9616e5034128b48f9fa6b6f757be238631a0bfcba4ced2704bf9d8cdc7963e88502ba23f6e48e7de924be0b9786fe044f6222cbed83b16bb53a167

/data/data/com.yixuan.swimming/files/a/b/5ad6cdbb45b4a14283563bba26a5e0b7.0.tmp

MD5 753053086a0b11458e0c6c694592dc9a
SHA1 38ca57318a029976db58c19e7b4300b6326cb7f8
SHA256 0473c5e52a284d2c8a12085fa2e27f6b7b7295617fae5aac68916f533158d000
SHA512 11c70c288cf0d3e7dcac3fff4de3a06aa1e773dedaa1e8ce7da59f799c824bd1643153206975ad5b6e0f22e85ec50cdacd75b8533dfb77457ebac60129bf2880

/data/data/com.yixuan.swimming/databases/logdb.db-wal

MD5 201ab4ecdff64130b47efa079c59b498
SHA1 3f90a8c05b123a4658bd199d2bb4ea85e76cef1a
SHA256 d2dff8dc8803a6b12bd885b5cb3d2b75d3cf0ef9b8a4089c5bc479cb3af052ad
SHA512 e923aa30962dc0e66b73703e429d37b606b0498bb9f7bc963688fc3b03988e4eea117ad2db984c8381d0295c05330a46b177da04e54619ffb7436ed0b75e0c23

/data/data/com.yixuan.swimming/databases/logdb.db

MD5 19d9a140951c56b6c1569cae45bbea7f
SHA1 6b38ef2e8c036064cc070034238c950ad3841a26
SHA256 fc2a02497d3a15ab7804d6b0e133816768664a773869aef97a296bb95a19253b
SHA512 fd2f2fc08880996f97c6bf4a86f3b98fe5590143468ccdb42c2cbee7a74de2952be20bc93a1ea2aacd8213c55f8b753b3be0bf594f01855daa15b279e5166498

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 06:37

Reported

2024-06-13 06:40

Platform

android-x64-arm64-20240611.1-en

Max time kernel

162s

Max time network

187s

Command Line

com.yixuan.swimming

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.yixuan.swimming

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 api.exc.mob.com udp
US 1.1.1.1:53 log.umsns.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
CN 59.82.112.112:80 log.umsns.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 abroad.apilocate.amap.com udp
CN 59.82.44.11:80 abroad.apilocate.amap.com tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp
CN 59.82.29.163:80 log.umsns.com tcp
CN 59.82.44.11:80 abroad.apilocate.amap.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
CN 59.82.29.248:80 log.umsns.com tcp
US 1.1.1.1:53 restapi.amap.com udp
CN 59.82.132.217:443 restapi.amap.com tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp
CN 59.82.29.249:80 log.umsns.com tcp
GB 216.58.213.14:443 tcp
GB 142.250.187.194:443 tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp
CN 59.82.31.154:80 log.umsns.com tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp
CN 59.82.60.44:80 log.umsns.com tcp
GB 142.250.200.36:443 www.google.com tcp
US 1.1.1.1:53 m.data.mob.com udp
CN 180.188.25.47:80 m.data.mob.com tcp

Files

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 14a57aa0436498f11c5797ef0cc832d2
SHA1 3d64fe4bb90aaecd71d9bd432d83d00084bf22c3
SHA256 fc1f7721292835eedbd3521c151311db04e1e05338dd4ac45d401379ec362ee2
SHA512 6d99f76621c06eb89b258af86bc239f81caa3cf5d34389f9964ce97a340c00c1d840f5d55d3ed4aa3b986c4d5e9cad65c4a5fb202a63b43fc164d71e230a1030

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 a925951bbef27a9ea507f847a6ceaad7
SHA1 34b73ba1b11a2423198826f820fe87a1b8cc13b6
SHA256 1dd2d23b7c64bde28175205a16f99abac0aa5938d31812c095234defbd1f917b
SHA512 4ce18802068f8549fae1d3c594423476753deb776c57acf8ddbacb47360db50c922452db037b3c2d852f28147781c6532a141e9cfae51772b96958825e7ce5cf

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 1c349c1910605ad08ad23ee90b101c49
SHA1 acd92725d796956ce8b87ba55de801f77601e682
SHA256 f26bec1417b04e515e9ad5937c077265666488e4b7af2c2ee36923c80cdc8711
SHA512 61af49d4e9e00c78b80b19d418516b0542fcf312c61d80d44ee55fed8267d7b5683998373c621fdd27731d15a31bdfc72acde56ea695151354a4d06e44584ee8

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 e8b170ebbd065cb4ef4cb7a3883f89d1
SHA1 52cdf3abb64d6d01e78e19cd7f9ce48f50788b7e
SHA256 c348482948abf5427da2b3f569ca58f6507d4628f9485bc736babba0a055cb5c
SHA512 5d3f512e7284caaee5592337c14b9d6f52de4c9d3925ae98a0915e1bb19a7ffc96fc55feebb2ad58ff83fd0b80a86aefa90018c12c37529f2159d47ed960bf2e

/data/user/0/com.yixuan.swimming/databases/hmdb-journal

MD5 3879580ec0887d2ac2c8f6b0b47c70e4
SHA1 152b1d135d08fe99899f8c925083e08ab1434363
SHA256 92cfa4dc672626158ae2867922f9822d339d9e80b52c6edbcdac5a4b0fa7045b
SHA512 45f2efc6efd7522a74c60cf87ca7d43775c5430116721e31c07c38587ef4dd727de275ae1e64dc9b9d8aae3979940367932652eb0ec6c696c61ddc8bca57561f

/data/user/0/com.yixuan.swimming/databases/hmdb

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/storage/emulated/0/Mob/com.yixuan.swimming/cache/comm/.mps

MD5 4f5f34df76245c42b0a37b73251fab3e
SHA1 c4198d27cf678996ee41eb1ebdc438311366955e
SHA256 ecacd8375cf87a21102bc51d5e06a379be0d6cb0ace66a51b07fcffb895f801d
SHA512 64d53dba6149d237b15856cbb470ef3a47cfd89656cbfd51540d48df36d689e9e9f2f5596c3cd13007ff4d39cf9d89178df06bcbe6a7e2ffe1ae17295b6a5fcd

/data/user/0/com.yixuan.swimming/databases/hmdb-journal

MD5 e3d610e9b7d9f6f83e6e75e7c548b2b7
SHA1 e7b0ff17bca6507b39b7163ff2f183f85fd47dca
SHA256 b469929593b3397110679509f9f4772337a6403ca9568b244cd773fd14bf5728
SHA512 e9df867bc1dcf388cd627583937444de000d5ef88db279ceddf30ce76e71602106a8695efc606734b87111ca9e7ba04945ff52fb00c840fccfcbbb6d3d82bd73

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 3731f218ae2910c99c4490bbb2525dec
SHA1 f260b811dfe59b470435cd0a208fc104fd5b92ec
SHA256 fc167152fe8602869bb318b68ca8d772d610dcf22a974cb753ac41d62a7c718a
SHA512 a9d124eb0c693ad4ec2e96c79943bcdb43d5d79bf6d3f8aee1188bc34c17540b2f496fd961a8bd8ec4cb5f818d461db6d110e12c3c7de752473c301142a04f1f

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 45237b0943df653df85392a4f74ebc19
SHA1 8f50b221c2d9974202a3f8b19fe407542148a7c3
SHA256 238c8793df223a30d7b8fb61ad3d01a85225ba249cd2ba60de160e412e30cb95
SHA512 0a27b029710126651b9e3666456cb785395f70a8c1c67d0513d82c1f57b5c8e2ea50c685f18c707ef37d1642909ff33d9a6e0b97f6c7492537844dd6a2999618

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 246b5043ecf6cb1cc6077587d3046fe1
SHA1 626d9c8c504351a49c26164f57585745647848ef
SHA256 603afb4f310f7756dfecc44d0589161341976f8603186abf28b8945a12b7aa8a
SHA512 782f5f532aecd86485ff53c3849ed7316b5df0b1e8449bea525b42e881a82b97832f37c0cd123e3725f30e585fbb7048eb3838e0ad9c7188459a60443585bc64

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 3565a47c51d36161e23e969e572aaab0
SHA1 623cf5ba89b15c26c5e8430aae05164a4f1153d6
SHA256 9289b32ad16aad8e7e8a255cd4033ea6d0e64c09ef8c0a808038ba7b1f51c0e8
SHA512 e13e2a6a91aca8edeeda5bc319ee210c44f0c74277894b54c0627b19284fc37b6299817d2ff126cd1443b5bf6c300773adcc659b7943b14461b9ec3de93a0447

/storage/emulated/0/data/.push_deviceid

MD5 34857673b1ce2592564654c2653b5f64
SHA1 c6cc3b01394a3aed3ef02e388eebe5258099d4f8
SHA256 baf98b979d5da61cb2a9241b6f48cb41679408ff7c3dc75b75dad7a43f15c17b
SHA512 69feb37da947a90c9dadaa8a219e107df548443882ecd6c5fa9e6b7da9135d32205043c8472dd3feb872546877d02f3ad9e138c0ada9bef394550ead3ee4baeb

/data/user/0/com.yixuan.swimming/files/a/k.store

MD5 41a74d7265d074d175b2371f73f454a6
SHA1 4d487999582d4a9331680d1a3a5ee53f4c4b678e
SHA256 216f52fd59fe19b11fa8a4b463ff7b653aa535aeea94dc9d5b39287412d27cff
SHA512 034191db8faa02a62bc8f3aa5059f22ad15ae1cf05f15faa30c384b16811bb8f96c2baa7452c46b43118e2ba076ba69aeebd0653961329739e73834763b11ec3

/data/user/0/com.yixuan.swimming/files/jpush_stat_cache_history.json

MD5 c163aead4f875c25d5c2a9c4c93dc96d
SHA1 8b40a67739fbf3fbed194e2cc95ec5f4d2912645
SHA256 f5e30ad652d49c2f5db537f30158083dd16755e2b2fef40e1c2683757f73a3a8
SHA512 c54e9b4d8842fd630f97d5448910a2fe92ca588034db86cf0952ac18498f73968817c1665ae0e7523c1d6a778933d297eb2fe90dfdcc11f8a93955556c693f8c

/storage/emulated/0/Mob/.slw

MD5 19402718bfb1c685a726b4e1d846ad98
SHA1 02a7e30044a67085f2f1da24e16e4ecfede65b72
SHA256 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0
SHA512 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

/data/user/0/com.yixuan.swimming/files/jpush_stat_cache.json

MD5 83169f2eca5076534be4074badd374db
SHA1 2737dfdcf191f069ac227773e752e2962ac5004c
SHA256 5a0785881027e9e15c12915e880d35a0fac19d545bf8d0d8562e900e5c050f50
SHA512 d9b1bb42528f4c58baf57f829cab711b756707d5e56e8195de96cc85d319e8ed7dfcdd7506bcfa1f2e37a5ba77d9c2b255db5c2b5a936dcf52b40aa7b348096e

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 ed8debd848e853c02e85b87821bcab89
SHA1 02216057712522dc1d1db938feab2f05e2b50cde
SHA256 4950fa31847808a1098120f337b509cc830ee7390022596b750d9f46e578ba2c
SHA512 9d4064379dac8118489f38eca0ce1b33d754b4c676d340fce9da8eacb969716b2bf773479c94a18ff946fde137803cfec299a671930f04f3f8f49f0dcaa508b4

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db

MD5 ce077042dbd8db5bd09cc46011547619
SHA1 a6cb9da6de52df2b314e6fee3636f051c21ed270
SHA256 079846d75977e91a1541aa9c3a5071b172948c2f9ea5a902c578fa63643a7a29
SHA512 bd7158b38605eed6c5e0b044abca4e70c449a39f41cad4dac119f8368208edb07590ce604966647cca9a906be34091e3aa14d1e4236ba1df3edd60b2243da944

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 8de045fdfd78afaa3eab9e2c4c92de78
SHA1 11e111bae368f1f6fdeea40545fc5b9e187c8586
SHA256 4a430617384a48e6e3d8d356864103490d7b45ec724cbae5b2cc2513b7cd3d30
SHA512 7bb97da0a9c4529f7498f3f5e5a967dbefcaf92222a907384fe05f176af097b43dcd484a05298aea87199efc94f39d93baa8762d457cc76e7b7388c12abb387f

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 daefcb1ce0aa07b1c08353171e7678ed
SHA1 86e2997cbaabe78047adace92caa7ebcf2e9f70c
SHA256 eb620c7c159e53c32f98b5a5269824466e43348264f4fec8ce3720771cd28070
SHA512 94828826deb557995c832d97ef0f42e88986c4e90abf4bd80267563d2821c8294f826589131bb409247f1dca28795158b61a5f15833685afaf42ab8b7ef071a0

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

MD5 0bac402e8a688cc62e9e22db178aa302
SHA1 2caea3a2fee2a0fcfd87f11849780444879b6106
SHA256 45c348af7c09cfb9082e343ffb01e2a5c48ece53f4e022f053e09f475a8b4da6
SHA512 15b53f975aae3237ea3b174d455e3379af766d10a6ee7bdf999480625bc65dd1429efec69e4c4b5f5eb14ac6095cdd4ccd6fb3879359a108e73193559c5fa2f5

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db

MD5 7ab674da0f9818e9144f8b2c8169ead1
SHA1 318a4b8137ad932b0e1e61c540c4b4a4a536837a
SHA256 8f341157c090835d6bf14a770bb188eb3e05cfc4ed1bb13ba90d2bbbe8d331dc
SHA512 0d06a65cdffcd5ad23bbc1a542fa3aec1b8fa94f864a3e510c03e262268b56271b46a06b679d0eeae7bc4a7b783132e81641d64e3b683138b02537cb6dd07e32

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

MD5 0b03a5ee4e17222cd2a38dacb0daa9e8
SHA1 a18e60f1562cddffa5bafdd237cdbd5cbcc74da0
SHA256 426b2b923448c68004fcb8be1df0e083ab9e8c534f7c495d9bb78f139f9ee483
SHA512 765e4d7220bb20036b803e3b244dd7091378131102fa4ad6e7ed22d8964e66c94cf432853ee4c4d8e96e07608fd3f91aee1c185fff996f897b670fd9e6e3150e

/data/user/0/com.yixuan.swimming/files/a/b/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/user/0/com.yixuan.swimming/files/a/b/journal

MD5 7de584b6080af3aa17c6512ea2b1e87e
SHA1 f028997dab670d16fc8aac6a5b0cc76280a62207
SHA256 95c9f31a21a6a536672e06d8d3316dda0c091ab4488f0772a12f85b653204259
SHA512 b97826a32bfdb4e610ef5d10ee7b76013d71a240c4a8753b1ef65cf36f7259577b4317b09127e896c7cf08977c77fe68be5c4b7baf97087f32a4fc76dc185b7f

/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

MD5 ce267313da2b9f7afc18d9c2ac538d21
SHA1 92905beb5ce1914257ef64b49a33bd12037995eb
SHA256 8ed706cc707d463e8ac79029d40367120b64f1a1d19aa87e8b8ca6db3d445931
SHA512 252a15c75a760130a33b3697905c88ac2f953f4db49bb8475b84159434f26c26ff139ce2f79ddf039d681ba841bf52a499714b4d8796b67196a5d58285a87b1b

/data/user/0/com.yixuan.swimming/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp

MD5 4ed4eb0072bd16f78f0c2ee7a5ca2001
SHA1 32003bfb8c61e556114dd9132d2476a1467142f4
SHA256 44c247d2bc32c8be502358e2ef1ca2641a24038af1cdb1c25eabd5078331c2d9
SHA512 0add710b72bfd47c37482f69a184e20b05d27cf9e2c15e4827c9ab9f449d443c68ef7d94759491e6bc2a0ee1a9a63d896668805eb837a9f6ec7bacaa0f46bdae

/data/user/0/com.yixuan.swimming/databases/logdb.db-journal

MD5 7887c2e34120e56e60a487eb474ae05c
SHA1 524ecf3238db2a5ff0a572af8cecc0fc73b5b9f1
SHA256 7e7900805ae1d8b8790cbcff2d42a3ee6cefa474eb6de5601bd409c5b0966148
SHA512 42854e88a8f775c4e5f759a4b12c16fdc1d1a4e20078951017996eeb594218b8658125064fc61c4ba5c952e5c747867a79b07eccf0449c07662d177c6cc410ee

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 aa09bce62b194fcf8e31d828e3da76a5
SHA1 7844942439b9ca8e42020c9ad9a7f34fef7cce27
SHA256 9fad30d9d8cfdee6c07c961cecfd42a96cea4f3601716e158a5092812b271b3c
SHA512 83e8d5ad765735f8db2835cf26965e06b70929b3f2d92e70b4223f9bfc63b01e54769621569b77286e31acbd751f0d3250f83aa28cd0660527ef3143e51f140d

/data/user/0/com.yixuan.swimming/files/Mob/mob_commons_1

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 3a0d62747b756d99aefa8e35dd0230de
SHA1 122e6f337e05366122d41632221d64f90ab44c40
SHA256 28318b7e8f7feb13e38c15f2b1e9ff6769d37bc4fd474eab9fece98beae6bcaa
SHA512 542a8987b69e0e442d5ba775a3f9bcf1995d42664944b6c57a0759d2af6da48a810c9088cf2491a272ccfe807ac38f7f2088a36effca37ebf9c44740382bdca0

/data/user/0/com.yixuan.swimming/files/a/b/journal

MD5 5e35c852bb1cd4d3321c28193e135856
SHA1 27b0569d4b298eeacb67d0399428c0eae5490b79
SHA256 54fe2f86841cff94835c1390c315464e40258c1b2486bda31251e99c29e9d364
SHA512 3ca12fb5e47ca8b77c75c23284719ee1aa8edad4d4124ccdb9c9e8fd21b2cdde4e4425ef9a6a31d41eaf0962345dd09ebea0664ad841bb97b9e70db1adb76fd1

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 f0ba5a5b15d251e61d2606d47caeb37b
SHA1 68bec2766c42a255d031ba55a2f66260d3e929f2
SHA256 97aa1213927863fc0584e95759f76cf3611149bd32024e42da4de0053bada839
SHA512 05ddffb6b0077849251fedb510264f6c6d129ec88a16c1a369b0bb0dbd49a5935152b90c7311623528504e6a424987b9b041aec67d7ea9c619ea3d1ced9acda4

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 8ce68842b0f3bfb35f010cc2eefc3fcd
SHA1 64327f95996c558ef2b1b2c5bfbba94c264ad4dc
SHA256 104568fb42b8515169a9561360b65ad73d2294ec28c6e9e8696cb2128f604306
SHA512 2c5566b212dd8e2f65d6516e0d6871f20a784a17cc868f965763cc4e0ea0eb0b0369def0708584f03cd250ba57a22f16a055912e8bfa0559b41670c14c231de7

/data/user/0/com.yixuan.swimming/files/a/b/journal

MD5 430de0588d92798519e72c84df75fc65
SHA1 ccc41db24ffb91f21d4d5bdbc4f63b188162b128
SHA256 153af1200a695aeb124a29b8fa52ac9a3721d6e4b897be05ce708a0d9a5923a2
SHA512 7498acd69414ae1f19a8481de88fa8ea35c959267154fa763ae0fc971be5eb6aeec45e738a23b05c97df9395a57fe83b2c3f63c73f8ca6d298c0f4c219d29b4d

/data/user/0/com.yixuan.swimming/files/a/b/5ad6cdbb45b4a14283563bba26a5e0b7.0.tmp

MD5 491880d2a833f7c024444d88d2b99f12
SHA1 2e153190c2d343783d500ad7a1cba176410414f1
SHA256 a00fa5685760c29703483329a8a164ae68226dfdbd30f22be13b46c2a3bd3102
SHA512 a3c2b2ba64191b3e5077d186c7c6255cdff3bcf78c582950b5693ea61898106dc05e5c8c0ead210ed4cc621497d0ad2d170cfc9ec47b53844472fb92ce77e73b

/data/user/0/com.yixuan.swimming/databases/logdb.db

MD5 e9fb4ec4633e9f14271d62f4f8041155
SHA1 7328c9702cdecb5a9bac0e24b8035364ab97278d
SHA256 38d6edc6e013d22f708dce9898a610900e66e45c3312dade76170633ddcb573a
SHA512 2738c2274662f1719b4f3dba836b931f8113e0ac999d928a1d29d39f53c363324b233ed6f72af41af81ec30d37080cc122e50c6d3f47d53ebddba89555c1f1b3

/data/user/0/com.yixuan.swimming/databases/ThrowalbeLog.db-journal

MD5 0f4ed9c59004633b7c28349adf22fa60
SHA1 4d96dc04c3057e8587364e66d4ba3b3a8e810af6
SHA256 f204a450ce3108b3bdc81ea9890d9937151f7075197ba376a0f5de2f0b593f91
SHA512 7a789d0d71952bb9c38bc95dff012376943253ce63d091ddfbbd5516f4f2f4641c80f78f32732295d857ad1c4174486c6ce5bea5195c7a1b5585580f3c71bc93

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-13 06:37

Reported

2024-06-13 06:37

Platform

android-x86-arm-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-13 06:37

Reported

2024-06-13 06:37

Platform

android-x64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-13 06:37

Reported

2024-06-13 06:37

Platform

android-x64-arm64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A