Malware Analysis Report

2024-09-09 12:50

Sample ID 240614-as2ggsxeqf
Target a75139d39f2ff602b63e36fb7d2c699b_JaffaCakes118
SHA256 722db15f02961a88cebb4d5ce47ccbd8ae380a35e44b088d821e22ede89e9790
Tags
banker collection discovery evasion persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

722db15f02961a88cebb4d5ce47ccbd8ae380a35e44b088d821e22ede89e9790

Threat Level: Likely malicious

The file a75139d39f2ff602b63e36fb7d2c699b_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker collection discovery evasion persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Requests cell location

Queries information about the current Wi-Fi connection

Queries information about active data network

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Listens for changes in the sensor environment (might be used to detect emulation)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 00:29

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.204.67:443 tcp
GB 142.250.178.10:443 tcp
N/A 224.0.0.251:5353 udp
GB 216.58.204.67:443 tcp
GB 216.58.204.67:443 tcp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-arm64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.16.238:443 tcp
GB 172.217.16.238:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-arm64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:30

Platform

android-x64-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-arm64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:30

Platform

android-x64-arm64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:32

Platform

android-x86-arm-20240611.1-en

Max time kernel

171s

Max time network

185s

Command Line

com.wingjoy.mylife

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.wingjoy.mylife

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 log.umsns.com udp
CN 59.82.29.162:443 log.umsns.com tcp
US 1.1.1.1:53 plbslog.umeng.com udp
CN 36.156.202.68:443 plbslog.umeng.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 ads-sdk-cn.upltv.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
US 1.1.1.1:53 config.uca.cloud.unity3d.com udp
US 34.111.113.40:443 config.uca.cloud.unity3d.com tcp
US 1.1.1.1:53 mylife222.wingjoy.cn udp
CN 120.27.220.218:4400 mylife222.wingjoy.cn tcp
CN 120.27.220.218:4400 mylife222.wingjoy.cn tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
US 1.1.1.1:53 cdp.cloud.unity3d.com udp
US 34.107.172.168:443 cdp.cloud.unity3d.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 59.82.29.163:443 log.umsns.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 47.100.163.68:443 ads-sdk-cn.upltv.com tcp
CN 59.82.31.160:443 log.umsns.com tcp

Files

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/Resources/System.dll-resources.dat

MD5 2c05e9758f84d7925a8ce0a27a43a66a
SHA1 4a94bc6cc52ef62baf32634dbc2726d1d427d7c9
SHA256 0a1ea11a162d65135b767e3ac58989912fdd45019ee091fc3c8398850f392a75
SHA512 4976b118854898fb7e5ab244442389f7723086b64686c0828505073d87f74d84bb2f44cf39c6dbdfed5dfce7540a9a9dccd3d206ae2b0d06b77d1e9e19263d74

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/Resources/mscorlib.dll-resources.dat

MD5 e86fc23695740708b0d1ad047cf7e84a
SHA1 5e745b089c43ec254015512d38519d12d6d07be8
SHA256 fde4bbf709a8d8ebebfe04de4cc2a1ac5e33735b357a0323ea46b064895c2413
SHA512 bacf2600cabfd21c7473af158c703a4102d921f77f0916657981ed48f8c332e6957ae9645a5596a966b943e70ddc7ff786f7a0dc5cc99e325c62fec9def82197

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/SymbolMap-ARMv7

MD5 01d2b65aca0b5082375ce023f61d1bb2
SHA1 d4f341a529eadc1b784e03261c89d6e8f98b0393
SHA256 e8dcb63cc33c60ec2a44c1798d7447e8738b9db4043a0baed78d7202fd80a40b
SHA512 464f5679778f7826ba482ff0707ffe19c7aa9c06ff3865d45882a826434a9fe0012117e1d817cecc58eb2fd8560e50fe1e76987b3f21752d220f5fdf4cfc58af

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/Metadata/global-metadata.dat

MD5 b937c63d593e7c721d756583d3e99f1d
SHA1 318850c8058059584407851d62180bddd99e7c93
SHA256 150483c1fd4ba709002831f649f963f304adc3506a87cbcd111d1bbedf6ddfac
SHA512 9383881fe79bcb23910834a877d571871ae52f0ee4d06522506089f8f4c484cfca1e1ce2e2ed57e4de99c9e1919ceb861c38d894b68f0adc52b5d8b1b44202ed

/data/data/com.wingjoy.mylife/files/umeng_it.cache

MD5 f793061aaa997066bf8cd60074330e73
SHA1 588f6cb0fb274e3d6c01d02fdfb02c5962852743
SHA256 240acafc7648da06d6dcb3d1ed69b35060ebff279a1c9a3e69082468626ec6b9
SHA512 056eaba938a7a36274fc933ae507d072b73eb11816d2aafa43cd17e6e0d9ebf602b74eb76a6132c2f55384efe1f9e71dcc86db33b02c2db91eabfacdcc454b21

/data/data/com.wingjoy.mylife/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzI1MDAwMzc0

MD5 8016db51200caca9d4642c04b0bdf953
SHA1 0cdf2beac3b7bd5e1c8db9c02a7e837f3b82e4b4
SHA256 4e503177cc8395e01e213b50c3c696f05806a28b2b3971a29b9fb0a41edb6b9f
SHA512 2b284f7382cc564bea20914d1285d6597f31fd5bb43f7e2a0e0fb405c4a53d7f2625fe30f4f03dffe2a886ef700cdb08dfbf4860a456e2e56c5b8d21cfa9af51

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/mconfig/config.xml

MD5 f34b330f20dce1bdcce9058fca287099
SHA1 936520d5bb5c00a1985d7a4c4f0ef763a9031862
SHA256 0c56e34c69124510fa8c19e7b4c2ca6c1c4ff460ae19f798dd0ca035809e396d
SHA512 d6d4a8321eb44c117755a41a2590296be86a0568d27a5347f9d7f32f2d151d8f7e169675c83faed2dab5ad0f8d81858f8cd1167e439cd4bff7e68c243e3544fd

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.5/machine.config

MD5 0869544722561f5aff0eefc83fc7b001
SHA1 1e118f4b5c1c6a7b1858e3fccb1b1d1095561976
SHA256 ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6
SHA512 ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx

MD5 f7be9f1841ff92f9d4040aed832e0c79
SHA1 b3e4b508aab3cf201c06892713b43ddb0c43b7ae
SHA256 751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
SHA512 380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.5/settings.map

MD5 ba17ade8a8e3ee221377534c8136f617
SHA1 8e17e2aec423a8e6fb43e8cbe6215040217bb8a3
SHA256 ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8
SHA512 c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.5/Browsers/Compat.browser

MD5 0d831c1264b5b32a39fa347de368fe48
SHA1 187dff516f9448e63ea5078190b3347922c4b3eb
SHA256 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741
SHA512 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.5/web.config

MD5 08101241b15b53ef0ab908f6d388881f
SHA1 ea3e2ad6d71d483c54b12852dcbdcd0baa569988
SHA256 15a2c7a9242bf54d3ccb3e07fa6d8f84ba8b303d8877243787a1103009941bdb
SHA512 a1ee7f17bb069ac42483d1f98ca839ff1bd06f3fc15cd379dff4aca3732a5dac24dc17e15acc8f8fa39e60e186219f4fd70664f9ea284002274a4ff8609791ed

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.0/machine.config

MD5 24c866ce8037fcdca2287234eddff637
SHA1 9245befcd116458e9619694f1a785c50fa61b58e
SHA256 6919d5af506aae0d93e91bd83418a81895a5554b9f54cf94aad20d025a4db664
SHA512 f9960b5d5e7db35fe4a492dbba1f90cd0f0f0c4d84349baf33de3a941de57cffdec670b5be9862306503f7b5d57a697208921e7099cea13d4daf3310840ff4d2

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/4.0/web.config

MD5 b127480ee9f0b8dab6a3f73ad79dd332
SHA1 7d776d730cbd253564713f36573dd8366782788c
SHA256 f1a6416eeedd9d040387fd85dcf7d6e074b6644c6829d08be220ff9fc32efb31
SHA512 00ddca43ad38127cf71477810c46617fc2ccdc33f197e26ba761151107eff701fec2caa51e43575fb5b4fbc11f640f525ba70b6b3e97811cecabc63773492401

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/2.0/settings.map

MD5 22c818a23169e12bd3c8587b6394c731
SHA1 dd2be2dbccd34736719301aee92429d4258ea5a0
SHA256 49c6160f9d54af4270a3b4e997fc4a8301f79b9e2070118fa46ddbcbbc44f9a2
SHA512 c1352e817e01277413a1790a94a4f979dc1b8333874fef28d735441c034c97bf8ce501fd9cd04c47d25541a0c1d54fcd4dd3bee9ac3e8fbde83ada9a1d2662d7

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/2.0/web.config

MD5 2b6303c4f12762b71051db6e947f90a4
SHA1 a4d7e05516f63d6ab67327b299d4fb2852cb840b
SHA256 3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc
SHA512 80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/2.0/machine.config

MD5 cad24142abba464dd90777c3d347ef88
SHA1 d8db7111fce5a08d8b7c9a6e1e0ad2fbf34cfe12
SHA256 edc5bcf685d930a607bc097927260a3f9ac7f52dd809db68158298bfd934b7ce
SHA512 5d3ee2ee7921c95cc30790ae670fcadcf091d4fa1b9b5e1b9c7500c67230abe25467236ed160c51aa662e764ccea10e4955887359a65b09432b727abf27f8454

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/browscap.ini

MD5 378be809df7d15aac75a175693e25fbb
SHA1 2d5454e161de8a5b65910f27bd70d9d0ad8fa476
SHA256 4ddd50f31fb968f30bedefc253a46dc3f2890192d05cdaa9e0a64a056eee807e
SHA512 d0d181e806cbd2c016eb0a8786f7d9db877463eaac0195db4e891be111c9ed87491a1abcfa0d9ed7c2743e004e1f4a3f4789333d0b535e63358c672ae833c363

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/il2cpp/etc/mono/config

MD5 506d24f8f3641d85468a61abc6cae294
SHA1 0323f0a888441cfbcbcb8d7084b77ece44415bd6
SHA256 f6238a41089538523af3926af29c9e8e97a94a71aa01d9ba223d1bc0bbf42241
SHA512 ab23d1b8f6b6ac2bc4f9615401e8db44ce553490a13df39bfad0e1483ef3b157b180b19ec0df4fdfa68e13b54e00513036df04934a516577adcc5d0b52f0e13d

/data/data/com.wingjoy.mylife/files/data_local_ad_info_text/local_data_info

MD5 ef59f6dd14c01c4297fb59dfc8378bfd
SHA1 bb557cfb995646c5b1b5da0933a2fce6f1c0ccda
SHA256 2011dccc4d42abf31449b7954f56e846d1ee4230a933dca8e3fb6c5cae1058b5
SHA512 326d4624703764ae00300fab55fd3a5066eaa390c60e39a20bdf67fec224c67a6d3c3f597b6991991022d1f1c3ceb49e82477c47c21aa4fd46ef1156e468fac6

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/config

MD5 8673a8ac0b06a9d056d08d62f857ba4b
SHA1 a351bea1932270bafbe468584058fef20dcfc31e
SHA256 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96
SHA512 edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400000.ba97c776/s

MD5 d0ee6422c56bdd0bba3e6c6ffe600efd
SHA1 f5520eea8b8d84d272b1a7063235ddc9ce4bf63b
SHA256 684b7c45d03326b14fe29fcfae849765b233ad465d2d959dea82bd3b16c8470a
SHA512 d45866aa735da442ac50a81f439d9c024c0e30c3a1106db8d4bc9d3d3aff28154a01a97d0965b4f097b7a2dea23f5911fae97790b395fc4f535f8e052a2aebfb

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400000.ba97c776/g

MD5 c81e728d9d4c2f636f067f89cc14862c
SHA1 da4b9237bacccdf19c0760cab7aec4a8359010b0
SHA256 d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
SHA512 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400000.ba97c776/e

MD5 80dcac8fefae63ca9ed0d2da1ec3c10c
SHA1 934ae9bb4e9b657ce6addc99352a1d278b605011
SHA256 4ae50be60114a6d487c100bc76a344d344128eb7022ac105dc02338baa39cbc0
SHA512 8ec43492cfabb1c2ddc96b234e0cfb0071aa97b8d462d41e5214686e09aad0b37f984ebf08e719eb03ed6de92a683a366ccdb05d8324685c772392365941ea80

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400001.ba97c776/e

MD5 d59410a6debf635cf788712f94df02ee
SHA1 dc8521cd5133b6bd080f15320d54384dccad6ef4
SHA256 221693182510de00eae5d67fa9d048fe5d60fafd6cf8d5bef2cf0b4f85d75dc2
SHA512 a1fbd86af26844bc79bf9a9292daf77c1fff4431a78b3c8afa42ed0b4482c1617994e5763e0435bf73b05760b73ba1e50ac127f7314c1ee39b01509da7ac4265

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/values

MD5 50dc57bd9bdaf903f0d31a4563384861
SHA1 736a4fb82b5c1f16302bec309d54e0aa3161aff3
SHA256 0c4f214e2bb4eb30569a277121d274986cc688b91cdd119e8efc060c1d695103
SHA512 fefdd46732e535b976ea2edd295c90ffdf0e35c027c9c9fd490e10279b44c0021a8e6250560d324db7701f535fecb172644cc90b902dc3f6e58ce72b902ca264

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400002.ba97c776/e

MD5 3b947c862c5c88b0bb4819198c931282
SHA1 ac18164237a971eb45f9f1ef20cd25368608c5c1
SHA256 8dc96f2cb997cc1a7c4fa2ed3768bfd5ea5aa3d7ccf95ecedf121fd510577a11
SHA512 b0895700bb515722e97e4c85f2cf7870dddbd3d60d9f9bd27a3b98dd3017211ecb3027650c2d1b41ce3b6ff6ffe440e6db89d12250b281a8aa49ca70c479b7c0

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400002.ba97c776/e

MD5 d522312fc4a9b96d0bf0551ab34fe014
SHA1 7201efbcccc09105a8b18d866063c3dc055c4647
SHA256 5ffca4c4056400428ee483226183f8ba8042740b225a41f036197b51415f132d
SHA512 674beb03dcce58bcf38ddd162cbd0dc283d8502d2a5bd1133e011594c523ec0930b6f3082af2ee7ad2595a583f18199378e04e4d7fe60df77d4a537e5fbb1e4b

/storage/emulated/0/Android/data/com.wingjoy.mylife/files/Unity/20db1d15-bacf-4cc3-be56-52c8bb07a691/Analytics/ArchivedEvents/171832501400002.ba97c776/e

MD5 c40a8dcccb605ce3a4d0b71dec642b5d
SHA1 050ba8efa1f6699849e864943923e00fb2749772
SHA256 8fcfd5f5582e164503ad53fc4d4765821c66e7552b7b9df838e070f01e855645
SHA512 13fc8e8260fab87d8cd326844acc6716c669d9dabae3f458928ae5ad2cfbb702af014ad7edc89f9da987f85bc8f5e46a37ff09fcc10ce3248881a7b7b044ed97

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-arm64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-arm64-20240611.1-en

Max time network

9s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-14 00:29

Reported

2024-06-14 00:29

Platform

android-x86-arm-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A