Malware Analysis Report

2024-09-09 17:40

Sample ID 240614-gdwe9axblc
Target a83142b02249e6dc663f3d93067c2651_JaffaCakes118
SHA256 5ad5b6126efe9ac973f0041eef836ed58095d64480b7396f3663a61e4316a60a
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

5ad5b6126efe9ac973f0041eef836ed58095d64480b7396f3663a61e4316a60a

Threat Level: Likely malicious

The file a83142b02249e6dc663f3d93067c2651_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Queries information about active data network

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Reads information about phone network operator.

Requests dangerous framework permissions

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 05:41

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 05:41

Reported

2024-06-14 05:45

Platform

android-x86-arm-20240611.1-en

Max time kernel

132s

Max time network

139s

Command Line

com.tp.android.poollovestory

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.tp.android.poollovestory

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 impact.applifier.com udp
US 1.1.1.1:53 live.chartboost.com udp
US 34.107.157.36:443 live.chartboost.com tcp
US 34.107.157.36:443 live.chartboost.com tcp
US 34.107.157.36:443 live.chartboost.com tcp
US 1.1.1.1:53 a.applovin.com udp
US 1.1.1.1:53 ads.mopub.com udp
US 34.117.147.68:80 a.applovin.com tcp
US 1.1.1.1:53 rt.applovin.com udp
US 1.1.1.1:53 www.tinypiece.net udp
US 34.111.158.155:80 ads.mopub.com tcp
US 34.117.147.68:80 rt.applovin.com tcp
US 34.107.157.36:443 live.chartboost.com tcp
HK 154.23.59.141:80 www.tinypiece.net tcp
US 1.1.1.1:53 6677g.com udp
JP 35.78.23.204:80 6677g.com tcp
US 1.1.1.1:53 a2.chartboost.com udp
US 1.1.1.1:53 a4.applovin.com udp
US 34.117.147.68:443 a4.applovin.com tcp
GB 88.221.134.50:443 a2.chartboost.com tcp
US 1.1.1.1:53 data.flurry.com udp
US 130.211.33.175:443 impact.applifier.com tcp
US 74.6.138.65:443 data.flurry.com tcp
US 1.1.1.1:53 diguoloadbalancer-738736477.ap-northeast-1.elb.amazonaws.com udp
JP 35.78.23.204:80 6677g.com tcp
US 1.1.1.1:53 t2.chartboost.com udp
GB 104.86.110.211:443 t2.chartboost.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 d.applovin.com udp
US 34.110.179.88:80 d.applovin.com tcp
GB 104.86.110.211:443 t2.chartboost.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.151.23:443 graph.facebook.com tcp
US 1.1.1.1:53 i.l.inmobicdn.net udp
US 152.199.21.175:443 i.l.inmobicdn.net tcp
US 1.1.1.1:53 a4.applovin.com udp
US 34.117.147.68:443 a4.applovin.com tcp
US 1.1.1.1:53 i.w.inmobi.com udp
IE 4.207.12.23:80 i.w.inmobi.com tcp
US 1.1.1.1:53 config.inmobi.com udp
US 20.39.59.188:80 config.inmobi.com tcp
US 34.111.158.155:80 ads.mopub.com tcp

Files

/data/data/com.tp.android.poollovestory/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/data/com.tp.android.poollovestory/databases/http_auth.db-journal

MD5 e280280e9fd584d28bc32cdfb49d7552
SHA1 6bbe1faf621e13d56a5a815142604dbbb682e7c5
SHA256 6eaf4394ed6824684a47d151484397d9de018bff5dbcf5c43d443358e8a160fa
SHA512 cdb18f46b6db2cb574218dbdce9d0a98631bc6d3189d892feabb93ab059f7dddb39787bf6d7d8ac18aaec0676f9e314979c1ffa0e6c1b74541aed648e08e1748

/data/data/com.tp.android.poollovestory/databases/http_auth.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.tp.android.poollovestory/databases/http_auth.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.tp.android.poollovestory/databases/http_auth.db-wal

MD5 277c4a8b37911df24c502b1d8508973e
SHA1 5e278c3321ea70b2b5a09034556c6f0181993322
SHA256 9b8daccc6d2f28d7bcc58aa719ae992c7bf4eeb1953b81390dc8ae1e9b6070e0
SHA512 f8b9fe1245a4f7dcd348e08f982b5799b37d8806d136515adb4e1c4455940aaad41e3892902f56546e4be575b6e40959682194414f6f99c29896a0aeeef247a4

/data/data/com.tp.android.poollovestory/cache/.chartboost/session/cb_previous_session_info

MD5 4b03c4afa9f644ad5f7b541efac03059
SHA1 55bf651e77ebd0b7814386c2a0537612c026183d
SHA256 50aea3512e2109e74c78a38373b5f5a5a2290d1fb58744948c0a0fac67e718ac
SHA512 609fe21628b2b556ec1aa89e81286de7ca923def619b3aec273d89d44f96d4c4b80c27770547f1181e303dce1e4d080c6cb5173b4e4f02e673ef904f1496af05

/data/data/com.tp.android.poollovestory/databases/google_analytics_v4.db-journal

MD5 47453571154390f21481297c679008c9
SHA1 32b4a55bffc001cc2bde92ca1ea36d86720a9278
SHA256 d14f12ed8cda8701a082187237138a23d1b07a6924da6b0e0483a0bcabd4a3cc
SHA512 34f0128527e74e0ba0f9ec49c483f44879bc8856190c373d133f3a4a49b6bf6197773b9f3f03be42d63cf1af0ef387b03f11f892386a110659683f60b884fb91

/data/data/com.tp.android.poollovestory/databases/google_analytics_v4.db-wal

MD5 aff9cb658ca49b9ec05209605cf5dd34
SHA1 33ae7025ff5c884fdaeb7bf8ec28a1d2c19ecc83
SHA256 95a8581b7dc13daad460aeaecd6223c1e876120060bcb4b7c2d286d5a6ffc972
SHA512 38f6ffb6315a127193de6e803f60ecdc12dc042974c370d6f3c533c143cf721e9440a02cbfd9691605c5dc54916413776c63301f74be326b73b66fcddea5be84

/data/data/com.tp.android.poollovestory/cache/.chartboost/requests/65678083500

MD5 f2dafd737ff0b8f4bac13a5e699b8ac3
SHA1 e0145455e0795a96b615eaa73036c0870044b906
SHA256 616b074ec138258da9c6878eb183e47fc52ed67426a97f58284b89a12eadd584
SHA512 d0e4441bce1430618d210cc7c9864ceec716a521a1b1370f722d8487d810a63f5359583d9c86a145e272d9896066a58d0ef28ec3fabd7bb325e99d444a9294dc

/data/data/com.tp.android.poollovestory/files/gaClientId

MD5 d568b3358b66aa7f9d847039bd37cf41
SHA1 7bd853ca2efae51207faedce46cb11a22bb20d77
SHA256 1429e26b68f37ebefca300c8dd51dfb85f29b8c3da303b8d975c200d46062459
SHA512 e99f213f82a374afe3eaec41ff3a26e27664742c6fe48061565ce9f0ee0cdaf9aac9e200be4a220a3d46ebe3350c11e690a277c039ef53a18e69a85965757f4e

/storage/emulated/0/.chartboost/.adId

MD5 088a3da37857957c16e4b7761f1fc49f
SHA1 7749ea6fbc686cfabc6a91e1174732c94e8bb6f7
SHA256 aefff058a85d2e023f5a8ee8f049af81d574afeb0ecb7df7edd9ccba61d5226d
SHA512 356e6a4f1c989fa9d31cbe9f9d677ead2144bf9e49020fd12da30c4aee4e3b1f9f886d2fb94f8fb3ab86f54b7f54438bba1ef61123af755132beb5020cc38ec6

/data/data/com.tp.android.poollovestory/files/.yflurrydatasenderblock.ddc85bb1-a116-4462-b8c2-4cd5c09761df

MD5 db7343014d25a0e27b35273ef69cc755
SHA1 9b35792bc0a3eb948b3f80314a691c17e2bf0f78
SHA256 2db4ffc4a4e55b8cb1c460c6ebabdca5ff2b35bb09f323a9d549b9ea8754a695
SHA512 d5aa6cdcb691ef2139a9052e1526dd2d9da0ba0203b2aa3fb2d6113f08904e1f95cd5337b1371e506c9c6739edf972c50d08c193ef2d44f6b11e7a660119984c

/data/data/com.tp.android.poollovestory/files/.YFlurrySenderIndex.info.AnalyticsData_2W549SPWHTPV72VZVK7W_216

MD5 22dcb26d615fb0d278d2f2988921dc7c
SHA1 faab0598ed2e0c83720075f35b8926f93aa91b4a
SHA256 b5094f7b9541916aa911cda94c0c245cc6aac9793d0636709e2ca6ebb2077ed1
SHA512 2773a8c4809b7b29ecfa946943b8dd59af02b9ca73a2e28101c25ee93d4caafb2a9ecef0cf42016b2fdc76d2a094537a3c048959fd428e018a356025f2a036d0

/data/data/com.tp.android.poollovestory/files/.YFlurrySenderIndex.info.AnalyticsMain

MD5 d65abac0b86eb65a36be840e89ed7aed
SHA1 0b4496f09e785269a5311be519e23f311da345dd
SHA256 482aa65447bfac42848ec5e0d8c4f723b90c494ab6d1be60ee01558bf5a4fb45
SHA512 03185fa053c4075125f54c08b1135fce20d6c407e20afd78f66db0effa07a7924fabb71307cdc633280e46eb63eeb97843362734e8c6ecc2f4e5ae38f3601c75

/storage/emulated/0/.chartboost/images/5e71cec4cc25ad09f77c06ce.114.png

MD5 31660bb2b53c0c59a159d0fa00ba8dc5
SHA1 f00b324bdac8519fc8656ece6715e1fea000c462
SHA256 8be4408f6dd5c5a084571d26eec3ccb61de059e2c3bcb244b96210874c54e277
SHA512 4d10644069bded5d6c00a64769f1fc0d779845b6e9892a8eb00ad74124c3d04f88ee44048c7ffac2c525b389417e9ff12341cc5bf0ce3d12889e143e9aed9ea4

/storage/emulated/0/.chartboost/templates/6666c7cc1228e265575bce40/5e71cec4cc25ad09f77c06ce.114

MD5 9e64c3ea4a54ba03e5df7a42f73cdc1b
SHA1 f7d4b62bbb1dc613de58c553ff239244066da18b
SHA256 b071205ff1a2fa088db4a9738a7e085b893a605b51ca8abdf9ecda66d91c9c34
SHA512 a1b5d753ed8c0b3c7f5c5c24c8beedea4ab496c86852decf738ef15be6bcdf7d7609760113081d8fb24eefc491a404005fc60a5cde8fb2bf580e8f2132aa58d5

/storage/emulated/0/.chartboost/html/playable-core-v2-CBCloseButton-be43c01b61e1d3ff4478

MD5 a22d5ffe2a728bb4bac4f37b78dab270
SHA1 cd00a68f8a518038766952ad3d317b2556be945e
SHA256 bdec4e05a0b8d9e7e4d1562ecfa396812bd4e24644184bcab5256fd357b9b03a
SHA512 8107b0bd7f5b588ed7d41f4d64aa2cc0838b717b56e5173d012b16381eb8c90ae8be56b41747d4b31dc304b644011e9605ab882b3a02422d8298d463886aad2c

/storage/emulated/0/.chartboost/templates/6666c7cc1228e265575bce40/playable-core-v2-CBCloseButton-be43c01b61e1d3ff4478

MD5 6b9bfb47027eb3e6541849264dd748ab
SHA1 e1ee376d3d057ff303f804fc0d0fdbc3e899b280
SHA256 07b20b61f82e051bf92530da431f735901649035f4f81e5d087007411bd7637e
SHA512 94668326138f4c4519523a5fc4f9d0a2805ec883398102c37d5f2ef9b92392e422837f57d83609a76b4d098bce84c01a79b7dddae88de115f36127b07ba3fc62

/storage/emulated/0/.chartboost/.adId

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/storage/emulated/0/.chartboost/.adId

MD5 d9799e6a1d2568b8a6c616d88d7c58b2
SHA1 2482495b14146fb43eaa5ea15f0fb0f17c7b9c63
SHA256 01069a8c66489c201c05c35af953f63499d3ee637d48d88f12017814a5b766a2
SHA512 196888cdb4b25cefdbf993be692051739d30433d98acf2aa0d89483ecd4914f8461f11f30fb2c54663570950c412aa3d2ebcffdffb1bcf4e7e1439c0a6a02501

/storage/emulated/0/.chartboost/html/mraid-iframe-open-cbb3e006638836f9f0e2

MD5 8db1cfbcc67d698a9c765f68946b5ef4
SHA1 18700f6c1f44cd262063f0a4aff065609549e71c
SHA256 e10d172b4cb2a6be91dee28ca7b430c75cb7ac5ae09d792bf67c3f50ef3ba27c
SHA512 865f0b15964af39f0f9ab37fe188efd6057fbc7a6abad3e0fd8feec5e92b62ade58f554910c68d03246ff2aa5bcb947e6ce6f66bb9c5cc19a09cd3c9aed2600a

/storage/emulated/0/.chartboost/templates/6666c7cc2dbc49a2a916bdd3/mraid-iframe-open-cbb3e006638836f9f0e2

MD5 a5a057cbf249d4852ba7ff1f936c49dc
SHA1 6a41eaa76e78c2d0e074cddaf4dbebe908760fec
SHA256 b8e19377619f32551b7bf99aa265dd96bc89b4c7efe32ed6006872d7b6b2a04c
SHA512 e62c6cc2ae4c8b6643fb59776df677394869a308f884b18576fa349723c72a3f1661469f574ee74aa2485844beede8595089365d86cd3369715e01d77544619f

/storage/emulated/0/.chartboost/.adId

MD5 14648d7bc4d0832a829b8a156e77551a
SHA1 9ffc3921b20652d7da4efa6df79ef0e5b543cebd
SHA256 57d54c579c9f37f2e7aed3ea975990387dda853c5bbd2764876347ffab293e4e
SHA512 ee2bb077d97a08ce31e0c6b53028d206249ce6d0a2c79a97ac9afeefd9bc8f9fae4424394dc57e9c48860206d9a492f68bc1c47fea3f8e250c6a4ed93d809414

/storage/emulated/0/.chartboost/html/vast-moat-v2-cb0cac189f90349bec31

MD5 e8056d972b40db99977333630f25df28
SHA1 5c08df07fe99807a564ffcc9c38cf0e0a9684260
SHA256 fb22aa73901ce42eb9719b8d18e38a39d23a8195a9a6af1edbde7f83cd609cd8
SHA512 731a04163a2fa2456a619ebb794d7249c81d5a17437478affcef62c25b9802e7ad7f586a5976bf68906cc676f265469876c19c3ae345150f956500a93b1f4f62

/storage/emulated/0/.chartboost/templates/666952d9eaf32f0300ecbc6b/vast-moat-v2-cb0cac189f90349bec31

MD5 78c6847adc27e3daef4529f739c8b3b3
SHA1 3b9b08ad7d6431a374da1caed1803d8d8f902193
SHA256 1bfe400874153c801ae01de94aaa1a57358e310af417d2c04497f5cffae49b91
SHA512 a7ba364c1a71223023045b7daee4a3219147b2cf97d69307fd2caf75fcfd81d53724bf05c7c7fae106bd8c304a37f4e40dccd6fa9af4a1d3ba1806631b24cb41

/storage/emulated/0/.chartboost/html/mraid-iframe-open-9dceee37adbef75f4c9d

MD5 9dcfcfd929ba3880fab57bf9348736fb
SHA1 6ab33eddae6011084f2d11fbcc090fafb14fb12d
SHA256 33bc53c84f58a096af40bccf7dcf87c95ecc40a1fa195b65d06dd0b27de7c0b3
SHA512 934011cc9451cdc49691984ea0334fd11ffc3b7fd97c40b1a1c034543f8ef52e1c9aa91a073bedf6cc1f0e60e5cdcbd96a7231366172d53f9efdc2efcdd32272

/storage/emulated/0/.chartboost/html/vast-moat-v2-e67ee28559e124886fb5

MD5 1df7c56fcededc2ddf6c9fdcae647289
SHA1 5761c847a973c8d5cacee13af77077dc3c619965
SHA256 13021ef901de2c2fe1959be87131f735803d908c9f0ed64c7d301cb4d1f57480
SHA512 bf3cbf35a5a5825f6c1bf65e6e4a616b0650ad09c38c7674e7e0bdbaccf5bbf76c4c7ef0b54bb5ffb404b771c51ae38a3fbcf968d9552e75d395cb07b51ee225

/storage/emulated/0/.chartboost/templates/666952da93dbe7e27b42da3d/mraid-iframe-open-9dceee37adbef75f4c9d

MD5 cdbe6c86588937b4c40681ca6c29de68
SHA1 e6a6fd63e8bd3e117d2d1058c0a5cf581dc17673
SHA256 5b3380195fff7d33d2eba16592463eb87ec881226cc3e61ee1d7cf29612cb511
SHA512 83e3ee9ce9e4541925a1584328bd9c1ef34f43a19f6711a6bfb47b62f4b5cd7a8f28fe869b868240ca3a8f73f31d858545f69ab142a31e6343d035542d1899c7

/storage/emulated/0/.chartboost/templates/6666c7ccebed8700df973433/vast-moat-v2-e67ee28559e124886fb5

MD5 d3e7597480d4e1887348820166e04c89
SHA1 38d004ff2fcfbc82ecba1e5e643be1e435a0f5be
SHA256 eb0baee80980c938f530837cf73cf3ac9cd2d5c29ff38f3f8bd1e428d6cd8fa6
SHA512 993fd00959713f9102dd35ff9d4fa0bd0834859524242d5dd1edb0137ae0f71a7ff3895d3dfbdaefd81f270be537a3614a27d1f8fea9c9f5521b784424272b1d

/data/data/com.tp.android.poollovestory/databases/com.im.db-journal

MD5 cfda04749e4abb191e7da129a591c5e4
SHA1 e5b164ab87cdf2c2f3295a87044c27b3057e5f4c
SHA256 4062b7e4eff57155d563bacca983374085d5346a3c70799d6cfd14cb2ba9dd86
SHA512 88ecec794ac41cb105f83638a06b3fba4c189bfc5715ef7598e003f4e40bc0819e8da3c137b4a4b146cf979d5eeb58b402b572708a6c5b2eba9580e7f1b4c51f

/data/data/com.tp.android.poollovestory/databases/com.im.db

MD5 7f5f65fac24b5af49ea53b4016f4b35d
SHA1 73b3dad6abcea6585bbcd50e038a33e16f95fd32
SHA256 4240342b0052edd3fe45948dc511246295dc7b3291848d2dcfc7952d8ffa9eb3
SHA512 e5de3d2ef8d446c4087bd36dbe4d0007303bf20d5a37c0951addf456d22cbf4f6c9b0014a0212dbd85c18597e693ed2cc734cd4b9fa7fed7d5a86ba395ccc500

/data/data/com.tp.android.poollovestory/databases/com.im.db-wal

MD5 a57c2c4d34771236b6eba83c17d49b42
SHA1 99dec4dea794d30ba61407634c01685435bc476e
SHA256 913aad79b8163d1df2dd69dedba337b3aca5487d25a14103385866347a6ebe26
SHA512 99c7339858ca53731554a6dcab360e3203337fee75811bcb806cb76c42e3e02901c8fa7a73c20ab1e7883953c6116249e5c8e78e841dae2acf2114a3a3ed72a2

/data/data/com.tp.android.poollovestory/databases/com.im.db-wal

MD5 c9ac68db5775d994eba8f82f71aa99ef
SHA1 80b6309ba2f91cf37bcebcac05d421d6df265d14
SHA256 30ac02e3dd724f636ce4a4e3fb9a9eee130e25c9bd7379544dcbf7b6dc4f12ee
SHA512 1746eb21d81a306d6921b23263a7b27fc11ce04cc06b6214994e317c5df32ce7dc1b59a16dde8d3e451156b6d337639fe705c2de9faddd07e93ab79c6d2a3940

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 05:41

Reported

2024-06-14 05:42

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 05:41

Reported

2024-06-14 05:42

Platform

android-x64-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-14 05:41

Reported

2024-06-14 05:42

Platform

android-x64-arm64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A