Analysis Overview
SHA256
d09e419eaf126355af50685f1b892add4e1a553204600134d12a1461269bff93
Threat Level: Likely malicious
The file a91b5bfbc13dd12a1ebe449bd2c3e044_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Requests cell location
Requests cell location
Queries information about the current nearby Wi-Fi networks
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Queries information about active data network
Queries the mobile country code (MCC)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 10:04
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 10:04
Reported
2024-06-14 10:07
Platform
android-x86-arm-20240611.1-en
Max time kernel
173s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.huabian.android
getprop ro.build.version.emui
com.huabian.android:pushservice
getprop ro.build.version.emui
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | i.tddmp.com | udp |
| US | 1.1.1.1:53 | cloud.xdrig.com | udp |
| CN | 116.198.14.56:443 | cloud.xdrig.com | tcp |
| US | 1.1.1.1:53 | api.kantoutiao.com.cn | udp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 116.196.71.30:80 | i.tddmp.com | tcp |
| US | 1.1.1.1:53 | sf3-ttcdn-tos.pstatp.com | udp |
| US | 1.1.1.1:53 | is.snssdk.com | udp |
| US | 163.181.154.233:443 | is.snssdk.com | tcp |
| US | 163.181.154.237:443 | is.snssdk.com | tcp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| CN | 116.198.14.56:443 | cloud.xdrig.com | tcp |
| CN | 116.196.71.30:80 | i.tddmp.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 163.181.154.233:443 | is.snssdk.com | tcp |
| US | 163.181.154.237:443 | is.snssdk.com | tcp |
| US | 1.1.1.1:53 | sf3-fe-tos.pglstatp-toutiao.com | udp |
| US | 163.181.154.235:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.237:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| US | 1.1.1.1:53 | av1.xdrig.com | udp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| CN | 116.198.14.20:443 | av1.xdrig.com | tcp |
| US | 163.181.154.235:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.237:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 163.181.154.235:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 1.1.1.1:53 | pv.sohu.com | udp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| GB | 43.132.64.26:80 | pv.sohu.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 116.198.14.61:443 | cloud.xdrig.com | tcp |
| US | 1.1.1.1:53 | bigdata.hapi123.net | udp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| CN | 220.248.15.58:443 | bigdata.hapi123.net | tcp |
| CN | 116.198.14.61:443 | cloud.xdrig.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| US | 1.1.1.1:53 | sdk.open.phone.igexin.com | udp |
| CN | 115.227.15.6:80 | sdk.open.phone.igexin.com | tcp |
| CN | 116.198.14.17:443 | av1.xdrig.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 115.227.15.227:80 | sdk.open.phone.igexin.com | tcp |
| CN | 59.82.112.112:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 115.227.15.229:80 | sdk.open.phone.igexin.com | tcp |
| CN | 116.198.14.43:443 | cloud.xdrig.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| CN | 116.198.14.43:443 | cloud.xdrig.com | tcp |
| CN | 115.227.15.231:80 | sdk.open.phone.igexin.com | tcp |
| CN | 116.198.14.14:443 | av1.xdrig.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| CN | 183.134.98.76:5224 | sdk.open.talk.igexin.com | tcp |
| US | 1.1.1.1:53 | me.xdrig.com | udp |
| CN | 116.198.14.175:443 | me.xdrig.com | tcp |
| CN | 115.227.15.235:80 | sdk.open.phone.igexin.com | tcp |
| CN | 59.82.31.160:443 | log.umsns.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 115.227.15.7:80 | sdk.open.phone.igexin.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.igexin.com | tcp |
Files
/data/data/com.huabian.android/files/TDAntiCheating_Switch_Value
| MD5 | 55a54008ad1ba589aa210d2629c1df41 |
| SHA1 | bf8b4530d8d246dd74ac53a13471bba17941dff7 |
| SHA256 | 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a |
| SHA512 | 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339 |
/data/data/com.huabian.android/databases/huabian.db-journal
| MD5 | 26791ec4691fe5a8fed5d2d6a5ebc520 |
| SHA1 | 0108aa8a2930bd27c1447b23fa5a2036cf3f9322 |
| SHA256 | 8c3000400c44f8d38f43ed9b12f150c9507566db5f89dc227c023ddfb225e247 |
| SHA512 | 905deaf771401f28d876e2bfe9ef073820b6c003eb1cd81db6a8ec5b06b31efe01ee012bf3888c775b11e6897a4863bbdc3c5f898c11ec75a91ad2f7cb3fb870 |
/data/data/com.huabian.android/databases/huabian.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.huabian.android/databases/huabian.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.huabian.android/databases/huabian.db-wal
| MD5 | 63c655a90057b519f35b6a64b129f553 |
| SHA1 | e1cd5be081bacf910b9d14e77cf3db88adb68bce |
| SHA256 | b9f3da7d0e1431de9f214c1bfd161e27e6d6ae3ba935b0335c54d7a11431b747 |
| SHA512 | b7804c9b63889f1575f0bc2918ca6488349c4be1119e9abd3f466d9d049537a8ece1162d126d08aabc33cb5118ac62449a94c68c05ed62c088c798a338d3bdde |
/storage/emulated/0/.tcookieid
| MD5 | 994c67cb98401a35832feba6c6ccb09c |
| SHA1 | 6d433780d5bcf16ef413b211c471008f7bfdcb66 |
| SHA256 | 4dad2d21e17b8857ba6aaa90869d453bee40a689a0e14cd8cb6245ac677d9a73 |
| SHA512 | 2fa64a4f7bb1a4b082975a7fe8dc86287b095b06dd3a0602757002102ad4b3652fb671f424a853ad74a3ebae9cdd86c1b699c849dacba601c6491cd8f8184686 |
/data/data/com.huabian.android/databases/downloader.db-journal
| MD5 | 6c417c9da3d50adf84d38a3bb432e21d |
| SHA1 | 48dc8c7417a3c6b7153e773a3eb9bf9473b9f31e |
| SHA256 | abcd777ec645c8df5363f7917c1485f5f081d397f0881dbf7742bfdc6b2d20db |
| SHA512 | cfd3460e73a24e05b1cea94a09b38ede662f4799ed1a52bbf71008e21865aa2c3a4654e7ac1f5633ba5a8693ed81a42e85f7b7510c81e933a158fa7f9bb1d635 |
/data/data/com.huabian.android/databases/downloader.db-shm
| MD5 | 3193016a323483b7f2f794235e45365b |
| SHA1 | fa7addbf5162b3710b231f602c49eb9028c0935c |
| SHA256 | 7a10d292ae8a6207f331da128f7f30956f1f361cbd386d18c390cd041b9814b0 |
| SHA512 | 1a797712277491ee39157ba4ae41a345e4c7f715c4d3bc8e9a9f3b39ba00764bf709c9372bab234ad3e7cf80ea5c6424ba46d67247b84ee82cb08df39c743957 |
/data/data/com.huabian.android/databases/downloader.db-wal
| MD5 | 7f492c5a778954a7dde21c6547047f77 |
| SHA1 | a108a820e3b30296a8bac909364f36decfa0d383 |
| SHA256 | 90d573ad99f814354ef72347219113c2112e5894bb356c6ec53f34318e6c652f |
| SHA512 | c7544103ea7bb5de302bc2e6c59bdd45431fc447528bbf961bf0acaaaae0d9e507de541ed06f504d55120c946fcb26bf5d6da6e9313e12ec059b2adb40478b4a |
/data/data/com.huabian.android/app_crashrecord/1004
| MD5 | dd253979942aa2a7ee89f1e372787439 |
| SHA1 | 4f5b5344e3be0b4ef6f15b9a17f03afae0788c6b |
| SHA256 | cb3491e9b5468bdf40a601b6a0f5e31dbc6345ee4e3131dabbd594b3059b8ab7 |
| SHA512 | fa1c7708d002a06db18b52e5ea99f5750f7fcdbc4fc3ef0e688c8aac3ee7738508115ae49d7d64ea2f41a91eb30f2859bccc7c09e9812c94b0f05a3a2c16bf60 |
/data/data/com.huabian.android/databases/bugly_db_-journal
| MD5 | b3ae4e65c5370ae8e603d33631477365 |
| SHA1 | 1f1786e2d118e6483dd68131ab4ceba89accf465 |
| SHA256 | a0c6a604e618c9eb755da7b8a1bddf0968c125bb61dcd189e8ae3e94bf0dec3b |
| SHA512 | 7fffea3b048d6faf928c9f2c927222ba44c7f1a1d273210593b6bae5fab8cb619d55cf82b170a82c26d1e62d1ecc298b51afc1e1a01f913b21808bbee21daf53 |
/data/data/com.huabian.android/databases/bugly_db_
| MD5 | 6a2ae5b5b9218051f0b6301611f21941 |
| SHA1 | 0c56d61217fe9411b7192509400ae6277280c365 |
| SHA256 | 125701088e468d6731b4980857cf79c24757b7dac0c17cf8024476ef3eee7d16 |
| SHA512 | edcc511d935c62935132fca1ff5b038b5546a91f8381e1a332c1a4ce52376322c7cb3a6102fdfb0b31b39f36363c063ebf925eeb0966c94c3cdab13ca7a4d37e |
/data/data/com.huabian.android/databases/bugly_db_-shm
| MD5 | db2ab4bb2d1715595d82b0be028d0484 |
| SHA1 | cf41a7e14d0b737e5587dcf9b29638fad5386ceb |
| SHA256 | 421edcca0189922c6de5ad0d05dc28c8448e08839476fc9b398e78073edf9f5b |
| SHA512 | 8b1e24b497878291ba02d04c2812e29c0e66068efbcc5e1fc6d75d66b5c384940635266834a95eb46321f3d21a1a10f7d497875c9d3678f9985974fcf40d27cc |
/data/data/com.huabian.android/databases/bugly_db_-wal
| MD5 | 354baa3f9a61323239afc4841e41eeec |
| SHA1 | ac0eef9d2f54ecfb80596d1f17f7681a658cee4a |
| SHA256 | ee6602ad6ff0f5f6c75f934dbc9e7b67ef05ac8bbaa3a08045f7d4f8052e85a4 |
| SHA512 | ba4f590fada1c3be3c061bd5cf5b0ea64b20bd0dcf15fd7d6895a815727707a7c023605eeaaf8d22b5794d4bd9e69c66d63dca77b04f3d52c96de9e334b071be |
/data/data/com.huabian.android/app_crashrecord/1004
| MD5 | 3610043095edfae0fde800376f4f63b0 |
| SHA1 | c58f32ab313bc9c8b0a2a9d2ee7f445972973c8c |
| SHA256 | b37b20aef8aedef7f952401b48d8d2da271ab65c8acbc1c6a296b244875ed088 |
| SHA512 | d9440d22eb1886705a8936d16585a9c0f439a04303a432818b61ec608aec9fb21785f2098fff0607c23a2f6ae1727c4103b350d82591d0c5bf470ac5d17555b7 |
/data/data/com.huabian.android/cache/VAdNetSdk/reqQueue/-5998622401067643521
| MD5 | 8000d52e67ee34c4d87aca39b6384c66 |
| SHA1 | ca5b6b94bce68da6f55cdb77c5d5d4cc75fcf87c |
| SHA256 | fc9abcf5b36d83d6e38045f9f4799782e5a771ced8eab338b6ba17fe735c4680 |
| SHA512 | 6ab5aa7f0c20de8dcd884cea7bd73612c81f126fc44df4386826ec52426fead3ab480d0250607c2de727f4b5d799192d90ccbd79a6add74cfc8536921df1a0a0 |
/data/data/com.huabian.android/files/TDCloud_Control_Cache_Param1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p1
| MD5 | 7e0a70ae17d048b2d889a81068d97dc6 |
| SHA1 | 356abf46f96574d1415d74317156c4f27d9b2fe0 |
| SHA256 | 106a8f87b023bfafa45947fd67ca67142b8699b5490d4039c6519c5855110d5f |
| SHA512 | dc051ea1ab8139e7c4837739bf6a6daeca95ddb3b75331250bd6f06d8ec978b442d8d1d880770721df48effd28d0c74cfb0f8a32272be52a44c2f709546e5515 |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p2
| MD5 | d001fa9b911588f15260b9d5b071610d |
| SHA1 | 9f8d3a193c53a4bb867285ef9ae010708a669f7e |
| SHA256 | 6b35217688ee91665d7773f865217b29e4f45814a3d943dfa012c8dc3ae328ee |
| SHA512 | 15c7360a6e29435a22ffdecae3af896eeefb645b712552d795ea58b904b83db62431ff0f6cebe5fcc92f40c783a06eb0a0c138bef6f61108f119f8b294bb4d44 |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p3
| MD5 | bb396abde26b1daf11267c855925451e |
| SHA1 | 40e703d2d6bffd81beae49a3e7dcd4432e627222 |
| SHA256 | 8c113d313d55a58b2b75bfea8c36093591d29c0c9468e447c32a297f1777eaae |
| SHA512 | 069b2a9fb3719f7b0654e4709847f25fb982e3567058d27ad8398d912407e8fd8af11f9a50758438e39aa1ff3a0cda262521d438d43727b8c45beef5c81ee7e0 |
/data/data/com.huabian.android/files/Archimedes_p5
| MD5 | 2127cc8427919421972ac5b1c8263fc5 |
| SHA1 | 0d8e05e093cebae3725811c6689400febcc35a9b |
| SHA256 | 1df86f5d80405b8e03e7dd383159b7ad61247f11b578312d7fb49d94a7fa3a11 |
| SHA512 | 48a3fda406832a0cbc0a04b1759d5695fba21c9cf2a4a01f424225ac5a6b26488b9c99972731b887e3fe6f36096aa5242a05ac5504ee05c15f226dbaf3c07e1f |
/data/data/com.huabian.android/files/mPBE/salt
| MD5 | a9053a943ad637ae7dd5a33552a501f6 |
| SHA1 | 39c15fa2120cf52603dc64e8eef30bdead04a5c6 |
| SHA256 | 5b430863619d5029bc368400a77ebf4d36ae9496634c033719350955f9f53de5 |
| SHA512 | cd2f437f1493d3bb6b5453a592eb4152d57cbe43c35986dba7edf558cedcf0f6572536a690a93c623bf383d565c76a8575a08502573c04a4d7ad332986036303 |
/data/data/com.huabian.android/files/mPBE/iv
| MD5 | 2122aa1ad35e0e9fdf88a29a7f5feb2a |
| SHA1 | 97c5857062b07a98aa01a52670c9c2e7649cd23a |
| SHA256 | 395c7b6d8abc5860478b3539e60fd6dac3d6bb482e09cfb8a4af2977183ea4fb |
| SHA512 | d34a17fb39bdfc3b3fc17e925c6a8c1c6737d020a40c8c4e9cb33af9f68153457e5746dd0d3b6ee6ae75b04113d0b425c8ac8de8b37ae56f7f329c5340edfdd6 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359483092_4176
| MD5 | e0f6b5f016477dd39a49faae3e8b8342 |
| SHA1 | 8c8b9f2bd3e1d7556d0c40531c175a6637a115e2 |
| SHA256 | f5ffe45edce9be8b50d71493d547dd82306ca6bbbcd94024dfaab2db5e728026 |
| SHA512 | 75e27cefaed03047ee9d96cda536dd145716cd6aca263010726000ec1517b29a90467f3a1466fe13f3a4772be71ada97af3be004d6a947668e79f751856101b0 |
/storage/emulated/0/libs/com.huabian.android.bin
| MD5 | b28e0f93d42b92943baa2ff2bb1b354f |
| SHA1 | da465dd1d0bedc184cd27fcf8e09e71d5933e8c2 |
| SHA256 | 8c6cd3fc7f7c2d4f3e6d9fced97267a494f6d15daf37001dc934a09efeaae9fd |
| SHA512 | 45535a68ff2b046ab65115ec2b2900e7b0eba1fdd05c4a8638f12eec563f55b789def0d327f4294a0e8b66616ab9be8024557cc7e9a7e18d94ba4a4ca366926f |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359483313_4176
| MD5 | c0246a50f196073a989f1028a2113516 |
| SHA1 | db31062a9a1d1729d62efb4a71cb5419a62707eb |
| SHA256 | 1f5611b608248d7e836352cadb1e00604b56fabff4d2fc3adbf9ebbe19d7b2b0 |
| SHA512 | aa1a29f7e93c1555e7dea60d838606495ae8fea9aa0b0d1cdf646b686f4b5022d7889bc1a21145f0bfe7570c56019bcb52983bcdbc0a67754763d061583c8596 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359483528_4176
| MD5 | ef8e3fea07f9bf78b919be7512dd710a |
| SHA1 | e6c066271f9bd465872ae9b1691e51e336ed1c92 |
| SHA256 | 35c8d5c0423ccaa445706c455450a24cfa63c02929bf5ddfc9c08c7c542e5f0c |
| SHA512 | 3c2e6992f1f28b84a4b46c70f10a8a72cb2e9ef62d3f712131c94cbb010945628f0903a2b2683313712ecc54f58b1ca412089d41875714e361bfcf82d7ff4017 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359483733_4176
| MD5 | 0945cb9327b19a3f3bad9e0f1e3b870a |
| SHA1 | 5bc22771865761f4f22521fe2a19e45ef98079e6 |
| SHA256 | acfa223592c52ea09a24ef2cc1993e9c50d773a144660fe9e64243f4caae6ba2 |
| SHA512 | 6ab314c033cb1561dc9d550f697f3152fa6a4b765676d7ccf0e1ed9bfd96f17fb35ffe38d06626bf3a5ddf28427ed6a4d1d4c6b27bf97099cba5a8b8f94277f2 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359484003_4176
| MD5 | d79208547c582858be8727b3ec3abcd8 |
| SHA1 | 4c66dde863d92ad59e91d5d2a13a00735c9d383f |
| SHA256 | 4a8cf8240c281b809df1941b8296c0f89a03d10eca12fdb3086e7bbab8d352b9 |
| SHA512 | 953c19c197845166e9e952beded7dbc7ed7227b6d1354da81b6a1dd16f4754352c4ef8b56cb05360c937d2710a55c29110de9b29d7ac20cd647aee834cb8776b |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359484188_4176
| MD5 | bf94a05c9c2e224656dcde88c837ec39 |
| SHA1 | a478324dd32b548aaf17cac5a5be24187d00ddd7 |
| SHA256 | 0427c9183214501cdabe844f9ee713cf9e613db955fb91b8280ec1e15fdb448f |
| SHA512 | 01176c98488f2cf51852b0c511f7107b3cc858f4ff65e2336e72dce64f1f00882598e5e0e25bf3ac011070134306b722f66936df3abe3a61a11ef956d0f48b39 |
/storage/emulated/0/Android/data/com.huabian.android/cache/tt_tmpl_pkg/template/d185ca97786512f94a2b28524359ee94.tmp
| MD5 | c92f5fc7425dacf38483b7af63d74529 |
| SHA1 | 886cd5ce9903e549c6085174d781864879a9b0d8 |
| SHA256 | ae27767b5485f608d86abec27b717fa1bb875cb02db529abdce3396ff2f7b5a6 |
| SHA512 | 4a6d5af49cb4d7dca2d854a8f6fc61f4f4231f0dcac9f225fa08643d259fd90e5a4c3fa1a3138b98e9713a3fcc391109582463c86bc581ba932ff6564fbc243f |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359485439_4176
| MD5 | 2c23f3c406c3d1e3d2c00d8a8f8ca62d |
| SHA1 | 428546bf931a7285963fa4a9f9f46fad57104c19 |
| SHA256 | 195a06e8f3b7982b37841b411f38b6a670cb9df6c3b621e32ed7c6f024766e19 |
| SHA512 | 364272d0e7b701d278b72061acdcd4c7a8c3c694eab9df7e9b0787126a11586ed69ca42a473372d81ef26af9fc671f80c9af7fdf6034fc0b1144953ed99a8cd7 |
/data/data/com.huabian.android/cache/VAdNetSdk/reqQueue/1021689741840853517
| MD5 | 5b94f888cfc4f9c8e6ff3a6a93d47d76 |
| SHA1 | 76bbf62cef88ddfbd9025b6b8058386d49a29b2c |
| SHA256 | 65e1490812233da1fd4afe8952bc64d26cfa38766bf58703510b4b064dd88e0f |
| SHA512 | 61b4878eccde646c586b44f165ce997b637e3f6938adbf170427b1ab51eefdf618ab235ef056dc2dca24a085590969b24924dd43a5947e1d0046d537c489253c |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359485910_4176
| MD5 | e164779680e2438b7817d8a017759416 |
| SHA1 | 7c08a175e8d57c21a30d097f6de2a7c1b8175d00 |
| SHA256 | d02debaec7bb86aaf614c8ccc82b83142b1185b2b2908a49d5408ff96fff24a5 |
| SHA512 | 317cd98651e45ace4aef4b85227ca1cce8e76f0a8bacfd7976820ed66aef1c1a77f6253c3b2958ef578a816826bf4631c1b09a6c245a472270c85957389528f8 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359486288_4176
| MD5 | 5da7cd24015055e4713f3246c9784238 |
| SHA1 | ac690cb407066911d856d8c5952a1419529ada71 |
| SHA256 | e09955145f5ad0e6b4ac05fb03a6695dd536a6a8624333e43ceb82aa728f24f0 |
| SHA512 | 170c2c77182a57b4314bc8e12bc31887b33c4ea27dd100eb9331e6084b7c7edc27f65dd77fdbabcde95da8f93806414dfba061b39ca7adec057bf5a215d39d8b |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359486843_4176
| MD5 | 181468c267c7688b4bdf651b60a2ba20 |
| SHA1 | 24b8e14b1eaa5f87a07f4fb8ad74ae5e90f768b9 |
| SHA256 | 5c2c86e7c6e554de57c8d2639cf2d64ee1eab2c29d31239fbfe2ca6a14119322 |
| SHA512 | fb39e5943866f273a5eb82dcfbe8cf036c8346a3e1ce58910097acc9b99c0354cc95f24b08aa9c9f035e239183286cdc56f8e902d18a5d61cb31b7ae49b9d6fc |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p1
| MD5 | 2b2ff1f6a35c4446499c37c679ec8019 |
| SHA1 | 9bb798606ee64f1deb0fec14a85274a188065f16 |
| SHA256 | 1bbfad70e0453a2e32c9c9f410d594e241281f12c8a0d819b76ad8e7266ada08 |
| SHA512 | 4cfd6882a5d78cca651033550ef7cbd2da3834cea81b11366f438d940734c939e386bfdc00090054ef039652ec30a13fdb582e878735d8e37498dafd0f3844a6 |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p2
| MD5 | 9f546e22075ca25839e4ccfea0658443 |
| SHA1 | 74f219978ae2437d69aa5863d86a3539cc241e7a |
| SHA256 | 9e678713813380a35fb542090c3d2c92aa69262b51dd7f668ad9dab7a019400d |
| SHA512 | cf08c8fd91e7a6ae609cc600a27d3ca6f1ae030a953e7a048130d31631a67bc4d84e40c3fce3a3440005980b4444a967d136e9dc782d6208d12fab66847f6979 |
/data/data/com.huabian.android/files/_Ladder_Project/Archimedes_p3
| MD5 | e208adc736ee28918ba2d264203acb0a |
| SHA1 | dd5a5357e99c78945c8647a13cdc970cf9c8c89b |
| SHA256 | 0c35a650f56cd5621e2d73f51d28325bff885be6fac693fd67894aa67d1bbd45 |
| SHA512 | ed01289d5965acb33e56eb5ac4a8dce63775130cc199f831188c90104c7dcf5ba138980a75155796da12222005b3e6b6ba3b8685d214cb123ac81d3cea55428e |
/data/data/com.huabian.android/files/Archimedes_p4
| MD5 | c292fc751a1ae956eb5687a0c6b4e72e |
| SHA1 | 849d490f141d6d5dc7378464f29ae43b2723443a |
| SHA256 | 19f19e6ce7456304b3a50741428d6f59de1eb25744b228bce016a559ea810146 |
| SHA512 | 879a1de3de1f163079bd4da7c3819f9aa4a8427ba056f43a224c0ea1c760559a2742103f5a2dc8f89bb577a4a098cb9abe5af72b0fedbf9f4a67ad73f86004c1 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359489212_4301
| MD5 | 1fca8be5fbdc739c95055a6e77efd169 |
| SHA1 | d7f1ee256cf893bbb63213011e602c0dafea2ac4 |
| SHA256 | 9d77bce9cbfbe298c7da05aa67fbd9451c5ef873cc50200ec1a1aaf8bcd9b5da |
| SHA512 | 44db3bae48920527ae655bdf74f0e70db8f64c862497630641b34590ffaab9d08b4d3cfc5ec6290ef80a438ac80d52a63ab489b0568793a4cabf5ff94dd3352c |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359489407_4301
| MD5 | 69b0207de95ee425160db58d5d3acb1c |
| SHA1 | 988fcc0df3582b9a325c22f6e474cda2a08f5088 |
| SHA256 | 3d238bd1796b157058ad711abc79abe132dec519a8b1189661a52905ee9cf207 |
| SHA512 | 88eb22ecf176285734b09ad5c174776f2e14d2b3d17a9a6de1b3d99271822ec935489597cfc2642bde9a07cc26c104ebbf5c3476ea8af4c05714a550c70731c6 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359489573_4301
| MD5 | aa1f6f92366a8b4cf08838fc5e9a4a76 |
| SHA1 | 8879522560ba248d1821bd100f251d755037b9af |
| SHA256 | cfe02e9c01b5ff7c2d60b42702ba5bb300e5ed37b285a158ac229f60dcc9cb82 |
| SHA512 | 893b2e56ee9325606509a849b94f7feb10b193e1a7bbf0c363bfe61d2d465cc8740a978851c4808bbea5fc9d8f070a5eedfeef5583351c8e44e224569087c43e |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359495602_4176
| MD5 | 9d0ece3f5ed055ecfcdb77c77b661164 |
| SHA1 | 91290d384500391b54925f9c819d2fbd79991c41 |
| SHA256 | 8137ae41b5b49aeef84effe977b36ff93937edf96358608b79a4041c39d50c7e |
| SHA512 | cd9a72b50aade35db1389f35c905c10a78fa1cefa7e5b3574f6a57267d0d388eb9de37f431393315204e943a6b57fb274adf17527e7f095d120214daa3ed2184 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359495992_4176
| MD5 | 842fd2f5c09c241e85203f496dc42859 |
| SHA1 | 6ec98d536cb3102aa4b25ed778693f8fb5dd7691 |
| SHA256 | c456373344b2cfb1c874f92fe7886b68002cdd79bc194f94a4b80c1c6220cc72 |
| SHA512 | 81b3cba93422e5ceadb389aa98b91322dad1cf1bed81280f98beb433d0419b94a0e36fbfa0140b8a674bcd6b96a3f1b8f6fa70761f952a6df2e78638b64532b2 |
/data/data/com.huabian.android/files/tc_/tc_log.txt
| MD5 | 231daf0cdb5e880473ad44efa8b75a35 |
| SHA1 | 719ceff112031d8f3705c3b71854ee77c9b76184 |
| SHA256 | 887252f96385eb8fa167f314ff9f95c24557acf432a450e1d92eec2055442178 |
| SHA512 | 04960096e0f290c24093369899354961bb0fcd80fc200b9bc8baba54ccc845dcc7065fe7603121abe4157f795b939517443d013bf792b445bac08f085d0e06e7 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359535609_4176
| MD5 | f7cce7afdcd47f9943a89b61b80a5f02 |
| SHA1 | d0532af2f9d56b4b60359c6c96df1935ad027734 |
| SHA256 | 175ee0ecd240359567aa072db621cf64cda2c21e854a808bbb816487fd3335a8 |
| SHA512 | 221f67817f3c602664c999fbe7bec9b7edfafa0c9d4faafa083e1d01bef8a4958331d35d3d3aae6abaf546859114a9316347c31fa1405027f8914dec17b10a72 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359539100_4301
| MD5 | 90705e3e3e2d5e7738a00af997f205d0 |
| SHA1 | b76483fe0b3d5ef4a238df56d916abb963791b5d |
| SHA256 | 9bd3c4ddbfcfd23d8c24cced0dfdba5e01b9c02ce037672206a00b88382cbe94 |
| SHA512 | afa592ea7807474587d417291c5308eee8f30d0eb85d3b83c35581cbd15873435277e48bf93a3f44306d0f0c7eecb1112d66827da119286bb8a04263f365eaa0 |
/data/data/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359541031_4176
| MD5 | 0115e077c5de7228123f5c4ae6baaf2f |
| SHA1 | 0b0018f7f469c5b67f9cbe54b3ed723ec7115486 |
| SHA256 | b31b561e20d48c2cff64b1089e575bca7fa3a8a6d45ab32ec4d29c2c79ef4d22 |
| SHA512 | 2506291b8c76222f9aaffaed67e51e7c18ed76ac21fa662dffdc0847f435659b7a86a06279c040b4bb7b301ed747403b66950401c2e53040be0d48482d328ca8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 10:04
Reported
2024-06-14 10:07
Platform
android-x64-arm64-20240611.1-en
Max time kernel
69s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.huabian.android
com.huabian.android:pushservice
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | i.tddmp.com | udp |
| US | 1.1.1.1:53 | cloud.xdrig.com | udp |
| US | 1.1.1.1:53 | api.kantoutiao.com.cn | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| CN | 116.196.71.30:80 | i.tddmp.com | tcp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| CN | 116.198.14.42:443 | cloud.xdrig.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 1.1.1.1:53 | sf3-ttcdn-tos.pstatp.com | udp |
| US | 1.1.1.1:53 | is.snssdk.com | udp |
| US | 163.181.154.233:443 | is.snssdk.com | tcp |
| US | 163.181.154.236:443 | is.snssdk.com | tcp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| CN | 116.196.71.30:80 | i.tddmp.com | tcp |
| CN | 116.198.14.42:443 | cloud.xdrig.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 163.181.154.236:443 | is.snssdk.com | tcp |
| US | 163.181.154.233:443 | is.snssdk.com | tcp |
| CN | 116.198.14.42:443 | cloud.xdrig.com | tcp |
| CN | 116.196.71.30:80 | i.tddmp.com | tcp |
| CN | 47.96.72.227:443 | api.kantoutiao.com.cn | tcp |
| US | 1.1.1.1:53 | sf3-fe-tos.pglstatp-toutiao.com | udp |
| US | 163.181.154.236:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.233:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.233:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.233:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 1.1.1.1:53 | av1.xdrig.com | udp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| US | 163.181.154.234:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 116.198.14.49:443 | av1.xdrig.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 116.198.14.3:443 | cloud.xdrig.com | tcp |
| CN | 116.198.14.3:443 | cloud.xdrig.com | tcp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 116.198.14.44:443 | av1.xdrig.com | tcp |
| CN | 59.82.29.249:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| CN | 116.198.14.27:443 | cloud.xdrig.com | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 116.198.14.40:443 | av1.xdrig.com | tcp |
| CN | 59.82.31.160:443 | log.umsns.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
Files
/data/user/0/com.huabian.android/files/TDAntiCheating_Switch_Value
| MD5 | 55a54008ad1ba589aa210d2629c1df41 |
| SHA1 | bf8b4530d8d246dd74ac53a13471bba17941dff7 |
| SHA256 | 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a |
| SHA512 | 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339 |
/data/user/0/com.huabian.android/databases/huabian.db-journal
| MD5 | 8270dad4a133782c03e50533d1dd9938 |
| SHA1 | db7a257d9175b7b09c2c5d46d8a2f165dabda430 |
| SHA256 | f517b6a8356c070651b30594a463a0f2aceb7b21ee78139e2db63b039c50ed6c |
| SHA512 | 57c6b2c259a24fc1ee64756bad0c95040997f6c6b342b69ad4494cf763c7949f3d5486e004f8a1e0829f75f04da06a94d324d906652916c4e401e1eabace7187 |
/data/user/0/com.huabian.android/databases/huabian.db
| MD5 | 64136f1363e918d941e5e0af0db5d259 |
| SHA1 | 3eb91555c5ae436ccb67a97e8226f9be33135c74 |
| SHA256 | 09632676bead1cb5ec689e10a01995687de557cbad56d8823d75a93d55598202 |
| SHA512 | 5875b78d3cf75ac39303be97f81a973ac12004562de42cb33a1a54445f9a190654c0f1d75fa7ca894ec0ae160631b5671dab8fe4506f8cf6bcc8614197dc8e2e |
/data/user/0/com.huabian.android/databases/huabian.db-journal
| MD5 | 7977a0317642ff30aea04a3843bba59b |
| SHA1 | c460c3a660ac9c44919c80c494034db67ab56b44 |
| SHA256 | c43af95c55c2f5c29e6bfaed94ff14108ddf815f554ead87e83b21e4ba628f66 |
| SHA512 | 17d340db292d906147c508b48b0b1c2975587d77481834806bcbfb4100405936207110fb241dc0c9600a7873d6eef20d4b8243104ce1815995aee0d7b0c7ea3e |
/data/user/0/com.huabian.android/databases/huabian.db-journal
| MD5 | f1d5c4e3e361a281a88accf6929c864c |
| SHA1 | 7fdc15d25958658183187596d9e5caf3cc7aad8e |
| SHA256 | df5c8f00a8afdab4956a5cff9effdff9dcf712494d284aceec8ac4b74088794f |
| SHA512 | edc27a50f6ec4e3c3093bb27168e8ac7d1dedae8d2aae71a32004c84cfc7d9dfef40afe09b762fe7d9bd2da7e53360dd859f5cbe537f5c65d2a3c9eff2cf0ea8 |
/storage/emulated/0/.tcookieid
| MD5 | 900811ce1164d3c7b2d2ace2c227a20a |
| SHA1 | 62daaff612061c8adbac7083493d36b7a806a1d0 |
| SHA256 | 0ef67e258506182066ca328d4360e42bf014fc7746d53d04fd57ebcd6585df0e |
| SHA512 | c6bd3e0466fcc9a30bba55a10761c4b29fadcaeef7b3f1c380ad35f34ac01cb2eeba01509e1026c6f5121f255b2067a3ecda0e5e18386a320526252ade35efd1 |
/data/user/0/com.huabian.android/databases/downloader.db-journal
| MD5 | f8bf2cf94b82af36499f1d5fbff94cb2 |
| SHA1 | 709be26b11c33373e89239c983ea7890383a3c9c |
| SHA256 | c85bcd504608d76b4b73ba8138606f94664eddbe9651c0c745dd3d00413b61ef |
| SHA512 | 68a317ef6fc86f7981e48562442c70be5fcf7933b6b69b880220c1e87be07a3443dbcd9167a1428548a71d5714b856375b2391ae23863cd5e5843abc99d99774 |
/data/user/0/com.huabian.android/databases/downloader.db
| MD5 | 8073cb088785fcf134424799ce72ac12 |
| SHA1 | e3deb07b744dfb5a99698ca5ed03c8e05526b165 |
| SHA256 | a7be103c90c92406031d05f84705415db2a8d081362af527ce8012ad0706b35f |
| SHA512 | 9236f9dfb37159f15a393be1fcf73d0ed2ca920e93fa0e5323c2ab854f3f5d23ac813d684100a5376eab2b35b663d608f29e6299c715a9928c9c4f392e12b5f8 |
/data/user/0/com.huabian.android/databases/downloader.db-journal
| MD5 | e6cbbd3fb6d9c1a61434cc49ac856542 |
| SHA1 | 4803aea50a15d1ceca77c1867f33b1f779d6fc39 |
| SHA256 | 3e01cbff09abbda4d79b65bbb8c9dffdf1b32b2bcb45bab211d94a92ac0ad180 |
| SHA512 | 7fc3881d05e089babb8dad44deecfbae556fa809587a3e0d79558beed53ce66345e261289e91fe63327dda66db34efc70f60c22af0250b82e7e1a859844633ee |
/data/user/0/com.huabian.android/databases/downloader.db-journal
| MD5 | cc6b381750f57aeabd288e6057e49d89 |
| SHA1 | e674224cb1afbce0082963a685cd6afc3dc22e0e |
| SHA256 | 977de9727c94fd3244fa248b298d2f396745d5f0acaa5009740fffed6df76a94 |
| SHA512 | f1b8e7950e9bd328bb66cb7743c18970c4f439eb2fc1685db78f0eb6273160877a89b14387f1d64898f79a48ff67e69d15ae9b27930653bf0e68c6898da08f32 |
/data/user/0/com.huabian.android/app_crashrecord/1004
| MD5 | 2d6b7ea1ba5b57c5cf090b08470a16ba |
| SHA1 | 60118ba8903fab50ea2fc5b9fa4caeac7b36c091 |
| SHA256 | 4587d210b0f3e6299c109c593d03f03fb81b0d2e02d2ba6da87c07b2f7426113 |
| SHA512 | f1ac2e35aed402b5f0ff9518090a5677545d86884bf712bfec7c02b559176a53d40cba4d446c14fca79de09b972f7ab6932ea14e17841ff78c0f2c79efede8ed |
/data/user/0/com.huabian.android/databases/bugly_db_-journal
| MD5 | dd69200f89aac0bad39a94023b9bd8b5 |
| SHA1 | baf7519ec1d4de704716d4612db723d3af40af3a |
| SHA256 | 559c8875aae332530efbe5e12574cf21b7bee1e3284df1840687ccf1aee90182 |
| SHA512 | 41717bc1c14cd75803f5287ed0120c6d4980657b838066a1073114375ed619f6cdceda270bcf2cdd444d5ba3103add755a57170bcd9c9ff84151bdea1be2f320 |
/data/user/0/com.huabian.android/databases/bugly_db_
| MD5 | e72f535b9b46104562001e99328d3383 |
| SHA1 | 3de1afbc2523217e1de8f34b46552d1110290a3b |
| SHA256 | 520b06be3966385062e2c2aeefa70d4d6e16709ad1a3b1189cf672b9035d1526 |
| SHA512 | c022053d10e3713f2ae61ed2ffcf4832cd233dff0eb4b90da2d58d9d6e411ae2084b072b2c5f2b06b4d37e57bf821be655695e9b0aab718de7c27a12ea5eef3b |
/data/user/0/com.huabian.android/databases/bugly_db_-journal
| MD5 | 3ce3717e15fb34c8d1c7bbbb7d9a8532 |
| SHA1 | d3156bbdb0e03cc783ef075beb501691765a17ab |
| SHA256 | 2e46f5c27c49fbe8f1e68937e156c23eb8ab73119ea92da23db8a44b44d65ad3 |
| SHA512 | 44113074b45cab74315f592af8c1bc90b497d66f0ec94cbbefcfd681388e885849650d32ef2c90f123c8753106888d00bfca1846dcf6567ec67365d2e4528666 |
/data/user/0/com.huabian.android/databases/bugly_db_-journal
| MD5 | 3dede1eb080baf00f2bda0fc2e6d4717 |
| SHA1 | 6f9d6ea7d05329bc16d06cc600a5df9a16b018c6 |
| SHA256 | f4d708ac1ccf62916b0feb17463aecec43a209f3e6ec8d0389fe40750b919d32 |
| SHA512 | 49f54a84ccd1101d4823bc36c7b65e042cd98e959325bbaa891b2b5ede38c8e22df70884f355263420ca52f31e2406c4b023e67d07b2e90502e7f18f6e69508c |
/data/user/0/com.huabian.android/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/-5998622401067643521
| MD5 | 5bfbf50d55120d05de587b70de35d00f |
| SHA1 | 2bc9f28ee625a5d6443057d1eb6b51c8c0bdc16c |
| SHA256 | 2316eb891cce195fb5ab9f4a9c2e8b801bfd9baf28d8a031b4aa1974fa6db951 |
| SHA512 | 121144c53559198e6af1b777ec4a69281c3607efe52bf412e65f5794fc83edbb84289ea3f094729aa073b9a2e2ea2a3e94ed6cb1806529bd42bac01b65adbd66 |
/data/user/0/com.huabian.android/databases/bugly_db_-journal
| MD5 | 6b06118eb050ed629d2e1da857a297d2 |
| SHA1 | dd4e9daa3287506f915c1249c285436d7c5298e1 |
| SHA256 | 7316af8ff5f8131b2c8f83d874754c8b2d98902f716803f3363a0fbca66e6a68 |
| SHA512 | 6edc9924fef82eb9797e0d8bdcab245684ab01f79b3723e8531e5c80f3a658e4b312c84fdd5ae7a616b19f00eda41d3ba834b1f38b0b586d1d3f2d1a95349372 |
/data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/1021689741840853517
| MD5 | d577435a1df554291c99b5cc453a58d0 |
| SHA1 | e41cf5263c5dfb3fe8c73c11fe26ea07bd588bfb |
| SHA256 | ae5c9b9f8af8a76c174a4cd7b67ec8f97e3289fe8b5ff226da4055ae9f888f89 |
| SHA512 | ddc92cc3f67ee867959fa6c3401b17f8670e2751139fd438f20cb1b34bcd9a226a2d436dce5d2fa5634a6ea9e170d7a684df12b1bd119da1034e488012174775 |
/storage/emulated/0/libs/com.huabian.android.bin
| MD5 | 03500f89713926c852c87399595e8bec |
| SHA1 | f8da4abebbdaa183b3e09c6e354aef0185c45583 |
| SHA256 | 1cb97f169bfde2fa47827fbcfab60a8cbd7828e633a060e5445f2799559a8e7e |
| SHA512 | 42bdd02e05f1e449825641fade33af65f7b7fa99443b2bf2e3e5927bef80acf96113208379243e98bcd7cc11ec1de893585be2034264027be8aa3eb18983ca2d |
/data/user/0/com.huabian.android/files/TDCloud_Control_Cache_Param1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482251_4610
| MD5 | 7efe12b16619b587d61ad25a64987cdb |
| SHA1 | 0d243d8c35b89080d3bf096466d5eb8635b1576a |
| SHA256 | 8fe1cbaeae6c5cf93e38a5640257a8e11a728705a6f208b4ecc46c7dae7f5df9 |
| SHA512 | dedf6caa86a57219cc3c1d299122a6369617349da1f6c7a7e2ed4c62894c222210bf01559aea6eb2cff2b7d4d4856ed0f8496e67018ae8d1bdd9ff9ca301bbe0 |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482346_4610
| MD5 | 30625f345d3e26ed4bcafb2bce794b74 |
| SHA1 | 62abdff57ff68b56c66ad0fdb3795ab8a1e84266 |
| SHA256 | 337be77df271e995f2f7226374bfe2b16adb42f0d87f5d812b62214596f0a76e |
| SHA512 | 0c2d6cae9d5b8982eea7502446f27db86a9450e402e09ff7ff25c36624ee584a3dec756ad6f85d95c7cd6fb0b922bacd232527abcc2b1caaf5f7fc5247701c87 |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359482436_4610
| MD5 | c84cc641fc230a3e97b14d7fcad726fc |
| SHA1 | c8e3acdd9a1965ac75ff11a32d7560f8989839f2 |
| SHA256 | 1277814bfc9f9fe7308a2ec8800616b2c5f4c57c33e9cde7aaa9d9e8055f7e53 |
| SHA512 | 840d37cc8d0f57f1102751f09e2f472d2a07328562b25ee322cbbf67d8572d0fa2e68db37460ae784c34a299d951f6cb83561f396cd519772f52583fa54c4e68 |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482557_4610
| MD5 | 4da818ecda8dd6030cb9342cfb6e66ac |
| SHA1 | e623cacd451b37baccdc4a8fee452957ebdf75ed |
| SHA256 | b39d04ef346f3706334541ac3cb0437abf96b76e5db60973117bbd097e904de0 |
| SHA512 | 1693afb6a9245614952cc460a506a021c96fc27757b3e00c3fce2bd965980119ba481407f4dc49410c7be4ccaf0803adfcdd53f0385c24b7bc2e9fe7aac37778 |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482875_4610
| MD5 | be5921a14e52f8da0d65febbf2aef6df |
| SHA1 | 0b33ad98ce74c38239c1116a86a3788b9d02df28 |
| SHA256 | 19bb440648d1b51b006f07ccacb3e6bfe39ec12761a44be0125d618430d297db |
| SHA512 | e5983e1b7db13785258efd2a4f5f380ca9e2b353cdb01290bc5fbf315f5977fd670035b6cbf5173b4ac001b41062dbad62788f3de952a9c38a0cf494e15310b3 |
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359535678_4610
| MD5 | c86df955d265a8c7794acbed5345b16b |
| SHA1 | 6db3055281d9ca519ea160689f2352330ba17e1f |
| SHA256 | 50dcef6b9b58992d54cb5b039d8a072f685f4488b06ab3ea728703343373741b |
| SHA512 | 2ec0ef238e77968eff873436b6593b94f12cc71f3f5e3ec8b3568f09bda0befd25cee07ed616b220d1fdbad512d69752074383b8de68c084e089c0f4fea5be14 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 10:04
Reported
2024-06-14 10:04
Platform
android-x86-arm-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |