Malware Analysis Report

2024-09-09 17:38

Sample ID 240614-lj42ssvcqa
Target a8fdbb3e2617ab4c8b8e7c8229618b08_JaffaCakes118
SHA256 a5ed1248d020c54975bcf50f4ae282fa6241de3312c008b2b41bf69bc552d69d
Tags
discovery evasion impact persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

a5ed1248d020c54975bcf50f4ae282fa6241de3312c008b2b41bf69bc552d69d

Threat Level: Shows suspicious behavior

The file a8fdbb3e2617ab4c8b8e7c8229618b08_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion impact persistence

Loads dropped Dex/Jar

Queries information about running processes on the device

Requests dangerous framework permissions

Acquires the wake lock

Queries information about active data network

Queries the unique device ID (IMEI, MEID, IMSI)

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 09:34

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:38

Platform

android-x86-arm-20240611.1-en

Max time kernel

179s

Max time network

171s

Command Line

com.damsy.soupeajf

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.damsy.soupeajf/files/1718357717304.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717367.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717362.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717416.jar N/A N/A
N/A /storage/emulated/0/.push/.app/source.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.push/.app/source.apk N/A N/A
N/A /storage/emulated/0/.cache/.app/.lib.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.banner/.app/.ban.apk N/A N/A
N/A /storage/emulated/0/.banner/.app/.ban.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.damsy.soupeajf

com.damsy.soupeajf:remote

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.pandaad.net udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp

Files

/data/data/com.damsy.soupeajf/files/1718357717362.jar

MD5 83cf98a8a0c81c31f961dfa319043fe1
SHA1 7c3c5c75ccb1e34cbf95927223b6f2818ee85a3d
SHA256 a527159aa1a9503c78af96a094ebf7be320cb7abf9b72467d5fafa1d3d2ab0c3
SHA512 362a91749c1e609358de4df99913d1a5ec30a1c5360fb55d7abf92bdde561d553542b3f36c1c9a27aa355082c6847dd2a0f71f390dd29e670c6009302707e1a0

/data/data/com.damsy.soupeajf/files/1718357717367.jar

MD5 0bd10d8e09797b3d5e0bed08962fec4a
SHA1 12fe4bba8ad69051712f46be849a7557adb6e7b4
SHA256 1d6515dcb37b1cbe99cd4da86ca89b96ecd6a782306b836007aea3887c79bb40
SHA512 f09595794d6479dc6eaca81f8d0c3dba0473516e5a7547cb68f0830cf9428beae2253b997be5b4dd0880f9ed941a3fdc64d220c302b2fe267b084ce304fee700

/data/data/com.damsy.soupeajf/files/1718357717304.jar

MD5 2b8e5133ab70faf0d60773c2479784a8
SHA1 4bf07ca019939c97c370290b2b130782ec1ee9e4
SHA256 0089673365d16f03f0f62c9bb2bcab85cb6e0a9becb887536f74df45f4a96acd
SHA512 57454b5966d458004a4823f83105fed25e8a44cbaa3a74dfee5d1aa178c9c17cd442487dde2c78c9462922ca3b3d1a353925121243c350f99e0c7b8a42c7d2c4

/storage/emulated/0/.push/.app/source.apk

MD5 96ea7a09349f6f9982dc8ef5c411c6f0
SHA1 284bab45851c666d0d6abc697e2d0891be9fdd56
SHA256 aaba756d68af1a524e81fc70a83f90cae57ea1d903f7e86972bfde60a5e49762
SHA512 40eb94f2ba66ce2489bb1dd9204813c4ffc91e604ff95c7c1c1948ae614c1f0b9925a49064e23c034274acc349b346dc957a0aba2113a0ab677ae65a99d9f2c2

/data/data/com.damsy.soupeajf/files/1718357717416.jar

MD5 73509df1eef0c8db0131e1cd7199854f
SHA1 6b67ffc1cd28df948925e28d19d21d129c7a687d
SHA256 546736bc57ea8fd9b8d221c8c54e36dc2b91bff5243bd19620c9612c7a83db13
SHA512 5af99144d95775abf6fdb1e8616ac2c8fcfc94f5c4e28b0970f50cd57b7100c9f568fb0698cced4cfea55662e6ae8663596d4285cdb561cceb8094d3108a993f

/data/user/0/com.damsy.soupeajf/files/1718357717304.jar

MD5 740d10777a7b40da9c4aa080a9208eaf
SHA1 a410ef0845b6d5182bbb867184bd1d701a8d46a7
SHA256 1ea495d49d4f2a359def9c53c69ee549cb61eb23fca40d0caf147a7dd6317031
SHA512 ed59e78a7f26491656d37079367bdf5d4e31cf299c6029c91552c0974763640995b316a31ec7eba2fad4a982c989cffcedf5c3ea8c0e3ef422de3e4546087b36

/data/user/0/com.damsy.soupeajf/files/1718357717367.jar

MD5 8412b9027c7850db441740db3c8d088c
SHA1 8ea035462a4c4fba08e3acf889646e5bc0aac549
SHA256 fe5de45be505d29feae4674b32c0018f83c0cebc768086bfc46d12f33456b14b
SHA512 5416cbbb16719c07ee51e5de9a532c62f37a3cead789a9ba2fb85a9a2a8d869eca78cedd85bd7b7dbcb226b08e1b85e2745f1f4bf9bab423940bd172e8239311

/data/user/0/com.damsy.soupeajf/files/1718357717362.jar

MD5 075dd329368aae37b58c88421c5ee793
SHA1 e207f5d3bb937b375dff1a9e823231aa3725e950
SHA256 edae0a3af40d3ef7229ccf565d27452977ef1247188eb2f31939e778e8553a76
SHA512 74e702fb4e64c6758f1d10ea9fe049ccfe4d0ec4bf0c68db8ee7f751f18081d9475abd7cbb4b8d4924bf8c76cdbe418aed1a0b292434d0822bf8a153efceddba

/data/user/0/com.damsy.soupeajf/files/1718357717416.jar

MD5 f64fc60eb98c91dea65430da07fc7f66
SHA1 0033519a40ff367dd3a7deeb9dda00ef46074421
SHA256 baafe6a8e530fbb4c9c59868864ba589c60485a64d94bfdae5655b5d7fb5f604
SHA512 7b06043da10bc6ebc0335400cd0d73c68b087dac6cbd1e665e75d1074b75e3c93018f1f88bbbce9bc0f5b1c29e66954f776546a217a5ef726c9b96e3efbc98cf

/storage/emulated/0/.secur/.app/framework.apk

MD5 a01d86472bd2867dfe1b839dff48225c
SHA1 de104b23dab692e929e6a9100e396333abf444e4
SHA256 2964ac22fb76130a93037c23d358731d303e0d1e26f1290128a7e7326ea755a6
SHA512 24b94cbcdbdbc3612d5086aba9de9dba0794c30d2406ce02c0ebd9efdc44fa111160a6a5b209bcc6792e276829bd4143c17b99c45315208846b74cef8402ee53

/storage/emulated/0/.cache/.app/.lib.apk

MD5 1c91afe006f75ad641a08d0c6988f802
SHA1 6a3866937c39598b515744f466cd36f0a4106a55
SHA256 08683748eca16e19b26700dd4e76344baa733da49eab0e05e50ac6273c46a536
SHA512 f33b085832955e82111f8e98e2beaa54f33e97316141875cd757b9783664e945edcbae9a3148ef8070e2ccb673403153e29f92946092ff44ff6e5c0101fd4f1b

/storage/emulated/0/.banner/.app/.ban.apk

MD5 b985e8318311d26b484f6d70b1c6fd1b
SHA1 24908076ce774fcb028c3406f8e4a123ba84528e
SHA256 6b5d780bdbb348f255b25115785222acab0766c612c3fc9151cafdca4a0a1a50
SHA512 34bcbdb0c7e685333dd7b839525d7f2681cc647720c051d3a35b21741256369aeeb43aa5d3763d2e06b934a696eb6683e4376c3b462a631bfd6f590f0c87166e

/storage/emulated/0/.push/.app/source.apk

MD5 ab161986f1c9da41148e46c5a561d15d
SHA1 ce075783fde23b69e0fb4359e2866a344acbac9f
SHA256 512d59cdd5e2cde06eb1d01f486257a89807b2f73de4dfbf2e9183d0436e747b
SHA512 0842c8e0362b07d2f39bbab69f33e71a6bc9482a92637bcfd7d5ebbe125b1310bb96b907c821cd051271ae588cd8b53226c9b261f5074c02fd1df12a021b2cdc

/storage/emulated/0/.secur/.app/framework.apk

MD5 d1b712822b3c0290933c48a123e0d0eb
SHA1 d4df9cc1abcbd023c75e0d7456a37f60ff1d2ba7
SHA256 bd86004b1a8033aad8e28f3634c211569d23c8e158ceff7ae06dbe87ceec0674
SHA512 c0b8cb6f8ddb4c3a44cdb441119351d58a1f2977511e045c3daabf2097f484424ca3c062062ee0aa40e7b69f627cae1d0a5011a598f975bdb594430b018eaf83

/storage/emulated/0/.cache/.app/.lib.apk

MD5 4b1ff2a5775526636356d97bbfb68928
SHA1 be2d63b50032b00fc3bf0e05206cdeef0d742344
SHA256 e26e7b651e8a7d5a6ec10f0272db5ad3e3dbccf991373f2f7aed054449aee0da
SHA512 041b88c4f9efe4bb9169840cbe34f1210a54f242e3b36b157821df6336e6e952a4626b5d8ece94779a68bd2cfb4906e6534069f5a09a5913b762ab6253ee1b2c

/storage/emulated/0/.banner/.app/.ban.apk

MD5 98cf7bfae8414760da77d3b6297bdc19
SHA1 f34745b5ddd8680fd4a5625d8fffcf3cf725bcf5
SHA256 8228e605d3fed288e19e613b31d255db6baed1e5bc0ce9998b14e7e2daacaa38
SHA512 c9e646d9ace5b5fcca23c65a529dadd020195f86a5a79ab8b541bda6daebebc47b803d66c470bf61ac8a17262895ff51a3967a3014ce5360f6a997830167d83f

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 2ed26a79602f4d552aa337d0e46267b8
SHA1 087304539c91ed995e18b04d42abe123c081fd3e
SHA256 77fd942fcd5787b61e4db67c78979536d1a861bb0b28149542f7f223019a7a4a
SHA512 5d38473adfea8227d203f0c6b588583e7ea0f90cfb4da3e8725dc811f2c5ee22ab2f3cb2002c28042a5e4a990286c19ea117c4cdc2f84edbf215f03490e167b9

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 d4fda447be58de8656f7267c5ce2adff
SHA1 edde01802b846cf9d1ec35d19191bd737bb470d5
SHA256 e857a6d3f93f50d83c58c43b991046abdbb4a6b8cbc2cf713f3db064fbd148f9
SHA512 173d511bae11821d427da058222519192996d2bf80d24a33a434c6697b923ec790829e023900afa8fba988d4a11facf4224946f8f4e198d4c56907e39c60da21

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 0c65bdf6d59020c95d82a9ef9344a816
SHA1 696194502cf8a2f69746e4e0fd87d04e76ee9b94
SHA256 020e177636fad4dcb3d970a669a249bc0a7ee8eeed381d29493a4ab8214dae71
SHA512 eeb7a3087107b2f65a4ff908622f80c02ac562d79c99280f7382cb5efbbf7fa4394e7797d11ef5db1e82f56f3b0d886f0a6ff31a9016cb15a3c3eecd1c539651

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 14f2ecac1abb5cb56820a895a8ec8532
SHA1 f6d0fe1f11cdcb6e4b635f0976b6c809f3a86ef3
SHA256 70b55511157f8517d566e601a8338abf0c9fdecbdf5f93b9befb46ecd7a01238
SHA512 49fb6f41461c6c4a140b263749dbcdd68b29401422e8412f639e83462da378b28518c22df5d8c7c98e4d6df0714fa0cf0fee98689e8905cd44726fddf4ff43ff

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 c5756a0df9add85290d9efbc830f816a
SHA1 a8539da2d3ef5fe46bab1bf8d64f14083387d4e4
SHA256 190f8fe7d38a234c013f37818f8ef28bdf88cc6cc155db93b7d4baf7b272d65a
SHA512 abcbf43f7afbe633ac366d70dc99b319e8d96431014aa9349b7bc4ed737ada9346421842abbcd01c900bfd9cbc7f4cde93538258eece104cb4a31503d710ea99

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 90614bf4c63823baedeb1f0ec9b7bb3d
SHA1 bc6ada1697900ce85c4bdfaf3a1f15c24265307a
SHA256 27ca4b6c2e4dd16349c5aa20679df4045fc20cad70f8a19c1ebeeebbecd3d525
SHA512 4cec63bbab91aaf40e2eb7dc92317bc7026a501c3ae9d57795bdb0dad275db286d5b33c0b6ccfd9128a48b913a102c3fc4e32fe858068aa1c3a20041471915ef

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 2bc5170a0d72340a7a5ca03bcdcf9547
SHA1 922cbfd941322dcb55261f446089f8422a413e1f
SHA256 6a1b2ef639dba65d447d1c4f6bb5373df6fe2babc4527d59d8299041f5b55f85
SHA512 0d9aafad2789f6b61418f8de090c0661b16b5c35107d59d43cce6127c200477e07d3bed6237b9d7ca99888a66b17e74b9499f70ae17887928bc6fd8048f3a668

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 ca075753ab2e9c6815c15f209a8dbd75
SHA1 0958a1030f15835b41b71fee2d02e933e65015ae
SHA256 43887e39fb8be348790e9f79b9ca0247a7bab248f44408822799741f4f0173fe
SHA512 d435a6141865872d36d00ad6ede41efa91a126fb0981c9624d825c604a205a91ec1e5a46948397c371f9dfda4ec6929747612f92c60486041618ae1bf90ced90

/data/data/com.damsy.soupeajf/files/oat/1718357717304.jar.cur.prof

MD5 1075a920e64f18774db5432975cae04a
SHA1 7ac64c2c60ac8bf0a70790c92dd4e66d327524ae
SHA256 e883648e9adf23719e919387dcd10cb8b994548c1f858630294f7bf77157be55
SHA512 7e7ccaf0f1d83e5f7d46d1fdda30bcd5e89e7ad8afed86fc0403c7ebf3ba8b351209519e9f4ce641809344596793edcab7f7c1af1c2d511a8722ecee40ce6147

/data/data/com.damsy.soupeajf/files/oat/1718357717367.jar.cur.prof

MD5 3f7d36843e7062f27c6ac32ab1e8e3dd
SHA1 15d8067928f3e55ea337ec649d0951a314d92940
SHA256 950596eb2300a4f10d89ae149fc79995d1dd96a2d84e18f2829be137452154e4
SHA512 289ac3bf9e2c13949a9b4e64fa2cfe6bc0aefa451fe83506bc6a04a38bdc744e5f3ac8c360e2d2c607c093b6f0c79840cdb6c6d15847d9faeff4429c388da292

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:34

Platform

android-x64-arm64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x64-arm64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.16.238:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:38

Platform

android-x64-20240611.1-en

Max time kernel

179s

Max time network

131s

Command Line

com.damsy.soupeajf

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.damsy.soupeajf/files/1718357717333.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717465.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717455.jar N/A N/A
N/A /data/user/0/com.damsy.soupeajf/files/1718357717530.jar N/A N/A
N/A /storage/emulated/0/.push/.app/source.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.cache/.app/.lib.apk N/A N/A
N/A /storage/emulated/0/.push/.app/source.apk N/A N/A
N/A /storage/emulated/0/.banner/.app/.ban.apk N/A N/A
N/A /storage/emulated/0/.secur/.app/framework.apk N/A N/A
N/A /storage/emulated/0/.banner/.app/.ban.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.damsy.soupeajf

com.damsy.soupeajf:remote

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.227:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.pandaad.net udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.78:443 tcp
GB 142.250.179.226:443 tcp
GB 172.217.169.42:443 tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp
GB 172.217.169.14:443 tcp

Files

/data/data/com.damsy.soupeajf/files/1718357717333.jar

MD5 2b8e5133ab70faf0d60773c2479784a8
SHA1 4bf07ca019939c97c370290b2b130782ec1ee9e4
SHA256 0089673365d16f03f0f62c9bb2bcab85cb6e0a9becb887536f74df45f4a96acd
SHA512 57454b5966d458004a4823f83105fed25e8a44cbaa3a74dfee5d1aa178c9c17cd442487dde2c78c9462922ca3b3d1a353925121243c350f99e0c7b8a42c7d2c4

/data/data/com.damsy.soupeajf/files/1718357717455.jar

MD5 0bd10d8e09797b3d5e0bed08962fec4a
SHA1 12fe4bba8ad69051712f46be849a7557adb6e7b4
SHA256 1d6515dcb37b1cbe99cd4da86ca89b96ecd6a782306b836007aea3887c79bb40
SHA512 f09595794d6479dc6eaca81f8d0c3dba0473516e5a7547cb68f0830cf9428beae2253b997be5b4dd0880f9ed941a3fdc64d220c302b2fe267b084ce304fee700

/data/data/com.damsy.soupeajf/files/1718357717465.jar

MD5 83cf98a8a0c81c31f961dfa319043fe1
SHA1 7c3c5c75ccb1e34cbf95927223b6f2818ee85a3d
SHA256 a527159aa1a9503c78af96a094ebf7be320cb7abf9b72467d5fafa1d3d2ab0c3
SHA512 362a91749c1e609358de4df99913d1a5ec30a1c5360fb55d7abf92bdde561d553542b3f36c1c9a27aa355082c6847dd2a0f71f390dd29e670c6009302707e1a0

/data/user/0/com.damsy.soupeajf/files/1718357717333.jar

MD5 740d10777a7b40da9c4aa080a9208eaf
SHA1 a410ef0845b6d5182bbb867184bd1d701a8d46a7
SHA256 1ea495d49d4f2a359def9c53c69ee549cb61eb23fca40d0caf147a7dd6317031
SHA512 ed59e78a7f26491656d37079367bdf5d4e31cf299c6029c91552c0974763640995b316a31ec7eba2fad4a982c989cffcedf5c3ea8c0e3ef422de3e4546087b36

/data/user/0/com.damsy.soupeajf/files/1718357717465.jar

MD5 075dd329368aae37b58c88421c5ee793
SHA1 e207f5d3bb937b375dff1a9e823231aa3725e950
SHA256 edae0a3af40d3ef7229ccf565d27452977ef1247188eb2f31939e778e8553a76
SHA512 74e702fb4e64c6758f1d10ea9fe049ccfe4d0ec4bf0c68db8ee7f751f18081d9475abd7cbb4b8d4924bf8c76cdbe418aed1a0b292434d0822bf8a153efceddba

/data/user/0/com.damsy.soupeajf/files/1718357717455.jar

MD5 8412b9027c7850db441740db3c8d088c
SHA1 8ea035462a4c4fba08e3acf889646e5bc0aac549
SHA256 fe5de45be505d29feae4674b32c0018f83c0cebc768086bfc46d12f33456b14b
SHA512 5416cbbb16719c07ee51e5de9a532c62f37a3cead789a9ba2fb85a9a2a8d869eca78cedd85bd7b7dbcb226b08e1b85e2745f1f4bf9bab423940bd172e8239311

/data/data/com.damsy.soupeajf/files/1718357717530.jar

MD5 73509df1eef0c8db0131e1cd7199854f
SHA1 6b67ffc1cd28df948925e28d19d21d129c7a687d
SHA256 546736bc57ea8fd9b8d221c8c54e36dc2b91bff5243bd19620c9612c7a83db13
SHA512 5af99144d95775abf6fdb1e8616ac2c8fcfc94f5c4e28b0970f50cd57b7100c9f568fb0698cced4cfea55662e6ae8663596d4285cdb561cceb8094d3108a993f

/data/user/0/com.damsy.soupeajf/files/1718357717530.jar

MD5 f64fc60eb98c91dea65430da07fc7f66
SHA1 0033519a40ff367dd3a7deeb9dda00ef46074421
SHA256 baafe6a8e530fbb4c9c59868864ba589c60485a64d94bfdae5655b5d7fb5f604
SHA512 7b06043da10bc6ebc0335400cd0d73c68b087dac6cbd1e665e75d1074b75e3c93018f1f88bbbce9bc0f5b1c29e66954f776546a217a5ef726c9b96e3efbc98cf

/storage/emulated/0/.push/.app/source.apk

MD5 96ea7a09349f6f9982dc8ef5c411c6f0
SHA1 284bab45851c666d0d6abc697e2d0891be9fdd56
SHA256 aaba756d68af1a524e81fc70a83f90cae57ea1d903f7e86972bfde60a5e49762
SHA512 40eb94f2ba66ce2489bb1dd9204813c4ffc91e604ff95c7c1c1948ae614c1f0b9925a49064e23c034274acc349b346dc957a0aba2113a0ab677ae65a99d9f2c2

/storage/emulated/0/.secur/.app/framework.apk

MD5 a01d86472bd2867dfe1b839dff48225c
SHA1 de104b23dab692e929e6a9100e396333abf444e4
SHA256 2964ac22fb76130a93037c23d358731d303e0d1e26f1290128a7e7326ea755a6
SHA512 24b94cbcdbdbc3612d5086aba9de9dba0794c30d2406ce02c0ebd9efdc44fa111160a6a5b209bcc6792e276829bd4143c17b99c45315208846b74cef8402ee53

/storage/emulated/0/.cache/.app/.lib.apk

MD5 1c91afe006f75ad641a08d0c6988f802
SHA1 6a3866937c39598b515744f466cd36f0a4106a55
SHA256 08683748eca16e19b26700dd4e76344baa733da49eab0e05e50ac6273c46a536
SHA512 f33b085832955e82111f8e98e2beaa54f33e97316141875cd757b9783664e945edcbae9a3148ef8070e2ccb673403153e29f92946092ff44ff6e5c0101fd4f1b

/storage/emulated/0/.banner/.app/.ban.apk

MD5 b985e8318311d26b484f6d70b1c6fd1b
SHA1 24908076ce774fcb028c3406f8e4a123ba84528e
SHA256 6b5d780bdbb348f255b25115785222acab0766c612c3fc9151cafdca4a0a1a50
SHA512 34bcbdb0c7e685333dd7b839525d7f2681cc647720c051d3a35b21741256369aeeb43aa5d3763d2e06b934a696eb6683e4376c3b462a631bfd6f590f0c87166e

/storage/emulated/0/.push/.app/source.apk

MD5 ab161986f1c9da41148e46c5a561d15d
SHA1 ce075783fde23b69e0fb4359e2866a344acbac9f
SHA256 512d59cdd5e2cde06eb1d01f486257a89807b2f73de4dfbf2e9183d0436e747b
SHA512 0842c8e0362b07d2f39bbab69f33e71a6bc9482a92637bcfd7d5ebbe125b1310bb96b907c821cd051271ae588cd8b53226c9b261f5074c02fd1df12a021b2cdc

/storage/emulated/0/.secur/.app/framework.apk

MD5 d1b712822b3c0290933c48a123e0d0eb
SHA1 d4df9cc1abcbd023c75e0d7456a37f60ff1d2ba7
SHA256 bd86004b1a8033aad8e28f3634c211569d23c8e158ceff7ae06dbe87ceec0674
SHA512 c0b8cb6f8ddb4c3a44cdb441119351d58a1f2977511e045c3daabf2097f484424ca3c062062ee0aa40e7b69f627cae1d0a5011a598f975bdb594430b018eaf83

/storage/emulated/0/.cache/.app/.lib.apk

MD5 4b1ff2a5775526636356d97bbfb68928
SHA1 be2d63b50032b00fc3bf0e05206cdeef0d742344
SHA256 e26e7b651e8a7d5a6ec10f0272db5ad3e3dbccf991373f2f7aed054449aee0da
SHA512 041b88c4f9efe4bb9169840cbe34f1210a54f242e3b36b157821df6336e6e952a4626b5d8ece94779a68bd2cfb4906e6534069f5a09a5913b762ab6253ee1b2c

/storage/emulated/0/.banner/.app/.ban.apk

MD5 98cf7bfae8414760da77d3b6297bdc19
SHA1 f34745b5ddd8680fd4a5625d8fffcf3cf725bcf5
SHA256 8228e605d3fed288e19e613b31d255db6baed1e5bc0ce9998b14e7e2daacaa38
SHA512 c9e646d9ace5b5fcca23c65a529dadd020195f86a5a79ab8b541bda6daebebc47b803d66c470bf61ac8a17262895ff51a3967a3014ce5360f6a997830167d83f

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 1f656894ec939b66f8ebb4daba2b0005
SHA1 a1aefc6195bde760143cb381a64ffd2d5ecebb93
SHA256 ef36340dd0053f40137c433448bd0b78abf7299e5c2af8f5c4a3a42945eeddaa
SHA512 e7708e26291f4b123d4f7535e335e46e9fb483749fba67a5d2813e69d080703659f38f840c044f7380eabbd151e09b6c72019fc372f9042ff951a819c09a3d07

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 d4fda447be58de8656f7267c5ce2adff
SHA1 edde01802b846cf9d1ec35d19191bd737bb470d5
SHA256 e857a6d3f93f50d83c58c43b991046abdbb4a6b8cbc2cf713f3db064fbd148f9
SHA512 173d511bae11821d427da058222519192996d2bf80d24a33a434c6697b923ec790829e023900afa8fba988d4a11facf4224946f8f4e198d4c56907e39c60da21

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 c9960a209a754f513ba880a17f2836dd
SHA1 6ac31088398a6487317756b2007315d53fb0b688
SHA256 1ea4668d868ca74faf9bbfa840de5c2c7fc82fdb176389fc80fa3ba683f736af
SHA512 3c176be51c2fb2f309031103f8125ba5a1d5dd0c40260a3c4f11391b31bf0aa49aa82d4a26e037417c1956edfbeca1ed1fc13a23d2f7d63b9d1939dee6939132

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 14f2ecac1abb5cb56820a895a8ec8532
SHA1 f6d0fe1f11cdcb6e4b635f0976b6c809f3a86ef3
SHA256 70b55511157f8517d566e601a8338abf0c9fdecbdf5f93b9befb46ecd7a01238
SHA512 49fb6f41461c6c4a140b263749dbcdd68b29401422e8412f639e83462da378b28518c22df5d8c7c98e4d6df0714fa0cf0fee98689e8905cd44726fddf4ff43ff

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 4a896cc62ca461a69cc52eac156cec36
SHA1 49e30bd79971c5b6354da23d87ae0da12e8494d9
SHA256 c30c1e6aa20554fde2243859aec54b525044c40a45f6b24eb8212040d87cf888
SHA512 56aaed7d50a0192e8756315606d38d5e8268ccac756476a11c6299b0ebc6594e7b83f253f21f839a0e21283ca4c2a6024b4f7e6aa46e40f61875641548932075

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 90614bf4c63823baedeb1f0ec9b7bb3d
SHA1 bc6ada1697900ce85c4bdfaf3a1f15c24265307a
SHA256 27ca4b6c2e4dd16349c5aa20679df4045fc20cad70f8a19c1ebeeebbecd3d525
SHA512 4cec63bbab91aaf40e2eb7dc92317bc7026a501c3ae9d57795bdb0dad275db286d5b33c0b6ccfd9128a48b913a102c3fc4e32fe858068aa1c3a20041471915ef

/data/data/com.damsy.soupeajf/Heriswap.db-journal

MD5 2f073a5630d0809cf217d0b90f937d55
SHA1 15bd8e469378a1923675d031e81a02594d42a99d
SHA256 28dff1752e759be5852cb61051dff441b1fe6411024278e76c53e604fc891d03
SHA512 a17168c7a09862369ab195b72728542299633ebb8d7e1e5966ab353f75f5753760e3af367dd12cbb8d3b773571a67e838a262a59f78478137c9bca2c40cac8e7

/data/data/com.damsy.soupeajf/Heriswap.db

MD5 ca075753ab2e9c6815c15f209a8dbd75
SHA1 0958a1030f15835b41b71fee2d02e933e65015ae
SHA256 43887e39fb8be348790e9f79b9ca0247a7bab248f44408822799741f4f0173fe
SHA512 d435a6141865872d36d00ad6ede41efa91a126fb0981c9624d825c604a205a91ec1e5a46948397c371f9dfda4ec6929747612f92c60486041618ae1bf90ced90

/data/data/com.damsy.soupeajf/files/oat/1718357717333.jar.cur.prof

MD5 42286f65b5578089f9740375afa6859b
SHA1 858366d7a8974c5519560aab10132138d69e1683
SHA256 89de084ab1427444a3f05ea3a27445838259900dbc0b7c554293e64589112d5e
SHA512 99327a6f1bb5074ed14e707c32081c7a9ea5744c7e0155f483ef62fbef0d3e92e9bc942296b95a4b4d1b212f764ec9c960014996f3e738f5586cae405965ca69

/data/data/com.damsy.soupeajf/files/oat/1718357717455.jar.cur.prof

MD5 9e7fdfb53e5739dbf25a8c5d98cb997f
SHA1 2cb9c88752e057ab42097e46e015a9b853cc6b8d
SHA256 dd332f40b2c53231093d8149510bc00a94135b5e0a324fc75ad83f2a5a660aa6
SHA512 40b7ff26b3822ec9808fa6b0e25fe264dbfea3b1a089fd92893b696d15ad9fce6d056f5c9d83ab0fdedbe4297ecbf6e56f969d072c79bb5bc188c669aa5daf39

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x86-arm-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:34

Platform

android-x64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x86-arm-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.178.10:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x64-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x86-arm-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x64-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:34

Platform

android-x64-arm64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:34

Platform

android-x64-arm64-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-14 09:34

Reported

2024-06-14 09:35

Platform

android-x64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A