Analysis Overview
SHA256
d327736e96b64af4609fa8e877e7e150cb90319c170ceb6fe0768d3a1a6c26cd
Threat Level: Shows suspicious behavior
The file a94fd74b5f7167645d8f2d1abc9d5778_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Queries information about the current nearby Wi-Fi networks
Requests cell location
Requests dangerous framework permissions
Queries information about active data network
Reads information about phone network operator.
Queries information about the current Wi-Fi connection
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 10:58
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. | android.permission.PROCESS_OUTGOING_CALLS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 10:58
Reported
2024-06-14 11:01
Platform
android-x86-arm-20240611.1-en
Max time kernel
107s
Max time network
186s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/plugin-deploy.jar | N/A | N/A |
| N/A | /data/user/0/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/plugin-deploy.jar | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
cn.apps123.shell.xibeijiudiancanyinwangTM
cn.apps123.shell.xibeijiudiancanyinwangTM:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | sdk.imap.baidu.com | udp |
| US | 1.1.1.1:53 | t2.apps123.cn | udp |
| HK | 103.235.47.88:80 | sdk.imap.baidu.com | tcp |
| HK | 103.235.47.88:80 | sdk.imap.baidu.com | tcp |
| US | 1.1.1.1:53 | pn1.apps123.cn | udp |
| HK | 103.235.47.88:80 | sdk.imap.baidu.com | tcp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| GB | 142.250.187.234:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 216.58.201.99:80 | tcp | |
| BE | 74.125.206.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| GB | 172.217.169.34:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | sdk.imap.baidu.com | udp |
| HK | 103.235.47.88:80 | sdk.imap.baidu.com | tcp |
| US | 1.1.1.1:53 | pn1.apps123.cn | udp |
| HK | 103.235.47.88:80 | sdk.imap.baidu.com | tcp |
| US | 1.1.1.1:53 | mdh-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | mdh-pa.googleapis.com | tcp |
Files
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/plugin-deploy.jar
| MD5 | 979403d0d9bbabf505bcc9a010961a9e |
| SHA1 | 02c0667f0fd46054646f33afffcb2ab009a457a2 |
| SHA256 | a431ff010e5a93642a703f9570bd2815686aec9d25f1c284d28468ad69a459b2 |
| SHA512 | 2b6efca77f4d20c0fb6907490fdf21f741733d03d136e4759c9229823e059c1dabd39d67aa632c9b27d5a1d0874bff89d2f9b66186616f10f2bd23731c83330c |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/plugin-deploy.key
| MD5 | e44ce9475bf5b3f20b13bc8e53fe2bb9 |
| SHA1 | e0c28e7d35663149e715a616bd13a200ad60fe6e |
| SHA256 | 39a7a682b9e67453c00d58bd950019419e8be4630387cc1830e83c4993ca85f2 |
| SHA512 | dc620afa0c51125a1bf65bfe98cfdf343ba7e9b961c978ac50cff9e0da32794cb1d4024cc41a2981466d5eeb2d0244af3e7ad24d76f092405952a0ee22735fc3 |
/data/user/0/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/plugin-deploy.jar
| MD5 | da1297bc79fef9abf018f832af677c80 |
| SHA1 | 5f52957c275bf7ec8b512a96a9bcd41a9771c9e3 |
| SHA256 | e901c2914b4b9627239e7db4c27b0d76fcb1130f40bbce2aff3fe0ab35a082e0 |
| SHA512 | a9fb67dfafd379cf5e0f4d5b61453a0a940f7f19bdad770c6bc5ba31906a30489d5cdb7b5e6f8a2515e0e978f2b34a08088556374124e1d036a22f287b612495 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/imei.dat
| MD5 | eb0110624d84de4d8e025f2c6e06f182 |
| SHA1 | 159ec00a98f1a5cc2b48aff9ed0d5c8ff79d7227 |
| SHA256 | ac775c190bfbc425efaba509d68b63d4c445fd6541a12d69c9d1395210b5b533 |
| SHA512 | c291fb5c8863e31bd2dbe8830fa0607f6c0c311a79a7c6428cdca4d3ab5b7d66e381e887df465bb7209118c1bb838ed1a03afa954345cadcb0a7fcf63ac45db5 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/imei.dat
| MD5 | 2d02fc44ed4a35a1fdaa4aa962f45bc8 |
| SHA1 | 28bc82506615de44ac64ef344745c99dc00e8ec5 |
| SHA256 | 6a1094a89e0abd1d31f17c078cd0a02609ef9723c4fe476f16030f63af35a796 |
| SHA512 | 584cd5aca1a4f430e860ff4358d6b46eab82bb2bb34de06dc26247a81d74171689430a02843973522db3da27d99d700accd1ec9984b34e8993dc7d70a9e729aa |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/channel
| MD5 | dd5b5400ce22b95eed36d7da5e613e96 |
| SHA1 | a555b9effb4d4d23eec4a27388e900794535ccfc |
| SHA256 | 2d4d52bd25b9fef9a3d3aad22e1ef4055915d236bbfc2b717b4582741c78906e |
| SHA512 | cbcb2ad0364d0630971193ac030faf6e536b94d9401fffdd83723ecc46e7198f57d3070e2a3927899718974dcde44f099dcb7bc974f238cd01fae236ed45f7db |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/oem
| MD5 | b4bf509abd7c826779db1d76d9c12652 |
| SHA1 | 89662643516153fa11c61beca219033223f1b2de |
| SHA256 | 7947dfdedcd3903f33fca46962d5ae49b975593fcd1d0ef81c594c2d851b55e6 |
| SHA512 | f58d12d651c89073d5904c4f7095529ce5b714c6b3f8a9dce4490dba696657986190a9a639643974060e55e9636e498dcfb0eed3c30a11f4ffd7f8a1a4adbe31 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/ver.dat
| MD5 | 53b25b51634b3f7f3c4ffbcef818b6f8 |
| SHA1 | 958716d37ef5e98397ae11e70b81cf510f54f16d |
| SHA256 | e41f18e196e8c4cdc4a7cab970020fd14e76da22c91fdb5d7f08d89c32ad7c11 |
| SHA512 | 1eb4f87459d064087fd86db9f35487092af6e96b622f80ac693ae5b8cb3867888da48ea19881e447a327a00abd17c715ac75d89a4998a9b5273447d15905ba17 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/CMRequire.dat
| MD5 | 308856bcfe2e6056b05aedc996be7ae9 |
| SHA1 | 7021d511881ed383fb4c9083549cd5789382dd9a |
| SHA256 | 1e4608c2f3c624c683f1eaa51aa2ddb2372eeaa364de032e56c11e5612db2117 |
| SHA512 | 3b2ee38fbb5ad3568268911e81f11c08f62caaa6c19f4eafc00a07eb3354fd3ee939366fa0c506c91d6392b31eea4ab8ef95723499106593bb8ffde84d275f99 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/VerDatset.dat
| MD5 | c146dee5648e7016ddc3e1ca45d87912 |
| SHA1 | 3559ac0aeba6c2c4eff89d87cf4630089e07322e |
| SHA256 | 23a2b658ce1f7a0e8f1b43216272cdf97dbea9e24afd40cc6dd48af2f8a26875 |
| SHA512 | 8c9654081c3d024c0af1235bdb40e372cb1569e9b04f6db2bdea9eb0044f573dd8e516840ffffa0f4e40a437b696989004509f274c7789c897cbdc1624598200 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/ResPack.rs
| MD5 | 94c7500c81f30f21c3e7b20001863b66 |
| SHA1 | b7793ed96e146dbd847cefd77ba1db5a11d98ab3 |
| SHA256 | 34ef242c27106786a8907ff7c2a41012f3f08e782968c40b5ab2bd9e1e10ea4f |
| SHA512 | 836cf3a0c19b7e67a7bcf58ff44d17fa9aaddb75339d41da57a193e061199d50246652d7ff56a27b9ec404b5029707e547146ba02baaf8851a36865ed373125c |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/ResPack.rs
| MD5 | fb03f53287190b891ab88944ff2c93ce |
| SHA1 | 45e28d15f63e11516b81c672e3d9bf521cb69609 |
| SHA256 | 390ee18796a5092527f712a78b3cc88465926a8c1ed05c0430f18f4434d74580 |
| SHA512 | 5bfd39958d4d47d9de1e076c140034752942b5245241dbdd4a6b4635e82a7b7fb402dc4ec0dc8a1d0325a25b6b74308f7dbe5941d26a3a75fc79f755ac904b32 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/DVHotcity.cfg
| MD5 | 64f064a4742aa3a40f537edde8d6b3d9 |
| SHA1 | f84045d96e72582238d8b35e6d508ea9129ae348 |
| SHA256 | 905d87c66b14980402afdc2736b80d8fe108246e44f76e573291a852bd105a63 |
| SHA512 | 5f0df60c3bece73b319b4e7c057ee8a218b0b7a9f710bf9725845fa621a4f8a53bda2d55c962e940f01ae6a81cd76af55116be55c7f196ac2dc09e86ae5e73dc |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/DVHotcity.cfg
| MD5 | f389dd3b20a99988cafb81fa9833d51d |
| SHA1 | 601208ba2cf437be2490ce14ed3cf4cc3943a7c8 |
| SHA256 | dabd641f5931761bc3f202daf16e560c023b86314123fbda7bfe9428debc8db4 |
| SHA512 | 0fc49984da0a3a681ce08a91ef1e849c122ba9f34dff29b1c3f952eb82ca90f3b6c6f4d0f47e537cd17c00b5c2f89eea411f7a2f3f9b2d674e205b95cd438292 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/mapstyle.sty
| MD5 | affb6ab297e0a28c70e290bc7b0f79fe |
| SHA1 | 994cfa22aeebba487dd7fa4ff81fcec17d011801 |
| SHA256 | 6e0e16c5ee516f49c30e9db4d470d57c964dfc38516f3b7ae459ceb4411a076f |
| SHA512 | b94d1c81b7419dc75a158f0ba67f129885fd60438f8b31f97d5ae2a20d8069f5d60a3e5de9090493e503b41c78a981b38433b8d7c99ffdbe0a0313a79b4be2a2 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/satellitestyle.sty
| MD5 | 9f7410e1680f5b7cc5ee5b306e1679f8 |
| SHA1 | 28a8c4bf92e9347b536eee59b314dd4bdf27644e |
| SHA256 | 110694528641874bc9b9dae26d83e701b36e18996fb91b4d249a08931942e73f |
| SHA512 | 297ceefc94b84092dc7c039c2cba110dc97fadbaac5fa6f2d73cc5ee1ab557813b5cea43574a84478d443097890df3ed85ead0e90851d24cd47c81b2aa022fa1 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/trafficstyle.sty
| MD5 | ea1255472c3feae81239f87996544ac9 |
| SHA1 | 9527474aeb5833e4e268aa55cb233f8193624bb7 |
| SHA256 | 030529b5a75b50d5b4cbffb5c170f6ec5a9a00695dcdcc8c9918909eb5ee4671 |
| SHA512 | e8658bb8b37931b349dfc9e911fc6f483dd08d659ac917526ed05cc70271b97c13def353ad841436696c71a2f8794cac5d8035b0064d99d590c9b4f2db2b6c67 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/DVDirectory.cfg
| MD5 | 200b74c3ebb374f1e2ca0c2d77418cba |
| SHA1 | 23e52a22fcbb020f4613811bde49f145657657fa |
| SHA256 | 8c0ad1afee4e26ed64ef30d34e612edf1e9a3ac0e78e426dab3ffbb803bf7f1b |
| SHA512 | d30e07942404993b6fce92e411208e6c971712bb2efde6c0817c6e4f46dfd53bcfe2de7ffd374bba7350ee83d0a4ebacca0f1ce27480c2ba6649ef9d66f8874e |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/l/DVVersion.cfg
| MD5 | 901e9e58cb056bc895fee4f19173ae4e |
| SHA1 | d5ca46f40f8b5e833a8491d8d2fdebcd91e33d4d |
| SHA256 | cc73778e36a6677cd6de7ccfb5c605dfe532acebd039843d82ef3be295b73567 |
| SHA512 | 5891cdaff2de481f98b0247748c036447bf73b0f1b1186e6cf2b05d27f39826da496d87cac93feef142f3c47bd6f37753116b18194f49064b3fc9dd6fd3ecab4 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/mapstyle.sty
| MD5 | 042f8bb92192b33fe881cf680db79d5f |
| SHA1 | 17b1ab10e0ffa30f3534d3f0a0240a631222ba54 |
| SHA256 | 6f4205cb972c0c49c9480951e4d2decde58df5c7555be18b274507dbb25dfc1b |
| SHA512 | 4cc20908f12ec0b41fd1ea1b6e0f0ffb3fa003ab6f574a6b40f3a6ae2a7db07313ab57a9714d9891f3b798046a47e6bdc0da9ce1f4f91b7a966ed96e9b7d885f |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/satellitestyle.sty
| MD5 | 24b50fe4886b6d6f4011464e9a6238fd |
| SHA1 | 68b5c9b9345870b4f4d1b6a09258840ecc82382b |
| SHA256 | c7eba9052ab1dc3c1d70541270688d63a7cfdd6cca9b0b5d62f5872413974dd5 |
| SHA512 | 96217a781d8d23c298372ff7d005bad7e4d9528ea607bb28148f7b249be028ed0b5f0c1456aca0d78ce06335ba252790ada81135810bd5861bb74e25499aabb8 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/trafficstyle.sty
| MD5 | 1e4b535871c4feb2010b614713def5c7 |
| SHA1 | 4c5dc67838d12b795b6882c6dbbcc6767e42184f |
| SHA256 | efa3ec85127a21a8c8a74640acc5fe1d992952964d4f257682f832f63c2ad3fc |
| SHA512 | 0c5443dbfdafab2e6cb7740587f48ca9a2c971b93afafcebccd17691edaa7c7fb75dfd1b6c939dd591a5aa65977f55e64b6c3690ab0a660432269fc43bf3133c |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/DVDirectory.cfg
| MD5 | 4387420494429045bbddc8dbc8036a57 |
| SHA1 | d00c920c88acbd73b1b09c4e36f947fb1cbc43b0 |
| SHA256 | c0def80bdd08026af800c61c476cabc9f1cda4d754e5e7a30d8dcd6ff0ac44ad |
| SHA512 | 200d360e00ae1d6f95f6fb57b217da7618a0c60abb8e17e5d2d2a5bd19434ce7ab001dd195f57bfb7c9f63a1802fb1e4e9c20f94773a772474c63485086b7ab9 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/files/cfg/h/DVVersion.cfg
| MD5 | fb6694479700218b7eeb8e595dec6b83 |
| SHA1 | 5ea06f1b529de035fcd8e4180c58f84c9d4eb49f |
| SHA256 | ee862c09ac9d43be689d03a6bd29005dda386de845690f7cd369ab8ceb723514 |
| SHA512 | 630c010a78772a3449ba0667121c743e1994f09be3b75a668e50d7340423414efb11528072efa1d630e2581ee45c49f03ddbea5d2af6ae68dfc1ee95b3ded652 |
/storage/emulated/0/Android/data/cn.apps123.shell.xibeijiudiancanyinwangTM/cache/uil-images/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/databases/AppTemplate.db-journal
| MD5 | 253eefd50cc7846d346d62cd7c7c5f22 |
| SHA1 | fca479e1938505deb6a1f69df749ddfa9c6ea4da |
| SHA256 | 05d8607abd9b484607b961f07cbb36a9e594770e43ec9b7b0534fde64fcac529 |
| SHA512 | 9a8010f20b11ce60749d11f2a2b47e708e83566da44f5d536f877cf375857711e2118bae50b7ebaa7cabb43c3cc58ecacd07c8d14b4c876369a79dc2f294359d |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/databases/AppTemplate.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/databases/AppTemplate.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/databases/AppTemplate.db-wal
| MD5 | 15d7fa855bf9bb53580d1ff97b6bac60 |
| SHA1 | 730d63fa13c32f7be47eb520e3154ef0a6bb6d57 |
| SHA256 | 88bf7f7d12792bc7c7762b941b1745b538ffa3133bcc3e542eaa778996737b9e |
| SHA512 | e2e3f9e4a4dbfc0d7a7ab7f8c124d6cfd70140edf8d2cc35a53803587120bf6a056ec8ae1c989cb3a587ef2a59a9c6d13d8dcb9b450d2426ea19fdc30e258dc5 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat
| MD5 | f56750185efeaa12918bbc25ea0bd382 |
| SHA1 | b771c9b0568f2d5d852d5c7e7ed36ed6d53f8a03 |
| SHA256 | 880000d1e0f37383b6805c0d04757675c676c47fe2c1a9e86a8d357f87552922 |
| SHA512 | a2291578c1ef2964c8ab552984f2ff7c97f3b5c9cd3258802c5945149240636735f46466e7e43f9665ae3051cde0ce4dd85ece9d8f81b5420306dfa07a1b59af |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-journal
| MD5 | 93d6cd8f02e45f90830245f7a5d0fcfd |
| SHA1 | c7c2d81a3fbca61a24b922045b94aa821c0ce979 |
| SHA256 | be402802230afb1314aa219906897f39a15cb4cc454e1279a95085cfaf4b6dc0 |
| SHA512 | 731066af46a89926834d7ab0218275a641bc27a7432dfc0dd5bad5e1606f519495628bce5e71ea6f43c0b9294f89bceb424b43fb6a9edc30dc23afa32b1089e9 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat
| MD5 | 447fe62dac01614d04dbfb846cbe0fa0 |
| SHA1 | 5ce2f04f0a1021bbd2cd2fa8086afccefbe45670 |
| SHA256 | 700bca9a470c5b13e9efcbb4caca219c7a20c3924fc6603ee0f3179edef34137 |
| SHA512 | 5d0e7ac64b01b9cbdbb78be0a22daefe1e1779a95c4006257abd22fa60c1c5eedc29c89df57535d4d5e0fc63ac0c3279b06eca850396f90c5b335a16f74deb94 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | be274ac4e53bf1f2974e2057cdb61b14 |
| SHA1 | 0f8059413d7b87d76e5137d900dfb8ec776fdb7e |
| SHA256 | b3c2c67e6c0745b5352b6a59ea0f9cdf86655c9c1d4812e46f3b2525509618e0 |
| SHA512 | 403bd8eaec234d1e1ddda2957d79bc893d88ab4135854b77f57a334619e59c6e58691ac0029c01d5cb32459cffaa5b4b8f941ce21d3af3bb1d586a322d1a3785 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | a9297e398271fa292963a41aaae28617 |
| SHA1 | 5e2687f5fbb413cc32d3861adc220b35857e8732 |
| SHA256 | 45fd83734cecb33e51f9e6043ed83d619d3e2cffdd8ebef39faeec123392257d |
| SHA512 | e0ab3e66bae73b1e47c4699ef286b0fd5e9d31eedeb760d6607c1e44114a746cfb329281247f2bf7e9eb48c8b23a19bbe54649c39587cc8bc006c8dc145960f8 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat
| MD5 | 4eaf0947ce3e9569b62506fc7c0123c2 |
| SHA1 | fc1decb177c44e7719d04e0dbdce9501f06d9b2e |
| SHA256 | 7a2a2db647de7a25821ea1801f03e3f7b44958821e7699a632918b7357615cc9 |
| SHA512 | 8dffc87b3f60179a5dfad27c3f740011c3b35d642222c1af5512d6d396a25774bb30da0ff40e34f9725f24bade764c39020095053f901ddc7a4106178df6c44e |
/storage/emulated/0/baidu/hybrid/lightappdb/lightapp_V4.db-journal
| MD5 | 4f6ba552f0461ce994062e8158e05507 |
| SHA1 | f345e5297f49da13d37d8bca04d708623f85a18b |
| SHA256 | 2452858c95d2db8129b2827339f62194b9bd2a98a42bcbe7c19b316336141f1d |
| SHA512 | 43283979523e373c1e6a3e37c3214626ad36a58e192344664998d32e1223da533f7a0be4968d3697891d43410b3e303f3252846001e82a6d7cbd52b78b1fdcf8 |
/storage/emulated/0/baidu/hybrid/lightappdb/lightapp_V4.db
| MD5 | 69eb0a84239a6b8fdd927c4c3fbf1453 |
| SHA1 | f91b508aac9aa62fbc4d02c2a71b186ca8eff429 |
| SHA256 | b7c56c637d7ae8bbc72fe1ba6d848483c1dd4ff7a855c3a1aa4587f8da99d76e |
| SHA512 | 2e21d1d7dc40ac2b6e5e7ca8cd2a3a7ced933ded06a6c048f48da74f371da04238d29559400dddaab522c46f1768082b3a1ae517d90e47e03d63cfc390643397 |
/storage/emulated/0/baidu/hybrid/lightappdb/lightapp_V4.db-wal
| MD5 | 9be70b003f4eb56f09da97c9775d0446 |
| SHA1 | 79fbfe0f441c05dcdca755825c09b887cca8f9e6 |
| SHA256 | a52a7a8426f465682fe6ea85859097f1bca2ea91348b8ef03d6a06a1b89ef140 |
| SHA512 | 23f77ff84008e29bbaa6f21b77454be71651f0deedd27f64a7a3380287abb58c143ead4010f46dc5863a5c0e02cf67f01b6b2bffc5f0901d814d8fca6130a80a |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_message.dat
| MD5 | 880a47ceead29797ebf24d20e1c02519 |
| SHA1 | 7c44cfb751f1a6156053b3399318475df940cea7 |
| SHA256 | 37ad07538e8c7d34df70832637f408eca332ea4ca8972ccb00bd2538f376cb0b |
| SHA512 | 1dffcc9f54f13689966ec7b163645e8aae7a5215ded27a8abe9af6eed82933546dee5f889375ebe3b8a44aaa32a9e39e4249b49c21602b81c7584effb0e298aa |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat
| MD5 | 9aa8ec74b62550a7acfb5514ea0a40c1 |
| SHA1 | 9cbf4c7b966dc5844182d23431074987ac82a528 |
| SHA256 | a8a268ac2fb90492dffc50af30028e37e8b5a19f86b61983fb84200de910228f |
| SHA512 | 6e1d82b219e608cdbf4653faea77799fc9093daf0ed1fd2af0ce2128ad8f505a693239a18fd946cdce1c42bb4b52b36708c6e261f8f01f72208b529d68f70317 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | 013b88017718437f2621c9f669926791 |
| SHA1 | 5449393e1d85d857e925b6a8ca02c65edfecfd8c |
| SHA256 | a9468a1d225e4661a1bf0433ec71e96f1634f4cb2cb4124cbc6d61cb06b7db1a |
| SHA512 | f6da76382a1bf8f4acdc8c014cceaee037e065a680541ca3129f0ea044c67b875c8453d74b8f5e36ba71406748f2a8d44788bcf72a15e32522791e0f39c552e2 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | 12ab0d5115dfc3b8890ae053a3eb984b |
| SHA1 | a426bec60ca746bfb5f7bbab1c9cf22355eb7dd0 |
| SHA256 | af77b2592dde6e6f2bea13e0c4357fc37c9f106286c92f4775978b62ef1267f9 |
| SHA512 | 674ab3b1325f9bb94af4f92b6cef777865b5c31d8c663191d6a89984e8f8f928e56a2349efb22fc6679b821d562f81090453ea91af9ac2135434b957a650e338 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | f63bd2f36cd5e2566a81ff3215de1053 |
| SHA1 | 7a54b58eeaa16edfc39a12eb122b5f536831dc7f |
| SHA256 | e298902bf3d6acab11db558429b0ad6aaa63792f872a2877a71e3c07cce81607 |
| SHA512 | 19063c4a7868b3c4c90196223ff5c2f361bde422604706abe2514517bbf29b309b3ee6d75547cf917a8d8a9f436da9b45af5a92fff9094b80fd26592201441b8 |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | 814bb6c4ab9f4a246f37c9b62df16222 |
| SHA1 | 425752784c3736349fdee6bce09022bdc66f4e8a |
| SHA256 | 41ccaf839f2c7d5eb150afcf6226d799a6565584db1aa9e7fb91c5aed60bd7b9 |
| SHA512 | e86e51647a5148901c4255ef89d2320e15e5d27a6d75baabc84c3474d414bd45f76cf588cefc27f3ace1d67aac15fccfe988f3a95746894119957d8ab79997db |
/storage/emulated/0/cn.apps123.shell.xibeijiudiancanyinwangTM/apps123_avp.dat-wal
| MD5 | 3aa7aeac55a9825cbdcc477b44dd71dc |
| SHA1 | 720fdb08309071e2b6f151b7432c3f56c617c58b |
| SHA256 | c4c6de11f90c4e46811902f27d487e513ae17a108c86a207cbdddd97963ce196 |
| SHA512 | a7c3d07d78b0c78f66c242d38433ba273f5c06d05ce573a849e24266b27f524544e23a932172d8809fe9308cac46e0dea6601b38491e2c8375315d9bbf33c9b3 |
/data/data/cn.apps123.shell.xibeijiudiancanyinwangTM/app_push_lib/oat/plugin-deploy.jar.cur.prof
| MD5 | 9a485db22eb520fcd2b009fe5759af3f |
| SHA1 | 4e8fbe6cea13a879307052f98c486125224c8bc1 |
| SHA256 | 8f9568de868a9731f0317bd1eec47bec96fabea660a114803cf606cf09d8182e |
| SHA512 | 12ce6dee9fe7ec752d9f6cb61b26e997b485e9191af7503f9487e1e4cb627c945bf7004cf5bc02f1628bf52bd3867ac93aabcce076622c1f80b5dd6e12c53409 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 10:58
Reported
2024-06-14 10:58
Platform
android-x86-arm-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 10:58
Reported
2024-06-14 10:58
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-14 10:58
Reported
2024-06-14 10:58
Platform
android-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |