535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda

Analysis

max time kernel
15s
max time network
169s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
16/06/2024, 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda.apk
Size

313KB
MD5

2f8aa941c9b87fc6ca21ad079e53dcf6
SHA1

b6b3c6e5b050ffd99fecb19646644e6a65e8ad00
SHA256

535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda
SHA512

ee18b3e374bdf3a264bb118cdf68e0a2fd95da2d590203ba3800b6834a98915519a0b1e725a88be75bf51b0bc5db7e0be461879e72854b05627b2cc625235eaa
SSDEEP

6144:QFt8ILZxgdMvJ8Q50maRBJh2e0BuLlk+4C4xn/vqS:yLZiavJvanJF0BuLl1e/h

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 33 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.dsbcjksdwhcuiewkj26flkjve.security

com.dsbcjksdwhcuiewkj26flkjve.security
1⤵
- Loads dropped Dex/Jar
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4270
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/0.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4296
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4321
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/2.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4344
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/3.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4368
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/4.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4400
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/5.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4433
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/6.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4456
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/7.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4480
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/8.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4502
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/9.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4524
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/10.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4549

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex

Filesize
52KB

MD5
47c737e21f9e3e767135f7696b3ac81c

SHA1
2b38009a15d4654beb8cf735d5797d1b09b96a19

SHA256
2809acc71ab5a404b0a153a672ddee949561009d8e5ca74d4b55023928b5b7fd

SHA512
817ceafb258d500d0945d7969e966f887b2fe23c571f5dffb89f092e93a55271efdd50b985910a984299a2793ee352661f2e1f545f5c579c3ee1c72e4bcd1c71

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex

Filesize
1KB

MD5
36d159912dcad873c63aef06e294d897

SHA1
1eeb4283c5fd73f3edbbf0f7ba5e2aab596838dd

SHA256
ca12be5f0b51807412164ce4c32dd27c3c1f58d15410a50efc579c25e6531fed

SHA512
6be0e23e8016454f13e927da0372c5dc931ba6ce3cf9d52a6a246c3a4eb4734c82d191535a1cfa771eb53bbfc644f0ac12e3445d395c30c42ba1ab626206f852

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex

Filesize
7KB

MD5
234df4b4b2ce34b8576faae7e7c15279

SHA1
925fab197d2fcc2adfb8e7b4acc872e83ed50b33

SHA256
4508881ede9be700bd32643db06b0766e6ff3f7508c5851691ec647b5df42144

SHA512
a41c7fb72388f356fefbdc7278810d3c9d6de90b6f4ed251163561bf8bde2defd3708c61db9c52c24c79ec8af585623e58609d2d16699658b9b6f4352f2c9392

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex

Filesize
1KB

MD5
f0cf26e3a5cfd363394bb140176a721b

SHA1
0e36cab73ecdeedf3eea99ff6bc7c3cc825afa0b

SHA256
350ae30e88fab1d37505884d3111d3c084303bacda7f6c18107ca26cd21cab17

SHA512
78f93638ffd7dbbdb7cec451f93176f2a7970bf674c2db17f9f551e85820180bad836bbd0d1ea050ac3ed11c0f0589085082774b57ebf449fc0c3932aa23a32b

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex

Filesize
59KB

MD5
f66db7be67cbdc6ae4b3b0587bc193b4

SHA1
0e856fb05a7956ade5f460e46eb000a21438717b

SHA256
ef1fe8106f647c8cca79d69d35c06ad3bc72f13d594f7a0ff6eee674cc2bfd4b

SHA512
776f3e3d576dfe78aeb6db0739b1a2a5b10dba515001917028f9317e411fa553db1a5f5f646e53d050fb2f48c76acbe7006ccc6fd9ff5a63d2a02fa069b362d7

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex

Filesize
19KB

MD5
781a518caf3895f0212d93f86085a07a

SHA1
8eef80b2d7d21180eef90bc06a9cfddbb1b07d45

SHA256
b9b22fa16623d2f83153be1ab94ae275b874b28a4148e5e4e0e17dd5f15e67b2

SHA512
621e8505c03cbf88f19cb9b4199f6d5dfef4ba252233332e455c7e4741ec73b9e1cb1f576a0b7634f5d281b701e5590a67ce863cb70c0c86a5fb22580e672c74

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex

Filesize
16KB

MD5
5ab4cfc0ade2699e8c95e03841339096

SHA1
b25f4e0bd46961fa322e7faba4ccf8bfdf568e55

SHA256
953b091d8633a93b6f9f1b6330b4e8f494828233a2c0f795352811687576ad67

SHA512
06a05b5d63b0bf14eceb726f0a0ff885cfadce800c0b99f7742a75af0d2a6497fc1325bba993cc4fa468fee46745e7cdc4e9037739654d78e6518d22c3868b52

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex

Filesize
5KB

MD5
9bb95395a52eacce8c2f515bc45b1149

SHA1
071279f71f1fa3ec5fcb613dc2bb35cc419287c4

SHA256
7110dc06fc4f5207001aeefb4e6a279edcd82fd7a7d8d20c05ee22e0496d1637

SHA512
092c9987c1c9f5e03e20a928cb7072447a26032066b4387854c0ad304681c9b39ac390d8d16486b2aedc807563858462e38b696d67f532d321086622dd83f8a2

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex

Filesize
7KB

MD5
477c106318dc6fe168634cec5cffbd64

SHA1
28003daf2ac885fd6375e39540c9264bbc39f279

SHA256
94a46f3eb2fba6b6420b976ac0c5b9e42260bf4b7790abc6ee46e12bd916463d

SHA512
37ffad0fe3551fc16378205f5ac52fcb7ae9dd6c0d59e7ad00e8da32eed24710408a359457b376c19a33fc274efb3aac8d0a8a3d8f4ef1942eba274c337d6ec6

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex

Filesize
4KB

MD5
b3597d369cf86dee48ce8f7d4f2f5206

SHA1
0f925790e5bf34734deacd2a4d14a892122952eb

SHA256
f26e8627c19105e71cf6ac6009cf422a3cf23473c4fd5ce61f0b5e1086c6f7d5

SHA512
25f4056bb55df31e984a0573c103518f4bba90ee7e36c201c0cd9fd1bbedf329f0c3a2bd9d3ed238ae146d7d24a361a11688dbc72c8e803f0891ee6f9340d51d

Download Submit
/data/data/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex

Filesize
984B

MD5
36eb679975e0a60fd74cf38d23a65414

SHA1
00842f9e2a596cb6f1dce078829e6386ba6a7217

SHA256
a9a61fa175ab8cfcd32f9ec0f26625aca1f16ab3b4ed4a0110556246384c7972

SHA512
e75a4a806c6f68dbd3b7285c17aaf84384586c7496ea34ae9e3697c7d5ae9656fe61fab99bfda980182bf3f60bdf500e1ded680dcdfd08ef2c910935ba6e01f7

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex

Filesize
52KB

MD5
91f111b2edae9355e04686863a705970

SHA1
e6ed788d65a34e0dcc0301f5cf6848ee1da0d609

SHA256
34089ec11682bd4c67a5a7367b683d4d2137a767e73cbba61bd60c96519c5c63

SHA512
c55d0cb48b8348b67b28610cee4ed326e407b4c8208f847af6c72471360f3014f1d2d17d6f5c51115efec8bf1c7164a8cc846c3b038d9b0b84cb33b194a54404

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex

Filesize
1KB

MD5
5ea473f66a35d1bd4421c4444550a79b

SHA1
70aadfc14ef75862cefe9999f5003e4480040073

SHA256
c355b684e9a48b46a3ffa295a32abe4e446ce465fe0d0ab1458b4caaf4d64a49

SHA512
7fe54a5da2da8d3014ed1ed6cd8d684901aba3b9ea83e6bacea9afbeace2b020f3d5956032497387f82b31d7ca4d0ab5880b32d41fee082efbe540399f63149b

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex

Filesize
1KB

MD5
bc52142b44f900fc9f5fa8da84d41412

SHA1
fd191cc2414dd3a1affe07e3551ff0362bb98bd2

SHA256
d6a648a44230273fd93ead41cae462f9c389fb57c85c238d1c7adf45b8466f79

SHA512
42bd45079606eb3537be2124d575242a37885cb16dfbe675771a4916706831dde560caa45b18c0858891f5e1a38b257359034e39fb698c0c03bb40935ae21e4e

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex

Filesize
59KB

MD5
6512cd6914b42910cc90d3dcc1a1f4ba

SHA1
68b36e8a34c96c71e4b750fd5a0272349f3c202e

SHA256
ca72d16dccdab57ffcb44b697acdb6749e566e622c4234c52cd0f9906ef6520c

SHA512
dd8d8b7411a1eb2822b95e6a4d49a1eac9a6ff973789424466ef4182fffb898de8f2057f065674139a5f9f495a90979c1a50a95dea1f22c48944980f6a5255d7

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex

Filesize
19KB

MD5
43467a6109b5ba4b20ae99e08e8134ff

SHA1
ac2c68cc027e0fd339fe238ba4b6751c0b298770

SHA256
c2cc9f7cc9667caaa880948e73b4369c7c027ddc882f6a7b31b2998cb795d358

SHA512
11140356af48cca36216e7f41bfc34da38f936587928056c13f6165741e204828ac66f8e0fbd370f88b7e8607f2420fe4e4f2bc2d620c3f99db787eedd6e6239

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex

Filesize
16KB

MD5
6c8694177c66bc33667db514a707e831

SHA1
00aa3d617e6f64433925f87b7a321dbe4476a78e

SHA256
ff26b7405677e9496c3d9cf301c3dd7306b28eddeaf5f9aa90bd871304062992

SHA512
4330f3b80103ad9e519ffe917e49c80d69a0360ff5c0b9fd123bc189e71b8a468d7b6e72283ae4dfde419544cbc8cf565444c68bd088eb960c27de76255ee1f3

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex

Filesize
5KB

MD5
cbd421c3d8579f01a485e7a0770ffba6

SHA1
872c9b768dfdffbc52821adb65ede21bb2b4490f

SHA256
1ddb820ea2344b455f75134e6a2ebbf66cb2b70039f6737b4ae9de890c1656be

SHA512
f5de4c74cc2fd28dc3d449b8101f9bb416705d7f133201e1e06426cb7cbebb5b35b2f426fe4c7bfd69536e283b87234d3faa841fa6a69cc09c4e9a929c791c76

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex

Filesize
7KB

MD5
2d1b48a065f9b2367a32029bacadcd2d

SHA1
843084739b39743080f2bd7296e873496c83cb31

SHA256
570a4ff4ee32dc3594458af221b36fd11f2392a7acebed9498f1452e57d0b490

SHA512
fdc441050efe30c89b28e7840897e5aeaa9dcc143b0a01ec92e30c82db54f742b84c8eab206468d523b9c6c78836a9f2527d6fd74e38ded134b2d2ecfa818763

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex

Filesize
4KB

MD5
9f22b3079d252f17701fbd9f407ecc02

SHA1
f266b0aae97b6ce4ad88d64679a5e7f1e15f66e3

SHA256
3b8e5630d678d3798a7a57766a9bfb5b1517686bf73790bf536315e46663ccb2

SHA512
5b6622c60dff9ff16bb3cb653f0d69b389785507ca1782db6fa4ffdfaf7b280ef62766af0841d4dc06b7b2860f716959ced7fd8d90b8bad0e14ca86b20e529e8

Download Submit
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex

Filesize
984B

MD5
047343ed6abdcd4002681682606afca0

SHA1
9eb6b2c1e9032c87fa832322a3aefad8a877ac0a

SHA256
a8f684a1f0864ddb706a98168982b58c670d3a84776a0dae9bb4858e352fe0cf

SHA512
0ee4f434b137cdeb51ace6600d9355de27b1ad6bf93472aab4d75417f1c27e675dafc78a19802c6b399d41705ba2d5476da178e915172dd28f84de5a3f7653b6

Download Submit
/storage/emulated/0/dsbcjksdwhcuiewkj26flkjve.txt

Filesize
2B

MD5
6512bd43d9caa6e02c990b0a82652dca

SHA1
17ba0791499db908433b80f37c5fbc89b870084b

SHA256
4fc82b26aecb47d2868c4efbe3581732a3e7cbcc6c2efb32062c08170a05eeb8

SHA512
74a49c698dbd3c12e36b0b287447d833f74f3937ff132ebff7054baa18623c35a705bb18b82e2ac0384b5127db97016e63609f712bc90e3506cfbea97599f46f

Download Submit

ioc	pid	Process
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex	4296	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/0.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/0.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex	4321	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/1.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex	4344	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/2.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/2.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex	4368	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/3.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/3.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex	4400	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/4.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/4.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex	4433	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/5.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/5.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex	4456	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/6.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/6.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex	4480	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/7.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/7.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex	4502	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/8.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/8.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex	4524	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/9.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/9.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex	4549	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/oat/x86/10.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.dsbcjksdwhcuiewkj26flkjve.security/app_ca67.stx.qksa.t4f/obfs/10.obfedex	4270	com.dsbcjksdwhcuiewkj26flkjve.security