Analysis Overview
SHA256
1661883693183a78e285d72ac47a066b06d20a8aebe7ec5d65ec97f452725d86
Threat Level: Shows suspicious behavior
The file b9b270f0d31f40143e41b39c66202ede_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Requests cell location
Loads dropped Dex/Jar
Queries information about active data network
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-17 19:43
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
Analysis: behavioral9
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
2s
Max time network
157s
Command Line
Signatures
Processes
com.skymobi.pay.opplugin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x86-arm-20240611.1-en
Max time network
3s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:44
Platform
android-x64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-20240611.1-en
Max time kernel
9s
Max time network
151s
Command Line
Signatures
Processes
com.mrseven.payment
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.10:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | tcp | |
| GB | 142.250.178.14:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
3s
Max time network
152s
Command Line
Signatures
Processes
com.tct.union.pay
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-arm64-20240611.1-en
Max time kernel
4s
Max time network
137s
Command Line
Signatures
Processes
com.tct.union.pay
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x86-arm-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x64-arm64-20240611.1-en
Max time network
10s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
119s
Max time network
134s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/lib.jar | N/A | N/A |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/lib.jar | N/A | N/A |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/core.jar | N/A | N/A |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/core.jar | N/A | N/A |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/update.jar | N/A | N/A |
| N/A | /data/user/0/com.vikings.kingdoms.uc/cache/jars/update.jar | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Processes
com.vikings.kingdoms.uc
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.vikings.kingdoms.uc/cache/jars/lib.jar --output-vdex-fd=58 --oat-fd=64 --oat-location=/data/user/0/com.vikings.kingdoms.uc/cache/jars/oat/x86/lib.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.vikings.kingdoms.uc/cache/jars/core.jar --output-vdex-fd=58 --oat-fd=64 --oat-location=/data/user/0/com.vikings.kingdoms.uc/cache/jars/oat/x86/core.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.vikings.kingdoms.uc/cache/jars/update.jar --output-vdex-fd=58 --oat-fd=64 --oat-location=/data/user/0/com.vikings.kingdoms.uc/cache/jars/oat/x86/update.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | sdk.g.uc.cn | udp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
| CN | 203.119.169.175:80 | sdk.g.uc.cn | tcp |
Files
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.iplugin_V4003.apk
| MD5 | 6904630c1fc901a4ff0496b86492f056 |
| SHA1 | 6569be10c9535885f8d1ac61e3bb2e911bab2433 |
| SHA256 | 7cc6f7d7fd32009ebafba8d8ac9678f699e721ba28d23b58691c705436a715a8 |
| SHA512 | 17de8c9716d0557969cbe4014ff8cebeb3f8db258c34f332ee57bd8b09a6ada4d47aeeaac0c46a4af6429057a78176e478a04cbf3df0d9ec8a97a7755a3d65c7 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | 7bcaf051ec57bd744e5815548b595eab |
| SHA1 | 63336f2ef499b5eddde9e729586743190ca6cba2 |
| SHA256 | 8f0543e309baa1ae3a89dbab7d12d27afce65d4bf9053a7d2980b1359a538694 |
| SHA512 | e81ff03aec78db035cd4f9e1e8c527989671442ae2de918b9819517017b0a6834c5f65e6575a3a030f371982243a023cd906163983720b2783194f0296a1c09e |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | 80bbb6b4a5652f415669c273c32610c5 |
| SHA1 | 952e29b264535dfb5b8d5972d81a32742ea7d2ab |
| SHA256 | dbdc2abc59814794afc6133394b7bbd79df561173e413c3fa52985581440ea36 |
| SHA512 | 48f37aaa801038e2e32098db78c29d2f1497b770356ed318935bee5725ee876f897e0d0aca72e11c7d34064b52bc921d41c5860b6b2060d55c8f8db8fef0f8e6 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | a6371cb609b1b744f914474a9adae92c |
| SHA1 | 0d1a2d34308314866c22537d49906181384df67c |
| SHA256 | bcb79f234a57c609ac9842bbd5c274883f7d8db2defc95632f089bc367bf4efa |
| SHA512 | 2db1ff019a4e557577570ec0fde0509fe2ccc7b4a903e1af6e09339030769cff772893f70ea225c919104db04f19ad432f3d5b13baea959a3583bd5d27ee968e |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | d2969521efacf5bdf86225c8e32406d7 |
| SHA1 | 14c7ab0b9496f695629da0c0a6f05de1dc77ce60 |
| SHA256 | fa26e17dc1de79660b558eced365a9d49d24e9fa4e30776ad74274be24d5eea8 |
| SHA512 | 80a603a2da3c52ab3a8ea52255ca55d5206b0ddc6edad416b582df080716c837b5145f04f8fb5f5157e60ec0182a892b19ad4ab0bc1fd3fe844f69fa5d90fa97 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | 48fec01fc6f85e4b0eb9ebe60c1902e7 |
| SHA1 | e9273ba7f9674b6f37d6836add2fa037e41200ec |
| SHA256 | 07188a16efefe10fb7cc92c0237843277d360cff819024c8820eef253eb67275 |
| SHA512 | ff33b0d5e627bc21b1c2b538f3d36e52cf3bca58bd6175075e127f85e63e7676f29624436a08158fb6fe9a6cf4df4a5e9cecf79fb148a7d93d2bb8a5fde14d40 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.sdk.log
| MD5 | 0c81b10791ce3293d80a647dab903177 |
| SHA1 | a270e0b60d59b1f6bc7ea47e303b788394197e03 |
| SHA256 | b6a43148cfcffe6dad2f840067c920c201ab571db9801f876927d3b87befcb95 |
| SHA512 | d50e618f8f457e5768d247916c819e8ef88599eaaa23848d7b374b6135b9e919e05d280e0e49291d2c83baa86b5dd045c9e5b249516ad195404cd972d7793431 |
/data/data/com.vikings.kingdoms.uc/cache/jars/entry.xml
| MD5 | 136a844e608989622e2ddad84c220fca |
| SHA1 | bf4f73b66f53987ffc507d8b456b4d988f2babf5 |
| SHA256 | 806010d68c6821a45c6836fbe273a081e37ea407729ed22de056b975ce0affbf |
| SHA512 | 86a0640cab921cf43f87e04bc978e99c978f7c482a11b247cc4666ac4903d51566e19e07f8df98219376533e51cd6dcd3902a9e230613e80b6fefd23fe41eaff |
/data/data/com.vikings.kingdoms.uc/cache/jars/lib.jar
| MD5 | d5189b44fc112ee62f3c0f7261367dd6 |
| SHA1 | 3c2a3f188e458de5e46aff3249f437cbe99c48c6 |
| SHA256 | f4cb02449a70f8099c1f7fc891ad1bb15ca1822d9420b8dc1849099eb40aa3bd |
| SHA512 | 100a22f8ff37eb53d404786166fcd52b2ff48bf4452565efa25a992844b0a44834d9349d39e7e0ee07484d368eafa0b52670930ee308a7d14ca73650893b8d18 |
/data/data/com.vikings.kingdoms.uc/cache/jars/core.jar
| MD5 | 4f71395ac8537593dc19ba30d382962e |
| SHA1 | aac11ba3f1e4555cfea7a63b1cff6d39929a946f |
| SHA256 | 7092b011ae1d1647e74b2c917992697bbfd0b9608a34ca70194ea665704b328d |
| SHA512 | 3cee92bb1327d42d81edf6d491c5c6e6b7c6e5389b8d0fd0de93db0db7025a2948965bbdf54eeec555f3745fdf50248a240566b87f4ac5a2a0989308fdb1e4ed |
/data/data/com.vikings.kingdoms.uc/cache/jars/update.jar
| MD5 | 177a5ca0c858fbac7ec8b09a40874c80 |
| SHA1 | c353d00791a134142e5103d9234009aef150ed33 |
| SHA256 | 7b780aea57adbfc9f602ad47ab8922a878ffc40095d4793ff75edb0b3ffe9802 |
| SHA512 | ed4a3aa386474654ee7c198793e9cac5cac020664efc0e7c3df1e7c3ca1d4d97c353eddadad74e732a5fa7b2efad41e610e1b0409fed9ea4f10401147fb23da1 |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/lib.jar
| MD5 | c028c8eae3eff21f73e6e95fd4bf6379 |
| SHA1 | 96fb86e3abaec5cbd03afa4cca460c1436773f28 |
| SHA256 | 7efd244f08d905539e30ab4993766335eb7c9f72afe763d41a396f6983ad4b5d |
| SHA512 | ce9f6b836eaa66a2b946740416bdaaa10f9eec3f45d6c6b56382d39c7aeb09d9d9587b537500359f344ce96439d877affd12789ab05ad1f6eceb9671ed39c80a |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/lib.jar
| MD5 | a2118efa67e1c5e22fd2efdf96fbc09d |
| SHA1 | 4090734c870358ef2c08768fe2921a04743c6d8d |
| SHA256 | 21e0c79ec2b9218533d08c0c6a906f86b66617d4d89ac617973edf9a5acb5dae |
| SHA512 | 86ae07281316ec0df57b6ed0fcb854e6942367bf10f8b746b6978efae70c4a5d2e2fdf934fa9ee37ee9a4868c1a8b15eef897174293963b67d578bafaa7602bf |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/core.jar
| MD5 | 0b82c75192a3f2f798ee1f0282f83373 |
| SHA1 | 1d5bb25b5e0addf1b147f473dadc686a080e630f |
| SHA256 | 5a0ed212d540af5f6f75bed2e541288f2b092947832dce731163356d5beed622 |
| SHA512 | 2b40b5367ab99cd488c74e631786d66375b15f909fc925a7899d18fffa0d53356511097bd1888fe18fd9b06d464f436a82781648b9db1eadc9f268ab96e58a09 |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/core.jar
| MD5 | f130b633f6c78e031ad9dc184bdc1247 |
| SHA1 | a52a46d7bf8ac4c01a57f696dcd072cdf8d08e71 |
| SHA256 | 11741c9aa5f4e02d8dc29ce1a8dcb78ef41bf7cdd35a91e5a374e083297155f6 |
| SHA512 | e829f63e76944719cda77cefeabff868f52845025ae5aeb2ca02dcafe649cc26154c95509f2af83593202459a1caf0e9c301ef929f0e41c66a5acede7717c298 |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/update.jar
| MD5 | f84c0004335ac2fb63da78cba356103f |
| SHA1 | 2ba38604afc10ccbe099b0ee7c3df00075a62e44 |
| SHA256 | abf2c4975cf3a134c52039cd60e35a6e3315e8e80f335d04fc0c641bd6d8c32d |
| SHA512 | 6dc8cedccb1fb809c7679b6e916e1e872b7f9bead8d18bd11d7b326b0f72bdf80b65bffc5ce9b26130926d6dca887af9f3ef6b03271faae002a5de9f95e673b6 |
/data/user/0/com.vikings.kingdoms.uc/cache/jars/update.jar
| MD5 | 38e6d2a5c1732f66d2a2a42f4281a599 |
| SHA1 | 51d0ec2d1577153808ee2b49e55b282c610c639d |
| SHA256 | aa746833d79d178d8f0628a3e1f3b41c9e37c6b8a155e5373a6bb576958528aa |
| SHA512 | d769e47801a83402d220fc65bd04c41e5e50ac0beda2a1ec4b77cac63e4126d581e7408d7530f160fbe740ff9e627455dc97d372dcb3bf6e8d3149d211d902cb |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.update.log
| MD5 | 808e1b061dbd540c8db582f394ce1dd7 |
| SHA1 | a4bbac4152bd757ffc1694a31d76e897b535f6b4 |
| SHA256 | 968498ee43a24a4ed676ae17452fa18cb03e2d954e386120a59f897bb1a32349 |
| SHA512 | 7523c1059a7d48326521fa252b7474ff4360a18bb9c9282a57625f5805e2aac395b7d0c1a785308b37ae70434ec8cb8e19b13d36504d7924d4d64cf15af2e61d |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.update.log
| MD5 | 4efc9aa29aa67c0b9bdb199e0d8fedc5 |
| SHA1 | 16a17d8e9078e0fac4b718f117daf139a78246c4 |
| SHA256 | bc96c94af59a40c17db2347da9f58f562ad6ad808d2dfbdabfe0c351811b3085 |
| SHA512 | 4403d0bd8c47de8901e0a9f3111a8ba70c6d17c4901f0b73f7f369752c28e7f063cdd6d642c26b8a8b9b3862bca0dec3fddf75deb8c4d440ab5588f0f72fed75 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.update.log
| MD5 | 3f993e52f2165f1cd50e3c49a0a6a191 |
| SHA1 | e9c1875a8c95235910b2ab8861744d3931650547 |
| SHA256 | ac15108dbec2773c4c14617d7402a9c608632d903ff4f26b5bb7bb8bf27e3fbf |
| SHA512 | b5263117ce1cd5095c8140c6c95ac17e6e7b5ca1350fb46cc39034adf37833e34e99fbc7a033bd991f55155d61c88e827560f94bcb95eb8a20cdf9de28c21b91 |
/storage/emulated/0/ucgamesdk/549173/config
| MD5 | ceddf0eb93c34c7a361c45e3c704af7e |
| SHA1 | 5b95be64f9b41384aaa86a370c187cf6058ea83d |
| SHA256 | 09c0807a6d8c2ec32944468b106a465178a139fa0da9a6d9f593ba8470a0f32b |
| SHA512 | f6aaeefa39b5e047ef0b11b7242533833c476aeaee0b5a205a02b12218bb4a40a9ad17ac6a08b8a9d00ca04ffc4b2a1e28326c365c1283bde98312209e697d09 |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.update.log
| MD5 | a4a2a40917caf569f148077e2eda0445 |
| SHA1 | c485fa131bd98e206db9ce6775124e2b01d9ed58 |
| SHA256 | 801c7d6d7934645680c6bda551cf9073b461eace949122b6b099dc0c40474ea0 |
| SHA512 | f3c5bb2b14091ee36fee794c772f31f55bc9d02b3dc6c1145930cfa321b190ea53c72f2a91f5d602b5179ec55ca463a9e55da413c49d3c4ebd49343c2855909b |
/storage/emulated/0/ucgamesdk/549173/logs/debuglog/debug_2024061719.update.log
| MD5 | aba13d23aea201b0f689b9fd68016d55 |
| SHA1 | 00f3cdea709aac9bfc0122553512b6641785832f |
| SHA256 | cc4885f247d796e4362f04525e1763c15bc4980e0ae36368b1c355ed9cf436ab |
| SHA512 | e9437811e29911221f5571aa06e83375121db21170ce73e2d3300fecaeb4dadfbe68351535a2856ac82e068bb3c3c8d97915986457ba221eb67d4ff80c7cf8c0 |
/storage/emulated/0/ucgamesdk/549173/config.properties
| MD5 | 51b30212bdfc6a4215a4b3229ed0072c |
| SHA1 | 4b6760b04a33744399f9208ce96a4b7ca592edc2 |
| SHA256 | c48ffb9c73c65a817cd4452fc1087ca0bf89cdd6924e5ce1847f8b8fb17118ef |
| SHA512 | 4b861f16517f768a116a0232714dbca8d967d7afbb28600f6c5334270cbb002f2c52b264e871b10102c7807d324dd2270e88f23cee556ff3ff1e76b3b26973b0 |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_private.db-journal
| MD5 | 80593dd3e092f733b86220ed4c6ab0d6 |
| SHA1 | 23576c5a52a7cdc6df3685e747781adf6c03fec2 |
| SHA256 | dc9adfc26cfc8f93ebcd1d9acb8c6504c170fe60fde73a26aca52c9d23161e0f |
| SHA512 | 98747d1b1412bbac5c9a0d8dd017d596cfe30e98aa266519aed8a06ee42fe1ab6e1bb4339f13a7d2efd5d2e22654d17abc859e9cfec7e96dc5b97a6d2d2ad69f |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_private.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_private.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_private.db-wal
| MD5 | 410ef43c632c3531c58a69430558b51e |
| SHA1 | 8a7ba2fce1309420ed840c317bb8b473a24498ac |
| SHA256 | 79cc682af95be60da3d986e2afd70bfdf8a93935d66d26872da6b8b60caa9fe3 |
| SHA512 | 3980eafe30238dc853c6e8957f98e6314626ac4663d43df35ff641ee198fd172a6a0272f655e1d30ddfc1937d405c82aff54d553e553598525772a4f31350709 |
/storage/emulated/0/ucgamesdk/549173/logs/updatelog/update_2024061719.update.log
| MD5 | c797117e535ee247fa02410af573ac19 |
| SHA1 | db6036b77cc6b7feeb267b984a86f52989c6e9c1 |
| SHA256 | 686874d11fd07d3c5e9ef9b77d33b3aa17ea54f311f07223fe536717b8844b97 |
| SHA512 | 7494fd47ab4b49c4c5a4e7bc7217ccfbb0d6b0dc30bf5f5a0fa2753be85436e45e8e7f77b0dae45fa52de7755ff77ade0059f8284d2217e0ea8f6d6d9b609f6c |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171943.update.log
| MD5 | 36c4448ca6cc93859381dfe616f1c066 |
| SHA1 | 900dc10befbc115484a0ed55e29b6e7ded7ee0a0 |
| SHA256 | dc23a3ccca71ee1c110e6a7fede79dc9f3b0d8315dab05f60273ee3e6faf6baf |
| SHA512 | 32b9cdf1cf02ba6761222d8a6636f6513ac3a90a5c2de1c835b4245e43d0fa89c140889c221ead52fa866bdb3490df554f31ea5b24a8ec37adec6156f84b0dde |
/storage/emulated/0/ucgamesdk/549173/logs/updatelog/update_2024061719.update.log
| MD5 | aa2ca02b8e84b3c75bc548355db67d7f |
| SHA1 | e4bf0a63fd1b90b38a1bfb7b25990c1ec30d3f03 |
| SHA256 | 7f6dbc427fec1d64c00733ae8ca057dc458310f747e328f489f87e93e609e152 |
| SHA512 | be729932b771677e7081afa683184310260ddc336a5c316d85cb6c890c367a7498171aeb7ab52a0f34893c9a8ba8fe7eeff4d50ff686e90e9b2e4e917c2fd72d |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171943.update.log
| MD5 | a5742aa12316e099f6b2eeda1f9d1937 |
| SHA1 | 4ed4f4ac916fdeea1199f40bce9931c41c4bbe96 |
| SHA256 | 92c5917d22e21ed5d4f5e2f4a73601a452a4c0e265a2cc4fb396a21ab47851d0 |
| SHA512 | 4099391439051e7ee688e109a6f394c84d7600b0f12e03dec98450a686088fa2427e41879af5e004335549101a3ff305a7266da2d9aec890e45c3fd5a228da01 |
/data/data/com.vikings.kingdoms.uc/files/uc_key.txt
| MD5 | 44d582c8e85900d0393c898b52b54261 |
| SHA1 | 4fd90d272b11d7b735bcb32c0fbed33e01365106 |
| SHA256 | c7a2817d8d3fb7d75f641fb7dff8bef9b738e69589282089a6339c70f64d71a4 |
| SHA512 | 29e5863eced8a4d0ebbad10521e86fd1c3f371ea3e1a3d208d631b1e5ab2d0228b85ffc14c46718f162aa29b598d71cc85216b6130fde670e581813fdd160dcb |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171943.update.log
| MD5 | 045711b5930c23230e7537cd22c9c689 |
| SHA1 | 544f57f0dec955b94f397af38b3068e5b5fa1190 |
| SHA256 | dd9ab20654e64c9e97d6d1c4de5676c9934d1218414f0590e75eee6381f931a1 |
| SHA512 | b04c168c3c7cb74a2fb6458274c61737da30509f50967a3ff504474b02f24ea09fe7c92deafef94573247dceccabda3bf84a6b4a53b99ea38ff8c0c2521aae5f |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_sdk.db-journal
| MD5 | 51b5131d9ae59265eb9ef2fbb49e092f |
| SHA1 | 857730f9ffba1fbc6434e0d15450c0491263d07c |
| SHA256 | 37dc6e8bc0517d97ce53ad074e523ec37f4fe93bf1eaafd8fbfc768883ccbd0e |
| SHA512 | 40a9140aa60e18daf3cc26ca3baa450e473a062a947a237649bd4d79db5f8f233421dae1331f053fb3d84842119ddf55d0583607dd494e0888f14e5c0bc31c9f |
/data/data/com.vikings.kingdoms.uc/ucgamesdk/db/ucgame_sdk.db-wal
| MD5 | 986ab7b34a2e9a9929d7b599066e14fa |
| SHA1 | 267e8f84c3dfe648854a511086c2a6ccc8b1beaa |
| SHA256 | a6874c52c84d8ee5dcda74717b977d939d601b95b74f4ec02131333eba934d3a |
| SHA512 | 8f100cee316099e86adcab19296c36a85404ef9de001534f85736f6012f0ff95a5abf84d4609383ede2eec90b9af92264c98da5a40c2b43fd5cb6b6271f21dae |
/storage/emulated/0/ucgamesdk/db/ucgame_sdk.db-journal
| MD5 | 20c5e6fbfb43f30a94b2eee5b3c41145 |
| SHA1 | a249d6cc309a3723bd176bc42bc69dd662b693bb |
| SHA256 | b496e980bbf75c23c6a36b0ab90b435fe5b78135376be97ea35a37de6b4acc27 |
| SHA512 | b126735da452c4cf9b7152fc18426a01cc0717725f074dac5143d969cd47c486005d0e170584d3fa775edfbee7977afcde7ea56c20a0ef491101961f011b87f7 |
/storage/emulated/0/ucgamesdk/db/ucgame_sdk.db-wal
| MD5 | faa4d36484bb9211541e3a524e827a41 |
| SHA1 | 3190f9f86934f70d3012e5c8e7ee8da5a1da156b |
| SHA256 | 69968723d0b3fea7af1e27ca1b3b8cf75cb6427ee79ca4cb590cf0b23b250f54 |
| SHA512 | 377d232cec0f46a2107e4fb85950d3008bbabb9382e544e67c953780b712158bb282b7cb16ce0c2910a17671664acbbc3bb829d3ca008beea69ccc92359aa977 |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171944.update.log
| MD5 | fa05f224c1aa3c7d87f517d5a3448fe9 |
| SHA1 | 9b5853f42389d4a25e542f34e74512fc6ce032f2 |
| SHA256 | 3937d10bfd1cf8848a0a2693e2efa4feeff1555619ebb819fc4dede82e27e8a8 |
| SHA512 | 18e65919f829a75c839c32f4107b12927e19638829060dc9814e21c7d6095c7105ec9ed4487b4aac54eb47fcfd25edfbe20f136581d44e9874841d0f319eb17e |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171944.update.log
| MD5 | d493af69a7b41f1135915b7f0fd79b0a |
| SHA1 | 5d53bc58922819e3fad77ecd12203f9b85b04add |
| SHA256 | 1c64a40a51e1b5252be66271bfb942adffd316b4bfd89cc6ae535dc001174d20 |
| SHA512 | 22e08df7cf35298d6ef0b63813b4f067955ad182c2bd529a0dfbc3cfc60b1d65791fbf941d049a38204c298fbcb3de9b0021dd0e6e4ce10ad910d047dee5175b |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171944.update.log
| MD5 | dfaf00d60a7f2790da9c91a4c769a835 |
| SHA1 | 5998b49b7bb5f3f9a34692d60679ac20e661a6cb |
| SHA256 | 930f0e07e64fc9968627c677e87afa624c7e4790c7de1243b57eac2b566801d6 |
| SHA512 | 872786faf0403d842eb765eae64f9e3487e846e4edee598afa5b37ccd96900e17f1ce1ada0be21091e798ba04b672ed39d83ce02ef61ea47010f9f1f03d57b51 |
/storage/emulated/0/ucgamesdk/549173/logs/updatelog/update_2024061719.update.log
| MD5 | a167028084d318a2a87602fbf259f86e |
| SHA1 | 6b34eb4494262afc0caad8751fc375d31df5ce27 |
| SHA256 | b4bd4d140be0929cc429619efd4bef795bf13f4661d53356b37afe9c27ae15df |
| SHA512 | 850435db87c091cde5f92e2b8745194e55240e02d89d91d9ef212945f68357fc3cd6b36df1e5c3995a41f1885a9392a545b4ccbe8ad081a9994da236656eb7a7 |
/storage/emulated/0/ucgamesdk/549173/logs/updatelog/update_2024061719.update.log
| MD5 | 192cef1a73e7dcdd65669fa9e89ddc8b |
| SHA1 | 6777298c197ffaf5ffe89acb499ebe863a4fe863 |
| SHA256 | 02933f280d5f67e8183627edcbf0846361a03a237d84b7b64080c1e1dbaa13c9 |
| SHA512 | 511105218c8019abe539f929a46dab2aa105368d5ccdb854d8c8596f1cf4c99071a35197814544951bfa187e135f6d58755691cc4ad3fe53b35566a673fc5a09 |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171944.update.log
| MD5 | 42ce118562d28d6f6c8412bf8c5166e1 |
| SHA1 | b40fef32ef263b31831451fb7bf74459108d2354 |
| SHA256 | 3005d27d38c00a69f2ea917307dbb985ba3b289e826bc9435d6c221c2e229fef |
| SHA512 | c04221bbb62dbd0ae82615c4be34da347d7a89692f2d8f2531c7e3c9360ea301ff38eb30c3f6bafb94a66d2cfd068c21dc9f0b1ed0cc6d5e6725de2444c61d33 |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171944.update.log
| MD5 | e80d74a4ca0d3eedb0df905a134e6424 |
| SHA1 | 640651afe4f4345c3813a4439c75d73c38a45028 |
| SHA256 | 46cab6be3e6f769a85a6d5d80d81949621872e302ba618078621fe8f4d924b6a |
| SHA512 | e72b539a309a6b41000f5e8fe0a7c8277910cb1f17982e0b3e048cb678a6ed3b0fa55e8923101dc0027ff30e4de9316815dc37c276290513e8b7e2b6ab3502ed |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171945.update.log
| MD5 | 657b272f5dbac7cd3a9235e7bccbb0ca |
| SHA1 | 952fecedf2bc5bc76c18176154279a0138497c94 |
| SHA256 | 77d413289482bdcafbec1b1dcce4c7eee4eb878ee8efc3eef2190fabd1f9ad3a |
| SHA512 | dcf76330c8c0048858e2b9ff9b10fb33d0c081949b56776d92f068f99226f0b05b2535629ba6184be54a78f1bb0bbc6d3a1b39ae714881569f2862f260dbff92 |
/storage/emulated/0/ucgamesdk/549173/logs/statlog/stat_202406171945.update.log
| MD5 | ba5aaa526b26ec8f8e6979b48a5f8697 |
| SHA1 | 366b758b3f730cf42d4d6b67ce116a9c98783f3f |
| SHA256 | 65a43503ec426eae4c5324eda8678d38c701c1e0d5719735c6230e4b4bc15a47 |
| SHA512 | 4df12f25e6c564c8592e30927254ac8c4e88fb550e483b1b33318d4e6e161b532e24843e193b035504caf8cd9f15855eefd5b95a132c58a34a51856eea13e483 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
8s
Max time network
151s
Command Line
Signatures
Processes
com.mrseven.payment
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:44
Platform
android-x64-arm64-20240611.1-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x64-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x64-arm64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x86-arm-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-20240611.1-en
Max time kernel
5s
Max time network
154s
Command Line
Signatures
Processes
com.tct.union.pay
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
4s
Max time network
154s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Processes
com.alipay.android.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-20240611.1-en
Max time kernel
4s
Max time network
153s
Command Line
Signatures
Processes
com.skymobi.pay.opplugin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.46:443 | tcp | |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.16.226:443 | tcp | |
| GB | 142.250.178.14:443 | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-arm64-20240611.1-en
Max time kernel
8s
Max time network
136s
Command Line
Signatures
Processes
com.mrseven.payment
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.234:443 | tcp | |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:46
Platform
android-x64-arm64-20240611.1-en
Max time kernel
3s
Max time network
136s
Command Line
Signatures
Processes
com.skymobi.pay.opplugin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.40:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-06-17 19:42
Reported
2024-06-17 19:43
Platform
android-x64-20240611.1-en
Max time network
11s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |