Analysis Overview
score
10/10
SHA256
cbb34018e304fe3d88abbe31bd8da90e52f62c9200024ba7df7d80e6bf2d32c4
Threat Level: Known bad
The file app.apk was found to be: Known bad.
Malicious Activity Summary
Irata payload
Irata family
Obtains sensitive information copied to the device clipboard
Acquires the wake lock
Queries information about active data network
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-27 00:57
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-27 00:57
Reported
2024-06-27 01:00
Platform
android-x64-20240624-en
Max time kernel
123s
Max time network
156s
Command Line
Mad.api
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
Mad.api
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | site11.shop | udp |
| NL | 185.11.145.254:443 | site11.shop | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | site12.top | udp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/data/Mad.api/files/PersistedInstallation127422529667373771tmp
| MD5 | b6e50f2eb25f71cebcca53b64bfce619 |
| SHA1 | e19d3f21669c5940386ebf04a006f61d40f49419 |
| SHA256 | e0dd2860ebde68362c9da43f61db660e23d6e90c8db22362fa75ba9b1e6ac9c1 |
| SHA512 | fe2ad8eca723442e6f8dccf21323db5ffd2a7a0d7f12c67748cb2db6b8299a3f70a87ee7316e1839e443f54a20664802931ef26b335960a70f3e111ce4884405 |
/data/data/Mad.api/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 8b8164080fabe5b985e1a569c7eff47f |
| SHA1 | ae97990e102a126d850cd2b4e777f199205f619e |
| SHA256 | ad83aa53147af96022218eab2f1c6ca58aedc464001ad1535561e61cdc43df4b |
| SHA512 | 18033cd6343b538cf800746be98c3feb31afce30d1f0c315a94a92bfa0f7192be8c80969fb21d35d302aa933be4c4a1d18f8fce5ef428f7f28c7a166e93e4ba3 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | eb52a90bb70b76e946b62f50b6f7fb85 |
| SHA1 | 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0 |
| SHA256 | 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4 |
| SHA512 | b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | fe78113a63e013d84c8d6c1f8d042f23 |
| SHA1 | 97924f9233606b16aed561d8de089c3ce7204c02 |
| SHA256 | 2ce1840fb4cc30925c72eade3c62d2e22abd575aeef96a5d24ef1885a82f669c |
| SHA512 | 6392baf969198ff1e45754bb20a8e7d84a00e2f6d0d574eb1f37c084e6725241e5a9de120cd27b5278226b1320699f132130275193488261907eb1728eb13de0 |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 88d7f653f13142266b602020aa34382d |
| SHA1 | c2b9f117e590b34c4efb63ecd99a45d6a6bb84e1 |
| SHA256 | 5f8ce1840de77a6d51eea2e4642a541256a1e35d77c69e36f627f8a63f565f26 |
| SHA512 | e7500beb14c722d29c6d6b8c5b1713e98648f413484590e89b7e8ebbe20b52ab7a7b420fa686f18411d965338066e75f1b09aa3285b426abbb5eebe08fd8742c |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | c2c971a2eb9e791de864ba2a6f36dc62 |
| SHA1 | 71f69db2b4d36e85af4da5992300a3dbee237305 |
| SHA256 | 1fc0f4739ddd54fed6db253ddb413307fe0c46df9137ca31bad5cae8eb17fb80 |
| SHA512 | 3840f65cda63e1b5c59a5cc6e0f9e34bd4f6586ad88def3c8d6a5d7ab79b186d898f823f63c3cbc37b1fa480b297f8fef872945647f5b1e38ee4bc815cc24287 |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 2e05c86cc1061817efb941119d79ffcc |
| SHA1 | 5068c525675ead22fbd7886a634c3ae691f68ded |
| SHA256 | 5e72492452860dc3003baefed5587e5338fb512da5e5ae5bb3b75c7808a3d09f |
| SHA512 | d58dfe85e87519f4d35b7388a4e6fd3e2d88b200f48dadded0dd7f5c7632f8009877a0c7812c7a68a9e8c57ee1eddd65abdaec1e00402a5dddf4c14ad7a99fdf |
/data/data/Mad.api/files/PersistedInstallation6425925833325316850tmp
| MD5 | edd6184eca94d5b29523139105ae68ae |
| SHA1 | 9c03ab88431a403e5162dc33b0715ce8c2d34e5d |
| SHA256 | 7844daf8badd1f2d4eba42d337156e66d8d4b2f7db3bee7e97879dcd529fbe6d |
| SHA512 | 2a9971f0d415e835328ce671070ee358bb154f9ab2a4cf0436be4e3c46956b8bf87b3e1756a8b999adfe289f0afaa1447072572b089cce99296f02d179a38b33 |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | c0d317aaa901264e2a4e525504597d76 |
| SHA1 | 09ec70026bf15b59a9d83492944b69310da56715 |
| SHA256 | dd44861b8b57a4b55eebaa5fe1cea0994d576a6a0ac56b82904748f877f4e495 |
| SHA512 | 5b6fc08b2325a6b99ba0cb8ca297762ee6cbea03929fc8cbd5a2429e436b2f2139a9e5e087e64a3b7caa4aee7c71b8714498e7eadfe1246aa5df42195c0fbac1 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 28f8a3fad8d05a0f5803e5b3cc9fe1bc |
| SHA1 | c2bd33aa072f55ad67c22ffaba9fab23eb3d9d85 |
| SHA256 | b8187408e2d7333e5c60437c3889c32cd7c477f008d1746017d766dd05ac1d49 |
| SHA512 | 0ebdd97a9795a4eaeffad91d4647af653b649be9bdbbfde33051062dd2907e6cdfabcc08fb20bbbd068298f944353e2fdc1245a45a36fdf1fe09112f7f1b45a1 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | d9e47e390ab27ae326bd9188309cc6d2 |
| SHA1 | 5a35332fdcfb26f40e9aa4c3381b888f9220cd93 |
| SHA256 | d6d2f32af00b17e7e2ba70745bda03b113d088999279ab4a18b4730426082da4 |
| SHA512 | faf4e7dcf9b2a5d348988bdf6c471659cacdd4ece425361afdf3ab6bcdddd8a579d2831b0d96038d04f94072944aa439fd149298c5edf71bab97df1dff2641fb |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 36f1ee36564d81ff3ede703fbb5c1eed |
| SHA1 | da7c2e4708326bc5740a11dba995bc8c0a9f9231 |
| SHA256 | 2e5c2ac2139c3883cc8f3ae313a9400414c0f089c201846b362b820245877e92 |
| SHA512 | bd5d4c4597c5400a698cc4e7b83db1b434cd4bad6cba031dc3b812e2f318028b997cecf5d4239b63b0f052080c17a505013a4acd1697a0b8a7dacb4308ad5ba1 |
/data/data/Mad.api/cache/2
| MD5 | 27c687faad222caddb45b3f83388215d |
| SHA1 | d0c778c99e4d16464759e5dd4f193338372bd000 |
| SHA256 | ccac02d818c9214c7a52ed051dcce3bd63e5df576ccbca90b1b58d4492d579f4 |
| SHA512 | af3227b2dcbb61bf0f4a21d46dc53f845877218ae1f8689795fb6a93240a6a163457587bd11842d2c8c9b8283a2fc211c0f78bfba020b8505d4a22fb7f66d65f |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | e5fa2904d5fb3a25707e0329f4ddb663 |
| SHA1 | 001232cc789903ff33e41c09973626967e03939c |
| SHA256 | 0fdbf59b8ffce5524783c0b7563b5072da339e4d1c4c4a0a849be63e80346294 |
| SHA512 | 4a0c85022cae1a095a00b2645fe2439f2a616f63d516c12e4cd08c57e9ade4cab6376b42e542068426aca91d0aabc56d3605d8a7eb63e215e43dea3152670663 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | adf6082723784327d7d1b34adf974e7d |
| SHA1 | b1502f70eb881a1dfe41139cb719fefb877ee37c |
| SHA256 | 252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9 |
| SHA512 | 762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-27 00:57
Reported
2024-06-27 01:00
Platform
android-x64-arm64-20240624-en
Max time kernel
162s
Max time network
132s
Command Line
Mad.api
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
Mad.api
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.10:443 | tcp | |
| GB | 216.58.213.10:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | site11.shop | udp |
| NL | 185.11.145.254:443 | site11.shop | tcp |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | site12.top | udp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.187.196:443 | tcp |
Files
/data/data/Mad.api/files/PersistedInstallation6033334327585286019tmp
| MD5 | f32a681bf2d585d7a0bb1122b7ef2357 |
| SHA1 | 914af5606ca5169faea0095e6c15ae2d2e29bed4 |
| SHA256 | a366f774a534b16070dfe3381553891f40d58801aa33429b9bf7dd919d0bb0e8 |
| SHA512 | a4af54d1c228911006efe8c3ab33950b215fc709bafebc9c5a03add7934f54f25f7942830da6f167aa16b21d32a1f420e981387f1302b4391d9626ce51647c7d |
/data/data/Mad.api/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 5300f33b476eef5c3c587cc85ef33b32 |
| SHA1 | e44839a257e6319ed9c8790987a59221d077869c |
| SHA256 | 6d5e291e470f49d828d0ea3a7f950183ada593c83180d705687ecebb526e32b8 |
| SHA512 | 53c6e53c8fce7f5a21b438c187718144b135f3e8648b6f5aa3ad581a2137627a58522665042301d3d2fa8824cbe70d278614bda7b56dbfdf842bbd68e7a525f3 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | d9cf75fdd1c2292d986f6c3d5d60f2c8 |
| SHA1 | 07ecb1d3a26d952ae5fecf54f36699ab498510b1 |
| SHA256 | 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a |
| SHA512 | 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | f98bb3a8e2663c833bd486ba1b9435e5 |
| SHA1 | a40733fa9a41f8069b3ef7235915375966b2a89f |
| SHA256 | 4252643d040af6cf235043952003ca7b5f60e867145324c57b5f195d236ac419 |
| SHA512 | c169a4800340e3780cf8e9c565a4931fde2584be499c69bf1e94c6e0b33ef9703e6ed50b26e5a571701a3b65b11101d1f52d6b0f47b1c41c8ab647d740aa5f58 |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 09ebd40703522e4adae936e692ad4f4e |
| SHA1 | c4d963f2a22893d65ea7398415d67a8941b206b1 |
| SHA256 | 4052bb95705c1ce20e6475349e3d0662208688841227673afb7c97f8e6e1c63e |
| SHA512 | a8c5a3a3fcc9f2fe86b1ef9a697d7bbb0f535175d908b72e99cdc9ad8d98a3cf72b39e2a2472cf981d412f2547f94cf2e932a4fef71c6f5f14d80c0ed6346fee |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 9ad10ad8a51231c82402cc37a28cb7eb |
| SHA1 | be43836e38557c44fa87c7318b47431f20011006 |
| SHA256 | 204f8223fd1e33cff012c14568ed28bdc9758cebd584c577306d251f180c969f |
| SHA512 | fd9c404221e125ae40d1f769737a885c08cf5ff06e6e207c2d7593ea23bccefb7d1e60be6b629c0c11137cff98bfa946a91855e53d7a1bc4fe4e520a25b8d5c6 |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 09dadc40f62f299d2e5f8a2b134d8358 |
| SHA1 | acf162bc7c7bb583c43fb1481f48c05263d927e4 |
| SHA256 | 4bc93ce5c00b6b630e9a850cc261519fe726ea499300e46bbc2cd578d1337fdb |
| SHA512 | 113af27690737ccd1659998aea7dd123a304594c0f7760b0d89b8822db90ecfb53e2ef689b183ad7a94603c478fb3c72a6c759ce53f4e700af4e02789c609960 |
/data/data/Mad.api/files/PersistedInstallation1399774395283199578tmp
| MD5 | 2ea88605d0e85fc6d88d8b1c691af102 |
| SHA1 | cce33d6ad42bc9501f5bcf664d8a51d0eba1f2d3 |
| SHA256 | 4af840eee7b7f758254fb26e4cbe6ecab6e29fb6c04de606ac4f818a1f33363e |
| SHA512 | 227aed4ca3ef79e4f4e0ea98e85dd0ef9e2314ac19dde145bc2c87bdd26c2f160a4b0fe5db846862a36dd7d180d72ac35587237e7e64e6213236d1f6ab2a819a |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 083bca55da17eed7fcb879f913db629b |
| SHA1 | 3afcb0652d062ccf527ec0144e2688295ae4d6c8 |
| SHA256 | eb1e9febb2600f7419d45f0f4de0d8ae311889d1949c8558b2f8ce37ffc12554 |
| SHA512 | 60c2e0ca3c8adec5c8722905103fca3c7b908af3e1d9c24059a7389347391c34c2ee55fe89f0a14090cf5f0af7f4d7950779ca40c2343e0f771e070a926b6a17 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 201562fee76c087c6e633bf5e90e2be9 |
| SHA1 | 465e023289a18d10bcac871077523096889b9c3c |
| SHA256 | 8690d3fc546d0d1320b3510f735195f9881be02e09fb6e00283a5ba0ee055bfa |
| SHA512 | d896963f2f0e5a84612ca04e177e89d1443b2b3a8a56dd682e00b01782de139a92a837dd6616fe44e92e9a5cf3236d533c45923ff257c9d7e55b99daa2e83464 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 29d8165fb6bbcfb0f0b7ee059d45f95b |
| SHA1 | 85e37c67c22f6386227a53f3911d4a2d6e71f52a |
| SHA256 | 78219378ee396782fc6664b41f08d9ebf0f24c5eae4c4e5d9ce9ed24b1bac0d2 |
| SHA512 | b431cb544d1bdb0b5b8abda3d6b8359b6ff32369ee78cab631dcd80acec54e8cdae1c20f58c1f10e4122763c7497c8a4ddf75299d65a481ee324800399761700 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 3bf2fd12eaa4aacffcb3bc98f40943f9 |
| SHA1 | 7dbda13cafffa76af46945e3d2d8cd4b78ff1e14 |
| SHA256 | 75dab3d109e5f3cf7d347018406bee8834ab5079c8c1e0600c8b462b4013ac7e |
| SHA512 | ac37cb8c949b9a54b7a2fa143a3bd121dbbb1a72d8d31edc79a498636cd47eba10a42dd450190d91f21a80440674e0f5cdad7d3b43695eb72e755477ae5a3fda |
/data/data/Mad.api/cache/2
| MD5 | 27c687faad222caddb45b3f83388215d |
| SHA1 | d0c778c99e4d16464759e5dd4f193338372bd000 |
| SHA256 | ccac02d818c9214c7a52ed051dcce3bd63e5df576ccbca90b1b58d4492d579f4 |
| SHA512 | af3227b2dcbb61bf0f4a21d46dc53f845877218ae1f8689795fb6a93240a6a163457587bd11842d2c8c9b8283a2fc211c0f78bfba020b8505d4a22fb7f66d65f |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 3ddb05ad4c79bce9873652f8b5325e64 |
| SHA1 | 5473930c50297790cbb51b0e0c5ce8eca38285af |
| SHA256 | 1bfd290b29b07cec026eb660ba00b30c77d6014986296610a1739bbb781b850a |
| SHA512 | bbae74a18f1765b2cd04de58e57c8780e92e0d7d6e05d64318319c975698e677284ded28d71c2b550322912768f29509ae5ab06877bf0e95707215943c8c6a7f |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | de82e2c94d2718988804b035a46d17b1 |
| SHA1 | 705f5ff19093ad209f2a666085d6ccaed3bf58a4 |
| SHA256 | 29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39 |
| SHA512 | 68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-27 00:57
Reported
2024-06-27 01:00
Platform
android-x86-arm-20240624-en
Max time kernel
122s
Max time network
130s
Command Line
Mad.api
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
Mad.api
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | site11.shop | udp |
| NL | 185.11.145.254:443 | site11.shop | tcp |
| NL | 185.11.145.254:443 | site11.shop | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | site12.top | udp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
| NL | 185.11.145.145:443 | site12.top | tcp |
Files
/data/data/Mad.api/files/PersistedInstallation1844287530750051452tmp
| MD5 | f313820a4e78934a92df8a90770472e8 |
| SHA1 | 56ff6be14a02cae3667a43e2b113f4fa610a5dcc |
| SHA256 | 1cecca95d3736cfd4155ad29a9804444d072aab1a8a21d814246fe6ecb1a1574 |
| SHA512 | 96d1846abc8628da4706bbf1794ef1d6eca5af32070358fe4826cb199c7bf7c831d45a7832ca8bca55fd392ee5c2ede746be9cbae56b3a5be8b7d6a59cf5a11d |
/data/data/Mad.api/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/Mad.api/databases/google_app_measurement_local.db-journal
| MD5 | 6b829565ef1308f314f4c440985d4e38 |
| SHA1 | 4c174098284ade60e9790b9e434c2628b6b5cc62 |
| SHA256 | b3d86e97f6050ad8e5edaef04a1c976a34a0af85ce195b260369cd8055d8015b |
| SHA512 | 69c5eb4196946f337c794aa8d72f4cd4d1869dd8e8cfd31a335b0f7b9132897d9760f5920dea4a82eef0e721e2ff2bf5c81b6b67523a9882308cb48e7dee4aeb |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 7237409e0640cfab7bdbd429bf821a3b |
| SHA1 | 4c3da934842f8d4835dfe2a9c275a300e5123309 |
| SHA256 | 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa |
| SHA512 | c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f |
/data/data/Mad.api/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | f90868bbd231b696634d3c48ee5f96d2 |
| SHA1 | d9095c712813414bd184c81f81af7ec5a29536bf |
| SHA256 | 82eb6121cf8a1480f37583b4064d4535dde87ca44041eb0f1a14546cb5397d3f |
| SHA512 | d69677648c27058ad017df6c42047d160efbd4fb08c503b13ea19d9d43ffc54f6a5f6296bb646910bd7c42b9958ff11e769b9026dd2e4ccbacd659cabdb2a299 |
/data/data/Mad.api/files/PersistedInstallation2380986089723544071tmp
| MD5 | 218d1a7baedff577eb62e6b3b02c833a |
| SHA1 | d614af483028e7bdb3e33cd94866566ea697e1f6 |
| SHA256 | 2b5b0c31ad2fc9f4aece657b05468c34a9cbfadd41f6525c1699299a2a025f53 |
| SHA512 | dee58c3b4a93b1f6f481a9cb96d9f2e70ed11cded445b047f23f85a97c367f8166106e594dfc603a5e21dc70bbcdac9f551ef45d748f508c1c14645d067e07a6 |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | 00e73d73f57b51ed514eb3b511c092e4 |
| SHA1 | 63e3b4a05b2894bd0d2c71bcecda337a480e234c |
| SHA256 | 97ebd21f99101db32617e108999c3e6a7ccbcf1e88ad09631db531641f5d9a18 |
| SHA512 | 222f4af8fcd5768fe5329d422c955e8698ef67be62aa781689dcaca9497390dd66be25c65cec151ac377f823907858c669d399784eed3ec65ad6d86ce48f4c2a |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 3e475e7fd32401056dbc1ca6a10aaf84 |
| SHA1 | 7471fcb6f3a7dbe651724bb9e420900dbea932ac |
| SHA256 | 659483b1893c403b3855737b6536f0d9974d8825b67671244c79f7bbefd5744a |
| SHA512 | 3c6c96de708bba8826d32330d62fd099d4959878343b42b5a2ffdd7f7543d9e6c4fa272b55cd215b76d885754b0121a7455965a350f8c3ea8c7f50d034fee504 |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | d612a2c85695d769b7cfa4e74fa8dda9 |
| SHA1 | 4f63ff4b38cc64161123c69d655fc89947826528 |
| SHA256 | 1a3a7d9f9270045f4466697402a0ebe63dc8e415b9f4e8e17241ae891db7a874 |
| SHA512 | 8fcd21444af55329e247eec0aa6c212fd6732556502f48859ea7cee6934ac78fcdf9b0d77aec996b4fab2c92ed220315841842050cd05b676e6139af99733fcd |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 117ec36803f77fb03cf883570e7ee1a7 |
| SHA1 | 0dd719327abdbd31d2d17945ac05c55477e9dd4e |
| SHA256 | e51cd2983805fce2b1162535cee8370f7f104441bb66dcba020b6728f54e9ee3 |
| SHA512 | 384a0387977ee3b884c2622c0d4d6b90d89136ac044d815e6a6e83484cbec42add070ec63448b5c08338607aaae90909124c09fa25aa2b120891a4043a5bb5f2 |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | d5f2725ec3b266a429c33c9bcd33d878 |
| SHA1 | 79aba19e107c6da877ba5a73811d56dc1d620c90 |
| SHA256 | 4317d9b86c15663ae7c43890105dc37248e683f03fab0be3d5f736e667a59731 |
| SHA512 | 4e6554143c3aba7cc1e1649f0ae1012a65c20a7291629e1c28f1b700ef94da8f9493ba706503ec1b1b7a427957f407ef72ab5587d61d6d94878299314af59a66 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | a1986e8cb920bcaea2d8bd0f4d0d81fc |
| SHA1 | 64a9977fde994d0672b116718479dc47ec19541f |
| SHA256 | 14762b7d79d1625dd308d2e2d43fbfa9fe1c0f09742032c51a1f9f7f831599eb |
| SHA512 | f5530cb6d985a0adfc383a0737b1e2c685508515be1f3ec3c396caa1d1f80a27838930a2cc1d63fb8d60eef789656ffd0839bea5d0602302c14020bfff7cc74f |
/data/data/Mad.api/cache/2
| MD5 | 27c687faad222caddb45b3f83388215d |
| SHA1 | d0c778c99e4d16464759e5dd4f193338372bd000 |
| SHA256 | ccac02d818c9214c7a52ed051dcce3bd63e5df576ccbca90b1b58d4492d579f4 |
| SHA512 | af3227b2dcbb61bf0f4a21d46dc53f845877218ae1f8689795fb6a93240a6a163457587bd11842d2c8c9b8283a2fc211c0f78bfba020b8505d4a22fb7f66d65f |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | fac2692374778dee1561835ec488055c |
| SHA1 | 3d4dffdbb9dd3dab9b12cccf354dc0b0967aa6ff |
| SHA256 | 9e9946053a8d74b146635350f85b3fada8049c973c908ac25452fb24b1e68b2b |
| SHA512 | d88cca722b113c5d56e8613224b3c9c3fe89a9b973026fa02955f61912eff799d9134f0d476e381fbd5fc6b641c94ba9a9cde79dd732bf1908bddb0d242fc0f5 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 7ca644b535d691c82513bd48839ac142 |
| SHA1 | 735c83d0cf4e88e68ea09b4c14a583bf948b14c8 |
| SHA256 | 6e4aaca3eb7e266789fc657f588df8882a299bd37110b54d60dcce47bbfd232d |
| SHA512 | dc7cae117bf02afcc9e77e3b55ca793cc9e9d8579d7e64d2602b2a633e8fa61bd61f725aa7dfc7441106f32176395b902561c41a7e24d7f6cfc449f1213ce1bb |
/data/data/Mad.api/databases/google_app_measurement_local.db-wal
| MD5 | 4ec0478428bcf372104565e3df9b2c7f |
| SHA1 | f334f2e81601187610b9ad345cfc1010689b7665 |
| SHA256 | 67f2f777f80c24ce4f743483d074724791e1c63d94f9fb6138a78f58530669ec |
| SHA512 | 590f608fa6ebcf724606497311db0f3da6d8773c9d6c2bfbac68d19234c08adb6674ecf1eb92d4dddb936de9a740e4cf6475c3dcb56ffe38ef95a2e66785baa9 |
/data/data/Mad.api/databases/google_app_measurement_local.db
| MD5 | 3e881d9a01ca707bed38018ac69f4518 |
| SHA1 | 5820f9351d7cc8082de6e5686eb9f8fedf6fb830 |
| SHA256 | 4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c |
| SHA512 | 8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8 |