Malware Analysis Report

2024-09-09 16:20

Sample ID 240706-n36qva1anh
Target HWF.apk
SHA256 9916a032b206aee7efb050687e9cdf44db68c0701909d5f464737abfece9a395
Tags
discovery evasion impact persistence antidot
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9916a032b206aee7efb050687e9cdf44db68c0701909d5f464737abfece9a395

Threat Level: Known bad

The file HWF.apk was found to be: Known bad.

Malicious Activity Summary

discovery evasion impact persistence antidot

Antidot family

Antidot payload

Queries information about running processes on the device

Reads information about phone network operator.

Requests dangerous framework permissions

Queries information about active data network

Declares services with permission to bind to the system

Listens for changes in the sensor environment (might be used to detect emulation)

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-06 11:57

Signatures

Antidot family

antidot

Antidot payload

Description Indicator Process Target
N/A N/A N/A N/A

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION N/A N/A
Allows an application to read the user's calendar data. android.permission.READ_CALENDAR N/A N/A
Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows the app to answer an incoming phone call. android.permission.ANSWER_PHONE_CALLS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to recognize physical activity. android.permission.ACTIVITY_RECOGNITION N/A N/A
Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 12:08

Platform

android-x86-arm-20240624-en

Max time kernel

564s

Max time network

605s

Command Line

com.huawei.health

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.huawei.health

com.huawei.health:DaemonService

com.huawei.health:DaemonService

com.huawei.health:DaemonService

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 grs.dbankcloud.com udp
DE 80.158.110.84:443 grs.dbankcloud.com tcp
US 1.1.1.1:53 configserver-dre.platform.hicloud.com udp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
US 1.1.1.1:53 configdownload-dre.dbankcdn.com udp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
US 1.1.1.1:53 operationposition-dre.things.dbankcloud.com udp
US 1.1.1.1:53 healthcommon-dre.things.dbankcloud.com udp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.41.130:443 operationposition-dre.things.dbankcloud.com tcp
US 1.1.1.1:53 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com udp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
DE 80.158.25.132:443 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com tcp
DE 80.158.25.132:443 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com tcp
DE 80.158.25.132:443 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com tcp
DE 80.158.110.84:443 grs.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.25.132:443 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com tcp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
US 1.1.1.1:53 hihealthbase-dre.things.dbankcloud.com udp
DE 80.158.40.241:443 hihealthbase-dre.things.dbankcloud.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
GB 43.132.64.190:443 configdownload-dre.dbankcdn.com tcp
GB 142.250.187.195:80 tcp
GB 142.250.179.228:443 tcp
US 1.1.1.1:53 configserver-dre.platform.hicloud.com udp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
US 1.1.1.1:53 contentcenter-dre.dbankcdn.cn udp
US 1.1.1.1:53 contentcenter-dre.dbankcdn.com udp
SG 43.132.80.77:443 contentcenter-dre.dbankcdn.com tcp
GB 43.132.64.188:443 contentcenter-dre.dbankcdn.cn tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.169.10:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.201.106:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.200.42:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.204.66:443 tcp
GB 216.58.201.106:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.212.195:443 tcp
GB 142.250.200.42:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.201.106:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.212.195:443 tcp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.212.195:443 tcp
GB 216.58.212.195:443 tcp
GB 216.58.201.106:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 grs.dbankcloud.com udp
DE 80.158.108.10:443 grs.dbankcloud.com tcp
DE 80.158.41.130:443 operationposition-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.37.10:443 healthcommon-dre.things.dbankcloud.com tcp
DE 80.158.25.132:443 nsp-sporthealth-oper-dre.obs.eu-de.otc.t-systems.com tcp
US 1.1.1.1:53 configserver-dre.platform.hicloud.com udp
DE 80.158.20.104:443 configserver-dre.platform.hicloud.com tcp
US 1.1.1.1:53 h5hosting-dre.dbankcdn.com udp
GB 43.132.64.190:443 h5hosting-dre.dbankcdn.com tcp
GB 43.132.64.190:443 h5hosting-dre.dbankcdn.com tcp
GB 43.132.64.190:443 h5hosting-dre.dbankcdn.com tcp
DE 80.158.108.10:443 grs.dbankcloud.com tcp
DE 80.158.40.241:443 hihealthbase-dre.things.dbankcloud.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.227:443 update.googleapis.com tcp
US 1.1.1.1:53 www.speedtest.net udp
US 104.17.148.22:443 www.speedtest.net tcp
US 104.17.148.22:443 www.speedtest.net tcp
US 1.1.1.1:53 cdn.ziffstatic.com udp
US 1.1.1.1:53 b.cdnst.net udp
US 1.1.1.1:53 cdn.tailwindcss.com udp
US 1.1.1.1:53 www.pcmag.com udp
US 1.1.1.1:53 unpkg.com udp
US 1.1.1.1:53 www.googleoptimize.com udp
US 104.22.21.144:443 cdn.tailwindcss.com tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
GB 2.17.209.162:443 cdn.ziffstatic.com tcp
US 104.16.20.118:443 www.pcmag.com tcp
US 104.17.247.203:443 unpkg.com tcp
GB 216.58.213.14:443 www.googleoptimize.com tcp
US 1.1.1.1:53 c.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 1.1.1.1:53 diffuser-cdn.app-us1.com udp
US 104.18.128.216:443 diffuser-cdn.app-us1.com tcp
US 1.1.1.1:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 1.1.1.1:53 prism.app-us1.com udp
US 104.17.31.174:443 prism.app-us1.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 1.1.1.1:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 1.1.1.1:53 cdn.static.zdbb.net udp
US 1.1.1.1:53 trackcmp.net udp
GB 104.86.111.83:443 cdn.static.zdbb.net tcp
US 104.18.34.214:443 trackcmp.net tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
GB 52.84.90.126:443 config.aps.amazon-adsystem.com tcp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
GB 172.217.169.2:443 securepubads.g.doubleclick.net tcp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 cdn.hadronid.net udp
US 1.1.1.1:53 cdn.id5-sync.com udp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
US 1.1.1.1:53 id.hadron.ad.gt udp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedlon.hyperoptic.com udp
US 1.1.1.1:53 speedtest.upp.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
US 1.1.1.1:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 speedtest.noone.co.uk.prod.hosts.ooklaserver.net udp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 188.94.45.252:8080 speedtest.noone.co.uk.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
IE 52.49.45.15:443 bcp.crwdcntrl.net tcp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
GB 18.154.87.148:443 aax.amazon-adsystem.com tcp
US 1.1.1.1:53 a.ad.gt udp
US 172.67.23.234:443 a.ad.gt tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 1.1.1.1:53 p.ad.gt udp
US 1.1.1.1:53 privacyportal.onetrust.com udp
US 1.1.1.1:53 ids.ad.gt udp
US 1.1.1.1:53 secure.adnxs.com udp
US 1.1.1.1:53 match.adsrvr.org udp
US 1.1.1.1:53 image2.pubmatic.com udp
US 1.1.1.1:53 id5-sync.com udp
US 172.67.23.234:443 p.ad.gt tcp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
US 1.1.1.1:53 token.rubiconproject.com udp
US 54.68.187.182:443 ids.ad.gt tcp
US 54.68.187.182:443 ids.ad.gt tcp
US 1.1.1.1:53 cm.g.doubleclick.net udp
NL 185.89.211.116:443 secure.adnxs.com tcp
US 1.1.1.1:53 onetag-sys.com udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 1.1.1.1:53 sync.1rx.io udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
GB 142.250.180.2:443 cm.g.doubleclick.net tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 1.1.1.1:53 5c3f0823dca1dc4ec0e5584e6326aa60.safeframe.googlesyndication.com udp
US 1.1.1.1:53 sync.go.sonobi.com udp
GB 142.250.180.1:443 5c3f0823dca1dc4ec0e5584e6326aa60.safeframe.googlesyndication.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 1.1.1.1:53 ssum-sec.casalemedia.com udp
US 1.1.1.1:53 static.criteo.net udp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 1.1.1.1:53 secure-us.imrworldwide.com udp
US 1.1.1.1:53 region1.analytics.google.com udp
IE 46.137.175.254:443 secure-us.imrworldwide.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 142.250.187.227:443 www.google.co.uk tcp
GB 74.125.206.156:443 stats.g.doubleclick.net tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 172.67.23.234:443 p.ad.gt tcp
US 172.67.23.234:443 p.ad.gt tcp
US 1.1.1.1:53 cdn-gl.imrworldwide.com udp
US 1.1.1.1:53 rtb.gumgum.com udp
US 1.1.1.1:53 pixels.ad.gt udp
DE 13.32.121.75:443 cdn-gl.imrworldwide.com tcp
IE 34.243.151.156:443 rtb.gumgum.com tcp
US 104.22.4.69:443 pixels.ad.gt tcp
US 1.1.1.1:53 cdn.ampproject.org udp
GB 142.250.187.225:443 cdn.ampproject.org tcp
GB 142.250.187.225:443 cdn.ampproject.org tcp
GB 142.250.187.225:443 cdn.ampproject.org tcp
GB 142.250.187.225:443 cdn.ampproject.org tcp
GB 142.250.187.225:443 cdn.ampproject.org tcp
US 1.1.1.1:53 bee.imrworldwide.com udp
US 1.1.1.1:53 d.turn.com udp
GB 108.156.46.117:443 bee.imrworldwide.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 lh3.googleusercontent.com udp
NL 46.228.164.13:443 d.turn.com tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 142.250.187.225:443 cdn.ampproject.org tcp
US 1.1.1.1:53 dis.eu.criteo.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
US 1.1.1.1:53 play.google.com udp
GB 142.250.187.238:443 play.google.com tcp
GB 142.250.187.238:443 play.google.com tcp
US 1.1.1.1:53 ice.360yield.com udp
US 1.1.1.1:53 rgn0jbesejgjej8odotoxk7jrwlrv1720267686.nuid.imrworldwide.com udp
IE 79.125.42.87:443 ice.360yield.com tcp
AT 3.161.119.28:443 rgn0jbesejgjej8odotoxk7jrwlrv1720267686.nuid.imrworldwide.com tcp
US 1.1.1.1:53 i.ytimg.com udp
US 1.1.1.1:53 play-lh.googleusercontent.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 142.250.180.3:443 ssl.gstatic.com tcp
US 1.1.1.1:53 ib.adnxs.com udp
US 1.1.1.1:53 ce.lijit.com udp
IE 99.81.85.68:443 ce.lijit.com tcp
US 1.1.1.1:53 uipglob.semasio.net udp
DK 77.243.51.121:443 uipglob.semasio.net tcp
GB 142.250.180.3:443 ssl.gstatic.com tcp
US 1.1.1.1:53 payments.google.com udp
US 1.1.1.1:53 apis.google.com udp
BE 64.233.184.92:443 payments.google.com tcp
GB 142.250.200.46:443 apis.google.com tcp
US 1.1.1.1:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
US 1.1.1.1:53 zdbb.net udp
IE 63.35.62.126:443 zdbb.net tcp
US 1.1.1.1:53 aa.agkn.com udp
IE 54.171.155.144:443 aa.agkn.com tcp
US 1.1.1.1:53 stags.bluekai.com udp
US 1.1.1.1:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
GB 2.19.169.14:443 stags.bluekai.com tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp

Files

/data/data/com.huawei.health/files/mmkv/preference_save_module

MD5 9bf934e539c1392f588e57ff528970bc
SHA1 c7222db3c37dfe0f2b4df0044675511797449f96
SHA256 1f794f305bbcdd20d43d4682f2bb67cc1fb9d30f3aa2e8c3270c9fdc17553569
SHA512 cce93bad1267432a840be19d9803d32b9511dddbcc5276a0ea0a81def39349acdae438c7fe98d6057ad2fd5178b7409a96c470012b5f74ec45079315da8ea35e

/data/data/com.huawei.health/files/mmkv/preference_save_module.crc

MD5 655c22f9ac1655db0044c37cc45131e6
SHA1 53e05de8db93703c060a8085cfad1cb66b04e2f8
SHA256 89525edcf6c0d43d7ce57edac8537772b7b84644daa6a78e1d0282d763c4d390
SHA512 069e126b2a651cc7852b7be73d69d1804927cd061af2c66d37193ffc8c0e85ef55a7dc5c2d4728e039e96089e1e458d70b64edc112f813f2c642713ab73d386c

/data/data/com.huawei.health/databases/HwCPDatas.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.huawei.health/databases/HwCPDatas.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.huawei.health/databases/HwCPDatas.db-wal

MD5 ac562e385d7cb094460e335e7f1b7549
SHA1 e44ecb47d007f41128627fc54ad6455abe3c0758
SHA256 d3e4656d9904eb5029bf6e6d056b7d8464592e40c48ef84dd8856b6584f85fd4
SHA512 a4d3114ce88eafb47577592e2b6bfe0151bbc01b8c3d14bc51e9dfee6c0a2c44bf12560caff995380f338fae886d68f554a9c76d85d46d2a37a66a581505fbbf

/data/data/com.huawei.health/databases/HwCPBackupDatas.db-journal

MD5 620f0b67a91f7f74151bc5be745b7110
SHA1 1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d
SHA256 ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7
SHA512 2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

/data/data/com.huawei.health/databases/HwCPBackupDatas.db-shm

MD5 487370a74b48483642598dc85ec75b55
SHA1 1fe32dbdde8f4a6dd6488d80e905d5b3260261b2
SHA256 0fd8138b31bd0cc32e8422e10e1fe6ce53380131b6780c10eda13fd0f493e2c3
SHA512 735d3f9b9b3401b2a4aa160272643957f3e2d3346f3ad04d3faa4512b31aaa94880abee02c48c0fcdfed2437805698f805d4cd3e83c93201663de7c86ad6efaf

/data/data/com.huawei.health/databases/HwCPBackupDatas.db-wal

MD5 c7df7e42fe816dd13c042327ff253eba
SHA1 a76137b7b3bbf5510e637f60e9ec43bdcf46145d
SHA256 108f4e8b4fb3941aff35fd575f6f33e81fc60fe2099f78d32790ebb03f4714b9
SHA512 b3712f6ecd33059276bc90d807196338e4ad6e6e98fc09955ee1f89897319cfca661a2a941156145ed2c13e9786ed8c8990676b1039b49163211f36705178304

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_processLog_0.txt

MD5 bb711e129e11c28c3340754d8f0d3dcd
SHA1 3ea1079448741d5fdf8ca2eece4a69c2f746eb46
SHA256 9c11b30e942afdefd0c3f1b0c17bb22d0ef7c6f2a84fbfb6adc4211aaecd0aca
SHA512 04dd62b3b0e63d21b0b724fb464f0168d4d4e1171e7d167eae19c367204edddf79a72a7cebd0595af13c93e39e027d972027f8d1998b1cbf558a11954b9d3a3e

/data/data/com.huawei.health/app_proc_status/proc_status/com.huawei.health

MD5 cf869670895659f099b078c9a0b69ac7
SHA1 bce37d5abf6b677873bc8f04d3d122a9217d1a07
SHA256 85988c2bcafe029c5f10d12af86235fcaa2317c061d5af134d4873b07e9342c3
SHA512 d7fa749c934659353be17e0bc4a291fbd852f14d8d537bd3f6a26737940ca1767fcaba7f11e48f1b2abd9a54a21ba2d523c69b9248e85c28ae91889d17d07f30

/data/data/com.huawei.health/databases/HwVersion.db-journal

MD5 27941328950fca35de022069008125ed
SHA1 9177b91161dc0760451f7579ecd963d971551433
SHA256 81a41fd2767c47626246cda12b52a21a5d8c72c33e26beed07b47cfacf65e85e
SHA512 fc290ff2a9f41c142d738eb1fe6266e4ca2e41e896a35d9be75ab2d2e70dab387b45d241cb638bcaa8ad78b37679bbec96f7c9b9b7e1baa120d254e3188ce84f

/data/data/com.huawei.health/databases/HwVersion.db

MD5 90353649b624f70875cbdeb9c71a69a2
SHA1 bf2c23c743072db75c14f9775d62d8834c4cbd1a
SHA256 ad5a2a6dd681b2752b3b55db84328e5781c800bb01af3ae72c2df116e3a26d72
SHA512 6cc43d1585c4d028e69c53941c80cbf0aab311b175e5510bad838ba2f29eef36ee1dc9b87c1d4aa9e0d27d0f04c1d1273abf1591f1cf590b7ac9ca4cc505327f

/data/data/com.huawei.health/databases/HwVersion.db-shm

MD5 7512eda0bf41bb1bb0616b85ee052082
SHA1 0ba2fd23ed7c7e10065193806720cc307f19d90a
SHA256 cd7d6254ed60472d6073c5993fcbb2db491f53702e80dd286364210c7db048b8
SHA512 3ee1412e2cba6c7572afbf5a0616cf650c1c0935735d9519b4cb6474a09ecdd6dbcc5e10c020e7a1f8d3370fde51da7fa0206200dea21ba1a83fa8e5d8634bb9

/data/data/com.huawei.health/databases/HwVersion.db-wal

MD5 aadf80cd40e6d477b02aac6ad350d06e
SHA1 05df92e3ed617f58212db328daf5d7e0aa10d94b
SHA256 e5c0fe65cdef7ecc0f60228ab67e5a33b4e3372d4ff5b91ae3ae86c37dc46896
SHA512 d3212f2362545224ee1d4e7489ff3c8ce3dfef7418626373c0127a36215da1731494f51c823f2517ea103cb485ee17cae500e3a6a3ebb3b43a7496c1f2bbc76b

/data/data/com.huawei.health/files/mmkv/login_data

MD5 b33151188b287fb4f40fb2e7eb572621
SHA1 0dd23bf0da402edaa1a530332bdf44dcc277fe47
SHA256 45d77421d47578be65634c4ee28a4ee6a12dafc8f8d7f0397e535608992fa5d8
SHA512 f91c74a0204029c00593fa21f52aa43008df6544c2fec8f90aaf0fae1f6c384d0af1f23bbd49a9b2b278f7b65b6733a29b2266528f1db56bace6b5b229f2d26f

/data/data/com.huawei.health/files/mmkv/login_data.crc

MD5 3993df8365968c5fc22c41d07320271e
SHA1 7068e405026a373eeacff2e43ab1edf4fcbd5b6d
SHA256 5ecda970de60ffe54f3c3430b9cfbe7eaf4b0960521e1544a84ad81e26f3ac65
SHA512 497d746b56be2b2f9af601d8923fb242ceb56b8092469d45a959373f61b26e5261df4805220a36e9f505ed782378c1ed153d66d4a81c2a5d6f9738e882e31348

/data/data/com.huawei.health/databases/com_huawei_health101010.db-journal

MD5 4a61927f1a4114feb245bfef7adeaec4
SHA1 351a48137858ad2c17ed89cfec3ffc5aa4fc2fdb
SHA256 d0d8cbc4e8a7e8fae5c7a20373b94e3844e648efc1944be6e113f0d33fdc3e3a
SHA512 c59704854a0c933388b656e88e6196e3f4c79acde5ad907b65c2a37e8c3e0b02d4421acc05efa00ff0e12c18773d0e937662324d2fb75beb36ce302ceb899dd5

/data/data/com.huawei.health/databases/com_huawei_health20005.db-journal

MD5 3fe30614d7e0d11db870b4624f6c50e0
SHA1 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA256 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512 c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

/data/data/com.huawei.health/databases/com_huawei_health1020.db-journal

MD5 32860dcdf5a94d4342791f6b8325d9c1
SHA1 06b8f691e4608bdc2c3d8384d096353459caff97
SHA256 585c05129c2e26b1f50dbf31253b9c9a1b131b5fbd5944aa882dab93381cf747
SHA512 442df85fe9d70cd6b32c86d82ce9eb0f645390efc687ab99319f3e77ad8d17c04254ccbd5afc07f9ae4337f519d3243c9dae3cc4c78ff25e3c4c0935c9ae7ae5

/data/data/com.huawei.health/files/mmkv/10100

MD5 6b6b1b2a5d201d3754c12bc3bef1af18
SHA1 5e6f434a07908588eef606e564be6b157bcfa5c8
SHA256 4119a029b74c8b7d76fe8718ba4435c9831bf1208faa13df047bc76c538f9cdf
SHA512 3471d6cad4f53b1ed3f583827cb187e4d41e6281e96224cd51939c3004ce0a11d7f91a5cfa755ef1835b4cbee9c9a7074ffdc08874caccf7700613034c71664f

/data/data/com.huawei.health/files/mmkv/30004.crc

MD5 603279fef8a474ff5768763292d7f54f
SHA1 8b4e1f6d24ebd856d3b426c941ea7879ed86d976
SHA256 042e2a03c1d6137dd7d8307224d45510b70f995723e640a4151fb1efd73f61d8
SHA512 c1bd7cee966a505293cac32ed8002bfc5e4bc26568a0567cf06b21295f9961ed39d2ebc35f6b1d334ed6103fefe4c5dada481431aab579580cf2b59dcdfe660a

/data/data/com.huawei.health/files/mmkv/3041

MD5 2ec88e548d2fdb6f4014a43162c5a3b8
SHA1 90008f886ba1966a658eedfecb5e779bc5c70275
SHA256 b18573fbfad4e522f827a276c4480fc7f353c4374de480aea5337be15eebb31e
SHA512 05da1d9c1ebc70691a3fb0d50533ccd358f5e602372eabb7d9a83b7fa84a2f8b3575a37850405219e47677fcbb9ad24bd8fc208c280ba6ef6c553eac86ac3899

/data/data/com.huawei.health/files/mmkv/20006

MD5 f0c811909db56685a87dd3a65892182d
SHA1 72e2c78cd1760ce4525fe10232bbcbc3cd791131
SHA256 63054e08db10225dbf584fbcb144195239b4503fa252e45a555efc2bbd04b9ff
SHA512 d01683f8152a1fe62cc1d3f207c989ce92675532c3c12630c5ddb0608393fda945342d46d3911f3f2bcc970b3925a0b0ea1f7c776281dcf5caee8dcccc5b83cf

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

MD5 51189da7af32159a9fa7ecb8913a234f
SHA1 48bbeb41ca927f6c1e88d785578ed8cf342e745a
SHA256 e9ea2d1034a1c4cda250b121c27f8ef3bc3cb0a829c2702c83d777c35b3c3f29
SHA512 ae80f1c6a5d9d5d6ee53e54e8ce8a22f31cc2a89a6b23a69e2c85e40bcff2a0b55c48a6991c387163ee31d582f23784b6ef2470045b65f016ffbfc5319e230b3

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_processLog_0.txt

MD5 b52f43d0f0b134705c10df2d8e37b27f
SHA1 3fdeec9c612c6a6ebee2038988f83ef710783544
SHA256 aba475f79967f482aaa08542599999adc383d63ea4df4597dd2b45df924f0dc9
SHA512 bf1de1a40e3da75b1ed3a05b42130cc5c205fd5f18d865d69636fca3195f1c538b44ade0e20729d352b43811ecc712fec6e67db7755433824b6d8622f0460ba4

/data/data/com.huawei.health/app_proc_status/proc_status/com.huawei.health:DaemonService

MD5 4c1b49613bedb6ee33f978b33c631a8a
SHA1 bec4be52ae6f391922065964df31a24b72b06920
SHA256 f125438f0ba9f5344ea415b33f65c260718a227b591debe1b113253513deca33
SHA512 b1fcef47be311f6992fa9f01b513eb7b91a1abeab05d2c854739ad28a0972783ad6b9644d831ecff93a6dff29004d8488deb10ac026695063c160ee8bbeed675

/data/data/com.huawei.health/files/mmkv/preference_module_kit_subscribe.crc

MD5 00eff08929b909a7409c705a2ca6a6b5
SHA1 89adb946c4dfb5c9c233eea106dffa0db57003d1
SHA256 32a2a70237494d637cdaf6762a3d92ae9cfe8c6835f63d81a1264bb1b03a2d0c
SHA512 2cadca5c7dd9359382eeb808cdba7a1782a3c01ec66e68159a644ebb5a7091ecb0fdfc813e2eb8bee30e432f2e7908d57785600e9a69d45da678c9bdf237ef8d

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 7fd12991252878a9381df83044afb7b3
SHA1 328e30395b00db3151755f2f5150a79b7d98a3b0
SHA256 0eaf3a493f08b7a23be0b7e65696d76aa37e7d606fb76d1cb0a39c5fa2b932ba
SHA512 7b6797e3af0b789f467178d73ded0389e6c9f60e7a9d5fa64f01fa6039d75253d81c3182f4045bfd762b52c055159e537adb0881ad7b11ab1ff89b4c8e341e15

/data/data/com.huawei.health/databases/com_huawei_health_UdsDevicesDatas.db-journal

MD5 aa19ff81b874f68c4ae7055be0a3f758
SHA1 5916f7f8e8fabcb102d300fe2d3bf44cc7fad925
SHA256 7e801b1a97ac6e7f6a86845fe83cde546e7b4a54740285d46c2409e9e333734b
SHA512 ba4ad8b7c15c8a0439e1019103f6922332d1323c6a663eb58b0b66a19f5a36fb8483f3f4baf7f072858d97751266a4aaa37854468e51a3af8067db6215ce9be5

/data/data/com.huawei.health/files/healthcloud/temp/sport_intensity_index.json

MD5 95737207a078a5ee4dcebed563f38165
SHA1 8c2c283ea848559d28050eff0a469c3b575ad5bd
SHA256 b02dc41701ac6dad56bf5c5ed96947b43e6c442cda48f743dddad2d2c8accc69
SHA512 e8998e6d569fb751c17faea3d505118c01cfd8bd00c1346e638c9e05400b42f585a5b2f6ea7ff25e5ac5b2809ad276ba7f17eac0b97d1f6573bb382ea9181568

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 a6d6360c000e4e945a3e0f0a993f25fc
SHA1 ba7527e631b076e1df6ece1df5c600bc8fd55d84
SHA256 38b1498211782d4eabf11f394285e31f1738c01dda2a96d669a96330ec164195
SHA512 367c50a8263299e0d1a00670439144db1f3b47178fc9550689987a060188f68256bf3e69edb7cfe0ee2fcef53aa09716258db28ab873cf8a15fba93a6cdbadb4

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 6d50af0f8e1b5d3dc08cbf74d5bda63e
SHA1 0783bf900c3e04161cd698301c32d463f4d5ac0f
SHA256 96f6a41c7a7484737f0a670734bd01f9794bc2c0db2647fb2d150c9e2a5c1588
SHA512 bda58d8b3fdac8c252f6463781b9d441f2b96761c428456a6213aeed0c4d9b72a0a155e9449775b44b09883cca9d09c398110f35f88cd46f7490c0a3cc299435

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 23cd5a20bde1404e8f362221c73a074f
SHA1 93f10d47126b9184663f845bbd9d910074af4b40
SHA256 5555ab7ae1875bf7eaa0c8bc0c4a48d759bb296e3f7e8f293d08533566aa2db8
SHA512 bacf01576e7a4d3c5ab0fceaa8cea14237b8bb3ea2b81a0dbff217b1ca24c3d22442dee42528d980909cca065d93eb2f23e9d9de396df0832a40d742a6f86a6e

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 66ba6f75e1968e20b414c477da897b79
SHA1 a73eaa0c5cef5eca8bc9ebd1ed6ebf088b902424
SHA256 7cf9a87049142c6ee0169a0907fffcbbc39146d460c59f44c26e5c896a88b9d6
SHA512 ab31da1b8106710ef47a525b081b43b7b1573a558fc5445778dc6e235ce25baa894faefb69bacc716e751a9e6660e01713d6bab824fc3f1e4a5ba34848d10bf8

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_DaemonService_threadpoolLog_0.txt

MD5 1eebf14cdc15814aceaab0a3278bc9d2
SHA1 fe94c9e1a0eb40f79dd0fdd61cb24c01bbc703b2
SHA256 4356597b3a40087cfeb88a52b78c453432cc930478facefa8c78b648020e17c1
SHA512 0ba81d81fed6685eb3a635c488a4c4097dcd3793b3cc8e0c7a5bf876fef152a26516a4da351cfabdc49ac2fd27fab526e6943a41f52217cde6ed64b1ef728f2c

/data/data/com.huawei.health/databases/hihealth_003.db

MD5 0b750b3bcebca4161055104af65efabc
SHA1 1032bda085e5d034ffc603f6c0fad466651c746f
SHA256 3ca6b21e961a4e5af3030c59d1375d3f16c4fe137f13f1f87fdf73329b98e58b
SHA512 dbc2a77a083369c5bea5edf577a8fc8e33aeb42a0560c1ef8a03580c3dc53d1f96f1ab70674838c42e4a53cae0f2f786088f41af72abe3575631541905633586

/data/data/com.huawei.health/databases/hihealth_003.db-wal

MD5 cd79e2217b8806081c58a653c2250568
SHA1 7cbc22c4a8d85ee46379ab6119de94cc22fd04da
SHA256 438f33c9f004b156ca6871b9fa1621965d72084e2cf9ac0f545ad0d9a313e278
SHA512 c653d7b7ab0efb03bd182472db3752aeb83d04c5d0eed80245cef5b2e2c1cdfc965a7d2a31261fc19a76589e8e6cc1bbb1026089db405286184953d77c14ff9b

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

MD5 3c73ba31149e6ed10646cc404d8a918b
SHA1 4923be72b3843e5e5d69f10fb93ca8ae13c79257
SHA256 60bcda8a1277601ef81a900e95ef9e97219bda92aa14af2d851199e9bcee67d3
SHA512 db7d01af49ce857a256860a81500f8f6355fb891313f05abcc721eb770dfa06b048bfb98cc1d2bde88a9558e955b26ce961d4446544cb1696855adb254dc9039

/data/data/com.huawei.health/databases/com_huawei_health_UdsDevicesDatas.db

MD5 c1372c09443c26626602407c1b486395
SHA1 665148deca6e0191ad8bac3ac4f24be741074da3
SHA256 b76d8dcd0462820cbf91922d639d068fc6f7cc8598c8db9b5926c760756a9625
SHA512 81af696aef3a73b5700a3a2e961ae76fb297299d4abd12de8640941dd84db127926ac06c7125f1c45cce11e7d73469fe2de2deef0b2995243946f731081c38f2

/data/data/com.huawei.health/databases/HwCPDatas.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

MD5 319c876bea69a99a51c34bab6550f963
SHA1 7723e976ebed33732ad74b77ddd624582865fd9f
SHA256 ec90fb34df5640fc8035c43905d6f05ff58b5eda9f7266cd1efaeb63bfd5ef69
SHA512 18386355cc8e183f0d1c9a2f9fc16db5bdd2ce956170be464771c9b7d76c8a5f00bf10ea1ae6b24cd89c3c548571d2b0197a2c9cba5c4034eaf2a00278d546d2

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

MD5 d259b66cde82e8c286becb38992a70c6
SHA1 9587c3ae257451c59d040b1debdf5d61b97c143f
SHA256 19af6c2c55246e1cf7e0592b43bd5766c432793d9df0a5cc151f3c79a297e8c3
SHA512 479786accefc79bd77e2ab978cc07144652824a53694134531e50e4a90e35e8e179519bf21817b4ad060fcf89d298c56ee69c346b3cfc9499f424a864d4b6e1b

Analysis: behavioral17

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-arm64-20240624-en

Max time network

9s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 12:05

Platform

android-x86-arm-20240624-en

Max time kernel

2s

Max time network

445s

Command Line

com.huawei.health

Signatures

N/A

Processes

com.huawei.health

Network

Country Destination Domain Proto
GB 142.250.180.10:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.201.99:80 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.34:443 tcp
GB 216.58.201.99:443 tcp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.201.99:443 tcp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.201.99:443 tcp
GB 216.58.201.99:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.212.206:443 tcp
US 1.1.1.1:53 clients4.google.com udp
GB 142.250.200.14:443 clients4.google.com udp
GB 142.250.200.14:443 clients4.google.com tcp
US 1.1.1.1:53 maps.gstatic.com udp
GB 172.217.169.67:443 maps.gstatic.com tcp
GB 142.250.200.14:443 clients4.google.com udp
GB 142.250.200.14:443 clients4.google.com tcp
US 1.1.1.1:53 lh3.googleusercontent.com udp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.228:443 www.google.com tcp
GB 142.250.187.228:443 www.google.com tcp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 142.250.180.3:443 ssl.gstatic.com tcp
GB 172.217.169.67:443 maps.gstatic.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 consent.google.com udp
GB 142.250.178.14:443 consent.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.227:443 update.googleapis.com tcp
GB 142.250.187.228:443 www.google.com tcp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:59

Platform

android-x64-arm64-20240624-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-arm64-20240624-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
GB 172.217.16.238:443 tcp
GB 172.217.169.42:443 tcp
GB 172.217.169.42:443 tcp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-arm64-20240624-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-arm64-20240624-en

Max time network

10s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-arm64-20240624-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 12:02

Platform

android-33-x64-arm64-20240624-en

Max time network

201s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 162.159.61.3:443 tcp
US 162.159.61.3:443 tcp
US 162.159.61.3:443 udp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 udp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 142.250.187.228:443 udp
GB 142.250.178.4:443 udp
GB 142.250.178.4:443 tcp
GB 216.58.204.67:443 tcp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com udp
BE 74.125.206.84:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 udp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 12:02

Platform

android-x86-arm-20240624-en

Max time network

183s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.169.42:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.200.46:443 tcp
GB 172.217.169.34:443 tcp
GB 216.58.212.234:443 semanticlocation-pa.googleapis.com tcp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x64-20240624-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-07-06 11:56

Reported

2024-07-06 11:58

Platform

android-x86-arm-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A