7e024bc32e5f186c3ca6365e99d398c15ab98578f7ac906fe3983b1e5f9e77bf

Analysis

max time kernel
110s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
14-08-2024 19:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9752c2fe2d12bae76ec7f9237b2a8f81_JaffaCakes118.apk
Size

8.0MB
MD5

9752c2fe2d12bae76ec7f9237b2a8f81
SHA1

95d934932f97e2b862b9cd0807ecbdb76e7667a8
SHA256

7e024bc32e5f186c3ca6365e99d398c15ab98578f7ac906fe3983b1e5f9e77bf
SHA512

e06b16a916fe0faacb7bb3cfd361dece5e4cd021cd82d1394af35954dfe6c4d8140e87d1b894e07b9f03e8cd954bf04be45d26637bd238f9c69380f0c23bac49
SSDEEP

196608:4J9/L+CPtWz2U3pAeC+fyy3nT5e4N1YAJFu7dhiU1rrsOMgXju:4z/r1E2U3pAeC+Ky3T5e43YKQ7dhtrs3

Score

7^/10

collection discovery evasion execution impact persistence

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 TTPs 1 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.product.model	ir.ziba.shokolat

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/ir.ziba.shokolat/cache/1582435991586.jar	4310	ir.ziba.shokolat

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ir.ziba.shokolat

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	ir.ziba.shokolat

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	ir.ziba.shokolat
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	ir.ziba.shokolat

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.ziba.shokolat

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.ziba.shokolat

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.ziba.shokolat

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.ziba.shokolat

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	ir.ziba.shokolat

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	ir.ziba.shokolat

ir.ziba.shokolat
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4310

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.ziba.shokolat/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/14fe7202-c7f6-4620-9d2a-b62c66ad2b8c.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.ziba.shokolat/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/481cc0ea-ea85-4948-850e-413936fe3f00.jobs

Filesize
278B

MD5
3aa4fc9324d2edc924cb3d9582f4a57d

SHA1
8a045bd113b29473225b462e96306ea4e5b4e9fb

SHA256
dd871a0b5e452ee27f4ee7cd373fd0c8bc2fa5d33d0260064bb44ad706729d7b

SHA512
45b35f1abeae696ac579b68baf79d981a1d0775e92379395d39d665874d03f58d7762d2c15dc34f864a8a86296b3b10862305877b932691cd8d5043211f56886

Download Submit
/data/data/ir.ziba.shokolat/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/dc81f9a9-7a80-4390-84d7-c7183c247bfa.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.ziba.shokolat/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/data/ir.ziba.shokolat/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/ir.ziba.shokolat/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
bf4cc4b5aa0be45b51a03091c62042d6

SHA1
1c6c33d9bc6ddabddd840ce681f8f13af8364dab

SHA256
e6752d03a5d7febd62c689b341bb197f73d678a6fe46d1a1c2e0ab41cef50f2d

SHA512
f2c5f5aca110a154f7db6a3ac48f19c24cae522b411c0854d7596836e556935d169e7fca9efc288e0548402f342ae601a40f1491f1533145f639edd366434a64

Download Submit
/data/data/ir.ziba.shokolat/databases/__pushe_base_lib_db-wal

Filesize
152KB

MD5
63e221eca9d2873df834eb63cdbe9489

SHA1
fe11634fb34a987faf8146696bac090491e3c697

SHA256
103654ceb79db9f6875c0718f1a8febd424f2d67546c47c65a56d68ad0550c27

SHA512
7b821912e32f7e70742b8abd525b5f655ab939cf11f4e8093db847e2f80584367f8a3d04c5df9b508fade2c1b2151f5d79b587c6a629f51ea0463e9f68f840d5

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb

Filesize
20KB

MD5
287496372aaafd64aac62007f072c7a3

SHA1
920da00d7193560006bc48b90e3c53ea2c9f11fd

SHA256
a5e7f84390b702ed75376d11e1922787f047c74d8c5d2cc2ddc97606a9461612

SHA512
7e670cd3672c8b90186bdf8cd97b56ff9802e7b3abd0ff8fbc5340f25c8151f08f3d97e38e6df22a57b6ea11fb506c1a594a0e4af9268de2c5f0937ba37304eb

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb

Filesize
20KB

MD5
5dc30dc36c1b2b380acee136f630664b

SHA1
23458ba53385c4dc20fc19cfe13ac591f834ec17

SHA256
01bd91d058a968d627c1670dc100d58418c7562f049bd6583f555bfe6e14a45a

SHA512
dd55e1e007bf9c20940ae1a82d5b85e04c6466cde163a26bf945d2498340d8d5d3e843189bbec5b22e4ff73a4eda87439eb6914d143397a793aad1cfd846afd6

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb-journal

Filesize
512B

MD5
c032de6caaf5fe88f124551561103889

SHA1
de1a4497ba93a0989ee5bce798bebcbdf906d8e4

SHA256
3a77f157c65e9e7b657200f30fcd62714f516dc46c6b5df1daa8a9f322da57f4

SHA512
bb7cc4b22e57bfacab050adfe3d5f955178e1defbbeca9e4eb7208468592a66c2b5c21f27b28fde771cdeafb0df1c23cdd7c685c12faf4fa49557967149e2f3d

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb-wal

Filesize
40KB

MD5
91f8abd193c06f33eca6d5eeb8119ad8

SHA1
e90fdd8007a139a234b47779efe6f9558cb59f38

SHA256
070de3239a9634a05c69e09cbce13de01e325fa05b9847303365f7b98b2e040e

SHA512
ecaa469253b29165e022f596b5bb5880437d83c2b3befce1f314b6aebc90b58db17392ed38842a22f929fb9513a2e2ef9d9dbe44f81c53dcd5fd3fd2a4a75658

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb-wal

Filesize
8KB

MD5
c35a5a4b69409929dd52cf0471041965

SHA1
90a066f2a1e7558ade1a6f53eaad2870ecf09b05

SHA256
ffdb9e6cf390bfae9233d953954383d787233956253a6f555d60d0d5cf7fd781

SHA512
d0ec08c64c1a9e236c1a8039a2f64419bd48f694e581026777294687a4918b479c4fa95efee22694b4626940247fa2d0324579f8a31f2eb4e83f50907157cabb

Download Submit
/data/data/ir.ziba.shokolat/databases/cheshdb-wal

Filesize
16KB

MD5
f3584b9afa683a3ad7595ca03bfd3475

SHA1
fec37f348e2258028a5e98fc2ad455f6ef29d671

SHA256
4a7e325948e0cb1e7181a070fa157614578df6654d08d42393135171679405d4

SHA512
a7725c42e6013268df71850850b91d655979df012d55b59a259e07e1646ac51a2c62dd809cd7e3cf7b93073db67720196033b92f6b82ed8ab049ca0c631c5fe9

Download Submit
/data/data/ir.ziba.shokolat/databases/db_default_job_manager

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.ziba.shokolat/databases/db_default_job_manager-journal

Filesize
512B

MD5
893d73fac3a5689499eba2f87c9667a9

SHA1
5e5ce74e52d6d2002d1e2a73484736e659498b41

SHA256
79a0c16c7da9ddcf354fcf2763591bca858e0e10f03f896e6025acc3aab76a43

SHA512
1ad88918c0c65b90db384858548bd456b1d6963c8ceb54beb114a2a01a47ac9895ad049cd72f16dd61b014b89e65d94c6b8aaa987220bbb70ed53e268e9a3cef

Download Submit
/data/data/ir.ziba.shokolat/databases/db_default_job_manager-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.ziba.shokolat/databases/db_default_job_manager-wal

Filesize
136KB

MD5
6f1dd4867af5e1148d5e4770700fa6a8

SHA1
9f51d349847d7976e3a645f402a9c01b56ee7bbb

SHA256
5dab633d9090120993015562762e07725de7e4607941cfedf034cfb82a9dcec8

SHA512
af2de745b94e9bc3f8ab0c9c495d047ba3fe9e18e6de5652ebc2999e8d5f306a017c570e32cb4ec1e6d941697ca87239c667dc7580a8ec8139a53c093d354f26

Download Submit
/data/data/ir.ziba.shokolat/databases/evernote_jobs.db-journal

Filesize
512B

MD5
8635b545fdf92e405682f618035546c2

SHA1
19f8ecc4d2e2b164e08e292c5a6181b3ea1ab4c8

SHA256
90dc6f9dd78ab17f3243f491184ed67055a1d350b209f51adc36ef9332153cce

SHA512
99d4ac94c3445af87d68526b7c468e70ecb7c89f1a0a8f0c6a73b7e578d28a547cb69408e58be6589e460fc12a0c65b8aa91b70d81f2a942f5bc66f07db57ffa

Download Submit
/data/data/ir.ziba.shokolat/databases/evernote_jobs.db-wal

Filesize
213KB

MD5
72a56fc5d5c21a1660cad321e8c2cc30

SHA1
e0e74bab1c909b37af9dceede19ff66e29c46477

SHA256
35c7141e69b6df2999de347e75a8b8c9d458b3dc70ce4e4ec3a262d36fdf482d

SHA512
e4c34de3355d5a1a4939707f8677899102ca292d524094c81ca36c907daa1dae3d9227daefff74dba7818344fcaed32f288dbd6799ddf9fe6bfe4ea6db6baecb

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d6a84b6c8ade16effe2c76d146f86f3c

SHA1
25c8903f1bb7dee40244139799388fbdc1a0f7a1

SHA256
ca2e09cd18225ba17ed9e06b70b63697fee173a9812fa94348bb0d475e893036

SHA512
4425e7e00fbaabc82eb191c3a7632844cfab9b7e37eaf4fbdf9d9067f1711c80cfa14d277c23d45282411767ebe0e584669b6ab952fd9f0d4db620431bc4a32a

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6c2b3f557eb3c6ffc00a5cde7fd24155

SHA1
a3eabe63765bd0c7d2dc650f7ac6e44641db8db5

SHA256
6211e7b2af1a2d2e340a0f83c014af762c9baeef5515c4873f5704d132405a9e

SHA512
6ba40a6d8957a002762179eb0f5af91e41c12d411e1d2491fa51c4a2aa9bff68ad1d7e47a3f7ee8b3edb70c4842da892fca53fc3b4842eb70be1cfa5c7cb4d2c

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
921166574255bbc139a841bba3c66632

SHA1
cf56c29760f8c73a53d5f1fcd85f829a49708a9e

SHA256
06e3b2c2a21af8d2ff54da32bb4622cfd9aaa35b762fb1ef062e2ed980e07aaf

SHA512
4009813bcb207a8dbac2bafea7c3f74f92b12c06320db6346ca212b1b5637ce08f30d12f853ea1cc761b90ecc88db573457f05c0888cd0ea03465c393787661a

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
20e255cf3500d11eaeb7bc1b90585bf3

SHA1
e5eca1593596c94ac9a3dc60139f09e48a7cef07

SHA256
167453b63ebb46ce01d3fe048a29deae2dc5450af2c9b65f0395ae104ca197e6

SHA512
ccde6fcef3b1392538a8deba1bbd72e494a4b0c0c0f77205a2188bef4aa91c5ddaf9965aad3b66951d0e7c18a529268167fc1e61a0b9d31aebaf8cca06f93320

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db

Filesize
16KB

MD5
254f687eac81f83e83fb1a3b80970933

SHA1
4e9277e042c661b695508e2d053e7394c5882883

SHA256
4b9953c90aa9f9b65744f4e8b7628a09a4ab8dea7988a3d8b81b04345746f143

SHA512
64fe1a5869ee19f73850f0e36e53a4cd6d561edd741777013a5181aabc100d076f46080b78ea0cad0ad3ad5e798da7e9f21b113154c25a28d332c65315c0f1d7

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
842b948bc2598907272bfceef3b9f5c0

SHA1
fcfd88be7b5bcf33491dd8270c3170c35bfb2214

SHA256
af7ab6f980fd2fc684fa4b75d734dd4b73058448fca4ae97f9f1b3bc5db9befc

SHA512
0de3ed383c122b9e0dff407183631dc1238703e75d9ec38ac52949cb622d93c895f470217ff3461ad62c3dd0e233b0bcf7e23036096d76be251cab7ae4d594da

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3b44d11f1e727d66cdb060f159b6656c

SHA1
85ef424a54c3be0f0b457bdd8ab8789be6f56e3a

SHA256
3eab2e2a4e0670881a84dcef5f2197537c7c21cfeba93f9db2621aac5227e4b5

SHA512
ae583d8c185e51c9f24878af749a4ad94067f8e31b015c1ecf7dd55715c89c5e7900cf6f8060838c27208ee966a1e797f159227766b54652f13287040bacbd59

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0e0c3e48d2648c71360c1433da14e763

SHA1
8d5991b3e931538e7723817717d4800859d4b597

SHA256
92237bfa1d2bc11956819356231aeb1a13b51d20a26d59bd24e9034f7a7fbe9e

SHA512
4a8bd334cb2bc0ec165dc1a8683b06cfa52bb75072231a4112a21476ece241c841bbd28ec69d7e395ce331b6f283cf096d01a6da891e740be1654441aad95ef7

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
91cc4c72ed8c0ec6038e1aa8e1e20e1e

SHA1
e82391396bf28f5798ebfb209947cb7e6a91318b

SHA256
5328c43a1eba41df7f8dcd15d327c5852e21dece9d10f813149a8e4e297fdf6d

SHA512
9f705a6ed2dd410fff1dd3f32eda1a4ade39489d560cfb3b640b00ae0533b6efa40bfc504ae3bffb979d64ceb69f3a560392b4968dfa4ce0c032f4f906d69823

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fd69453a6dcabf529bec344ec32df046

SHA1
f63313e58cdc5b0b20fad7a1432a3e2d965cbb81

SHA256
242da5bc8f8ef7b6dba2daae7a016685afedb08afa32eeb8763420ebc54981ce

SHA512
13067a85156e1614d57ee1ad5e9b096aba51e432b5a04010def912bcf795ecf0d291d348d1f2a151a026c9f42797f034e727856e5a645a8990deb4a18b969c4f

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0b0c509249a30e0684a3fd57df9796c7

SHA1
ce907ada4ab6708793d795cf094b30f8b7400185

SHA256
cb0b9a6436dc42d9ad1de5114c994de3abe929b2675c5aba654ad3c4eafa6b52

SHA512
a16ca06d252ca334c3e5fdf32167d16056e2cc04cf0b83501a8a5313521f512c02137a0ee55b2740e664aa00d07f878251f7e62ef7200214555d84fd26d66055

Download Submit
/data/data/ir.ziba.shokolat/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8ef4b9e0ccb5f640dcbab012b00c6fba

SHA1
841b0c125d4f2e4c40f8f52290fd12bbc79c9056

SHA256
d64b083b470ca3eada1d4312934a5bce2d270d66ce4d32466d70a118adfa232c

SHA512
4bab63657a6cf6119cd24d8562523a12d84cacd8c26d31619ea34583db172d8b83ba2b760aa336442857065128c1b833dfd73c4f7ce7ed4e4e4226d2208dc719

Download Submit
/data/data/ir.ziba.shokolat/files/info.db

Filesize
11.0MB

MD5
d2c6ab45dd74ea20cbc894856f1849a3

SHA1
05b4c8db36b047e5437fa42c26bf391f358622c4

SHA256
ccc039bd436a461097b49e0095c55b1545909977eecae89c508ebb98919c3892

SHA512
9d6cc037aac9f2b989db2d1e654fb9c6c4f458d4d01d8a6a4695f2e3c1ed34a77834fbcf06579447df364172b598b803fbc000b7f854e93eb34b2afe0c2da421

Download Submit
/data/data/ir.ziba.shokolat/files/info.db

Filesize
1024B

MD5
e0fd33c12fbe9d29781b88c4d0976c77

SHA1
68f222ca05164f3b645d45e8d75c8cf8e949d2fc

SHA256
1e38e5bb33f7416a7a3315d0e8bbe23501721d39a7eef686d702e224046b2ce4

SHA512
6efba2e683264fadaf4517ea81138419bda7402a5c4443c1af5454ff00fbfc3cce80c84db895148cec09a194c26807d2db72318ac0e7fa1094148c1ef7524a3c

Download Submit
/data/data/ir.ziba.shokolat/files/info.db-journal

Filesize
1KB

MD5
db1bb9163be454b0c031beed55214f1a

SHA1
5cfaf45810de3ab7dd08dc440444c5dde81adeb8

SHA256
b4b36f5d3ad00dec4e9c7cc61379b6d20514b53e183b6b4f78f781d998565835

SHA512
bf554348f17e5e5cacaf9df203856b919fcfe76b3d6034690d03757a95eab882d50934ff5e0059d59aaea93fd5b480effb2947caad9aaafcaf749fe46aa26fd1

Download Submit
/data/data/ir.ziba.shokolat/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
440a2454bf784e047d51320537efb3ac

SHA1
84edf210dbb01a29ea64eda541cb24739c3f2ffe

SHA256
4b934417cbc68ac05d837c8a76cf318850b2872c139984cb3ab96ba32818f909

SHA512
db2c008958923dfb02631ae7508004bf9d075b0adbf307d7b236df2150fb864d27427be4f1f2aa8edba76224ec5ab2fc3eeb7dfac54106caddd562bc30e67291

Download Submit
/data/user/0/ir.ziba.shokolat/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads