582e9825e6d6b27bd627af93afc188809e35a5c74d6646c95df4038abccc1889

Analysis

max time kernel
178s
max time network
178s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22-08-2024 00:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b5aca0413654627b1377dd0e5118750c_JaffaCakes118.apk
Size

4.9MB
MD5

b5aca0413654627b1377dd0e5118750c
SHA1

9831383822a84d912a5303f3da749b1ba3b2fe09
SHA256

582e9825e6d6b27bd627af93afc188809e35a5c74d6646c95df4038abccc1889
SHA512

4d18a04a0267ecc1b58499d85f878d5ce87486ba358c74395b5efe1cd6d6a3ea3c8a9fda4829d5403d586c76aba7bac4da94662de7676d5debe811f23fb16747
SSDEEP

98304:Xzdxc6dTodeM68mgU+ZKVRDISlEW79QnSx2NAP2nijXyvRyeneY:76PbmaZKnI+EW2SUnniLy5P

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.example.android_ksbao_stsq
/sbin/su	/system/bin/sh -c type su

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.example.android_ksbao_stsq/mix.dex	4211	com.example.android_ksbao_stsq
/data/data/com.example.android_ksbao_stsq/mix.dex	4312	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.example.android_ksbao_stsq/mix.dex --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/data/com.example.android_ksbao_stsq/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.example.android_ksbao_stsq/mix.dex	4211	com.example.android_ksbao_stsq

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.example.android_ksbao_stsq

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
13	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.example.android_ksbao_stsq

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.example.android_ksbao_stsq

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.example.android_ksbao_stsq

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.example.android_ksbao_stsq

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.example.android_ksbao_stsq

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.android_ksbao_stsq

com.example.android_ksbao_stsq
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4211
- sh -c getprop ro.yunos.version
  2⤵
  PID:4284
- getprop ro.yunos.version
  2⤵
  PID:4284
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.example.android_ksbao_stsq/mix.dex --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/data/com.example.android_ksbao_stsq/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4312
- /system/bin/sh -c type su
  2⤵
  - Checks if the Android device is rooted.
  PID:4346
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4391
- logcat -d -v threadtime
  2⤵
  PID:4424
- /system/bin/sh -c getprop ro.miui.ui.version.name
  2⤵
  PID:4446
- getprop ro.miui.ui.version.name
  2⤵
  PID:4446
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:4477
- getprop ro.build.version.emui
  2⤵
  PID:4477
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:4501
- getprop ro.lenovo.series
  2⤵
  PID:4501
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:4526
- getprop ro.build.nubia.rom.name
  2⤵
  PID:4526
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:4551
- getprop ro.meizu.product.model
  2⤵
  PID:4551
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:4578
- getprop ro.build.version.opporom
  2⤵
  PID:4578
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:4602
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:4602
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:4626
- getprop ro.aa.romver
  2⤵
  PID:4626
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:4650
- getprop ro.lewa.version
  2⤵
  PID:4650
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:4675
- getprop ro.gn.gnromvernumber
  2⤵
  PID:4675
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4699
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4699
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:4751
- getprop ro.build.rom.id
  2⤵
  PID:4751

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.android_ksbao_stsq/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
4ea1a41fd0413c8f57558c3ffaebf62a

SHA1
43ab16045077eafdd314584385708b8cb5e2fdde

SHA256
9cc0cb5e9b89222a05eb8ba5fdfeccb93afb9e2b30cba5699207b83507d22b78

SHA512
8a027cc99b1335d62b8eff21e0cc48bdb8edea57799923ee7274d52a2ab8ad50bb965bac00df9036b04122a70fa4781c70530cb7acf85f85b93d3b10b9055fc5

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ThrowalbeLog.db-wal

Filesize
32KB

MD5
fd2d0522aeeea7a47759b008613ab4a0

SHA1
cfe244ef352341c58b29ee11a6f4b8bbc546c347

SHA256
94d5e029e423a8f39229ac7d61f9e6395379b7cdce072b23c8f0103899cb5fc9

SHA512
f328444c2f3e8bfacd1dfcedccd63bacf4c6603ad9d015b015dae0b2396df164fc9fd3f5010be439c3495d05ab1bb718e273ad205f4c7b3b68bc8dbd9d7f0e21

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
512B

MD5
9c7d2824a28b1df4977ad1193264178b

SHA1
4d8c9e9ebbfc2c6b3d9e8512e2f4ea43a9c90e97

SHA256
f175323f721b07c17a78ae3fccd4d90894f9714be32f4c276971c77e1609f113

SHA512
98e13c9b0cee281925354604637806189fa956ee477c513e6da19adaec260ee11f5f7802c3baab3876ac827181871dc2d79a27b90aca79db16624529285a7b3b

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/bugly_db_legu-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/bugly_db_legu-wal

Filesize
185KB

MD5
e136c4c5f2716f79dcb0dd87fc8f2801

SHA1
9df90be74f7d4e9a08aa6939e9dcd0462d0bac45

SHA256
fa1d62cd8d5c1cbf74fcfd4c1c5c18eee72e4a535f0468ff278979308e1b8f5f

SHA512
216416bb6194d6473fa42773a7207f8e22829399b2a70342e792ff5a48f2a062b2693ef32e4b01ced2be24328107efc3d19d8650f530b03ba327fd920b562e3e

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/cc/cc.db-journal

Filesize
512B

MD5
36d3dfc9e2235b7603b3d5b45ff418e8

SHA1
cc8cf703a436d30357b3cb2a1048711b30d7167c

SHA256
44cea897ea37cb829c311b2f379d50d7e65cf38fae94ea7b7abe91d8e91eb64b

SHA512
fbb0e68f7a16d4c04dd36cad75268c94de5c49e2b8a10cfb0651a9443202481d93f24c8b2e64f29023020af4e78cd862a4cabb3a35f28b9b487f0449917fe9e2

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/cc/cc.db-wal

Filesize
48KB

MD5
dda1eaa65b6781a3ecc7bf4617b5181c

SHA1
9b947be1801e81bcc603df0fe151c694c2c4d4ba

SHA256
001257bfe84a4a4fb5b3ad9df9b9c9ed5fb115b0594b66478aa345b269567048

SHA512
52d54447db9d4bcd192cf87b2e4e1ec2c8d6ecaca748e7114515e43753700a3161e8db708bf48ecd1b6acb17103cae62f7a8509db65e1f46fec55c76abb4bb78

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/cc/cc.db-wal

Filesize
16KB

MD5
4ef6040779924733148021d710391079

SHA1
5c18ba642f56e178b2bc8e0d62f182a1e2d25ee8

SHA256
11b04566a9aafbd6f2849c265bce95a1c6633595bf180b0e3201563a8d14ccc4

SHA512
bcc43a0a2e4a29aec6a522188afe4dcf402d92fa9fabfe547befa8b9f7dcf242b3424bca272a260b259c4ae2257222f0c9ebac39fe61ca66402bff335fee6506

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/dhdbname-journal

Filesize
512B

MD5
97a77f5d68faad5c89a86e1b7db39c8c

SHA1
368070bda378529a66cf62aa3cdd784bc3a66522

SHA256
8b2cebbbf39b4d2cf66c44124cdb2e32ad848c25dea3e058af6720029ca00a50

SHA512
666403857b973c9208816abe2174bdfec244f72a9eef4ee2d4673483f51109b2b39ca862afb8d856f23b7747aa08a8f9fb0ac5ede471c11c5ca048f38a3a6e19

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/dhdbname-wal

Filesize
20KB

MD5
8ff4348324817b7d76a2be648b29a109

SHA1
fdf0a1eb02a0d5d677283820db84ac1a9001ae67

SHA256
d12465143e3434bc9fc0f00cfcdac279175a0cb224c55e4f1ba01202183d2d2a

SHA512
5da8b05929c56145d25c935ffe72fcb71f5e645536e583049107fc8820f63f90ce5beb056f9267f37473713fea7fdd44b4e6c735c78423d8630eae44e45eb1c2

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ua.db

Filesize
32KB

MD5
17cc926f1922401d976fdb0cc02cc98d

SHA1
a8cfb8e631436e3b173354a54dbaf6a2234452a0

SHA256
48c6817791672e8bcb9965e75139b37945125b7c32acb1a4093abeda56d27fff

SHA512
1f8a20cafab8d0de58f6ba58e33fa422b16650e11201c09fb7498582d24e9fd6084bf2a59e2fd5e40c35e382f10e66b2bf95fc559105cb53b2c71e1802b4fb68

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ua.db-journal

Filesize
512B

MD5
b1fbc6317ea8a84725f32fc3c78bbd12

SHA1
1e6d75dfe7b89972e0b660a556e3eed538ccc997

SHA256
d1e39770e20b59a19346288304a86dba87dbc887276508c0cda18f8a2ce0a5dc

SHA512
1ecb6b1e0bf5ac18f91805adfe71a4ff28e80b3f6089678444c1d9533a213d2880022366821ab3ba347463d05353054cc3a564863507ad1e664b004335ad84f4

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ua.db-wal

Filesize
56KB

MD5
126ebcbb8f6bce0f2690bff17dfaf7a4

SHA1
4a7e544c432bae4b51740a19af7d00e94cc8a491

SHA256
c16159add51832800b614d239a67facf1a26573a955511229dd089e38c34b121

SHA512
b0b3a3f04ec2231ea06afea9ded3ae6c6248049e04a450817f363e525161ea69d5d912596a0718dfaa7a808b2db5fe3adaca7cda4ab06e142a58eff214be17e0

Download Submit
/data/data/com.example.android_ksbao_stsq/databases/ua.db-wal

Filesize
8KB

MD5
dbb8cea90a6aefca9696fc372b30f570

SHA1
c7570f1a4a5ecae5bce2081c4349af452d8a945f

SHA256
b4f9d51b31b5461beef50c0d8f83552ad4fc74d54abe38bb452a2b9835f9f4ed

SHA512
3afd6fec19ae9234633a6c8743cdf19ac18bb2bbdfd91b5f7528558ffd668546195eb544309c5397e0343ea227882f75344f334cca5dfaae109f567747168d2e

Download Submit
/data/data/com.example.android_ksbao_stsq/files/.imprint

Filesize
1009B

MD5
16bac9bb7b192a6f5864b86b60ef8dab

SHA1
e808991c30a30a578db4a3b946c2b65b87b45c06

SHA256
da482a0b2785618bb3e49b53a0d4e83b92b1486207f0e060a53b943bf1e1294b

SHA512
47e8d50fa0a3a3bd1d6259289044906f419f4701fbcc9fe3c3f237da31795c5c987e3be128c6bb871d760e1d2e0e02e5a192d45352287e93e037ade797055ca0

Download Submit
/data/data/com.example.android_ksbao_stsq/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
d709ab4e3a60a582bcb5552eb0134e69

SHA1
43547fb68ef39e372d38117af8d20e0307599bfe

SHA256
f8e9915398fb00f519a11093eef87873883f0065618672bbe11a646eaf02ef6b

SHA512
c1a794ef6ebcbad971271fcc0e1b20521b7edce9ad293a6a5cdd858da63ffe1fb97c4e63b511184b9c445f14aac8dc0f31b92b2f6aea172849b77049d3ead0c9

Download Submit
/data/data/com.example.android_ksbao_stsq/files/Mob/domain_1

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.example.android_ksbao_stsq/files/Mob/share_sdk_1

Filesize
23B

MD5
8e24e79baab91c4d0604eaa9006a0cb3

SHA1
e427afc94a4b957a7096f73e395a10ea404c076b

SHA256
65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

SHA512
45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

Download Submit
/data/data/com.example.android_ksbao_stsq/files/exid.dat

Filesize
61B

MD5
c25a5be58b5408f0bb58f549d4b4b681

SHA1
da2b39d33ba6994d240d414beb6b2775ad7022fa

SHA256
94066d7469076ea9a3eb8263db7ee0058f5a0c953be4c12d46650d6ee8c1fc31

SHA512
36e823e2902645ebad5c7c177b46305ab9e4a09cc2b5d36806ce747433ad609e0ae45391cb86a6a5b815df425e68de29fd07ba724fffbd31367611d7e12adde9

Download Submit
/data/data/com.example.android_ksbao_stsq/files/umeng_it.cache

Filesize
413B

MD5
28cdbd0c6c993d31bd983e4fa1e76fec

SHA1
f149695ce91858769647e22f52343e94f0e1d27c

SHA256
970f54110ecb7aaa321af77f5c853572f689c11b3a76728829ba90741cbdd5dd

SHA512
d96f2ecc2c546b6dc85f310425ba5525ecdd7d48d15190cd6faad35302df89cf88dc520aa915dedd340dc4115cbbda59eda37081317bc96c9a163ea02b205723

Download Submit
/data/data/com.example.android_ksbao_stsq/files/umeng_it.cache

Filesize
210B

MD5
740b1bb919be98c43ac5c1e19db5bfa5

SHA1
755f46ef87803bb628d8d3a59ed6623ed366c860

SHA256
d49d06395621541c25d6a1590ed7b1e0c87cef17333e3c55b45b44f478aa4ff0

SHA512
15052cc65f602cba2249b653b172c4c4ed668bfea032813f58668096d2b16c7563073cbf7c2dcbacb85ae2ae92b84d3091ef4bbbf82f4bb61b61ade720ba25f7

Download Submit
/data/data/com.example.android_ksbao_stsq/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
130B

MD5
f321656a466363e5192773d92000e401

SHA1
3a6abe9be1a6f4deffaa98fd27f3449c888d3c4a

SHA256
53efd5207de6ed80429ec3c7865eed2b64023a0ed66e0fd29e7f45b708a1751c

SHA512
fcf6884bf5ce8d10b3a3dd461fad96cb6cf0bc4129e01788de112551230fbc4d8ea6961b04411d1c7816e248437c4560277069d9c544e5450612abc0e2c0171d

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
146B

MD5
8eae0215eef27ee35e13765382c9169f

SHA1
7e1e60bd77df4009a02d03e54bd339958551f557

SHA256
1fdeb393f21ffbcaad08f6ee498dd72e9ef516a409b95e2f8938a9a0da6f13d4

SHA512
ee3262cb9ca921a2c2ccd7b6a4d459631bd923a46d3ac2d5a75b42c2565046dc37605ba477b937fcea3ad21a4a037ce75214a4c795d85c7d41e6dbb709a8e002

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
194B

MD5
dd41200477d92eaaa2ddce81ed858ddb

SHA1
59600eaf880ba4326f373c09acad7313361c5023

SHA256
501bc578f6e6806cb9146e1f9bb6f3410a7f8a5291809293e0699768b3c023cd

SHA512
92b6da8eedd04956d01180d155e5e84e00e71690981f01b5518a9966fe3f68a4217865a606e74ccd17a496a5dcf6c2e3be7d7888e9eb3c98da6a0f9918bad049

Download Submit
/storage/emulated/0/Android/data/com.example.android_ksbao_stsq/files/db4.8.2/messgemodle-journal

Filesize
512B

MD5
0a617b33f77f834b01d4563d7fcc07aa

SHA1
bd99f87e67b1ca31977d22c7f3ab7a8fefcb1286

SHA256
2a2953e22f8d86522cc61645bffad9700f0c858bbd1fd86456841f97e0c60ef9

SHA512
e2e9af5713ccca9140b892a955a74218ae772b864011901f71dc0844ab8c30986a6d2413760f29552174fe28a9dccac47e103a84fec4f0d430bd63054f09ce35

Download Submit
/storage/emulated/0/Android/data/com.example.android_ksbao_stsq/files/db4.8.2/messgemodle-wal

Filesize
16KB

MD5
4ac33c14246e07d4616eff42ade4d943

SHA1
2b81fa24fb8146b0e6c0193a06be770c16517433

SHA256
8d688d1eaec9af9777316dec27d762b21fdd560bcd102ca762fccadd5c91a5a1

SHA512
c6909d91b2b77542e5a5403b01242517b291625d1012578947a4ee78a3c1c502104db516c452c605411ea93e877d3605064ea3af4e4dcd7a6be01193c0c5b5a3

Download Submit
/storage/emulated/0/Mob/.mcw

Filesize
80B

MD5
f8c4d8955f69864e10965386f4fba522

SHA1
e6bc7af49f9d9c111e0dab6109615a7baf58ac62

SHA256
993cc8cd5e38b0bfd7bfb20059f36d3fc75cc1bb496ac61b66a961b251acf128

SHA512
5ccaf7fe71b83b1f67c87c6953bdf994911d5b7e81afa95f45d2d58a9658adc38670b0eb683018d226ccdb283f12e7ed4beb30eccf4f5a2805abc72a45732a5d

Download Submit
/storage/emulated/0/Mob/comm/.di

Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit
/storage/emulated/0/Mob/comm/dbs/.duid

Filesize
132B

MD5
b4644320a8d3613824d9d5f5318f5339

SHA1
7caa174fc6fd2d8881b4f32a39cb19f19feb23b3

SHA256
5d51fdb011b41aadf5b37c88014d4b8d127a460375f138d81404124d36e01287

SHA512
e8f12d3c36482c8a87687063263a26633fc531ae4e7d26f8f2403d46de27b57ddbf51eed4cc7c05b2faf46f66e1b2f73c8dfce08d1cd33111fba69697fb15246

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads