0032274481e9190256dcf016a51ce793e7dfda4518405db2717294bb1cb8cc82

Analysis

max time kernel
138s
max time network
152s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19/09/2024, 05:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eab468e4860b9cd3be82137bcd0476b9_JaffaCakes118.apk
Size

19.1MB
MD5

eab468e4860b9cd3be82137bcd0476b9
SHA1

de7f02a1ee7b4561971aec126fceeb2f58dfef3c
SHA256

0032274481e9190256dcf016a51ce793e7dfda4518405db2717294bb1cb8cc82
SHA512

41dec1f4972f636fcab1291a03c620b3ac481030635f92c5085a44bbb255c6ce2b78b2ccf0031cedb378aacd04a5733b62cbbfe630fd8c722f57b123b04f3914
SSDEEP

393216:VB0mDXaiwmFEgKPTWssxVil5N6P0Vb9OzRurApH3Hr32E4PcDkRRTXOTMum1fdaB:4mDXtwsX4WsE0VbMqYXL34rX3f4i6

Score

7^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar	4322	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=59 --oat-fd=58 --oat-location=/data/user/0/com.tc.cm/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar	4243	com.tc.cm

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tc.cm:bdservice_v1
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tc.cm:remote
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tc.cm

Queries information about active data network 1 TTPs 3 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tc.cm
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tc.cm:bdservice_v1
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tc.cm:remote

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.tc.cm

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.tc.cm:remote

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.tc.cm:remote
Framework service call	android.app.IActivityManager.registerReceiver	com.tc.cm
Framework service call	android.app.IActivityManager.registerReceiver	com.tc.cm:bdservice_v1

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 3 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.tc.cm
Framework API call	javax.crypto.Cipher.doFinal	com.tc.cm:bdservice_v1
Framework API call	javax.crypto.Cipher.doFinal	com.tc.cm:remote

com.tc.cm
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4243
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=59 --oat-fd=58 --oat-location=/data/user/0/com.tc.cm/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4322

com.tc.cm:bdservice_v1
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4289

com.tc.cm:remote
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4391

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
102KB

MD5
1f9697fedb8c1a68599f9849fa23debc

SHA1
1977b1f7f83db9292556c65885e86d3e062c376d

SHA256
278aaef0d3db0b27f06eaaaf77e53faff06aa64dccf6e865e4faf41c2de563ae

SHA512
83ed4170d231dc93d0af2e1f2ea23c2a42853b75a57d91420337c53641dbfe07631a18151d8843f9dbabe8266c601aa49c3db7f263875ef751e03079d180a591

Download Submit
/data/data/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar.sig

Filesize
180B

MD5
b0d068c47c3e18395d18bf723a6a3225

SHA1
73c75a9f2ebc5c055fe892c3f8b1882ef4e52d30

SHA256
cc0e0b4b50bf2151dc0095d5020ef07bc63345190fe99d2b3d3cee500b7a8bf0

SHA512
72ad9f72a0b9f624f6dddd318ebefc6f26564633e5a957dcce45b0bd9daccba7e8065487f6336d0f30171086579465f7116a3dca96a6309895e80b81f4eef8f9

Download Submit
/data/data/com.tc.cm/app_e_qq_com_plugin/update_lc

Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/com.tc.cm/app_e_qq_com_plugin/update_lc

Filesize
1B

MD5
0bcef9c45bd8a48eda1b26eb0c61c869

SHA1
4345cb1fa27885a8fbfe7c0c830a592cc76a552b

SHA256
bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec

SHA512
91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
20KB

MD5
ba66f2d885afc82b93365475e20e4518

SHA1
360ee79a5d2f35975df60505573e32544b56abac

SHA256
2adf20bebc0cfd09f10d313c85ba9f4d0e402bb50cc0a29c50af37e2fce396b3

SHA512
be68b732cde8ff592dcf329913fa523386f84b4ca36a39fb5a7f9ee21d4654722c199ba0f4f1b5a98f8c55553c929cec38a4023df9defcded2de7b7b3605a368

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
32KB

MD5
02c4f5ca868c7be995ba0f8b7757ab25

SHA1
05b34817874e7357a16984b1baa83767e22c72ad

SHA256
80a2685abaed5cbec5ed4c0eb6b4f58640830ea7a1d5c086b41a81e0ecdd85af

SHA512
f92367dc3c3892b3d8ff6d194b2b2753418a9bfcd8d3b7917649c5681ac7f9ce168cbd2aea0b81c01badc7176394feba1d2739334bb443b628ffed0293413420

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
16KB

MD5
5ca8ce04cbc37fd404038c7a0da4a115

SHA1
47b0c1bcdf47de11538c0321e6741a219d69fdfa

SHA256
234a17b9f835f4e163a9f97688a19753347f56137c451d864cc5471710096f88

SHA512
4b7a69c77e66c79125c43754dbf94bf68e911cd6baa31c5bb7002216adc0c44f63c3f99b7e5e2b6351820cd5bd5fea740ebfeeb6552a48b0db11051d17c0556b

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
36KB

MD5
8e9beab1a3b52fe2c1d9e91657e5ff3c

SHA1
f42fc92112ca500fccb3e32c3e68396f7ec2ad48

SHA256
9eacd08579defeb52d77235c224f16dba6e0e79d42ef192051daba413ab2dce8

SHA512
f44ecdcc47451479e8f952be0ea60dbdf1a7418bdbaee7638b85f450df477cd4789d0e468d9fbb155de38c4898b004f79d7c58bc7663fe27d02eb93e3b4fd39f

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
16KB

MD5
658af5ae00d0308ca62163eaf69be984

SHA1
9c553dbba051676a8147e737ad39df346186ccb6

SHA256
b2d9d48038a62b59bab5f53439248c8665058353081b02a149d4f9bca36e1b47

SHA512
f84588f6c50d0bdbdde8b8b6c3ee2b2ac3a561e7f85f288474562b4b8a659861340ce495e97d0a986195d4921901f4e67afbf37ccd261c0be592df87ad072c0d

Download Submit
/data/data/com.tc.cm/database/pushinfo.db

Filesize
28KB

MD5
0d3e99204c6401ea499fe9e6d9855497

SHA1
09829f00ca458eab7374d5079393a2cd69a2348a

SHA256
63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca

SHA512
8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-journal

Filesize
32KB

MD5
8d0818d192c080a985185c6122e9d981

SHA1
6fa863dad92b89863a04f9c1c9d86ae9640114b0

SHA256
5e008a67afd0422674e3de86978012584a37e300e51ad80381af3becf6d964b3

SHA512
4c8d47760f92ecf4e2f119eea168cec6cb39e12d9ddf315c52635cbad7f9d10cbfaa78f78abeb3b99db24f6870b12d11d2be44a99672afddb94abcafb1af2e90

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-shm

Filesize
28KB

MD5
be7fde8a0ab6260abeb0fb06f9c435a3

SHA1
7b34d4ce6206ca7e18bac6fcb5ec23427f04ee54

SHA256
c78ccaba70190448ecf379d8a61d55aa65a71300a342ebc25061b2fa55db62a2

SHA512
81065f58dfa3f6cbb9374e473c3af2c45c90ce5c124dd61f2077e429da5afbc84993df9172d3c77aceeb79caa878cb2cde331f5f1b11df708dd5c47e5c57c02c

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
32KB

MD5
54948bbbe304cd1f308bdfc10f6dedc3

SHA1
96630de13a05e41062dcd37283beac44204dc451

SHA256
17249f556ad28526a4c03d8280cb917c3ba776b6f5bf5d0f07475bc0040aee83

SHA512
55ee37a7bfbe8be869dc649bcb38fa3fc8d63e0f21c97bd905cca7c8cc5e362cc3503abc1b3cd4936d9317b12386243341f0869f32747441315dd25330b93686

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
36KB

MD5
611bbbecd8eab3e7016c48e1369923d8

SHA1
c915445c930f197416cf5d4ecdf6215509b2ed66

SHA256
5aad693de2924cfdbd46608d0a547f3b44e597e3cba03309309e500841fc3b89

SHA512
f29d0097e99544bd917f7c6a9217a6302e4a7014123c32a54c1c6db1f45ecd0ef9374dcf534e8b59e1ae30a12b1933b1569fdf02f2e54db08460202a099c4590

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
4KB

MD5
9be25315d8b6ad588a5266faf666937f

SHA1
0fa6a2c8e915f916f4b5f93f2f26fb7f5ac0dd5f

SHA256
5b11bec01bc7a97968a375ad504268127af45f359442c08187b4dcbb87f6e92d

SHA512
d4b645c3358c9ca9038c6eb29fb5384dd3ed737734b71c0edc714c2d943efdf0b294a7a972999b16e80e143ee23cbc7ef775f93f7fa07694995a584381475a28

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
4KB

MD5
0fd7b713282b8182180325db9589778a

SHA1
986ad84e3396829f94aef865c582a817531313b9

SHA256
4219b2b102b2b2ac8a7b6d2ef642a75312e7d8fd0b7f54ff8e11e4b4281b7421

SHA512
3d0f7d5bef07b9ffbfe46e3cda0a10e4f5592ad8d86b6fcfd736d70dcc632e80d1af41f93dfc0525882048d0eb95a0bbcce7dec28de4673b0dc0e493c6125b7d

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
4KB

MD5
503c3f3ed55733e4a4d09830cdbd25d8

SHA1
19c5a292200612faf94b3ee4d30bf0d90b305303

SHA256
a842471500fc7ef08f6154e49b5b05bba26e68393776e8544fa4fd1ece8e6d13

SHA512
16725bdb9562d42118a7f65e850f065c058da02665d4e2d5ce50bee2a45b67c2e765d13db6ba50c1f151e5910199611290a0fb9a43bf119ed285e0697af64989

Download Submit
/data/data/com.tc.cm/database/pushinfo.db-wal

Filesize
40KB

MD5
98ef354044835404790c85fd63983014

SHA1
fe51cf273b817934b5eb111fd02b6afaf43248d7

SHA256
e9ae8f5f3986fd741ee503e988382fc4219b9f0b46706a2126eaf33a21db0268

SHA512
adaa809a375a910792e8fa337fa117584cd614ca265863ba8eab082a9ec0ba119e4d8426a286732a48d8f2c495aca5cf21bf889cfa550c704be4f6bd556576ab

Download Submit
/data/data/com.tc.cm/files/.FlurrySenderIndex.info.AnalyticsData_GHSD5TFFXRZCVJBBZX9B_171

Filesize
42B

MD5
f0483f831bb4c820101892e8b3cbf1d5

SHA1
52a9e1815d27c0d58557b2887ec21b58f23fbb24

SHA256
8ce9f3daaa3428698804315d8ae90a3b0946640412e1969d4f09a6c3572c8fe2

SHA512
6264aaa1e37f3bcc13bba9b51ea2da271b70bc0281c6d531e23d6aee6386159df992c635b63ea36ba235bf51ae8cdf6c537f12c766168db656c91d06d972aa10

Download Submit
/data/data/com.tc.cm/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
c0e9ae082af5b4840ac128dd08273ebf

SHA1
4664fe904e8f094cc73776aa3d683a4857022dd2

SHA256
7c1495917591c6bd9713fb33ba95c56b83602f1016707317959b2ab45b683783

SHA512
5c5684a95493ae512c493f41ba93db55b67b8ce0d174dd51596188349d3c9d63d1eaf9c81e01188d83c71a811989e535bf1821d4635dde0cf35f5f5ca954f5de

Download Submit
/data/data/com.tc.cm/files/.flurryagent.128f33af

Filesize
58B

MD5
bedd48496446b0ebc5b5390a9c47d3a6

SHA1
837dbaf404cd81f42d8bb3a6bd90c063dda653ae

SHA256
fd467dea8034521e857a90cf5c2e44f7ae6574437a4cb7d68b4a40c50d3d0b5f

SHA512
ef1d9a0e6be4a3b15785bb1a31d5d66f3ddaa6f6525d54120a808915966d648ae13241c4d41faadb32fd0cca4beca2af4837b9f4e8046a5b8c0c6fb67b33466a

Download Submit
/data/data/com.tc.cm/files/.flurrydatasenderblock.f75998c3-b79f-4c5d-a12f-1dfe5d323cd4

Filesize
288B

MD5
3c9e352fa9b183bca5f13f07689d0e85

SHA1
0ea6603743ecfa7cbe3e368297231b55ee50281b

SHA256
e122a5a6b0a4bc9ebd5958e286c6742782cd48821bcec60128e1fdd73f6c249f

SHA512
565cec15ae2b31fed6167c350623db7d3783341ebd8069bb6151f6be547a2e806cef62e8c26cc01902c8ed5cf0aece9eebc879906db4b93d1ccbd9b5db7e4ee3

Download Submit
/data/data/com.tc.cm/files/libcuid.so

Filesize
129B

MD5
6e1c815f5127fbdc3e858d5fcc847069

SHA1
6671a2b28cc8416757f5df94fa2dde7391a1cf10

SHA256
d35bb91a63141b1468d16bf88b47f2b9f6fd49be32970b983ce89654d462c638

SHA512
e26928483719541a90d1cf849e88ad5a480a207ff40cf0b6da11220a0d6475fc2542f209dbc72ce5963dcdd1944c902c790e8b1bd59ef4c905a1eabd2e964d09

Download Submit
/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
242KB

MD5
a35d1e1352230088351d9c636197829a

SHA1
8b1a493cbc00f104ba76b746bc6638bc6875dcf9

SHA256
8818a0f3483ce226cd5dbdf428b76f1571dc4983526b323203d5c90dafa9d34e

SHA512
665bef121af5bd9a24c0718b25fbff2203568bad46bcc99624fea7d477ba23d9b96111d9642d682c13cea06d2f98042d97355746eb8b54f948799e4f5fdeed20

Download Submit
/data/user/0/com.tc.cm/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
242KB

MD5
776910f8e65369707cce7d59a635a6eb

SHA1
fe1e7e281b3ea407cc9e8616dddb82dfd99d44ef

SHA256
6bb3c59e39eab8b0545b2ae41cda53a4d85ec0be1e05f9b9731b269e7bdfe57b

SHA512
8dc0adfcbe640aa736850f7ebc97488716734e967efa3aa76542f9638316432f403d5376e7bbbd4c1abb42eeae7fc9213d84d3ed8a3ec05f9d33787521d132e0

Download Submit
/storage/emulated/0/Android/data/com.tc.cm/files/icon.png

Filesize
9KB

MD5
ffc052ce453005c8b37a823bff9718f3

SHA1
3f2c686276b7490858043b4c218cb091b0fe92cc

SHA256
a999b3705435de1c21f9a13a463a9a71f97fc42307554423f33180c09d60bcef

SHA512
85f500191d76b2da227792a7041ecd8866d437f107e742eb730276250caf86659644e3d6c036c63e9fdb64130d671e3c482273db9101af7a3927d5177a69be02

Download Submit
/storage/emulated/0/Android/data/com.tc.cm/files/user

Filesize
72KB

MD5
fd7963e8e422058d43e7dc6580756d6a

SHA1
f5a06aeda8f86e0734717721c16a09837f7a3385

SHA256
f6944935d751cb6c26f57916bd79705fe7c333a7878b8b2c092b1021c803f600

SHA512
255ab8bfcf205be0104794fb67c3005dd6481d4c735b5a927eb9bbf6f509941a47a2d686ada58d4aef157d2599c066cb962ce57c9192b7b2cd94b38fc008a481

Download Submit
/storage/emulated/0/Android/data/com.tc.cm/files/user-journal

Filesize
32KB

MD5
e85ac5081036e9ca06078199716976bd

SHA1
e70ce207775a062da49462c644483b39c6fa36c6

SHA256
35e90a58ee0e03e8fccd2f40a8788d2e5ff2545d767713150413b25beb874246

SHA512
f84751e905c2c37bb7fe6e68f7609f9bd99a55d4760c17ce146f8ec51a4f44093af00a6f8ea6a84aaf23074bfb7a4b4640a62f51b4b30392b884afc61ee14d77

Download Submit
/storage/emulated/0/Android/data/com.tc.cm/files/user-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/storage/emulated/0/Android/data/com.tc.cm/files/user-wal

Filesize
32KB

MD5
c1f83c20375a1d50db3f78bb0b5fa9be

SHA1
2842a1324c3cd2cae0a34f96604c197b672631df

SHA256
8a9e611a8442a3c31fab37e0c50e41cb74548e48c7a6f32574cbdf15abf4ce26

SHA512
2222729e691183197ce52a3883be19abdcc65d89811d54e4d5049f1a0fb8f3fda7245fc64ec69914771df8a21cf785f985e94c3aaeb540efe47d8afe1a17e76c

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid2

Filesize
512B

MD5
d4a7dfc774928c5b31668112002db1d0

SHA1
bf08258de8e5c675aa83e5048a9bbc4dd2569113

SHA256
67643a04a29a535bb2bbf4639e01636cfd428126022855a7f481d016915afc47

SHA512
3b1fde032075b2d7c629e4241d20a193d8c2157b13279869fdf55c0d487cb2b8fbd9ca871553b1575b1cd9e5bbb2bdb737839079f933730ed1e601df8f148b3f

Download Submit
/storage/emulated/0/baidu/pushservice/files/msg20240919.log

Filesize
341B

MD5
2017c0f04a764805e6fd22695372bead

SHA1
5aa2e9b23e19a5e4ad9d72d2308283a56a0431fd

SHA256
7995e0292c3bbb79e8b48d3f36524053088c890e36cca7d9f305f3dfa4dd27dd

SHA512
7de76d05564084b3398b49806298efc63cd36d9fbaf43924fa62d43adc4072358bf34d34c8662dad950dbfa0dadf6e6217e5a38f44ce5cfcf1f4f3afd2d030d1

Download Submit
/storage/emulated/0/baidu/pushservice/files/msg20240919.log

Filesize
512B

MD5
eedb9c02dd4f3be9a31bb5db5a5be0d5

SHA1
401e128f915e87f715a5c8f8d188e068db57732a

SHA256
36f0e12cd90b065c4bb45a0fac052a2271945089368bdeb0cc535d329d92ebe5

SHA512
602cbd5ecd56669533e0c74f9baf744245215a4f7257ab86c356754b12fc6d3f2fd1c624e2c81479c8f967f54b82613d23b9d8b21ed3e38902690964900ea87b

Download Submit
/storage/emulated/0/baidu/pushservice/files/msg20240919.log

Filesize
52KB

MD5
4587b671a50b32280439049d411f8e5b

SHA1
8787357e2fa7cbf66c320b5b41ae91bcb13b88d1

SHA256
d4c03849dd6378bbee318cebeb980feeb64866faa6e4715cefb6a11fe7d78faa

SHA512
5bb404d3a3472f260b7eb05099a457004416dd628e31f753b256974f7b96811d10be82afc8b390e42863c2ef9082beb8da1d72cf62409e88d24f78aeb55b7b36

Download Submit
/storage/emulated/0/baidu/pushservice/files/msg20240919.log

Filesize
512B

MD5
2f63c622e5bc907bcaa10d3642d495cc

SHA1
d21863126ed307e17017af69fff0b8c079daedc5

SHA256
5fea792a75051dc61f2cd615368f930301c63182d5d7cbac7b792fd2b7b4af4a

SHA512
752a98570f29d1409eaa4ed169e9f7c41c9d8494916d83a8d7e8204cef893ee652429dd4b7990651daaaf55bdbaa291672ff09ee92abba8fc7cf21cd4aaf79fb

Download Submit
/storage/emulated/0/baidu/pushservice/files/msg20240919.log

Filesize
52KB

MD5
9b6710857f0038f0a3c273b02208fa3d

SHA1
4c6b13d19266f481e75b56d7efd82443e1901884

SHA256
431735d92e5036dbd1d5fd75b8d347290fda62357c21e96268a2bc098ce7162c

SHA512
01903402111d96fb410285daa3bee0e943fc831a6f199c9d1f349511432d2e0c9aefa2d0de2a4d87ed6b14d8b420ff89273f765eca950d0b145b16476c3f62bd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads