Analysis Overview
SHA256
71cacfe87808263837d05aa9bc1f0fa62c07d06a0bd3d961dd4d3c6dffaf17fc
Threat Level: Shows suspicious behavior
The file canara10.apk was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obtains sensitive information copied to the device clipboard
Requests dangerous framework permissions
Queries the mobile country code (MCC)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-31 12:35
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-31 12:35
Reported
2024-10-31 12:44
Platform
android-x86-arm-20240624-en
Max time kernel
444s
Max time network
466s
Command Line
Signatures
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 34.120.206.254:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 216.58.201.99:80 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.34:443 | tcp | |
| GB | 142.250.200.35:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.35:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.35:443 | tcp | |
| GB | 142.250.200.35:443 | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 48bf577160320959503183f361be584a |
| SHA1 | 50e3552646d3838d0eda9b38fde14678b11ff322 |
| SHA256 | 1c03c25e83eb32df12e68fbf7d53430597c0d5284ed12b534fa9bd4916eae3e8 |
| SHA512 | c21260f2fc9daa05ee4e8f2a30c36dfd2d8aa32c71b914f4185cb5eb8cc8b3cdb63a918bc70c569f897184b9d612b3530df65c2112aea40f715256c6f982b687 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 3a09113c9e6772ea2bd2fc47edc3dcc5 |
| SHA1 | 326582a49f312e2984db96aac57988074d74d332 |
| SHA256 | 35f9e5f2990a7b846c77e772a4c7ac5612184589447e2286567f60ca3b207f94 |
| SHA512 | dae42b050396cd513a0907ae4cffea8f9057a82196e7b06d964ad66daea85ac40b6ccb3e31f0985c167deb7c225cd3b748a9fa1c1bcadd77397842847190f53b |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 5326866c29ce473d4f75aab7bb646e64 |
| SHA1 | 12c701accde7ae303e1a52cdc0651cfc42f1a27b |
| SHA256 | cf5513efe1e816e0421c0d6a66922b3deeaf631f0a6fe257af01b1f1877832b0 |
| SHA512 | 18fce3d6be3b771ee4d4b07ecf8d33ab3005acef6df793cc249bc813b64e4102cdc5a018fe56cee131619171571c5963c332955ae83da565fd36124a33c72677 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation5975529723779262356tmp
| MD5 | a595e4952bd7a49c466c10a9761f3153 |
| SHA1 | 7ca2c3247e68018c5a65ffca8fb081210a86fa3f |
| SHA256 | 9c5f073ec973521c4fd0eeb5a20803ee5075ed7ac6596a65b4b3bf51274cb51d |
| SHA512 | ce97224a130da3d2bdc4b09c15938fe70e0cab7a5b191499171e62aaa4a783c389831e81af441417b5fa54e97cdf069ccdc8b948069b5ca81f635d6a3cd8aae5 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation7746317852814329521tmp
| MD5 | e5eb7a301786946da227bd45ddc8d20c |
| SHA1 | 224c3d1957c0d838c4f2fab2fe27cdfe0ff269d3 |
| SHA256 | f8b517489094d2462261098afc97f1c4ce6466e6a4005f9badd0d3f97ac7f219 |
| SHA512 | 97c1e25b67b168f39a9720eca6575d8fbfdf334b39c88cac69f08182c601766f7f9ffb8320d87500aa89311966e04d417b1815245c9ba4be6a4463fae363cc15 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 0ff344ee26aa15566305e0079bdb087d |
| SHA1 | c8aa82cc26db7273a093d2d7d00290d771fcb1a1 |
| SHA256 | efdeed4f6db02959662743a9c0a8f72c4852d72ae9bda88178bedb2a41feebb0 |
| SHA512 | 22d89152ae6335f6b60f20051eb46f66f64431c8a7ff39db6bfe80cfb4c2a687a158fa61263cc71813019c1a7509d1d89d410332e32c1cc24e254a1fb3e16aea |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | dbe8811c076db3c788c75d49ba8faae0 |
| SHA1 | 27671ded2c65fd08af23089c37e7dcb1cdf8a1d5 |
| SHA256 | 1a19614b71ffcbcb1d7cdcfa0a668c925b1fc1d75f539d49c0e8ca8617e04d5e |
| SHA512 | 4ff54243e84b5ff76570e793a77fb640451a27dcfdc1631667d1e70387fb7ca4546643b094a183cc3809b141d791c0a43d21988711a96e78e436d9bc0e425681 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | c1dd502eaa0c79775ff027b040e6f511 |
| SHA1 | 587daadcd812c56176929e3b7580280cb04a4c01 |
| SHA256 | 973f895191967154661c51a178caaebbb0e924e63392fda2d16032f19688648d |
| SHA512 | c844d57efc73b009b247ec5e38fb89f05b6f67849894d7506d1d6b5efffe49447e63eb004815bbec192528bbf4642d0b62dc42a7fc32851c9397b7b29aab23ea |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | e8f883eab8c2ff82ec95212ca1d503ee |
| SHA1 | 8ded8e92c8ab899e1843c04b223fec9ef22abe46 |
| SHA256 | d44040c25b610c78e53499970b4b25b1f8f8f8cf5f2bbe0aecfc6625a0392957 |
| SHA512 | 2b88d0f5a3ef30cebbd171cf329803882662ae83a6e051490fe247e73e7d28d5e37ab052cc00d22f44736bf5a47486e58abae3d3d902e633abcd907c00f5226c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 1dc4121325641913df480cc70f757715 |
| SHA1 | 7ee12cfda7c2410de5c86ffb73639f7e287d1a5c |
| SHA256 | 083f42036b045b637240334bfc29ddb0f5596e76306743abc531bd3df5cf1259 |
| SHA512 | 4a48d526a98602835a0e1adb7c0622ffad4dc58ad3cf746efa2a123466f5443ce05fba6e604b9c67791fd9cdecb2a551d7a358af262278dc04420569cbab7bf3 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | bb34407d10238277e6e43819839de4dc |
| SHA1 | 292060215e35e5b25e8f989a0af1aebc22ab3bc3 |
| SHA256 | f24ccc3975db5b046264cb276db00488a4d24acae7346858f22ef901ca4fecde |
| SHA512 | aa8d75610423bd53a2e643409f04c2d25bdf0320de571d54cfb6a28c9a9ae86348c679dde4dd53e3b9753026587ee3d11bdfa157f87c721757232219c7ee87b7 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 6ad321635056e674944563be36bc537c |
| SHA1 | 9fa9630e9fce7a4ee0a534cb9870411b00a7bbf6 |
| SHA256 | ec4e96193ae5fe9bd22ae6a79ad9055e17b991eba3df9e08d4f10ba3979fdb0f |
| SHA512 | 1544dd267391b0ebdde19c5806409e4cd54d04cf36861b760f3feae48e6704099baee254d5f3732b25c5a500f4510fe4c8bcf0be7f3cbe5acd1d51c4a338a272 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 748f9002c1a021024e9eb0ccab13d93b |
| SHA1 | 8830950ad25a71564ed06f8c8055425a7ce2e2cf |
| SHA256 | eabee633b3dafc31562a211da5bce8c39e28e7b82249fb30506324a8985cae8d |
| SHA512 | d010a9717d521de1f899b8372372699f7a59b86d8b68992103b770f60bd5962c49754dfc2cc10f4f380eeb34591209c6d2ea6a45d71d14a53fac69694c58a82c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 6e5fe4afd20ab9d14c5b4b1d43a9211f |
| SHA1 | 6c6d5af616b70ec298dd9bb5661153646b666df3 |
| SHA256 | 846c84860c13730061d7208cb369a4f989e704ea145b5b1ebd9d53de040f6c19 |
| SHA512 | edbb174ab8c7286df3a99c29b8d05266f4aa6534ae2b524344dfb0feb0bb3f7f57c6ec38acc53f74553ca205a2cb31f723a7428ed6e9154617929a590f24c7ff |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | b09472a00bfae4981d7c2a112f46eec9 |
| SHA1 | c75137346a90efcfe76fe2349a5d8fb1ff69fb98 |
| SHA256 | 2f366fab9b8d9acd9baa29db2d80e6f7214d3033de7c88551492359f53afeea3 |
| SHA512 | 0b96866bb41daf071c8400983a32c8eac4f2603815990775c2b7d77e1a717ffeb36cb3f23a8dd379bd4e05298a5c72af2ad1dca2a516348cce6cfbbcbcc50266 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | 51ab0dbbdf74fd241fbe7452a5509a60 |
| SHA1 | c8a8328c21db758b446c7852358d3be6534ace20 |
| SHA256 | 49d9ba723eb31975e672b9557ad829d0b46e87b7297aa5a0767a88e9f4f325c2 |
| SHA512 | 11faa5df4714b49f0bd491ee54bcc03c77c4ec64149542f81a6b891638f42c1b497d4a95e81c399ecd9cc563320b756978ea10df54f4bb8ad17aa94176c79c38 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled
| MD5 | 754e0038ce5bc2a46253697f16d581e3 |
| SHA1 | e6498b966f1de9b2e8311c315e3477f4a0d5720d |
| SHA256 | 796a5c9846959bc0c232395c0ca6cab59ef47d6babf00662dc8f1611104976a0 |
| SHA512 | 5619fd00af635038b51c14cc93a74f9757e1acaa5fafaaff39a7cd088263929867cdbc508bd3f79740f8451bbede75a264dd506dd18afe19fd1b46989fab1547 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | cf0bb230d5b92f051be8f4e77cf7b15a |
| SHA1 | 7ec93421bb3bdebc07f9a496bb568d190a4e2a53 |
| SHA256 | b592289140d447fb0477638cec2b3d64a2bebaa768b92e98b6d485b9ae5257c8 |
| SHA512 | 4783f0c2c8b7113e3716bc71ba6dae42c1c0839657d24902cb5e3966b0e2b3892f45b54c3b146f28bb0358e9ad6235198730f64db1b0bdf67d6f199cd310ee32 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-31 12:35
Reported
2024-10-31 12:41
Platform
android-x64-20240624-en
Max time kernel
98s
Max time network
301s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.200.34:443 | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | d5588e18e21563f59435261f7d47856a |
| SHA1 | 6684d5eb47a96f08263c4f96e651607d72fb890b |
| SHA256 | 1552e6a51643c0be627203a2bb39bd293227d107cad266bed6c12a63aa9e8fda |
| SHA512 | e39c2a30e4f91b07a12b603c0bd2fbb78453aedd8671c16e6e038ef38ecaf77538e3196defbedadf04a0bbb82b6a3a04fa2d258ac881d671b91816c82b03573d |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | f1fa7112a4994189c8669d2a3058a587 |
| SHA1 | 9b75d3803d4b64173da46847eea29be6c9ac6edb |
| SHA256 | b0052a7a073f7fcd0a880fd5d8d75afde90b493715b062a5002752c7a2f1b06b |
| SHA512 | dea6de6636ced076da4867011e149768557e383900780c032684e0279b6a43f855c3663e4468dc8a4c768284ff0ed57afb761293df64b1c493399c9569ce73c5 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 9724caaf2f332ea4444af3052970f633 |
| SHA1 | bd6127a889e1f32e50e07f13399985591fe3ec48 |
| SHA256 | e665edb4bec1f9a856faa0288afe6a0bd6713d609069612d195f5e299e517c50 |
| SHA512 | 1c5ea8c0540cc8c8cc5a2fa0aad948b078c8f51a03569544cd73e28145c98ab4a35b1ab8783fff4720cf2e5701c3fb4c1804f46f490e55c3d1df3d36a8f07585 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 35d0cb7ffbb7adeb21a6a3494fc44f03 |
| SHA1 | 8c37325349a4c8533d9b633d388534b784e07149 |
| SHA256 | 9e4c1cbbf157d2f5173e6f0cc9ef2e3d6b2c0d2d62debef681c50bc272eb4d36 |
| SHA512 | 18421eaf70e70a9fb9e321442994dbed5f937c902a3736b6ff6e0e86a998e6bed6b404783c084a88b5514dcc3a9e2e0740524815deed7ede56af9618e904fe24 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | a70685dbd06782c4c64bac97649c8f71 |
| SHA1 | 711866db075ba68fc335788fb8babb0a73c594a6 |
| SHA256 | 2b8d8c0b530d588727bdf8e38084a6072c4b5daf6003f996da777c75a6888b08 |
| SHA512 | 9b9d70cb62ee1b7e729378f130a28a1c797a0b7c680bbac8297c5094ebadc9f0295af8e124e153914d38e00434883623d9ce3558806229c5a8f2f9af97cf21f7 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | ce84bfed20c43084f70afdba15d3cc03 |
| SHA1 | 30e7fb31f1fb877cdd1dc6530f0ed4e851b49f5f |
| SHA256 | 86e93d5b0a19e8dfda8a85019ba1551f4e314c5730d3657da68e371068758cb3 |
| SHA512 | 13c13eedd84315cc56fb7b1e1105cd2a41aa929a263023673438ed558201560a9a5a7e74a3fb575b808da633a4797ac5235f00ca1d43e14f3ed7017cf2ecde7c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation3622097016380037976tmp
| MD5 | af45b704532155947c59bcc0a94e6d1c |
| SHA1 | 7e6f437f3f9f750f5de3ac53f636ec604ba7e54f |
| SHA256 | 63fb83a7d965918eea80fce2e385a1f30d3d328d15befb674a131f25db5d0d3e |
| SHA512 | f385e403977f307a26c0575dbfecd11151bf2a922d60e1f666dafad03d00dccb433841ec60c91002fa67404acc74275b19114ada36fbe02e59e57264e7a4c609 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 1896275776acaeadf0db2092f4fd5d8d |
| SHA1 | fd5e84d8ac6df3d23c5a03d1d23826818ecbeaf9 |
| SHA256 | 776062bf444a1d513839fcea749000f87a764e0db826c714351bbfac18fbfa0d |
| SHA512 | bca3aecc67cbcc6ec5f70b1bd2496505915afdc0c9241e050d8804ae28fe177135a6e9172fed363e572ee65d754423246167d66b717d77b102d3ffbd5116cb77 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | bee0ad8a653ba5e747b6521109508019 |
| SHA1 | d6f2b34798e03eb8726cf1e2b8340a211624d6ca |
| SHA256 | b28b68f58388a38e9a1c2619e4a08054257613ca2dea732f25f78f50cfa800e4 |
| SHA512 | 3381e28ffa0abf7bd3d3c10c72e2342d9a227ae85fe73546dbe2817a4db60e19b1c6cd3567086d8d4c48ceb2ff0eb0d29fe955f4915582368b768951a07d288c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2467848064835258372tmp
| MD5 | c0f7230863232b77ab00af8e9e2cd6f5 |
| SHA1 | 715c16ab1f858aaa363bd6ebbed27fc1078b9dee |
| SHA256 | 94f063869a214fe6127ae078d0d26a4dece1c17485217880ce02d9ac8b348f9a |
| SHA512 | 9a98ed874f939867927a60793267c0bfa605468aa76fed498a187e96fd6ad3c3da5ed35fce561b5e1eb9ab0b68a8d1bb3c7f46467545eb67328aee45e037b7a8 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 997c1ccf770abd48c1710f5dac8de51b |
| SHA1 | 321f62636191702a92573fcbdcff6348de9e4dad |
| SHA256 | 54e0015d114134340162ca35c05778af7816c3b8e38a3feaac66c0975329199d |
| SHA512 | 2890d11a9e956a22bea28d065c45a81209cca1e4a3209c1f29e922a013b96b365eb7fe15ad4921ae07198c36095dcb4fe4f96b06c57b783c1f7426fdf94e5ee9 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 14babd5b208c1484353c0dc79f70d5fb |
| SHA1 | 5cffe86cc9bd5f443901a0851ab7f93112eecc17 |
| SHA256 | cb640c4285f801543704e83de94ea383100b9d418236ad1b6cdc473611b3c341 |
| SHA512 | 0fe00477c557972cbf3f6979365c92eadd5c48dbac562576557ae3dd43e5c651176285db2faacecac2b769faf25f247ed04170221bf3e090eef29c7b7c2af6e6 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 07a354346cc6f2718fcc67fb51c40897 |
| SHA1 | ef93e901f7fbc967e9e979e4e00d4b68d197ba18 |
| SHA256 | 53107352f8dc2627e3a0df88a9f11b3191ede15a1453d64081761c98bbb51b98 |
| SHA512 | 869119edb06e1f56da760a4abda6149fccdc16e266f52065519ae62555ffd7534697bd184bff0d8f886b7d0931c691d11994523346d415c74527993418179e60 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 704dbc669eb19b4723d277ac5ab19c6c |
| SHA1 | 2e36a5840d07df8aaa5c8bef0268b60e31d93221 |
| SHA256 | 1f6a5e635d00a3af41beeefd73c44f853bd7117dceedd40977d5ee36a3408bd7 |
| SHA512 | c1f156fdec525d45219dcfec185d600c7b539f3626e6c0a430f42dfea4d7e844869722a63bf30e36bad88eea46ec0ea32db471c52cef3a703ac5794fa818837e |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | cbae7a14a5884d213a27f324eac30794 |
| SHA1 | 3fcc739297c540e918fc26ed8dcd06e4bfe03fa8 |
| SHA256 | 0149e3c0984443ae14c5f1dd9b6511c110b1caf2c9d6a22bec973b31ebe01faa |
| SHA512 | 2d28cac6c3d573bb302d690d7614c79961b4fc582245363751ddf54fca0dd02da498169c69688c1035723c374155c511bc31f0d657988cf9ea59d673fd90c815 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled
| MD5 | b4d6aef6d9174970174337527567320e |
| SHA1 | 0165d9938001b0d03d0062ac45f604c62682cd7b |
| SHA256 | 916861765398cbcae88d6667f26b89691204ce92fb991b517d49b0bbd897c334 |
| SHA512 | d01a86d74238be9f38253e30db51efd26e12933c9c63471d7992c81bc63b8ad5d7325b3be8e79197d933b8289329ade3ded6b3d4d2bb14b21a1102554f8bc20b |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | 6616060461a971bc680933b7f76bc859 |
| SHA1 | 3e80ed8e7d8392c547c2e8bdb96833de03fa21b7 |
| SHA256 | 018cf89a3bdc0386e8ac5b0ffac1ad302325c91b3846bce8f5811dab1fee61fc |
| SHA512 | da68997c1fc73cbf2933479cc4ccfb185e97bc621b15a2854bd308e2e24b520ac6960bab17e54802cf79920482fb2380e26cdf97dfc19756a87b9dc864ca4391 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-10-31 12:35
Reported
2024-10-31 12:41
Platform
android-x64-arm64-20240624-en
Max time kernel
298s
Max time network
307s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 34.120.206.254:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | dcadcafaef31db6c1379b43c4b1affe0 |
| SHA1 | 56f931af844350020b1d1462de1f7513744864e8 |
| SHA256 | db75dea0f6ed2c66bd93518fbbf0a7aac3e19666178e88d040a3cec955d3d322 |
| SHA512 | 9e804b4c672e1fb9af5ec06137ad74d7ecec376f0cff3da23de1de2f92994b0b1c4769ee2c1fdb7d89a5c80b58ef6003890eebca909eba4cb1ea4c97349bb0f9 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 9c9c4e09f934ee95a66ce24f84011143 |
| SHA1 | 51d16be2577f8e648c583367d9cc8a1bc51502e7 |
| SHA256 | 48440fd4df0d33c0a5b7c16deb7a58e51ca6985167e6db157d8f37e6de49ad30 |
| SHA512 | 92d7b8a2611a0c3b5582a141f5892b2317e0a9884bcb65cd43dfdb325a7567b1bd0b59919ce592d63406c98058bddb8fa200c9fe5b3f4862cd0b20e153ca5317 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | e8e3f011d4717aa935095bb39b982821 |
| SHA1 | f50bed967b8169aa89a045999435ed94f314d62d |
| SHA256 | 808e72984581995eff32f2f985af6bb8a5854fa154a145ff832978f9447d9069 |
| SHA512 | 5254a556ff4562dafc8df3ae0f90962dc5bcc6c2b6b6dca1076db9dda37c364163df85dd97832fb6ddaaae08a751e3956eb2fb884437fa35dc494aec7331b51d |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 68a47a0880b00688747859309c5112ee |
| SHA1 | 9011e23ef010886e0a31d8857a7654b55b27a52c |
| SHA256 | cdcc2b80651ab9be8b2b9600562866a874016866ce7f425400fd21d8f7652208 |
| SHA512 | 4c04efe0daf7a1220df258b87bfa92800093941a7830837d8a580eacde09616659b950ea284024d5c2eaa2874fa8afceda777de87865b2f78f24a32c3253aadd |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 4709dc3b2c2ee46d47cdf4832c75af6b |
| SHA1 | b6144d082ff2048caf101505e5d2fab9d8199cd2 |
| SHA256 | 090b5c8719200684b94d782730bcb26ac459abd8dba85b3e1eb71d3f84f46103 |
| SHA512 | d1ca2c209f936ba12d9fa825a4c7565acaa9eb504a2d069fc43d5f043210da4404909b4ae33109c683d6890dcc230f7dd8cd1c1de1f929775d10e45cf21e81c0 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | d23558869d878ae252990c270fab958e |
| SHA1 | 4b8bf34e35bccb711061fcc56bd4fef214f4d5f3 |
| SHA256 | 8fa71d28004b8d254738b7032fb434a1431d3a90467e0bf91f228c6715d9dbca |
| SHA512 | 10ee2ce087a7e90ff14e6049d154e78011b9899d4d427e6a3f72f89c00a6419ea86febcc7a2634c75c05c153971760cfabf46fa0aac04b01e275005911de0043 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation8672022134393417146tmp
| MD5 | 7a39a7a9d7a856ee60ebadfd516e40e8 |
| SHA1 | e6f96832194d33c2b613f54f64e1388740337ff2 |
| SHA256 | 20c58dcda3679af1120129103b5d93f5972db1d03275f0825d2ff9240b110691 |
| SHA512 | 00ac1b518bb682e47263ea0f7b88a650c398f710bac7c06664f3184858b4c4c518692a1cae4c1d720eb9bfbe44cb5a1f24a4deecf1006da6f172e056e046782a |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2111174878644155776tmp
| MD5 | 39628e05093a6eae62f5ad587fcaf325 |
| SHA1 | 8f29eab0a480ec3b2fd3f23295fa6829daa1c3ab |
| SHA256 | 5483e8e0e1ce3212fa117164b49d161d36bd2fd49285bd156daf11eaf53b4b73 |
| SHA512 | f9ca571be05dd0add6961e3c76853b4a7940947765d54bfaa2c6870835198d62472334343f87683ac3b79bdb6781a9baafb34715bd7fcd0f78289def7fea3f8e |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 5d384b9543d9e65351ccfd0c753a9835 |
| SHA1 | 22338df352908d0cb0984a38462edce317f3f1cc |
| SHA256 | de978634de0ad90b35271453a0a47d95ddb1d6a0188c2cf1ece8cbde312e8eea |
| SHA512 | 916fcba1d4e00caebda2ac07261b187e41d2ddde412e3f7cdf4d07bc9bf01f23f06ef9937cd82d766617e9d67662403818db9a4c7b0ff1774b2ad96c739d3317 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 6386a7ba64b3f72154aa9c52ef4c0f97 |
| SHA1 | 43f572a3c32b548628a0a4be3b951e895f63fc5e |
| SHA256 | 91df4bf26b1562de61c8e4fd4ac3e03de619091c7e350ca7793d12e3f43cef53 |
| SHA512 | 8dde42de60872f331acba70b23b1b3b7f174a32629113163ffd1935333e72683b00514bd6428f5dd064ff87e7fa803022279e2499044a7f8032fcb69165926bb |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | b9f592a42e3ebba55691a174c687a578 |
| SHA1 | 7344d43bb678dafb5d3838e589b715d6b0db40af |
| SHA256 | 2bb93c7650dc74783db1631344a4c9035fbbdf8b0640f764f8be89c26a6fb835 |
| SHA512 | 4718bf9f0dbc1c336ad225cdcd45cde9dc435c3bcc09bf89bac642839eb7823ad5736146bb0bf5922055c42647a652ade19e72bd2e0201110291c0e64c4b10f6 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | f9f1621c16405f294afb675be1105995 |
| SHA1 | 3ece41530602db33afbcf4bbfe504e8fc3aa0dc2 |
| SHA256 | 8f147b28192d30c4a03c4cc2a3cd553a2b13334f87cfc65eae72cec85a050830 |
| SHA512 | afd503e72faf99af88d3f4f97213125972cd58fb7ee3dd451ba59deb45be6fb9987865cb856b15b7381cea28cabb57fc7c85c3f6050918389edfbdbe17b4ad8c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 359652d3ab472310f7d333dc28972cec |
| SHA1 | 6b13c4e455472cf8441da1f80143181d980e933c |
| SHA256 | daa5f5dd80381526ec5885dbd2022aba2fd020c921c16d2b5c91fa107bb2b405 |
| SHA512 | 5be314c34f3af26cc499d89caf304ab906ba305264027139c2d5416f1fc850eff0cdd0dc8adae2f2ecd0437d38334231158672142ad9371224b0b51b6e10436a |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 5a3e3bd2ed5548e7226904f7b1ebfa26 |
| SHA1 | ac29a4a73fc51a8840cb94a3f3eccfd074a9b6b7 |
| SHA256 | ad373751b134d06d7aa929627b70db0d05a26932ee2de52952927ff2eea0109c |
| SHA512 | a90044b1ff8533ebde1d82b7f3f5acbd5841418a5e0de4cab99a84eab6cfe6d8de46015753c1be3dedb939b17116c455e9a34f39e5f2b56110e2609d33b5a405 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | d4d1af7fcfad87de1c5a3e8dff11b41a |
| SHA1 | a5c7b10126700ad2e35c5e0b6389bfc85db50dd1 |
| SHA256 | 56a71521af46161df1df9e5bf7da6c93a8411fe470adf68dfb54dd600b962c1a |
| SHA512 | c8fc4704de23e808187bc77f60daf59cd7a7666ae08157b04270bc5e38dcfe04df38402875c314a3230e9ee1f7e3b6d9fc5fa76e92c665727ea79e54125cb1f8 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | 783907e94c4b4a965bbc258a0f30f0f8 |
| SHA1 | b0e575f566b78582c993f6383e4b0a325261fada |
| SHA256 | ddfe72d6db9397afb6c8c5cd42f9562a625e5befb0fce85911d455cf7c877f91 |
| SHA512 | d2e3123a7874e7d575163b28a7c0142602ec0325561664d80afab2995513c43ee636598f259f13e724e56a55c3aa8a7250a66985825efc9ea4ab5f061ce7905d |