Malware Analysis Report

2025-06-16 00:53

Sample ID 241031-psfbksycqh
Target canara10.apk
SHA256 71cacfe87808263837d05aa9bc1f0fa62c07d06a0bd3d961dd4d3c6dffaf17fc
Tags
discovery persistence collection credential_access impact
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

71cacfe87808263837d05aa9bc1f0fa62c07d06a0bd3d961dd4d3c6dffaf17fc

Threat Level: Shows suspicious behavior

The file canara10.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery persistence collection credential_access impact

Obtains sensitive information copied to the device clipboard

Requests dangerous framework permissions

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-31 12:35

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-31 12:35

Reported

2024-10-31 12:44

Platform

android-x86-arm-20240624-en

Max time kernel

444s

Max time network

466s

Command Line

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Signatures

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 code.jquery.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 151.101.66.137:443 code.jquery.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 dcan10-default-rtdb.firebaseio.com udp
US 34.120.206.254:443 dcan10-default-rtdb.firebaseio.com tcp
US 1.1.1.1:53 s-usc1a-nss-2007.firebaseio.com udp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 216.58.201.99:80 tcp
GB 142.250.178.4:443 tcp
GB 172.217.169.34:443 tcp
GB 142.250.200.35:443 tcp
GB 172.217.169.14:443 tcp
GB 142.250.200.35:443 tcp
GB 172.217.169.14:443 tcp
GB 142.250.200.35:443 tcp
GB 142.250.200.35:443 tcp

Files

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 48bf577160320959503183f361be584a
SHA1 50e3552646d3838d0eda9b38fde14678b11ff322
SHA256 1c03c25e83eb32df12e68fbf7d53430597c0d5284ed12b534fa9bd4916eae3e8
SHA512 c21260f2fc9daa05ee4e8f2a30c36dfd2d8aa32c71b914f4185cb5eb8cc8b3cdb63a918bc70c569f897184b9d612b3530df65c2112aea40f715256c6f982b687

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 3a09113c9e6772ea2bd2fc47edc3dcc5
SHA1 326582a49f312e2984db96aac57988074d74d332
SHA256 35f9e5f2990a7b846c77e772a4c7ac5612184589447e2286567f60ca3b207f94
SHA512 dae42b050396cd513a0907ae4cffea8f9057a82196e7b06d964ad66daea85ac40b6ccb3e31f0985c167deb7c225cd3b748a9fa1c1bcadd77397842847190f53b

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 5326866c29ce473d4f75aab7bb646e64
SHA1 12c701accde7ae303e1a52cdc0651cfc42f1a27b
SHA256 cf5513efe1e816e0421c0d6a66922b3deeaf631f0a6fe257af01b1f1877832b0
SHA512 18fce3d6be3b771ee4d4b07ecf8d33ab3005acef6df793cc249bc813b64e4102cdc5a018fe56cee131619171571c5963c332955ae83da565fd36124a33c72677

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation5975529723779262356tmp

MD5 a595e4952bd7a49c466c10a9761f3153
SHA1 7ca2c3247e68018c5a65ffca8fb081210a86fa3f
SHA256 9c5f073ec973521c4fd0eeb5a20803ee5075ed7ac6596a65b4b3bf51274cb51d
SHA512 ce97224a130da3d2bdc4b09c15938fe70e0cab7a5b191499171e62aaa4a783c389831e81af441417b5fa54e97cdf069ccdc8b948069b5ca81f635d6a3cd8aae5

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation7746317852814329521tmp

MD5 e5eb7a301786946da227bd45ddc8d20c
SHA1 224c3d1957c0d838c4f2fab2fe27cdfe0ff269d3
SHA256 f8b517489094d2462261098afc97f1c4ce6466e6a4005f9badd0d3f97ac7f219
SHA512 97c1e25b67b168f39a9720eca6575d8fbfdf334b39c88cac69f08182c601766f7f9ffb8320d87500aa89311966e04d417b1815245c9ba4be6a4463fae363cc15

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 0ff344ee26aa15566305e0079bdb087d
SHA1 c8aa82cc26db7273a093d2d7d00290d771fcb1a1
SHA256 efdeed4f6db02959662743a9c0a8f72c4852d72ae9bda88178bedb2a41feebb0
SHA512 22d89152ae6335f6b60f20051eb46f66f64431c8a7ff39db6bfe80cfb4c2a687a158fa61263cc71813019c1a7509d1d89d410332e32c1cc24e254a1fb3e16aea

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 dbe8811c076db3c788c75d49ba8faae0
SHA1 27671ded2c65fd08af23089c37e7dcb1cdf8a1d5
SHA256 1a19614b71ffcbcb1d7cdcfa0a668c925b1fc1d75f539d49c0e8ca8617e04d5e
SHA512 4ff54243e84b5ff76570e793a77fb640451a27dcfdc1631667d1e70387fb7ca4546643b094a183cc3809b141d791c0a43d21988711a96e78e436d9bc0e425681

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 c1dd502eaa0c79775ff027b040e6f511
SHA1 587daadcd812c56176929e3b7580280cb04a4c01
SHA256 973f895191967154661c51a178caaebbb0e924e63392fda2d16032f19688648d
SHA512 c844d57efc73b009b247ec5e38fb89f05b6f67849894d7506d1d6b5efffe49447e63eb004815bbec192528bbf4642d0b62dc42a7fc32851c9397b7b29aab23ea

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 e8f883eab8c2ff82ec95212ca1d503ee
SHA1 8ded8e92c8ab899e1843c04b223fec9ef22abe46
SHA256 d44040c25b610c78e53499970b4b25b1f8f8f8cf5f2bbe0aecfc6625a0392957
SHA512 2b88d0f5a3ef30cebbd171cf329803882662ae83a6e051490fe247e73e7d28d5e37ab052cc00d22f44736bf5a47486e58abae3d3d902e633abcd907c00f5226c

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 1dc4121325641913df480cc70f757715
SHA1 7ee12cfda7c2410de5c86ffb73639f7e287d1a5c
SHA256 083f42036b045b637240334bfc29ddb0f5596e76306743abc531bd3df5cf1259
SHA512 4a48d526a98602835a0e1adb7c0622ffad4dc58ad3cf746efa2a123466f5443ce05fba6e604b9c67791fd9cdecb2a551d7a358af262278dc04420569cbab7bf3

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 bb34407d10238277e6e43819839de4dc
SHA1 292060215e35e5b25e8f989a0af1aebc22ab3bc3
SHA256 f24ccc3975db5b046264cb276db00488a4d24acae7346858f22ef901ca4fecde
SHA512 aa8d75610423bd53a2e643409f04c2d25bdf0320de571d54cfb6a28c9a9ae86348c679dde4dd53e3b9753026587ee3d11bdfa157f87c721757232219c7ee87b7

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 6ad321635056e674944563be36bc537c
SHA1 9fa9630e9fce7a4ee0a534cb9870411b00a7bbf6
SHA256 ec4e96193ae5fe9bd22ae6a79ad9055e17b991eba3df9e08d4f10ba3979fdb0f
SHA512 1544dd267391b0ebdde19c5806409e4cd54d04cf36861b760f3feae48e6704099baee254d5f3732b25c5a500f4510fe4c8bcf0be7f3cbe5acd1d51c4a338a272

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 748f9002c1a021024e9eb0ccab13d93b
SHA1 8830950ad25a71564ed06f8c8055425a7ce2e2cf
SHA256 eabee633b3dafc31562a211da5bce8c39e28e7b82249fb30506324a8985cae8d
SHA512 d010a9717d521de1f899b8372372699f7a59b86d8b68992103b770f60bd5962c49754dfc2cc10f4f380eeb34591209c6d2ea6a45d71d14a53fac69694c58a82c

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal

MD5 6e5fe4afd20ab9d14c5b4b1d43a9211f
SHA1 6c6d5af616b70ec298dd9bb5661153646b666df3
SHA256 846c84860c13730061d7208cb369a4f989e704ea145b5b1ebd9d53de040f6c19
SHA512 edbb174ab8c7286df3a99c29b8d05266f4aa6534ae2b524344dfb0feb0bb3f7f57c6ec38acc53f74553ca205a2cb31f723a7428ed6e9154617929a590f24c7ff

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 b09472a00bfae4981d7c2a112f46eec9
SHA1 c75137346a90efcfe76fe2349a5d8fb1ff69fb98
SHA256 2f366fab9b8d9acd9baa29db2d80e6f7214d3033de7c88551492359f53afeea3
SHA512 0b96866bb41daf071c8400983a32c8eac4f2603815990775c2b7d77e1a717ffeb36cb3f23a8dd379bd4e05298a5c72af2ad1dca2a516348cce6cfbbcbcc50266

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 bb45da05a467aa7008b8c90ad8892088
SHA1 9736ec2dea54160c699676aef4c5cde274741d53
SHA256 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9
SHA512 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 51ab0dbbdf74fd241fbe7452a5509a60
SHA1 c8a8328c21db758b446c7852358d3be6534ace20
SHA256 49d9ba723eb31975e672b9557ad829d0b46e87b7297aa5a0767a88e9f4f325c2
SHA512 11faa5df4714b49f0bd491ee54bcc03c77c4ec64149542f81a6b891638f42c1b497d4a95e81c399ecd9cc563320b756978ea10df54f4bb8ad17aa94176c79c38

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled

MD5 754e0038ce5bc2a46253697f16d581e3
SHA1 e6498b966f1de9b2e8311c315e3477f4a0d5720d
SHA256 796a5c9846959bc0c232395c0ca6cab59ef47d6babf00662dc8f1611104976a0
SHA512 5619fd00af635038b51c14cc93a74f9757e1acaa5fafaaff39a7cd088263929867cdbc508bd3f79740f8451bbede75a264dd506dd18afe19fd1b46989fab1547

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 cf0bb230d5b92f051be8f4e77cf7b15a
SHA1 7ec93421bb3bdebc07f9a496bb568d190a4e2a53
SHA256 b592289140d447fb0477638cec2b3d64a2bebaa768b92e98b6d485b9ae5257c8
SHA512 4783f0c2c8b7113e3716bc71ba6dae42c1c0839657d24902cb5e3966b0e2b3892f45b54c3b146f28bb0358e9ad6235198730f64db1b0bdf67d6f199cd310ee32

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-31 12:35

Reported

2024-10-31 12:41

Platform

android-x64-20240624-en

Max time kernel

98s

Max time network

301s

Command Line

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 code.jquery.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 151.101.194.137:443 code.jquery.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 dcan10-default-rtdb.firebaseio.com udp
US 35.201.97.85:443 dcan10-default-rtdb.firebaseio.com tcp
US 1.1.1.1:53 s-usc1a-nss-2007.firebaseio.com udp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
GB 142.250.200.34:443 tcp

Files

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 d5588e18e21563f59435261f7d47856a
SHA1 6684d5eb47a96f08263c4f96e651607d72fb890b
SHA256 1552e6a51643c0be627203a2bb39bd293227d107cad266bed6c12a63aa9e8fda
SHA512 e39c2a30e4f91b07a12b603c0bd2fbb78453aedd8671c16e6e038ef38ecaf77538e3196defbedadf04a0bbb82b6a3a04fa2d258ac881d671b91816c82b03573d

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 f1fa7112a4994189c8669d2a3058a587
SHA1 9b75d3803d4b64173da46847eea29be6c9ac6edb
SHA256 b0052a7a073f7fcd0a880fd5d8d75afde90b493715b062a5002752c7a2f1b06b
SHA512 dea6de6636ced076da4867011e149768557e383900780c032684e0279b6a43f855c3663e4468dc8a4c768284ff0ed57afb761293df64b1c493399c9569ce73c5

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 9724caaf2f332ea4444af3052970f633
SHA1 bd6127a889e1f32e50e07f13399985591fe3ec48
SHA256 e665edb4bec1f9a856faa0288afe6a0bd6713d609069612d195f5e299e517c50
SHA512 1c5ea8c0540cc8c8cc5a2fa0aad948b078c8f51a03569544cd73e28145c98ab4a35b1ab8783fff4720cf2e5701c3fb4c1804f46f490e55c3d1df3d36a8f07585

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 35d0cb7ffbb7adeb21a6a3494fc44f03
SHA1 8c37325349a4c8533d9b633d388534b784e07149
SHA256 9e4c1cbbf157d2f5173e6f0cc9ef2e3d6b2c0d2d62debef681c50bc272eb4d36
SHA512 18421eaf70e70a9fb9e321442994dbed5f937c902a3736b6ff6e0e86a998e6bed6b404783c084a88b5514dcc3a9e2e0740524815deed7ede56af9618e904fe24

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 a70685dbd06782c4c64bac97649c8f71
SHA1 711866db075ba68fc335788fb8babb0a73c594a6
SHA256 2b8d8c0b530d588727bdf8e38084a6072c4b5daf6003f996da777c75a6888b08
SHA512 9b9d70cb62ee1b7e729378f130a28a1c797a0b7c680bbac8297c5094ebadc9f0295af8e124e153914d38e00434883623d9ce3558806229c5a8f2f9af97cf21f7

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 ce84bfed20c43084f70afdba15d3cc03
SHA1 30e7fb31f1fb877cdd1dc6530f0ed4e851b49f5f
SHA256 86e93d5b0a19e8dfda8a85019ba1551f4e314c5730d3657da68e371068758cb3
SHA512 13c13eedd84315cc56fb7b1e1105cd2a41aa929a263023673438ed558201560a9a5a7e74a3fb575b808da633a4797ac5235f00ca1d43e14f3ed7017cf2ecde7c

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation3622097016380037976tmp

MD5 af45b704532155947c59bcc0a94e6d1c
SHA1 7e6f437f3f9f750f5de3ac53f636ec604ba7e54f
SHA256 63fb83a7d965918eea80fce2e385a1f30d3d328d15befb674a131f25db5d0d3e
SHA512 f385e403977f307a26c0575dbfecd11151bf2a922d60e1f666dafad03d00dccb433841ec60c91002fa67404acc74275b19114ada36fbe02e59e57264e7a4c609

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 1896275776acaeadf0db2092f4fd5d8d
SHA1 fd5e84d8ac6df3d23c5a03d1d23826818ecbeaf9
SHA256 776062bf444a1d513839fcea749000f87a764e0db826c714351bbfac18fbfa0d
SHA512 bca3aecc67cbcc6ec5f70b1bd2496505915afdc0c9241e050d8804ae28fe177135a6e9172fed363e572ee65d754423246167d66b717d77b102d3ffbd5116cb77

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 bee0ad8a653ba5e747b6521109508019
SHA1 d6f2b34798e03eb8726cf1e2b8340a211624d6ca
SHA256 b28b68f58388a38e9a1c2619e4a08054257613ca2dea732f25f78f50cfa800e4
SHA512 3381e28ffa0abf7bd3d3c10c72e2342d9a227ae85fe73546dbe2817a4db60e19b1c6cd3567086d8d4c48ceb2ff0eb0d29fe955f4915582368b768951a07d288c

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2467848064835258372tmp

MD5 c0f7230863232b77ab00af8e9e2cd6f5
SHA1 715c16ab1f858aaa363bd6ebbed27fc1078b9dee
SHA256 94f063869a214fe6127ae078d0d26a4dece1c17485217880ce02d9ac8b348f9a
SHA512 9a98ed874f939867927a60793267c0bfa605468aa76fed498a187e96fd6ad3c3da5ed35fce561b5e1eb9ab0b68a8d1bb3c7f46467545eb67328aee45e037b7a8

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 997c1ccf770abd48c1710f5dac8de51b
SHA1 321f62636191702a92573fcbdcff6348de9e4dad
SHA256 54e0015d114134340162ca35c05778af7816c3b8e38a3feaac66c0975329199d
SHA512 2890d11a9e956a22bea28d065c45a81209cca1e4a3209c1f29e922a013b96b365eb7fe15ad4921ae07198c36095dcb4fe4f96b06c57b783c1f7426fdf94e5ee9

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 14babd5b208c1484353c0dc79f70d5fb
SHA1 5cffe86cc9bd5f443901a0851ab7f93112eecc17
SHA256 cb640c4285f801543704e83de94ea383100b9d418236ad1b6cdc473611b3c341
SHA512 0fe00477c557972cbf3f6979365c92eadd5c48dbac562576557ae3dd43e5c651176285db2faacecac2b769faf25f247ed04170221bf3e090eef29c7b7c2af6e6

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 07a354346cc6f2718fcc67fb51c40897
SHA1 ef93e901f7fbc967e9e979e4e00d4b68d197ba18
SHA256 53107352f8dc2627e3a0df88a9f11b3191ede15a1453d64081761c98bbb51b98
SHA512 869119edb06e1f56da760a4abda6149fccdc16e266f52065519ae62555ffd7534697bd184bff0d8f886b7d0931c691d11994523346d415c74527993418179e60

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 704dbc669eb19b4723d277ac5ab19c6c
SHA1 2e36a5840d07df8aaa5c8bef0268b60e31d93221
SHA256 1f6a5e635d00a3af41beeefd73c44f853bd7117dceedd40977d5ee36a3408bd7
SHA512 c1f156fdec525d45219dcfec185d600c7b539f3626e6c0a430f42dfea4d7e844869722a63bf30e36bad88eea46ec0ea32db471c52cef3a703ac5794fa818837e

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 bb45da05a467aa7008b8c90ad8892088
SHA1 9736ec2dea54160c699676aef4c5cde274741d53
SHA256 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9
SHA512 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 cbae7a14a5884d213a27f324eac30794
SHA1 3fcc739297c540e918fc26ed8dcd06e4bfe03fa8
SHA256 0149e3c0984443ae14c5f1dd9b6511c110b1caf2c9d6a22bec973b31ebe01faa
SHA512 2d28cac6c3d573bb302d690d7614c79961b4fc582245363751ddf54fca0dd02da498169c69688c1035723c374155c511bc31f0d657988cf9ea59d673fd90c815

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled

MD5 b4d6aef6d9174970174337527567320e
SHA1 0165d9938001b0d03d0062ac45f604c62682cd7b
SHA256 916861765398cbcae88d6667f26b89691204ce92fb991b517d49b0bbd897c334
SHA512 d01a86d74238be9f38253e30db51efd26e12933c9c63471d7992c81bc63b8ad5d7325b3be8e79197d933b8289329ade3ded6b3d4d2bb14b21a1102554f8bc20b

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 6616060461a971bc680933b7f76bc859
SHA1 3e80ed8e7d8392c547c2e8bdb96833de03fa21b7
SHA256 018cf89a3bdc0386e8ac5b0ffac1ad302325c91b3846bce8f5811dab1fee61fc
SHA512 da68997c1fc73cbf2933479cc4ccfb185e97bc621b15a2854bd308e2e24b520ac6960bab17e54802cf79920482fb2380e26cdf97dfc19756a87b9dc864ca4391

Analysis: behavioral3

Detonation Overview

Submitted

2024-10-31 12:35

Reported

2024-10-31 12:41

Platform

android-x64-arm64-20240624-en

Max time kernel

298s

Max time network

307s

Command Line

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.jkdsfjsjkk.shakti.dada.google.canarabank.app

Network

Country Destination Domain Proto
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 172.217.169.74:443 tcp
GB 172.217.169.74:443 tcp
US 1.1.1.1:53 code.jquery.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 151.101.194.137:443 code.jquery.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 dcan10-default-rtdb.firebaseio.com udp
US 34.120.206.254:443 dcan10-default-rtdb.firebaseio.com tcp
US 1.1.1.1:53 s-usc1a-nss-2007.firebaseio.com udp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
US 35.190.39.113:443 s-usc1a-nss-2007.firebaseio.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.2:443 tcp

Files

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 dcadcafaef31db6c1379b43c4b1affe0
SHA1 56f931af844350020b1d1462de1f7513744864e8
SHA256 db75dea0f6ed2c66bd93518fbbf0a7aac3e19666178e88d040a3cec955d3d322
SHA512 9e804b4c672e1fb9af5ec06137ad74d7ecec376f0cff3da23de1de2f92994b0b1c4769ee2c1fdb7d89a5c80b58ef6003890eebca909eba4cb1ea4c97349bb0f9

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 9c9c4e09f934ee95a66ce24f84011143
SHA1 51d16be2577f8e648c583367d9cc8a1bc51502e7
SHA256 48440fd4df0d33c0a5b7c16deb7a58e51ca6985167e6db157d8f37e6de49ad30
SHA512 92d7b8a2611a0c3b5582a141f5892b2317e0a9884bcb65cd43dfdb325a7567b1bd0b59919ce592d63406c98058bddb8fa200c9fe5b3f4862cd0b20e153ca5317

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 e8e3f011d4717aa935095bb39b982821
SHA1 f50bed967b8169aa89a045999435ed94f314d62d
SHA256 808e72984581995eff32f2f985af6bb8a5854fa154a145ff832978f9447d9069
SHA512 5254a556ff4562dafc8df3ae0f90962dc5bcc6c2b6b6dca1076db9dda37c364163df85dd97832fb6ddaaae08a751e3956eb2fb884437fa35dc494aec7331b51d

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 68a47a0880b00688747859309c5112ee
SHA1 9011e23ef010886e0a31d8857a7654b55b27a52c
SHA256 cdcc2b80651ab9be8b2b9600562866a874016866ce7f425400fd21d8f7652208
SHA512 4c04efe0daf7a1220df258b87bfa92800093941a7830837d8a580eacde09616659b950ea284024d5c2eaa2874fa8afceda777de87865b2f78f24a32c3253aadd

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 4709dc3b2c2ee46d47cdf4832c75af6b
SHA1 b6144d082ff2048caf101505e5d2fab9d8199cd2
SHA256 090b5c8719200684b94d782730bcb26ac459abd8dba85b3e1eb71d3f84f46103
SHA512 d1ca2c209f936ba12d9fa825a4c7565acaa9eb504a2d069fc43d5f043210da4404909b4ae33109c683d6890dcc230f7dd8cd1c1de1f929775d10e45cf21e81c0

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 d23558869d878ae252990c270fab958e
SHA1 4b8bf34e35bccb711061fcc56bd4fef214f4d5f3
SHA256 8fa71d28004b8d254738b7032fb434a1431d3a90467e0bf91f228c6715d9dbca
SHA512 10ee2ce087a7e90ff14e6049d154e78011b9899d4d427e6a3f72f89c00a6419ea86febcc7a2634c75c05c153971760cfabf46fa0aac04b01e275005911de0043

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation8672022134393417146tmp

MD5 7a39a7a9d7a856ee60ebadfd516e40e8
SHA1 e6f96832194d33c2b613f54f64e1388740337ff2
SHA256 20c58dcda3679af1120129103b5d93f5972db1d03275f0825d2ff9240b110691
SHA512 00ac1b518bb682e47263ea0f7b88a650c398f710bac7c06664f3184858b4c4c518692a1cae4c1d720eb9bfbe44cb5a1f24a4deecf1006da6f172e056e046782a

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2111174878644155776tmp

MD5 39628e05093a6eae62f5ad587fcaf325
SHA1 8f29eab0a480ec3b2fd3f23295fa6829daa1c3ab
SHA256 5483e8e0e1ce3212fa117164b49d161d36bd2fd49285bd156daf11eaf53b4b73
SHA512 f9ca571be05dd0add6961e3c76853b4a7940947765d54bfaa2c6870835198d62472334343f87683ac3b79bdb6781a9baafb34715bd7fcd0f78289def7fea3f8e

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal

MD5 5d384b9543d9e65351ccfd0c753a9835
SHA1 22338df352908d0cb0984a38462edce317f3f1cc
SHA256 de978634de0ad90b35271453a0a47d95ddb1d6a0188c2cf1ece8cbde312e8eea
SHA512 916fcba1d4e00caebda2ac07261b187e41d2ddde412e3f7cdf4d07bc9bf01f23f06ef9937cd82d766617e9d67662403818db9a4c7b0ff1774b2ad96c739d3317

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 6386a7ba64b3f72154aa9c52ef4c0f97
SHA1 43f572a3c32b548628a0a4be3b951e895f63fc5e
SHA256 91df4bf26b1562de61c8e4fd4ac3e03de619091c7e350ca7793d12e3f43cef53
SHA512 8dde42de60872f331acba70b23b1b3b7f174a32629113163ffd1935333e72683b00514bd6428f5dd064ff87e7fa803022279e2499044a7f8032fcb69165926bb

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 b9f592a42e3ebba55691a174c687a578
SHA1 7344d43bb678dafb5d3838e589b715d6b0db40af
SHA256 2bb93c7650dc74783db1631344a4c9035fbbdf8b0640f764f8be89c26a6fb835
SHA512 4718bf9f0dbc1c336ad225cdcd45cde9dc435c3bcc09bf89bac642839eb7823ad5736146bb0bf5922055c42647a652ade19e72bd2e0201110291c0e64c4b10f6

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 f9f1621c16405f294afb675be1105995
SHA1 3ece41530602db33afbcf4bbfe504e8fc3aa0dc2
SHA256 8f147b28192d30c4a03c4cc2a3cd553a2b13334f87cfc65eae72cec85a050830
SHA512 afd503e72faf99af88d3f4f97213125972cd58fb7ee3dd451ba59deb45be6fb9987865cb856b15b7381cea28cabb57fc7c85c3f6050918389edfbdbe17b4ad8c

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 359652d3ab472310f7d333dc28972cec
SHA1 6b13c4e455472cf8441da1f80143181d980e933c
SHA256 daa5f5dd80381526ec5885dbd2022aba2fd020c921c16d2b5c91fa107bb2b405
SHA512 5be314c34f3af26cc499d89caf304ab906ba305264027139c2d5416f1fc850eff0cdd0dc8adae2f2ecd0437d38334231158672142ad9371224b0b51b6e10436a

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db

MD5 5a3e3bd2ed5548e7226904f7b1ebfa26
SHA1 ac29a4a73fc51a8840cb94a3f3eccfd074a9b6b7
SHA256 ad373751b134d06d7aa929627b70db0d05a26932ee2de52952927ff2eea0109c
SHA512 a90044b1ff8533ebde1d82b7f3f5acbd5841418a5e0de4cab99a84eab6cfe6d8de46015753c1be3dedb939b17116c455e9a34f39e5f2b56110e2609d33b5a405

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 bb45da05a467aa7008b8c90ad8892088
SHA1 9736ec2dea54160c699676aef4c5cde274741d53
SHA256 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9
SHA512 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f

/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 d4d1af7fcfad87de1c5a3e8dff11b41a
SHA1 a5c7b10126700ad2e35c5e0b6389bfc85db50dd1
SHA256 56a71521af46161df1df9e5bf7da6c93a8411fe470adf68dfb54dd600b962c1a
SHA512 c8fc4704de23e808187bc77f60daf59cd7a7666ae08157b04270bc5e38dcfe04df38402875c314a3230e9ee1f7e3b6d9fc5fa76e92c665727ea79e54125cb1f8

/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof

MD5 783907e94c4b4a965bbc258a0f30f0f8
SHA1 b0e575f566b78582c993f6383e4b0a325261fada
SHA256 ddfe72d6db9397afb6c8c5cd42f9562a625e5befb0fce85911d455cf7c877f91
SHA512 d2e3123a7874e7d575163b28a7c0142602ec0325561664d80afab2995513c43ee636598f259f13e724e56a55c3aa8a7250a66985825efc9ea4ab5f061ce7905d