Analysis Overview
SHA256
71cacfe87808263837d05aa9bc1f0fa62c07d06a0bd3d961dd4d3c6dffaf17fc
Threat Level: Shows suspicious behavior
The file canara10.apk was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obtains sensitive information copied to the device clipboard
Requests dangerous framework permissions
Queries the mobile country code (MCC)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-31 12:46
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-31 12:46
Reported
2024-10-31 13:00
Platform
android-x86-arm-20240624-en
Max time kernel
398s
Max time network
654s
Command Line
Signatures
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 35.190.39.113:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.190.39.113:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 172.217.16.227:80 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 6e91919671dcec3857ac563c061b2f2d |
| SHA1 | 3602a5671d36f79b0835e54c2e601982afe318a6 |
| SHA256 | aa194d04a0ceb6993ff3d7c94cddb7f36b649fee8e50ce0606355a0d17437379 |
| SHA512 | a1b31d95e61411cedcd047d7f760e6f833529d4eb3c9a93e0b29ecd38781822a29106a570f9b2437be1caf465fc96b667273ff4e73aac26ba5235936f882adea |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 84746033d5de658d247b056a1ac77cc2 |
| SHA1 | 7c0f4531733d67ca15203974c86eb4ca966f328f |
| SHA256 | f41934a510ea07a5f86cd824cbbdb3d2415c0ff24b7ca72909b3b3f931055539 |
| SHA512 | 976f2e4324666a45ed39f53e65cb95b1947c62be58a0dea68e4ceb92eeafb9b41c83e57f0d7f13c9c93def9c9a4407b44d24284f906c49edeb62b840a407d8e8 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 4a16b00aaf64093aa011c25a53a125c9 |
| SHA1 | 1b383a9a9cce6c17b81afac70c8d0006f3b197a9 |
| SHA256 | bbf399c4b1fae3de782113724987f2225688762a9b99a256c12fbe999dc21c42 |
| SHA512 | 46beb3c6479c17cdb595750e24855d4d7245fb4ca9411228d0e09c6265e06befe421f6f466a25c875e3d6c1d852b21593961aa26f875f6ffe32803b8a8eaf72c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation7509221160239514604tmp
| MD5 | 0d9db998897b2bacae7e3b2afd4abe77 |
| SHA1 | f7428c46d897254954ee0cd58fcee1a561ef9949 |
| SHA256 | f2703a3c4c018b7c546dd8afd904b464a1705c207bd5ea93ad82a748d4c3699d |
| SHA512 | 89a5b9410beabe2f48c37b9a5ec113cd411307b1ba9351f3fb968e8393b4f03d402a357f2d965bbd8d3baf3789e2834f61a33f9638962949e101064d28db9f38 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2779197539519474138tmp
| MD5 | df91d5426f3ee96730d047c0a21104e2 |
| SHA1 | e172ea90918847c1ccecce82d3f6cd7d7f7b71ce |
| SHA256 | 0c96fe585c4b240d2606c96872ded62275816bf299fa8feb9700e8d2947a9ca3 |
| SHA512 | 96c21005508b95cc49f07142950078db24ebd57536cfd90e9b8a8be34c8d4cde31718e2683836fd0497c75a5cfba6802f58cf383e93b80d8baa3a60db2017137 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 59392f3ad77da90aee2d855a4f23f451 |
| SHA1 | b1fa2d221de9dd0d3c3a36b5baa6f60c9d9995ae |
| SHA256 | 63b268b16b1297205a9429875ad4d97ca3505c0c4db573b70df3115bfc7cb873 |
| SHA512 | 635a44f63b894005dd48f521c93ca644fe4adbd39dced4eb3af50d3375ea3d56c3dcfd2feeaffac9590d80708c9eab7a4b56f23ded81668bbd067a968aac5d7e |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 78c72f418cb5790266930dfa0e070333 |
| SHA1 | e9e6dd2086ac5976c488b1293a282ae019eb162d |
| SHA256 | 473e2c108280f10aa811c249f05bff191ef9c9538fa334f5fa1bbe4f8f04062f |
| SHA512 | f54e37e7601855b2a9ade32dcf04bc0c74d357a7dc78bc32f2d494aa4e9748abbfc742875de6f029cb1113b0fcddbacd724a6e73a3d0485734e500619fb440f5 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | eb01b5c401bf23b87f03b8c7e53aee4c |
| SHA1 | e30b2c13180668f8bfa6d0161f4aa93c5dabbedd |
| SHA256 | 6ecb5177596433c3cd5fd19d39f5a2ffbc81584a559684486fc679469d65e271 |
| SHA512 | ef80e4b6747e2d51901d4a97d116dac9abe774c00a3725ff05f76473b3663168432e91dd564131300e11b83d885d29ba5f91ba5a427143b79416c318e3a8cd4f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 4c0f6302dc52af60223f150eb8da3b59 |
| SHA1 | ffb1c540f5647b4922bf742e0fdd229c58c61084 |
| SHA256 | 506c527ca47370f65a5e2a8d1c1c11c923a7cdc3131f10d71aa7805feb172d9e |
| SHA512 | e7094d71ba23fc0543b507bb04a2e357b1a23c15664cc731aae952b69e69b8586868b7f457873a2a85bc214d985eac9329fe8e8b2245e543087685b3e1d0ed9e |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | eaba5b33654e1008fff9001fed5b6ac3 |
| SHA1 | c0ed68e187cc03d84fef11a8fba338bf9520433f |
| SHA256 | 9fa47d154f13799e3f7f02deb9b9fed72d5f640db117be58eea7c5af5c3c9dca |
| SHA512 | 3ca4c4c11c030f91cfb29b3ea7034ae50e42cd56fb1c184c24020b91296be3666e55cfd5a74bd810e419be3893d4cc1f04596b0ee6eb02b33df3e18389e9427d |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 5221d76bc68f7fd10d1c387dc02efc56 |
| SHA1 | 59be9c10fe9918c0be474760d29d6ed2e280aa4b |
| SHA256 | b1b0886a9c74f4364ba2f8e6abd34e4e443cdd36de5ac90348bdf2afa2b44273 |
| SHA512 | 794c2c855a5044f75b8a175e4b267aee7e53698798570c4e669d3fc44820eee58418681f36fb2e6e7a0324568ba4eb74ce08c44463b2117455c5678b237e2453 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | 5c2dcb99ac87c2f4cd6537e61aed2d19 |
| SHA1 | e263a927f303e4793726c5f9a284a6787cb40955 |
| SHA256 | 0bb8ed33159806a989497416ea36ed3aaf64ac141c26e43417ae6f2b572e0de2 |
| SHA512 | 245401407ad85c615a4aaa589d890072fab6345da189f87d9cc30e2134dd23f14bc978d0d3ee5658040b90f8532d72dd626e5e72fe36e68a09eaf8ebd625ef34 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 00b36e19a2f9ec9440f8bb1969f145ea |
| SHA1 | 661b790dbdacb6bffefdae6d440f4176367011ba |
| SHA256 | 0db2472fdfce477fe405e3f3c948766b09a37dc7081b76686913df0bb47a9b17 |
| SHA512 | d20e505a0c428471d503bef59882e16ff129f5360da644e045c700b0e8e5010cd4aaba2d81ec126ddb67ce6e48042800564ebf85d776a9bb0a2141bfdee19ef4 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-wal
| MD5 | c659d086e3796af440a7c88758e7a516 |
| SHA1 | 826727a8b67bb0437c19fa66f52e2d3f4931c32a |
| SHA256 | 6ae0b5eb1a3f2f1c24e933f83da0d4fc934c1e033bc6e2464869eae721e1c167 |
| SHA512 | a4be6fca05409c9d6548933c71a8c857447d7b9c2d1a4b6e220ed0f1694be95c6310a865a071f5fd1a76295fde9b4130f43d87f36d32c291a3cc7ee82ae5f6bb |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | b09472a00bfae4981d7c2a112f46eec9 |
| SHA1 | c75137346a90efcfe76fe2349a5d8fb1ff69fb98 |
| SHA256 | 2f366fab9b8d9acd9baa29db2d80e6f7214d3033de7c88551492359f53afeea3 |
| SHA512 | 0b96866bb41daf071c8400983a32c8eac4f2603815990775c2b7d77e1a717ffeb36cb3f23a8dd379bd4e05298a5c72af2ad1dca2a516348cce6cfbbcbcc50266 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | cb3bae6541bc54758db8f2fa884edfee |
| SHA1 | 38cd125f819ff347a5e1e89101effa24dba409f0 |
| SHA256 | f54ad095e227d36ed3e5989d1b10e9d6e8207e262fd47212c201effa46dfa4a6 |
| SHA512 | 0257972eef4f24b672cb5d364379c9800d12fafceaa7024ac19366f442890346863db75085e3b68cbc4da6caefd186664caadc40b35e26f261e830287f4ebb4f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled
| MD5 | 56b695090152c86159a82bc99c994396 |
| SHA1 | 453b45374a4d442520b0587ded58de4afa4ddc2c |
| SHA256 | 01d45bfbe17ebc03fd49c3ac66cc35a139c68dea928adfff33e3e7450af472b4 |
| SHA512 | 0d9bbd65042e7c1b92ae533988e1a3eedf8682ba0d67b72c6d67198a15bec094b163120faee5d2a6da9b0a91b2dc0f308245c3eaa1c6d6c17e6da8afc40299d0 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | ac1ef7dc3028aabb6cac7cbcd90052b2 |
| SHA1 | 56621ceff8c2a1a398047812822c9ebba76885c3 |
| SHA256 | 5cd4617a95e6b182be2c0d08e57453cac805bc2ae6791114ed9a1afc3d970555 |
| SHA512 | 41daa1ec1e2b023ea51722cb0004dfbb04dc19c573542fc4351bf0cfb0dc0f12fd31cd39ecae0177300203e1440f29dee1cfe0536811220aa8e831fb25289ba2 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | 42b5653ec342c172647a7b9f938b7d6b |
| SHA1 | c98883b1b0b31338381cf4a93e2fdc2b7581bec2 |
| SHA256 | c0f44006597f0292f2797274d595081da16317d9611c44a3082e06f0fd0001e9 |
| SHA512 | d9b1208c57bf8032bea949a3333748e5acf370a763024c7ffbc7472c5c377cc31302b1ba4d77cbab4b56ff95103d5bb60d5f025246f9ea3949f00bd5e8dafc1d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-31 12:46
Reported
2024-10-31 12:59
Platform
android-x64-20240624-en
Max time kernel
303s
Max time network
603s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 35.201.97.85:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 35.201.97.85:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 216.58.213.10:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 216.58.201.99:443 | tcp | |
| GB | 216.58.201.99:443 | tcp | |
| GB | 216.58.201.99:443 | tcp | |
| GB | 142.250.179.238:443 | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 50ee2f6887405a5203c0c332cb2b362e |
| SHA1 | 8bfc8f96225768d26dc55b35c1e210f077404e67 |
| SHA256 | 80af5595b030abbd61b5715830c327c45b9a849ad85ef2e7f05fff721ce4dba2 |
| SHA512 | c2324706ce4a19edb5d6d3f7f006de737f1280e2a16261a7c25d0533bd5587d12f8cd4538aa935d3e7424d3c843ad10e23367597c8425a86a64fde58553ccbc2 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | ee30226bd2fe9ff1dfc0defc4dc5072c |
| SHA1 | ef301ce040fd4fbcaa4d29a78306e750226238d8 |
| SHA256 | e1ab184b3ab4e87908755346e14790d13fe82aa9bfa6687d37b7c6da628c3b14 |
| SHA512 | 62b5a02c0fcc076024afe03e3458de8efea998320b4e591ef35bc6e80348099eef06fc21bb6ce1895e8e81cf2569f71dd195a1e25389319dec792ab312c9557c |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 9f6e946467a706626566004272908392 |
| SHA1 | d4c9ff24923062df6164cd3d800507c26883d4c7 |
| SHA256 | 50ffa329b050a1aeae34650fb4e419c3abc9ca97e07aaab877a023005f34cec9 |
| SHA512 | f7a88ed55ca2131406b469067f8e319d91e006bb4ae71cba209f999cccda60d3df145291da85a44b2c05d08ef0c01ecd3a1fb187c5826ec1f64fdd0e2b4ca729 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 670744a2a7d73fb131aa733193984dd5 |
| SHA1 | 264870e7a596338628c073ed428e55748564f5ae |
| SHA256 | 76ac826086e4b43e747f031623e0d541219eb2dcfcbb428ffef05de2982a42a8 |
| SHA512 | 0270f6fc5437f215620f1fb85812cf2b7e12f496b170b5bf66fafbe637c018de3a3997da530c5165d029419ada7e1bab70353bda191ec345fd74903c50c377b1 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 8ac41cbcef69f09b8c2eb2eb807b1fc6 |
| SHA1 | 20eccbab24ff5d7157ea84dd364b6a363356f1ef |
| SHA256 | 2cc4611873ca37e5c8d7c2187ce731398ca94e2b46b5e44691b0eb6df722f79c |
| SHA512 | 8b8db2a8b4e1016ba655c07e366f4a97be7a68f3090f7c21d5a8407439b774c3800974af54263f33e9c1debf069dc973a428a256e6c41926685e10cf3de2bb0e |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | fb9678d206e0ec1dfe83206429b8292c |
| SHA1 | ee8298291267815eb193b8110d989e87578dfc83 |
| SHA256 | 8b126fc7f08bf788f0616178a0d1dc095fcfc8762aa8b5861fe789a6b3d1ddc7 |
| SHA512 | 99b3c24b32bbf844f310d3ba2bb6ccd29fa4ec61a844789677e6fb27d021b0a49381ac908b6a5aa7f18393bf9c27309034d62edcabd6d8a20982503cf3ae42c5 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2863891342836871435tmp
| MD5 | 2c814e82dd92dde8584b87d90b454834 |
| SHA1 | 924d06c3d443448aa477febf4eee484000b7cdf0 |
| SHA256 | bc4e385eb241f3af4c5a9d4d3272c2e0b26b31a9f7f12e4db1d76bfa76eea0ee |
| SHA512 | 52bc48299581fcdb62752b724d37531c233534da501fd8fcb08d05234f8ea661cd4004a97a4155506ccf748318d0adaf6c5d9dbf2a39befd619cb8da603a8be7 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 470599a6f1543f9fa9dd3896a396e6c5 |
| SHA1 | 56c3bcf46133f405c1effeab10809cc65a2699e4 |
| SHA256 | 6f72a39d55b0b613889b855f07cf8d0b21aae7bf8a9aea0ca2e3ab5f72a1eb0c |
| SHA512 | 51f005e6ea41417c6b0231b262564373c2bed0a5b5e9117f5de92ec07bcf72bc3d951fee77a107c564941367ed31b10e31639cd571665d8accf8678dc762c575 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 143cd1a9b2de6e71be57a548b6f23277 |
| SHA1 | 046708425b232911f657e466d70f121270102b3e |
| SHA256 | 14712fe803bec0e73aa96b9714066619929ff0387ce1e488bbde04e5fdf7feb0 |
| SHA512 | 5ea2f2c188a5f1d620d92c2c826a131b76c86f90b1472fc804ff913a06b3ce15eb19b8953d008fb231633d956fab81528c6dc9d8ada0528af2694a5bb2281af0 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2441028097044256477tmp
| MD5 | 94af14f164cd590053c2374307ea9d5e |
| SHA1 | 6746174e14aaefc305087a8f60bb115220e6d4c1 |
| SHA256 | 87527b047174a00387505d4e667c1fd341432a492d12cf61335efab90b3bb4b2 |
| SHA512 | 75e42ccbee3f59ad597a16152b7f5bd8e5d58b57eb6676d0f1659a937fcebbba4946f05b7502006ac6591c3fd7c44a3e51fcfd20390ba129de22129a89fd974b |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 13fb8d0290e5164c2bf6c5f4edba18f2 |
| SHA1 | 432c136eee6fcbfd975f78c1b9c23b37d60a42b6 |
| SHA256 | 6565e015ee1eed42efe7d03ebf1948a3caf00e1ed99004d6d9c7852c728f36ba |
| SHA512 | f6154065c26c583a46907987201c74eeb95338df4cc947302a8f093d19951d70abe84c0cde745ffb20fdeb8bebb2da6cd639695df30e36f937348aff1693f9f3 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 6f90b2fd4811a9eb62fd869264a65f60 |
| SHA1 | b7c0a1c20cdae4b1a43d01dc8461d36daeb7ef65 |
| SHA256 | 5a02ea2bccec62c0afe911fc661b38c7717d861c3560a64e8ea4531830f21763 |
| SHA512 | 28b2cdb06dcb58b8fcd72ba53951073f5ae0916025053c807d35d06a871a4b26bf684746548c380c75c8f39a9b84481b436d899b12cc73333b38db8b46f64926 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | a4870df8694011461aa57aa0f2bf4b47 |
| SHA1 | a444f8bf153f875b55ac220de15b035fdf63f33d |
| SHA256 | 0cd715123616f1938dcd8081557bf44b84e3ef20ff7ad39ffb18a14627fada00 |
| SHA512 | 4b86201d2d9f688d0b3208006775a78a89bc2dcf41e34d63544d950aa00e9f0c415631b4cb8ccdf70d9463756c03c1c59cd1df8abe983a54773510efdda474e1 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 704dbc669eb19b4723d277ac5ab19c6c |
| SHA1 | 2e36a5840d07df8aaa5c8bef0268b60e31d93221 |
| SHA256 | 1f6a5e635d00a3af41beeefd73c44f853bd7117dceedd40977d5ee36a3408bd7 |
| SHA512 | c1f156fdec525d45219dcfec185d600c7b539f3626e6c0a430f42dfea4d7e844869722a63bf30e36bad88eea46ec0ea32db471c52cef3a703ac5794fa818837e |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | ddb2db64cf39a44ce8917ca00a9438e3 |
| SHA1 | 14af18afdc1f40f2db0bce6361f2139ce66a90f5 |
| SHA256 | 9efb308954327868291e7e25c84eb34d14b166298628b669a599d0fa580a6c9d |
| SHA512 | ab0856637ecbaa695ba198ae9ea8b08d884fcfc89e95b1d0b602b92eeabd62030fd79dd02baeb7d2486ebf05f01ffd5948c468371d904d1131f7225e218fc778 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileInstalled
| MD5 | adce1234a8acbb9fce90eb5e20d8369f |
| SHA1 | 1a5cd6d4da0871a25165e21f51841e2f692468e0 |
| SHA256 | 590dc52a69d1f00f1ee443576e06bba49eebab0cf63288f630bb2be50d4b5eca |
| SHA512 | 2a335fe2e614108a7d146e2f12392fa26cc4ff64d75837cb1c577a61a108a0db3e1358041673c862bc0d4c2517bcb562109a3b08ae826311c344ad6b650ed10d |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | 6616060461a971bc680933b7f76bc859 |
| SHA1 | 3e80ed8e7d8392c547c2e8bdb96833de03fa21b7 |
| SHA256 | 018cf89a3bdc0386e8ac5b0ffac1ad302325c91b3846bce8f5811dab1fee61fc |
| SHA512 | da68997c1fc73cbf2933479cc4ccfb185e97bc621b15a2854bd308e2e24b520ac6960bab17e54802cf79920482fb2380e26cdf97dfc19756a87b9dc864ca4391 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-10-31 12:46
Reported
2024-10-31 13:00
Platform
android-x64-arm64-20240624-en
Max time kernel
595s
Max time network
605s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jkdsfjsjkk.shakti.dada.google.canarabank.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | dcan10-default-rtdb.firebaseio.com | udp |
| US | 34.120.160.131:443 | dcan10-default-rtdb.firebaseio.com | tcp |
| US | 1.1.1.1:53 | s-usc1a-nss-2007.firebaseio.com | udp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| US | 34.120.160.131:443 | s-usc1a-nss-2007.firebaseio.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.180.14:443 | tcp |
Files
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 54b886de5af1affd272fa210908e405e |
| SHA1 | b607cb9b2e9bd65077d3b69dadc10b22633e8a85 |
| SHA256 | 356ebf00677f5e9fbc36a237330a21e63e40fd26902b47bd4b8579a3945fc9bf |
| SHA512 | 61982aff5a40859fc64904684877335d62b9325e74c096bef53ed651e33a844875bf2e420370ac0c18c36948ecbc9db21e55580b6220bff5d6c99672a12ff7bb |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 745162045ad32a56c2eaddced8f4faf5 |
| SHA1 | e42bd47940707e6fd9b965c257cb25c58e5f6073 |
| SHA256 | 88b6e6e1dd938ab5e86ae51b46747df10250680db528394cea7f00a6998b91c5 |
| SHA512 | c9e3599fb4b87f801c5749fb52f22a45ba67db3f6b96c631cd9592c9145cbf4fe001e057cb86d841b3c9aa71f235cb07a546fc5cd3565489ac0f37ac69ff81b8 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | f3f90f4d92d87270a7ac9046f679d5e6 |
| SHA1 | 7c69e0ecd5be14830a0e2258ef99bd5dd875e6ad |
| SHA256 | 84bafc3b341def3c969986a388ae92205620ad8e71775bc0864d27a191c6dbf8 |
| SHA512 | 7390649bd4b07877022f78b81c356f8086d7785ef247be37109eb091e45fa9de3ee5aca8e9e747dc3cea06cf30b675b4d1704e7a027a0a96f2334783e9637604 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 986107bfd37654e628aeefb2374b9140 |
| SHA1 | 2c408d3cbff3553f09200c1e8d7806f9ff10364e |
| SHA256 | d3ec8fb319d93341ee1d4974ec536c5a0887f4e6e85126dfd6c9665e8bf680e6 |
| SHA512 | 582aaf86b1e86371740e104bec72af2d75d83ab7d63ca590080391d013b4b618498ad39dfc306f0c3fd373eed4fe1d1734173ca54dabec1247c143b4569da302 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 540b88b674e82de278f3e6488a8fbfbe |
| SHA1 | fed5e178fbca1300d4cc977e72d8767441fd8cb8 |
| SHA256 | 4542312f03aacd0c1becc400889701ba0d508a529299419bf537e98d2ecbbee3 |
| SHA512 | c449e8372c1c67c90d3673ba405b381e65068e6f412caf8601c4ec1ff0382e44de6ac0599027873b78309f6b69c9ca7e875d43d83208bc5ad97ca91b4ff9101e |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 6b7f5837e9ca9165c63b8dad06fb8005 |
| SHA1 | f217e93a77156948a2f35a6fa55bada4b6c99ed9 |
| SHA256 | add5f7e44d39df9fa4eef07dff2aeba7cad6f7187bde741b20ad4b14bacab3db |
| SHA512 | 75d7832188b02b26bd28b5a1b48f25959c8a3034a04e66ff620a6f006497d2f68f6770b71913ba1a71a665d4561ab609910e3a6c2c960db30af6e3079b866555 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation4298245159482898189tmp
| MD5 | 65cefaf31d48c7548a7a5bc3b3842d96 |
| SHA1 | 7708a70dc70f0d5bf29f3283978adc78620335bb |
| SHA256 | 032a698661eb127b16ad06c238bec5aa1887d53ba49a77e21802ffee99cd7957 |
| SHA512 | 3e720a6bdb20a6fd8dd10e45b2a38cf9b4f9c98d9b7261ba7b8ae36660b9f1a9b2401b5d84592ea1fb1a1088cc2a470eb1412ba18cd63d44dbdf2735045f5e7d |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db-journal
| MD5 | 35b3243cca49f262bddc9eccfbd13484 |
| SHA1 | 6337ea03347f0b7cd21a7b109114e13a4c6b8dda |
| SHA256 | 35837d0c52bd6abaa726def75736abf978ef8d9c983df714f652beedae655191 |
| SHA512 | 06cbaf07663282196e2578d2eb7d6d874abe0f2167f1b417b6ab036af38b1dd887de0cece55c1d2789be1a637b754c68e0360e6c1e805716338a08b0862af160 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | c6974ae1026cc58424ff3d8471c211d1 |
| SHA1 | ffc2c9a1fd9af83a0c258577a8617baa623ee37a |
| SHA256 | 6793d883f450637f7af199ad5f9ed464199458c2f8b5a38f5624d491865c908d |
| SHA512 | cbc7f8f85d446eb808e7651a233c91c659c5d28b437f068e5dddfccf705a43cfcc21485af0fcd0fbc0d2d76095564930b00542fe01770ef8bd46e717f49d16b1 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 991f28bebbababda98f999db6dff4887 |
| SHA1 | a66f058125a9a4b53466827d926aeee06b07c2b9 |
| SHA256 | 66739f74fb519912b71e40fd9f6ff50e408e40d4e77c47f40241d3a1cf384c25 |
| SHA512 | 2bb8626888b4e64ad4ba854601abfe5ed4d26d7b877bd5e68e971fc8ea78156b1d46b698a6b08e5f5624a92b05f60671ec8e1b443c56d6b74e3b728ab785f364 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | dccb4777659c879599eb05fecb0ee50e |
| SHA1 | ab91368b29e24ce22dbc95b6a561628c63b945cf |
| SHA256 | 4c0085e4e88b7a3f377021ad1641749587c2480418fd84db2f111201bb6927cf |
| SHA512 | 4b87242388ec8f374f463ab1b0e0312ad914640cb962544d21b65d85924dad67e3d395c2208431c38d90a0ed8b0a91d9860ed01e65ab24c90ca102f31d138236 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/PersistedInstallation2427966262109322892tmp
| MD5 | aa311746586ea4859db59d8c857e9e15 |
| SHA1 | 1acfd23a54267d5eb62eda997dbb94e9d0d008a0 |
| SHA256 | 0cc48297e03dac60b1addf3447ae97a63ac0e0e48bf6b319d6b2c7a31713b867 |
| SHA512 | b8d2d5c866c7d708b5cc631b03ff0aef0079bba437c66a80d94c968a8e5f854418123424f299855e18bdb4040f55cefb5ab8efc0e00dec301fa4ae0df58ec514 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 4b1204e232de1579ffb8c8a1c3d33328 |
| SHA1 | 569542ca448c245cca3bb91816bdcc001e44703c |
| SHA256 | f20d41e54b2c22e192dc4c0cb1593ca8d8100e5e122adfd5a3209676b5302ed7 |
| SHA512 | 4727cb46009ef702d93ee60ec30ea09511e1bd7960e0ac671de04f5feceefc1582249d807517e44435dea9ae13023067eae2eea7d078a2b2d069aa9231444eb3 |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/databases/google_app_measurement_local.db
| MD5 | 5a3e3bd2ed5548e7226904f7b1ebfa26 |
| SHA1 | ac29a4a73fc51a8840cb94a3f3eccfd074a9b6b7 |
| SHA256 | ad373751b134d06d7aa929627b70db0d05a26932ee2de52952927ff2eea0109c |
| SHA512 | a90044b1ff8533ebde1d82b7f3f5acbd5841418a5e0de4cab99a84eab6cfe6d8de46015753c1be3dedb939b17116c455e9a34f39e5f2b56110e2609d33b5a405 |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | bb45da05a467aa7008b8c90ad8892088 |
| SHA1 | 9736ec2dea54160c699676aef4c5cde274741d53 |
| SHA256 | 73a97023bcce371c4ce3ed04d89fa5abee2392b1522090bda99621d417e3cef9 |
| SHA512 | 00e4798e1a7d2956f2e0aa31bb9acd1be75acad446e8fdfe8a0740f5d37c4bff5aa8c7fb6aa07d76194ace2890c423cf4ce08a5bc3c214eab15ad963d17f330f |
/data/data/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | 5e11826ee713561d1c8492dda51f3b4f |
| SHA1 | b6247887392415d5c6a06d8851214d657da01da6 |
| SHA256 | d191ee39309420930105203a764b25d41633c277a7b5fef3a20f9ec5a656f629 |
| SHA512 | 7f5a9685dd5e65d4a570cb00145bbc264fcf85c24bf4c686ef910af9ae3de64627f7e3b395b4ac2028a9613c8defaff3bf934371973bd6c0a4a448863257c4dd |
/data/misc/profiles/cur/0/com.jkdsfjsjkk.shakti.dada.google.canarabank.app/primary.prof
| MD5 | e3e0717b6e22bf62472f2fed10b7747c |
| SHA1 | 9f259acba1d4e874beb640c9539b62868368c706 |
| SHA256 | 35bb0b66b36b4d1c7f3d678e19a08db724184fbc1dc4851d7fd480681ad59f37 |
| SHA512 | e9276cf9d0c38b5e6d47e41b013c9e06d546d3510805256e47571b3045c7b9f864ce5e75946d65ed8baa119b8174ac494f339b852965923f81d39546baed76bd |