Analysis Overview
SHA256
9f0460662f390a0c5ca40b0ae41a5205a72553c9df68e4afef53d9becf6fae12
Threat Level: Shows suspicious behavior
The file AmnesiaBETA.apk was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads the content of the call log.
Tries to add a device administrator.
Declares broadcast receivers with permission to handle system events
Requests dangerous framework permissions
Looks up external IP address via web service
Schedules tasks to execute at a specified time
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-11 06:30
Signatures
Declares broadcast receivers with permission to handle system events
| Description | Indicator | Process | Target |
| Required by device admin receivers to bind with the system. Allows apps to manage device administration features. | android.permission.BIND_DEVICE_ADMIN | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x64-20240624-en
Max time kernel
10s
Max time network
301s
Command Line
Signatures
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.example.myapp
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| GB | 216.58.212.227:443 | tcp | |
| GB | 216.58.212.227:443 | tcp | |
| GB | 216.58.212.227:443 | tcp |
Files
/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal
| MD5 | 627cf1b7684a48835c3623752d887225 |
| SHA1 | d462b0c4ec750295ba5bfff8936081e511936480 |
| SHA256 | 0dee7b4914d55232036ef3de7996d3b66f80dd14c5abe3cb7bc4844596077fcb |
| SHA512 | 4bd578dec2d25922b50bc6c6ac6e69be9bb11f7bdfaf5c77eb219865ab5f1e832c6742afd793aeaf4bb639bbe279c3c1a60ca70a87fd9b47cd64bc45822cd527 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 506ed4cb29038ebf9b8e08ec145fde62 |
| SHA1 | 855cc56d4ed76a4667f1cda52b465c94cde177e5 |
| SHA256 | 20ca5e92b49b9bbc0e244fe3ce8bf1fa1a165b5ff14803be4bd6e164ea58c74d |
| SHA512 | 0667e5a2e588866c51c3485009e85aa93617368e286b03507c786c3671bdecc58f1e97a512abc5e6f124fb40ad9ec9c9155fa256a61fded13d00cf43793032dc |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 362fdee8396d32bde785c0db01d10439 |
| SHA1 | 5b4e60cd8d49a8172ebbb9c9345224111953aa3c |
| SHA256 | cbdb68384be1fa53b3a63476b676c86c8103a0127d17676c0565b93984f280a7 |
| SHA512 | 02de9d9de413b70a04a32c19e517b30cb1dd2f7ab904154c321a5fad6d0b39e211180b9ff0352591d3dcd251c5c96a3e5798a61b4d8bafef8f84c18538d87bbb |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 696cbad9f15bd136f8f8dc2ff44d4eae |
| SHA1 | 1cf8dfc679a728647f1c0ed6a3890fe5c1d3324d |
| SHA256 | f7e48df22d0ebbe6b2d5a398f8a72c9b828e402142a8ddc6385be472713b1a24 |
| SHA512 | 0618c321100651bed81a30254654f1e88bd555a2a504e3a23cefebd5ee70a31ba0f8159c999bd2db64dd49c1455e2010afa256103660eb0657ce7c7ffff6b335 |
/data/data/com.example.myapp/files/profileInstalled
| MD5 | 34901dc3b59780cc7dbe3dbc34d40035 |
| SHA1 | 2db05f353073e7786484137bde95db0c29933e12 |
| SHA256 | eb6664598c0f5d0af6a541553c36909216be97f54d23db5132ed3abe129a6581 |
| SHA512 | a49b3afe084eeb40cf0b48567412e62db64526c393d0e054467264e75625f607009b855412c8c70bf65127fc8ceee12e15bd8a39e416cd6c92328114cab0a5e1 |
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-33-x64-arm64-20240910-en
Max time kernel
7s
Max time network
300s
Command Line
Signatures
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Tries to add a device administrator.
| Description | Indicator | Process | Target |
| Intent action | android.app.action.ADD_DEVICE_ADMIN | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.example.myapp
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| US | 1.1.1.1:53 | rcs-acs-tmo-us.jibe.google.com | udp |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 142.250.200.14:443 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 142.250.200.38:80 | tcp | |
| GB | 142.250.179.226:443 | tcp | |
| GB | 142.250.200.38:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 142.250.179.226:443 | tcp | |
| GB | 142.250.179.226:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 216.58.201.97:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 216.58.212.234:443 | remoteprovisioning.googleapis.com | tcp |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
Files
/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal
| MD5 | 6c146ea58dbdb75d1c89a2adf5c63d54 |
| SHA1 | 9dfb22160cf9c641b4a751bf2704f1b23ce1b699 |
| SHA256 | 4bb67d0bb17de2d0ce86a57e055341a385fe1ff2a40de342466a77f5ffab487d |
| SHA512 | 747ccc13307a06806030973dd255dc2525e539642d7c22e33bd2acf1a13f07cfe70b337171bd8999f7d146410203a14d1529832a3558f780cda0831db3af2bf6 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb
| MD5 | 0eb157e1a86d4d00aa601dd2f6ff3ee3 |
| SHA1 | fee434f784e73cc7916322e949f727caf8363102 |
| SHA256 | b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4 |
| SHA512 | b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 034d36b7a5e1afedb63ad548c83c03f9 |
| SHA1 | cd1f067b0448e1be2107b92ab589a25001dbbe70 |
| SHA256 | d306c398fa65a46d50db8d40fb3fd7da3c0a6ff0f7d0e6069c0f0e826268f8c5 |
| SHA512 | 2cd4549638aa2c33a469b19ea7b8913ecc553349e98d104e29b49b8afe26e594394dcdbabfd743e13a5419525c1b59873191d8c08cdac62cb026d173c8988372 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 443d750cf70895dbb624560860aae147 |
| SHA1 | 3554cff2c8c2d87e87840209d7b6ea8db2696069 |
| SHA256 | cb1e028e25a01d46e457818b6c1cdff8f61c350d3be5a1bdde4ba787936cf754 |
| SHA512 | b5f9cef28b944d9cb8661e04dbe6b77083d8dd0381b1095fea3cf24072126df8ed60bc8c3c43fa0907c6835ca1c200b02e6c5687febf1bffcb7409a9be4baa94 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | ed6329dffbba2c6ac6997e84fd5edb2e |
| SHA1 | 159d699422fee97e89486ae2f5c8c65686acc243 |
| SHA256 | 799da3e25208e74c23b27b969f15c5a044440bdfef0888ace0b7b8020d4aaf3c |
| SHA512 | 42a35bdbf166a9f50119b959da24e1db435b0cc13ea1cfda2a94512d16372530445e5d36b2797e04701c2833dd89fa4b1a2666af3966f6a47e8030e770aa8cc5 |
/data/data/com.example.myapp/files/profileInstalled
| MD5 | a1971d87ed45006c35a78b8e00bf8d8b |
| SHA1 | 972a980c9fc558348dd06cc73128c51bf82c36ff |
| SHA256 | a2b962a4b7431227d631563b0906b9b76a8edd47c6d5ff0226f5b59c8546e018 |
| SHA512 | 4cf58f1b56b723ba3a7c70c1f15259fb6179d83fe68e4d867d7dcc912892c52ad18d53e7dae9ddb8f6969b970cce5b77c9840d1bde6711a43b0b95c11301e604 |
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x86-arm-20240624-en
Max time kernel
11s
Max time network
302s
Command Line
Signatures
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Tries to add a device administrator.
| Description | Indicator | Process | Target |
| Intent action | android.app.action.ADD_DEVICE_ADMIN | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.example.myapp
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.16.227:80 | tcp | |
| GB | 142.250.187.194:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.195:443 | tcp | |
| GB | 142.250.187.195:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.195:443 | tcp | |
| GB | 142.250.187.195:443 | tcp |
Files
/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal
| MD5 | 90a4b3eff84db32cb2380189c1b59e9d |
| SHA1 | 0fa77895210bb1896a37c81d5fa327832a39d30b |
| SHA256 | 6d847b5fec924ccae6d0f53feed98e317d782c1b7641138234a9e17042967633 |
| SHA512 | 0b0ece9205f707d49fd50c01befe71a631a144221dd2f3e507a774f72beb60ac47e81eb3d81ce3782ce4d818f61efb1f0d9916bf779bae5f18250c9c3b564e96 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 3ecc9418c50167978ba96a1b5cff2cd6 |
| SHA1 | d1299c5a6bb9b1a5bcdaa5fcefd3d71934763db7 |
| SHA256 | c8e96891c01643d4273df1093f67438248f260dee46f3d6a478d8337290a6fc2 |
| SHA512 | 7876f1ef4e31906e90d08ab45357b2198db480ce11e5363a977bed8c779b7f671b08039a77bc4131e31d9a825ae2d05a325eab816dab9d7f6daf887db30da212 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | e644fc952c715f93f82301706c6659fc |
| SHA1 | a839f8a2d3644477916b535ea85caf0416291646 |
| SHA256 | 3d033540fd8b2c90433bc6f552614019f41c0c6726e2b81c1fc0f25071dcdfdb |
| SHA512 | 3ce96cce8db90a900d13ddaf0e3455dcb3a1e7da18e8fd88777f27cde528cab9181e8d7ebd96c20c4ffaf2c81a3a7bf11b2b40908283bf3a056290bc4354bc60 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | ff3a42c2a0249efcb3983f53a275aaab |
| SHA1 | 5b45493c77af1a54cbe90b42c2e9a884d77867cf |
| SHA256 | b7066f58494901f97594f168d61ec38ef0d7e75edc7d86c2a613249321069fc5 |
| SHA512 | 74dfe18cde9fb4b93252029dd8c5403323fb44887a970d6685d6b259165926524f61284957063a7845347924fad13850e7b3bae527c4c2b2c2e2dc2723721317 |
/data/data/com.example.myapp/files/profileInstalled
| MD5 | 14d73994ec15481f9a608ab91fd3c3bc |
| SHA1 | a9d9d9022ba789b58afee51dc930d2e42e919770 |
| SHA256 | bd2c8c2020873fba38fde14e0697efac2bdc89a647c6131f3944b1226a59c21f |
| SHA512 | dfebacf7e6144c2d12970d710781f0160fb58ec6971de10c06e3eb0b738bf9eb8031b4c22f95de316507f1324e933effec3187d009f77cc54beb4f1dad06d372 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x64-20240624-en
Max time kernel
198s
Max time network
301s
Command Line
Signatures
Declares broadcast receivers with permission to handle system events
| Description | Indicator | Process | Target |
| Required by device admin receivers to bind with the system. Allows apps to manage device administration features. | android.permission.BIND_DEVICE_ADMIN | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
beznogym.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 216.58.213.10:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| US | 1.1.1.1:53 | g.tenor.com | udp |
| GB | 142.250.187.234:443 | g.tenor.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal
| MD5 | 903cdacc979a62fe8074ac83505cc4d0 |
| SHA1 | 24f7b4512e76366d4921fdb203b7d30fbd82129c |
| SHA256 | 49b9e9dcf56e3981990315f92e5aa2d77dd07e87dc9ad209269a9a8079fe640d |
| SHA512 | 53f8fee96aae9357b87bf134488db84ab6bf252da44ef92bc309236ef5acfd9fef37d3aa6887c9cf544c5b9669a3b0495aaf5474d71f267c9d407b9b7c1c3c1e |
/data/data/beznogym.hack/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | 19ed9710a3203ecd4345cd2b2d90aebf |
| SHA1 | 71091e9e98cb24484bb4bce5141c7388fbb36486 |
| SHA256 | d2a6f8a54efff6f1a81c60a948ffc65f9bf6563128b5f0f39ec87dd9f20e092b |
| SHA512 | bc4f2b991ee2f304100948fa4b8c9e7ee4a0997faba64edde7a5f0a46fea1e59a8000b53655bd8050b100c96c418ff49c3aca07243fa81980d8bb8446d8e8118 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | fb479f335ab1dd5c13d98bf1a24240b0 |
| SHA1 | d990b67333030520c92b4a7fd3bf360f6acb6324 |
| SHA256 | 1e8ebd4d8980ef54291f8665f0d9deeb2eab1e76eab946cd5638f36e4174112e |
| SHA512 | 4fda45dfcda68416ef90298caf3155c9a9566e0c7a3f18b5c2fc2506c2210888433d057cf0a5396ca78d7c961a38b353bd33e58a1e7733c466dff7e55b9ebd5a |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | a533b7360a46642cd66f6be4f23138ec |
| SHA1 | efc3050cb803b639288cafe8fbe4872d0eac5e66 |
| SHA256 | df5f486e540c2f88b46278fc74d485582954d1d4a423e6d233aed977a531cce9 |
| SHA512 | ddb884ef873fe703b15684b43dee8079f84fee4903864818cfea3546337691ab3d3a1b3669507fa350387ff99f386d04f8449bfc27a6743256bcc9ebc66eef4f |
/data/data/beznogym.hack/files/profileInstalled
| MD5 | 9c1588e6ba35655451157243cf3b077c |
| SHA1 | 57c836ca21e860cf36081686555f610b8125d15b |
| SHA256 | 62da4d4fe54e8ff470e8c2b90eaeb98f74a0a1e4fb375a8843dcdf0da2624b1a |
| SHA512 | d7ee7b397a5b8fd2855ebae319ab311c02b797f75c0d49a9296d1ad55cfdb7ee411aed836d557ac771b12ec274f23f4926164f0a7ae4e380818ed54fba458c9f |
/storage/emulated/0/Download/Build.apk
| MD5 | 7476eabbf756bc6eff06f8dac6f26bdf |
| SHA1 | 3d7b362bf9a9afdb5824900a50d25791efba97ec |
| SHA256 | 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286 |
| SHA512 | ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d |
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-33-x64-arm64-20240910-en
Max time kernel
6s
Max time network
304s
Command Line
Signatures
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
beznogym.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| US | 1.1.1.1:53 | rcs-acs-tmo-us.jibe.google.com | udp |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| GB | 216.58.204.74:443 | remoteprovisioning.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 216.58.204.70:80 | tcp | |
| GB | 216.58.201.110:443 | tcp | |
| GB | 142.250.180.2:443 | tcp | |
| US | 216.239.32.36:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| GB | 142.250.179.227:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| GB | 142.250.180.2:443 | tcp | |
| GB | 216.58.204.70:443 | tcp | |
| GB | 142.250.187.194:443 | tcp | |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
Files
/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal
| MD5 | e700982e3d43793efcaf487952f0b0d6 |
| SHA1 | 47713c96084942e9ae279f8d9d90421cba3f965e |
| SHA256 | ddd33e340188642436955a671dfb3be076a7f55dba6d92538e9290d924845f94 |
| SHA512 | 767564068340f684856d0e567ff685241dddf3e118b5b717ad84215ea32e8335b4fc1bfd0a4e7c2d764c7f95dd8e693bb22efc62f5aa93179f8dc31f50394513 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb
| MD5 | 0eb157e1a86d4d00aa601dd2f6ff3ee3 |
| SHA1 | fee434f784e73cc7916322e949f727caf8363102 |
| SHA256 | b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4 |
| SHA512 | b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | 7f88805889a46b002e4c968cd62b93cd |
| SHA1 | 8c807fceabef27195ee82fa78e3ce0077fe6a5ec |
| SHA256 | 137c0144dd4c894fdda8691edc958b547380bcef0f85229fb789a1e67473a2fb |
| SHA512 | c0c7e974f8b887293f3858eb588345f9e759db4183c74ac8556d694f27a4266b8dd0c5301ce720a9cc9eb24e672b13c320e44ec328728434476849d1b2557fbc |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | bde3d7844f49391644c821384ffe085b |
| SHA1 | b259e885dac7370c506331a4876cf17ae6af2639 |
| SHA256 | 1ed550d3d791dbe4462cffbbcd631b9e7e61ab0cabac3a4d524a32e3d930efd5 |
| SHA512 | 1278b22af0c397b366409a65a03ef70bb621f44ae03ccb155dbb8dc6a0f1d6f7f8e4df679ada7fa4e8a43c7b2d77ec94d0a902c6225ec7bb26badcee75ae21b2 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | b367fcec50336fe5c92dd39779ec22d4 |
| SHA1 | 4d35e8efaccf5b2c4ea0f110f060775b7818e778 |
| SHA256 | 28c17a5dfe6e49652beea2e637e6415f22de7d1503eb8b0201d84057d64134f1 |
| SHA512 | 0c38df693b60edd25b30d01b2a0948d0d02312d25b2ed6673cc0ce4fa6bcb6692ef555ad9636b9b9d344bc0aef71ecee576dd7454645a8992cbcdf7d0b8abcfe |
/data/data/beznogym.hack/files/profileInstalled
| MD5 | 6a1a2ac16b36981a9403317b11a33534 |
| SHA1 | 4f91ca4ef56c7d3d386d104941f7cbb220e2c3a5 |
| SHA256 | b5ec8349b21118a407338694d1e0bd3bd191f4acd6c2aeb984b3a94d92c455f1 |
| SHA512 | 19f5b2beed806733831ac9a25bd7cae0e0dfcd3751d9e720f4887e578ca1a10ee01696ebf4460a925194e802000ab3db119ee64f75a7b674df667a8c45b633e4 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x86-arm-20240910-en
Max time kernel
294s
Max time network
265s
Command Line
Signatures
Declares broadcast receivers with permission to handle system events
| Description | Indicator | Process | Target |
| Required by device admin receivers to bind with the system. Allows apps to manage device administration features. | android.permission.BIND_DEVICE_ADMIN | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
beznogym.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.200.3:80 | tcp | |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.178.14:443 | tcp |
Files
/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal
| MD5 | 0bb81e88ad57bcd0ccda8193b5029c23 |
| SHA1 | 3616bc93b86f5a9cb5f904f1ca8693c81da93cdf |
| SHA256 | 5400aa655c2fe18d2d1ba066e050af357d3d526055adcd0fb021beab7ae41fe6 |
| SHA512 | ad93d1845320ab5453cd7a35ec280eeb655f768c073e2bcec815ab6cadb34ebff38f4eedaa57d292a848e66e0118e44cfb07bb90884fef52b0cbb463d430ddb1 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | d79b92b1c90add4e03c2be5b0f6166a7 |
| SHA1 | 75b44bf6ccce59a8ab1c7cd0a8a95f59e2e23c8b |
| SHA256 | b2d1daf21c6ef55dae0b5776714d07356c2909e45fe2e1eb68de61365a7101f8 |
| SHA512 | 86daf00a06d5c45fb8b853ece2912a4185f627803b0d530cc35a1f584d76be9d00b40d1997a4202e5a0ebf487c84a3a8730c09ebdb322671d5ee183b2e55db8f |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | 94cf03783f48685a1aca2b5b7ce8329f |
| SHA1 | 98eef45dcef287374c14250c2f061cfa83b32668 |
| SHA256 | 5d72158b57931a79f5e1773a09c5c302a7c9c3f19f64dfb9f8805cde16b95f34 |
| SHA512 | aff5dca5630c3d906c1870ab55908fb0e4916336be5b15fa4b01ac99716d86b30e94e6a3cc3c06df0a4f455e4af980135b807577c1aa8ab9fb076f4238d1e61a |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | f579903ae2acc9761b83401008f662ca |
| SHA1 | cb9e197dbc7e7a271ef478233f69a32e16adc6a4 |
| SHA256 | da975927120233c7952648f19fc904bc3055bcb4aee77e4bd6220851dcddd310 |
| SHA512 | afeebe1de341b0179e4eb0bb763dfe6e28f03fd2f762a4ed4c957dd72e589194388f8f675ad632f43a4731248fc70e03cc99fd36a809777d02e2481a62a5cd0a |
/data/data/beznogym.hack/files/profileInstalled
| MD5 | 9b54acd7a6ce7f4a23134fb760483a11 |
| SHA1 | b3465ca480cc1d98b514726d0fd2fc183d6ec860 |
| SHA256 | 39b92a8d005e7f0f337672e54dab4f880876911075686c261c482bb59ba67d78 |
| SHA512 | 4ec41702e91234b66c42bc85a7437d8491597bf9385f7b37cf26721b80405e1cda60abac335b37e322b96b4a7a5fe0afc74808a94954971d0e7280438b9677dc |
/storage/emulated/0/Download/Build.apk
| MD5 | 7476eabbf756bc6eff06f8dac6f26bdf |
| SHA1 | 3d7b362bf9a9afdb5824900a50d25791efba97ec |
| SHA256 | 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286 |
| SHA512 | ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x64-arm64-20240624-en
Max time kernel
168s
Max time network
305s
Command Line
Signatures
Declares broadcast receivers with permission to handle system events
| Description | Indicator | Process | Target |
| Required by device admin receivers to bind with the system. Allows apps to manage device administration features. | android.permission.BIND_DEVICE_ADMIN | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
beznogym.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.187.227:443 | tcp |
Files
/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal
| MD5 | ed6032bf1cdf2c90f6f937fa73633cce |
| SHA1 | 06d920ea567aa1815352a2ebbcab3f855684ed71 |
| SHA256 | b635dd319c94196995c2ba4441dc6ebd9116e9be04f7499954830791689b39af |
| SHA512 | 243d6f0b52581f29096e12b2f417e90fc13a45215674bcd402cc2b01f4da9eb1461c1048e4cd18073fe82bf530a7b141284a6883339f7638dbe1cd68f8be56e4 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb
| MD5 | 7e858c4054eb00fcddc653a04e5cd1c6 |
| SHA1 | 2e056bf31a8d78df136f02a62afeeca77f4faccf |
| SHA256 | 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad |
| SHA512 | d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | fa0f773959b664988e74b64262dfe255 |
| SHA1 | 21f53bc90e80e86c97b12d1f807ca0c086e88a17 |
| SHA256 | 2fccf3988bdf83fdadfdbbd0ef70a519d451a31884dff70447fbe7f5b05dcac1 |
| SHA512 | d5323196cfaeb03a9234bd1f9ad0331609a54f80ea624f49340902dcb7980dd5bf7ee45458c4ac4f9ca481ceca5613303d3aa3df2d05bd515d00c5cc69a89a99 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | 6cc3823ce5b101696756b7c34e708d66 |
| SHA1 | db7e9bce5d2cc87d198cb1473cabb3cd9db6bf8f |
| SHA256 | 195da37522bcf1ab44755495695f1bbce3723d6c23da46125df72f1ec8fc25ce |
| SHA512 | 65aa2fb9e9dccdc1e4880865f1ce165ed803cc1ff65b5daea8ff3abe3ebe4692821cae0a1f51fe184a1577175bad992df3214d8e808e91f25921dffd6a267aa8 |
/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal
| MD5 | f5cfb75530b8474dce880c3e5151f22a |
| SHA1 | 930a6e23a8f25c40ed42b5fbc5ee8eca37a91746 |
| SHA256 | dfbd8057d247c4140ca856350c70ef009ef5891b6370ac9ee562c2dae251c2dd |
| SHA512 | c80860918ec693850f83ad988d5ce441bc0513adae683c708c75ac550dd85739b18005f72db15ee70fa8cea68e3b39b95eaa1193625ceab6769011a03c9322ea |
/storage/emulated/0/Test/Build.apk
| MD5 | 7476eabbf756bc6eff06f8dac6f26bdf |
| SHA1 | 3d7b362bf9a9afdb5824900a50d25791efba97ec |
| SHA256 | 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286 |
| SHA512 | ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d |
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-11 06:30
Reported
2024-11-11 06:35
Platform
android-x64-arm64-20240910-en
Max time kernel
7s
Max time network
288s
Command Line
Signatures
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Tries to add a device administrator.
| Description | Indicator | Process | Target |
| Intent action | android.app.action.ADD_DEVICE_ADMIN | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.example.myapp
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 216.239.38.223:443 | tcp | |
| US | 1.1.1.1:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 216.239.38.223:443 | tcp | |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.33:443 | tcp | |
| GB | 216.58.201.97:443 | tcp | |
| US | 216.239.38.223:443 | tcp | |
| US | 216.239.38.223:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 142.250.180.2:443 | tcp | |
| GB | 142.250.187.198:443 | tcp |
Files
/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal
| MD5 | 71ce19512f5d0bf4ca4edfce5a5b66b0 |
| SHA1 | 7a410bbfe414f6f7e76a3d6678913d105f0f1c39 |
| SHA256 | f28eab408742de3874ef08d6024f3a023d1e6875ebb6bb99449dd649a2e20a0f |
| SHA512 | 65ab71a8d7fdae0e710d8d5d013839518eb76710324a31d7ae3b4cf4d8ea71e05de90c36dde9d3273ad4cbd73e41308e5bf75deb8b4a4385f2c657cb14c8a11f |
/data/data/com.example.myapp/no_backup/androidx.work.workdb
| MD5 | 7e858c4054eb00fcddc653a04e5cd1c6 |
| SHA1 | 2e056bf31a8d78df136f02a62afeeca77f4faccf |
| SHA256 | 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad |
| SHA512 | d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 2345b4fea7ebc8810a0320135fdb9e23 |
| SHA1 | 9904941644a518e3c49ce6416c85a907172bfe5a |
| SHA256 | 3b5e2d738926deaa9e3b736f74654a7cd48f5085ea735b4825b1489ab6736404 |
| SHA512 | cb26c6ae10f8d719b88fa1f1d68838c6e11ba6220eb0e2f563850bb68a046371de12d6d37fd4ba4e72fcc082c90eecb44b11775bc1aa27c60cdff97afb535567 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | cc3b7272480fd7d2331949f837aa7868 |
| SHA1 | ab06d13154145e202d961da1812ddd8b94c40673 |
| SHA256 | 169f4b50859fa6f432ba55689104e7969c684db0096a1c275506ae2023d66bcd |
| SHA512 | dfad7b13bde6b856bdfc697a7a77f72521ce0bd01fd369e939d0a2ecd9700801480f20e3f8101153da6ecd8a2d6c873806a8e9b7811ef25d2198deb0ef21f6c9 |
/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal
| MD5 | 38bfd0b5ce403f76787baf33a0d92565 |
| SHA1 | f3518dee1711faad81a4c57ca4841f021b401da2 |
| SHA256 | 1f72f75b9c1cf8bfe12f205a95c2e229419b8ca1adf96807cdf398abee1ac250 |
| SHA512 | 71e7295586f1a772ec225d8298fddeecdc194cb2dd4c7de17712829d5e57694871934fabe54195b9dc368a61c5fd9d0f1af1b9ae0d2d2c4e1ce376d2c40d947f |