Analysis Overview
SHA256
2a28e60ef34e510e1517bef6007104cee7110e7671ac147fc5cf1fe469f54cef
Threat Level: Likely malicious
The file burner-5-12-2-2474-3831418.xapk was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about running processes on the device
Acquires the wake lock
Queries information about active data network
Requests dangerous framework permissions
Queries the mobile country code (MCC)
Checks the presence of a debugger
Schedules tasks to execute at a specified time
Registers a broadcast receiver at runtime (usually for listening for system events)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 18:56
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read image files from external storage. | android.permission.READ_MEDIA_IMAGES | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Allows applications to use exact alarm APIs. | android.permission.SCHEDULE_EXACT_ALARM | N/A | N/A |
Analysis: behavioral22
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
122s
Max time network
126s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hdpi.jar
Network
Files
memory/2968-2-0x0000000002670000-0x00000000028E0000-memory.dmp
memory/2968-10-0x0000000000150000-0x0000000000151000-memory.dmp
memory/2968-11-0x0000000002670000-0x00000000028E0000-memory.dmp
Analysis: behavioral25
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hi.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
memory/2592-2-0x000001F480000000-0x000001F480270000-memory.dmp
memory/2592-11-0x000001F4FAB10000-0x000001F4FAB11000-memory.dmp
memory/2592-12-0x000001F480000000-0x000001F480270000-memory.dmp
Analysis: behavioral28
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20241023-en
Max time kernel
121s
Max time network
125s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.in.jar
Network
Files
memory/2912-2-0x0000000002690000-0x0000000002900000-memory.dmp
memory/2912-10-0x0000000000150000-0x0000000000151000-memory.dmp
memory/2912-11-0x0000000002690000-0x0000000002900000-memory.dmp
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
118s
Max time network
121s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.ar.jar
Network
Files
memory/2796-2-0x0000000002820000-0x0000000002A90000-memory.dmp
memory/2796-10-0x0000000000150000-0x0000000000151000-memory.dmp
memory/2796-11-0x0000000002820000-0x0000000002A90000-memory.dmp
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
121s
Max time network
125s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.armeabi_v7a.jar
Network
Files
memory/2868-2-0x0000000002720000-0x0000000002990000-memory.dmp
memory/2868-10-0x0000000000140000-0x0000000000141000-memory.dmp
memory/2868-11-0x0000000002720000-0x0000000002990000-memory.dmp
Analysis: behavioral10
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
118s
Max time network
124s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.de.jar
Network
Files
memory/2028-2-0x0000000002730000-0x00000000029A0000-memory.dmp
memory/2028-10-0x0000000000340000-0x0000000000341000-memory.dmp
memory/2028-11-0x0000000002730000-0x00000000029A0000-memory.dmp
Analysis: behavioral26
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
120s
Max time network
126s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hu.jar
Network
Files
memory/3044-2-0x0000000002800000-0x0000000002A70000-memory.dmp
memory/3044-10-0x0000000000240000-0x0000000000241000-memory.dmp
memory/3044-11-0x0000000002800000-0x0000000002A70000-memory.dmp
Analysis: behavioral31
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.it.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
Files
memory/4680-2-0x0000016A9C410000-0x0000016A9C680000-memory.dmp
memory/4680-11-0x0000016A9AB40000-0x0000016A9AB41000-memory.dmp
memory/4680-12-0x0000016A9C410000-0x0000016A9C680000-memory.dmp
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
android-x64-arm64-20240910-en
Max time kernel
4s
Max time network
158s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /system_ext/framework/androidx.window.sidecar.jar | N/A | N/A |
| N/A | /system_ext/framework/androidx.window.sidecar.jar | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Checks the presence of a debugger
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.adhoclabs.burner
Network
| Country | Destination | Domain | Proto |
| US | 216.239.38.223:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | android.apis.google.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.com | udp |
| GB | 172.217.16.227:443 | firebase-settings.crashlytics.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| US | 1.1.1.1:53 | api.lab.amplitude.com | udp |
| US | 151.101.194.132:443 | api.lab.amplitude.com | tcp |
| US | 151.101.66.132:443 | api.lab.amplitude.com | tcp |
| US | 1.1.1.1:53 | sdk.iad-03.braze.com | udp |
| US | 104.18.36.46:443 | sdk.iad-03.braze.com | tcp |
| US | 104.18.36.46:443 | sdk.iad-03.braze.com | tcp |
| US | 1.1.1.1:53 | app.adjust.com | udp |
| DE | 185.151.204.10:443 | app.adjust.com | tcp |
| US | 1.1.1.1:53 | api2.amplitude.com | udp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 52.35.123.92:443 | api2.amplitude.com | tcp |
| US | 1.1.1.1:53 | crashlyticsreports-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | firebaseremoteconfig.googleapis.com | udp |
| US | 151.101.194.132:443 | api.lab.amplitude.com | tcp |
| US | 151.101.66.132:443 | api.lab.amplitude.com | tcp |
| GB | 142.250.187.195:443 | crashlyticsreports-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | firebaselogging-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| GB | 142.250.200.33:443 | tcp | |
| US | 216.239.38.223:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| US | 216.239.38.223:443 | tcp | |
| GB | 142.250.179.234:443 | firebaselogging-pa.googleapis.com | tcp |
Files
/system_ext/framework/androidx.window.sidecar.jar
| MD5 | bdf3529e80318eb14e53a5bf3720c10d |
| SHA1 | 25c9ace4b1af6e80ebb2572345972c56505969ba |
| SHA256 | bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b |
| SHA512 | 48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b |
/data/data/com.adhoclabs.burner/files/PersistedInstallation939972334982170156tmp
| MD5 | 8c9ef67f06630ef22f40602ae7eb4e65 |
| SHA1 | de9304bd3a7dae131c591586876d39c232249536 |
| SHA256 | e6d8e495bf485d04f1cbde554cb5a4182901bcf1f3b9c5733c07c64398126f67 |
| SHA512 | 0eeda67cc58fa64b0dcfaaf2eb63f55404a502a03c2ca0451e9ebc3bbbf11e702ee72ecec2d4de0f4185733562ef35e31eb326af0e38a1440645f48d288bd6ee |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | 2c33c42d4c82a91789a8844834556d83 |
| SHA1 | 8fff452fcea26903d95f4f2a2f2f2a662698bf71 |
| SHA256 | f1123bcdbeaa45709767c90a841aa76e6932145b9176d863466ba04a4446754c |
| SHA512 | b01eb510f10017e818d26cb4d1fffc3eb3c05e473009e2d11111cd3c0392b6960a2fa1b7c763171c740c2f948ad39f38f7bc459dbd5876e41fd7db2220585788 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events
| MD5 | 1f9121c57be402e9ab4217c674816b83 |
| SHA1 | a08233f497262a5c81b49215005f147cf41ea49e |
| SHA256 | bc6005ac2a131800c3b7c8c59b4c56307dc60b40eb991513bc5df662a3ac9662 |
| SHA512 | fe8a79e84e6db3aa25d7cc004f93212c81d4402707ba21d5ab5d2dd4d569666ccb1fba642c0977064a7b9cff435fd964cc70852a2d41703960cb5e2c4cee5d32 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | 0cfac6d25832d097302d62e63f20d874 |
| SHA1 | f30b50a7647ea08ad14ff9ce8ed8c95be3a8c9f1 |
| SHA256 | 6e20bb7777a2ecd46537cce1df033c69adaf6a33574a171f9e7cc0fee3b26616 |
| SHA512 | 4b38fe3c1c39096c320eb22e300f9c28f2454be1841e6e921499891f8ad2d35bbdb2e4368329b9b1476f541b41dcde0b4a7cc4a7b61586ea851c8d44ce54dbc8 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/report
| MD5 | 33f7295c2511d2c1405649d66382e01e |
| SHA1 | e6149473b1a7a0915bdda7119ac0e9d6f5868b75 |
| SHA256 | daea6bb0f8e302cf0753e851284269b43c81bfd608431aada88dfdf577fdd1ff |
| SHA512 | d6b603d7960c56ca0a2ed5355671d99ec19274878b280acddac903e4f44b0e5b34fc77da8e8587ee140b2733022d81e888c103cab385097c18c1a5934a00f951 |
/data/data/com.adhoclabs.burner/files/frc_1:84028889562:android:013a80e68c4bb7cc2c48e3_firebase_defaults.json
| MD5 | c32f60b3963df3a7e7871d8d732f3f52 |
| SHA1 | 3d334cb484a0250c80a286f40fab8162f9cca7a2 |
| SHA256 | f0d13f294af6e0ecdc53d7d48fbcfa7c84b47badf0284338d3940733bde8cf02 |
| SHA512 | ad36bc4015a80ff0a7d235c83cca63233cb14bde6441ef4c17e14105a0df195ad6f2f8ea9ebccf342da238358444c18b4577c76a6eb8da6bc103e611b7ab68ec |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/user-data
| MD5 | 5ccdc309fb531b8dbd976f27be362d95 |
| SHA1 | 51fd9a8ca79ab68d11dff6a6582e7cbb7771c14a |
| SHA256 | 718bf1aa55b13315471e60d362327b973a71b0de31922d9f0f1e9b54f422dfb7 |
| SHA512 | a22ffa190c8fab023e88bb19e261d2cd1dc5b0c6a8cd8573e4b475ae006e843f523e79a5fb99a98cfecbdee774e92424564c4caa24e575caefb020d143eb34a1 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/userlog.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/userlog
| MD5 | f209059211a5346506d0b7e3ee44b09a |
| SHA1 | 64b795f7ef8b30e6ac8594a7635de78db4fe5086 |
| SHA256 | 8978252d93eaa7bd34b7e63c8533954c0450d0b804364b7b27ad76fde252341d |
| SHA512 | e3da6c04614e152cb6df766d6a177c9f692cf1dc118237f505bcd9b465dd02585e1d7e0507ac8b6017f1b5133079bb3866fa91afedc252c1d3a6aaa675a8ceeb |
/data/data/com.adhoclabs.burner/cache/appboy.imageloader.lru.cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | bef242aace55d2d8c862af19bb692b32 |
| SHA1 | c3491321b4acc876e01ca439e07b894f8a4a0910 |
| SHA256 | 8082cb30829521eb7194fc562f35bffb9b342145b5db0db0695b3da55ec6980d |
| SHA512 | 5e57a07a3b597933193219a09570217a1cb29c829e1bbfa6a6714372ef071c0e2aa6cf89d2e9bcde35d164f79514027d622b48b622182b5c4046c77fa8040c46 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/com.crashlytics.settings.json
| MD5 | abd0e97d42764359cb0fff8e96da6135 |
| SHA1 | 0ec0209e2529192f65a49fb6f206d3a750000dec |
| SHA256 | 9795cb21b93fd914b144737b1d22120a86af52902c889910a47633cf3ec3e140 |
| SHA512 | 9eed29eb651742e6fded47f7915a47ad2d444a3b9380de1f6fcf7ad1b24d73f3495f801e4a307e89dd0505d9a7a951f34548656796af0c21c5b58a0c3037d654 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/keys
| MD5 | c07eef142fcd79fb1c4b16d7dbc45baa |
| SHA1 | a598356f37bc78b6ae5a5539b3fe6ed10912496c |
| SHA256 | 19dd58a303291bd131b2bce7931f2be01b2d5d7a2bc9dc9afb919164536d928f |
| SHA512 | 862dec4135e431ce9ca71bbab209114685382812a67a166d70aa3e895c03b9f920047c1ff8ca5a1ae393201c21b6cd407ab6b54fca27214591b69e6d41641bae |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | bf5ac75e690e49e9ea25e3af8276b44c |
| SHA1 | 005631fd4d173fafed6ce8d897458da3b13487e2 |
| SHA256 | b9e4014446e663d69aa4c82c05a922f708ea7d3981fcd93c0ee96a73ae7b45cb |
| SHA512 | 82a59c4b44c061bc5fb6f1c14bf641532cd8d9a0759b0b43efaba33f74a380b065cc8a5dd41d3c0b965b0a9386edc0e7068da680d07549ed84ca4c4ea9e5826a |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-journal
| MD5 | 90b0cba84ee05b8285a7bb5cbc4eb485 |
| SHA1 | ffca12689cf3c024d8e5d6ecba177fa522846624 |
| SHA256 | df83dc240e96ec3215fc042f7a84e66c78133b964c932c60c23a8cc611aa3711 |
| SHA512 | ce66506999a038cc54d51fdc2f49115ba1af58a3272b814b48371f824e81e2ee1e36f8cf26d2f56204f487c136c668945542d782cd4f52f3e836efd281e87189 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db
| MD5 | 7e858c4054eb00fcddc653a04e5cd1c6 |
| SHA1 | 2e056bf31a8d78df136f02a62afeeca77f4faccf |
| SHA256 | 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad |
| SHA512 | d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | e49ba8954caa9cae23dd4f502d73e5f8 |
| SHA1 | 1aa0cabacbfab8716a3372e975709407cb1e430c |
| SHA256 | c7d2381696dc41d5d0f8498a765c6cac2d20185839aa8ca1b8cd07bea32e8725 |
| SHA512 | 6aa151b9367e24bad5c6525cf239af0708a0cd8330fc29fb9e1762d610478595ac84f9fed4b49ba82de39cae1815013346be5ea21dbfbe0f25b891ed6c102064 |
/data/data/com.adhoclabs.burner/files/PersistedInstallation2306937146593257841tmp
| MD5 | 317eea979a1e88f2393a71281d3591cf |
| SHA1 | 1f44211d17084122cb73e65423adcc62e4538842 |
| SHA256 | 8e3056a1c8e0ebb742ea30702a7de92a5ce7df42ae8346f2a80a168afbc36a80 |
| SHA512 | 3c65c703d6ade7d9e3ba0565757da433ed0dda124461992a6799147ac4f2d409c85a421ed38222db75701bbfaa5699c746f30d0fd1e3f6fb7b8770b9e7b86f3d |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | a65b9b3e4670dc3b48a9609f816ad531 |
| SHA1 | 682a73f2c248815fba0cb50c45031a53d6f8dbcf |
| SHA256 | a4aaa2a4e0cb12123b405a9d33bdd7edf8cbb41ea92e75deb1ba21bf1db5b2a6 |
| SHA512 | 6c06e6791dd41c1c8d8e0246e9bf7fed81dbdb5e918e7dd78cc2af1f002f8a532ec28335b229a0ec5c1ee220861092cb1a7c7f4060663394e420d80ed391179e |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 06bd63584cc699cbc92ade3aeab0ac42 |
| SHA1 | e21167e5419847271e7f67b3b286916b8124165d |
| SHA256 | 1e58e88b20702d0a80025c1fbacc9ad5fe2565311e2230d581d669fbd7e8b0ef |
| SHA512 | 675f177e388425023df5e19cda634ab1e7673681feabfa7bb860089105353166491d15b8c86b5408833230dc5b0ac43e2b5a61e1d36ea0b40d6ce7166bfc385e |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | fa8609fbb1dae41d77a9dde5b9a7becb |
| SHA1 | 992af407b00444cf2da2c4dd59dfa12cd2709fac |
| SHA256 | a69951c58cd677a925a1efabeba7163f1b5c55083b729d6e304c736eb8010146 |
| SHA512 | f43e297ffc70f1ce218eea3c4e977c01281aff2011255e035a00ba5391ac7a639537832e354902e794d25dffc9e931c752ab61fa2380a3348e59ff1ddd5e9725 |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | 3f0bc0f3e03bf23b27bcba9bbde2cbe7 |
| SHA1 | d322da9caaaa1f6bca5d9c8732a6e5eeb8f75fb7 |
| SHA256 | 5f7ecdf6190e58e08b6bf36f38373efae58ba99c9ecdd5ce920fd1d158a0f4d4 |
| SHA512 | e7c10f0fe9519962b22b463b38e63958cbcb095370be3b8e2293431175758c2a6f85b6590507bfe7bc3f64679cc51e5ffcf996795cdc9f6e9d3ee484f3ee9879 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 1fbccf7b936a9b713de5d42c6d8a075d |
| SHA1 | 7c8bbdf9151e7f53e2675329d471e552446e9ad3 |
| SHA256 | 232f9626cbee2e063e25f61a08f46575d019b62f02a6753c1325957a95e1c513 |
| SHA512 | b9177426b3facda6d86b5a83d05805a4dd2f5357d4979ca7282a13ce3f08ef7e7a0c5922675ada826bde264450b1b4ddcc54eea4de62249fd3eab1ec9acf32cf |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | ecb1143daafdb9d29ddb63b790b8bcea |
| SHA1 | 1504804e0b90ac25d1fff06140ed911317006ff9 |
| SHA256 | 4229359fd0feb4d353acc0f4caca2ef15315d47b57c1e015b778611207e01443 |
| SHA512 | 55827079b40eb09dc8ad03cb80770e922c40609fdab8b1ef2977f9a822ae1402a52360326c980bc8da73020bce275cbc5a3b46bffe8bec27a942f83c65db13b8 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 14770edbc1290230aebe82f8dcc730a0 |
| SHA1 | f86874de3ff45c2dd7c982f9ada6b5fc979f082f |
| SHA256 | 7495b9faf55ff02d0a2906ca3e3f4b356abd96e421815f9d07f893682da6eaf2 |
| SHA512 | c6be6c93262e0c42527722af20fdd3be2c9936eb601280c36492e0bb2151bb63f88bfb150690ae361c75d01a33647c2440bb49e290af38c5c5af5a707320e3de |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | bca5d6548c618fd19e2e98b0ed91f0e9 |
| SHA1 | 0e30a44d3481b906212f9786c8855673e7f016d7 |
| SHA256 | 360783902a052be88efd6a5896ec91aaccc95e9125717ea4dd367397ea15338f |
| SHA512 | db5e50b1ce61d183f1002e91cbd278027d7c1a3235f4ef6eb70dd058962c9feacb5e12fe4678d0e0348d83aaa67b2ff1f9a7bb2f7e032a7bf87422895527d7f1 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 50657ed5242bab8d3987c9b66b8d0317 |
| SHA1 | 3a31b0d557c90e0e9fbabc260822c96cac95cc51 |
| SHA256 | 24fd406df4b378cfb89f8bfa2080418a66c65b6c3ec0cda099f69d95d07b7365 |
| SHA512 | 8b87c8b0a846c0598c9fa30153c68ed865b93f8160e0f021dc83032c8aae3a53a9af4d4dbfcfe32e82687ec94893b0713d83d9f65f63907bb23406eac946b838 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 52473e40b85ccdfb5f66fc68ac203dfb |
| SHA1 | 6e1fdd6d83dd21ef59ca3e1eb8de0aa5d314f80a |
| SHA256 | c0c1934632fc54c790dccf94645b57cf607b8a1cf91cdef47dbef35cac94f06b |
| SHA512 | 4d5b2c89f816f2dec1b3d1143760ce188c8a09afbcae71a7e6b19f1ba68a4da31ff8e99f83a0ba1951de3cd928837a7d8f6c79bab8c0f2bf4f7e5ef15c06692f |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | a43c7a4fc83a5bca519c08f060bf7beb |
| SHA1 | 682b41451c5e80c4e5f5d1695b194892772e1829 |
| SHA256 | 71a831e8fbd820a0e5a87f082197fd0592a3537a3f9a3bb86db17c47d3f2ed66 |
| SHA512 | b30735feb7e91b4294b2cec6799f84ed8cb03b6021343675c3f93dded36b2dbbecf0a962eb7a5bf01543d7fa798c72113f52024168416539f9d64d42fc725967 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 88f61475190725d3a5f004214247ba9e |
| SHA1 | 9e5d080b5c31f9d1dbcc92cb6bba57edce3449e2 |
| SHA256 | 4cd89d31debcc2d2473722173a2d41998bc4c1da6b5e14d5b4f80543a82c4eda |
| SHA512 | 03af9c8cbd318f96e48b7aaec65c8450a6cf037b446a9ea8cc4a883645851931042556f6da95a57659e1b009ad73ca20f6c54f3b434680e2afc3e0a14b55b118 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 9a3269fad1998cdff35fe650873b8d9e |
| SHA1 | edd8fe27372784fc7a02d396917e13f6844b2d13 |
| SHA256 | 4a93d3c96514c3676f079182b6b77ae3be0387b5b80824e3fc5c557c5fc2885a |
| SHA512 | 82173b24d265cb9c8c8c6f64dba0e9813d095fd81c022f35fc94f038a350a9ad8c5c99f661e35c06840cab87e2553dcd6b1b15e7bf547fb951011e0d660dfa20 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/event0000000000
| MD5 | 03e12b515b45efe6a635c6cd55ea846b |
| SHA1 | 9691f977892274b578ce0baa985fa238e73d568b |
| SHA256 | 10dcc7a09f3ee3e37562798fb3e7346df3e83058ed11e1c3383bf7456f5960d5 |
| SHA512 | f8708d9a8b56fcf71e3bded9390406e84f5109ad03c9b1038f454c386105384808ca31f1f77f85e471f1f7191a456ce9aa95fb8e6d901e81e5816208d3918244 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | e308efab49bb93e5ff0191930bc0ef27 |
| SHA1 | f69cdb559b0c39ec3e26c5aa077f6f891ddc0b15 |
| SHA256 | c81f3735d402afc7bf9a406aebe6fd0c544d8318b54461656c533fac2a4ae906 |
| SHA512 | 53acc6a4218ed8a1e5696ba99066c72e27baa6ccc9b4a93e299cc0b7c0cd1432f5132a9a66f16048856060e778894e403f3248f463fb17e1e13d2b3baa743725 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 3b863bd6a48f5e5948fee3fbf0ea92e3 |
| SHA1 | c512eaa1a7c06fc856cb7fd38624bb95b8ed1ae2 |
| SHA256 | bdb4d6c3bdb4e66bec82957f3f90f85402f9ad7458109c42f3bf570945ec81b8 |
| SHA512 | 7801412374f539cd9e98e1a01e14284b5c944074a2ce21581e83b554458080a62ee008a071c2be246b4d773d4923869b81e028b8e93b3028572675f5d8b46944 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | d93c842c42720bea18d2d08aa50e242f |
| SHA1 | 343f3ce25d5e0e83d9c9c9ba368e38d016b874f6 |
| SHA256 | 3613ad0889f2585b1942f6575862ac7a80d9026e090ba57b5a171cac1431c326 |
| SHA512 | dde8869c4babff82d0d93755b8b7f1060b6d6798d859a56435136d3f64f63d69505436305b13bf936bc07fd292ec6b86a8d09c71e82d1a267a2f352b54074f49 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 3f4725117829ae1265eb8c8e89af6e43 |
| SHA1 | 1159385c0dec4ef4aef17001152dc69559c68674 |
| SHA256 | beb8b459936cc7e8d86463c96b358af85f00e9455b03c813ea9d3555373b700b |
| SHA512 | 554ba861a704b1133a9db68a035602fad90268cf8bcb570a18290f373a1d7acbaef8a0febc27c3c6d436f90d5e671391f76b198f9887480f8882efdf56639b8e |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | 16ec6a0ff829de356360399ad3aab120 |
| SHA1 | 6f76948714c26da02e56d4dbbd07a9e19d4a90db |
| SHA256 | f6bf9b937e8b1d7f25230670e8463c1d91582fdbf7185fabf54ae2a0b0e03df1 |
| SHA512 | bc1f20373e652c2e1f89dd9542121bdd29f6646e16af85c5e2c65ff2fc4a7951e2cefeeab70ee1399799597fff5acab8b24a8eeaee54f2a2de1b8f6a40d7442c |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | 7a79c1bb2b076b5151efea6dfaeb7a9d |
| SHA1 | d17c7f867de0f0544c78f7691b8b828e763ad63b |
| SHA256 | a55a6ad7df3cb295638d246e68e7a617baab7f363afe2392c9f08fcf87f2c56e |
| SHA512 | 2676c8a0ad7da9f221f249dada5689044ac42c65dfc3b86fb37a6d334d20f99737aa6879dea3260b880c52ef8b4c39242d75d4ac601e1c8c443ce3d0db8f721e |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | bcc8b762bb718c14d371255b29be63a6 |
| SHA1 | e5c6494a7830f6d8c8fa458c348c0eb6510bb3b1 |
| SHA256 | 8c34bb2b8437ce8ffc8aa94795e4f63c3cec5ac117ae52ad5ee4cbfe38a5ed9a |
| SHA512 | 911e5454ad742cd22f43f3f2318a5d319d786e15de3c145e77b8e257c0f44e34d307127aacf918a01aeb0b58e90600753ad865db7b78d22f9ce181cddfabd361 |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | 0905963b8fc7b079e785ef4c158a42cf |
| SHA1 | f39ab79ab3b9cab7ac42c550222dc29a22f37647 |
| SHA256 | 08ac2b161e4f2720644a4268b84b81c688d174de260e188f2192c719ff625e87 |
| SHA512 | d51725159812be3ab7462cd43d047c8667bc460328b64847f8e8595dea99a03f3a05bd0a50639de7709b210645be30543839b5c01170ef636692936ba77472a9 |
/data/data/com.adhoclabs.burner/app_amplitude-disk-queue/$default_instance-0.tmp
| MD5 | a51c6dba0057a84dc4bc0ea0c8e7eef5 |
| SHA1 | 944a3b788eab5ce91dc26e881ef076ce76c0dea5 |
| SHA256 | d439b6d5108a3e2ff7c13d09e833501f130d882441b8dcbd94ed8131159f347a |
| SHA512 | 9898aaee9b7bae1b5d5e87fbe72f537fb2d9a90ae74e664ed8beab0914b25f3081c4832d31305f7a11250e7eb097bd3be892bb7446715ffe251d8251258b0e63 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C2001C000112C5281C43177130/event0000000001_
| MD5 | 7fad117646d447cef4df299e2f242f77 |
| SHA1 | 8f08b302fa9d40ea87525e5d1ad2351fde223054 |
| SHA256 | 782953c13b6e9cc3c3a4a2d5cfe723ee75cea97dff9f885c361994c329aad481 |
| SHA512 | 229e21ceaf35319444fd2332cf5a80cbd2aa19d7fe59c5af20dab22998affa64a9eab8ddbc465370fa29497b1f6573e1d109f373974818e2c1458edf29f1c013 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_data.preferences_pb.tmp
| MD5 | 0b6844d6f7626fbe21a5a0ef9d5b34af |
| SHA1 | f5c3b68b7fc05cba21a11def80a783ab43030a8e |
| SHA256 | bb9487c7301bdf2e0804e06a3187c90c1d44c34aa0b2a62dbd739b15de61861b |
| SHA512 | 7f201c66e8eae63443a1588aec55ed6d8176a84a06d7b263c29c356694595f70e0cfc04855d99e11c1e6123d198c14fa88a39179520b223548c1ae37723e0240 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | af288ce5dd48466fc422575844ba57e5 |
| SHA1 | 1d3647c138451eb2a49e261609349f1227843953 |
| SHA256 | baa3e8f08bc42e521544f740273197ba8a7dd0722e20fd6ab34adf02fb3e52df |
| SHA512 | 4cedae4b04b7c28938b2f2e51225c14868aa76e691f8153db1fe4ae776f15561c56436a8ec98c3f4d063f8cc28d4fc20aab889a6c8b9f60e078b2b54e2737f80 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 5242524f9081024d9bbc41aed4d6a61e |
| SHA1 | b063a179436059b62cced9fb4b2db5f07fa4ba94 |
| SHA256 | cde64302fd9d26729309d947300dca2d8aac88e751500dcf6dd770a38d044ece |
| SHA512 | f8eee84a7092074ccab4fb3c74ddfe3b4419f9cf6d13912dc9c4372f69cb0a72090a72e83d1d86ef03f11a5f2e7b5e7436a7c2b7d18cf01f331e67027e4d4f3e |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/priority-reports/6734F6C2001C000112C5281C43177130
| MD5 | e02d9bc1e4fb698c0b790090234d8c24 |
| SHA1 | 9e8feac12ce2f8e3e9e46b23a09408ff9d64b849 |
| SHA256 | 959639c275cfb415aaef700d8e5b7c57b186628897424e16d031a297ffd9c6bd |
| SHA512 | 4429f6f5ce6ce115e11401923ceb0f7414ee1aa492ad0f89c0668c906a42a707ff1529f8ad7d37f1c92c55bd1acfc880d09d1eecf8bef5a2d920f3dffce61e27 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6C40313000212C5281C43177130/report
| MD5 | 0f540f8be65bba5e837612eeda767009 |
| SHA1 | cd20e9ecbed94b75b01a68d50afe26008b5f939a |
| SHA256 | ec66ee631011aa98a03b16b54baa82fafc684d96c6ede302e9884a6e00ae0d36 |
| SHA512 | 57fd1c2ba9ffee3bbd003f946639ba4c1311998bf535e01d4fdb3e60b599142430959840c61b7b541bc27318b1aae9b7f81bde5f49992f9d0a89a957bd9b3447 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | cc49dc83cb73411735530dc6f8cbc823 |
| SHA1 | 1150baac7512eaf3b3112c1f04be24b98461fe80 |
| SHA256 | db3266a4f7db2f8eadcbb64e64979d8fad84d0b638547afea5de64cde25d5f7c |
| SHA512 | 0d7b7e16409d22287f4666d04a7e5b590616bf91cdb09f618680b9826da1658e7b53d2983df042347ab0ec1c92ffb25ba10cd3aa915084635f7a153d6243185f |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 3433eeb2e0879d8b5b0f24c1860917e6 |
| SHA1 | 17df40cb4fc3a14c2977ec00c79677d5b7479673 |
| SHA256 | 15254f67c6c6fd1d3d14b236441eb236dc683743ec14ba6cba9c9ab53927d094 |
| SHA512 | baa5e0aab4193e9bb2fff42ade638abf435b94b483c2bd274a52faf4bfc8385143a959088d5405ebc86feb38d872f6bdc84962134ad99fc08a6655ef62c7c3c7 |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 65c6be5c3351dbfb2c8388f1b55d8a10 |
| SHA1 | 7b0ba7344b547ddb3229571d5285d6a1cd6ce59d |
| SHA256 | ec3e81f2d5beb5e9f786ba5c5fb7752baaaa580b8351df6d9ab5d0b546275005 |
| SHA512 | bae600187c1aa6c347f14254a7e55bd19be10ca781615733fc9cafecc40b253bbaa53a4c01ce3b3fef8e4270a959f5f1156008a9cbe64b47d02c10875a1670e5 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | b50d74e8f32ceaef8f5df44c028c26a4 |
| SHA1 | a6f56a82df521e2bf6611cb6c2e440e6102a8355 |
| SHA256 | 223aaa2b7d2dbf9af3ab97271e22cbbbbc51183ea99fbf63fccbbbf697f38fbe |
| SHA512 | 95937b467827a396148f255c0d8347c05887dbde132f337b8ad19ffd13c9f09266d35b33218a18538712a81e69afe0725afa8d888af4866557870f1765b39ecc |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 5a3e3bd2ed5548e7226904f7b1ebfa26 |
| SHA1 | ac29a4a73fc51a8840cb94a3f3eccfd074a9b6b7 |
| SHA256 | ad373751b134d06d7aa929627b70db0d05a26932ee2de52952927ff2eea0109c |
| SHA512 | a90044b1ff8533ebde1d82b7f3f5acbd5841418a5e0de4cab99a84eab6cfe6d8de46015753c1be3dedb939b17116c455e9a34f39e5f2b56110e2609d33b5a405 |
Analysis: behavioral17
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
89s
Max time network
145s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.et.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
Files
memory/4508-2-0x000001BE6E530000-0x000001BE6E7A0000-memory.dmp
memory/4508-11-0x000001BE6CC80000-0x000001BE6CC81000-memory.dmp
memory/4508-12-0x000001BE6E530000-0x000001BE6E7A0000-memory.dmp
Analysis: behavioral14
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
119s
Max time network
123s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.es.jar
Network
Files
memory/2844-2-0x0000000002630000-0x00000000028A0000-memory.dmp
memory/2844-10-0x0000000000340000-0x0000000000341000-memory.dmp
memory/2844-11-0x0000000002630000-0x00000000028A0000-memory.dmp
Analysis: behavioral16
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240729-en
Max time kernel
13s
Max time network
18s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.et.jar
Network
Files
memory/2236-2-0x00000000026A0000-0x0000000002910000-memory.dmp
memory/2236-10-0x0000000000140000-0x0000000000141000-memory.dmp
memory/2236-11-0x00000000026A0000-0x0000000002910000-memory.dmp
Analysis: behavioral12
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
119s
Max time network
123s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.en.jar
Network
Files
memory/2848-2-0x00000000028F0000-0x0000000002B60000-memory.dmp
memory/2848-10-0x0000000000140000-0x0000000000141000-memory.dmp
memory/2848-11-0x00000000028F0000-0x0000000002B60000-memory.dmp
Analysis: behavioral20
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240903-en
Max time kernel
121s
Max time network
124s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.fr.jar
Network
Files
memory/268-2-0x0000000002490000-0x0000000002700000-memory.dmp
memory/268-10-0x0000000000340000-0x0000000000341000-memory.dmp
memory/268-11-0x0000000002490000-0x0000000002700000-memory.dmp
Analysis: behavioral29
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
161s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.in.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
Files
memory/4516-2-0x0000029700000000-0x0000029700270000-memory.dmp
memory/4516-11-0x000002977C5A0000-0x000002977C5A1000-memory.dmp
memory/4516-12-0x0000029700000000-0x0000029700270000-memory.dmp
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20241010-en
Max time kernel
9s
Max time network
20s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.arm64_v8a.jar
Network
Files
memory/2772-2-0x00000000020E0000-0x0000000002350000-memory.dmp
memory/2772-10-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2772-11-0x00000000020E0000-0x0000000002350000-memory.dmp
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
91s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.armeabi_v7a.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
Files
memory/944-2-0x00000296F0FC0000-0x00000296F1230000-memory.dmp
memory/944-11-0x00000296EF6E0000-0x00000296EF6E1000-memory.dmp
memory/944-12-0x00000296F0FC0000-0x00000296F1230000-memory.dmp
Analysis: behavioral13
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
144s
Max time network
155s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.en.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
Files
memory/5056-2-0x0000027840770000-0x00000278409E0000-memory.dmp
memory/5056-11-0x000002783EF50000-0x000002783EF51000-memory.dmp
memory/5056-12-0x0000027840770000-0x00000278409E0000-memory.dmp
Analysis: behavioral15
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
155s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.es.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
Files
memory/1424-2-0x00000232DEEE0000-0x00000232DF150000-memory.dmp
memory/1424-11-0x00000232DEEC0000-0x00000232DEEC1000-memory.dmp
memory/1424-12-0x00000232DEEE0000-0x00000232DF150000-memory.dmp
Analysis: behavioral23
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
158s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hdpi.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.79.70.13.in-addr.arpa | udp |
Files
memory/1060-2-0x000002473EAF0000-0x000002473ED60000-memory.dmp
memory/1060-11-0x000002473D320000-0x000002473D321000-memory.dmp
memory/1060-12-0x000002473EAF0000-0x000002473ED60000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
android-x64-20240624-en
Max time kernel
12s
Max time network
154s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.adhoclabs.burner
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.com | udp |
| GB | 172.217.16.227:443 | firebase-settings.crashlytics.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| US | 1.1.1.1:53 | api.lab.amplitude.com | udp |
| US | 151.101.2.132:443 | api.lab.amplitude.com | tcp |
| US | 151.101.130.132:443 | api.lab.amplitude.com | tcp |
| US | 1.1.1.1:53 | sdk.iad-03.braze.com | udp |
| US | 104.18.36.46:443 | sdk.iad-03.braze.com | tcp |
| US | 104.18.36.46:443 | sdk.iad-03.braze.com | tcp |
| US | 1.1.1.1:53 | app.adjust.com | udp |
| DE | 185.151.204.10:443 | app.adjust.com | tcp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | crashlyticsreports-pa.googleapis.com | udp |
| GB | 216.58.204.67:443 | crashlyticsreports-pa.googleapis.com | tcp |
| US | 151.101.2.132:443 | api.lab.amplitude.com | tcp |
| US | 151.101.130.132:443 | api.lab.amplitude.com | tcp |
| US | 1.1.1.1:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 172.217.169.42:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.169.42:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| US | 1.1.1.1:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | firebaselogging-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | api2.amplitude.com | udp |
| US | 54.184.63.80:443 | api2.amplitude.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 142.250.178.10:443 | firebaselogging-pa.googleapis.com | tcp |
Files
/data/data/com.adhoclabs.burner/files/PersistedInstallation5597389007280340648tmp
| MD5 | 1109f266778098ea579419ce9a2c735b |
| SHA1 | 9fcfb7aa1e2678a1e428790ed544e2430d122135 |
| SHA256 | a257da7f137f75375256e3e0415c7608f14d6152398ec00565b47e676efbf2e8 |
| SHA512 | 3bd63b41a86173c7a484a2010935849294a3c0ab1bf359ed6f9961984b0ee2656771136072a4ebc0dc6265a7695cc24aa6ad0f7c272d9214f3e566cdbfb47fdc |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | cffce5d5bd31b6cb1e8c230fe67d90bf |
| SHA1 | e13d0bbe85a49c4ba85d97da37be50672ca0afb6 |
| SHA256 | ec02c9c70be5c2f94ed098b08f2268227ab181ad9ca5af924d57c6caa3b8246b |
| SHA512 | 09829a8d54914240446b55f122967a9d77648bdd709038a0cfbe29ac66d004a267b1a3d9abe4dcc4b9facfd50ae6bd86051dcc81aeb05e5df8a6e3894b61e19a |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events
| MD5 | b4f48fada9d20e3a66a59f34cef1b690 |
| SHA1 | a0ce598f742f30a02b71a905e6a56dd3a1840209 |
| SHA256 | de48c3d1fefa7d047e99956c11a110f3e479bd81aef341731bce82c5287babd2 |
| SHA512 | 1a7fbd55a1982623b77c48b4728302618d37fb471b59518a914930c2af3b0d9dc5adec25ce40b0349e8a2f1b4e0798515d2d429b1e604f03defabdc727279ba2 |
/data/data/com.adhoclabs.burner/files/frc_1:84028889562:android:013a80e68c4bb7cc2c48e3_firebase_defaults.json
| MD5 | c32f60b3963df3a7e7871d8d732f3f52 |
| SHA1 | 3d334cb484a0250c80a286f40fab8162f9cca7a2 |
| SHA256 | f0d13f294af6e0ecdc53d7d48fbcfa7c84b47badf0284338d3940733bde8cf02 |
| SHA512 | ad36bc4015a80ff0a7d235c83cca63233cb14bde6441ef4c17e14105a0df195ad6f2f8ea9ebccf342da238358444c18b4577c76a6eb8da6bc103e611b7ab68ec |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | 842846cdfb7cd89f45090f471ea83594 |
| SHA1 | f14d3dee9e4f0db10bca510335165f6afa251e30 |
| SHA256 | cad7b8d96beb27d97fb60081790ea3393ec53bf3f93f1cf57fef51b77cb5e42a |
| SHA512 | 44fa80b59daab3dcef387717ebdda0c8bc45bfc9e463794bec9feb139a7cb127286bcbc29822fe2502f0c15c96db6b424534b928e4e07b8cd14211897a82ea06 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/report
| MD5 | 92ccf621a7aa1ecb68b753b6476c6157 |
| SHA1 | 23f554f5553df02fd946ac254dd16db809b82407 |
| SHA256 | 790c8bb5df5c16817beb8daa6868626016eab5be8b2691d26f51f21d3f2da9c7 |
| SHA512 | 7e1163424e76087a7a04a6dbdef6e7bcc3d16112285231c319bbcf391cf83b1e165d343a9fede53f8d811fbdd6dfd6e6d507fbe0e1b7bed4a83039450cc6c584 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | c593fefc6df9c6534482d9bc975e21da |
| SHA1 | 65f5bd6fefb6d0f02617096f583aebdf6b2db43c |
| SHA256 | 9ed5ffd41cd0185ac1cf4f91123c047adb325b0f64b00752e62af641d2ca661c |
| SHA512 | 7dad5104bdea8d0f87ecebc5154ae0dfbca85da48e1d387b606fd0baba7ac4d0880f04eaafa5a71da610ed8f3df976fa95eeff5fe8adcded96d4198d6d08b4ff |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/userlog.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/com.adhoclabs.burner/cache/appboy.imageloader.lru.cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/userlog
| MD5 | 8a4520cfafafb620d90c961747137491 |
| SHA1 | 652fc59478a6d17d54388e5e670c739704c5e59a |
| SHA256 | d5343ed4414f206285f483c22fac120970824efe1c0e7d11b3736003d6d5f2d7 |
| SHA512 | c2416b6256c9ba26c8fc3325bad732b8c100824e80de9b97e3fad27fba06281482b47537badddb612923bdf2968d1dee4b6abf3110fb71582a8fb9dec4ce5442 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/user-data
| MD5 | 5ccdc309fb531b8dbd976f27be362d95 |
| SHA1 | 51fd9a8ca79ab68d11dff6a6582e7cbb7771c14a |
| SHA256 | 718bf1aa55b13315471e60d362327b973a71b0de31922d9f0f1e9b54f422dfb7 |
| SHA512 | a22ffa190c8fab023e88bb19e261d2cd1dc5b0c6a8cd8573e4b475ae006e843f523e79a5fb99a98cfecbdee774e92424564c4caa24e575caefb020d143eb34a1 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/com.crashlytics.settings.json
| MD5 | 0c6083c2edd9459ec1eed23a7debdc87 |
| SHA1 | 161bbfd2e17714c47345221043b06621306b54ad |
| SHA256 | 9361886c848c6d01c7bf92b5cd660e59526a6ba1cacfcc6bcb40d03287ede92d |
| SHA512 | aaf0a827caf552ad0d04e296d08c27e51953182cfc4e9da3152a29be9872944d9fd063fc6ebe21fe0114127fcd79288459d7d83418a487737ffb332aaf72464f |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/keys
| MD5 | c07eef142fcd79fb1c4b16d7dbc45baa |
| SHA1 | a598356f37bc78b6ae5a5539b3fe6ed10912496c |
| SHA256 | 19dd58a303291bd131b2bce7931f2be01b2d5d7a2bc9dc9afb919164536d928f |
| SHA512 | 862dec4135e431ce9ca71bbab209114685382812a67a166d70aa3e895c03b9f920047c1ff8ca5a1ae393201c21b6cd407ab6b54fca27214591b69e6d41641bae |
/data/data/com.adhoclabs.burner/files/PersistedInstallation4873268412225664050tmp
| MD5 | 7d2324828db873d9e62a1835554c91f6 |
| SHA1 | 27cff9d652568ef3e469b630d5b7acff4e78763b |
| SHA256 | ec0908de1882a2e603249a518efe3014d75f5a751021565179bd4af47688296c |
| SHA512 | 4d784e9ebfe96771355959a515737c717c0db6c07c5886895d6223394cd98dea59fad9b06785f38940552e78be966f239ffd4f223d10733fb53c75318e38e303 |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | 48db185698b683e73615171de35fb14e |
| SHA1 | 15d4620ab3f6a34496e156225c21303571267c25 |
| SHA256 | 2052f86f8fd3a64da1a646add8481d77630cc5055cdc6196ceb75c09b6b84fae |
| SHA512 | 52d7487abf96c40b21d513d9c9eb600b991f6c9bf027fd9be3287d4756107d000a45861950edb9e7846c0dc1b49c9d2c4bb7aabd80f120fcd4513b1ba32569b9 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-journal
| MD5 | f51a542f88a083ae0d6e7c43d8588749 |
| SHA1 | 1ab95763c66e26906a942d8fbc28d9215a5c2669 |
| SHA256 | 5d9e4e855eda6c356232192a2023c618d565d3c16d9484281c5394c66f0adc71 |
| SHA512 | 02b31dafda305754c1f58f4ca2e151a8bdca816694f988ef58da35cf72e6dc89ba40053726017fb12fc69aa183f9ec72f08d11265cd05beb87de7525a0f6c7b6 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | 18f8c01c66bea8bd0e8598369acf5ab3 |
| SHA1 | 131d51b63790a8ae223bc93cc5e5dec4079817d9 |
| SHA256 | 2b44db87bd87c848a5cf82e7389ac729df0c56a4b9d504ef829e1b25cae01012 |
| SHA512 | e1942ac98ca6a8d1cc257dac8f5bc804b3a05cfff90d96864864dab47535c8498df9b8d43fb538bb26c6a6be470d39bf187f0ab2f888afbd3e61b879ab6da3e1 |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | 2a3584e8caa253e06e401c871ec04846 |
| SHA1 | d0300f5cf41b3e373d866aca3c47518ede68784f |
| SHA256 | 71d570876e6d66ededce4d182892d562a8112c16e1ca94ee680ff213ef7c2e19 |
| SHA512 | d89b4aa494d9fc661bca2add530a0f4c82f23f290a19fbd4d86033828014e6c959b18a9e3452a78fc6ddb23bfbd491f1bd2150da2948e9c5b498a8e110cdaf22 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | a7028894aeda4125acb5a1721f9311c3 |
| SHA1 | 9495e62a7543b2ec84e6268eb89ed585a94cdf20 |
| SHA256 | d7d50be8927221217720b96b8c08cf52c4a7fb65980db6238da1c4eba16b9d01 |
| SHA512 | 760535f1cb2fd8a37c75ad9404fa3cdd4013fa5fc2f0b3df7d5aa11a6b77a5829cd8cfb1da1b4c3822d8813276f87a41428941db3d3868e9f253144d08e83661 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | a65b9b3e4670dc3b48a9609f816ad531 |
| SHA1 | 682a73f2c248815fba0cb50c45031a53d6f8dbcf |
| SHA256 | a4aaa2a4e0cb12123b405a9d33bdd7edf8cbb41ea92e75deb1ba21bf1db5b2a6 |
| SHA512 | 6c06e6791dd41c1c8d8e0246e9bf7fed81dbdb5e918e7dd78cc2af1f002f8a532ec28335b229a0ec5c1ee220861092cb1a7c7f4060663394e420d80ed391179e |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 06bd63584cc699cbc92ade3aeab0ac42 |
| SHA1 | e21167e5419847271e7f67b3b286916b8124165d |
| SHA256 | 1e58e88b20702d0a80025c1fbacc9ad5fe2565311e2230d581d669fbd7e8b0ef |
| SHA512 | 675f177e388425023df5e19cda634ab1e7673681feabfa7bb860089105353166491d15b8c86b5408833230dc5b0ac43e2b5a61e1d36ea0b40d6ce7166bfc385e |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 1fbccf7b936a9b713de5d42c6d8a075d |
| SHA1 | 7c8bbdf9151e7f53e2675329d471e552446e9ad3 |
| SHA256 | 232f9626cbee2e063e25f61a08f46575d019b62f02a6753c1325957a95e1c513 |
| SHA512 | b9177426b3facda6d86b5a83d05805a4dd2f5357d4979ca7282a13ce3f08ef7e7a0c5922675ada826bde264450b1b4ddcc54eea4de62249fd3eab1ec9acf32cf |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 14770edbc1290230aebe82f8dcc730a0 |
| SHA1 | f86874de3ff45c2dd7c982f9ada6b5fc979f082f |
| SHA256 | 7495b9faf55ff02d0a2906ca3e3f4b356abd96e421815f9d07f893682da6eaf2 |
| SHA512 | c6be6c93262e0c42527722af20fdd3be2c9936eb601280c36492e0bb2151bb63f88bfb150690ae361c75d01a33647c2440bb49e290af38c5c5af5a707320e3de |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 660411067b30d8c0f3aca49648aaff97 |
| SHA1 | 050ad891266860c8052961eca528c3b82c170260 |
| SHA256 | 32fc56642f5c9c36058757bdeaa3b71a15d0ec81f5eda421eb3cdfaacd41cade |
| SHA512 | 63114a292ffb2f497f2ba33d3e72bf88f6a05dc80c68de549e5e88f101076f164aee3ebedf0586836da0494e55811c1633e1dc48c5e6436b0865c40f422f3134 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | c0dfa20df3c71fd743701adc50c9e316 |
| SHA1 | cc25326aa22ab66f32aaf826bf868d5a79b7e31a |
| SHA256 | c08edc3d6a12a33db5e8ad6697e6338ec72d7941145c3d5d6cbd71c52cac721e |
| SHA512 | c2cbd01698c43bcc0c70ec6dfb41ad13cfb1f08775721cccd6ef55e5f1981a3c96089f6545e9f172323de444e4ce8400af77049d53e410475ead492cf15298f1 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | c4b9b739d052fd529fa1159f3b8bd967 |
| SHA1 | ed0723a1a76e954096d862136f68d97c28cbddeb |
| SHA256 | 82d9530c12929e1d48930b30b6c769da6e4ffbe53da77c3fece257845943c966 |
| SHA512 | 4733944db1717d77656012af80c3919eb9edd055373a45644da7e127be28780866ff73df022a17390b23a654ce31988ff412c99430349c8c3bfb9a75980cb792 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 05bcd68dbfcf2aa0fb5c58edcc3c5d0a |
| SHA1 | 7b79a374d0e1347b1076a41b51e2fa35d40653e7 |
| SHA256 | 545c978242f66bc561a7816e71de3136c018d3fb756a79e9ca772688f099d8f5 |
| SHA512 | a2d9a9782e64726a6cfbcf1afe265e20fcf542bec0de6df416ba924e3e0b2d743260c56c2beb1eade4a4fdb5c301ebb40d0b58d386d6d9d67332cac749389676 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 8dda838bae49e5313f7da92fa9442993 |
| SHA1 | af057933bcfb80a4f05e9f89df6b0a3becc3618a |
| SHA256 | b6f71a2d941f173d820d762076f0a6a866287a56e6d6c57d70835316b0a945a6 |
| SHA512 | a154a24da63aa5e19365b902f80f20e2856ee3e92ba5a413f2d968b30b4accf704343390a77b896a360856624fa858ea7028c794f7badfce0e31a4696e0cd780 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | c0dbee053f1a7e5163ec2639d4964a89 |
| SHA1 | a3571c0e78666cbb9f8318c347550aa6281889ef |
| SHA256 | 7ae70f220a54eae4580773984294a35c06042e5e57872cddeffe1bc48a47bab6 |
| SHA512 | c54e5cec9a426515a87bade8ce65029e3026857b28ef3e0355efe9cd85256775209d4291bb60f071f4dd8a1a0003af4380bda45c40ac5ac259acde6c67aacdf8 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | b8fe604ff756b3507d6cc0ea09d99663 |
| SHA1 | 2f7a761f00186fc48cf845028950064a03029572 |
| SHA256 | 8ff2ea482bcc70184f9a2393bd08a844d9217719f2344e51962a4b0430229bfe |
| SHA512 | e529a6669fc16b58ebe7e03a4999c55a4918331c2361c1ee26b816f7ba20c9fb902e42be38eb18141d291034951255e8640b834ff94d00b885ccb62060ff4c44 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 4d8f4ca4c9df16bf6ceb8c703433bb27 |
| SHA1 | 92ce745381280bcba776bad5e3fea8f69ce2c7cb |
| SHA256 | 72aae01f3ebef122870b341dea85cdc608fc61313e7cbe695e61a1346d55a2ee |
| SHA512 | 67b2bad759c0b45bb7e04df71a6c12c5f4e915f906016b635bb089664dc735354c5b1ef56d51fc3658542fb130a003aeaacfbeb046687a3a439834974f139b4b |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 633051c6e2869b1bd7d8c5a5dfcd7f0d |
| SHA1 | 35111344b72df7f3e8f2c566d3d05c14589abe16 |
| SHA256 | ad79a88b6c92137a0c9142c174f726c686d98c8d86b9a71bca2798d0bc3fe5fe |
| SHA512 | c237dacf4078293eadd9b47172aa540f9386d770993dc646c6d840c929675c46eb7dabfb9063dfd92a5720af4330eb36210ee4d465baab4bbff1bfec37e5f93d |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | d5184d81a317bd121d6e786c9d6bd941 |
| SHA1 | 4fce4871ebeb2f905ee6bfc527a5811982904899 |
| SHA256 | 3ed02b0d21784460bf9b60c9d158a7691706bebd6d9dc402a4009a68d524b8a8 |
| SHA512 | 65daf380aeef07f1f5e941010a0d9d448627432472ae1df1c84901ea89f77c671c3115e97c299d2bd55e83b269ff769c5c86cc59a94b4b182d8971508c3270e4 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/event0000000000
| MD5 | 21e7e2d89bb8f540b6fc9f0eac3afa19 |
| SHA1 | cbfc3648100a88be05cdbaeaa3718373786ed397 |
| SHA256 | a0395978ef94f3044132f39e5e30a69775d5a0fdad01fc07b293292297b9cbe0 |
| SHA512 | 63c2d795bcbf043e81a5047ccfbca2d253c8301c7f8d7433b5dcc907b01fdbab8c54c3363e550fdad75c8380dedef0ea97af475efe51e8f231023292e180bad9 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 184b40d2f4adb8a5af707fa5be98fc78 |
| SHA1 | 3287730683a10297082090c82b310d0fa8e6a80d |
| SHA256 | 0c9d39ac076d40b3fbc4a01a54b0f47c4059f927b9b472e18e68506d3f8c5a83 |
| SHA512 | 64d707d2239d1d27114038739691aaf5c6c082292015f636e22edc4f1b56cc9880a4a00e55b73a2a67d7433b40a1c90670d379f41b4a55116a7be57a72bc2b6c |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | e99e2f75daf364189c3128e53030f854 |
| SHA1 | 48c94f85e10f0681cc3837b3cbffc1409b30fa5d |
| SHA256 | bcecd93e7ab22e4315127743fc5e7bc53da3e1d5b7e34c7b3e9002cadd293313 |
| SHA512 | b6b71e56fc7a6ac56ce5881e523e4634f4b29f862b0a0cce7b005e69d2a32f51ace33a4193eae0ff5cbd976ebf20a6f701759a231e7aa8384853acfd4d1dbc0c |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 23c78a365ed34489d6c35427342beab0 |
| SHA1 | 41bc953e55765957e6526b17734a4e7bb8ab9218 |
| SHA256 | 723238248389f60447db2441d65da24825e339f691f7725024a5eba00a4f60d4 |
| SHA512 | d00b63dc7a2266dd36010be9e867b6f377b898148b249b8a5d1cce5501734ef5e41dfcab55d4381de6fa3c412b2a5c287873508e056a14c81e82481963a2e1e2 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_data.preferences_pb.tmp
| MD5 | 6fa59e6d8d1794e79cdbbb49ec893411 |
| SHA1 | ea760dc2df6199da49d08beaa6678e5732737c1a |
| SHA256 | 3df9fd071a5c5212a0620fd39e9a219cac976a505b80e26f699fcdb6bfaa44a9 |
| SHA512 | 37ab0c14f65d07d8b3fe51a71b247662420e0950cf50c710b7ff2ceaf6fcc427689e9a7e8e0044876e1f9179e59f9399e7aa31ce9bb7c5080cd34f79aa97952d |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | 6c7678b5140f31d73d910fab22d07e47 |
| SHA1 | fdf578296d494d2c75850a1a9430a65ab10d71f6 |
| SHA256 | 8129fe56538ff85c388145505331f4dd314845f6085c12623f311f485c9b53e8 |
| SHA512 | af599cac4c3922f8f4ce644b03ef2ea05a6adc064cc23181f10b74954fe9840db821f6183454684e7d321d21644fca4a28b2e43de92f1ff570d3ae5f71211007 |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | b800b9bfcfabd8828b35381f58e414b6 |
| SHA1 | 41ffb1e1cf8de5b8d931edc887a9b04c9d7c841a |
| SHA256 | cea0d0b408b23b27595db13b7a558eebab690f15e54618808d6a153e3cc042f4 |
| SHA512 | 5b50608c520aac6ce59ac7591217f039d8770425801af636995a1146d7bdb26ffb1ad0ddf575aa8ffa537483bd6f715fc324378f0396f0ca4a448a512ef22ece |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | be64d3bfcbfcecc6e21475587af889aa |
| SHA1 | 00f46b204fa650bcf9b0063b078d3f6699b34007 |
| SHA256 | c16ea4957e0d5688df546110c6ee12a2856855f23caec68edd695417207ff652 |
| SHA512 | 37ee6d9bbe7b2938b2455eca43819cfff6dd89cf46474f5d1c91df387ad1722c0daf6a74d2c71b100378de79756d0991e33d5fb581e8ea89fa2d618102947dc5 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 011ce25085106331e1309cfd7f57eb48 |
| SHA1 | de01adfb1ced52b8ae560a8ff6ada6297224a7f3 |
| SHA256 | 0763ea04f21072fb2efa8b79b573c7535722a2277e8102f29d958459954afeed |
| SHA512 | 28bc91484d53594f2df68eceb2bd4872d5399bdc345fdd154bd7b785bbb048c6c3279d26acd343cc736db8c5f8a2c5844bf01a4e59585f2535b1e17a679de04e |
/data/data/com.adhoclabs.burner/app_amplitude-disk-queue/$default_instance-0.tmp
| MD5 | 343ac62c552189655371a59e7e6cf95d |
| SHA1 | 3ba7aac6f6d0e0aac0aa2219aa07c422da5fa05c |
| SHA256 | ef57ac430b18df4e952eef4590307a9cc4d746985bc055825be259509b043cb7 |
| SHA512 | 06c8a9447b2a4876dc13086d866d9b751c8328559558d9b5aa3d9ee8f731ea7ae8670a4a4c2057b5fd0907ff14cf12ed45c37380f784d251e97afe8a725fb605 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD037A000113A933AB1C931D4D/event0000000001_
| MD5 | 44c77b330aa64399ad3890f6c2d51808 |
| SHA1 | 442a7a4c7bf41a9a73a95778a104f957dbccaeb4 |
| SHA256 | 213c2f83f87dc18b4c5c41886cc32579cdf192c4479795cbe728c20eba95e880 |
| SHA512 | e37669fd0350e928bc158ea7cba7c987d6e144b1b8c460cd039191036e907836114660149c299bf7efe47afa8c5eb04cdbfa5849e64b8253a7c47734d9bb8298 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | d09e7e1fe40c46624829a73c9836aa90 |
| SHA1 | e95b97fc38855254756941fe3eb2ca6c2ff5bd0e |
| SHA256 | 3b8a0bad9c1892735c4ceb1513ccb351765c5628cbbdebee01577062e99f3ba4 |
| SHA512 | ebef98eade4aca0487a177bc3f77334228f465c0f4e32654f4dfd5ba0358e9aab7287c9a4be61c350ee626fa1f8676d4bba0c5f6577f80a112263d8142c53e08 |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/priority-reports/6734F6CD037A000113A933AB1C931D4D
| MD5 | eff67374dd3cb8d66e92bedae049bd0f |
| SHA1 | 7ef9bcb2b9585522556cde95d08d77ef3d39bc59 |
| SHA256 | ab6be93374f02b24d6d4740ab4666d8855eaba357d4771acc241d985513da6c5 |
| SHA512 | 8f04164823ee32ed7494bc2f275464899bd4dea4190cc9e7d8bbe10f3eaa6e3b5231fbc435ceeeb3288283b6147669850a299c4d4fb398e532c733ae0c18328d |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | f36b94c334a1429e6476269f362c0319 |
| SHA1 | baf4eba82ffcf4d998b7c8c7cec483092cf277c4 |
| SHA256 | 55110ebf91cf3ac68203bea84506b51644ee4cf99ce86ba93a8de903146adf5d |
| SHA512 | 1b81d597a41706806a29d5e66da3d3068aeab9b073d73fdf31b9625c6f168a7ff88e5e420d7da6f78b48a28081d910ae0be64fe3eaae9035fa84e90ea9cf8f59 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 25f79df39ec16a8ab3c2d2613730b50f |
| SHA1 | df32ddc54bad5f536ed498edd7b6c88ed5574d19 |
| SHA256 | d2c2606749931362c0c4271902a10c2547ae8aa33644252ba729c0bc4a2d13fd |
| SHA512 | 23f43520d4664c3855e8ffe8efdddfb1a3acfd4fd87b9fb866cbd3ee6c7c9157a6e924074a42a9838591aed5834a0339c9dce321001f04f44ebbd500b75e6e36 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6D503B4000213A933AB1C931D4D/report
| MD5 | 9559528ff25e17277674b3f87612df85 |
| SHA1 | 2148ff46cef973082cdda173b6f46d344d12bd97 |
| SHA256 | d6b44911ec33b4b1508b9242101d0538cad213f2d3f4212ce18b279b1216350a |
| SHA512 | 57b1635b4718421f7af5b4104a7c218a523d0c8199687f59c061cc79199ad10efb9e67a2a3da30f3bdd4cab0740938595c305733c9c4d2f79493a7435c7fc405 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | 9ff6ed99d18eed15e0699d096ca875f8 |
| SHA1 | 4f322d65eb712a801a2046c5617dcb8cf8fd4d3a |
| SHA256 | 13e59a636fa7410c102e62be69a805499424eec92665e4833420575e483605e4 |
| SHA512 | a424e53484415ef9d064e25c61f54d2b9d2c8ef93ab5e3f64e54bef89e0cae910c1b903e25028211f495ba0eaee64c96fffa8b8a2fdae9dfe3948c81ff8645fe |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 704dbc669eb19b4723d277ac5ab19c6c |
| SHA1 | 2e36a5840d07df8aaa5c8bef0268b60e31d93221 |
| SHA256 | 1f6a5e635d00a3af41beeefd73c44f853bd7117dceedd40977d5ee36a3408bd7 |
| SHA512 | c1f156fdec525d45219dcfec185d600c7b539f3626e6c0a430f42dfea4d7e844869722a63bf30e36bad88eea46ec0ea32db471c52cef3a703ac5794fa818837e |
Analysis: behavioral11
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
91s
Max time network
159s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.de.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
Files
memory/4580-2-0x00000232D46C0000-0x00000232D4930000-memory.dmp
memory/4580-11-0x00000232D2EB0000-0x00000232D2EB1000-memory.dmp
memory/4580-12-0x00000232D46C0000-0x00000232D4930000-memory.dmp
Analysis: behavioral27
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
145s
Max time network
155s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hu.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.112.168.52.in-addr.arpa | udp |
Files
memory/1976-2-0x000001D061F10000-0x000001D062180000-memory.dmp
memory/1976-11-0x000001D0606C0000-0x000001D0606C1000-memory.dmp
memory/1976-12-0x000001D061F10000-0x000001D062180000-memory.dmp
Analysis: behavioral32
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20240708-en
Max time kernel
117s
Max time network
123s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.ja.jar
Network
Files
memory/2168-2-0x0000000002870000-0x0000000002AE0000-memory.dmp
memory/2168-11-0x0000000002870000-0x0000000002AE0000-memory.dmp
memory/2168-10-0x0000000000240000-0x0000000000241000-memory.dmp
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
90s
Max time network
156s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.ar.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
Files
memory/1992-2-0x0000020100000000-0x0000020100270000-memory.dmp
memory/1992-11-0x000002017D900000-0x000002017D901000-memory.dmp
memory/1992-12-0x0000020100000000-0x0000020100270000-memory.dmp
Analysis: behavioral18
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20241010-en
Max time kernel
122s
Max time network
136s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.fi.jar
Network
Files
memory/768-2-0x00000000021F0000-0x0000000002460000-memory.dmp
memory/768-10-0x0000000000120000-0x0000000000121000-memory.dmp
memory/768-11-0x00000000021F0000-0x0000000002460000-memory.dmp
Analysis: behavioral19
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
132s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.fi.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.79.70.13.in-addr.arpa | udp |
Files
memory/1912-2-0x000001B380000000-0x000001B380270000-memory.dmp
memory/1912-11-0x000001B3F6BB0000-0x000001B3F6BB1000-memory.dmp
memory/1912-12-0x000001B380000000-0x000001B380270000-memory.dmp
Analysis: behavioral21
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
92s
Max time network
144s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.fr.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
memory/3688-2-0x0000020E69F50000-0x0000020E6A1C0000-memory.dmp
memory/3688-11-0x0000020E69F30000-0x0000020E69F31000-memory.dmp
memory/3688-12-0x0000020E69F50000-0x0000020E6A1C0000-memory.dmp
Analysis: behavioral24
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20241010-en
Max time kernel
118s
Max time network
122s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.hi.jar
Network
Files
memory/2052-2-0x0000000002510000-0x0000000002780000-memory.dmp
memory/2052-10-0x0000000002160000-0x0000000002161000-memory.dmp
memory/2052-11-0x0000000002510000-0x0000000002780000-memory.dmp
Analysis: behavioral30
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win7-20241010-en
Max time kernel
121s
Max time network
134s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.it.jar
Network
Files
memory/1116-2-0x0000000002190000-0x0000000002400000-memory.dmp
memory/1116-10-0x0000000001B60000-0x0000000001B61000-memory.dmp
memory/1116-11-0x0000000002190000-0x0000000002400000-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 18:58
Platform
android-x86-arm-20240624-en
Max time kernel
13s
Max time network
43s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
com.adhoclabs.burner
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.com | udp |
| GB | 142.250.200.3:443 | firebase-settings.crashlytics.com | tcp |
| US | 1.1.1.1:53 | api.lab.amplitude.com | udp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| US | 151.101.66.132:443 | flag.lab.amplitude.com | tcp |
| US | 151.101.194.132:443 | flag.lab.amplitude.com | tcp |
| US | 1.1.1.1:53 | app.adjust.com | udp |
| DE | 185.151.204.14:443 | app.adjust.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | crashlyticsreports-pa.googleapis.com | udp |
| GB | 142.250.187.227:443 | crashlyticsreports-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| US | 1.1.1.1:53 | flag.lab.amplitude.com | udp |
| US | 151.101.66.132:443 | flag.lab.amplitude.com | tcp |
| US | 151.101.66.132:443 | flag.lab.amplitude.com | tcp |
Files
/data/data/com.adhoclabs.burner/files/PersistedInstallation6379013912369316892tmp
| MD5 | a804b0d779d68c7d1a01dc013a2c42cb |
| SHA1 | 570ab880d1733b0d4a2dca853199408ee52a6d60 |
| SHA256 | aacdbd11c5be152f133d8053bce23deffe7bc87e9c41cfe9f87ba3e619f01861 |
| SHA512 | 6ee6902b002d8ab9cd3e303870ecfcfd873b0226e1c3f53e05bbf0c287d62fa51077de673ce7973b7cba1fa42fb7e365748519df6a6444edafe69e3f47678605 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-journal
| MD5 | 0494a4c698ecc290e5163a3a5281bf81 |
| SHA1 | d94aec7593fd7a016cdb733303263b79bbb5bc08 |
| SHA256 | bbdf4271b52406184e658d625fff8b3fca7c36a1ee07f35c29a72cb7767e0af7 |
| SHA512 | 2d2b3c5cd7333a020fc85db9d012e4a400751b3ee77f935721350b2596afd47bd4118083c46fad76d8dc74abe09b15f2a530331aea12ed5bdd984fde755d9368 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.adhoclabs.burner/databases/com.google.android.datatransport.events-wal
| MD5 | d9dffa683d232212cb133fbcd61fdbd1 |
| SHA1 | 7f19b6f2e405c612f48be96de5c849ff3e4c8598 |
| SHA256 | 37cb90418c39764fb63c97dae865b26e58adc315f91451e2cf05215176c67a9d |
| SHA512 | 42f455438b12f3343b78030df99d4ad7eebd639be1a19c20bdacbed0570d5a94798c544f0879038af35e12559ee214eac6339cffd7d6ea466c8eb4a9b85e082c |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/report
| MD5 | 896c86b5826967b1eb282a470f9af8cf |
| SHA1 | d0a5f8257def3776efb7c2433b0bc07ff87f9be8 |
| SHA256 | fa805d5741fd9d56113ade6f85a01f67b73cd39afa2a575a63e4512818ad91f7 |
| SHA512 | f739e181d076d7e48350ed3adc16bd3bc44c7ecf628f00ad88eafa548dfe57e29cb9f329b1bc3ee454af892e985b826a4925c4fc5b8bcc0185970b6d28de5bd1 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/com.crashlytics.settings.json
| MD5 | 1d5c652c53fe8152e40ce521818c42b6 |
| SHA1 | 3b9b62dd1313e71e4f2b6183207517c2820f4f34 |
| SHA256 | f6ede4c8ce358e179d290f6fcb700e60820a123ae52f70aa1f6d16965e531cf6 |
| SHA512 | 8c16e1f8783d994a5184f76a5f8b22b498ebb161c87ca96d10fed70336146f1fd7bb848ea7500ab043ee473c7d669e61fb6d61260bca4398f33eebc550cb0074 |
/data/data/com.adhoclabs.burner/files/frc_1:84028889562:android:013a80e68c4bb7cc2c48e3_firebase_defaults.json
| MD5 | c32f60b3963df3a7e7871d8d732f3f52 |
| SHA1 | 3d334cb484a0250c80a286f40fab8162f9cca7a2 |
| SHA256 | f0d13f294af6e0ecdc53d7d48fbcfa7c84b47badf0284338d3940733bde8cf02 |
| SHA512 | ad36bc4015a80ff0a7d235c83cca63233cb14bde6441ef4c17e14105a0df195ad6f2f8ea9ebccf342da238358444c18b4577c76a6eb8da6bc103e611b7ab68ec |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/userlog.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/com.adhoclabs.burner/files/PersistedInstallation8461149787323401014tmp
| MD5 | ec891f4d3a41649257f2031a7bf60dba |
| SHA1 | e613aed0020318a10f00c59c4326dd400c7c0b30 |
| SHA256 | 49a4b191be381f04c6709ed9bafade41d1d8450bffb41ff7f8dd0e3f6ce8d1fd |
| SHA512 | 8ac6c22e69227e62190d27ecd2435ac5924f5dba5e91da192844cdc465d32eb43fca272870ab31ddd1e6ff4f87601645345d186ed6c60a1dde194ce0c6c5b81c |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/userlog
| MD5 | cb8ad2703b19128b52a6d91841faf0cb |
| SHA1 | c54e0ff8bf1f3d33af9d5b8b51207a80fcc8ed2d |
| SHA256 | 5bc24fe7db3885660639020d6c5c3fc36cde94050e1bdf612b2a38d9672e8e76 |
| SHA512 | 456cf3ac7389e229a138fefaf5951a82ceec3e23e32be648b9a26baf522ff296258adb45a26c3aa8c6b4e6b9ef99f4e77e422406aa8b682e5c5c05aa58440c28 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/user-data
| MD5 | 5ccdc309fb531b8dbd976f27be362d95 |
| SHA1 | 51fd9a8ca79ab68d11dff6a6582e7cbb7771c14a |
| SHA256 | 718bf1aa55b13315471e60d362327b973a71b0de31922d9f0f1e9b54f422dfb7 |
| SHA512 | a22ffa190c8fab023e88bb19e261d2cd1dc5b0c6a8cd8573e4b475ae006e843f523e79a5fb99a98cfecbdee774e92424564c4caa24e575caefb020d143eb34a1 |
/data/data/com.adhoclabs.burner/cache/appboy.imageloader.lru.cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/keys
| MD5 | c07eef142fcd79fb1c4b16d7dbc45baa |
| SHA1 | a598356f37bc78b6ae5a5539b3fe6ed10912496c |
| SHA256 | 19dd58a303291bd131b2bce7931f2be01b2d5d7a2bc9dc9afb919164536d928f |
| SHA512 | 862dec4135e431ce9ca71bbab209114685382812a67a166d70aa3e895c03b9f920047c1ff8ca5a1ae393201c21b6cd407ab6b54fca27214591b69e6d41641bae |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | 48db185698b683e73615171de35fb14e |
| SHA1 | 15d4620ab3f6a34496e156225c21303571267c25 |
| SHA256 | 2052f86f8fd3a64da1a646add8481d77630cc5055cdc6196ceb75c09b6b84fae |
| SHA512 | 52d7487abf96c40b21d513d9c9eb600b991f6c9bf027fd9be3287d4756107d000a45861950edb9e7846c0dc1b49c9d2c4bb7aabd80f120fcd4513b1ba32569b9 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | a65b9b3e4670dc3b48a9609f816ad531 |
| SHA1 | 682a73f2c248815fba0cb50c45031a53d6f8dbcf |
| SHA256 | a4aaa2a4e0cb12123b405a9d33bdd7edf8cbb41ea92e75deb1ba21bf1db5b2a6 |
| SHA512 | 6c06e6791dd41c1c8d8e0246e9bf7fed81dbdb5e918e7dd78cc2af1f002f8a532ec28335b229a0ec5c1ee220861092cb1a7c7f4060663394e420d80ed391179e |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 06bd63584cc699cbc92ade3aeab0ac42 |
| SHA1 | e21167e5419847271e7f67b3b286916b8124165d |
| SHA256 | 1e58e88b20702d0a80025c1fbacc9ad5fe2565311e2230d581d669fbd7e8b0ef |
| SHA512 | 675f177e388425023df5e19cda634ab1e7673681feabfa7bb860089105353166491d15b8c86b5408833230dc5b0ac43e2b5a61e1d36ea0b40d6ce7166bfc385e |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 1fbccf7b936a9b713de5d42c6d8a075d |
| SHA1 | 7c8bbdf9151e7f53e2675329d471e552446e9ad3 |
| SHA256 | 232f9626cbee2e063e25f61a08f46575d019b62f02a6753c1325957a95e1c513 |
| SHA512 | b9177426b3facda6d86b5a83d05805a4dd2f5357d4979ca7282a13ce3f08ef7e7a0c5922675ada826bde264450b1b4ddcc54eea4de62249fd3eab1ec9acf32cf |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-journal
| MD5 | add4f9cb665316985a3be36e5720be92 |
| SHA1 | 6e786bd9be1fe925298486a003dfc6e422ca3f66 |
| SHA256 | 6cec7b294f615b20067a7257cdddacf177e6a699ad0fb0493446b28381bbb629 |
| SHA512 | dd237c1cf0bb3585fa36074c6dc84ef5b4b8ddb421167af6a20df6bbbf657a8f086d349067b9b2f32d7b443903a9f82b56982c06096d9a1ce24e8978647008aa |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 14770edbc1290230aebe82f8dcc730a0 |
| SHA1 | f86874de3ff45c2dd7c982f9ada6b5fc979f082f |
| SHA256 | 7495b9faf55ff02d0a2906ca3e3f4b356abd96e421815f9d07f893682da6eaf2 |
| SHA512 | c6be6c93262e0c42527722af20fdd3be2c9936eb601280c36492e0bb2151bb63f88bfb150690ae361c75d01a33647c2440bb49e290af38c5c5af5a707320e3de |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_settings.preferences_pb.tmp
| MD5 | 3242a61a6337702f02699a01649b41f6 |
| SHA1 | 9392686622a11a68d50792df642386c303577997 |
| SHA256 | b764631142c16d59da6bf56c3bd9a796ff9448bdf6a03388a0cd71fbf46287de |
| SHA512 | 4893830e96033ab90fa518b4d47a937888f0bbef36c38d70d4d3d0888c67b55340475376f211c37fdc81b90076fac7dd10728461bf3b1a1cd0b3e481c52f06e8 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | 9f7db1d3584d4fd888ff5ceef7ab417e |
| SHA1 | a32d3fb5336b3cebae98e805d77bc2fa39808136 |
| SHA256 | d8046eac65294c5cdbc6e6274fb28f9b6a46b4acd12445b25b6882b459e94a21 |
| SHA512 | 77e4cde6ab4f2c41f840a0b0f6b1b7e82723b1fdb2eeaa5dd65d78bf66442a934d55724773ad252430a8ac6fb34c076b59b7c59baab1ea31d724431bf1042daf |
/data/data/com.adhoclabs.burner/app_amplitude-kotlin-$default_instance/amplitude-identity-$default_instance.properties
| MD5 | 113293668351907d192b7e187a77bbfe |
| SHA1 | 3f704e603fa5fcb951d5256a3d3691803ee06d10 |
| SHA256 | fda352be36924152b1bd60024839a6273a4a61467ef11f2f043c25683015a275 |
| SHA512 | 0c9da102810160c15f9fbe4e53612c62bc565ff19797faa28f98c6d9c279b43237a9ab1bae994cbaf5f531ac555f01b16313c49869d585f632fd8f4af8446542 |
/data/data/com.adhoclabs.burner/databases/burnerDatabase.db-wal
| MD5 | 410a3a34ee9a3160edd61e24778294be |
| SHA1 | 6dbbdfd3f172cf7e92464e3bcb77912bcce8f698 |
| SHA256 | e2acc6c651bbaa028021c033d90c028a29d5fd599e0b0ec050325f3ab87c5c4e |
| SHA512 | abc2bd4c95cf6ea6e9289c6b477033a6a1e1c8ecbbd40505517e7e82f81a001c40398e40104eec533c03a8dae59dd2b5dc61007606f6e420c61cc5e3e522efb6 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-journal
| MD5 | 93c76711ab499a1a18461974a0245ed8 |
| SHA1 | 39a2e0464bcd6ce3319351a6747d8cd19d30d0f6 |
| SHA256 | 4566111c48e6c32a3cb42445d2ffa810af41a06bf7e350f14aaf35af44dac6ec |
| SHA512 | 4494c44f8dd609d1bfc2c1ec5be2cd990046d81ecc6fe3913cdd200fc1ee84adc14b3af4c141c368cca1d74646e82ea63ba31a3823dfc923149b0a8ca57d1746 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 30e15622abd70177af8764f025282fbf |
| SHA1 | a1d22ad72f765a971bab3b17186e0625ec7a3565 |
| SHA256 | a0333ddff3e8f10da67be4fac4c9178207bda293001c8a364199ba4dfab29b6c |
| SHA512 | c5035a8e62b5c7bd572caf14fe51716ce6f4d6e2293580337d94cdc3c0d7ff8d3a4dcecd68487dc122474302fe26cde22df8565f2ac8ef7683713de0e449abe7 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | 5d1d4e426372061504a3c8782c029cfb |
| SHA1 | 8fa0d756a5e3ffc3417edf6b34006ffebc03a84f |
| SHA256 | 32e2275ed73a59807bb90ed604b8ba2ba5b2bca5ec08e8c03331b9570a15882d |
| SHA512 | b702c4a3e5cd5e21a483c15f2f57cc429e5c6e41e708c8f558551445bdf2157353e9fdfef8e107ed2b247aed4f1c1685e1fa10acd3a5bfea069fba8c824d60b8 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | bbd51a4430e0a5ed82cbb1020b44f3b8 |
| SHA1 | 508c2647460dac257c29aa277b8b39b13e028922 |
| SHA256 | eb3214d183b8b07c96191fd4866e88bc1f91e55dd62ab82bf60d4a73684af49e |
| SHA512 | e66fd118c4f08467f9e85426aaa6aee98eb88d845de3d0c09b9644bce5f63d0767d24c7c47c20b841c9d05fe4a80a787403e8ffbba9da081d827d86c718801c9 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | c1e3278d6f81b78c49f16f2e62da20b4 |
| SHA1 | b4eafb43bbfba9e5f03e87bfc679d92ac103f6ee |
| SHA256 | f4fc886abcd281740f1be4e0056dbaebba459d6188bba1611d345061189b0739 |
| SHA512 | e192289410854cabfe64d30eb55d32f7227cd0c13e971b7ad64e57ca0fdcfb8d735314e1845b6e87c8e4b30b04637d40ba0c1f0916901df64c5ef539913c8058 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/event0000000000
| MD5 | 8014773d587232958599c12f5be05fe9 |
| SHA1 | c7b4fd7be92792dcbdc729c617cd059df84e7ba2 |
| SHA256 | 462c0431cafff478f734df2e70bc16c3e2643e1e52e202fd64cea53fcf174147 |
| SHA512 | 07146f5a365c093f9966576fac6b3978e908d0a8cf4f841eaf75cfcedb6d45aa8f3a5e394dcd73fc708e33dc392a2d39f9d9693a579fd8c2290c62e434bfb8b5 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | 651d0b32a8f2f548bfd8404366b920a3 |
| SHA1 | 87848c3cf71577a961d12b0fd5ce8b35d565f1fd |
| SHA256 | 2012f76ea403dda505a992c3a0cf84bbfaf46f18a96db049c0150e960fa781c5 |
| SHA512 | c9279e133e3e5072b342b472c82a27cb8c5f6eb372d6265b9b61641aebb727c99bff095eae8e022618afe1bb10f644a356923282087c24552de38386da3bea93 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | e822ea862fdc7d5c267c3bd39df42db3 |
| SHA1 | 789beb6159071331bd93585a8dec618b0e694163 |
| SHA256 | 1f9eda0359e17079f5abe2a3e3a9f943c3706f876a75a951e273a1e1fdaa39ed |
| SHA512 | 1cd7bbdf7ae54345dad2c4b4e7763c878732bc0f76e509a9c8f5e562480a1df6caa51aeb564267b66845dfc76913709b9cb1ece8ed5af6ddbc38123b37b2bb8e |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | eb8c0a74d87af53c5abb81a1264b775f |
| SHA1 | ce0bc97d1cfaa5f1c2115eabb503c5d13f243ef7 |
| SHA256 | e26aa76a41997921f9392c2f5b7cb3d641bff0ab2f9df4fa2a7cd9d73ddf1851 |
| SHA512 | ecc19edea7fda79619f4438e2a9ac3c9f8075d9a0d7c36c24a6b095fbe4c36da9162133bcd73ad5ed0faf057451ecc3a88d11323cf8f483727a7e26b3ea080f1 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 132fb7fba6450b5b44f0233b33d3767f |
| SHA1 | 9bc2cf7c09dc0d3126e1562e77e99c5b0e1feed9 |
| SHA256 | b720705e14676739ab4663ca29a2eebf81eb44be6d9df1e90e52d55d9870d502 |
| SHA512 | b8f3c080b03df7f76e2f6fb6098db75525c86b737f5bd39371ed62b961f5e72acf333570aea804ab152b5715359ab363d05db485310c708519eb02790595461e |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | eda6d6dd46892225da28a25f2fbba26d |
| SHA1 | ca7360f67c2f7a17d4618fe3d8e9f30c2c1c33dc |
| SHA256 | f898bcb57bd874f7555b5e14a7de816c660a88fbb5644646fe029ed183a2bc3e |
| SHA512 | f93b248b5457c205dc3f57bd912cfa201905abab26ffef2b0b118186e4fa94f0d0b1fe5893a828350df8c7a8f804cd9ce6879c97d0966ac4da1e32f7812ab210 |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | 9640b3a2c3dae86cbdf7b5e8655a3db6 |
| SHA1 | 3d768d7f450b661187c746a920eb67031197d7e6 |
| SHA256 | a0a446a958fc3af9f89bea2e241c8198fe0009394f5e90bb930ebfd0aa5bd1b9 |
| SHA512 | a3ea550688f5ccd48de0f49b1219a8fd21c6af65fd77ceb3ec614b2aa7ee7b9dc6366764109b375f619248d71fdebd952e5c26e8140a1c9fbcd517662a306f46 |
/data/data/com.adhoclabs.burner/app_amplitude-identify-intercept-disk-queue/$default_instance-0.tmp
| MD5 | ca80ff52ba40a3afb8ae78e5b2be258f |
| SHA1 | 8aacd928da294d952b941d27f4b86c21b1033c95 |
| SHA256 | 9dd2ead740061ebca6265bc5f36d3717604bbe7f89165ac3d2cbf17baa4e2156 |
| SHA512 | 5e84f549e9f44b5fbf1dfe42856e4e8a936b4e54f186603eb6bd9845e72fc8c29394d7143900716fa852a10289b71b4035e46b2571b31873e0e0ab9c035309f7 |
/data/data/com.adhoclabs.burner/app_amplitude-disk-queue/$default_instance-0.tmp
| MD5 | ab19c9dc4c32e517b9883417943010a7 |
| SHA1 | 3f2788cda8f258e9be478928b050f58080efe4a4 |
| SHA256 | ce4a9fe27f6e33123b557ddce9dff97e73883f0539a3e454a220ed948fd4dff4 |
| SHA512 | 61602f5878ef4d6d0e9e82041b2f10d0dc617aeb786aff308ee3a5696548dd5acaff3dd94c508c6475169dcae3c2846f2eee0f8447dc51f6ca271a1b621ffb68 |
/data/data/com.adhoclabs.burner/files/datastore/firebase_session_Y29tLmFkaG9jbGFicy5idXJuZXI=_data.preferences_pb.tmp
| MD5 | 24767970f006ff67ef7e4e0424a99d9f |
| SHA1 | ecec0134538c4e7ae7299a16faf63dc03019ed09 |
| SHA256 | 360855871e793340b7ff3205fdfbae4eb84e5e5f3fea8550efa4d533ccf97afa |
| SHA512 | ee828b7eb33d1cf59d3887441cfa488d88016c8f3ef6390c103b99e692c6a4990df132b259f5200c96294b8b963fc99bf921d8f791ec193a4ef0ba25fd63a756 |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | 9ce78ca345ab99dbfd54b2f974d61d6f |
| SHA1 | 8345ba9989be82bd134703afabc65446f7e56df6 |
| SHA256 | 4b108a69f5436ba602a1ed69b68ef071c3ecf34b8b67be20010f7666f1b741db |
| SHA512 | ccfde9e8601cf7e771703fc3d86128e25e260bd207ee3ee1216308fab1b069c641cc5a7b83508cea7836d09817e21ba0cd5825bb068a27412cd964eecc2b1c80 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 9b7f374e9b706083f79ebe7f4800561e |
| SHA1 | 1fb3fc253eafc920448e379f4c3d091c5bc4a5e8 |
| SHA256 | 0a1301a8d78666a8f6715b1d73028b0ee4d6a3bc086b6f41130310a83a679fd8 |
| SHA512 | 22ba784b13a8f7da214e93a080f911d3c9f3556413d42f778fe3b4e904f9e96af0be16755f99898603899dc1b90faa73e52ab1cd185d4615489688a2819a57d0 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | b05d88e5519ec5b695c142750f0f3492 |
| SHA1 | b3581f1eb39510ac7d6c36ab767181b2f36a272d |
| SHA256 | 6ed21900b3418bdb324a9f43ba6c20ce456575bd5da1eddd86a041314cd72756 |
| SHA512 | 6ab55262d8229bc2c3ceb15379df159669e819924c065ff669c10602b38a37465d62717210d4155cc7795b84f33e66b26b4f4756508268379b3c2fa271e7f377 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | ef517727ab56f6324bcfc9111308fec9 |
| SHA1 | 1960e1363c702101b3c11cfd1c638bf40593cbdf |
| SHA256 | dd9a650db14219f601b17cf9b85e0b3ce85b84363ae828e897f1f9bf35869aa4 |
| SHA512 | d16ef0777c37e78384d51323b7c30a38758942213dcdd57ce1e6b866a5a8d89b82281403af2dcff131111a5d0a304db070aece331569cc48a6fbae672936bb15 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | 90ad76cbf94350dbde1df39c8a5d8951 |
| SHA1 | 93699139fcc17b8361c1be598ac59c1e644de5fb |
| SHA256 | bc25279e9bb51095c57cee810eae9eb4e32c7e9be55501706d9a96ea8494f193 |
| SHA512 | 65e6ec62d652f0e41806d054b4540aa6448ccb89cb58ecf0f6237fdfe440037f912e304bc8db1f48c2a0d72eff2c075d1cb7bdc874ff1c9b52dd87e314263789 |
/data/data/com.adhoclabs.burner/files/AdjustIoPackageQueue
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | 2e0c1d8852b3da106280e280b338f256 |
| SHA1 | 22544966e8e9c75aceaa9dc2e5e3465b827e4511 |
| SHA256 | de586092f1ef87f8cde01dd331d689653a19036375eee43dab84b4485d9acf37 |
| SHA512 | e21707f54082c856ad59665e86e0748a1077da533205c44cf079ee0588a086d92615a33b5c8f4a94f5b9c9606b0bd4d63c790f967d2241c8bf42b917308f4255 |
/data/data/com.adhoclabs.burner/files/AdjustIoActivityState
| MD5 | d761abf4161b23152f023cd919e73e0b |
| SHA1 | 79ba2de83e9c122020eda7c3b0d2122d14c3d0d6 |
| SHA256 | b786f2e523af2452bb2bf3e997fc2d9728d96b075a56eb21112069f399eb3e56 |
| SHA512 | 459dcfad09a0031b846842d871324dd061d62bfd6aaa2da60a1d83cb242f2f874f33df3428f1a2a07e98732ff53d8a2267b25e19d19dc61acb488d9b308fc0b7 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6CD0189000110AB2339AE35971F/event0000000001_
| MD5 | 26bb65b8a42376001b6d4aa73c4676b1 |
| SHA1 | 9823fb9bd934e128c7af7803ac54963ed9496e48 |
| SHA256 | 1247a85062c3fff393fc3c8890093222a1f95d4f70c9e20adc04d6d54ff257c3 |
| SHA512 | 42d13eafe55bbd09d0bb7383d8a25aa6859067c1e98c98098751be576d53e11caa28c80b3ff356c4bee3dd646586a6a9e369e0ff5f359aa4b66d809dd72c0a07 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/priority-reports/6734F6CD0189000110AB2339AE35971F
| MD5 | 34324a9d63516aaaffca22af6f5688ac |
| SHA1 | 2822f537f699ec126490884b83e73e874242b794 |
| SHA256 | cb97d0d7f338e3aa3971113859c1daba84a96bd786fb777279170160d53053f5 |
| SHA512 | 0c7679bc5385e5db02ef53da724897ca49d227e6eb0473c3e57b7b4aa803f4dae23fc9e8d8236e2bf2c738cac35338c24bf1ae274105bc2a3d7e5a4cfe4b787b |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db-wal
| MD5 | b2c4114c959928aaed9fe0c6177c339b |
| SHA1 | e307d4d07f7c117f934c403eb0976bc9de8a7993 |
| SHA256 | c2e4944b530fd39bb67fabdc62104c9c994862fac062ae41c89aa875a6a4f21c |
| SHA512 | b4114023f5a73c1db6efd92e0bf767f93bcabe8bafa7c468c52b5dcd82e8dd27ee4f02732d2342634e04cf5c36e320db45e59d86e1a90c02915bfdfd0d93a354 |
/data/data/com.adhoclabs.burner/databases/google_app_measurement_local.db
| MD5 | b09472a00bfae4981d7c2a112f46eec9 |
| SHA1 | c75137346a90efcfe76fe2349a5d8fb1ff69fb98 |
| SHA256 | 2f366fab9b8d9acd9baa29db2d80e6f7214d3033de7c88551492359f53afeea3 |
| SHA512 | 0b96866bb41daf071c8400983a32c8eac4f2603815990775c2b7d77e1a717ffeb36cb3f23a8dd379bd4e05298a5c72af2ad1dca2a516348cce6cfbbcbcc50266 |
/data/data/com.adhoclabs.burner/files/.crashlytics.v3/com.adhoclabs.burner/open-sessions/6734F6D60017000210AB2339AE35971F/report
| MD5 | 2d83c7c9b25cc9f4eb8d691c1063f6e7 |
| SHA1 | ee77739fe90b36c0309a150d852eb66c35d3227b |
| SHA256 | f20686215f7d41252956fe9784890255ab8863f4b8aebcd66f01bc8daf7b192e |
| SHA512 | a63a3b902c50343bb0da32acc6841e00dcb2637f0a2c0302d3859d986674cf4b21f74e2966dfa0d9f4a06f4348bd31e93cdf926559208d9641c85dc2ccf9f0cd |
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-13 18:55
Reported
2024-11-13 19:00
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
155s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\split_config.arm64_v8a.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.143.182.52.in-addr.arpa | udp |
Files
memory/380-2-0x00000197AEF20000-0x00000197AF190000-memory.dmp
memory/380-11-0x00000197AD6B0000-0x00000197AD6B1000-memory.dmp
memory/380-12-0x00000197AEF20000-0x00000197AF190000-memory.dmp