47d95c2245124b6e1c9b61b422dde42bf2fed4b089cffd1550fb585650a80d89

Resubmissions

20/11/2024, 04:06

241120-epdngazfrh 8

20/11/2024, 04:02

241120-elzfrsvpgl 8

20/11/2024, 04:00

241120-ek6tfszfld 8

Analysis

max time kernel
1628s
max time network
1820s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
20/11/2024, 04:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bigolive-bigotv.apk
Size

107.4MB
MD5

a5a79db3cc35fa9a9d38265c33d9eb2c
SHA1

8cc911f039c7d6c5ab6628d888f74751602f1702
SHA256

47d95c2245124b6e1c9b61b422dde42bf2fed4b089cffd1550fb585650a80d89
SHA512

d0e1a4e1a07e279472acf37dfccb3a6095dfeb91225524c9d6e7da4e68649aa06b73b08f8982cd57824cad68c9b1c9473552612b33e6723594d5f5902f20d1b7
SSDEEP

3145728:dyC8ZWzmj3lr+rZqa3BBGwnk1tQvVvVWREaGQmn22:dyZamR6NqUB9nSe9VWChn22

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 10 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/data/local/su	sg.bigo.live
/data/local/bin/su	sg.bigo.live
/system/xbin/su	sg.bigo.live
/system/bin/su	sg.bigo.live:service
/data/local/xbin/su	sg.bigo.live
/system/bin/su	sg.bigo.live
/data/local/su	sg.bigo.live:service
/data/local/bin/su	sg.bigo.live:service
/data/local/xbin/su	sg.bigo.live:service
/system/xbin/su	sg.bigo.live:service

Checks Android system properties for emulator presence. 1 TTPs 6 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.hardware	sg.bigo.live
Accessed system property	key: ro.serialno	sg.bigo.live:service
Accessed system property	key: ro.product.model	sg.bigo.live:service
Accessed system property	key: ro.hardware	sg.bigo.live:service
Accessed system property	key: ro.serialno	sg.bigo.live
Accessed system property	key: ro.product.model	sg.bigo.live

Checks Qemu related system properties. 1 TTPs 6 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.kernel.android.qemud	sg.bigo.live:service
Accessed system property	key: init.svc.qemud	sg.bigo.live:service
Accessed system property	key: init.svc.qemu-props	sg.bigo.live:service
Accessed system property	key: ro.kernel.android.qemud	sg.bigo.live
Accessed system property	key: init.svc.qemud	sg.bigo.live
Accessed system property	key: init.svc.qemu-props	sg.bigo.live

Loads dropped Dex/Jar 1 TTPs 12 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.extensions.jar	4482	sg.bigo.live
/system_ext/framework/androidx.window.extensions.jar	4482	sg.bigo.live
/system_ext/framework/androidx.window.sidecar.jar	4482	sg.bigo.live
/system_ext/framework/androidx.window.sidecar.jar	4482	sg.bigo.live
/system_ext/framework/androidx.window.extensions.jar	4561	sg.bigo.live:service
/system_ext/framework/androidx.window.extensions.jar	4561	sg.bigo.live:service
/system_ext/framework/androidx.window.sidecar.jar	4561	sg.bigo.live:service
/system_ext/framework/androidx.window.sidecar.jar	4561	sg.bigo.live:service
/data/user/0/sg.bigo.live/[email protected]	4482	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4482	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4482	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4482	sg.bigo.live

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sg.bigo.live
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sg.bigo.live:service

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	sg.bigo.live

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sg.bigo.live
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sg.bigo.live:service

Queries the mobile country code (MCC) 1 TTPs 2 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sg.bigo.live
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sg.bigo.live:service

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	sg.bigo.live

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	sg.bigo.live

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	sg.bigo.live
Framework API call	javax.crypto.Cipher.doFinal	sg.bigo.live:service

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	sg.bigo.live

sg.bigo.live
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Listens for changes in the sensor environment (might be used to detect emulation)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4482

sg.bigo.live:service
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4561

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/sg.bigo.live/cache/AcceptConnect.aac

Filesize
6KB

MD5
1782c2275aed0a2e4c0872d5ce8cd271

SHA1
080862cbba3be945654ca1a33c222df222356e9e

SHA256
f3591d7a6fe4397740bd44704cea5fd844f51adb02af49edaf4f0a41f32aa608

SHA512
181ee624ba6a4c2d0d17e9846cdc7ebd7736f4158ab11d74d8c0607389b99febc6650a9ce3dbd773553a7f79985aaaa65f0c197c177c0aeb8b1d835d7f3fe3aa

Download Submit
/data/data/sg.bigo.live/cache/UserJoinTone.aac

Filesize
6KB

MD5
55ff7ec229d5b3231272f36c16e064f3

SHA1
1cbbfd931ed1a505bf4cf15f385d3b08926be412

SHA256
fa3171d74fc864dcea3aa787ef508a685c398f0442f9aa4fc3057d342134de21

SHA512
8b38a73af751def915d2214cb7c0afbb097f18c4d1350a4fd6d09664c5527dc7565282d3f381f8b1871c3b9b34e950d85771915b83b4556600f1d7e7ce02244b

Download Submit
/data/data/sg.bigo.live/cache/camera_blast_snapshot.aac

Filesize
1KB

MD5
07004f0dbad17c68716030552071fa83

SHA1
a0b2a19cbb94a14c86dd7df1c21f7ef2011f5a9d

SHA256
96fea0dd644eb024b530f0ac632a0ed8d1d415d2cbe5bfb855f20767b0ed6a7b

SHA512
003e0283dced8e02bf68fb38d5e9e6479e0cf73959b9ee62c1086201d30d7e13feda725d97c4dcbbfde9440d8beaf66fc97a5ccfa2583cdb1da469344c7c33a7

Download Submit
/data/data/sg.bigo.live/cache/im_new_msg_forground.aac

Filesize
4KB

MD5
b8faebe353b10c6c8dc993138b6fbbbd

SHA1
ba81e8cbc761c41a809539d55d0a91abe65ab29e

SHA256
dbda775ff9eb0c656b6ee29f7ce4378017f61e1fa2886ed932b8a2b0a2a2f6ec

SHA512
0d6c2c960ac5244d9a0e7f446dccabebcd2808ae6c8dad21b4933c6e86ea33cc75352f61248627fcc45dec8385bbdac102c2512792edef89a3b1b0b54e5970dd

Download Submit
/data/data/sg.bigo.live/cache/ring.silk

Filesize
3KB

MD5
868cba92c003d35e481919850e895166

SHA1
8cbcd49e926195773807b2752b82e8d9b20d9243

SHA256
aa233dcfa41af2a5f3f332a3923dda114a395784654c385a73f28aacd4c0e0f4

SHA512
85ab947ae2cf214907e2be25d4eff83e3ad7f2430cc9da437569a9bf22b41ec9def4cfd2678b6315f117f9a63358c8b955ab7bac755bc24136965dd79d2747fc

Download Submit
/data/data/sg.bigo.live/cache/ringback_msbound.silk

Filesize
5KB

MD5
5471190bb971bf418dfa6ff244e893fa

SHA1
a024443509667d4bca9dad3f4a39bf8a8efb2bb7

SHA256
ba57305f4d828e5e02ac3d00ed366ac1d0fbeedd2a7a0364e4e9d81dc786a815

SHA512
cc641d521a0f6667343b03aa18331cbef31c1c3471f7ce864899b4ea878239915f5a20cf28419e26df2f1990d1910c5e3a61a3c2be643e169150650e47b30679

Download Submit
/data/data/sg.bigo.live/cache/ringend_normal.silk

Filesize
1KB

MD5
c5e0faceabc372648560c1b95cc3b4ce

SHA1
272b617c451fa620dc18274853080a8a41bbec17

SHA256
965963280971bfdb82504cec869a0fb32255ed0030430bfe033f7d64793bdd7c

SHA512
9654a2e8b52c3bc3349eeeff117484717a3630416133872873fd667bc100ca2ce41f7375cfcb84d34d0953350fd14f31b0e45d4bfb6524238a379d976f4f1064

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db

Filesize
20KB

MD5
38c49a9be299b15724aa7b6201734d37

SHA1
481545d2ea128ba1f4cd35bde5b992cea36b6fd7

SHA256
97f73cc891ca4b6c1f36ceda39d5ad1faf18e227ec63073c35c57dd8f029a770

SHA512
00ecadd04ba846743495c7a979d042560070ccc37e3e76410f5ad19a9fe744e5fc9055d61ca38546f70f20a992bf70e09cb6e3c50ccead1a0f0d67a96c83011b

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
512B

MD5
a1917325691cf775048d957d99d704a0

SHA1
ba390c19e48b66eae1d821f8c3094efbc5bebf3b

SHA256
1ac226129861664a26b620a04ed7190f4a2f71d7864bff7d1777541609158368

SHA512
a21b24ea570127636b842ac4f53ac7cea948a8a0f683a60b700e957bca5296fb86e26a59c56a32d4f1daf5fdf19214cade53a342aea15f946a98b12b3c4d0808

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
8KB

MD5
c6dfd3bedb9c9f2b06d5e44fe98aaad8

SHA1
47aaf5064e35a1618e2960677c7e19f34bb0ec8f

SHA256
844fcf8066d31ee953acff80ad4c841522503156c9428a35fb205dc14120bfd6

SHA512
c3a5efe8f5dff1139843938bbe44cd91365f9ca4d22b653e9c49b63d2e9b12065e375d5c2c23c609db50b4d62f18c093d59ccc5377d554cc1d8d7ac696517481

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
8KB

MD5
4a213516aa0b098fbf1748395ae2a8b8

SHA1
e35c411c4d8249157a9898426145df6a6979e15a

SHA256
a70710db9162699c001ca8c6452c80e510d07e451e664e1bb292cbf3b6ac79b1

SHA512
f845c1112ae4687e6471b144e0fa46e19ad4009231ee9cdd088aa4fd77fd9186aa0be5d9c0a897d13d07affceaf4730a9c247bb67dedfc7f537910cf24ba5312

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db

Filesize
132KB

MD5
d6b64433ce5a49e76fc14ec1414d17f7

SHA1
2c99cef669e63bd3f3249b9797a12ada7d950dc6

SHA256
0deb04229b55436cbbc8427775d8a2a07755c0c82a666012b4650cdf4b76814a

SHA512
b79cbc8cad8eb3694b860dde7a74808ee1d493cddc7d332908681b985e597b567a9480667efc6119e2067bfb2f64f2affcc663f0b1cf1996fe1640236a042e23

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
512B

MD5
f4ec078c92a3933a6077987a73261afb

SHA1
7fe27f07ee75d06ffa05399dfb7a4a2ac86c780d

SHA256
71e6a0bf110997bde9da9e5968b4b5bc3d2f9cdd62d8a73ef97ef1ca13a7ebed

SHA512
3607b0933a3d85558cb88eae387ad6cd9d3a627b060c2f9a0af93a6bc533e528984302ffa8f7c7c95220cfc86f520a057eaeb6bff2cad6de39b6d593589f5d43

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
8KB

MD5
9e2aa2d4f3db95a311e5c635870d0d34

SHA1
1fdb92c3e3c7a3ba2abd0dad2c7df5f17db6a610

SHA256
60646af68f6963be642f8cc227d88491b0a719b5ba52c3f79e2cea8b81138def

SHA512
834e812eb42706b319f2a3cb1418e407edbe9f49d094da63d5fd72c89bc5b1de477e03a8b4530d8ed0b5198ded96e66bb42e43fcc8f3113da12253d7009e3927

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
8KB

MD5
38f5ab165354c9dfc924199293cd8bc8

SHA1
1977d1f5264940c9b69823638654893521d53c53

SHA256
4a8105f91e4a0406343949ab8a3ecaafad70353213baa6d1a531c980c91313f1

SHA512
31b8cd1a1b3951cc1c794ec613c5a8bfb8c8d3bb7694eba46b8b16f16136e83c73259a5c9e5b8771e9c26354db84084fe7531e41f92b852826604d9bf232472e

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
fed9ca959f63eb0871b677e009c954a8

SHA1
607e089fde6a642ea3c92b59aed3516c6c9a5db6

SHA256
ab6af0bfe492979a2d17b379fc3bb3b575781ef4e32cc52acf8d131b77e36a22

SHA512
26c03c5eae564d4363ea7c8bf108a483623028d9468b63628a21743ccc8c8948962ccc1cfb6d3103a8077ac462decc329ff03f3ee986f714883ffe5f1050423f

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d1c57a7c5b6dfef06e3f5b17ed48acdb

SHA1
9b42e19017e28ae3cf5141252b33409fb52d2b49

SHA256
38b6bcc32b0b3542a033afa3f2b2cc3d71368d57cd2db638bdd1e9d3d66834cd

SHA512
ebc429d75a40714c0efe88ba88c40bcadac133b629d7e9c18007e3925973feefc4f6ea83ec5d61962d255b85467e9f945de5bc1e55b30dd160fc92bbc5b02269

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
0e1342598dc3c5c17614d638ef2cf5b4

SHA1
d349833c589b579277132ce27ed3881cb053bd5a

SHA256
9770e14d2392a99540ac53a6d4beb68a423fcd8bde74c513e5bceea6c60742e6

SHA512
2ab67c1fed097e3ccd8c51f2430ac554055be242ce63e303b0eebdd7f816d204732a8d003d39fa330e013ac170386f2ac5e3c95079438d4251031f1fcb4aaf04

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
9ca09e5ea4414cbcaa57a845dfdc6027

SHA1
01978b09c9e61d007559e12b0764d3971385d447

SHA256
61f5912798bc66916853d96de752ba56be64601b886e1b0204b0eb7261339657

SHA512
1d6a17ab48278e8f6c7558c970073cde7098204a11bb28925d9d5d64c8701648a6f113bd4b859f09b7abb3f1c0ea32e5304bda2a368587850004f0cbc3f89411

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9ca1de106d1d9eeb179fcbd7d2782099

SHA1
d85c6c7ca6cfb59129518c0d53823ad7218d1768

SHA256
0ea72e3e7a9b644467b72d9cb3dfe7ea743241e77355905056f1d2e0256a0343

SHA512
922a52fc9e9e8405f8c7b3f49bed71080262c29bba35aa728e7f11541ebe598afeaa9717701c5bbea49e6ee75712b25f2d7da0e2e7f772dad3c2589144802dd3

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e2bf16f28c3ccac935320b151d95c2c2

SHA1
84961b94bdfd96a7385a3d5121438d05344ffc5a

SHA256
b74a8f6004ba2878972eb00b61d453cda419fe4f4f1ba2d3dc7f789d12f8cb36

SHA512
7040f9c69868f6014e914bbebc664055216fe452875c1e998ac797d445a85e11fd1b2a5154b9885c2dc5a671188b92a2c3e6331e936478ba2e7e64a95cde23d5

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dcd9639197d0af87bdace55c5df50614

SHA1
5042cbde1dcfe52eab84dcc0618a4f9a98cb07ef

SHA256
daaa8ac435db47a18a68784ec45aeebbf90a17076ed6fcdc9ef6aed5a69ff553

SHA512
bf1086a380da1dcadff516ad78e8e1bcceefd00416397d9f4479745d49a6aa448a9fc90e8f5d4f3964d135095dbe3bd7e5bc506397885d41d0f36385a6618c8e

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
11b0d4de7d4586f1e7f5a8bd5a439554

SHA1
fe6bd69177d7b969b6a579634c60b0c925422b41

SHA256
63cb7e11aee2e967a47dc00dc6af662fe42019cc511fbf2b58a8130ed61aaf1a

SHA512
648f56679e26255441e8dc471516ae3f17803f043fba4011cbaa8bb3dd609ae4dc0285fa564b13d3b9369fe04e30ca327ffc4a8ed8fcf4895d549ec0aa740a79

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9b87022adbef0f13adaddf18901ecee1

SHA1
330cf6145660d24b9aa03df3282d504310492e76

SHA256
9cb8fee30a860cce4cff2ad33aed673c0e508207444d22be45181319e76e6f52

SHA512
029756e4be64a9208c7a255d63e149ab2c37b3e07a783002776cf2e2cd157de2bf15e30787f3ab1dbfd962cd5cb8e6682a982f69811d6cdc489e8160436f5f8c

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
cf2745b4dd3d51948987bad61eaa3416

SHA1
2c471bcd044767194967cdbd55eb69b3b7423c00

SHA256
8466c8cdf8a1d6e9e9f7ba7d055f9ebe662ba52139011246560e4bc8d7b2da29

SHA512
ea7f87d0f7cdfa201c41ad43929cc7a5880ed2168ff0a5422cfebb82d04e94fb78331dccd41258d86b31ac55cdd7cfc14d5ef23ed11d576129e39147d0038be9

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
23f55f615f7a3bb68f70d2b716bb1388

SHA1
9362058ab999495252bc2f23a5e21da9f5fb8e4d

SHA256
f5c292fce4c129fe5987cd7cb2d00c526070c79f3bc1ab65521b324b6701588b

SHA512
bc26f5ffbc3dfc6a89368c3f63c2deb9a742f37b2e0211664f5e6abb370b009aca105802537c0bc8ae983571ad2079f3e1b11ff6fc24d774ff269ab31de8de12

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
c38a5d354c9b2de12554e26de650cb34

SHA1
e84abafb47a13971354355a9271b54ee1d3590d8

SHA256
0dce0f976a97b7766e26f34ab423b720d9a49c20cfa5faa1933c39473270e988

SHA512
71bfe1e601acb11ed28d3c04ff92398c0013d172e17afe76232e7e96d56fbf49170f0ee3932e09297263e280763f4123ae7b704a82fd06f1e6f861d061efe441

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
62ab1a6d709169b7e53d09f8fdfa2b5c

SHA1
2b2b87b8676731bd64ff3459fdf4c8e557b031e5

SHA256
994df009335a03b54ea22066e0793c8f8e37ea54f7cb09ed06e260245f8500b2

SHA512
fe8280c2dc246cb804212ad7303d3abea312ff8eb48d900a5e2c745e240ab9ae8992119ae341cd36b4cf7f04bd3bace8b0e038a31bc738600941c9c52bcf0e9f

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6df85f939ddf3d31d565fee4508ed67f

SHA1
e8bef5ed90afcf83cc48cb938c465ca28187b589

SHA256
5748dcdc76a9cd8e677fab6d555ff43edaae5be97928be802450141ecc83af1c

SHA512
a7eb32ee71c411443ae4871ed09b6c06020acdc12a7d691930d3b7155854057cf2d9840570a3eb7aa7840bbd9f828a67de2a85c215b32ab9316633d4dfaeb2fa

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ef7f499a17b0423aac5be620204e318a

SHA1
9fe037cbaf2003d17a74d9a6eae27b371ee2a3ae

SHA256
a635bb808da3e6c3a9c5164c11093c73f4d22941d7236ee09bcd61d3c146980d

SHA512
5a8ae61a3e9d5f10a474a6c484195209292c69864fbef8fb1dabd3579f9bd8da084ae302a00ad2f72b853f36f83a1677a8b2105322d1392a9beb1c8a32301df8

Download Submit
/data/data/sg.bigo.live/files/.sdNs

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
/data/data/sg.bigo.live/files/AFRequestCache/1732075442087

Filesize
3KB

MD5
6fa42bc79af8c8950b841fa8cfb142ea

SHA1
d7be376e1dfb734e6262ce7ecbd2819da887935e

SHA256
b047392b116d7e7a992bb3947c619c9f3f96a529f6a931dd24ebb622f0326d7d

SHA512
95b0c77038bbc3429a199e508a0732c401c005fb82d24f1b980e5b80b6b5fb0195fa58fa3ca021f03456f1aac80865ae1e7299678b8f43c935a652b162036570

Download Submit
/data/data/sg.bigo.live/files/AFRequestCache/1732075445862

Filesize
3KB

MD5
0d8b5fd44f41bf8e8b334909d08cde2e

SHA1
aa679d10c8ff9e843596ada28e684344bccc1351

SHA256
d56f60bbc25ffe56da3b3e9d95fc0f8e5fa00e92806203d8f8b294de96c49560

SHA512
db6f33c14f0723cb4286780224e7a69dd9a62199720a35d9a21a3d706ec5ef23527aa4ee580e9959cdd0eebc9c6daeae2124eeb2413520623a2d1c5622b847b8

Download Submit
/data/data/sg.bigo.live/files/DiskCache.V1/5b5a96f9c6a927bd799b138426585663/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/sg.bigo.live/files/PersistedInstallation3864068932377844229tmp

Filesize
90B

MD5
71c8983065c3e7c997f43d151b152dab

SHA1
19269a6affaea6a57d6eaa883d3a54e745e1758d

SHA256
9a5d2e9de6c41a1927633b18e80d5d713fcae850369e37c338d6138f7b8869e5

SHA512
bb1a70bf0aafae09dbcad1f5e99db172645b36894ee9c65b166977506e7f08ca0b68e5b30e94811b2b9269ee631f437da6bccf9a013f7d4978160b013c355783

Download Submit
/data/data/sg.bigo.live/files/PersistedInstallation53532301515394238tmp

Filesize
559B

MD5
a5b6a6bfe296d652f6610b564b9cdc3a

SHA1
8af9e36ee4c6c1f9baae1cd666565f987ed89207

SHA256
1430fe3b4c3d5ee0838a04893bd6a03f7ab670c8d2e2b8bb09fb987925c7a464

SHA512
e66fa8a86813573b34867a12d090b4b07e8f6795b469f90a029104d2688c778acaad413ed5a84906492ab5ce16fd189dcac67f829abed15c63367313cf4473a2

Download Submit
/data/data/sg.bigo.live/files/frc_1:322067568803:android:7af3935fc149739e_firebase_defaults.json

Filesize
324B

MD5
67eff0ea4cc6bf4d57a029dd1f48494c

SHA1
cd7bd46da2bda2c26327f04290d9a8c33b3c6c30

SHA256
61402092bd0584b0f55c761af06205c0fa456832e98b116b3c99a4a66dc30175

SHA512
b73af95933e5197994c1c91b00dcd39f70385b80eda16604a7ca56c22c96b7fe0158d461f0d1d4175fdb7033e5c0203daf8163862796667348c0d226c5d851ef

Download Submit
/data/data/sg.bigo.live/files/hdid.bck

Filesize
98B

MD5
28d4ef946abb4ad9d31b7b140f22f196

SHA1
37458ef4080eac4cb47b240801cff5a6c7a0c452

SHA256
afd372caa20ab85d615657143376a08d2ad021ff46af86ff00c74826ab3a4e9e

SHA512
cecb27c25fdd7b30f6cdd0ef4ebad62ffd56146ddacdb86f1e7b22a328955e2a4d074c1929715850b8dc374877def9573cc97ba0f0d739245a894a3b3b726091

Download Submit
/data/data/sg.bigo.live/files/hdid_v2

Filesize
227B

MD5
2f8e9d85297ad5791fff7f05ba4814c3

SHA1
7cc83a0f83c4671998112987fb5f8ea746c59c2a

SHA256
9eccae247573999bd22f34b4fc19d442f3af72809e7cae8700905b7ddbddabc6

SHA512
0e7121fb85ca05e502990bdc0b2854a84b7dda29473be2549a55945351e0788b00a05e6704da40f29d9f9be5a9103d4a7f27f0db727d9d98d7091c9cf6b14a6c

Download Submit
/data/data/sg.bigo.live/files/tombstones/placeholder_00001732075437195001.dirty.xcrash

Filesize
512KB

MD5
59071590099d21dd439896592338bf95

SHA1
6a521e1d2a632c26e53b83d2cc4b0edecfc1e68c

SHA256
07854d2fef297a06ba81685e660c332de36d5d18d546927d30daad6d7fda1541

SHA512
eedb6cadbceb2c991fc6f68dccb80463b3f660c5358acd7d705398ae2e3df2b4327f0f6c6746486848bd2992b379776483a98063ae96edb45877bb0314874668

Download Submit
/data/data/sg.bigo.live/files/yysdk_config

Filesize
856B

MD5
253110061837887c3171778bf9d5a6f0

SHA1
e1758ddd9559f12b83fe785f756f0e46855ab6e7

SHA256
0b7d12b8b440e0be65f340fc7edc377c2ec00f0564192975547f156707d8c864

SHA512
24aaed9a37185e93258c13a6fb12468b15fbd4143f294a32dd33ec5806b2a5f8d97e1d452e5ab299c057bb01addeb4683f60c3627c7925cf8112bc88aa33c5a2

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
854d2bd438086076af6c5026d30a881f

SHA1
b9227944d2bb110e80825fd3d9d23a90d55cfc0d

SHA256
cf8722d3fc753877af9f91faaac89f889fc5025fa008816180b812a4b9db3c01

SHA512
4fc2626dc8eec1ff805f92df6770d675bec2b6bc6993a5f8476953c260c976fdd5458e69d4ef7415f74e7684e1c16977f4156b9b9bc603b4fd0d3e515f53239e

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
f7263b8fa9f5374e12917cd570e75c5c

SHA1
6a3f3e23e120d92ee5c095994bcc5673740bf7ce

SHA256
08d4967a12b4944b06c93fcadf7ee8f843b7951419174a53a5755ea8174073f8

SHA512
c0816fdb0db51f32e775f9d0ece08690cd96d4c000bcc0060c2244da0722c7207352500b9faa7e24307ea5054d085a8d06aff0a0cb2832d5a7a53c7e4540bc3c

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
e5bf33a14d88039b8cfe0405f0762a17

SHA1
05a83e9e0a17f03cb814be5f06ff6d72b39c1306

SHA256
bc104c24ecff0114685b55103601ba4f082bf9ff0d40a239dbf3552545acb7c1

SHA512
ada357cc2650baee5abc5c57021376bc219fedf9b887e1f042d396a4e3d2e293a07935e29b9f9229112fe902eafdb2f20267e58de977d28c6074738e4d0adf3a

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
181KB

MD5
36ce5aab58b947d872402a4b5fd8c881

SHA1
c4e434f2c5ecfe01769f517ec74ac5bfbd1c4742

SHA256
eb3e9e3964c76880517be681afefff3106c22d12d140d37d5d896dfb3081c9dc

SHA512
652ab31f3968c0a66b8a31235393db9807395e3b09fbc8e04f125118c49b42f75b4d9d27fd9cfc89729bb6c0216e03d6cdf591e9941214f90640ff70a3bd2699

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
156B

MD5
ee21565784d67cd204a0997db3cd37ad

SHA1
cf54a1fbd0d9245ce966a0d581f48514f61eb485

SHA256
74fad77dc6778b755c868b4e155553d31139b1b529663933f7e79541429ab39b

SHA512
013421589a6f2aa679d5a759f9a97499afe734bd530b236bb5ff05d5e8c1a4b66dd45db00aef5f05fdbbeec03d832fdce5c949feb351d340c6a0daf4f8f20ed4

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
156B

MD5
366cc53f4a4dcb99a01dcf25a1740605

SHA1
b3868b6a31c8a2c5e392f94ac941697d735b4817

SHA256
2f26162ce6b2b3497d9b3e41f2ae7350fd39572cc150eec70f6a82acddb22407

SHA512
f5394cc3cc7b86208a1b71c81435b22c1d2efc4771c3fca80872b9ef670aa18b1f5c7d8b90931304b8c2833cfd719dbf5d7cd645c311f9882b5f20e680fbc3d9

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
284B

MD5
e4351c9d8bd7dfba49f517066149bdbd

SHA1
57764218f30ccd404449add168db80ad56ffc4a4

SHA256
8d0d100ff0954b4f27e62182fc60b640c8b1f1f7c635b3a7d5700ba198312e90

SHA512
61e518e9b31c36ac118691b8b6f669a75eba977f652d38e6834fc973a28794d6161eabc5670c7ac3d117a025c833b72a8415573505eacd75de0038bc478ee18b

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
172B

MD5
74ad0593adbe059516dc17af84b1f88a

SHA1
9e6472032ebbd023eff7984eeae0723f94c50805

SHA256
5c9167eba0f17839b47f62cbe3c31767e4d4833fb6b079c2b784259f5a09b87a

SHA512
6f52f52dcef2e098cd3fea3a36b82332d94d2346e70817954a88e4625514f1f63f79d0c174e1cfe264e29d8242bc7787c0c8f88642f8bd4b5748a60f35bf76d8

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
d1ee6e53e50042b4772a181fff293e8c

SHA1
c3f07561855457480913fee401005bf52d077c82

SHA256
f28062f12f6767dd31a8b06ac33378bd8f4133949c01e776e7d34ea8dcb1882a

SHA512
c4ab3ba6a326c6a123578ab9bedfe5b237bada6a0a7b97577f7cc95b12359797ba82ea45a2d33804874835e1def2afc259712bc5efc7819696f65230481933c8

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
add621a9874f99813d6551142bf444b7

SHA1
26fc2882689ba153bcb0056872355b7ef160b418

SHA256
7bd7ad7e1d2523799c40ffd6c9afc14874dcd46bc2bc652900480d4a79a4bd2c

SHA512
739c35caaafd3cf1d89ff7bc59a56efe5432fc90f788387d2126ab2e6a7ad3e9b6aa846530ffa4ad307d4273ba9401f5b354c3913f5168cb3d8378c69b90dcb7

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
22KB

MD5
a3bf3700b1ae1b4494eed33f06273e0a

SHA1
941751c1eece177aee1191d271b9a8f0c6ea5173

SHA256
78c96065dd1980e94bf780633a5702378b6d0157a84b91af366ab9c36d0710a7

SHA512
b179e503d72a78affd3d04180882505a5ddf3a861272c96fb8d84936b27080ba2c8e361a0335c258ea45e6cb91469e7ac2806d2f02a3f7d4b2b213d8a53c2390

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
a5af3adacf6477aee700f63beee2d7e3

SHA1
859f7cc4aa401534d677bf43bf83dda6a33e41b2

SHA256
25ec2f181bbc9f105f6dbec8bcf5ff8b9a066b96b0a974476edea14ff624c462

SHA512
1a401db92fe98a7238046de9b8276ce92902030c3951b3b14d67d87fc40e0f586999a9c20478a13b786475f3f3d951a2ab969d9ce25e2bcb58a3039d734a1909

Download Submit
/proc/4482/task/4887/comm

Filesize
12B

MD5
5f46a3a2ef8e6bb2851a71df627ce540

SHA1
d7103355db4290882ab99e4fab1499285b3691f1

SHA256
c452f452b5eaf116803dc2c0309fe69016cbd71978fd7b43a930f0e2dbab9492

SHA512
b09a1e3d57e67823c4178e55a6426c84626dfb224d8629c0ecf4b9b6b92e0a02e749d71a8c5c2ea583cc579a2d7d6045e04c335405bf5d563e50d095270c85ce

Download Submit
/storage/emulated/0/Download/._ruuid_

Filesize
16B

MD5
a09332daf973cef08f98435f5f9ed8b3

SHA1
799dbaddcb9fef396f95335054f985570444ae3d

SHA256
435d0ecf0f26bff666d2c467331d79dc02ca61b1d380c5ae7c56aeefa6382a62

SHA512
d18460507d761d9edcc42534d9404406f42767ff0f4d9a23f6a95e822473fdd04b958ce73e2e7193d605e6456884f776e106e246229af802ac18ad24a3c8896a

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads