47d95c2245124b6e1c9b61b422dde42bf2fed4b089cffd1550fb585650a80d89

Resubmissions

20/11/2024, 04:06

241120-epdngazfrh 8

20/11/2024, 04:02

241120-elzfrsvpgl 8

20/11/2024, 04:00

241120-ek6tfszfld 8

Analysis

max time kernel
1788s
max time network
1867s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20/11/2024, 04:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bigolive-bigotv.apk
Size

107.4MB
MD5

a5a79db3cc35fa9a9d38265c33d9eb2c
SHA1

8cc911f039c7d6c5ab6628d888f74751602f1702
SHA256

47d95c2245124b6e1c9b61b422dde42bf2fed4b089cffd1550fb585650a80d89
SHA512

d0e1a4e1a07e279472acf37dfccb3a6095dfeb91225524c9d6e7da4e68649aa06b73b08f8982cd57824cad68c9b1c9473552612b33e6723594d5f5902f20d1b7
SSDEEP

3145728:dyC8ZWzmj3lr+rZqa3BBGwnk1tQvVvVWREaGQmn22:dyZamR6NqUB9nSe9VWChn22

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 15 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/xbin/su	sg.bigo.live
/data/local/bin/su	sg.bigo.live:service
/system/bin/su	sg.bigo.live:service
/data/local/su	sg.bigo.live:service
/data/local/bin/su	sg.bigo.live
/system/bin/su	sg.bigo.live:service
/data/local/xbin/su	sg.bigo.live:service
/data/local/xbin/su	sg.bigo.live:service
/system/xbin/su	sg.bigo.live:service
/system/xbin/su	sg.bigo.live:service
/data/local/su	sg.bigo.live
/system/bin/su	sg.bigo.live
/data/local/su	sg.bigo.live:service
/data/local/bin/su	sg.bigo.live:service
/data/local/xbin/su	sg.bigo.live

Checks Android system properties for emulator presence. 1 TTPs 7 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.product.model	sg.bigo.live:service
Accessed system property	key: ro.serialno	sg.bigo.live
Accessed system property	key: ro.serialno	sg.bigo.live:service
Accessed system property	key: ro.product.model	sg.bigo.live:service
Accessed system property	key: ro.hardware	sg.bigo.live:service
Accessed system property	key: ro.product.model	sg.bigo.live
Accessed system property	key: ro.hardware	sg.bigo.live

Checks Qemu related system properties. 1 TTPs 6 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.kernel.android.qemud	sg.bigo.live:service
Accessed system property	key: init.svc.qemud	sg.bigo.live:service
Accessed system property	key: init.svc.qemu-props	sg.bigo.live:service
Accessed system property	key: ro.kernel.android.qemud	sg.bigo.live
Accessed system property	key: init.svc.qemud	sg.bigo.live
Accessed system property	key: init.svc.qemu-props	sg.bigo.live

Loads dropped Dex/Jar 1 TTPs 10 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4665	sg.bigo.live
/system_ext/framework/androidx.window.sidecar.jar	4665	sg.bigo.live
/system_ext/framework/androidx.window.sidecar.jar	4770	sg.bigo.live:service
/system_ext/framework/androidx.window.sidecar.jar	4770	sg.bigo.live:service
/data/user/0/sg.bigo.live/[email protected]	4665	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4665	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4665	sg.bigo.live
/data/user/0/sg.bigo.live/[email protected]	4665	sg.bigo.live
/system_ext/framework/androidx.window.sidecar.jar	5673	sg.bigo.live:service
/system_ext/framework/androidx.window.sidecar.jar	5673	sg.bigo.live:service

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sg.bigo.live
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sg.bigo.live:service
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sg.bigo.live:service

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	sg.bigo.live

Queries information about active data network 1 TTPs 3 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sg.bigo.live
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sg.bigo.live:service
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sg.bigo.live:service

Queries the mobile country code (MCC) 1 TTPs 3 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sg.bigo.live:service
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sg.bigo.live
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sg.bigo.live:service

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	sg.bigo.live

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	sg.bigo.live

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 3 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	sg.bigo.live
Framework API call	javax.crypto.Cipher.doFinal	sg.bigo.live:service
Framework API call	javax.crypto.Cipher.doFinal	sg.bigo.live:service

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	sg.bigo.live

sg.bigo.live
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Listens for changes in the sensor environment (might be used to detect emulation)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4665

sg.bigo.live:service
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4770

sg.bigo.live:service
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Uses Crypto APIs (Might try to encrypt user data)
PID:5673

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/sg.bigo.live/cache/AcceptConnect.aac

Filesize
6KB

MD5
1782c2275aed0a2e4c0872d5ce8cd271

SHA1
080862cbba3be945654ca1a33c222df222356e9e

SHA256
f3591d7a6fe4397740bd44704cea5fd844f51adb02af49edaf4f0a41f32aa608

SHA512
181ee624ba6a4c2d0d17e9846cdc7ebd7736f4158ab11d74d8c0607389b99febc6650a9ce3dbd773553a7f79985aaaa65f0c197c177c0aeb8b1d835d7f3fe3aa

Download Submit
/data/data/sg.bigo.live/cache/UserJoinTone.aac

Filesize
6KB

MD5
55ff7ec229d5b3231272f36c16e064f3

SHA1
1cbbfd931ed1a505bf4cf15f385d3b08926be412

SHA256
fa3171d74fc864dcea3aa787ef508a685c398f0442f9aa4fc3057d342134de21

SHA512
8b38a73af751def915d2214cb7c0afbb097f18c4d1350a4fd6d09664c5527dc7565282d3f381f8b1871c3b9b34e950d85771915b83b4556600f1d7e7ce02244b

Download Submit
/data/data/sg.bigo.live/cache/camera_blast_snapshot.aac

Filesize
1KB

MD5
07004f0dbad17c68716030552071fa83

SHA1
a0b2a19cbb94a14c86dd7df1c21f7ef2011f5a9d

SHA256
96fea0dd644eb024b530f0ac632a0ed8d1d415d2cbe5bfb855f20767b0ed6a7b

SHA512
003e0283dced8e02bf68fb38d5e9e6479e0cf73959b9ee62c1086201d30d7e13feda725d97c4dcbbfde9440d8beaf66fc97a5ccfa2583cdb1da469344c7c33a7

Download Submit
/data/data/sg.bigo.live/cache/im_new_msg_forground.aac

Filesize
4KB

MD5
b8faebe353b10c6c8dc993138b6fbbbd

SHA1
ba81e8cbc761c41a809539d55d0a91abe65ab29e

SHA256
dbda775ff9eb0c656b6ee29f7ce4378017f61e1fa2886ed932b8a2b0a2a2f6ec

SHA512
0d6c2c960ac5244d9a0e7f446dccabebcd2808ae6c8dad21b4933c6e86ea33cc75352f61248627fcc45dec8385bbdac102c2512792edef89a3b1b0b54e5970dd

Download Submit
/data/data/sg.bigo.live/cache/ring.silk

Filesize
3KB

MD5
868cba92c003d35e481919850e895166

SHA1
8cbcd49e926195773807b2752b82e8d9b20d9243

SHA256
aa233dcfa41af2a5f3f332a3923dda114a395784654c385a73f28aacd4c0e0f4

SHA512
85ab947ae2cf214907e2be25d4eff83e3ad7f2430cc9da437569a9bf22b41ec9def4cfd2678b6315f117f9a63358c8b955ab7bac755bc24136965dd79d2747fc

Download Submit
/data/data/sg.bigo.live/cache/ringback_msbound.silk

Filesize
5KB

MD5
5471190bb971bf418dfa6ff244e893fa

SHA1
a024443509667d4bca9dad3f4a39bf8a8efb2bb7

SHA256
ba57305f4d828e5e02ac3d00ed366ac1d0fbeedd2a7a0364e4e9d81dc786a815

SHA512
cc641d521a0f6667343b03aa18331cbef31c1c3471f7ce864899b4ea878239915f5a20cf28419e26df2f1990d1910c5e3a61a3c2be643e169150650e47b30679

Download Submit
/data/data/sg.bigo.live/cache/ringend_normal.silk

Filesize
1KB

MD5
c5e0faceabc372648560c1b95cc3b4ce

SHA1
272b617c451fa620dc18274853080a8a41bbec17

SHA256
965963280971bfdb82504cec869a0fb32255ed0030430bfe033f7d64793bdd7c

SHA512
9654a2e8b52c3bc3349eeeff117484717a3630416133872873fd667bc100ca2ce41f7375cfcb84d34d0953350fd14f31b0e45d4bfb6524238a379d976f4f1064

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db

Filesize
20KB

MD5
42b8d41394de52299d5faab24e7b4c94

SHA1
6c6853f507f17cb480eddbefafedbcd8ddff1e8f

SHA256
a8c6c291f2fe863ee267a57b9a927cef3472a119ad723c8698b666896c008da4

SHA512
b3bafa6d0f36f6b51d81f448990a5859f2f5165bce3850aaf57d733d863f2ff00dd72ac1e9048b97d7274951a65ab0de0916f3690cc17e598cfd436106566646

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
512B

MD5
40569d7a7a97a2350b16f2891731cd22

SHA1
f224bba23af19625456ebee33fc44491f9f45484

SHA256
5b71c6bfcfca311cf9711f7f396751685bc7b2f3c3e0cb246cda6a4d7a2f9247

SHA512
21bde04941ff8f66d815f431c8d6b6680f802fd96a7e17b80f7ec3adf03c0d7dda28c4fad4ea644d1c0712f0eced30507fa88c823e00819689646c36b3cf041b

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
8KB

MD5
ccca7d746a2902e23c235cb44e156d85

SHA1
fa9b58e260de844cdd9a0124bd9766476d352093

SHA256
da81654d2a77ba04fdd78ea895b7400121b97da17cd62e881c2c160a2778c51a

SHA512
b8e3ce21f65aa554b9f1066b06bc1aa02eb622fa4ecb8967b7b34448a2083310cc251c76121679db408b1f072227c934423d3d228ce299c0229e9e1bc4bd940d

Download Submit
/data/data/sg.bigo.live/databases/bigo_stats.db-journal

Filesize
8KB

MD5
0d7fb75873f0f8aacd646616c53da6f8

SHA1
248e0f3533e00d553ae75e7fe90598ae60425518

SHA256
5db67c60a61ec6f147d8c79360e4ea0f85382f047a0383000188067a10e74060

SHA512
b55eecaf9faaeaa46dade97f68723d3674d2f04eb98f2847ca729f8bc8b30a5987a7d7a76e64407b5f90c524848b390f461b665234c5ca5e7f3b27e69092b14e

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db

Filesize
132KB

MD5
08a0ca7335c780930c4af3645fbf27e7

SHA1
bf3ab861e9c7950a9ea0d081335442702e1618e7

SHA256
109ac7ba785e32616d987adfd67f420727d2117f0dfc8eed01a514b4ba3cc189

SHA512
d7fed6fef6b98560c28deb8ef54d23935a0a2fd222ad7e5096a26d36c22607a361daffc1c54278fda5d03a1300b2e23ed2658989c112f48ed9f7f05fd6066b1e

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
512B

MD5
0753b825bfe8645268b18b40e9fa413f

SHA1
3198a6b370edf8194ccf2900cea148966f012f98

SHA256
e9fb131feaa71fe8880831c147e0e05a70baede3022316ad578eead156d1cec4

SHA512
35fe374c241cb7a3d07b768e52082c382677005211364504ecc1b8cb927f3c5011677d1aeb1eaa002b38924bc9bde7a13c9e4ae5359b3b2799dba6bbe087131c

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
8KB

MD5
13d446cb4ca3b2cd470a41adfd9b3eb4

SHA1
0fcb2f246763e8647381aff54edff3b848a71415

SHA256
458443d77f01b4c6401a48672efbd3ec015aef4f8842ce6bbcee22dff304e648

SHA512
02ce6ddf157cee4b9352c730c98e3319f2e362d7b5462c4e215101cbac4af050a4da83df939904340709e7054f14d65d871c3d6902e05ba9d2611a3f1e55f5f0

Download Submit
/data/data/sg.bigo.live/databases/bigolive.db-journal

Filesize
8KB

MD5
49aae38c1211cdb1a7ee6c167750e7b0

SHA1
e69d66cfaf2f150fcfa37a8969c3a11bae2a1281

SHA256
12e7f644e5c1d7c606915750cf0ffb3e215f5245bd85859f76080fc1060edae9

SHA512
a76d2a4400a6e524f983117a6a4158c7c9ffca698ff4ee53456c9900ce9fda441d0beb3151b3e8781333eea313ce83c3e2d56d2bb886e2efbef32bc7a00a2260

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
c1a7cc473d03f979f9fdfa3673120a2f

SHA1
5a46260aec82d1fb81e787e5f7cfd37a5a22932c

SHA256
180cb112e42bd6cabe61d260bff77b0fb508f34d3b5bb18b5c6bd17cccb3cce0

SHA512
cd187074434ab72c450465101fd2fe74c0552026b062552619b3fcb6f7722c6b1385cfdfafa608ef056fafb87dfd71dd3bd4a83c24fc794638cce005e6cf9426

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
1KB

MD5
7bb617b50520e49efed756aa4e6b1b41

SHA1
480ba7923171cc4e55ae3e757a14bf4d134e9b2e

SHA256
ea3ce631dab03de465f045e6e5e958ff479f9fca6e325e09649b939d82c854f8

SHA512
0ebf3b87767639bf51664a271f472f8531ca7e13cc332cb73c5a142681c229e16ae6814167137e810d5ad9bdf515b0cab06b75d335d3b0fd0a32e83561a4258e

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8a7b4b2f180d86d15bf9af80e8fe6c10

SHA1
6de3e1b2f61ffdbaf950cadc83de1bc31a03e994

SHA256
3de58bf8d6cc7c420ba5d5ae6dddba35ac707f8a4027bfe07bb8151207fbb60f

SHA512
abe3a8c694d7c77b6e56a999077bc96d43d219ab2e33f17ae56a0453ccaef4ee0e86ddb18b6b22903c1d01c90eafee3e06beabcb0d8acb8c386aa7b083e5c34b

Download Submit
/data/data/sg.bigo.live/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
dedd3087ce77757ad92844c1da292968

SHA1
6be684830dc7c39206b38aff391a6fa405eb2039

SHA256
fd5bc243a8b6f82a7a9756ca42a016aeed06401e741fc4a4d49a2199c75467c8

SHA512
4477e6f45945f733a314c44169cae6a3b231be19eef72796556fa926e043aeb250113f05765b8c99658bcf42b5a5676837910a5bd71232614e313d6e7473457c

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3151ef764fec821566f60b487a8f3e1

SHA1
3897bfe82c4e7264dd4408ca700f34e74a094e01

SHA256
c82ab2a4d84dfeb98c3ca63ce8f4c0186490ccf31c6399b0e7098d96185e6681

SHA512
a96c0f765d66aced73487956400c0679c648df90ed884039b2ae47c4a5b125f3a4a65a10adb848e42d706b2f68523ac7537235dc1247dd1e88242ffa18ec1fa1

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fa950fd828ea4970f8df51898ae5f00f

SHA1
cf1e959ce21a2cc719b2f15dafbddfa7f933f098

SHA256
0e808bd48f85f24a643cefcc8bbbce0879d5e80d8ef0aa9d9eb352a137ddea5c

SHA512
22c7ddec6a6d43f88526689188e6816aa46522dbd3d449c749fb8a60d659ac44ba4a0237f55fe5b436aef3cada2bc7a68b1001f8855ec366183edcb200280a13

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
52fb4c13127297028b15cc38703490f0

SHA1
57c51b0e7b532e669f670c6ab0ce2ff43d2053e5

SHA256
fa560e70b574971f9e5b89ebb5d5f258f4a70bc1d92fff68e0911545b0f877c2

SHA512
a84f270e2eae3f0db5a068275ff28c6649dfb987f0c079f6abc6ce8f511315c7c18cde8215d09e4fa2993c33c9b97897a91349701d281f853040c2ce8db42a1d

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
77bcb98895b692a889c6cff57ae8b4ea

SHA1
0ea330967ed7db3f360e4d88991e079cb070d116

SHA256
3ed533449f4969535cfc6e99b5b6d8f4b8d08551b73c23c2c3373fe66c5ff783

SHA512
52659af128e4341f9292539c8d006c5e2fc2cadf5b20c8f3f7057ec71f117c84d740f0f6c6832dd2ec1993b15b92d19edd0c22f0dc41d0a111530ced1fafef55

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7211e30ed43ff33299f5c460295a9fee

SHA1
ccd7f5618b5f06cc0850aab509b0d77feb149365

SHA256
16b6ac03f59b1edd127a1c7aa88f79586cbbcf4b6f8640a9feb215611b5ad286

SHA512
ec1e4b8cd49221a13c3aa8a5700dd1948af834e6cbf727e36afaed69d7ef5683b67fa3bef9c6c4d9943db695a9f28802b9585292a40cb163851f3eaeb0862081

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4e5e33744d1617717891d0586eb4580e

SHA1
8828a6f92ce9254511284cefbb1b2f3636117b50

SHA256
17946f96661a318714088d9be75fa6bdf773fd4892f1340d59780c10a020f119

SHA512
86cd7fcd7a984b1ef19b5c2a57b59c396fdc8effdfda85ed4ebad868a09244e615ebd45f968d3bb94b5505f99ca16feca4ef0cf3d67b15e9f271441c8b507de6

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7df94563b28b168e32e11aeee8677612

SHA1
4362167fef23291bac476d31a36c4b9ede2dd817

SHA256
323d06700dcabed16a259fd5904409eee3bd6f08765a5f9d16e9113aa346332b

SHA512
bac8910e4d3f840f84e0cff30536beddf08e4c3d39a95ef3b44955f8c1e227914a0599c02d2144923e255b08a03fc6ff8601ed92775bf13258045378dd19801a

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
9c637299b55515586fe58c5c212061f0

SHA1
cce3a9e1860c771f13cd52108aa4f5752be15807

SHA256
853e9ede3d8cb1a8392846dc286cbc65e234f2dc58880769052bbd72f5e68841

SHA512
9fd2cd5070860f0ccc1e629c9535b0778db8ac8f52b948ace319b92ed6edf8638c70956bf2f0d369d361e0ab6691452d0e01f0253a06c4f12f4ba334653da4f7

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
099fcf407c1dbe20cb07c19e52471884

SHA1
4d7ff8d31dc07cfb87f23735ff8f01b75e30abd3

SHA256
6f81aaf262e5f66f9dc05a47573b33b20ba1cef284fa4c4dc6fdfacf31cc3ffd

SHA512
dfaf60254447238ab9b98b230d90165a3a72188ea943f76ce56a41ff3a4c1a6b072c6571b273cd18f8d3f8a34402cac273b732f47dd065b2a015210c43273e77

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
35b52dac832fa914ff631d643ca9b9ea

SHA1
a8f79f8c9f13f62f7a3436a8c085db6ebd28a614

SHA256
b0170a4a79b978fc121bfd70b1b511327f835d2ecee89fa0095b4f08cc5dcedf

SHA512
4ddaa9179c8efc4e101c48ad616ba4e2e54d55c07a174fa62c9434138ba5d220132fcb3978ced9aaa8c4a18d1e528e8aa0c1f01e3a18368a3a84f7d39b10da23

Download Submit
/data/data/sg.bigo.live/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
510e2d1f58c21f90e1082c46ad400d44

SHA1
31d3a9e556f38842ea3626b9b6ed9627a4506fcc

SHA256
35af5a48fb02d9d00c377475331167dc45fa693c475ad593120ce0ca295c2a7a

SHA512
d642390dd84bba9c500c96df42f9501b99c88fda7ae8f04b513504fc9d88a09408aede4620c7c616fd06fe84a4b921b34dcf9ae67760a0ee90b4a2e928d367f2

Download Submit
/data/data/sg.bigo.live/files/.sdNs

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
/data/data/sg.bigo.live/files/AFRequestCache/1732076127075

Filesize
3KB

MD5
a9eb610e0207328182db050270f618f6

SHA1
4f23cc8e3926c8fb130f234481f3fc2402b9b9be

SHA256
e0d6b91d6ec5fd3fcb076c9e2fed7ce906161c46f22c8535983a49bb99892923

SHA512
edea75aeedd726d531bba5f0102d740369851da4e06fcc0eaae131bf157b91b5d319eeb28882e208b90aa81ced8a17bdea647f32632efcd361090002e2bda68f

Download Submit
/data/data/sg.bigo.live/files/AFRequestCache/1732076129542

Filesize
3KB

MD5
e4899f7971626010af39675a20ae5c3f

SHA1
f9a321e1ddd1f861674061012b1f22a684ef377d

SHA256
a4d513fa4183cb59bf1e24fa4d6a46dd73e1848dc65a366e5141b935c06d6054

SHA512
d53e6bb7af7c43e30f835de630d13f87f8705f1c8d70b4d2940ca0b6bf2066129cf6b3983b4dcc13bd75ba0cd0de792eae3facb330f26926eef1d35e0b01cbcb

Download Submit
/data/data/sg.bigo.live/files/DiskCache.V1/5b5a96f9c6a927bd799b138426585663/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/sg.bigo.live/files/PersistedInstallation2058350322983240464tmp

Filesize
561B

MD5
fc3589f058e0d53c761a57302ceb12f7

SHA1
05c82fbc83d917a39e35b5a70512ab4e72b798fd

SHA256
1c815fff022b24770bbf6c57d9de2b88e2929a43b02a143a496027e8b0ea44f6

SHA512
313ab4a170f3cf177b4edcc39b12302d38fa0f3bb2a3571079efbf8c19a313f2ea7d42f0b5af1fb275a93fc7a9b2cb5b554de63de1a30c017839f3a230aa5b3b

Download Submit
/data/data/sg.bigo.live/files/PersistedInstallation2662738450517071720tmp

Filesize
90B

MD5
d95a27b7d6654e9bef93bd424323ec01

SHA1
e3997592386cc0c420a044102957a4339a8c23b5

SHA256
99299352072feb3737fd8efccf095718c619eb89e6ad87968211bac508d1a91c

SHA512
6f0dbdc09e40d801b0032465b9866d0fe7e68aef5921b962af1ea3e8b5a20fc008975c016695be22246fdf3a1bd26b921dfbf274d6017f23e549f23619f058be

Download Submit
/data/data/sg.bigo.live/files/frc_1:322067568803:android:7af3935fc149739e_firebase_defaults.json

Filesize
324B

MD5
67eff0ea4cc6bf4d57a029dd1f48494c

SHA1
cd7bd46da2bda2c26327f04290d9a8c33b3c6c30

SHA256
61402092bd0584b0f55c761af06205c0fa456832e98b116b3c99a4a66dc30175

SHA512
b73af95933e5197994c1c91b00dcd39f70385b80eda16604a7ca56c22c96b7fe0158d461f0d1d4175fdb7033e5c0203daf8163862796667348c0d226c5d851ef

Download Submit
/data/data/sg.bigo.live/files/hdid.bck

Filesize
98B

MD5
c3a5d1b00c11fbd6d60900353cbdb65b

SHA1
fb8cd6284add852febba2adc65768753bcad8803

SHA256
f0fa92bcd6cfe37e47432b90a85d73c7d862491559842e5bdca6cf52cffcfeff

SHA512
18b958d35563ca97ae26644362a8bcffb21145881b7df91d8b92b3b70b0d2e6ae273b9032bb1c877525ed90b999c95d6222514e6f385b799a6d81f9f3c737b0e

Download Submit
/data/data/sg.bigo.live/files/hdid_v2

Filesize
227B

MD5
782f559ad9231f8b97bc25a407a4a756

SHA1
247e41eddb2935b5337d8b75a1d557059ce1cd62

SHA256
e52b3efec7bc85a498fc493931056c0394012e781861bc3cb230844f109554ad

SHA512
0796301fb119520d2d2bc0edefbe59db6d7d27447fadcee63c71018868982c0ccfeda46db5e44212f47fd6e4c903a6516e208cfb0584e8a074c044508d75b31f

Download Submit
/data/data/sg.bigo.live/files/network.dat

Filesize
1KB

MD5
a9ae3c8c4757622d324915de480fb035

SHA1
6c9a1d179a4134ba32d2d7cfa4d17063d21ea2be

SHA256
4784ce6309519f1622a53d6a7a03fc90bc8d10d2bf66fdb560505c82604e852f

SHA512
c1d487e870c83437e776d48b7e63bfd6da06d69801db8aa1b8b1bf0f65259e393bda66adae5311c6458b5a32359ab65b6b6c18b6bbac0153e36e47ff6e901f72

Download Submit
/data/data/sg.bigo.live/files/yysdk_config

Filesize
856B

MD5
253110061837887c3171778bf9d5a6f0

SHA1
e1758ddd9559f12b83fe785f756f0e46855ab6e7

SHA256
0b7d12b8b440e0be65f340fc7edc377c2ec00f0564192975547f156707d8c864

SHA512
24aaed9a37185e93258c13a6fb12468b15fbd4143f294a32dd33ec5806b2a5f8d97e1d452e5ab299c057bb01addeb4683f60c3627c7925cf8112bc88aa33c5a2

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-journal

Filesize
512KB

MD5
59071590099d21dd439896592338bf95

SHA1
6a521e1d2a632c26e53b83d2cc4b0edecfc1e68c

SHA256
07854d2fef297a06ba81685e660c332de36d5d18d546927d30daad6d7fda1541

SHA512
eedb6cadbceb2c991fc6f68dccb80463b3f660c5358acd7d705398ae2e3df2b4327f0f6c6746486848bd2992b379776483a98063ae96edb45877bb0314874668

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
c17970871798083be1c2547766dd0b91

SHA1
437df286fd8f0df50d9f4f7568ac7d96922cd7c8

SHA256
7cfb46863b10040ea936ca0650c6701407baf5d321fa380122d5efb8ff8fe1cc

SHA512
88535495c4763dc0ac22dd9e87f4cab378455b5741449d9acefb75c4fa704db0ed159e558850e9951285244912eeeaf36606b5c0fe06e52a861e12a578d71f7a

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
3f4ca1f8bdfddc2c406efe85c62fc120

SHA1
034baeda5d3f45b5600ede2c1563406843d2fafd

SHA256
da806c3761166526a567a8b213e852b34746a0ce3d5a4c4919f8a2ce5c91e4d8

SHA512
59ae035d94d55d77e292caff380d5b65d41e04d6635e91d5af824e385daf19bd85764484ea157fc9f49d7cb6b4caf64f2d00d86b3b9d54a9beb4b662ec5372eb

Download Submit
/data/data/sg.bigo.live/no_backup/androidx.work.workdb-wal

Filesize
181KB

MD5
0b6e43a2689fe5b0cc147409caf080ca

SHA1
9f504cdf756f8a5cad3d9fcc6c6cdd137e0a091e

SHA256
f6c6988bb7421a7b135720550f1b0e053fd661f7558c6d0c2665cd6cb423f718

SHA512
c87eb3bdf41826671c048e31cc25a4c6efdfa6e9de65373fed797af8bf1e9a93f55cadd665247251fe31fcb97bb2c571fe29d6aad991a663803b599a8f343c0b

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
3KB

MD5
77a77fc1dd69e2b74d5de8a609a26f79

SHA1
0f8e9e08c9bbe37aa6a4a42245bddb0e9a37425c

SHA256
9058c7e65c756c3bf166447dd48b4fdd9a5caa081cbb52378eadf395dfe11833

SHA512
572347f2b3c560314168e5d7db0d085fde484534d5814db4aa54e5d9aad75a24163f8e6175d83bb03b5cbd0e0a332212ec55bd5454da8c37f719cda9e4fbef1e

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
3KB

MD5
2f85dbc42e009cc59b1d71a8e0195fa5

SHA1
940dd4de22615ca731bd427a2cc2c25500b17120

SHA256
d555a4cb26307a835c85bcdaf23cb694ae9d76f63e9535fd1396918589ab3f1a

SHA512
933a40a58d55aeb48fcf4c026d47e25ec1c48075d5aac8d301c8807da5f57dcd9bc50dcc8669cbc1be915a16a86bb446989578457bcee6730d46ba7dbc6a8635

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
3KB

MD5
b6a7fcba58e2beac9e3da8d91dfcd4b4

SHA1
83d23049ca395e9280a669140b537e9275940450

SHA256
163e10df30e9cef038d3ff2972c3b546494fa085f580b5e059a24c355c9e971d

SHA512
0b92b983564de926629620c73c25da548973a1c7eacfd77e3bddfb7636fe0220f7c9f6f34ff7234cc68ffea5acb08b0b3bcfd16e0b045208b3eb6740d0a75f45

Download Submit
/data/data/sg.bigo.live/oat/x86_64/[email protected]

Filesize
3KB

MD5
c23339ad87cff234c0f95ff35bcffb65

SHA1
8ba79698391e9aea360b509e57ff82562d0014ea

SHA256
56035b693096f9d541db19c2e2902507fbe4c4f89ce8784a08251951189a002d

SHA512
4b0f04ba9f9b42e5e58761ab0676c7abae4eaedaa76885d9170dfbcf09137711d81e6bcefb281c9fdd535cecf9c160ce29ff949f456dce94dafc55c769149e6a

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
d1ee6e53e50042b4772a181fff293e8c

SHA1
c3f07561855457480913fee401005bf52d077c82

SHA256
f28062f12f6767dd31a8b06ac33378bd8f4133949c01e776e7d34ea8dcb1882a

SHA512
c4ab3ba6a326c6a123578ab9bedfe5b237bada6a0a7b97577f7cc95b12359797ba82ea45a2d33804874835e1def2afc259712bc5efc7819696f65230481933c8

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
add621a9874f99813d6551142bf444b7

SHA1
26fc2882689ba153bcb0056872355b7ef160b418

SHA256
7bd7ad7e1d2523799c40ffd6c9afc14874dcd46bc2bc652900480d4a79a4bd2c

SHA512
739c35caaafd3cf1d89ff7bc59a56efe5432fc90f788387d2126ab2e6a7ad3e9b6aa846530ffa4ad307d4273ba9401f5b354c3913f5168cb3d8378c69b90dcb7

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
22KB

MD5
a3bf3700b1ae1b4494eed33f06273e0a

SHA1
941751c1eece177aee1191d271b9a8f0c6ea5173

SHA256
78c96065dd1980e94bf780633a5702378b6d0157a84b91af366ab9c36d0710a7

SHA512
b179e503d72a78affd3d04180882505a5ddf3a861272c96fb8d84936b27080ba2c8e361a0335c258ea45e6cb91469e7ac2806d2f02a3f7d4b2b213d8a53c2390

Download Submit
/data/user/0/sg.bigo.live/[email protected]

Filesize
11KB

MD5
a5af3adacf6477aee700f63beee2d7e3

SHA1
859f7cc4aa401534d677bf43bf83dda6a33e41b2

SHA256
25ec2f181bbc9f105f6dbec8bcf5ff8b9a066b96b0a974476edea14ff624c462

SHA512
1a401db92fe98a7238046de9b8276ce92902030c3951b3b14d67d87fc40e0f586999a9c20478a13b786475f3f3d951a2ab969d9ce25e2bcb58a3039d734a1909

Download Submit
/proc/4665/task/5001/comm

Filesize
12B

MD5
5f46a3a2ef8e6bb2851a71df627ce540

SHA1
d7103355db4290882ab99e4fab1499285b3691f1

SHA256
c452f452b5eaf116803dc2c0309fe69016cbd71978fd7b43a930f0e2dbab9492

SHA512
b09a1e3d57e67823c4178e55a6426c84626dfb224d8629c0ecf4b9b6b92e0a02e749d71a8c5c2ea583cc579a2d7d6045e04c335405bf5d563e50d095270c85ce

Download Submit
/storage/emulated/0/Download/._ruuid_

Filesize
16B

MD5
1d94da8be385c6b6ccc08401dd0b112a

SHA1
d77c758796afbe0413b7331709a7d88ae82304cf

SHA256
0563bea868f04caae5857ef97fa349109b58b4f60df3e5664824bfa0599b27c3

SHA512
a667c0e934260ebde4cb485acd96e300382d03283028b5b5aa7af4de21160ef86854a3c81926b18c32a7de6ef383aa07768fe2c85ea41eb86e41c9d6dc875f82

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit
anon_inode:[eventfd]

Filesize
8B

MD5
33cdeccccebe80329f1fdbee7f5874cb

SHA1
3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe

SHA256
7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8

SHA512
991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20

Download Submit
socket:[72058]

Filesize
113B

MD5
9cf6b5f77cefbb05e23aeea370965455

SHA1
56bc380466e3ab3315372138be185d4bf4c4bb20

SHA256
72beff0df1492b2db74dec72c6931d7d74bd7e7f4f929502d6ecd7d6dc1261a4

SHA512
c621eb4a927a80518e99605c523958c04f6092b8970efc89816db0e067ed3fe450597443562c990fc88854d5522cc67f762183b4be8f3b6202a2176efffec6e3

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads