8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67

Analysis

max time kernel
149s
max time network
150s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
02/03/2025, 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67.apk
Size

3.5MB
MD5

d427e2c5e2802cdbc7cbd4cb65f890b0
SHA1

3ce2d6093dbd45d239b68c267b815c9791759a3b
SHA256

8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67
SHA512

276ac493cc4028050ed2d87cee9d18fa1efa7cace9cf69ee8d4bea6bd968fc554d3c1a24c92c8cf34c89fe24584e4efa85ec59e5ab59221a0ed60e372ca99f22
SSDEEP

98304:oQSyZo4DpCHrRdzxJV9uUj8Tr0nkeF22axCHpBUpF5sr8Tgkbn:oQzhIrRdVBuokqRHCnTdbn

Score

8^/10

banker collection credential_access defense_evasion discovery impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/system/bin/failsafe/su	ru.lndgnitk.xzryxvwih
/system/xbin/su	ru.lndgnitk.xzryxvwih
/system/bin/su	ru.lndgnitk.xzryxvwih
/data/local/su	ru.lndgnitk.xzryxvwih
/data/local/xbin/su	ru.lndgnitk.xzryxvwih
/sbin/su	ru.lndgnitk.xzryxvwih
/system/sd/xbin/su	ru.lndgnitk.xzryxvwih
/data/local/bin/su	ru.lndgnitk.xzryxvwih

Checks Android system properties for emulator presence. 1 TTPs 2 IoCs

defense_evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.bootmode	ru.lndgnitk.xzryxvwih
Accessed system property	key: ro.product.device	ru.lndgnitk.xzryxvwih

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

defense_evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	ru.lndgnitk.xzryxvwih
/dev/qemu_pipe	ru.lndgnitk.xzryxvwih

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	ru.lndgnitk.xzryxvwih

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ru.lndgnitk.xzryxvwih

Legitimate hosting services abused for malware hosting/C2 1 TTPs 20 IoCs

Web Service

T1102

flow	ioc
29	sites.google.com
40	sites.google.com
47	sites.google.com
50	sites.google.com
28	sites.google.com
30	sites.google.com
38	sites.google.com
39	sites.google.com
46	sites.google.com
88	sites.google.com
25	sites.google.com
34	sites.google.com
35	sites.google.com
37	sites.google.com
48	sites.google.com
49	sites.google.com
24	sites.google.com
26	sites.google.com
27	sites.google.com
36	sites.google.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ru.lndgnitk.xzryxvwih

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ru.lndgnitk.xzryxvwih

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	ru.lndgnitk.xzryxvwih

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	ru.lndgnitk.xzryxvwih

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	ru.lndgnitk.xzryxvwih

ru.lndgnitk.xzryxvwih
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks known Qemu pipes.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests cell location
- Checks CPU information
- Checks memory information
PID:4774

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB

Filesize
644KB

MD5
fd801eecb1a365e59e6d5394ec640cc5

SHA1
ad2c4b9e55e35d1b659221dbe1de0c0aaaa5b9ff

SHA256
c67f7e6c3f2efe9f31563f0a9cb0e428820554dae6ad2ba0aee2c9b36a932e25

SHA512
b84b49a87f0ee8eb80c6c3818f22dd6df318b92e28dc031b525af8a17fdd83fcac87df302f5fa71a649f0df95b0f88377b5afa8c9c36095bcb81d9816b2e1728

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
512B

MD5
2ed05d0860540036abb2fdb192590081

SHA1
754d56eefbdc7bddff29591893c47239e1693558

SHA256
03275314345765891809d501950be090ad6047ee925f7be76a870026c39a777d

SHA512
840878e73e5c16d6046f1fa047a6249c610c5f763617d973e72464f2a89a61ec342adf0a524e38059a4c755e65ae850e273d7f212dfd32a5aafc5531d438f16a

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
8KB

MD5
ed052faf9656caa3ec5e057d3ec74a8a

SHA1
d9e0af27c06218dd569fc10f1afd44cbc4a260b0

SHA256
1bbcaf89243b2abae82bb9fb2b90e8c7c575615b07252987b2d81987d3a0f76c

SHA512
6a029a0ae5bae347d8047209bcad793494bcf8960ebf9bd8029452232636823f079975c297674db08365292713740c47f140ad474ecd5a80200feb85778fd9cc

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
8KB

MD5
41a7de443a7d258a5bc1f9c9637e39ce

SHA1
64cb67c9187a725a71d46c4134199caa4f0af164

SHA256
695729c527d2636c68c3d2b2584ea4b6631344d838169e163a6af534bf30d73f

SHA512
a7df723958328a3f6523367773db1ae9c6aa058a0652208f103c5c8592293d9253f96452f72454f4f0367234bc5bf5a7d0c8b34e1719d55c6d5d143747cdc7a5

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
12KB

MD5
bafe59455772ea7e12af39c2ec17d0bb

SHA1
1609b187695bfb3e0b5c157cc17143a589aea2a3

SHA256
76ce864c42c4508faefa59eef94418227ea67953117fd3ce7a98260152412fc1

SHA512
2654998bbd0564bc7cdc17765655ba4f19380b28c7b1b11b21be030a855c7d8838d110cc7e99e2b064e7f6f1fb681df9a47bf20b753c6a5a860cdecbd1c32944

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
16KB

MD5
f6599c84024d0854682bccd3172613e7

SHA1
90cced780f16023b98e915325a2d59ed29703cb2

SHA256
fc3ded048cc0c66bdb81e2b6ecc7c20c5be3e59ad657ef3d528894ceb958de32

SHA512
d728bf4307cffb625c880b4cf3eab2d76ddd1ecea16d90b69962ce6f506de632057c58851147fdcd7838c18ae8aca8879cea1a240e44996c89a7d22c1c42d319

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/databases/PackagesDB-journal

Filesize
28KB

MD5
839e1220426457f884147a7507d6951a

SHA1
fbd9e03db0f4aea477c79e4ece0dfe80b28fe474

SHA256
4fbfef17ce85c2c395f875ccf75d9136d15dbc88d8b636c0dc548b31a37a9a6c

SHA512
f3e2edae100b054d50c828dea709348db522eaa2fde08bd7c2354da7c9030fe49a459c5a190bb899b51909f7af6bea6c4ce9b882d73efa4a5721020883cf4593

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappAdInfoMetadata

Filesize
1KB

MD5
7a18df8ed086f472503551fa19ac077e

SHA1
ed6dd8bb94602d9a215434235e71e34d371c5a24

SHA256
c1db1f96f967ac9b0df473c2012b47b6f5ab68b980a69cd4744da89a2a3e3e11

SHA512
ddc889a51b383b7c721a0585ce7bef4d994748dde5ebb8caf0c32c74097a3430a1f117d18df81d7975f047148de56deb2bfc99859ea4bad663edbf541c1fda31

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappAdsMetadata

Filesize
2KB

MD5
128503719bfdef6b09d4c8feb1a096d4

SHA1
8ca4eba243150f61a8660ed41c42510e16f36cb1

SHA256
db1874b1c410bf8b36c2715ddd5b274e67146a1b75c6393be20abb9dafd6c20b

SHA512
038e1cc07930281bbc2e6395baf41f9d463530496933a0f26bc1a37de4f3a1d75536ee1425a6f1580f8f32cda1e2e2fa4db754288d09351d81af5aafaa4aed61

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappBannerMetadata

Filesize
719B

MD5
64837ec60a5def703db0471648bdabff

SHA1
f1eb4a00833351d6dd8040d9658faca109c0859f

SHA256
04e4c66980a46478b18296ce2620239907d7406143d003fd7ba7bb6382440ae3

SHA512
e856f892b0a8b4c645fb87d841e4faba64e2398589dbf25ee36f20e7df7a63e2e9464276232a625be4063659c924a005d8598fe03aa967c9d2a8d97b4ab68f34

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappCacheMetadata

Filesize
785B

MD5
e9a968e4938a9bb9632799e2f10bbbbb

SHA1
8c9e1e04c6784d0f9d182081e6329897c957d166

SHA256
8afd711f027fad53c5c96bc0d79574983b6d661af90aebaddf0f1dd858d03f2d

SHA512
cf76a0a9051cade548200101d5e0837b1d1eacc441fed901641e7e9fa87ffa3304a98ba674c8d20ea30ff682076f45b60cdbf260e3dd2770b8f19ff2d393f133

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappMetadata

Filesize
7KB

MD5
93de4edbe7676b1db720864e76c3c3e5

SHA1
c8ddfbcee29b6ab9fc692679d4d9e5682951c19c

SHA256
51fb6df50cf02350817f8990c829d1618d982603721711e35db301d2b686008e

SHA512
0c2c4443995be4aaf1b152edc5456bb99afa9a98e3fc96941babeadc5158b81d725a196840a9a05cf96828f71e61cc9763d9a02d532e776031f0b72fc7b78e4a

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/StartappSplashMetadata

Filesize
1KB

MD5
1200056a2d30bc9b22d78362e97725f1

SHA1
4820df622deda54876e8cf73e4d591aa90b66d32

SHA256
79d74e0e33e72aa65db8ae839767afb146d47eeb315aa331811486cbd476d325

SHA512
093409af0d3089eeb62f1649edab50bbf9adba5b84ef17fadb6afcb08a089bb13f5b6c3c04245c9563cc849fb98a3aa084e91b4e4c2ac862712a8826ef60076b

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/UnityAdsStorage-private-data.json

Filesize
41B

MD5
16d3e6eac0e79222a9b368edac765b34

SHA1
48d5e621fcdd84108f5750d6905180b622715b11

SHA256
3a518b70256a689906d6740062462e3124aad6e55c5aa47339a87a56e4933ee7

SHA512
d0aaacf86100135241426e2a0e9ba44414aa456cd708124e2f9c3a8037e008870cbcb506d316e4fe7cfe1d6dc3073393989a6f3c29f7cfabd6b0f65057afe747

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/UnityAdsStorage-private-data.json

Filesize
627B

MD5
7e85998041ffb763ff37625cbb19dfaa

SHA1
a871c38351a9bb370092fd93efeac4a3fa70f06b

SHA256
7461fb9c566da1b63d645069c6bd959ee5caca8f8666301ea7a712e8b719dcf4

SHA512
19bdab9b9b225564ae590be8945dc3e91966edc2fa594696f0b3e61093909672d90e9df92f56063fa820a446a723c2b0d9ecef57e888f838fc7afb0f06076077

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/UnityAdsStorage-public-data.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/adc3/026ae9c9824b3e483fa6c71fa88f57ae27816141

Filesize
41B

MD5
be948aecc38887832616d20c3b40085c

SHA1
8efbcf98d000ac2a914842b26d3b9394b828a3cc

SHA256
28d865d25ec483005cbfdcb954f2b5e441b5a3caeb073a99a1dfdba5cf0ca350

SHA512
348dedccfd3b3775eb62333a56cd675329f40e2f918f2cf3f169ac0d05fdd47979532b1009aa690fd0f7e498118aa1c805e021c26ffd50ee0f4f258abdf7ec62

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/adc3/AppInfo

Filesize
68B

MD5
429059fdba597db89e491d6bc8d92b45

SHA1
2500f7f118b7d4c29521eab5030ef652d21c3630

SHA256
a9ecdd5568d8ab46101cec0af5a5e2d14a0d44859e442ff55e241383e293f557

SHA512
f9ffc61326c7acf79ca5c6e3405126ed2035cd422841392c8f4e485313095e13ef0220c275a756481dfb8542e75ad14e66311d6d039dc2aa51d799cd63de97c1

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/adc3/AppVersion

Filesize
26B

MD5
f6622a4e56705d6ebaa7dc117f46d1a6

SHA1
7b090c450ef54aeb0b1fc331a04b687a647e2236

SHA256
5ae16039901f977d80e13873bce4efa1b86cde7658c4a0943f74ab5f8845bba7

SHA512
769667c83ffe0b0d97918d9578cede4d8346a4964d85803ba85237a8f96dfa84e68c23f5cf1525dacf72608870858ccf04a4a264f9a3f38b5023837f74e28e72

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/back_.png

Filesize
1KB

MD5
ebc06fd3d86c27a426932a83325eeffb

SHA1
461c990e677114de3baba2a33f0a60c0a10bb9d2

SHA256
ada010f03b82133ccddb4ac69a7c81a1d507121ef1d276c7c191bb55401c2230

SHA512
3b3c682dc3876f7c813bff1a38e53e0c20f6c776eeb8362a8a750b81d0a3132a207b01740a493c61a03261748399e020aec5fcb7354c723e4f5703efe5418b2b

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/back_dark.png

Filesize
1KB

MD5
355eb0af21063fefca005d93d6afa9c9

SHA1
f854e3d2f0c0470a54e55f31017f9c499bd3671d

SHA256
b50339f939827a8e5a918ee4ed1d8213e27f6d546a98313f90449b27a1ebc00d

SHA512
ffff59e303636383dccc1282dea4c13b8c46d9aea1d646d745f7d26607cfabc25aea8001af873942749129291abef5dc5a858e7360cbfc145f870b80689b34e9

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/browser_icon_dark.png

Filesize
1KB

MD5
cac9a26c27728066be7a285defc0df6c

SHA1
9931d42eea7663aaec4eb901bcf279b246c19e34

SHA256
9347cbd8e6e2af4d09759e55b7595474648619da07992d6485b9756ab4d8170d

SHA512
11a3abfc4558e6c887f1f809a3837ffe6f4c1702407db945319acacaa5e677f6b117c07ca676cda6438639a1ebc447a2993e0ff31be8ef797bd219700f508ba5

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/close_button.png

Filesize
2KB

MD5
2d858e8af5d9426fe061df5c82ffa6ff

SHA1
bc1b2eab876aa221b6449d11e482de24b777d58f

SHA256
73d875bdb982c50c666e30ba2b8ae2dceecc63cd0d5f8a35158edfe5f3303835

SHA512
aabaa75856cfc07bf65f3f2dae118e357cba83a45f0a900aa625f576de47c2753b0a00fb1913e45c1d743acc0f6e0100a4a6a326f402b0f4664ba181ad670c0c

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/empty_star.png

Filesize
895B

MD5
76ce13c6312eb334fd351e3b5cff4bf4

SHA1
203bd863b812c071ab3ae25bf4ab2f9c4d42942b

SHA256
f0a8e8d6b8bcb84e466f921dfb20a91fdd4e4b1777d9b0be6ad4d03d4a253af8

SHA512
d06ba34786090e3b027670a17910d2e35f48eb7bc639e6da1d08214534215797dadd1a56be44422b176801e5d1a1345cd2bf29e73acb6a49bc9a2f7670710783

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/filled_star.png

Filesize
753B

MD5
317f802aacfab6282b8f74f280e841c1

SHA1
3b746a76f6322e97fd6c09a43d03ac14631d93e1

SHA256
f37f9a17c20ca3068f4f9db08c262c62b7b86544532f612a78421bdee92f4196

SHA512
a714f902ede615507cef840dcc03a5eca183c21c82cc419a924587f38b6974f5aa45fcfcc2bac4d6cf82b81d1b6ad452540e0581751bfcad72e524c83757a301

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/forward_.png

Filesize
1KB

MD5
9ee047a6801bec9459a9dd5ec7068078

SHA1
1aaaffc208e2d86e53fc031e8413169850e65746

SHA256
9f63f6c9ed9d33f235c30508df34c3358b55cac8bfb4967fc3e15afc61a6fd12

SHA512
8245818df5ffe06c8f369c8d77479f9f2163d10dac36b0e37c834018b713dc8b063ec1de1862fe16a8c1a769b496652be880ddd48d6fcd24ad766a395bc3ff24

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/forward_dark.png

Filesize
1KB

MD5
12bfe20382337a84c0fc004a52b9ba9b

SHA1
ead15f7ef372c16f78060b8f8c5fc6e0ca6a96f9

SHA256
621fbcd864a7dceacffddb00a682148042732aeb675e22cd42b1a0937c6717a5

SHA512
7a346febc49154dd348be77f88c6e7ed5c7a531c2fed981f12c40e22a19e4e1a5c51fa766b3122898d97f05e1546a6f2a29b598b0ff441cc7de5e3c505aa33c4

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/half_star.png

Filesize
895B

MD5
a40e6a567b7aef329bda0ac200f7a23d

SHA1
2fa463649c7ba586b28670675a15e0d7a630c7e0

SHA256
ee0933e12dd4e302b1e18572d22f48861e8125e5d0201603e024d18ef5e38556

SHA512
5e77ca21445a09aa903ca08c10c1bcaf769d8273368b7981aacf1bbab08cefb7a521687e78d280828f46b625c99fde02050f5c914dd4d07fd742723f7713ee4f

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/logo.png

Filesize
2KB

MD5
45c24a8686a0978086c99f7039accc17

SHA1
c63ae2601322045390c7a4f230602b74ae18d2d8

SHA256
bc9c4aa36a0dd7efe16a8b3bca9172d970fd13d70d3e718aad17a78269079912

SHA512
d5861c64b9dc9139904c3bfc7da26fa6f3d9676a5b4203ad617c661d54d3716508fb02f282f5c204bf9d6a0c7162bbb565a44f2ceb96d825177065818b797727

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/pinapp.apk

Filesize
93KB

MD5
ba57f9fe62bbcf10348091b7d08ce123

SHA1
0fba82354a775094f68fb49bd8530f97f6db97cf

SHA256
1df6c43a03bf45cb91c83eb81d123877eb4f663b0693daf4ba590df900a01160

SHA512
d030cb078a399eb104e5780426e14efeaeeaff93c4710186d1622b64a5ec547e20e318f72ac3c6adc3baa4680a955a3e43fa5964dd87a0684b21902672854e69

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
65026ee778e1372d9f4aed742772e893

SHA1
5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc

SHA256
15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c

SHA512
589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

Download Submit
/data/user/0/ru.lndgnitk.xzryxvwih/files/x_dark.png

Filesize
676B

MD5
1b759349f0bf3e55c51e2a2c2802b3cf

SHA1
5a608a093fa5f513d1ba52e8a9e01f693c47da98

SHA256
59d83bb6ebc5394c048273ea9e1516a2bc7a6f80212d53f81ee44cb1f9b65443

SHA512
3b39d22d0f8368dac2e36884b0316c5aba24180f51cb3a993fdefcdcfd5a36823d6c02c75863cd5a3bc0808223dcadf9934d548c433332bb9528f0eb8cecc0a6

Download Submit
/storage/emulated/0/Android/data/ru.lndgnitk.xzryxvwih/cache/UnityAdsCache/UnityAdsTest.txt (deleted)

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/ru.lndgnitk.xzryxvwih/cache/UnityAdsCache/UnityAdsWebApp.html (deleted)

Filesize
2.1MB

MD5
1d98ec7afc7814155cd8a38861dda0eb

SHA1
58fa132c1e2714045327bfcdf4f0acfea122f5dd

SHA256
842d0d25dde928263580f99d3e4dfa6640d8a245f15e2a4b1d5cf6d3923d7617

SHA512
25707be6cbecd1e75858b9c4d9e953ba82ed9e060ee0165c2050ab171bb3e8c0c40fd9871199c1eaf4712f81bf1da5b0c81733e9384280f943cc39e697d7d179

Download Submit
/storage/emulated/0/Android/data/ru.lndgnitk.xzryxvwih/files/LuckyPatcher/AdsBlockList.txt (deleted)

Filesize
1KB

MD5
634ab5e3e49b830079f88825c88d7f80

SHA1
cabe4068d07d52c60f5b9f840fd887051748a3aa

SHA256
2824000ad496be920c29d0a78589c72935288b40ce44b44c5fae672fbfe87fe4

SHA512
ffc893fcad8d81f6ca272cf03737ab466eafd135599e6f6f20285d7f4c3454bedde4de5929dbb1be5010192747f5f11d86166509f24bfbf778f949762e47ef72

Download Submit
/storage/emulated/0/Android/data/ru.lndgnitk.xzryxvwih/files/LuckyPatcher/AdsBlockList_user_edit.txt (deleted)

Filesize
29B

MD5
302f7b6d9a4ffeccdda9ef94184c8326

SHA1
d4038ca0629f57b7e5c4056e74a395e5598aa16a

SHA256
5b36134b695f0a9a32f570b08cc3ef74e0687a0d2aa228853bc0346f77bffebe

SHA512
299fda4936acf6479e22f9166d545976d5d99ba6fe7a5b7298cb336cf730eb7790524e4569fe64bc03c598c7e4117f163ddffc2e2889439f709c4d80ff665039

Download Submit
/storage/emulated/0/Android/data/ru.lndgnitk.xzryxvwih/files/LuckyPatcher/Changes/changelog.txt

Filesize
43KB

MD5
0ba9b0ae69798c31351d13dcc61f3e9b

SHA1
4983fa3bdcc6a7ffa569c308ef716f5ccc4dc3d1

SHA256
3b9794396fd8cecc97783331801150564fe473db291e4fad0ea5853da7984d76

SHA512
719b2607a052a5c8260c4bbc30b3d97540d4c15ca0437be0d058e7e8bd4b54d41a97c6f8f1c26ac63e5646efe88662f3a11e306fb9a00f74eac891cbdbdcbb54

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads