Malware Analysis Report

2024-10-18 22:58

Sample ID 221124-mydzlahc97
Target Mask Photo Editor_6.6.3.apk
SHA256 7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02
Tags
joker evasion infostealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02

Threat Level: Known bad

The file Mask Photo Editor_6.6.3.apk was found to be: Known bad.

Malicious Activity Summary

joker evasion infostealer trojan

joker

Checks Android system properties for emulator presence.

Requests dangerous framework permissions

Loads dropped Dex/Jar

Reads information about phone network operator.

Removes a system notification.

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-11-24 10:52

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-11-24 10:52

Reported

2022-11-24 10:53

Platform

android-x64-20220823-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
N/A 1.1.1.1:53 g.tenor.com udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-11-24 10:52

Reported

2022-11-24 10:55

Platform

android-x64-arm64-20220823-en

Max time kernel

2840017s

Max time network

166s

Command Line

com.mask.photo.camera.editor

Signatures

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar N/A N/A

Processes

com.mask.photo.camera.editor

Network

Country Destination Domain Proto
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 142.250.179.142:443 android.apis.google.com tcp
N/A 142.250.179.142:443 android.apis.google.com tcp
N/A 142.250.179.170:80 play.googleapis.com tcp
N/A 224.0.0.251:5353 udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 142.250.179.142:443 android.apis.google.com tcp
N/A 1.1.1.1:53 growth-pa.googleapis.com udp
N/A 142.251.36.10:443 growth-pa.googleapis.com tcp
N/A 1.1.1.1:53 lh3-dz.googleusercontent.com udp
N/A 216.58.208.97:443 lh3-dz.googleusercontent.com tcp
N/A 1.1.1.1:53 lh3.googleusercontent.com udp
N/A 142.250.179.161:443 lh3.googleusercontent.com tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp
N/A 142.250.179.170:443 infinitedata-pa.googleapis.com tcp
N/A 1.1.1.1:53 ssl.google-analytics.com udp
N/A 216.58.214.8:443 ssl.google-analytics.com tcp
N/A 1.1.1.1:53 vjnghjg.homec.live udp
N/A 43.154.2.131:443 vjnghjg.homec.live tcp
N/A 1.1.1.1:53 careof.oss-ap-northeast-2.aliyuncs.com udp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 142.250.179.130:443 googleads.g.doubleclick.net tcp
N/A 1.1.1.1:53 letapps.com udp
N/A 194.59.164.122:80 letapps.com tcp
N/A 194.59.164.122:80 letapps.com tcp
N/A 194.59.164.122:80 letapps.com tcp

Files

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-journal

MD5 b9ad36d4bc195487aa00041853fd612b
SHA1 a3c8cbf2f41b148586b4aa5bc73d1dbc56995410
SHA256 c2d62dab6d9fac3afda329b9824bf7aadf9edf7626747097edcc89efb42c6511
SHA512 25d18e384cfd9faf3b9b09173441962cdcdd9999f98776bc5a3e3ef9dff2801475f8dfe652bf57a950764b4da737d31d4c264f472490e97451f7df7e1d49e97b

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-wal

MD5 c0e663b48e578bb367a5204931aa5ddd
SHA1 a8081aa42b03b617756f9e054945dc8dabf322f8
SHA256 5977154f2cd0c9b04438fa7a47eb255b1b7a9c8e82f9710e749b8ec66a152407
SHA512 774057a0faa4d1a65739f8811cbea52cbdb13914f3f475ec59e61e8e0dcd5eca27634d23ce1540ab3ea14fd62d408d6803c57ec57daed0e08f1f51c3c46d2566

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/com.mask.photo.camera.editor/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/data/user/0/com.mask.photo.camera.editor/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/webview_data.lock

MD5 053be5b2b7a0359cc491df3af2a0d8c9
SHA1 25cf256866931c56b4653469efd2a1de52e5b06c
SHA256 ada899e42f23511e46fb64e7bc09564417abafb984f177617ae2a9b89d7042d2
SHA512 82c6a18d0b16bb1e45309b6fd5de1da6db381c755909d25034fff0f443dbe8e75e0fb0d5c2ee181b0c087dd344b5524c23bd84249c47e53dfdba3c93b96b3b27

/data/user/0/com.mask.photo.camera.editor/shared_prefs/WebViewChromiumPrefs.xml

MD5 97ccd9a2b2063143df56b6937f961ca4
SHA1 5e78a91ae5df289ce83443cb7d5589dd3504fb5d
SHA256 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd
SHA512 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Web Data

MD5 a48cd9324b1f8754b07f00d863b840f3
SHA1 11c6614775b35a58f440971dfc87c8aaac6d6173
SHA256 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420
SHA512 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Web Data-journal

MD5 9e5db9d1e7ed9c02af14caa5fb532c6d
SHA1 e6db8a115002bce16c0e9aeab92f881dd557a4fd
SHA256 9a3bbffb4fe610a7d5915405759f0260605e824beb55c278a38032bbe0e28812
SHA512 200ac02f857f5edc8783a2714e3ed0f520a4d94d4d8c3e2a2e91a0a83ab61c775d520d1d71c8d457fedc296b3706ccc0f3ad91a805497843bd9515ae3f584051

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

MD5 d1190d7c96bea958becb76ec7d6ee3d7
SHA1 f347d3888e58fe4efad3057827e447b1e0f7ea83
SHA256 e1af476290019dbfb22037eab4298ad03540c791b1d4c533192534179b290385
SHA512 71eec1afe7a6fc56aa0726c05941dbaba7a18f3cad2cebef8d8feccd4fb6057d639e17a6edc1c146910f8f4b74f7754e3cd94655d5edeb49830458c9ebed70de

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/index

MD5 d1190d7c96bea958becb76ec7d6ee3d7
SHA1 f347d3888e58fe4efad3057827e447b1e0f7ea83
SHA256 e1af476290019dbfb22037eab4298ad03540c791b1d4c533192534179b290385
SHA512 71eec1afe7a6fc56aa0726c05941dbaba7a18f3cad2cebef8d8feccd4fb6057d639e17a6edc1c146910f8f4b74f7754e3cd94655d5edeb49830458c9ebed70de

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar

MD5 cf2ed89992c1145a27f078b9da17e96c
SHA1 2afc75b5bc6329198ec01829e6c6acbd0c0dee01
SHA256 84009ae4f9125e2d61a670b88e41ad81bba2161dc0910b4506ef6356f0ebeb78
SHA512 8240cd4dcf4087b5f02400853f6820afe4b2a8825089aaa661662539fcb857b78013f8f3a9dc047034f6f42168fffcc6c1727076ab0e4eeaffcad956659de6f5

/data/user/0/com.mask.photo.camera.editor/cache/oat/1598581401714.jar.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Cookies

MD5 dfb2098ca7b3bf16d6f5f1e7d3839af5
SHA1 ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d
SHA256 e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224
SHA512 fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Cookies-journal

MD5 7ee5cac7eeb499d54c3914903666cc89
SHA1 44cc77da55a1695be609864088ddc535335dce1c
SHA256 5e0d696c705b91108fed1f63baee24b854cb74219e4d5c6483e9c23a12e1a56c
SHA512 41b2aafc4473977572e7488e86761196c568581f2d2835bb77ffc92206e1eeb5886370f2d69959f4773691cb0d4c33180ab7d5c19ac7297746ea95443d55cbed

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 66d4c96e6bb122adee9f61d0c4194012
SHA1 a0b68f3072e685b2cbb7e5d6157a6d0422185bee
SHA256 94a28c8eb60e70cc9283f8ad1325fdbf9113bf208db02e73d647770553f3178e
SHA512 51d1f0763ccb7e694b7058745db21efb805c85b5678f3123ef9b1d42d797a92b9429ae1dc5f77f1f3ec4837aa22d4d2f2d3883575cd9d1db1a685f7eda823445

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

MD5 b67ca5037561ea77226b7c78d517d46d
SHA1 3300899a615d3442f6464b9110ab35874ab45ba8
SHA256 495f2927fddc24ba0264280d56cb634b6c039d53d7a434fd647035f1f910e42e
SHA512 d0f9b214158095e07eda5dfcca318be350eb943107c7137a4603a8ec065f80608b1fac4fad0dfbef5e78d7f8d8d2d01fdd1710b3948c323b780d14e348082520

/data/user/0/com.mask.photo.camera.editor/cache/WebView/font_unique_name_table.pb

MD5 9147f3c70cd68eca82079554128543fa
SHA1 3fac96cb4b59ac89a9ff4ef4b91d9570342d66db
SHA256 fd0e0c4e89444a88d27118b6eadbf01cdc5debc762d9b6ba8b51022558702736
SHA512 ba6c2ec755c4e49b5f31fd4acc4d19318352608b87b1e1ea90cd7c30c7d41fae4437a6a6bf39df31d862b2b193f43924abc22ab0998045d12e380999e43ddf98

/data/user/0/com.mask.photo.camera.editor/shared_prefs/admob.xml

MD5 04273326e6383e778f19512e18edf192
SHA1 ee382de41205ebfed6d80dda76998616b3c34f18
SHA256 1b83b4b88c289c1ed89daa146476e4edf15e3fe5ab2f7e0b7241b83563014695
SHA512 35d86c0dc1988e9e117e52f7fedfa8395a592f990f37dffa45d69ba8a64f9cf4d36b837461faa6a0da2a2dd65f0162cc53e1e8ba20b8eda259c15784740485f9

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Crashpad/settings.dat

MD5 c707d246b9c40d5d81f48ea35fef1d34
SHA1 213ed133f1eed122d3bc8b76f937bb6936d1e2e0
SHA256 be77202d5c13c6fd06900bf01adc34fd34d1a1d1641eebddde6c09270ced89e6
SHA512 40a1b05115198123635f04a21675c9aec6fa4010e57dd15a8a66c3ad0810a0b8175cfbf07bcd4bd52e6b18d965e5a4c6206503f4c945efa6c27af1b6d8669a4a

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/GPUCache/index

MD5 d1190d7c96bea958becb76ec7d6ee3d7
SHA1 f347d3888e58fe4efad3057827e447b1e0f7ea83
SHA256 e1af476290019dbfb22037eab4298ad03540c791b1d4c533192534179b290385
SHA512 71eec1afe7a6fc56aa0726c05941dbaba7a18f3cad2cebef8d8feccd4fb6057d639e17a6edc1c146910f8f4b74f7754e3cd94655d5edeb49830458c9ebed70de

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/GPUCache/index-dir/temp-index

MD5 20978304f0fb7e0bdc8c89ec2c277533
SHA1 ad461aa54de58034f158d75e3b472c71c5811e5f
SHA256 33521c86544bc8f33aae0f47b373092dd33002163723e50582193a5473963595
SHA512 4e9a9475350f5f035d609e532555a1588e1adcd372f5944a65ceee9a7a29bdfc2218f0eb73291569f258ba44634c4a95678dbe4eae3de8a96543b291d82c0642

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/index

MD5 d1190d7c96bea958becb76ec7d6ee3d7
SHA1 f347d3888e58fe4efad3057827e447b1e0f7ea83
SHA256 e1af476290019dbfb22037eab4298ad03540c791b1d4c533192534179b290385
SHA512 71eec1afe7a6fc56aa0726c05941dbaba7a18f3cad2cebef8d8feccd4fb6057d639e17a6edc1c146910f8f4b74f7754e3cd94655d5edeb49830458c9ebed70de

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 0393d8eb8939082ad5811207aff618d9
SHA1 fe10653f1d4e04d6c0437bb330792dd6a553c363
SHA256 c7a240e40d0b806ad50551d4f427ae388db7ca67847f9617cbc26abcd087a345
SHA512 2c5e2f91b1d51c7230e5feaf2544492c46093a0002ba24c0b41dfa9ddfbced138e7e5202eb1ba098fcf8c876a6564a04a5b1adaa45e0ddfe38d32628bfec09cb

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/f038e94cb33282ab_0

MD5 141fbb51e9ee4562977a204600841037
SHA1 0e9f257d5994769635528015fe357acdb14673eb
SHA256 f11daac6aa679a2ae400a0bd6eabca035b5422fd4ecb1ccb883cfc1dcc6a5d91
SHA512 460451f8d9446f955da8b2efbff4510ae6ce11078708047fba9c0e5230f8bc4efd9f68be3ea03cee5fdb60d53a335f2900107e0d1365babab0ad8682a2ab5f9c

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/4ade02d53c941f31_0

MD5 bed509071b0de0b3192f96367b83d9bb
SHA1 ccc0057f196586287114afffc346961d65394130
SHA256 dd6a7df74ceec28f330df172472165dea6fc5ac5d048a09d2e190b06336d3c92
SHA512 d8d66335a17dd20d66f688bf385dd8161c30cb9059c77e9e8f1e2ce02b3b33b555e05f5efc07e6dc854a5a864e1fa3c16821ace63163195f972165ff2839b87d

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/a4924b32c9d742ea_0

MD5 b2f209a0e33b8acbb744cd68874bd546
SHA1 a8dba7aafd6470fd2560fd610ca615f948e95211
SHA256 321abd60cec3385f3e7e7ba5eae06bcc53851d61c3f1d98ffbc41cd3f3017bfe
SHA512 1d1af8ab9231b49564e70c3fe210c8d834fd4548f17135658aabc425f6f632eaa012049b72a76aafd8447a26e23c66dd0ac12d1d7d06a921819f87298d7917b6

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Local Storage/leveldb/LOG

MD5 fc7eb5eb92e0d695d033a9320d13d972
SHA1 59759b7f8dbf1a036b4a7e53dc59f45e1f78df9c
SHA256 192b578ab3d5f4d0d87d21735250ea46e89f16b86a08e8744dbcf958b33337b4
SHA512 3f2e9b6b98f5960e0fee7228750b59bf6bf85812ab0e0510e8c766ebe6e6eaf0096bc40c34b56de7202a2ab7ac0b2ca0b1cade4e15a63a8f63fc3bad6290bd23

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Local Storage/leveldb/LOCK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Local Storage/leveldb/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Local Storage/leveldb/000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/data/user/0/com.mask.photo.camera.editor/app_webview/Default/Local Storage/leveldb/000003.log

MD5 f3b9a17cc1fa735698689de1321b0183
SHA1 281aac670262ee7bd331e02ea10a3fb17bf31ba2
SHA256 30516dbc348a1865b2859711cf19b07dc9cf91fdafd3655ca5fff8b168708768
SHA512 ebc1699a69418344eb7764c69125c757cfa0432db6fd09830d740db786bc86e9d7680a8c0f20ea27cfa812886f41986dedada216d22cba0ae7bcc57c36188ed7

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/dfe6b2497a7513ba_0

MD5 97d00a0c2b47429d4a4ea2ac74bbcb5b
SHA1 40ddcf95afa153a0e4ddb009d704af4384e62b99
SHA256 3adadf1f8160bd42bfc0f7331e85ec8625ff540cbb1331f1e50894925f7237f6
SHA512 74e5ad988c9720f765b84397f90e5aa7e1025c6ed19d9f5f86a656e236e2d52db02bd538a154390b7c7d2fb68184e025b3e0a5fc66a222617d0e9d448d462e8d

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/16351c91809a9cf8_0

MD5 bdf175c868a4e5145bef346b44487c44
SHA1 fcb8c53c09bf0d76802782ee0282ae5b6f179cee
SHA256 096a08cd8b4816f1ad78d22ccfcdafb91f08af47422258ce93cd1c8ab1304f57
SHA512 3a094ef7078f1dfec572447ef8839b94653ca2d22d3b1cdda1e0b0d91ff69df45494adbcc0ae9037ba7a517e2eb92b763d146ca50d54ac4ddfceb6bcd327860f

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/7556c1835650e1d4_0

MD5 8dc2882518444c9943a41155c851f19b
SHA1 92595c4da8f1cdcddf72ef4da5fbeff80f302e6a
SHA256 85b9402b9d50a7679b2686f121a64b6d9aa432f608acb85c7cc2783e3a5bd6de
SHA512 598469ff806e3d4355ece7a337d5b8e140a3554caee83a5dfdbc833a7d9b048da26197ca96b1804dc6f6243c70e40e14df1b8ad47cd826603ef286bbcb23bd2f

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/161adb42c9844adf_0

MD5 66904d7a970350dd3682edb335f130ef
SHA1 57257afed6021279cab560d44d9a634dcdea3f43
SHA256 942935300db30220fec04dfa64c2a9540267f37990d310e6f79ca5894a1071a8
SHA512 957f8057df227bb4ed3daeed65ada71ee6594291dc9974bd37ffcc87e4dc8ad4f66b37d3496c84a65f5740cb831a61467ea0df1424efbc4ad713ffb31097c539

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/af8b99414de0a560_0

MD5 3bf78659422fd8862440b7df7c3b2caf
SHA1 04f238baec1c97b7af7bf1d82a89655bc9aa3733
SHA256 ae325ce5c04942fc2aaf25a57a9848dcb26df4e6de59110f1b93463e027c9ed7
SHA512 d86290ce1709b63bb3cc225729b3c7d7e15ffa189b4ee0c03c86f703dd87b5c972fe9d677594192aa50328daac25232a82793d651810b4e6e75bdd5d16e38583

/data/user/0/com.mask.photo.camera.editor/app_webview/.com.google.Chrome.zFb1kE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 3299144fbe8cf0121d47971956878900
SHA1 d6d013ae20a089948535bc0e199f71a3e9c20650
SHA256 836109b6e27043bc2dc52c6b7aab06ce438d7f80ffba67a028ad7063c8735d9c
SHA512 a75159706da87acaa9c7620997ff325137efbcd499f9058ab9775e3ba823d3a437bbaab6857d1f4c63e159525ead36f3bd9ecc309d40914440206e9524c6da7e

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 4b117b9982ee0b1aefc270bf77b77ed4
SHA1 d938c14174011d18e352c51df8d755070ad33876
SHA256 34ff034e8703a96514a0fa4c5b41d5685debbf77c7fded7a9b6753fc301fe1eb
SHA512 b610cc6e058ff8d36af9988b9692ab99c29d4b2bbaf805c227a2f5bb9af0f69ca649f312405bd8e21d4f9e8bd8b855876eb7bb473a251c0bd1eca4fde7e334fd

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/c4db43b51b550965_0

MD5 1e1d5144ad9d5ada363203b86a221037
SHA1 3bb7087f2fc8960e7b825bae113162583f9a92d6
SHA256 953334ecd324516afb46d41de20587e0a00da77e240942bde46c0a833d2514e3
SHA512 a5301b1d55b1dee2d09165f062b2f6ec4f7552613393b8d439569b0a8a2296ddac857e5d3f8ad6c3d42af390348307a86ebe69ee3e793e4e8957d2a6911ad560

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/b47d328cfa24435a_0

MD5 7609be347a1f7d5785053e98b16ecdbe
SHA1 95d74fc8b07b8318df199e7fef8f19870a859c72
SHA256 d6d6a59e493b104b3fa11a44874fc7041457e48754912b6fdab26978d9b2095f
SHA512 54d22bd45c3abea966177de8bd67d0002435e979b568141d8a7949002a4224ff7b5eee031540b32db194a1459decff28ad6351c4ddfd0b9b7da49c4444bde5bf

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/5b958d3d0ee14ebc_0

MD5 eadcea31e17ea891d2a520eb7583509f
SHA1 1b01baa6f56fe4cb5c4db366687d64b9669a5dcd
SHA256 0bd4aaea5a1f6bd056fc68128b226f6239431489f61638cb1f04aaafd1aae1a7
SHA512 960cc0822337eede447275802ec30ddd013d1ca03b38d25402ef554fba2646aa7fb9593db4c4aeddeaa1caf66a2b30d10d9ff49b570e09ead4b601472de1f441

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/f1d2c920eba49434_0

MD5 d5e630b9b646fe84842f35aec5405e0b
SHA1 c73228cb09cbf3e75219d80f9dc88bfcbd218d59
SHA256 7d3a972a4e1d12fdd421ed764143e049308cd25e30fdac89d3c53179f42bb552
SHA512 4d1ca968bff8812a10b793794cbf21bc56fb29e633aec448a5ab51d17942ce577e599febb4bd18cec03ec7200db397ba5e040829f50856b464556e9339da3253

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/b6b38bef22d67eba_0

MD5 d225d99aaf47d30b3c9a751296880e26
SHA1 34738aeefcbdda891de2343d8597311fee2b706e
SHA256 e6a010b2275cdbfd167a758fb169481de46c348b59a4b44d7ba9ef9e3529fd03
SHA512 e1b111deabe5eea3aa76a48b3f900099b8e702bd5a46e76d34afa3bfcea8eb2cb815830a5c4c37e277b7cbde394c4279f9f86a492bbf2384fdc43c905381daa2

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 3dd1a793fa2839179eb57d7b7f831b53
SHA1 ed89d0950beb59bbc1943fed92edda7eea7212be
SHA256 9544beded40e31d593f6ace9dcbb6bc11b13c10f7f9f9c8faa0840356b2e8c22
SHA512 c3ee87352b2ed4237f42f71a640e95ef5bfe187cdaf7d6658904424ed320cd815c40abb45fbaf3f0649b9b13735e4c289b9e07b60815ad8891e3f0d5f12faae7

/data/user/0/com.mask.photo.camera.editor/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 1572aec7ccdb5284a6a9da5629749af4
SHA1 5df235c8b8a654f2e795c9e8e11380d1aa861afd
SHA256 c6eca71d9fab58fffd7d0fd2652b5181d710f42c1f9e42c8212b194ca1654487
SHA512 b38b739ed49ee9ef85a960c8efe62865d7652def5f266cc8980472e1475e3199bca31697b60a7ff773f196c4ca12ac69e85719566c13d41e33e1d93237230a5a

Analysis: behavioral3

Detonation Overview

Submitted

2022-11-24 10:52

Reported

2022-11-24 10:55

Platform

android-x86-arm-20220823-en

Max time kernel

2836426s

Max time network

139s

Command Line

com.mask.photo.camera.editor

Signatures

joker

infostealer trojan joker

Checks Android system properties for emulator presence.

Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A Anonymous-DexFile@0xe55ae000-0xe55af3f0 N/A N/A
N/A /data/user/0/com.mask.photo.camera.editor/files/entrust N/A N/A
N/A /data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar N/A N/A
N/A /data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar N/A N/A
N/A /data/user/0/com.mask.photo.camera.editor/files/ionsxg N/A N/A

Reads information about phone network operator.

Removes a system notification.

evasion
Description Indicator Process Target
Framework service call android.app.INotificationManager.cancelNotificationWithTag N/A N/A

Processes

com.mask.photo.camera.editor

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar --output-vdex-fd=93 --oat-fd=94 --oat-location=/data/user/0/com.mask.photo.camera.editor/cache/oat/x86/1598581401714.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 216.58.208.110:443 android.apis.google.com tcp
N/A 216.58.208.110:443 android.apis.google.com tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp
N/A 216.58.208.106:443 infinitedata-pa.googleapis.com tcp
N/A 1.1.1.1:53 vjnghjg.homec.live udp
N/A 43.154.2.131:443 vjnghjg.homec.live tcp
N/A 1.1.1.1:53 careof.oss-ap-northeast-2.aliyuncs.com udp
N/A 149.129.12.33:80 careof.oss-ap-northeast-2.aliyuncs.com tcp
N/A 1.1.1.1:53 cxjus.oss-ap-southeast-1.aliyuncs.com udp
N/A 161.117.155.70:80 cxjus.oss-ap-southeast-1.aliyuncs.com tcp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 142.250.179.130:443 googleads.g.doubleclick.net tcp
N/A 142.250.179.130:443 googleads.g.doubleclick.net tcp
N/A 1.1.1.1:853 tcp
N/A 1.1.1.1:853 tcp
N/A 1.1.1.1:853 tcp
N/A 172.217.168.202:443 infinitedata-pa.googleapis.com tcp

Files

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-journal

MD5 6f0b33b5715c28eb174c4338f5d99637
SHA1 1bc5ee7c55dcb668617cc560e3ea6af7de3b6151
SHA256 c62efb50024d8d0477359475f1b48fba97695fbbae001a0ac40575e7f427cc13
SHA512 7734ee0346b241a9e7239227ecd69d2977e37dca53adb776fa88dad96d8b4f3c41151f0fa47e88fd4339a92501cd1851292afb4e4d9421ec72d8f1df5974308e

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-wal

MD5 a68bda1580f52e9f5d9b036ae604755a
SHA1 6e25305a95d87ccaba80cb855920bbad8a31ffd4
SHA256 76ef1ea778fd924cedf63e9ffe11326c8f4b45ce5a964aa56cdc8f1850e172dd
SHA512 d40bd1578fe3a027627c41352ba6fd1e662067db328aaa7b8c732285b8f923e3b15b9f3583a5c6737ba8304659d706688ea70417a0197409f65bf54780e8c449

/data/user/0/com.mask.photo.camera.editor/no_backup/androidx.work.workdb-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/com.mask.photo.camera.editor/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/data/user/0/com.mask.photo.camera.editor/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/webview_data.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/shared_prefs/WebViewChromiumPrefs.xml

MD5 21223e9184445fe043476484cd8cb1f9
SHA1 2b4813f849121d60ba35eb0889080668bb62c778
SHA256 bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af
SHA512 be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

/data/user/0/com.mask.photo.camera.editor/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/metrics_guid

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/metrics_guid

MD5 6809488f4847f9e33851be137e704d9b
SHA1 5285457166a7fe27cbf5e5a46cc56474d878230e
SHA256 262eb7fc438e99a4aa26e069e97dee635f1afc83cec1a2a4dea6711ea252ea79
SHA512 3dbb5d50121fbe8d5953b1c9294a9e361e43771d3bf0c3b15f025613796357848a57bb54e5c66f69d968279285aa60f2944d4090eea5970861064cf3d2187006

/data/user/0/com.mask.photo.camera.editor/app_webview/Web Data

MD5 dc79f9ce5f3ab5270b33e61119dfc959
SHA1 1844bf222a5144b513dcf2fb50a18c011701c647
SHA256 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65
SHA512 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

/data/user/0/com.mask.photo.camera.editor/app_webview/Web Data-journal

MD5 1565e42c355b0393baed82b3aa60269e
SHA1 cd044257131a8e6773d57fd337e092792c7aa854
SHA256 9c7fe6f48e559d72229edc3693e2e9667145fa296273460f074e51409e9909dc
SHA512 bdc445eeacccaa12cf16290cc9193e6ac4a5c46f224f7754ed345a2df90ba6c489123388e95ff4afc615d26207a3c71120a7d9aa5ca1feff09539540253eef86

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/oat/x86/1598581401714.vdex

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/oat/x86/1598581401714.odex

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/Cookies

MD5 cb7543c4df600f2af58097cce0e334ba
SHA1 83cc92f38c27fdb4fa519b1ce2f37912f24af1f0
SHA256 64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233
SHA512 ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

/data/user/0/com.mask.photo.camera.editor/app_webview/Cookies-journal

MD5 3932c54b50e5382e022677dd9afaec6b
SHA1 044267da4b56ddff86d1c55d3db4fc6eddde17f8
SHA256 45d0899d78555f51708a842ee962aa957862cb25311aeaebc4da54657c57ddac
SHA512 e501a2001d8db9073e129800e65abd58545e425709dafeb5a397965dcc660cafbbb16b20bd1c50ff4467f585e17440d65f5bd06e5044cf24f07948a417291553

Anonymous-DexFile@0xe55ae000-0xe55af3f0

MD5 d1e6b3dac82d7e6fac4e9001ef550fc0
SHA1 b6cd9741cc254d3b7f4e9ad0baaf9b5596c308c9
SHA256 aebeeec82797dfb01788fefb2fdfc32fa7876463d2048018c032f3f921aa5800
SHA512 08ea24482be0991e11aa102f6cf79e29b400e960bf6e9f77960d3d4e0da8d18bb948bb2e6b03bffa2e7aef35ea079737b68609f479a9c075d1ad9ccedd6a17e9

/data/user/0/com.mask.photo.camera.editor/files/entrust

MD5 45e28de01053f2e2e3da852905aeef8f
SHA1 4d77692a8be2d03dadd889fbb1e3b22f9c68b714
SHA256 4ab3afd2efe58b5e910693277be491023a2b75c368b56fcbbaef7636d27d09dd
SHA512 5c0a6512d241c956c9f1c4e74f92e23aaf7179f2af9712763056075e35727462b5a38b9435b508e0c5dddae3e763d49ff69b7d3005e9a67da11baf194b25f821

/data/user/0/com.mask.photo.camera.editor/files/entrust.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/files/entrust

MD5 0ad6fea1f5017f9cf4e6dbddc0f5ef97
SHA1 1788223fd6d24afcc0b0d856aa56bd92f84b41eb
SHA256 72dad360219d07c162178d356d4bed1ce527100e2c090a637754ffa014f5ea6b
SHA512 0c0c5f2c6ecea4ade1ea09ec159757aba432f86f1dc3325667b374ad0c8a5ba21f46746003c615b075a915a8e1d7bf41bc7fa6afa6dafa638f2b12b37515d32c

/data/user/0/com.mask.photo.camera.editor/files/oat/entrust.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar

MD5 cf2ed89992c1145a27f078b9da17e96c
SHA1 2afc75b5bc6329198ec01829e6c6acbd0c0dee01
SHA256 84009ae4f9125e2d61a670b88e41ad81bba2161dc0910b4506ef6356f0ebeb78
SHA512 8240cd4dcf4087b5f02400853f6820afe4b2a8825089aaa661662539fcb857b78013f8f3a9dc047034f6f42168fffcc6c1727076ab0e4eeaffcad956659de6f5

/data/user/0/com.mask.photo.camera.editor/cache/1598581401714.jar

MD5 1ced7d2175dffa49a034973977306116
SHA1 3f8200a08b62466017e817605c5386b31bd7810d
SHA256 ab58700e1e6ebd3427baac6356ac257a9e5d4b51119132b6bb2c9591355ae98d
SHA512 b0e9791e2cd69962a0b5e64a77c6cbe932b2e4f205a533ee551b68968c702d35c52cfeddecf743b497e6058c0884124e3dfd3d9a471d0774eb7ae7046d8c63b7

/data/user/0/com.mask.photo.camera.editor/files/ionsxg

MD5 df63f85b7c5506c22afabc5980079c96
SHA1 7f1701c8ad372955f25405d45f340ae31b35d256
SHA256 a64ba8f89b414e889d2ecca4f8dc0dee47984f0586fd8af2a073782975851665
SHA512 ea7272552f5b2750421d195bc9982d14dbadb3fa8b45d3d1cb5c6cb979a89de7c158e3acd00d058c1fb4171f2699c4b57abd0d95e1e6cccd99cd9d3eb14c5f75

/data/user/0/com.mask.photo.camera.editor/cache/oat/1598581401714.jar.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/files/ionsxg.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/files/ionsxg

MD5 3d13a1c2d90322301122f0f451ec5d3c
SHA1 8e71493581e05a62efb633197fa5a6709c7fde1d
SHA256 2fc36a3881ab97d214092a47cb9217871a3536ed3d8d542c74e64b4c6135e488
SHA512 f7f9a054ea819c38a5c8a3835c84a20b6364c7d3c5968f61c0d96b8d338038ad381a8df82146e1f660b455ed7828e9839ce3b3a43ad176ac2022406c86bb1089

/data/user/0/com.mask.photo.camera.editor/files/oat/ionsxg.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/shared_prefs/admob.xml

MD5 f2391b206cf5eaa2aae7e749da4f87bd
SHA1 a4237dc4cb45ffa484f88af6d7e9d81247082376
SHA256 c34c37aebe64b68d186c8d954027a0f456c990ed38c44d18020b1c540541f226
SHA512 8500736db70511215ac1919911e58811d7c12aff57cc391c67c3a190b032cb0e4c098cfb026207b455629f377ed730b0095490349f6edf36abf3ba5dab09a095

/data/user/0/com.mask.photo.camera.editor/app_webview/GPUCache/index

MD5 93027d42b314432c4216e6cfca48b384
SHA1 43448dd8102979c3926828182579691945eedd4e
SHA256 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c
SHA512 a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

/data/user/0/com.mask.photo.camera.editor/app_webview/GPUCache/index-dir/temp-index

MD5 39a22da81abd6bbc5019dc9742b89125
SHA1 ceed6779eb13be7becca6388890f03ce9a2b73ce
SHA256 8ff31580e53a4cb6d355fef075b66b96df706ca521a8230b540d35d3ab6cbbe0
SHA512 3c90b4101d3719ba7d9cac84b12f084d9cb552e2d0d4a76d19209fb4a88704346e38056e0a5960e9937fa13e1c539057a08e2c77b3f7af10f91aacaa3addb46d

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/index

MD5 93027d42b314432c4216e6cfca48b384
SHA1 43448dd8102979c3926828182579691945eedd4e
SHA256 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c
SHA512 a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/index-dir/temp-index

MD5 976cdd080797ad3c6b1a8663d6430fce
SHA1 aa22dafceeeffde0cc4b18c6abacb4331664bb35
SHA256 a3d684960b6f5b8ce83f5565f3d02feef89df300d7616c01132ce6cea15bb5be
SHA512 1018c0444726d09962d3ae1a4be7d46d7857748f32b0fdec6f3b8aa994ae2c8d7e864220732a48d18c29f4078859f0559191b83ae79c011fbde71d12de5d83ed

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/f038e94cb33282ab_0

MD5 ebc43acbd2b99547ad6cd08432b92f3e
SHA1 a8a100643005f5822a762899f6086f316e399678
SHA256 49c94b96234249807259e76eb02bbe67c0b428c1473b0d2de76f67ab17217015
SHA512 4fe33ba3b4999fa4c490f4d290bdaf84f280a6ff839d03ee32d39571dc18cc55ed3e705114661aef68a74a17da99d6f606b867e3977815198e93e732901f1db5

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/4ade02d53c941f31_0

MD5 fa7aac53dc2cb64f5711083851b6a445
SHA1 b75fe6bccb8d7c4638181680c1c41a6bf4c3b787
SHA256 c2f85d19488a85b9485233742317ee083b447b607b2904b61004688eeae1239b
SHA512 7f449a49c8214a02f01c0bf04646b318c799f5c95f225b9b3ecbea4d0b9720baef89f04b3bb3952ccd9ac79940a3f2bb93e0f8c606ad72b72b982e4c652361d6

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/a4924b32c9d742ea_0

MD5 1c41ab681c13a4edba69c0acb134f33e
SHA1 4b83ccdf0aad99c7dc7ab81e099da7d8be0abdc4
SHA256 27eac07d6f416f55e75a195766565b57d05497bbaeb7d7b27ad85a841e62414c
SHA512 342d88d6ecd7805548849b08003f1cebcbbb767b47cd2c25e24dab10d0010da14c76dfb445252236d05031d3e9de3608431bab49991af37bedeb896125692ede

/data/user/0/com.mask.photo.camera.editor/app_webview/Local Storage/leveldb/LOG

MD5 60a745aa239a58b6a3c070ac7181d9c2
SHA1 824ccf92297cc4c5fdefd69f7463b2c70211c5df
SHA256 9f08c976904e8063b25d7779f61248d97780619d608909c74ad99b66baeefba0
SHA512 dd7baba3bcec646f33ce3720762c795f283feafc2caec95e5bd87b620254c82c6c458c537a614853ac9e5e8b5321b9294a1f5e36383dfb64b5aed629aa9e6729

/data/user/0/com.mask.photo.camera.editor/app_webview/Local Storage/leveldb/LOCK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.mask.photo.camera.editor/app_webview/Local Storage/leveldb/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/data/user/0/com.mask.photo.camera.editor/app_webview/Local Storage/leveldb/000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/data/user/0/com.mask.photo.camera.editor/app_webview/Local Storage/leveldb/000003.log

MD5 046d4dde56ab75338cb6daa24cafc4c6
SHA1 70fe7e819250933fd4baa9d8bdf4e8aebcd4884f
SHA256 49f6810f6a10be7210552f9991249c7c5d3e73eb56129e75e49374e28dd09f00
SHA512 2e28c50f46a64780c373d9e474cbbf09d208f59927bd239f55eb79bdc06025f979cd0031539e606ee718a76384cbcd07a835d22d0997a1d04f29b42e9bec9fbf

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/f038e94cb33282ab_1

MD5 d05ffdccaed8cd6840d54ea433cd83dd
SHA1 d02b4ecd6296a585be6673b6c16b4c5ba1afcda2
SHA256 a6b951496f1e7825356c306f46a8beeaeca0c3ed5e717dc7f77b1d2bff285040
SHA512 1e3e879e7aa0874e5cd523d2a8a9f4de41abb185e4d6616e4e00bae127caddbb7c5e7b592ed4a40a747e5a1fe7e5daf8144ea06c99157e9d814540b1dea1d827

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/dfe6b2497a7513ba_0

MD5 acf674ffedd8e28e46001730312ce172
SHA1 34004364c06cf5d0d136abc789153abc79b3ff53
SHA256 2da1f78c6762d1e22e8ab9ac53a67ec18f01a26709c1ec560bef6a14fe8e1d43
SHA512 2c25cf8209544add581c6e6b266cf7688a8bfcb5cac14ba6e4adbd21307426f051d358a5f53b2ccabdcae94f10a8f45e1da2624dcecce126c81e131330fbae17

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/a4924b32c9d742ea_1

MD5 9c03c3fddd82861760a5276a868e9a4c
SHA1 8d1512ec96fbdd6ccdbb4ecf52b0cca59b9335e7
SHA256 36f6d9e84172c7ea8aaaeac3d7b85bdc126de80003becb4b18d770584d91719e
SHA512 5f034a15a516762eff1e93a5eb9cad45b7cb63726cf9260324a4c055686e1654cd14925249e00c8f3d44c101a91a6231e6d447c05e34f224ffda21db7503c12c

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/161adb42c9844adf_0

MD5 3704a173599babdfc3851f8b76c5436e
SHA1 4ef588e9495bad53eb0d2553b761944f13b3bc46
SHA256 5873fb51869e5ab4329023adbcdc9b866fc384620f4d40ff94c06a29dc6a51c8
SHA512 621e9b2ab278d501b479ff95b7e50af70238b93b52549149660d55e097d5dbf49873d33930468f0fe4979d43a94cd03cebbefab16b51fbcf6f4167742b034056

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/7556c1835650e1d4_0

MD5 2d089c04fcf4550ef765de37fa8017e7
SHA1 3ce476f45779fe0dcf21165d860f180ba46b1c1e
SHA256 a493238d10260eacceb75cc819b4ea3386b873a63f0f4a07826bcd1d9a3e5e89
SHA512 6505c29968532f4de8984a055bb5f2ed88eb933c1248d15eaf440a5942aa18a310a200195dfd90659eab566565fc4020d9f2054882c91d26c527a0ae74aa8983

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/161adb42c9844adf_1

MD5 86be3bb7cd096f516b9b61539926ac85
SHA1 dc34e34a32d22a767acf8405bd1b83dc457d547e
SHA256 15554b3fabfc74f12dcfdf90443c0db25b2614bc33370f856af5c8e613ea1d5a
SHA512 4ef03ff58e53831a44c26f9ed544dc76911a568029a19c65ec3a482de8457ee38f4ab273fc4f7bb2e96dc9fa9f48163cd31f8b9aadaf4d51e1352e66104eaae9

/data/user/0/com.mask.photo.camera.editor/cache/org.chromium.android_webview/index-dir/temp-index

MD5 61ecf4bbcd6f52c850a00ba9fce9fbd8
SHA1 dcfa242957ff39b6962a4233de8f1d11f6731899
SHA256 0e689e417810a5080c781116da9212fb074a8d22abe7cf9d145cf404c9dc0f3c
SHA512 45edec2953fa584980dd50d2417a8e99d6df10646d059c1e3f5b13f914d6352625ef7b41f8c4a2d6ad7658b913b6a923c314f9ed043fd32af7b47fbb9fb0f2ce

/data/user/0/com.mask.photo.camera.editor/shared_prefs/admob.xml

MD5 6496a98513b2b3c9f853243c5af041ed
SHA1 2d256fe7dfa940a9bffe2c44041e80c000e99bfa
SHA256 0bcee532ad3210e507c133a2905b851e34ec8fb865f92262d03a515cb6c4cdc1
SHA512 554592e7d2e965c6dd29f1026564ace4504683dcee2810bc3c525bf9998a83d4241ecc8e05b295c09823da4da1e4bbd5382850ed13b854b8ed52b3fbc45cb768

/data/user/0/com.mask.photo.camera.editor/shared_prefs/admob.xml

MD5 963e69bae8319678326c815d6096b983
SHA1 97c1b704851db733440d5606702cdc3cee0db02d
SHA256 1fb4e802de5cfd56b086fd86e148a497229332a98c09955eac1d9dbd88e1719b
SHA512 90428f6fedc18b8fd696b00d9780097ef6af64b8232681c9663b510dca89e74b8266021af9bb021d1c27594a917b66b138f54681113ec7854ca9d7fc529b2388