Analysis Overview
SHA256
0b72c22517fdefd4cf0466d8d4c634ca73b7667d378be688efe131af4ac3aed8
Threat Level: Likely malicious
The file 0b72c22517fdefd4cf0466d8d4c634ca73b7667d378be688efe131af4ac3aed8_unpacked.zip was found to be: Likely malicious.
Malicious Activity Summary
Makes use of the framework's Accessibility service.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
Requests dangerous framework permissions
Acquires the wake lock.
Requests enabling of the accessibility settings.
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data).
Removes a system notification.
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2023-02-01 07:34
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral3
Detonation Overview
Submitted
2023-02-01 07:34
Reported
2023-02-01 07:36
Platform
android-x64-arm64-20220823-en
Max time kernel
199759s
Max time network
161s
Command Line
Signatures
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
| Description | Indicator | Process | Target |
| Framework service call | android.content.pm.IPackageManager.getInstalledApplications | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.rduzmauwns.jieliysagr
com.rduzmauwns.jieliysagr:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 1.1.1.1:53 | growth-pa.googleapis.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 216.58.208.110:443 | tcp | |
| N/A | 216.58.208.110:443 | tcp | |
| N/A | 216.58.208.110:443 | tcp | |
| N/A | 216.58.208.110:443 | tcp | |
| N/A | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| N/A | 142.251.36.10:443 | infinitedata-pa.googleapis.com | tcp |
| N/A | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| N/A | 142.250.179.200:443 | ssl.google-analytics.com | tcp |
| N/A | 1.1.1.1:53 | android.apis.google.com | udp |
| N/A | 1.1.1.1:53 | android.apis.google.com | udp |
| N/A | 142.250.179.206:443 | android.apis.google.com | tcp |
| N/A | 1.1.1.1:53 | t.me | udp |
| N/A | 149.154.167.99:443 | t.me | tcp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 142.251.36.45:443 | accounts.google.com | tcp |
| N/A | 142.251.36.45:443 | accounts.google.com | tcp |
| N/A | 1.1.1.1:53 | nzpubbxaurete | udp |
| N/A | 1.1.1.1:53 | qgmmahqpipfe | udp |
| N/A | 1.1.1.1:53 | igaxctjtv | udp |
| N/A | 1.1.1.1:53 | qgmmahqpipfe | udp |
| N/A | 1.1.1.1:53 | igaxctjtv | udp |
| N/A | 1.1.1.1:53 | nzpubbxaurete | udp |
Files
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/webview_data.lock
| MD5 | 7cee48b1e00acf643a424d067aec12cb |
| SHA1 | 974339b36002e2edf5c41263e282629454095507 |
| SHA256 | c8e217b812e6272e702e792f1b79f98dd21ac7f3172ccf764cd4af6b57f7dac4 |
| SHA512 | dc06ff2a511da39458081bfd9520b1d242faf4e45f00759f3db1dbdfeeaacab731480bdaf37e9fdcf8a885088d802c40964a43ae327d8664d53cbb09615ef248 |
/data/user/0/com.rduzmauwns.jieliysagr/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 97ccd9a2b2063143df56b6937f961ca4 |
| SHA1 | 5e78a91ae5df289ce83443cb7d5589dd3504fb5d |
| SHA256 | 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd |
| SHA512 | 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Default/Web Data
| MD5 | a48cd9324b1f8754b07f00d863b840f3 |
| SHA1 | 11c6614775b35a58f440971dfc87c8aaac6d6173 |
| SHA256 | 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420 |
| SHA512 | 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Default/Web Data-journal
| MD5 | 231cba5cda04566d2e86bdac5ed00b36 |
| SHA1 | ca66fb969214eb7d755a817aaa702e9b41d1d4eb |
| SHA256 | 57031e4e2b0fc052aae87d66fed4a30fa12d906843435d516427e17858c9bf69 |
| SHA512 | d2412f7aac3850283119ccd362038e3d1d74cadabc340338faaefe4985863cfa19ea92ad25d3f80e745c15fd927d867812364740dad888ae730bc995f15ce3fe |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Default/HTTP Cache/Code Cache/js/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
| MD5 | 403e27f6987235d49b4731cb920b5226 |
| SHA1 | 1601ebf2c7f9ee46825df39e2b486575fa0936ac |
| SHA256 | 315aa40c0ceff67c162d72d8d8926a39ca32474f106b1ea7f23deab558051436 |
| SHA512 | bb827fead17f1da95ce5ca38616648897e2a19b649bc08bdca6b15f2056afa5c47b80222c6b8f07f0f2601106f61841eb3ef4d11ac9f29aeed71a090a226158d |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
| MD5 | dfdcbd56059d6d2267bd2e5d94500a98 |
| SHA1 | c09a1eca9073e04cd897b6624958bf49df35090d |
| SHA256 | 62c7634d35245ea6f680aede8e6f910307d0034f3c032dea20140f9e478f833d |
| SHA512 | a67bc50c3e65e316483d6212aae7d916830530a60db41602ea4573a89b63417524c03514a97a4e63a0353aea9f987dfcc726e8926ed1c878fe4cead0a580e2a1 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/font_unique_name_table.pb
| MD5 | f080fa2a56ab5479d58063e5ea871447 |
| SHA1 | 4b3fd57a98916fa5784305b76ba30af26b5253d9 |
| SHA256 | 0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815 |
| SHA512 | 8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Crashpad/settings.dat
| MD5 | 797ad33bec0c7a5fe341a0fe6fc09366 |
| SHA1 | ba7743cd988d0160664ead95897da7fd58eb4b74 |
| SHA256 | 4ec1287e7ebd8c6a4cad2fdc69164d3b02f416d09bf606fb0a7cf7baf4f8b9e4 |
| SHA512 | 30333bb3fe8c62c2f3470071210063dcefd0398c7c72c3c3d238a920680b00bf57295d9bcaf68509c97bf994fe4127fae2199702fb76a439bcef743fb3105edd |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/.com.google.Chrome.OcCEed
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
Analysis: behavioral1
Detonation Overview
Submitted
2023-02-01 07:34
Reported
2023-02-01 07:36
Platform
android-x86-arm-20220823-en
Max time kernel
196156s
Max time network
157s
Command Line
Signatures
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
| Description | Indicator | Process | Target |
| Framework service call | android.content.pm.IPackageManager.getInstalledApplications | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Reads information about phone network operator.
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.rduzmauwns.jieliysagr
com.rduzmauwns.jieliysagr:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 1.1.1.1:53 | android.apis.google.com | udp |
| N/A | 142.251.39.110:443 | android.apis.google.com | tcp |
| N/A | 142.251.39.110:443 | android.apis.google.com | tcp |
| N/A | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| N/A | 1.1.1.1:53 | android.apis.google.com | udp |
| N/A | 216.58.214.14:443 | android.apis.google.com | tcp |
| N/A | 216.58.214.14:443 | android.apis.google.com | tcp |
| N/A | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 149.154.167.99:443 | t.me | tcp |
Files
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 21223e9184445fe043476484cd8cb1f9 |
| SHA1 | 2b4813f849121d60ba35eb0889080668bb62c778 |
| SHA256 | bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af |
| SHA512 | be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
| MD5 | c81f11a1140bcafb7d6f1a9ee001c07c |
| SHA1 | 905d28e06bd3bd22ea7136c658acb9b66475acbb |
| SHA256 | 65eaa7b34e888eaec24ac7dc2ab60eb523e8e4909a8b8327413f455b13bba5ac |
| SHA512 | 73c918a6c0562088513c79ee06b625e27ab48f851a10a2c00ec16ea65ca0e5eee261459cfd6c0138a5e60f9b6894bce1e4452c887f485e6c18adf7d2802d4061 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data
| MD5 | dc79f9ce5f3ab5270b33e61119dfc959 |
| SHA1 | 1844bf222a5144b513dcf2fb50a18c011701c647 |
| SHA256 | 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65 |
| SHA512 | 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data-journal
| MD5 | ba8848ea7791315210b1eb96c92cb756 |
| SHA1 | 2b9c524264671b5314b0c98c40ebc664ebcf4464 |
| SHA256 | c9e2df60585a65ffcdd0b0a6e9f06c3bea49f718ab9219038ca505018d876747 |
| SHA512 | a846fd5888767dc814bf7eb710fdfac78c0c8d463df2b921ec93542226be0976016bc4123acb0edc581580443de35cd61d3af1061b6746b85b7de1bc68854fe4 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-02-01 07:34
Reported
2023-02-01 07:36
Platform
android-x64-20220823-en
Max time kernel
199757s
Max time network
159s
Command Line
Signatures
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.rduzmauwns.jieliysagr
com.rduzmauwns.jieliysagr:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| N/A | 1.1.1.1:53 | android.apis.google.com | udp |
| N/A | 142.251.39.110:443 | android.apis.google.com | tcp |
| N/A | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| N/A | 142.250.179.136:443 | ssl.google-analytics.com | tcp |
| N/A | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 1.1.1.1:53 | accounts.google.com | udp |
| N/A | 142.251.36.13:443 | accounts.google.com | tcp |
| N/A | 1.1.1.1:53 | nfsjifsfwx | udp |
| N/A | 1.1.1.1:53 | stcjoadjjve | udp |
| N/A | 1.1.1.1:53 | wyjakjpwlvr | udp |
| N/A | 1.1.1.1:53 | nfsjifsfwx | udp |
| N/A | 1.1.1.1:53 | stcjoadjjve | udp |
| N/A | 1.1.1.1:53 | wyjakjpwlvr | udp |
| N/A | 1.1.1.1:53 | nfsjifsfwx | udp |
| N/A | 1.1.1.1:53 | nfsjifsfwx | udp |
| N/A | 1.1.1.1:53 | wyjakjpwlvr | udp |
| N/A | 1.1.1.1:53 | wyjakjpwlvr | udp |
| N/A | 1.1.1.1:53 | t.me | udp |
| N/A | 149.154.167.99:443 | t.me | tcp |
Files
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 6ef709b8536878951e87c29a1518fc2b |
| SHA1 | 24376c70b00152501b3d98df61fa7db435339172 |
| SHA256 | 10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6 |
| SHA512 | 96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
| MD5 | 3fd6ab58db33dd7f062e4f04fe03779b |
| SHA1 | ab3f3fe1a551aa70edbc9985926d7e07b0c7fcfb |
| SHA256 | 1c43b3debf82d9e0dbd847de965c82b8da23d3173770e7b11441d72e250cc92a |
| SHA512 | 1785d22d233eefe1437fdaabfd5883aa8e24d3986d9ee65d78b5680db9a896aa95634a230796d887ce53bd8e504ddf7e4bfec2fb4d0ab63a4e0be7ac02cc2109 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data
| MD5 | b663831f8cc130493476d94f2d7a5330 |
| SHA1 | 043a1956ab8e40821d67043f8a9110a8eb36fb93 |
| SHA256 | c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7 |
| SHA512 | e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data-journal
| MD5 | 3c60787b74b8537ed2ae29f7d12ea684 |
| SHA1 | 226f23446001cafff3f0122f2582a3dec6b50f2d |
| SHA256 | 5625d23599a125e8b1d73f374ebb71623d8904d597488d6569a485df569fb751 |
| SHA512 | 90dc7c9b7e1744cb3470bf5f235c1a767d199a6d3ecff054f47e04a208d2bac0d0097e706477445b0a2e21c014e1cefa8d95ed449d1022f57371fb5043705dc7 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/org.chromium.android_webview/Code Cache/js/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.rduzmauwns.jieliysagr/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
| MD5 | 1f046550535ad40de5d391a5371a9489 |
| SHA1 | e746ace8b4e76911bdce82a031de6d9c4d510b2c |
| SHA256 | 217fdd4304f47487801db0f31f2b2d7fa512f57454897dd9c6cb750efc090c60 |
| SHA512 | 248ec6ca314ce9ab83b489978169d3d9a2d8581bd99caf87a345f8d9cf95dcbabad92541819f28d4ede801cff2b7aa306c59659edbbc7959e974a03f4d46f0bd |
/data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Crashpad/settings.dat
| MD5 | 0fae76bce54cebfdba760ccb6b3cdf28 |
| SHA1 | 78ea14c627b6945688124856d0c81e376831da15 |
| SHA256 | b8685a3b4f77183631bd6c214d94116d5ced0a5a16272a8bb2a20f8e15560b4e |
| SHA512 | 974fa5751b13afa86f2f9c191f416f483709ad2b7853c9e8057bd77ec9d9351996b5b94a0e40b670b1cfe32ca8747442c4b99f5a1d1e12ddb46298bdb118b511 |
/data/user/0/com.rduzmauwns.jieliysagr/app_webview/.com.google.Chrome.vLwQIY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |