Analysis Overview
SHA256
a520776bfea89d266ce1609fc5ca3d52e38ae282b5b0cc35455478b3f7f933ce
Threat Level: Known bad
The file a520776bfea89d266ce1609fc5ca3d52e38ae282b5b0cc35455478b3f7f933ce.bin was found to be: Known bad.
Malicious Activity Summary
Ermac
Ermac2 payload
Hook
Makes use of the framework's Accessibility service.
Acquires the wake lock.
Requests dangerous framework permissions
Loads dropped Dex/Jar
Reads information about phone network operator.
Removes a system notification.
Uses Crypto APIs (Might try to encrypt user data).
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-10-11 14:52
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an app to access location in the background. | android.permission.ACCESS_BACKGROUND_LOCATION | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to write the user's contacts data. | android.permission.WRITE_CONTACTS | N/A | N/A |
| Allows read access to the device's phone number(s). | android.permission.READ_PHONE_NUMBERS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-10-11 14:52
Reported
2023-10-11 14:53
Platform
android-x86-arm-20230831-en
Max time kernel
523918s
Max time network
67s
Command Line
Signatures
Ermac
Ermac2 payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Hook
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json | N/A | N/A |
Reads information about phone network operator.
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.bulosinehipibe.zusu
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | null | udp |
| NL | 142.251.39.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| NL | 142.251.39.106:443 | infinitedata-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| NL | 142.251.36.10:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | perlmp.com | udp |
Files
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 0d7011aae5c495eb21bc14fb36274b37 |
| SHA1 | 1688ae0e296fb51bd5e2e1e5e6d69f485dd595d9 |
| SHA256 | ec05193f495dbd4e80fe15ef83aff93ca43d57acdb397470c74c983d80898ffd |
| SHA512 | 16707e9e653b1c49969371a7a7cd66e1a052ea7aa6408ade08956356fef143c83f07987d43bbe5355f77aff826e1d38f2a66c7c4b43b4344f84e526e0bbabf9c |
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 76da66ec311b117dd6dc9847d23c2306 |
| SHA1 | 1d22fa205027f21d2f528ef32e377d6c20a15bbb |
| SHA256 | 9c2a5fb6388857a4e5dcf1c509cfada357b3fd0c41df04745aeeb9895d4b8f85 |
| SHA512 | 73a4284dc624cfb28e5e0994a2560f0cbab95c7e9cb3ceeccb9b1c5ddbb000a0f59265b2b4a0e48a2e9e57a6d531feb98ea3b4a92a2c4d815ba2135e0a16ce78 |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | ad90592ba1bd967fb65ef9eb4cbcb6e1 |
| SHA1 | a12ca9423455034bca28396a4067783e33818c55 |
| SHA256 | baec4072b1157a3179e6a3d144caedc96cd6afeebaa27da6a0444ce3d41c0908 |
| SHA512 | d19c6c46b2161eb4614c7b48ad1cb008bab1dac18d19dcfa535cbb670b8badf64c6eb37105624b6bf868084d5a47ff83670fe3dc69e075e6b75dce857fe307fc |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-journal
| MD5 | d6f5be42123b1a64f8e698d729da18ca |
| SHA1 | be8dc8685a94327a06c5e84f6835085e308fe947 |
| SHA256 | f108fad58a2dc8693060fcbb6e3545df855ef2f92b181a423e0eca57dfb3f083 |
| SHA512 | 29c93bcc5822b07e1bbf8dcbb15288748c9a6c3d5729d373fc274e26290a05b57e5cf03a6739b5a25003f32ed6d59bfcf464da0b7444b07994da19b5a55ce17e |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | 059100a520d17506d554af08f73b5843 |
| SHA1 | 30995f3f3ec558fb8761914bcc1792d41f17f07a |
| SHA256 | 7d291f6ef9a65e7d315d29649814734e2933db86fe3b1dc8b80a0532dabbeb47 |
| SHA512 | 6e8884032ead9434123c3e3702b9ad96fa13f7fe5fa0a0009702994f1644893808fa3a145673a9b0d8667ee0dd3a9aa8b1e6b5906f9a8cca949c6341a002896e |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | 63bf96b6fa3f3fbb7afe6a5605433fa4 |
| SHA1 | b59a6b78754c24378702b66fac5423c0631d62b7 |
| SHA256 | d04e746935f1b6718096257f438c6f9c2280636505ee2cca6370f988278e0a74 |
| SHA512 | 51e7073977f34065ea15fde121ffd7ba6548b8276349c958c2a653452ab9fc18e4485448749ded8b4543c7953da4488ffce2a9925fccc5656a08740e9059ded7 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | d6a3d0a9afe73cdaddcf383bddd19aac |
| SHA1 | 38ef559084e6261d72acb7d4d3f674e7ee91b21e |
| SHA256 | 4deb57e954ab42fc876adb233ea0a6e25227149480ff2a0533f5e4ca4f517c45 |
| SHA512 | b1b7ba09ea4c93dc9c71dfa91edb7b51846f97e9e3c4df8ef671aea6d9107181922520f90f103e1bd2e39653f6439d649ce759536501a395b7ab96cc6df11cce |
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/oat/xPd.json.cur.prof
| MD5 | 31dcc81286d51f4984eb291a0a562a7a |
| SHA1 | aeab2d15ba3bcecf526b5d4f2818306f6720adb7 |
| SHA256 | 92ca4e78722380178a5d557359f85256a2abdc5ee4fdb11be0a8688d2f720d19 |
| SHA512 | 709d1188f7090381e082e6b0cf5d1234d87cfee22c6680f74bc39c861dd933b3d613e14d9f8d320ef355270b96ba699ad3870ff571e9fa66cb1aba6d834f2331 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-10-11 14:52
Reported
2023-10-11 14:55
Platform
android-x64-20230831-en
Max time kernel
524026s
Max time network
144s
Command Line
Signatures
Ermac
Ermac2 payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Hook
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json | N/A | N/A |
Reads information about phone network operator.
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.bulosinehipibe.zusu
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| NL | 142.251.39.104:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | null | udp |
| US | 1.1.1.1:53 | null | udp |
| US | 1.1.1.1:53 | null | udp |
| DE | 172.217.23.202:443 | infinitedata-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | null | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | null | udp |
| NL | 142.251.39.98:443 | tcp |
Files
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 0d7011aae5c495eb21bc14fb36274b37 |
| SHA1 | 1688ae0e296fb51bd5e2e1e5e6d69f485dd595d9 |
| SHA256 | ec05193f495dbd4e80fe15ef83aff93ca43d57acdb397470c74c983d80898ffd |
| SHA512 | 16707e9e653b1c49969371a7a7cd66e1a052ea7aa6408ade08956356fef143c83f07987d43bbe5355f77aff826e1d38f2a66c7c4b43b4344f84e526e0bbabf9c |
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 76da66ec311b117dd6dc9847d23c2306 |
| SHA1 | 1d22fa205027f21d2f528ef32e377d6c20a15bbb |
| SHA256 | 9c2a5fb6388857a4e5dcf1c509cfada357b3fd0c41df04745aeeb9895d4b8f85 |
| SHA512 | 73a4284dc624cfb28e5e0994a2560f0cbab95c7e9cb3ceeccb9b1c5ddbb000a0f59265b2b4a0e48a2e9e57a6d531feb98ea3b4a92a2c4d815ba2135e0a16ce78 |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | ad90592ba1bd967fb65ef9eb4cbcb6e1 |
| SHA1 | a12ca9423455034bca28396a4067783e33818c55 |
| SHA256 | baec4072b1157a3179e6a3d144caedc96cd6afeebaa27da6a0444ce3d41c0908 |
| SHA512 | d19c6c46b2161eb4614c7b48ad1cb008bab1dac18d19dcfa535cbb670b8badf64c6eb37105624b6bf868084d5a47ff83670fe3dc69e075e6b75dce857fe307fc |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-journal
| MD5 | 986d32b27ebec4183157807269c0d152 |
| SHA1 | a7df49a790a636035bb7c6396723f7f7907a3a81 |
| SHA256 | 06cfa612ccc453f94a2fd8d496f7f03a08882c5e038a0cdd524246bd474cfc09 |
| SHA512 | cd3d6ebcb1370c165ed4c71e943950607af242645c09c51194f8b7c3bbe0ec236ca4e340a23a30fba7d5b5f3a1ec44b31b446922dc2c7508095414ebd2ef53d5 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | e7b93eca8fa339ca6413aa809abc11ae |
| SHA1 | 880d40a66c45f54fa1ccb9eb27bbdebe9d4764a8 |
| SHA256 | d56993f4515b076091fc4ed07ee75641e2a80b38480ab7836ed08e626d51634a |
| SHA512 | f16bc628ce4d9c7e75854f812e2a5724e4798ec58aca02b291b3a75a8b463711f368c3e072a2064e810ecf10f70730a9c27d86a22c9082e930d4395f054b8048 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | 1b650f73fe2ca33df4602ae342bab39d |
| SHA1 | 6c256612d6656381e873d52f9fd4f370b374ef4b |
| SHA256 | 950b54c60d56e49ea9eaaf904711b20c8565914496221667815951df7ccec710 |
| SHA512 | 92afbc497d8e19fbb4ddc82705b8b76148fbf247c32c8354bcfe5187823fcf2d46cbaf960c978eea7d5c4360719bde9b3efa23a25d4667b050607c628fba46e2 |
/data/data/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | f40e6c2e2ffa9ebd9f3c264d9e062da3 |
| SHA1 | 5fef64a4ee25741de67d02c63c21f8a776b734c9 |
| SHA256 | 75d25bc23bbe608dce1b60119012e4309401bbc058400b1b8dd742277599b69d |
| SHA512 | fde3b93bd34d6fbc7d7bb16696bcea989d6988d07fa61d2877ace8e8c5ec74a0c91ccf2aa386db8e5a77b37a72c172ad439b4ed13cdfc0f7959047a2a6bc80b3 |
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/oat/xPd.json.cur.prof
| MD5 | b638888de6c25c1755ad38978670468c |
| SHA1 | 8d4e5c766f679e16a319f88482976a5a054e770a |
| SHA256 | 756041f08460fa04af9ed37692f6b3a42585d8f1ad1f1c044ab600a1bcaa7d81 |
| SHA512 | a0a239b44e985496ee1c544edad055f233e11ef312427a4d790ef4db18b562633c89d4d052a7418bb82990a21c2b9871f6197e77fe21e6f456f9756de967c990 |
/data/data/com.bulosinehipibe.zusu/app_DynamicOptDex/oat/xPd.json.cur.prof
| MD5 | ef333424a3d3f335ebde3395319b1a44 |
| SHA1 | 6dfc75f3943236619e68ea7d6534e5ebbfb7a718 |
| SHA256 | 3bbd9c7ee712ea018deae7f8478ec8547be6133b133064a7dac5916f3444ad45 |
| SHA512 | ce3089e17be41e9462177489d329c9ac909a9ea8c5496875a3b77b4b5172217467b621a3be2fb98368ec1a6efd8c35f362b677eb9fa0648540c49af2b63be6b0 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-10-11 14:52
Reported
2023-10-11 14:55
Platform
android-x64-arm64-20230831-en
Max time kernel
524031s
Max time network
159s
Command Line
Signatures
Ermac
Ermac2 payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Hook
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json | N/A | N/A |
Reads information about phone network operator.
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data).
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.bulosinehipibe.zusu
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.251.36.42:443 | tcp | |
| NL | 142.251.36.42:443 | tcp | |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | null | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.208.110:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | null | udp |
| GB | 216.58.208.110:443 | android.apis.google.com | tcp |
| NL | 142.251.36.2:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
Files
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 0d7011aae5c495eb21bc14fb36274b37 |
| SHA1 | 1688ae0e296fb51bd5e2e1e5e6d69f485dd595d9 |
| SHA256 | ec05193f495dbd4e80fe15ef83aff93ca43d57acdb397470c74c983d80898ffd |
| SHA512 | 16707e9e653b1c49969371a7a7cd66e1a052ea7aa6408ade08956356fef143c83f07987d43bbe5355f77aff826e1d38f2a66c7c4b43b4344f84e526e0bbabf9c |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | 76da66ec311b117dd6dc9847d23c2306 |
| SHA1 | 1d22fa205027f21d2f528ef32e377d6c20a15bbb |
| SHA256 | 9c2a5fb6388857a4e5dcf1c509cfada357b3fd0c41df04745aeeb9895d4b8f85 |
| SHA512 | 73a4284dc624cfb28e5e0994a2560f0cbab95c7e9cb3ceeccb9b1c5ddbb000a0f59265b2b4a0e48a2e9e57a6d531feb98ea3b4a92a2c4d815ba2135e0a16ce78 |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/xPd.json
| MD5 | ad90592ba1bd967fb65ef9eb4cbcb6e1 |
| SHA1 | a12ca9423455034bca28396a4067783e33818c55 |
| SHA256 | baec4072b1157a3179e6a3d144caedc96cd6afeebaa27da6a0444ce3d41c0908 |
| SHA512 | d19c6c46b2161eb4614c7b48ad1cb008bab1dac18d19dcfa535cbb670b8badf64c6eb37105624b6bf868084d5a47ff83670fe3dc69e075e6b75dce857fe307fc |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-journal
| MD5 | a536667396f103801f44b142442a057a |
| SHA1 | 324e15446ecb6079b2e856f85b6dc0387d96d215 |
| SHA256 | 9154f560eafcca400e9a4e54b76329d7834dcf658854dff935f96507681fe85e |
| SHA512 | e9739a8c436bd766856d40fab9489db3d0dfaa4b583ce0204a1dcf1c3d626348dcf5a9d716a5138b8ac7e3799ecf704928354eca950d686b018ba0d8b80b5670 |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb
| MD5 | 7e858c4054eb00fcddc653a04e5cd1c6 |
| SHA1 | 2e056bf31a8d78df136f02a62afeeca77f4faccf |
| SHA256 | 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad |
| SHA512 | d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | f58cfdccbd5a2eefde5bf2ad01d1deb5 |
| SHA1 | 6a4c439f12fed9f19792a9246ec20be8413b827c |
| SHA256 | 296f4adbd851ee8724d4d87883817cb08c8ae5bbb6c8dc4ffbc3d6ffc2773887 |
| SHA512 | c6371b8261412fc36addf7712816c898f5290377c090b46c5e4fa6044209665900562b1d788f6b59fcbc1c067758d36758448a4d15df22f4de9bb14e479369ac |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | 4071e3ea4505c31cb26e7f1a1b863184 |
| SHA1 | 691bdb4f51bca1a957f99e62047e0f00c0ea47a6 |
| SHA256 | 5becc4f1d2ed9501d93c5dcabd6237ad52551c74010041f334717274150fc39b |
| SHA512 | 2f830a261760e9aa2e090c35150565b3a7df6726d735db75a57ff0079eb6e91446ec79eb1ba98bb8debfab8477f34d819769d2776893ef88b40dc6c17cfa2f08 |
/data/user/0/com.bulosinehipibe.zusu/no_backup/androidx.work.workdb-wal
| MD5 | 4f67e4b7a1e4c79c50b48a7a6ab80874 |
| SHA1 | d338e24f63de3075e81adce00970cbe0215a1a12 |
| SHA256 | 9cdafcf11f2ad6a502104adbb1b828ec06c9c7e38091512bb653d83f3eb35926 |
| SHA512 | a60a329711cb522c376ac17afa3719c71c21daa80d71271e1dae4bb3dfdc844da343ae45cb5b14fdf7449475646e827b028507ec4a7f651935b885e69ad1909c |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/oat/xPd.json.cur.prof
| MD5 | ae484771d12a68862e8398c5a7321e12 |
| SHA1 | 98d0a2116755681d4b27e8d25ac09e59e86065cf |
| SHA256 | 9af07355d134592545b641d3a3d2300c237e3dd6549d0cbcc8e45baab809366b |
| SHA512 | 95318f772e2ba5b7e7fcf908c376c991ae0bb98c42a2d5490bff64c34a267c514a4d7f352867df6c14b8422852f776c478facfcd81394659e21c8b72d63af493 |
/data/user/0/com.bulosinehipibe.zusu/app_DynamicOptDex/oat/xPd.json.cur.prof
| MD5 | 681b950ae83cee9c2320f82f5e16f1ba |
| SHA1 | d85e57c271d287a3868bb92b25d27cbda68b98b4 |
| SHA256 | b03559fb1cd085e084f49e6cda88ec5ba586f39a0fecae96f2ff863c1ef75220 |
| SHA512 | a78589ebf61982f4632702048ed9bd16c471d61589abe52f25531d9f49cac326218abcc4d878516b680da1523799870fb09647515b89775690e4cdc7fc158cab |