Malware Analysis Report

2025-01-19 06:41

Sample ID 231223-qt2rmsbgdr
Target 21c6861ea6cfaa964cb59dd3c3cf195c3bd18401824a80fdfdc9912bdb4d8b53
SHA256 21c6861ea6cfaa964cb59dd3c3cf195c3bd18401824a80fdfdc9912bdb4d8b53
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

21c6861ea6cfaa964cb59dd3c3cf195c3bd18401824a80fdfdc9912bdb4d8b53

Threat Level: Known bad

The file 21c6861ea6cfaa964cb59dd3c3cf195c3bd18401824a80fdfdc9912bdb4d8b53 was found to be: Known bad.

Malicious Activity Summary

irata

Irata payload

Irata family

Requests cell location

Requests cell location

Loads dropped Dex/Jar

Checks Android system properties for emulator presence.

Requests dangerous framework permissions

Acquires the wake lock

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 13:34

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 13:33

Reported

2023-12-26 18:14

Platform

android-x86-arm-20231215-en

Max time kernel

2807356s

Max time network

130s

Command Line

ir.teliyam.halva

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Checks Android system properties for emulator presence.

Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.halva

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.213.10:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 1.1.1.1:53 www.google.com udp
FR 216.58.201.100:443 tcp
GB 216.58.212.228:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 108cf038ba0ca378fbc7e2fc3821d4f7
SHA1 8e011d1b30c71197bcabdc386d0cef3218b53447
SHA256 da66f14556ab6a60c6e500f4e5e164a0d72e98faee31b621ca33fbf0acac56c4
SHA512 ce39e06c07bbeb99dc5c86ffacd179f31f766538f7e1bb0e717e08bcdb1df4acd5cdfd855ca2767fa0bcfba703d331fcb38fc420d51c2713da2f605e4c0d68a2

/data/data/ir.teliyam.halva/databases/db_default_job_manager

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/ir.teliyam.halva/databases/db_default_job_manager-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/ir.teliyam.halva/databases/db_default_job_manager-wal

MD5 d8fdadcbc0fad13a22c832ad92b4620c
SHA1 c5867d740f2644f8697c71ec9e70c7cab1ea4212
SHA256 f7f75b7023e7384601024feef2ef614a0f242475a4924d22e77cb09cbec7888f
SHA512 7cb335081c361cc486e7d5f0f01048946ddab60ea8e8f9f4ff72678afc7f3b3d884955a94a9ffb67aa137c4bcc5da52e9c5c68a3ea671283955996885d39b4e4

/data/data/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c188b5ee-5ffc-4284-8b60-e3666044a972.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/4595ee2f-d7cc-4894-9865-36fb73188e3d.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.teliyam.halva/databases/cheshdb-journal

MD5 817f7ba1643955d07d98f36f30ebbcf4
SHA1 8fb6e985ecb56c36db37cd885a2722f81c1dbe33
SHA256 a3d90dac26157971830341bf62e7ad90e71df12f05753fe99c4492b8d502e621
SHA512 c87c8498f4a564f5349c01c666d4fff178860b637ded50dd0dc6868e7cd6ed159a038199d3a155207dfbb4c70ad447cb192760fb916cb7b6d4fe26589bb468b2

/data/data/ir.teliyam.halva/databases/cheshdb

MD5 1f347cea6a53594be878e35079bdabc4
SHA1 ae24631f83d3c875dd678040baafb5e64fc6ba6e
SHA256 46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5
SHA512 6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

/data/data/ir.teliyam.halva/no_backup/com.google.InstanceId.properties

MD5 304eae19ebc02895b613ae9deb8c4d57
SHA1 48b3d015803ad0bc11f150d03f330bd854d50120
SHA256 bd3c8f244dd7fe4577c363852fb9671471ebb227d05ecdccfe79e85ac39274f4
SHA512 8bdda03c9c60c74ca82652d30df48bfddb61645fd9285fde087a36c4f109d76a56352045d22b2454b7d8bdc16b2faa46f952323378229d44286dedccc17b1b7c

/data/data/ir.teliyam.halva/databases/cheshdb-wal

MD5 4b12906530bf692a1df53a9f226fe367
SHA1 8543c4a33cc85be2834cdd64e7d30685f2a0d73c
SHA256 266f7ebb4aaddac271ad4e052f8cfc6c4e793e270a5b792fcf0e1e0f4b1e7335
SHA512 2b4df99e2a95f084a410fa21943b29eaae61b5f8c2e2a37dd50eb4283ac4ce574eaf225290bba69fa5ccc0d0b8fd9c4a5e82b060f5a4d1a2a44c869193022bf4

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 6b6bef710317a6a0c6a50f0fbee2e506
SHA1 dc7c2e333484d2281ebaae9dda6119fc540750f3
SHA256 21847375a85c8b9a1aaa51490a9642e14367a7be9dc2a5261614f546805f27f7
SHA512 9b6401622d3aec17bc9acbc0e949a4f32ade66bbd3030fb4ee4c02748e3542c71089c91927a71d7c8ba07490954832d63078e8be6a57e692be365294c09a7d38

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 3a3429e7805c7aeb15f9085d13c6dcde
SHA1 764b9468a9736ee74412aa36a40c597906ab4709
SHA256 d4eaa7e5205387d3033ce6b3eaabdea92fbb0ee261ffa18afe78d983261a01e6
SHA512 8dded3d6a122243f8fc10eab6c4b922c0627569856dd7342e0ebbed81be3a030c0c536716713763489c62c80d27c0647eeeb69456c834bd07aa2e649c0bbabff

/data/data/ir.teliyam.halva/databases/cheshdb-wal

MD5 cd91173401b773cff07205aea28d561b
SHA1 b50d04d586397cac63a5264c21177c09c438c5de
SHA256 20d3753dec1ac15ed7f9c9891a5355d447a61ac59fd921c6e2b685408d36bbbf
SHA512 aeb3e650e7f949b8b6be292acea7dbab3d29310e50ecf7746472d197fa2cfb8c90119391a3c58d462500949a527c0cc416c6bdffb22174535415a7b78285fce9

/data/data/ir.teliyam.halva/databases/cheshdb

MD5 6b47786a877220a9f458dfc81843dbae
SHA1 cc4f5d70dcc33f494357afffa4fd18c454db269b
SHA256 8a777b90c372c04f7494df1dc56b6da741271c3f46e39427fd9fe8667fd1feab
SHA512 041d9ee8be59cedeb49a30e00c1fe7df5576a50bebf90ac0c75bb61ad20e9cb50d19a36da47c82cb525b39cbc769ab79e23ef1c059d801d8a9aa3e0eaa74e834

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 de5a1fb764ae6b32480215cfad1f0c5e
SHA1 f1a6cfe051fed71ed56794927d70995c48913f7e
SHA256 71a79abd8c8154ff343a96cfb010bc2a92fff3f752addf45feebba3d70b9ee00
SHA512 afa7754d3aa32021631e992025d6889fc32e8e261a76158deb5322d5139aee53e37a9bdf6ee3bbfa563c68b06db41314cbee817d012c3e21c05e773d66601ef4

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 57883ecbb8d315d5737b56450505e7de
SHA1 05501848b910cb64dc1333e14c67ec8d792bbe64
SHA256 b54808cc3ed00c5b5dc423d994a411fdecd6bed48448cd1a5b36b64f435b2aea
SHA512 d8da435552a799959e1b4fd2ded92af5886079bafa5d9a6cd50f2d40f29efdbf2e246f631dd36b9ba73b302ca2f66cb718af2267f5f8f59fa1ef9790d6b5adb3

/data/data/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/1d174145-e46d-4d4f-a6d7-34d73c1a23ac.jobs

MD5 7fe54a2a8a2d473f1a4fc88e7c3de6cf
SHA1 78a53c162231115716f76ae82ca395da67f6df3b
SHA256 4b118b858082c996c9da63fca1665bde144203035cc81cc8770c4f5fe680a646
SHA512 eb78615635605b1da1c2c1a0fc5d4d8856948d271e10697435fc742b4e2423236586134f4355615cda843f61f038fa22825a23be4925225eb3ca414c4df1ab88

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 9c89764224c9435f55516346506b6e2c
SHA1 7d8a0f0e780e1c000dca3615ea58b80f4461ac95
SHA256 0b72512da6908af9f2866629ca4347b34aa3f730a86f90fde06d0fdfa72a07e2
SHA512 f8d1f1f236919dff31e8c451d70720a95b59066dccb5e00bdde3a719d830096c7ed38769a35929f6d0f1daa6c34c20aacaa5955c32788d0fd9832f5e328514da

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-wal

MD5 87bea1b38ca15b89b25bd18f814c14fa
SHA1 be3031724ab848a2be31e8becbe6f6d6b9b3a9a5
SHA256 5d90dec77f7beb95edcf677cc27356920388aa2d01acc8f9373af985daf34a51
SHA512 d2ab1c93469a960c3d6b473df11231532fd46988b3d5c60f00a63253eb93c6cfc3684a29bdc9964aaf32ebaad4c24a0d0ea8f4a1f157c8050c816bb580f87187

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 a57e9c942494571b9c724670db7ef021
SHA1 ae7f7d3838472c63dde5ddea25871cd65f050bdb
SHA256 a4dbdaf28c2b5a33a51717d411748f584d24f8fcf72974bb9a274d0eef707213
SHA512 b72e943a62e9612f7b4068ddb93296caefa4bb949e0f782f84d88ada976e5aaaf9882ee9909c12786f9cd0fc588583a8856f1ea3c28589e95b77b76db20a98f8

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 9ca9cf48170ce5d7c299ecc5bc2b9aa5
SHA1 7bb4259f5574d07ff05a0b910928b9e632c56e55
SHA256 4881b51c2e8464e08f9c14e6cf97b08b350889b024ed4d89c3aeea29534e9fd9
SHA512 dec3044a42d1873fa49f50b52e318d867c3b40406ea1e2ac475ad30ef51a671195990ac9b2d94472d90bc50da7661cbf81f75930d828482a01255235e0e14e93

/data/data/ir.teliyam.halva/files/info.db

MD5 c468ae27b6e4f3e8b3d9cada4ad69860
SHA1 f2e76dd95aa8411314519b79da6bf16f1d5245ce
SHA256 5564f46869db353a1c5db1115885f1f43967d5d09d693425a1e0d9d826a39fcc
SHA512 15d5b16ca41aa246ab8df5367bda7590b60cbf188ddcaaccd71e6d94c18ea140732ef3300d88878469bdb386612a9a9edc9db047e24518673ddb60aa4ec8e7e9

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 da6c0684f8c4ff2c761039d7a7c825f7
SHA1 f5137206d99c6e8f83560b97a9b384ab63714f89
SHA256 256c128b8a200002099a0cd9128d604dc35bb2443b1b1f05b37b0491996760c0
SHA512 8e4d624457b428289884611f75ef75747546c282cb36f0672ee278670416cd516aca6be005c5b3af373b045a19dfe95b5299540e8798bf1fe5bb98d6164f392c

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 596b9a3585c143a4a8384c0e9a67f048
SHA1 274ab8134a97c34ae652610394ac0dbf3a5f8d5c
SHA256 49611236965aae60726f5e0fdac021b5a5a78f8dd3acd738dc2c37ec3b489028
SHA512 84bc616017a6fd1ca37938312cd4e1b6e539cad41618f78f1d3437dfe569b027aa5f528ab3c2636ff937862a6ebcf21bb6150b91a91bbaf7af43a9b9defde402

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 123a3b7dca3d0539d95b7b0d5b65c3fd
SHA1 6afa5e2a386a7ae5d3a726b0cd36cc846da21c61
SHA256 e68b26d5ec9f992df6473069e003c7dd8fb6a114425134025fe65ec1f46e8cd5
SHA512 ff72f824f3dae07094e4b5f2668f667f8652afca1342cae24ac0cf011cb9955acbea0db4bff22a96b2065367b6a2272174e120630c5850879d4206acd53f1c6d

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 7caac1eddae94aedd8fb6bc82158b5da
SHA1 2f6b782d5ec8cfb30a1f059ab5bdcd14c915513f
SHA256 ac90bcc40c70d36368c7db2471a1dcd9c223416a175e6fb9a9771af1c41a3749
SHA512 a74cf8e4218697f295b9604091ae77bac2f0d70cbeda5c306313612e40cc97e3211b440eb67261af74e9981d3a414528818fc73a2d0d7b8ff4b92db6d6999b72

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-wal

MD5 03270a47f416ee8411797ca2fc36f56b
SHA1 4674e2d27df056186f9cc88314c9e09c55a97d9b
SHA256 8d47f881ddc51f291403033c5fb3021ecc109a4d05bbe9e9c4701bcf6e5d1e15
SHA512 9323d269dd9e6ef939c8ec5388622d18dcf7314bd6b9723924bd374c5d02d227a24c7389cf86fd585a23277e78b87923b5c65540c35f1729f9be1f5d99827981

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 720589f0f2f8201900329edafc42a113
SHA1 3dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256 543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512 bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 29e6c242c3ed107b8b5ab2e2e2df6be5
SHA1 3e28ce006e317ea5682832fae683f4cc4cb2f0d3
SHA256 9ca97b98502ed95738b9b7c7e683403c0edc036f01efb66b9f4f3427d8307bff
SHA512 52118f23dce579dc0842f727f395f5846adfd87f0efe5fb81f51361fbffd6eae71cb1576f374c6fc33fbe4d83aa0573f27e5776e8b2ff123c847ed2007f18832

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-wal

MD5 d2d2908b2b66c6d0fea4f663468ea093
SHA1 ce5b7ba4693c01dbafa7725bcd964728b211adb3
SHA256 6c7b90ec306bd2e59a7383cd90729dd39523af36d554f330e0e96581ce0f15e9
SHA512 c62cfba1a75b48a83ad0e70144cc8103d0b870e345ddd24f679c2d0e1da64c77a67335cf71d832dd2d047e8af1c579099488e0959dd56f8653c07584073211cc

/data/data/ir.teliyam.halva/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/data/ir.teliyam.halva/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 13:33

Reported

2023-12-23 15:10

Platform

android-x64-20231215-en

Max time kernel

2537062s

Max time network

164s

Command Line

ir.teliyam.halva

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.halva/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.halva

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
US 1.1.1.1:53 www.google.com udp
FR 216.58.201.100:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 172.217.169.4:443 tcp
GB 172.217.169.4:443 tcp
FR 216.58.201.100:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 172.217.16.238:443 tcp
GB 142.250.200.34:443 tcp

Files

/data/data/ir.teliyam.halva/no_backup/com.google.InstanceId.properties

MD5 9a13348c184f66097a1a38e6b1d675d4
SHA1 d0e41fdcd1978048f6529c8015230dac24fbe87e
SHA256 e553450cef73fe18145cb8c3d5d622bf6921093c1320bdf8e8f8f4de191af43e
SHA512 82bcdd8ebd9c8de6d7f4bb5786ef31b2be423f9ef21c03310c4a3412638e392e579d8eb6e8a6d3e7b0dc8ecb403902c145c1c7fc9e133ebba457541188f07c94

/data/data/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 e22c9cadad7137d588ab8034587c4e9c
SHA1 f45de9c2bcfee1cf7543bd2b246e9d4f5808ba75
SHA256 88a7ac922b02c99b80f359bfae679f2aa038d5290c598f548c70c2240d1a7560
SHA512 8a61d0c66b4b67812d1bda25af686fea1daf6643d18e631885fb5563e6fd97c668e5682fb2e3ab83b0c75b4dc95172ed120fdae60db1d60142e47ba0b5e5e4e2

/data/data/ir.teliyam.halva/databases/db_default_job_manager

MD5 163b0e3f017becbc89b9d7f330b78f09
SHA1 1ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256 cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA512 6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 e36abadeb7788c763297e15c7e0bfa97
SHA1 4682dba382b34ebf3a7d2f6105e713e7943ce3a5
SHA256 1fa10734ff84a56ad7f626d9f8b6fbfcd7a34cb4cac72eba61a7607d60d38ab2
SHA512 f0499ef17c05b9eeda44a64c96f4e77109f7824b615fe7298e4cf1e76272815b2b371278683e58163896d24753b2b7ae104e5eca99a72fbf5cad7732863529f1

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 4259de06635ea4231f8b2beee8a268aa
SHA1 1f90c2f083787e080361227ec51777f33164d0b5
SHA256 57b55b5c17729ce99138e9884c748c12ffb813bb5e98582c8115cf88af159138
SHA512 79a75eb81e497b1b3d09dcedffad6bd0703a9a792cc88f5603753c2f838700408cf44422a5121496451baca3086f2d684323840bb3e910aa7ff484617061ba59

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 9f97cf3160117d9aa3400e1581982429
SHA1 523b0aeba2de4e1a9a6f3dced8360e46064d33af
SHA256 21c6aeb6fbb4933f1f7f300a1c57d299fe552fc177caf8cfd66bc0b994962c13
SHA512 448729e1aa9448b6ae51c15a655343eec1a553378b8416d37184ffee4039f8c29a88beae893280c6da7cd77f9457ab9e5c488c42ee54c7b488bd93f00a88a5a9

/data/data/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/d71d69a6-1d08-4a9f-acec-9cb6cd9b4087.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 a2cbfcf9fcd2b94fbfcfeb81e462bc80
SHA1 12c5eb8b5d7cecf9c00a3760d9f899f5ecf5fea7
SHA256 0bdacc1f96fbcb627638a85741af16dc230ace01d5570f6048a29601d536b06c
SHA512 73dc670830d79a1dfc6b20664b0cebbd6aad36318ef81545f85a27859fca91a28df365f5f5a7d30cbf7b29d5c443c74dd978be3572e0c21eb635ce9cdd6b78b1

/data/data/ir.teliyam.halva/databases/cheshdb-journal

MD5 f3800211774d390ad3a5db3fa8b6f4a3
SHA1 79fe17b6751f9578d81dfe401bfc2753268cc54c
SHA256 9045afc04f48158464dd6463912f96867894b3d3f1c334645d8589b340202985
SHA512 b0ea65509154928dfa95f6f8dadcb437a10d5b53142d3c4058efbb7e75d5312040aa4f26f44723f3cbf2bbbc75187c3e7b47052b841b24edf3a9581c65a224ae

/data/data/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/2edcb8c8-86b6-428c-909d-045b72589764.jobs

MD5 1b5899647359a5badf7024c0ab8d8ce6
SHA1 5dfda944446f3713397e0ffeb0ff2029ed666d49
SHA256 f2cfebe51b7757b5689f225d0f52205171996f39fb9ed7efd33b793d64fc0a5c
SHA512 7d4a3910105410903c2c3ba44dc5aca248e9aac9d81b2f057364b900aca27762598d5264d920bb22d626fd877fdc05afa5347794e9276d501ece923bbbe00ef4

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 5686fb7d5ee21be718c3d3505461d640
SHA1 3f24327f9159e84254878c269574812c8a2dc478
SHA256 288ecac8aadb3c4c6aecbf3acdc40b697429ad8ee2e0a5769d273bc69645565e
SHA512 0d4cf655f2592ab4977d8ebdc2c71edec570198043b5e5868f9d4474b13dcec11816955b4ad820623eca7a49c588cc266e6753ddea33b20839f9b48db9c94316

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 ddb70849abf494afeb6ab9b900e4c47a
SHA1 412f8586c64e031074318b5cbb56d330f9fd15dc
SHA256 7e88ed6f5ad877565e6f681ec8a40bfa07c6fd33c9627a21f1111c25c69ae5d6
SHA512 3db64bf30c3d1d28981040b488e7d0914e758f88a553717d22c60754705a061f79af3e6240f976de5b44f2004d990a1c8b7e8ba69b5d6369935cb53ec3d0b9d4

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db

MD5 abe9fa56c177c65db8c072e6d81fc41c
SHA1 abe9e9bb6f7294324f549af4435f58578ae69f2f
SHA256 53f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a
SHA512 bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 f13a2be934231def9259645b5b46df32
SHA1 76494c25f4eb5d38b271a61abc61a92562081abc
SHA256 6d704e7e2dcc8a474afbb61046ba6b5446680380e4e13a5040acefabf81eb1c3
SHA512 30b6e69cdc04822509f8c179ea7bdbfd153649a0de4cd2b19da547ba085f6ff72458072dc829b495995c2d9df684b8a185a2203947f0271a0bcb7abbe430b12c

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 b680e00cc2945f8b9e5b137dddae7594
SHA1 90902f6e111cfdc549467048438831aa85c74d2f
SHA256 8f07bb12342002812aff800189d3159f9e7f83f455e84a98a1e0161f6c2d7597
SHA512 dfae0379118920974e71a9b4ea4531a7681a271835d835c46939625b94ec22c6914f3100f44bbdd2b3b9d3a45acc8d528657d30cd6b57bf549d259bfa7e51d9b

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 9846d76ff6802238ed9e5a6fafd986bd
SHA1 4e82a8a9a407c44ceffded0954edd49215bfc8df
SHA256 966727193ab0575aec0b6d1686c9a10774f6ec4823606c4c69ebbcf3d8620dca
SHA512 8acf62f18532475a09b797b7a54dbb46c844a898c5fd342efea327abd07eb8cf625af8eaa60e8f55ac2526aa142b98a6082280d907b8ec8d33e4f42381955a89

/data/data/ir.teliyam.halva/files/info.db

MD5 d12ead718269bc3619010fbee5e1e58e
SHA1 0e03a482fbc5b8382a85e97bd713759b2d1b267c
SHA256 dc5ac8935175f28e53dd020a71b97488b86728f3ea1fa650030e81c2af4d07e5
SHA512 53abfcaf258572b87408bbbd54434254ee0926d8795489a0c6fabc88a76fdc3709c581d3be20dde2046817ae48782f1f5ad18ffc28debc34169b03d71fda4832

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 7cae09614f69897a9530374c4f170bb5
SHA1 25093fc3612e7b448dc83d0ab10cf80519e3ddcd
SHA256 a6949b109c54a1bd9d2b47ba055a81ea4e669d2f25dd809a37474443479ba31a
SHA512 ea52536c14ad9bb4fd9a619db85c5812d218ae478a7a25f5fe2b9bb5a0ae8f95f8ef376a6f9533faddcb8713cf9eaee2fcec13159e98b6bc241a8f76280dc893

/data/data/ir.teliyam.halva/databases/evernote_jobs.db

MD5 12627a2ec645c4a4bc50dba5903afd59
SHA1 504005c938517e61bcf68b65a055c2faba635c2e
SHA256 f177ffae9650eb4f407c2d9a510bb5a5abe1ece2fdfe24effc62478a1bfa5903
SHA512 7ff69589296e02383a217373399e75d8a82fa17146e4273f4c0eb630f096dd9f394a3324d60858b02f7e5cf177c82c6d966f5cbedb68ae6a98df7cc851b79cfd

/data/data/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 16d25bafaad6d158417c16a475df3342
SHA1 19f5f3ca61d8e6187df7e380d2101d29617b6096
SHA256 fdf55fb5d0d0c487f44f35136c21584ba466445659653dccbf647d68b789d051
SHA512 f197c7ab1d5fbe0baa123a69dc07daa3b1f5e083993745fa190547601ef4109853f6476efc9ce00cb6d5ee60f1a204157be5081cd312b93caef3dc97574fbadd

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 2a7cf5dfa95b37c9499a2f7abb5aebd5
SHA1 ddfd8428c6fe7af1c36783dd2a739cf404659df4
SHA256 dcfa1f0bec1a20577ed4b6e054f254dd6e715930cc242ffe57bdd4f838c1c11a
SHA512 5ad05ce32974b8866d52486e5b2fdd257b918d143c06ce79cfe6f553f05d675cce871bd0808492f37beff62de13128aae801f0ea5f29dee27417c0d0aeac478b

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 775d659964a131bfd1ee1ac72f9e80b0
SHA1 7f6d57418818a7feb699c3fa675187eeb8391df0
SHA256 651dd9da1fe160298e0f4edb1ee70329d340327442840fe69ce53a95fd4e6703
SHA512 1d057ee5384340d1177a14118ad944076fb54a4bba63c7bfc334540f758f89091edfd7c07b77647f3c7fc58a5340262807bc586b70bf55543281c57615b70a73

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 7d6fae6f899967abfe87d3da317e0fee
SHA1 6572b34c661f5141bc9bce77466c79714b35c60a
SHA256 a01161d0f00d02fbbee03c3518c2416886a403200d912eed760d10b1230a380a
SHA512 b41547a62dbb0bf91adac5783cd6bfee1e79092823b5fadc3a3a162f56f504df70fcff088954795d50d6318e89d9b5c1f24be1d0672663ab520c30b5332589d7

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 395e0d43de41e8d38bc2f9898d8a30ac
SHA1 cda4ca3599675321d3a78ca6fb3dc4cb6c0d021c
SHA256 1db577e0b9031f0a5b5f3356dfe24307da3a08a9635ba869b6a36ca4a5bf2176
SHA512 746702ed55ce186001deaaa055df0a3e99dcd446a4425028253dbde40ab21e91c8b9b88217e58e5352adca2f2a3f857d9c257f4d15c86dd46ddf5805aa404acf

/data/data/ir.teliyam.halva/databases/cheshdb-journal

MD5 07e7cc18049f3e0122deaf5f471374cf
SHA1 66dae71b96432df62def7a74d242b6c217db25d9
SHA256 a3d1f3e7857f8e9a1d4df1360a2344c64f34cea5523c1666a0cfab9769e2f3eb
SHA512 9edd1f70a91624400fe45eb019f92177e848b4d9b32a1bd261560d5de368efa1fd84ffcc489636d5c1cc0316baa3d236e36a89f242edfcf6f2f492a172903d71

/data/data/ir.teliyam.halva/databases/cheshdb

MD5 74f5db9f698fa77759b3d56b363fd1b7
SHA1 f4f301e01f2c9d40e6ef0d68966425a037d8aba5
SHA256 4a2d6979d866e0e747b61f2b84b15eb2d35595d8db9110658459a89baaaac997
SHA512 701921695ddc54b3a36977267c22e3f6a67a28e65187c43c6eb9fccc5b4b3c96b0a1f7e99909b62b66f2bb73859706cf9c61ba65475e7ce1e0e15f2fe7d1bb2e

/data/data/ir.teliyam.halva/databases/cheshdb

MD5 5da0ca07c38337caf6ec53d22b4bcd75
SHA1 9c63eb8e1eef0a57edcb84ef7c4a58516c0acb34
SHA256 4b5b778006ea5dfd260827324391d5bc2bf2e8d323b6a876b49dfd0778bea681
SHA512 2ab475f4e957a06b75bbdf22e631a2639135edb16eeb4090909d9b0ddc8e952c0c56f88ea42ad5e971fd2873a01d89036dba1b417875c242aba82c65a738391c

/data/data/ir.teliyam.halva/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.halva/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 5623503861fb2cb33b7386c749fe316b
SHA1 a0059e2ae6dad7d058573c3fa6d774a40d9b58f4
SHA256 fd72c5e81b0a0bf5c0725aa3c28a7da35bf190511693f1b90f60ceee6be1a836
SHA512 f9dcf80aa0916cde5ac4b39735ec067da3032a242882430e95a42f5556bedf421dd4ea96c6fe198716b0a5fee60da7544ac29147722894dfa83cf3684cdbd0f8

/data/data/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 7fcff4a59163521a14c546167905d3f5
SHA1 b1b0bcd969b516b17526c8b9eba59740c1f6c96a
SHA256 08d592cb838af5b5a340c004054834fbc61c539813f20a7adb353f1d4cfd5d1a
SHA512 21b000c095f7c018b110761497f693582e414c39d84b8c9ff278a06ea803da4f79fd223213851f0acd2ea532c0024b066a14923cc6902129040e5bfbc4b8f8ff

/data/data/ir.teliyam.halva/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 2de18d1033e42fdd9050feb5a6961452
SHA1 7211387900298bdf6686510ee11447845cd780cf
SHA256 69e59a2c37ed3f7452b5ce5707ff36f099da42f1123048377d553afd3b34f914
SHA512 0ccbf846f2e7dfbdca729edfa702caf790d8a8e8427e01272c5396db3f9d9a0c2580032a03a4aa96c78d3a7d9f7cc6b485f7ad12bd6d304de46ae12318f06dd0

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 13:33

Reported

2023-12-23 15:11

Platform

android-x64-arm64-20231215-en

Max time kernel

2537202s

Max time network

131s

Command Line

ir.teliyam.halva

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.halva/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.halva

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 udp
GB 142.250.187.238:443 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 64.233.184.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
FR 216.58.201.100:443 tcp
FR 216.58.201.100:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 0f0fb26dd8ae759c060c27c07ecebf90
SHA1 62a7b3ea5b33b94bb974f12d03ac21d2de8e7ff8
SHA256 bf7174b83ac105f62c7dad7297e75768ed775097336da79e44f6acb5b46820bb
SHA512 c91e3f7f663a5beed8dfbdd348f63fac9add23751242b4d85f309c1a0b68851c89f8585ffd5a6dd27fc054aa1c21254c4a0e3099e6fc5dda5138eb65143785a3

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager

MD5 94f1a9d77e9bff1bf826e5a12f0b9cd6
SHA1 df2c63fa4b2dbedc7deb4904a218967e914f085c
SHA256 eb42e71e7e4ee88a1f8648eb17b8978f4fdf2685c0a67ec7d85b8df6815d1fca
SHA512 b62ed56ff1b7bff7a7f540e9b9ec1a429d13c716e31b29eafa4021985637eccfa5809526dc43c2932f956faf9e7bef48ec4260ad1bb378d00a948c1a1905d40e

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 e6ee02cda3bf24f6ef5bf37049d4f59f
SHA1 0f6c6c3bf97a491f8b68a42a5907c2b2b9dac4db
SHA256 1ae3a627e7556094eba9551082a911dc587a5d8fe524070b6d0d023f3d9280b9
SHA512 f206fda803357547ed1ab2f905b13c08c0577d087a284bff40c1f5ab5cf79d2824fb071f7b1440408f0c51ac6dd29fb92e514ed2d50706e1ebb53196422d4e02

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 ebbe3907ac5c0eda4559939b6db50c07
SHA1 49866de0ea6ba29460651052bb7a9683aa8003de
SHA256 2aa5c00e43478c7366128dde755f8c56aa382f6b966b6e418d8e25bd66a3bd65
SHA512 fdb0e3e3808153e8800f259b6fc2558afb102866f10d22c21159cb3ccd9003e9d54953c3f38c45e2edcd11f169b01b6d71ad876187723745cce1720c939ff7b7

/data/user/0/ir.teliyam.halva/no_backup/com.google.InstanceId.properties

MD5 b69fb35119d16da1c7b06325aaa55c5f
SHA1 e3bc2e56be90481b3151f30ee8e81e02aa28afaf
SHA256 1a47fb910f0d6d90d7e2f1952d4164f3dd662f1198790333a8f70abc3371de9f
SHA512 eb736cc37d97a9927ff987ac9b29b12735aa8d04785e187379f850c42e3ce96f31a0fa4c037123c6b31f1a9f367dda2a412abdabe9043611e8bbac978bfb1c69

/data/user/0/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/854fc6da-42fb-4eb9-9fc3-a65b09442cab.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 ee81e4e923988d16e171decfe6632318
SHA1 337fc86eb8d9268b62a5e7e980e9fbc870ac3204
SHA256 08aa33ca0ad372174487caf1049ad5c07af5b599f6831c629fec38d5dad0cb24
SHA512 809e7be4a143622f2171987ea099b05c10ab2ff2cc775dbca559ceb7efb1b69d38a3de441351c142ffc31d8a7ea2f5dea3f92e0bd61b4228d26439d69cd7314b

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 9199ebcc9356af593af9e5478860e23a
SHA1 dbcbfa9eb15c607b479c8cf4934810869138b3dd
SHA256 b4922c1685e8673a338360984dcd19b309c68a8eef2deb50b2cd76e68c57c557
SHA512 0f743c23f8bbcb2e10b503cd2b1b846734bc7d67bfcc2fac6f0159a98ca6997a107c1151f091e7431f975555f707192d57171685968ac346ae9a37106fdec873

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 2e8d2b7e3b1a8758ee427d301314b7ef
SHA1 32bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA256 67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA512 2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 85da91e2f36ecaeb6cf9010e10a4da87
SHA1 3b719b12cef79edc43367c2a8ef78f7cadf482b0
SHA256 faf22f75904d7aa403ad4fb73cb4a1d6540c0e6dee218472d5919759fea9c8b4
SHA512 0d477f124e3f70b941e82d7aa0ecca960bb28946dd86fac827d424732b1dae2fcd80fcea93f56a1aa3d770c77e44f5d6f06cfc6036310b206a7e3b7d9f60f37f

/data/user/0/ir.teliyam.halva/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/0772453a-0531-4cc8-b214-c9b1a09f9f21.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 2d01ec2c0b5ed6ce87b04cc969919514
SHA1 1b3d34909bf7e4d934aa1f947a66638eec178b4b
SHA256 807164cce2abb4e985bc553871f2bd434d8ed31ad60f663c197554f39bba69af
SHA512 88466b1fdb7df0c51b7f71e63f578dce586b4fa37afd72fb4179af9d0f9b7a15c6c7b1ec378fc47e8a365ca4408e3759799fcbcf00dfc860ed9c6c64b13ecae1

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 eefb3a05ff69cd23118be96050029a11
SHA1 ab82dc6211584a3fe88f09890be14f5a7d80e11c
SHA256 340800fdc96de9454c005a69e8b14017fe35c544660ef10b023840495339a875
SHA512 0591ab51005fa5a913133e745a8827228be625b1e979533be492ccc7d5224c5e96bdea3fb079b8fac9f7db65971040439808ed5622ca30376a2aab1999e598bb

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 8063088d77597b20b2cea0dd9dcd6879
SHA1 87bd3d28828e81ce4572cb48bcb0da66c21a5e2e
SHA256 6ae94eb79de3baeaf383c2298d7732ffa51b6037d342c34a87fb86efada87b65
SHA512 616be1bffd6f301bc714fa23fd06b591ff58c601e3eff091c08866c4b847d054fb632843852b54a3b91f3d0e98faa44113188eafb572038648487c5969331972

/data/user/0/ir.teliyam.halva/databases/cheshdb

MD5 0660d3ef5f0245096a9fa0f61d6a8666
SHA1 282222362a5a05e3153b7f6b49ef35c667b19542
SHA256 1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2
SHA512 18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 e7b14d0f3f3ec74149155789b690a0f8
SHA1 c737a3976b307bba006e5b3c54b38acc8fdb7f89
SHA256 ca7703445d1eab3b98da6caa5b610c9f34b9f3ca0095c67b2b721a98a3c1f386
SHA512 fea9087146b648a17562930c975e35c5b19c701b638592bc811fd5871b0e73a5e800adbdbbd219b2b1d77eb459e5b7cb7cac628360ca3ec2da8867ea112e4774

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 7b53381e54bbf1ad42d7fe140af01310
SHA1 f3ad3504efda21e560fa9ac09b0edb2b13aec446
SHA256 4030b860d140171ec6f8fa7cb52cd280ed440d0a3090e9f0d9522fbdf848fcec
SHA512 8871b10e61acb79cd92d72d49c7636a970c90cbc066ec36f1b2828d1e64fba08e1a38501baf11d16e2dbd8bd2ed3cd2f4b5a713f1106cb350c8e17337d760281

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 62c86ad5b6cf7a947248e81b18358d97
SHA1 ebaa8a3fdfd8f6a8044bfa17ac2408c75cd12d50
SHA256 9a9494318a99ace700a3dc620ffd8398c12922448f8d14b8983c6f05ce846162
SHA512 b0df5438119a7c7df283506133f6114edc02850bb612934fd47d68961d10b09502270093a1e0382ce511ebe2fe62c07efda21e25bced6fc2c40e005a6950e6bf

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db-journal

MD5 5d952c4d2fd0d39082256bb4b0f163d8
SHA1 09a9ba791241650465c5471dbfc043dbbd752532
SHA256 e85d8a9a825fdce51e714aac09075625d4203057fe1a0c6e2581cefcb15f19b7
SHA512 29fddf2406360cd7ba3bf299e147c0baa3025412a34f21bd9ed7d76ed971c6d082e35d2cb0773cf1192c023338dc9d2106350eeb1e9439be98c05653c0655df2

/data/user/0/ir.teliyam.halva/databases/db_default_job_manager-journal

MD5 ba0f5d657f03b6930ca4f3c2f6d44717
SHA1 dc3ea5e0625f893cbfdaa7b5178c769f10c05544
SHA256 7ba251782ad0961814d001de77782723dba4d0ba2983485626dae06738142065
SHA512 bea4cc27b1c1742626973e4b54f355bd74a19886284957562c90123d3737f08b276308a428f035da78a230fa1f636a656c5e419caadfecc88dc017e627ef25cb

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 404b36a79f552cea88bf63ac66530ce5
SHA1 25b4cf6827750b2f62e07ea9720aae06742ea9e5
SHA256 7fd3713ec18a7376881eba8ca76563ef0329e2d3820df358a6b390cf80e96a4e
SHA512 f837e36b29d561b1558275ef3e14369918564f5bdc1265f919c601c750e7db01958ca6b37a8bf0a079862d66c7f9df6d9c4f42b192a474e0047d94826338b8f4

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 53fd4fd21c455ec66bde31d71ad14527
SHA1 71380ad9eb91c181ba50a914cdfa23a4f9cd33e5
SHA256 5d9d2ee38989807f9d14e6881048efd8760c7e8ab88e84a67011fb6525e91f20
SHA512 eb228d8cfb1868aea76096556f87ca0153e7d51e2c6b5fc39a211fa2a64392e133c766a8fd7f237f51c0b42ec59d74d39f9d54da7c8da5523fd9920dff0b1784

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 c8080a2742ed9de11a1b7640be00d34f
SHA1 1500f144544ed902ce8f745fee79d495bf969978
SHA256 bd4cbdfecaf18781b4db414e8db4f97c345aae638b4fa736628f3a13fb9d8f98
SHA512 c70300f856be080193332d49c07bdc2f183aa38d11ea51e026f4cc82271c7fe1eea8060bbfbb5620b5caba27ed3ac596482fbb204477ff929fb97b09716419e1

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db

MD5 fb1cc6bb20378a75da5a294f767739b8
SHA1 fda2319fbb2f513875b05fe5139f12f87ea45335
SHA256 799b83e04ae3934e84d2470943621fe83c0e3dfc1560e8451416a527549f8f86
SHA512 37d1ada90f3b9b88eb5109d85669fd521697e0f57e127a5946c94d4e71b38a565c4c5010ea5e5589f344f61109890ab456992d9386111032d852f6991a3e9eae

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 13060f08a704f572711cc603d9c0ed54
SHA1 35de8a710cf3e4a002076ddbcd47e9f895da25ba
SHA256 43e5e5053048168a6e803e1db07690e4bf1bfdc353e51edf6ab5bbeda74c3903
SHA512 58f9ca96b95bd01a4bdf693a9568493d05271a8b3b5d60a4938e4f684ccba0afa108f75feb8ae07a7ab830dccbfbe88d62ebbd6a79b23035b907d21bb436dbae

/data/user/0/ir.teliyam.halva/files/info.db

MD5 c468ae27b6e4f3e8b3d9cada4ad69860
SHA1 f2e76dd95aa8411314519b79da6bf16f1d5245ce
SHA256 5564f46869db353a1c5db1115885f1f43967d5d09d693425a1e0d9d826a39fcc
SHA512 15d5b16ca41aa246ab8df5367bda7590b60cbf188ddcaaccd71e6d94c18ea140732ef3300d88878469bdb386612a9a9edc9db047e24518673ddb60aa4ec8e7e9

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 1ca2a5501154e9aa277bbc29693d8568
SHA1 5bced4a27463f4ea877030b22cbd673583516480
SHA256 e1f696bfcba9219bd21a8ae00836c57a4f89841522fea21310cbb800e0fb6f0a
SHA512 a22fb12a649339356f32b3600785b8554fc3b804b80612f4a5f4b915f4528436a9dd30324248ebbb5d70da497af8345d8a94f6a8b4aa66b7fe733b66b771fd68

/data/user/0/ir.teliyam.halva/databases/google_app_measurement_local.db

MD5 8d0cd16581ff038bbc5e88cff4e8ad97
SHA1 af55a06a1a75e0c5505b71c89a4959095fca7b51
SHA256 bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89
SHA512 d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 315e2ab470f9ff831bdba2797b196f09
SHA1 23c8910ae8419b5fe0eed0ea99612f81cd8651c0
SHA256 89475ea5db45f42cb6114aad185857150f40cb27f66698b8ceeb0c2b84bab90a
SHA512 3ec64098fbf589d5560330b4a40c23b59ace81e5a1fb451cab7bbc5b341d087ffd13dcddaadaad81c4204761070727ed278e0f6fc86c0343743f048d28112754

/data/user/0/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 07eac73925b87654b94b6f2e565a32cc
SHA1 eb8d0d7d42f91acb2404b65fca94ea5bdba6df2c
SHA256 95c93c1441e22d2199e71fa9f856304dce4e680adfe097a73ee66679b445e75f
SHA512 978051f03c15ef5c5a1f05caacddc36728fa46eb9981237524cf9e1a84ffb56da57b7dba598a133e3e7c7e6695391c44ef9a373d57f32a37e40af6cd9c05db78

/data/user/0/ir.teliyam.halva/databases/evernote_jobs.db

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 73bd484d852fee976ab8176863a46e7b
SHA1 08590165bcfbd61200c6efcc6f58ff8a45b048c7
SHA256 72af2a7a5e4100e35f273f75b6956a4e73c54832d815e606bb59b3bc5f2edad7
SHA512 9ad1af2d6c0b4b1ddc5d4a919ca7806a43814f866f343a942e4e9c731244c55e0801387783588f4f45d2dce97499eb28ead36dd92aeb8ef08c0e2b1f682c4f6a

/data/user/0/ir.teliyam.halva/databases/evernote_jobs.db-journal

MD5 8f1f492f5bc29daef01a692370043a0e
SHA1 5ff56ec22049a47563f6a305cc60a056726c9f2f
SHA256 54892d9bffdc21cd393ba2e96a5ebe8c7c60e082ef3f9d3a566ec9a5e52f8518
SHA512 b0f1597b81a6ddcb81fc17c8d5e9dbf5955c7d90837c16fb8240de88300b2597886cbb7513d466e7d3cdf39d7018a8bc8faf324334ba0ada5bdd39d12f4f06bd

/data/user/0/ir.teliyam.halva/databases/cheshdb-journal

MD5 1a9e38f7a3fc94c90fba135f1ee85f14
SHA1 b7eafef231b2269cd2f2ed844022da8b74f8da1d
SHA256 1d2e2cf117fda33779766745b79a0ba6c1ebabef537d785239cae18b13a2b712
SHA512 0ee294c0935849aa2633af52d1e9fd5654f6067e0369127e95d31d8f074d3b450d0d8531a09f377ebdc944371da35ebb377d3bc85016b3a4a49caea894313e9a

/data/user/0/ir.teliyam.halva/databases/cheshdb

MD5 5bb2a3dafbb8cd520694dd650b4672f7
SHA1 df373e28465d9b6cf5468d4e6a12e5c383219afd
SHA256 1db1cd070cf7c4d580345b423d680f19e6dc3ba13b2cae9b34572b1ea69ff6a7
SHA512 528b8c2476b594424fd7adad1dc38fb74b5ac5409547b63fc5b4b16ec7dccef76ab62188402d2ff60734919961f53086d1f0f31f5d5ee720a1d18790387aa68e

/data/user/0/ir.teliyam.halva/databases/cheshdb

MD5 b9bcd1538961ec6162ce9ff6dd37f552
SHA1 f219a9e37fb18e6b43a6b2aa0fd4e275018fe382
SHA256 e0dcf6e56015819324f3244eb7c048ca4d791dbc9f14d64f6bd87fd622a12ceb
SHA512 de052b8c60454a988f249179836f49de4bb85518b92433996f91593167365f8efb56b3d715bbcff848ffcabe86124a8ef24f329159f82691a8f3915f9a72117f

/data/user/0/ir.teliyam.halva/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.halva/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 82020e77c3798d7ec4524cbc485c8402
SHA1 177c23fc3adc25d13b62c1f61d0996cd8fbbaa4c
SHA256 8bfadf41b6b96079c57786752958812948ca872b080f8f99997563032f40084b
SHA512 c145c7f16d3984d25d9c1c1400b55e281da6dba934d0da7932369df0db112ed25f01e43ebb54df85f64044901254e2bc7cf89e0bf7182907204ffb72b31b3a4e

/data/user/0/ir.teliyam.halva/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/ir.teliyam.halva/databases/__pushe_base_lib_db-journal

MD5 ac29c094aa6180e77eea21165642f1f8
SHA1 73d922f968f697f9e4190d92062444c4608fcfb2
SHA256 99184198b43f8fe88ec0c6c154bf26e32de08b14a9a286b09ad0baeeb2221768
SHA512 957f134ce07f64049b9270b900431ea128809ca1b6a1c5ede80b55363625fd2a1555e29fdab64af8f423a50aaf3624c0df89a650bdc7d0990a8424522930c57c