Malware Analysis Report

2025-01-19 06:48

Sample ID 231223-r5p3naecgm
Target 344fa1153663772a443d1bcc5930fa0b6e56e46346704acd51eb8b97eb43de47
SHA256 344fa1153663772a443d1bcc5930fa0b6e56e46346704acd51eb8b97eb43de47
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

344fa1153663772a443d1bcc5930fa0b6e56e46346704acd51eb8b97eb43de47

Threat Level: Known bad

The file 344fa1153663772a443d1bcc5930fa0b6e56e46346704acd51eb8b97eb43de47 was found to be: Known bad.

Malicious Activity Summary

irata

Irata family

Irata payload

Requests cell location

Loads dropped Dex/Jar

Requests dangerous framework permissions

Acquires the wake lock

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 14:46

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 14:46

Reported

2023-12-25 12:09

Platform

android-x64-20231215-en

Max time kernel

2699015s

Max time network

143s

Command Line

ir.teliyam.esnak

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.esnak/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.esnak

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.179.238:443 android.apis.google.com tcp
GB 142.250.179.238:443 android.apis.google.com tcp
GB 142.250.179.238:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 142.250.110.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
FR 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 216.58.213.4:443 tcp
GB 216.58.213.4:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 172.217.169.46:443 tcp
GB 172.217.16.226:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 a1f5cea2220d481cb406dc4b4c51038a
SHA1 71f059a1577ed6868a7e7eacfd44203900d88173
SHA256 2ba8ac3d41884d84594611cee080020bfedd72986d7a301ac5126e4f7befacde
SHA512 a7400588f68e9aee4e827310a5f8ab7077650d38634e34717c203113a1d7d8029fa88a835e713360af3ac5cc553f82dd88e91c6765e11bfd67d7bda699e940fa

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 b39d8b1deff03afef76a974722e6dc38
SHA1 4a8c3ad050d6147407abc710355643196b6fc121
SHA256 fa561d5b133dd84ba786357e7b56e21911adfe82f60e77bccfec8dd49e094710
SHA512 6fbfed6f31c26928d20cb0fef180dd9a2a9a90a2fa2a3104a48a79f128b0705a252437bf15ab2df09b9c7f2b3225b32567ff63ca5286970a572f34633de3d543

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 9028c8c5d1c7f834f99e0f133f892a8f
SHA1 fab9c59928fb1c532f287f48f3d1916fb686caef
SHA256 ef698bb1543ea0e9ee10d5c29958123d0a0d1d85e141c9171c7e6e7b4ec20e70
SHA512 87665deb61a7145991125178df0c7984d90799842adc9caafc1454fe7df5b87288df65283870d64fee103881a119d03d4f80b3b15f52d180c5bb9e7e506f99fb

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db

MD5 abe9fa56c177c65db8c072e6d81fc41c
SHA1 abe9e9bb6f7294324f549af4435f58578ae69f2f
SHA256 53f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a
SHA512 bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 1726e4f4ce64bc699370a7937aa866fa
SHA1 b67c1b2001d10a9a54a46f28b6fc7f5d442cb694
SHA256 8328c4477ef8a8df1a51cf075b7b231b67b57e905af516c0b371a6859139f339
SHA512 4035fa60e35ca36807ab544a3ea4908b09baed819fe1bf034d94c635f0dc2159d9b032a1ea3ff2589d4b4d7d3c1a862a58c71771d58d1b5017c6822e05b8ba1e

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 02e5bf21f2a051096afbceb16cab95d2
SHA1 6712d250d5090aebfdc5a4027e4808c01c62d581
SHA256 a6d9a67629aaaf458a1591c60da4e40a1f51c5b4d27ee6d4f1efae24aa0490e6
SHA512 23906b17719f6781fbf1aa7788f0e9da4f86dc93eef509aad861053896869ddefc60c04e46e4e0e56ec8e67ac179dd316c1d44f9aa798ea8d2cc11174b76baeb

/data/data/ir.teliyam.esnak/files/info.db

MD5 13434b54418c88f6faf6343dbb3fdb38
SHA1 9d42bbbcd24b1f6cb5d01199379a7f5c514dc2f5
SHA256 2dfae7520fc296a6a87aa9f683b8439c602238691d556b009b3b3915d9b9b42f
SHA512 c8d592b9e8cb20e4a1246e36f6c2789bc6d1c84f5506009fc64ab2f7f81fc5e50726819ea4ea700866a5752fee406804928c9c0b3cae2af02a3ce90400130c63

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 62ce211768c36a79d8dd9ea1fabf0f45
SHA1 0e4ef10cf1be5239b4fe07d6683548cfa7d1d857
SHA256 057f0392e03bc5eafaa4870c588236cdedc9a9b12f75213fb75c8b283a35a710
SHA512 c704c6140144f695738af4cbc38936a31a9c87f6828d1b1146f022aea383201a30309c17b2a1d42b97a7460ba1d050fe61b76d1735da869c7838a27d02777336

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 0fb6498b156dc681b2f9d90eddffc0bb
SHA1 93bc6f4b2cbb917d83b9f7d803c2d967a85c49ff
SHA256 e84a2d30b7ea8a996f668ec87a032a946166e906cd3e4fe6ebb10e8735588735
SHA512 3779116a7312b5555b0c74bc9be08f76d0e0406565ddb5a760693eb7305bfb02475c3ac03d168e31d394d9611bdb8ccf19b2200fcb953cd2fe3c2dec9bc2c8b1

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 c36887fad51e47f01f28e5c9599237bf
SHA1 60345b6298e7c889ab2fb01bcb7e2719fecef798
SHA256 1b26d89766f2793f6f0309b427ac4f1a5fe201948d35b4aadff18902b03e2984
SHA512 61d6a2b4c8abf0f3c03275b4a823ec0e32778fb8061975bebbfdadc5077b541a400e757ef5dab1d5cb2627db74e9501b8b55b4a060733078903f43271c2180ef

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db

MD5 163b0e3f017becbc89b9d7f330b78f09
SHA1 1ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256 cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA512 6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 7556c33b76f9a28c87c56cd5263b5015
SHA1 75bcf3a3678bef00053e76a1f0e505eaab4722f6
SHA256 9c7461006c95b188a438f294611978e19e7589d0b45ea53cb633be3adc1f1575
SHA512 25e5b1ddbb5715ef96f40addfed224cbe01d0bbe5668793c9a6a0bd0b7476effb98106f5a2d7e945ea9ec655142e509a8a46773cf755de4b667ef0c471a3fb76

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 4960d667d5afa6beae5146f60355918c
SHA1 1de98d3a6ab2b1c615170d872570f9782baa2d62
SHA256 d6683993b6d951f4a79cb3a7110f15f638b80158f201ac618be63195f0e8c302
SHA512 26d7b4d2fce7f18bc2c4caea82f0fba5e79ff24f0962a3d5f0c7b9b38cf4700d5542fb7345e28554e7f372d621da0ceca5ab032d0cd23d2e6d0452ae6bbdedd6

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 bca2bec63de5f0a301f42f5a0ded3a5a
SHA1 a4d3ee82d9f0ee6d8a1f7f0ffd0e869772d02014
SHA256 de76fa8ac1ccc4a520351cc9be1190069bc76b9b502896ba99858f6f486e3cef
SHA512 13763ad2018b2cd15eba231361c26f8a3787ef7f3ea3041dc5d53d7b075d3d6502b2cdb61076027b036ce7bcfc034fa666ac2033473b5ad566d59b08e1360872

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 4d3117c197f34500b798299ccb14271e
SHA1 45fd6d8e5eea981627531d9d36611f199b44106f
SHA256 72ea0d565fe416e5419edb1c0b57198219bf3bf8feb16b04531fc34c74c31ac6
SHA512 ae227e352fad5d3c8ae69aa9c78f6350a7f7f7949e8668350cc23d1bb4c0d3df8f4c533096b13973d965e106bc4221fb7f63a4798f734237c0698e6dd47887e5

/data/data/ir.teliyam.esnak/databases/cheshdb-journal

MD5 af93778fd80b8758bc0309a825940389
SHA1 3a6336234a836086996635f59dbb1f208079c8de
SHA256 9654d882aa95c7b0c412f79a846dd3097dd0e378bbd52f454572b20bcac6bc66
SHA512 fbc52e98bb539808ce65c9efb2e6319ae2d2d626bd05c208c9e23f7e45de0de2c085811f190fe9f4ac1d655764ff69d39824b8ea8f1d8f9a2bb5eaa85812a255

/data/data/ir.teliyam.esnak/databases/cheshdb

MD5 3480fda97342c06d190da1b3f98b6935
SHA1 c0056dac34e3b5ce1be5375e3e8b1ab225ebba10
SHA256 6c275583a5cebf40e7aa55e5bf37780cd752076fb3258ab9264bc0aaffc08aa2
SHA512 84fe619619f8163760daa7a7995ebe2ec638369e307bcdd4507e7cf9886df7ce1afbd8502e59f0df7090620d13882e0dbdfbc643e803082a4e288c72a7506e38

/data/data/ir.teliyam.esnak/databases/cheshdb

MD5 af2bbd8a875abe3295f2de09e61c6cb4
SHA1 eff6fbd61829fd39ad7320cc9b78dd76bdfab817
SHA256 6c714ac2092c92170883dc8337fc484418ed144059030068b1a9caefd7ab53b3
SHA512 4ad1539aff8f70e6772ff904752e0d27fd7fb341f03d17822b054ff9e26cacb16cc65f64af29974e3968a44f513eae57c4b12b98f0821e6836acc5afcf27c589

/data/data/ir.teliyam.esnak/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 388fe5299665978f68a2fdc5698d53b0
SHA1 2be0b3c158b60fe24927b83bb2158ae8e4e1212f
SHA256 591e70236ed620ceb6421c1cfdf5aa9b390a7ac07b96d1ea8c258bda77394582
SHA512 b9418e8614f14474a9656ee0515bab03ab1faacc78b7665429a8e6c55918cf5a891a9dfaef0082259b3835886f76fae4679dc783fca6dc4e7b5e7cb319bc1e89

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 4322306fd5e0619ac6c6e79a12f43e8b
SHA1 2e7460448746f1bb23ccd55a9d33606cbfab0f62
SHA256 6497933b62e590d468caa9b743747bb0252286b30664495b75195ab134515441
SHA512 84a3c6dee4d7cefedaa848f434a39b251ab232f22315e7fcf2bd757bc3f86601c9793a24f4d693a6eebe4e6429eee06853682359ea193da174aaeac04569ac89

/data/data/ir.teliyam.esnak/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 5f87ea5668b047a1429d66a056b143bf
SHA1 ae4b29ed3c9cd0edda062f0ad0708f72714ec619
SHA256 6c80284de16dae3250047fa1f735e3cba8b230e2c466ec816afa03165f89e324
SHA512 7cb49c62633706e2e817e0748faea063974239a82818a744e9b89fd8a2322df1668e68f67b8bb52d6432cea8e580b63412619200ce95a87f49b856fbcc050246

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 14:46

Reported

2023-12-25 12:09

Platform

android-x64-arm64-20231215-en

Max time kernel

2699010s

Max time network

150s

Command Line

ir.teliyam.esnak

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.esnak/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.esnak

Network

Country Destination Domain Proto
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.10:443 udp
GB 142.250.178.14:443 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 142.251.5.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
FR 216.58.201.100:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/user/0/ir.teliyam.esnak/no_backup/com.google.InstanceId.properties

MD5 57df21de3c6c30242c7398655dfe5c39
SHA1 2eecc071661a491486631ed4ea8f051d0945affe
SHA256 2cbabd781c7515e143bffcdd54e447020ceb39ba3c39cbce9fbd922062bac659
SHA512 66ea92590af7f22298ff1ea8a1ed80a3951d6cd3d9778f1dca2f1a881cf820061f9809adbf89a99fdbc92afd302e96e08be589ebf386f6e98d0df696fa0854a1

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 cd44b197c86a31fa95c902c6434b4d8a
SHA1 d8d7332ea46cf3407d19923aca577ba4ff5ed425
SHA256 9100b1376ca5caaba9f3ca4acd8c4299b3d5622fd8f2c2438e0db1e13d7e54d2
SHA512 1db042f85ebb00d8835923a5ce7a10cde89b6bb1a11c8af547311e3ffcf7ff51e6fda772d37e06fb4d8d7d7d2f377e9bf791923933aae25ce3906b97623a1bb9

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager

MD5 4a1f18b25648733896b29fdf2a1d89be
SHA1 b8883150a1eabcf6784dd19b959ad4ccfc020744
SHA256 18bc4e177a262bc1db79293c918c1e1fd9d22a43cd8af9f6f820e02250d6b9a1
SHA512 d241d2a4828c236d31c0cd712787bf83d946c91ee126dc696bc1d237798afea3d19fb94a59fc1255a8af3b29174180e72be5910561190475c35d21c31a17ba0e

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 591f17c41c8f4caf692c306d8d1c1c57
SHA1 0cef10f5c2c94ac421beb20d4f39db9842e92e94
SHA256 61eafc04700e5cdc79e06f129cd412729d0d9a9bd8f079663397912e68686776
SHA512 9890dc2440bd10571256349f7b3d5725cddbe9104c22bc74408f9a1c863e269c67d6240cc21dc8feb78d131a1b171fa48f8e316a7a9f78d7ce351c3754199d28

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 c423cb6af26f189c0736b63e668c2c05
SHA1 f5d9e2e336aa2e1dbf9ff4e5a330f35f6b5cf562
SHA256 4f37b4db3cfbaffb5e03c6db9b32dfc166dc61765358c9d1d97a870924b2808e
SHA512 360fd47da077024739be9c124134ac60a411826dec2bcfffbed44ca9f390e65ada3147fcb77f64348f0f161ab424827507e1bd8374f35e3f7daea3232957800a

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 070de6b41288c8714cabb8e7d6163e2e
SHA1 6cf208f5e4523550b940981574a861b4362868fe
SHA256 a5f39bf22e87af8fae1a4f0d8c5199bfcd7692eb5f1c5aea593598ce2975727c
SHA512 4bf987b0688fc0adc516f606ee7600cb3825d6bd3fac37c1015e7fc256a8cda1d26ead0036916650e48aa73e6f11c8268aa146cae167da5b1004b840a0ad3490

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 d1d7f1a6d0956be758c6c6f7cc6caef5
SHA1 87006136570f40f212374b1cc119d716f6e7a425
SHA256 986a994ce4488ee8a2d2b983ce1d8b2b34d7982c08985d77efbf86af4b16d658
SHA512 79b7f946dc5e47805635947ecffc871520a0b1b86abbca678a85e003a68fa1dfcbf286948ef54f224b39289d2edd067dac3eaf6e7654ad0118518ac5d4b820af

/data/user/0/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e74d1503-7eab-44e4-a46a-0365d899eb97.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 4f487697cb696ebfcddb8edb874c3cb8
SHA1 321c2c76c615beade31c2b9899462843e834a80c
SHA256 58f8b4bbd0da03c539e83633127c02dbee20ff3de3ea85149830d4e33af73e5a
SHA512 75863864a0c0bcec946e64387fe8de681e0c210a40882ca874a5a580136460ba7d12a234758ad1649741f153a41b2215a3c7d325ebd93f8f3a01f9526c13582b

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 d7e0924cc51c6622aceaf239d9c213af
SHA1 2c81a06c131bb508d9df8636ce686a2121cdf076
SHA256 004bffb3c114590e46eedfa7fb5270849ab9e8a6686a1ead2eb440121e6383dd
SHA512 2c30dad81d8f5a425b0ab531f461b4d5088264664f20469de791a548a8feae27f8d4fb2678f4ce9416f1716ab12cd75b5d54ff1b98f47047f7c003c4112fe19b

/data/user/0/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/fc870074-337d-4191-b7bc-699e82098096.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 6e5dee1b684b8fda97438305afa9fa63
SHA1 b98114a7ca62eede40c41646571c2b4d851e2202
SHA256 e6cb8cee8c576143e27645adc157688630f8fb6c54df6b890c2da622113edf22
SHA512 1d032f233d023871db1da24a7347dc7323608ba4d5af2cf34a59ff48e14d3a31f37ead054045e7c19790025aaa6ec6c9ef50d92ab8a70f36d3cd2853ec6d1c63

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 a74e013d5cca9e7de665fcc45f27e5d5
SHA1 4502e2b2c4b21c9c72652568c062eb99c50758be
SHA256 90202708f8b0dc12d718d2aa88f2e65ab3331f6d45608fe51e369b7b9cf23e70
SHA512 95963b79944da1152d2fca89e7599fdea04cc13fccc68356f98d2f37dfc6a2953226bb5dfb1697420cdb4467c0ac1f55d14c25607be897fccfea45255ddcc874

/data/user/0/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 a3e20690163097570a58f6e34bb5d4ef
SHA1 f396e39098a263971ecffa9a89c3359bb6e579e6
SHA256 25479ad637ca2c16bdb66b93eb55798390bdfcb46db395c285a7bb83f75294bd
SHA512 c29922c322f5f911a482a783fe59c4373e6822b74f850e2434d3b2bbcbf2a66655ec0015bb976875687bd374a723782b0b038831c33672662f4cce7bc29c97cd

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 dfc5ed4c2a4aabf822c2c07f9c9c1010
SHA1 4e7702dd94084bf8e250d877957fdf64ec5b7b76
SHA256 975c364505facb1a53c1540e000df72c4a475d95615c093e14e7e45b64cd642d
SHA512 864cc9212de4d777c4f746ae20a1493bce099435b9e312b1a5f24521817b09ae5f7081c14d2be0afca8154b6578e3ba44dff917503e4e2f5573e0b398d113e40

/data/user/0/ir.teliyam.esnak/databases/cheshdb

MD5 df908531b8f3ffe00f770859e81ffcdc
SHA1 6c5fbd4b980d4ec526dbf3b23cacbb34066a00bd
SHA256 541ecb2ecd821408ef8ddcd47b76be61d9ce070335d8d91253c15009dd80388c
SHA512 aa8cc6d58bde9414da4b588381abd1c411c8e083b9fa9f98fb52f2a263e036e68a5adad440e04ccbc458a15fd5588236718c360796fd28a3e0887cd60f485a97

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 30b374ef109c948cf3d9f207ad349688
SHA1 05f6f951a1a0327d2110da88670f832d1a7b47fb
SHA256 1cb6cf5cfd5f9bb06c4364763faf82c3b635bf0b08dee47f4d263fb00795c22c
SHA512 ae2ffbbb8530f7cf7037b39cf4cf5f638f77569076deb1b9946c4899305ae3dabe2a016a75e2fd4db551adecf491e6643b7ff04cea79ba43620ab00691e617f3

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 6af21b8e6c8443a41e709665073822d9
SHA1 31fd0656e2b2f6b710bac103e9f9c36d91bd3e5c
SHA256 d3408268e7e60880985234196f23788279b52c149ab93bffb4965cd075b1c397
SHA512 03142eeb54d793a8c87803519b928df06578f84d73fac83e3b2a4c6ea254419310436df9c93b5c2528dad669e620d151084978fba85808cef883b5b3a6fcec77

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 8f71e483cf753902046dc68a26a92b9f
SHA1 a8a338da186ea680338ef36af7fdc77eacaa98ad
SHA256 54950cef20e9bbfe4b189fe86971cfaf676e14bb9dceb3609cdc4c688f057cda
SHA512 335645ce751c362379dadcf423618630f96eed53a2730ad58ee1bb3d7999bb663c76c85b66ebd243e40a90468b4c0c41146460144d4c323ef2956d1943b665a8

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 ae890405083ad4a6d1cb85ec066c1688
SHA1 1fe76cd29122bae21d653dc042e31d86f5b95b00
SHA256 f92489358c8fb9b7c1264eab81ca77d3dadb724c31a2301734a21212bcaa8dc5
SHA512 968ff3cb6bc79a38af40456383dbec1a835a9bcc18dea7283e1cb12fe7beede5ec89d44b1b913cb38777b85f7dd123038d4c104ebd4cf830502c01e89a0d1791

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 f51d3ffc32ace2d90b040a2cc2db3970
SHA1 3fc95213b22541946da8810fa35770665152d3d7
SHA256 6b12c0dd46cef59fe2992c4df46f39b68b4043163a58bbee2447d3a19b0144bf
SHA512 6277a474bb6b708d09e4b6099eb4a3a19022fe7c805222f97b1dcfd4f83b3b981920a56dff54eb70fb3d4d53003003413c3a6709a6d81d2c72f248ad68a27b42

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 82c2c1b2df404f1933a6b5bfc97e5cd9
SHA1 9537a272ab99982e0bc6df85bdf491f92a387b4e
SHA256 537ee80614764f46cc661c2024ac4de2f40814406f4ed50248e680d0a20574f2
SHA512 8fc987a0d58b5f8c9d77f0833ce1bf412bea336aedbf7d8586b3b2de9891a8d8abf8a593078d7c107943b9a6c4a495b9ea64c5bee68d114b52637013316ea586

/data/user/0/ir.teliyam.esnak/databases/cheshdb

MD5 3aa306b748e76369322e4844ff72b259
SHA1 1d065cedc4e98e3b9389c526620784f6a21a6d69
SHA256 751a53976724681d500d6f28c071dce041d402dbfaa8c285cc5bdcdc23bed913
SHA512 820277e689222c3c7137d245775cbe06530ed56a38665d653e9eae8e407165782bb28a9505b55dfb2e53974cab01e0b11d583bda75475f4846fa2f2899d2b763

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 2c9ee645ae17c3ebba13c0f7869c1f2c
SHA1 dc7f25a23ab76ed9df6dc3441bd3b4ebb5e65660
SHA256 93b2d6fac987def5084f33c24a7e03bb016c2d6bb63cdc82bb9322d32b6de12d
SHA512 a970e87114d2e4ff587d857b1b545c3623ed98e2886093716ea41c2dd019443a112676fbf8be083aa4152e2a2c3644b29f45fa63cce10617afa2b5a04b4cb562

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 f9be2da701213b9ac7f754300729734b
SHA1 198abb1d5190604cbcb11721c5ee6abf564bb0a3
SHA256 dbf560c4fb2ddd764b2f1e125cbdb5809dc4c8922e110b92cd8a5f6f2a585975
SHA512 21790d6a2b63696d983443e888daf3c229a523ddfe42e7044c872214601adea333ddc48f5f6cd21ba19d4015d1cb36424f40eacadfe78d8b3f0fd4e7774b92b1

/data/user/0/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/892aed7c-5bfe-4298-ab4e-405d15a59218.jobs

MD5 24ded2e430f0d49480ed499d18d970d1
SHA1 bfa266fa4ba12728034148f2210ca1a8a836ad0b
SHA256 2c68c04322e2bbe21a70a1adf16f59c325b1ae3be925894c12d601581b447d9f
SHA512 be24866231727a4924582c24844eec4d31d5b40eba504f106b0a79ec5d7ee68795bb0753dbebe440151067acaee00a755fc2b1cd5e51a74f750a394a966413d8

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 7bcb18b111421faf798e4080a20db02e
SHA1 2e39dd30749449ef8a1356e70db735ea1b2698fa
SHA256 4798f0274b3462ffddc92b0a9caea5720a09ea5b7167c00fcc0bd8b3984f7c85
SHA512 d2888c90f966583a6a7b7bf1832ff41368a1d5ae640ea5455809e09fd13e0bd8a63d8f82bae80e0f1f7fca32293c96ab0e4687986bc57ca8d3e218704ecc3740

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 8349eedafe7c54c310d6a4ceeb891742
SHA1 6aac99e749a9c0be1e7beafb53452060ea1b925e
SHA256 8bcfd5e7be20f8e75623e50e39fa3bcbf2f34f08672b92417ed6762a8974fa25
SHA512 5d4eb0a986600ac7674db55318ec4b6558aeae6ecdf108024a9ddefaf07574a1589aa7af7c9af8041de19b5201e4498c40b89201f8edcdd85cc21bba45c663f2

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db

MD5 613c6aead17d610aebf9273e0d3a5c7b
SHA1 1d32ffb306517b7c3afffa81fac111ef079d55b2
SHA256 371a7f5685977219dc434138d2d5678513d2ea1641a190a938583d4505c8253a
SHA512 5cb32f737354f1f7d08a5a6a4999e08fe5452bdcd17627f40ee29515594b8b49d1217f0fbb0f9eb3c73e80de7e1dc158b8fe9f327f347070147252011cec20d3

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 b27a8cd386628e40a93a201e2df9c9a8
SHA1 ce92d4841f68d35e110a380ac3d408d3439c8c3e
SHA256 d2f523fe89e6afcad44729c292b4d149b01c6c68dbf94a1867b2da05b42dea00
SHA512 549f3730b750e0e1f6616591e682d4c42f774cc89d6069e9295ab805504bdd196ee8b4945411db027766225bd2b7a73a9ae042d2764d8293bcef63d414997fb6

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 4e096159720405c4d34a15eb0386d8b9
SHA1 1eb1484be1e736dbf4ee7c2676300ac6ce03ff4c
SHA256 64660d8ba34b1abdbb11a504d4a6511f6de82afc82d548558983a09c042e035c
SHA512 d9e9bd61978a73341a19817882bc26e9935996ccc404e8216903b08f538d2a3f68ca18700b297efb5adb231511d4be4a104a311853e00a9cb81d0e7161c56dc1

/data/user/0/ir.teliyam.esnak/files/info.db

MD5 13434b54418c88f6faf6343dbb3fdb38
SHA1 9d42bbbcd24b1f6cb5d01199379a7f5c514dc2f5
SHA256 2dfae7520fc296a6a87aa9f683b8439c602238691d556b009b3b3915d9b9b42f
SHA512 c8d592b9e8cb20e4a1246e36f6c2789bc6d1c84f5506009fc64ab2f7f81fc5e50726819ea4ea700866a5752fee406804928c9c0b3cae2af02a3ce90400130c63

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 14964cb5f7ef88c917d1a48444f65356
SHA1 25b248055116bd035c389da2a5efaae6b33dad33
SHA256 74a398575af06ff22c536e74e7a08920602917ca37b6a12defd6ffd6fd4a20f2
SHA512 9a2c5c85ea76a463b39d6c258b73be3c8bbecb4ad9109dffccc85267f70262a64c0610123336099495abede7d1baf2cf5ee3fe68101d2f450fac3df47a72ee6f

/data/user/0/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 8d0cd16581ff038bbc5e88cff4e8ad97
SHA1 af55a06a1a75e0c5505b71c89a4959095fca7b51
SHA256 bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89
SHA512 d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 a887aed4d5fcaa996173481b35a63a07
SHA1 c0a3df04b5e675b3b5a054ae85d8f57efdea987d
SHA256 6118b882864ac8efd7c8ffa8b2c75bc7b5d1c6c9a72cbbe76d421b3bca258f4e
SHA512 35124c63cddcf704a56728eafc7b289b45df6c26ec5eaabe3ef75ddc469c1992a837706ef18b4cfaba6519479cb4295783a70a5cd4602d9d0a75af32dff5e380

/data/user/0/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 e760f8febb3e8691f042b71bcd2eaf55
SHA1 4a4d61f076a3e682f63ec7fe17953d6ad09979b9
SHA256 7016d4b1390bab952802e1f07a7b4ad330a768b311fbdd171a3ee916cfdcfee1
SHA512 174201ec43f31cdf07405e519df539018d699cf69a751a89a5b0bc01ae6f0561c7f613219de97a434bc738b15853aabb54bc9aaf3018b262d86085b4b808513d

/data/user/0/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 e17249ef59c9ed921cb61b55e4d31d86
SHA1 3aaff1bde32235b58f0186cdf5ac1ab005d543dc
SHA256 1c3f713287fbfd9820d10c2400ff76b061d909b0403c3e16b0fe27138543b01f
SHA512 a9c67804f07b851b4a83de5efb89732106d49ec33afd2fad4388b3a5124dcb548cae5ca42cc49d2ed47530a13be85452dfbfe3d1138a4110551de0e8b78c5050

/data/user/0/ir.teliyam.esnak/databases/cheshdb-journal

MD5 aff9d7b00f180ff932841daeccd9a888
SHA1 e5633cc2f89c275da5752e8a6d346a684b332123
SHA256 2f2e6d4d0fc7feac05500014649dbe63d5fbe2849aa3979b91860ae0e9d729cd
SHA512 320bd8328ebccac411d5c2f998aea25b8f7f9ad6de00047f9a66d0c5c7cd60aa9e74b7a74ccfa8a28352b327a24acd57e10220dafa6eb2bbe1b62ca261acc33b

/data/user/0/ir.teliyam.esnak/databases/cheshdb

MD5 ef508ed21e89cdea7bb2e4f4f13d2206
SHA1 6dab117b2893538b32f4a2b32c0fef404dc976d7
SHA256 164268463a6b54883a9daf5991753d778cce9a2a1cad88d7a2cbe4a8a663a44a
SHA512 be5839c24c18ba39f95fe803c51685cf30cd902f7b875e427acbcef4e7c04a4841777d2ff4d54424e68fb02991631af0cd053e9518075f6d0c42042f8d596f2d

/data/user/0/ir.teliyam.esnak/databases/cheshdb

MD5 e72588691e90a25cbeb1bd80de210b67
SHA1 f9704e30da8a155e5994468b367be0143ebe6c16
SHA256 839d3acd0ec3b6d3be0dae4f259a41e8fa2ff60df4daf3517df2e8d04279e9b8
SHA512 abccf20ec3548ffb6df18670eb58926b411fffe13b502d0d66f3c2f9f898ebc39aaba20a06e0d38d5953e3eeacc40aca768cf24b1cbee9400eba886fd43a8b88

/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 25f5ba0c18b472d317df137d4657f4d4
SHA1 b1dd3c97c7c184946c94faf8801b2ef7d1bc6aa5
SHA256 85162bb595a67f2d8d4cc10681bd3a23d8767a8fac269e3c94092e573fafcb24
SHA512 0271d8b466486f87d7f424b41b65e30b9bc54ed6c44a42fd7e09b364cd0752b7927c0b32475d64b3d11a47fe2cb897a0a65742f5036b844d3fc05c8f68d05031

/data/user/0/ir.teliyam.esnak/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 d0d8493aef833855717d70ccc14d4e79
SHA1 bb2164f348c25b8414568aaab7d20187bbc94fda
SHA256 16f40a9a03fe680f3d45fbdbb1115348ae8c0f99e576de4eb28072f1d4ebdd5d
SHA512 fe1940028e6b301c7e2435b4a22f6497ddf98e3c1ddbc9515e60a33031a38a74f2ecfb79b8645c0c3245cdaaced230f8ee21609c3bdd424bf2255ff5893a424a

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 14:46

Reported

2023-12-27 08:45

Platform

android-x86-arm-20231215-en

Max time kernel

2859570s

Max time network

130s

Command Line

ir.teliyam.esnak

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.esnak/cache/1582435991586.jar N/A N/A
N/A /data/user/0/ir.teliyam.esnak/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.esnak

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar --output-vdex-fd=95 --oat-fd=96 --oat-location=/data/user/0/ir.teliyam.esnak/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 142.250.187.234:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.178.10:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.178.10:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.178.10:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 173.194.76.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 tcp
GB 142.250.187.228:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.teliyam.esnak/databases/db_default_job_manager-journal

MD5 e2cec29c32d7e5d786532e97baa5b3ce
SHA1 3116c98c4f6ae87feb2e2541eb29fb324cc69c48
SHA256 3eefd03c2a55fee925c8148530fe3b01f74bd709d8cbfa25c655289a3446f028
SHA512 10e4596fe65dbe168c6f9ce84e3e4f4c7356ccca70c85eca02a55d3c63a6cc046380789caed9458c1ca593d6692d0ba712401be4ab5a2d76c6b7c7f26d48f838

/data/data/ir.teliyam.esnak/databases/db_default_job_manager

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/ir.teliyam.esnak/databases/db_default_job_manager-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/ir.teliyam.esnak/databases/db_default_job_manager-wal

MD5 fd9f6c88f34609a3e8326f2fbeed9cc3
SHA1 22dcc0fcafa981c301b60bf9ab65d8d86f56366b
SHA256 dff63361b32dbe6392d62c77b6972d8cf157d10b62a6d80e0de27829fecbae40
SHA512 1982b8c80f1771691c63bcdb8b10730efd6c6a95147b67d5aa92961de0d530a4460796232886a2aa285944be92083ee071e90f1649816d8afd991f8ee4e6d601

/data/data/ir.teliyam.esnak/no_backup/com.google.InstanceId.properties

MD5 a3fc55766c02177d1b83f1c28a793663
SHA1 90351f667a196932aab877a0aabe19f45d6f386f
SHA256 d51126a4b73fcaa6dec44799d3fe2650ba2279bac43ff2cf4129a10404318c3e
SHA512 894da5276c3aafab7d4117490dfbfec7fc5bf0a462fa005bcf5d31887fdb2b1b3cd132ea86f5c26b417b453cd3a24256dce5f60d4165d1d5f75f99688106df45

/data/data/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5282a554-8248-4d46-aa49-770172e79e15.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/9d6e2f75-2ff5-498f-9790-9178ae442e67.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.teliyam.esnak/databases/cheshdb-journal

MD5 d1dc54a06f57126f11cdec76af80412d
SHA1 f409c09c163b736daa038c9a0cc3b4b668795885
SHA256 f811b076facad79a9583d0891316205e474646a7dbbbf539a3ba0ed11246e546
SHA512 96f22b32e6eda9c856d9f2a4158f6c6c2d297842b44742ecc1df281b87b0843bb397ba6f8ede802d03bd3e6d570c33744bb91a128b26936c25966bc909b97dfa

/data/data/ir.teliyam.esnak/databases/cheshdb-wal

MD5 2746aa70a13ac0f6d3479020f81f15a5
SHA1 285ff1f08890af840c2b3509cdccd4c6a3b6f154
SHA256 7b260a232fe994ae918759897bf98ba467e54a5e707588685e0524595238ca63
SHA512 c5963e5fa87ba3f38a4cdb5fd508da66a1f5401afaca609810d3902c6cc8140601ef01b5325c76ca8e0265a6237211ecafe0167e99a108fb7c9318696c5d8fa9

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-journal

MD5 717b8093ca5a80b08eec4e5c85a4fe7a
SHA1 b24cd68aa446dcc09f8c01d047ae56ead7350472
SHA256 841b58c21735ca7d29c9bbe24574354b7b1c90b3a11b7b73a31cddd445e15b3c
SHA512 d38636e98ca3ddbbd475ce1e835a1da5724e665aa77b1d704bba5e93eeef4733652407fe528dbd727880ca59748d08bda722f13fe3b63117493062ccc14d7617

/data/data/ir.teliyam.esnak/databases/cheshdb-wal

MD5 527f6f75c88d61854c3a6d1ae22e238e
SHA1 2ea55088aa7494166d69389585dad3f5726a3a61
SHA256 cb496de469070f91bdca75529b2affe7256b23f69736a9e370f91a61a20a7533
SHA512 9e8945e76c10708a2040ffc922922d083a3daeae771b452e43e0143b7d97900cb2ce0dd77b185e7081768a1c60fe448e9f0478984db0890b173bdaa779a2f737

/data/data/ir.teliyam.esnak/databases/cheshdb

MD5 d4df2acbd681b26c18086c8364f31842
SHA1 bcc182591ee934d8d920c745d42d7557735e32d0
SHA256 da16388db467b88aff6273df9f6bed9a5af42777e4fe8dfe8bc5fd978ebae878
SHA512 8e0ddcccf43a65c71b2a9eaf4bfefb05512c4e2bd34a1112f6ad4e200a2fedc4d76ebfcfb6572e3bbf25601ea4bffec98c3d9fc59615a83deda7c8a7a117d47d

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-wal

MD5 ba97a5c7b877877f88dd64b62bcf85de
SHA1 09679915106baef20f1fb9b83a735ee5f9337b57
SHA256 04f2a38a3a77cc33cffaa0580d437770c4580a68d4fe1fe3d595d4b021bc5f72
SHA512 a53de344c1abdcc1f379968538264f622e9256725cecc523e847a5300bf88a328a2b731188d900ea097eac0a8c83ac8691d74559ceac6d62a8f03233f1e49498

/data/data/ir.teliyam.esnak/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/838f22e6-a248-4698-b59d-78ed49cdd540.jobs

MD5 e413c831c3ad93fb7b7e0951c2281c08
SHA1 589dbca8faee9bf2ecc3e843b78a6658b6cf2a66
SHA256 530dd15bad8e1b17a5c9273b8569f4a83d57350835136fa0c67743d1a34e4eaa
SHA512 135eb0af0c114c72c8ea1e7877cfb98bc56b846b1fa84c27a9d0e24bb2a4514e0772cea3763be99efab4930ae6d2f6c2581ff4033a3d5ca807971d413bde733c

/data/data/ir.teliyam.esnak/databases/__pushe_base_lib_db-journal

MD5 3400578dd258cb91d1e351f99e5d9dbc
SHA1 33b3eaeefa3252bff100cc8ca6201dd499eea6ed
SHA256 a5d2a9f5e1b56c1becbde4ae6438c8afa18f639b971ecb8f1a791664af6e235d
SHA512 f9471ce05655637e0f108c1dfc4371d555a37f6354df1b954767202f8ac50d932c9f951d5d58025251685905622495b330552fdf0abec7c8b4fd1c0ecb4944c1

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-wal

MD5 1a128f04d1824c275fe8d6fbee7b45e7
SHA1 4b0ad7e0d354bb4f157d0073ad6a7978fe7ac0b1
SHA256 848435c18b73a66c6837a5b0099705369b69ddcc9f0da3babdf181c9c15c9933
SHA512 773cba59eb74d5cec7c19bf0cca5341a2f4dbad3b7a56938eb7082934ff50db7e03374fb39bdc380800e2f4215bf7d0eacd766158b1db8f3d615566c3d596497

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 d964e785bdc6bc7bed8011e397990656
SHA1 6cfc48924d2750223e0b41e2f35d02f148e56789
SHA256 fb2dce93c980531b4d653e4362f59a5673de86fe9b96dbee8b1fd75cb230101f
SHA512 e64c33b0f0f17aecf6bd3c84e50c5d3a67c769aa49202eea96cdce4b348fd87bd95be444532beb194ec86a09f5cdd825fb13d4bd0f74c858c9583b2ff229afc5

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-journal

MD5 0d0a2d144b633a05236efd0023acb5a7
SHA1 807eb21ae050d4f1a4eaa30a6e6925c16a6593d8
SHA256 ce4e58e7a6e2fe287bb92d37c2f8875b48bdf92b20f7bd92a1371f29605c9732
SHA512 ed0863f6989c188b9f15c160907a38bddb9bb05e022ba326f6b046063ef5c96df7eda4a583d4dcc30f6dd724613ac15e5dec9645c0e83a81682059fcf0f4d548

/data/data/ir.teliyam.esnak/databases/evernote_jobs.db-wal

MD5 65a8bc6918036be60362a4201b86682e
SHA1 9fe0677e15bc610fea7297ca2ea628889f01a9c6
SHA256 ea7d92bab419f53e61bf4bdf2d41cd5a164170c4001f5911f781cadbd23164c1
SHA512 d365407eddcfb9383a4876bd8fffb0cb0e0b142af698e912093ce099e3a7f0950473c6534e7be01fe3b121843933536235c8c8f458bd7ea001bfc71140988697

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-wal

MD5 6060a4fb0c6a0cc42f06a7350c4d42a4
SHA1 6d5800284a7a4432a764c370a32ca011484c38dc
SHA256 151839a51757323a444d08ae258ad085dcda823bb999bd66d1cd738b4cf8084e
SHA512 67488216567e7e0ef8adfe06f2d5973efcd69c915980347a611b9afa9357350cb2812adf870604413ff688c974998cd01b45ca5654c0f9f7edc6284e3e6e55f4

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 7f456e66436dd883a72b90df1cc47407
SHA1 41f5112ea07b8e0c54987f7f7c61f413acde2cce
SHA256 a13e74a66008076885a09edf4d150ace38ae27326bb0bc302ebb805e07ba3f9e
SHA512 7f7b30a6f86d7ce2238af42e0a4563821427d3702a489f639df288e47386d2449a9a2e4cb7a9e928ef460e755de7b92da7339e848e4267b1a8d26c2fa5013e0e

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db-wal

MD5 13843a6307721660aaaf201dd29e2ac3
SHA1 aba9971bff3ab108a8c0776b545c7035a2998884
SHA256 58fa98004e470eded9b718b5c4812abd4b39303af173050dcc46b1d1adb23758
SHA512 520e822b5f327d1b6c96ccd93fcb94d2133d30cb345ee86b690bf0126c435e8143ada6164834c4d1463f8293e1a7998111b7504e3bfb9e41e85f7eef543b3746

/data/data/ir.teliyam.esnak/databases/google_app_measurement_local.db

MD5 720589f0f2f8201900329edafc42a113
SHA1 3dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256 543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512 bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea

/data/data/ir.teliyam.esnak/databases/cheshdb-wal

MD5 072bf6c60bc4a119c9c86fbbd65e47b4
SHA1 5f52c7c20355388827c117668c664060aa4aec24
SHA256 c9506256371951a0da43d2b954ec9e6d4ee65568ade776a53e97a9fd319de291
SHA512 96f15ef62de05205792d93b7aebc501f9bb2565e945d0a322615d4a8092d8473b1affd8a1e4ecd5c9ea8b93155c28aa36a6e8915f1cb4a38e05aaa95b9b5ef27

/data/data/ir.teliyam.esnak/databases/cheshdb

MD5 dbe04399a197cad63327fffef75197b2
SHA1 00a7f39b747f02a05e7e77307405175d4a59ba65
SHA256 23054e38d201d1264fd887e56406bf509e5e2ce720cf589b9c2deda84bc10857
SHA512 3904e47a93502793dda0b700daa770086f74e5d6c4c1dbe959e9bce46c9e7882d0dc4053208650b73c07c1cdb2c2ff008ce12b0c0d08f12e6dc5cb6d5b5cdb6c

/data/data/ir.teliyam.esnak/files/info.db-journal

MD5 260269d994df6c726fa9768c7c22d42a
SHA1 5548508973a8742cb44c230571b9d1ee7f09a8d9
SHA256 487581cfb682cf26fa70079a378a22c255c1e19b903b63a6c74abb3b0e3aee8f
SHA512 3d2af38107454a82b2ba72e5212de7bc993870971367ac1362e7e6717669715e1d81624b08cf658f279380549455630a6f9666953098fdc8a8b78f8d2a289599

/data/data/ir.teliyam.esnak/files/info.db

MD5 b0886d128aad5cd602da9b8c1ef30f40
SHA1 828b52aa69dc19d997bf149f76d4bbafb8163d47
SHA256 44de76d6fec1ea5f88d9bf5aff1cd23d4dba6b57784a43f4edd0a98c484f182f
SHA512 aeba052500e67423f8947b40aff683dd7ceb12fbe822e9980ecf94703efeba8b8f873c642236ce125d7c5c68b9396a2a19fb9c6de1996150cb2b247da95282f2

/data/data/ir.teliyam.esnak/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.teliyam.esnak/cache/1582435991586.jar

MD5 2048eb6124a452540ee51dae4145aadf
SHA1 d05005b2cd7fe4cd652b0d7fd1bdac2c19d51451
SHA256 105c54b6fe3f25350e92187467761598e4c21d62b1091b77d091f65f3bd98864
SHA512 bb6cb3853dd2a5d0701e20607d4e153ae201268dd2e5e2d06cc2df208b3b4dc50132a4ab428251b1644d2399fcc717662438d082ff14203387bab8794109d44d

/data/data/ir.teliyam.esnak/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff