Analysis Overview
SHA256
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6
Threat Level: Known bad
The file 4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6 was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests cell location
Loads dropped Dex/Jar
Checks Android system properties for emulator presence.
Acquires the wake lock
Reads information about phone network operator.
Requests dangerous framework permissions
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-23 16:37
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-23 16:37
Reported
2023-12-23 22:00
Platform
android-x86-arm-20231215-en
Max time kernel
2561723s
Max time network
155s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.ziba.tazyinekeik
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| US | 142.251.168.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 1.1.1.1:53 | zjltdsmjoyysrp | udp |
| US | 1.1.1.1:53 | vksftisgysbc | udp |
| US | 1.1.1.1:53 | hrdkgigztdw | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | ee18b95584687983f48a103043f89af7 |
| SHA1 | 0a60fd15dadd41e45798061e975e01d0dad69e24 |
| SHA256 | e8c8df4f2da3f4ecaebeaa84757810cb322032a69154df49f441da5e4303f364 |
| SHA512 | 0a13f80d8614d4056c132119964320c3de55036e36f6e123b62b97b8ceef2959b816eb8016be671c88bba6f4dea50f67aa2b5c767aaf31183d5d8397b3cc8e21 |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-wal
| MD5 | 77c48d1639e33292fc9e35babb0bae5a |
| SHA1 | 00fcabbf4715f7e8e46ce1bb6caf4d8ac842d021 |
| SHA256 | ba0fd6deac816c5b43317fdd9cd0315e55d7a9ac9a6b4530ef17b4a68af4c1d1 |
| SHA512 | 0f1157047395c742d6e599399437efd5eb410acc23de55ed85d27a19d433c6b49ef3611e26929a612f881151bbe456f5756735f430f5acc132043a11b685d794 |
/data/data/ir.ziba.tazyinekeik/no_backup/com.google.InstanceId.properties
| MD5 | b3ee133392df515b5b67da540f687e23 |
| SHA1 | 453690f35d1d15caff8b4b43e8534ac356153942 |
| SHA256 | 365e375073ce492d908ab48c66e0a3492221bf3c3f316ff160a223968d4ab61e |
| SHA512 | c7d422e1af4e09161c2cd0c91500f8bf87514a478d3125b124e3f9ff6cf51cfae86b5ff7c90ee39a7421bd1da03d0a8cfbd5f25a310972f124f83963856e7c82 |
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c7c45598-32f5-4436-83c7-967386ca78db.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5a78ad7d-4485-4e1e-8afc-650d49ecad12.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 59dec22c3ce7fb9ab01a99a6458c1989 |
| SHA1 | 249f585e2ab6d0f0a9815e10d22d0fdb78730c0c |
| SHA256 | 21f79cf621c4cd73f88090d32cd9fd90d28a1a9a5ceac27ec28c0383e618fda0 |
| SHA512 | 817b54feda3556090520c0452621f1f5d23880d3ae6672c98a0109da55ea2cefbd6f7653b4c6d7d8bed70112c95c72ec3132a1373caf0a8b3cf4fc681fd58992 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-wal
| MD5 | 2482d843523c3e0002622ee5612f59a0 |
| SHA1 | 00162074166d7d755b190a37bc577f00d46c1a39 |
| SHA256 | d7b6d04824a5c73fe8ea3e4be9e8d347a04e144ca130708844082c3ef8dc8d21 |
| SHA512 | 6346fea238a070d627f415a574228db0598dedd46086d9b674541520a62cd2cefb586e81fe62c5f7e044bb089f706ec021ecbaa286f883061955af84711867e6 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-wal
| MD5 | 67a7f46e45ac477a61b22cef19da13a2 |
| SHA1 | 9a6151546fcbfc8b8d999c7d7ec98232db284c76 |
| SHA256 | d84537c4f1727378322d26326ec986764eb921bb39c37d4bc251082f1cc8a807 |
| SHA512 | 353ff669c71e916b03a86f9d17d03de537318bb2fcbac9c1dd5652834f40531b1d8e73f0dfb1e81e800be7e127b0963316685f096f4fd81738508ed69184f282 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | c017eebb857433b00940e59685c1c19a |
| SHA1 | 5a309240351821c2bd9a2bcadb2c7814061feaaf |
| SHA256 | 3f12d5bf8c9c8cc10998362f83dea0c44caadac80f71097977726e18a219e6d9 |
| SHA512 | 7d1d2670b90d8acf439a2625d8fc013d802eca7af8047ff31b0188f182d91e270433e77c70722be288841862547a5d97bb9a446262d077bab6a88212aec437cd |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-wal
| MD5 | 5d00eb1df1130da78778442f79646c68 |
| SHA1 | 6679acf0973fa4ee95bba1f267c8e191ad53a40d |
| SHA256 | 7c200ed5a2bfa5f1fb1da9f8040c59bc162c52aea20902c7d239184834c29e93 |
| SHA512 | 681655ad1418d66ca69470a52c8821dacf618ebe33022719cf9fddebd10146c78669efea5ba1529722f29c340407113dbdeab7cd6ba564bab90f2e380968d655 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 7e423ad500f819d00a2e29f8c64d8452 |
| SHA1 | 763c312a5a293aaaaa70d5db60a0d572654a7b91 |
| SHA256 | fa7d1fa1f2f01fe19fbce92f8e1aefb0f907d494e94221ec7d98e279c08fe03a |
| SHA512 | dbfd72a5312228f82afd918e1c876213dea33fba712723541c543b74598e5c3065a6f36baaf12be054f762c3dcf077a82076cf840b86903bb282f126b9572035 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 2e9fd6bd2f240f766511989b9fa40081 |
| SHA1 | dc4314c1bb5679aa0b73b75a3fbb09b9056420d9 |
| SHA256 | 985ca6247162dac16a1ff677576c119a5872199957a7cb550f317dffb6dd7bee |
| SHA512 | 408bea326245aa7cb652cf1102fc3d54f444684a94ebae29c42f7be1fdc8b54e1a4e67c901357a58ab61feb154131858a6b77087b717e3e4a043052aad52a1c7 |
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5bc55d90-fd91-4ef6-be19-6e42c84a85dc.jobs
| MD5 | ed97c95fd0ec4e280216ce3165d220bb |
| SHA1 | 5b97cfe5b7a2e1e0551743618e0d7f2341357840 |
| SHA256 | 16656c5649fb8a644c9d7ef5d2c5237d1464e323b63aaaab1f3fc3e007322f8f |
| SHA512 | 037e6282656ec2864166e5d22769b879bcb8497524fc828eca4fc20f65064581b692cfbc748d750d08627f07dd7d1c4dce923aadded4e4b87c8da56ebfdce55e |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 5595171c85dd4427ecb2ae2fa387414f |
| SHA1 | 9550ef36bc6ce8a7fb5e611640c1e0747ef53f6e |
| SHA256 | 435409c30370cee4113bb6dd0f23cbb76e52348c019030060e4e6293d8b3c081 |
| SHA512 | 979d835f3925931293052b9822c178623e290c818590b7b317579ce999df1b442b4bb5ba844e6dcac3cf1546ba3bb398cf79280ddbabbd22e75b50732f3ee7b6 |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-wal
| MD5 | 333b9702bb276d037729fd424c9ccc14 |
| SHA1 | e5b75d378504ec1f409a4334ff1cfd6df1925078 |
| SHA256 | 97d4ae6e06b82332da0b3e9cd84eb2d7d9aa0cd3de439b3bab2acb1014979489 |
| SHA512 | 3f8205e57d146f100259f38eb9ce691348c0c4374ce056dfe1076abf322f38537820c81d0eab64f143c069e1d0c1d6a897ca790042d511532db1df3ff7b39293 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-wal
| MD5 | a352699aa81434f32881c756d3fe8b44 |
| SHA1 | b05e40c4640e3b7932f6236d340f23d158375633 |
| SHA256 | 3cf0df6fcbb25cbeafd66db1835abc56b23aaf59b418bed57840ec91626168ee |
| SHA512 | 0b673b23199e1c4f3ed5898b1cc58964d9468dff0c9d27f189605f4c17c06060071a7b943445caf0001e7c3d897d0f50ddcd1dddefbc8a9baa4ffa8ae84366b6 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 2f88d8c4da4a4d45e76a2842c024683e |
| SHA1 | 367b436d473fda9cafb314b1e22318ebe4fa5f83 |
| SHA256 | 053cea9ff03878de923d75174169657dd13f175306ffdb19228fc40380ae62a9 |
| SHA512 | 23feec082dc3f72366bb60e99e7387f94e19a62825dba1c3f4814b6ecd53ae46cd98bc35739c470bcf09355ffb898443a6a0f7d6d5638f36a3536efd333d8042 |
/data/data/ir.ziba.tazyinekeik/files/info.db
| MD5 | 15ab3f45e1e77608cf4864e629731005 |
| SHA1 | 16fbb984cb68aa76f711eeeb32e322ecdce1bd3f |
| SHA256 | 69c091e8114ad50df9b677c6f539687783601e42a4c8f1e6609c1a7e257bd5ad |
| SHA512 | 62ca6243e638003f9f5e4f4800dff047db25160ebed2c36bc8a2b3e0e53361cffaf2ac70fdec3dfd10d668b03b51852b7dbb672015a7ac1ce6c310d61ff58540 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-wal
| MD5 | 5ad92207a6679fe36388c18919414382 |
| SHA1 | e6f9c4111c64dbd0fdc0b4352eb7b7637ac4c6a3 |
| SHA256 | bb3d1c9cdb6fc8d42079b0da395b84025332e8735acb247767a7fa8c1068f71d |
| SHA512 | d15db1cd548a4e17fa4e2c70987649386a9aa6cac764a8b59f233fd2a7e7b6113c207577c0989e00ec0365b9267f45ef71d41a5d6d438b2041643e0587e97391 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | f5aa5d097808e00332382c5665dc832a |
| SHA1 | cf734f884be8a061079f796de22b8b5cbd982764 |
| SHA256 | c4f4c0624aa4e0cdd03352d0bf07ac7cc550efa98238ec3e8d0dffebd5cb253b |
| SHA512 | f2374c0bc00e19040ef55cf358e697681dd838dc037e53b30bc35df89caf14eda712e95ab2f99f9ce8289ca45570471ec96872d530f68e0a34ba2acad3d1aa6b |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-wal
| MD5 | e9ac8a730d77506e4f4b7c180a7fc293 |
| SHA1 | 5b679e754d437532b65dde8eb2c084cf7d49a3b3 |
| SHA256 | c15534ac219326c6e37aeb0593edaaf6d3c66bdf64a36400675a3eb77af63dec |
| SHA512 | a0d61292f6410b525c94c39576c2ca585108b1403ee91e8665678131792b9ef49ac784e72641b271bd55ed8b8abc1bcbcec44e5f07378f5055405729b2a6218e |
/data/data/ir.ziba.tazyinekeik/databases/evernote_jobs.db-journal
| MD5 | 39782db4458965733ef525cf2e5c7efe |
| SHA1 | 925f14f21b569594622f9f949c723e60394ca380 |
| SHA256 | 1e86886c830bafa193a83b1fb3231d16e90341f69c6f2031838a667ca200c5aa |
| SHA512 | 3a22262fb4709364a1ea9d07f75e84ee68649edc37a0e8b340be7b7f5573f388727d90d2d520c226256ac8ea2e91c30800d1a1f6874b5e0fc08292faf20b1fa8 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 720589f0f2f8201900329edafc42a113 |
| SHA1 | 3dfa3a3e1bc6f006b0488abc3a0143af6abc1c27 |
| SHA256 | 543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59 |
| SHA512 | bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea |
/data/data/ir.ziba.tazyinekeik/databases/evernote_jobs.db-wal
| MD5 | a3c3b67385ce09172617424025f3beab |
| SHA1 | f845a08e9ee1312642f21165e6a194ecc0781aca |
| SHA256 | acc22c83f2c153f785fd8b51dacef63764044a7dea00a1db833bd65e4947f3c6 |
| SHA512 | 0ed8565792567e701e111bdc7aac9b0ed731085e0935e656e0554a7d1b7fd36c68614aabe4a707846b2d151948502933649c94bca01bef8b765cd36db7d4d8b5 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-wal
| MD5 | ba530071f3799c80172af2224cb6bb17 |
| SHA1 | 360652cb999a219a908d40b5b4bc9892ba9f3b9f |
| SHA256 | 2e8f190d972f70e7c4b13cb135ebeac8e5c36fad377cbe674dc9a6c707a1b5ef |
| SHA512 | 5f9bf95fdf814e0816324db3b11b63bf5c7fb8f96c8129647bb02b20063212617427d281206c382f3c781578e5d3b3a01d33ae8a2c1916c0bddc626925716bf4 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | a5025b2ad59d3401c225635f5a61009b |
| SHA1 | 3a120e3cb7c9131e93af048c9beaef95a1b662d7 |
| SHA256 | 048fe6c627a3a963509a726148e9c42d7225e1256ce86878084de02b7f9fd610 |
| SHA512 | d952dfd36df207c66b7590488711198f5c7e6112f69d5b47d1e3f071decd05150547b731db25dfbd3d5fad5dedfa1b9ac3dc758cc77ba12515166bac3db52243 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-wal
| MD5 | 5536913ed9605d70b12dc7f7c3edb48d |
| SHA1 | 003c422621fe20d398cb9b12d7c52032f3be6f8b |
| SHA256 | 73236e084647b7fc2dac534946658c9b8b3e7da65af14c6ea59cef47798cc478 |
| SHA512 | 4bd2b739a73fb3017ca1b0846b562a1ebcc853f0dffeb693d7e0a7fad6f8e263c75299789c55a898923ee05698a2eafb64b3a7e15b0b293d1c5c5c6da8e7e2a2 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 99c453a6ccc716bb9c62b604e09a9d51 |
| SHA1 | 07894a4b5c57a6d104593e6d248752737d795ad4 |
| SHA256 | 4612028ee90bbbbb7181a51a44f98acc338c3e49b8777dad89eccbdec9234e64 |
| SHA512 | e35d92d3bbfe3840723dfdf527dfa191f8e9d0d71faae4470e69a1d51308d9af246e28265fd18050f448b414d6ad90b17304e56540a0374102d08d4d80c3bde9 |
/data/data/ir.ziba.tazyinekeik/files/info.db-journal
| MD5 | a6ce1fc9f6cad258acaa20c85698cdd4 |
| SHA1 | 4c9bdefd83049d6ed92ad25f83b01ed245a22920 |
| SHA256 | 7b198afa5e56e624677ea2387b620d5649f9ec093fb5e6bf06e152a158083d85 |
| SHA512 | 00b1616963b5ced96747a7c1a9d0e34212119214655d36cf4f11120e320e5940515a89a007a4b5937dc6783f5b0ca613ca2c6a9cf0713f481b1da37a95cda06a |
/data/data/ir.ziba.tazyinekeik/files/info.db
| MD5 | b7e7f73b312ef5559993d3be7354dad7 |
| SHA1 | 44d37729feeba9cd8f1fef480426d8eb5c39e7f9 |
| SHA256 | e7183fe9a94c426919cc31c1099e80e762e21305dd257edd942f4f9aeb7a9f02 |
| SHA512 | bdf7b45145b76d011c953a7430b7dc42ae5361cb92595059b5058fce79849898e57f1fc7c5eda1f60130d0cce9b67941243d8577c30aa3d773f700787e2b0afa |
/data/data/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/ir.ziba.tazyinekeik/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-23 16:37
Reported
2023-12-23 18:39
Platform
android-x64-20231215-en
Max time kernel
2549604s
Max time network
164s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.ziba.tazyinekeik
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.232:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 172.217.169.42:443 | tcp | |
| GB | 172.217.169.42:443 | tcp | |
| GB | 172.217.169.42:443 | tcp | |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| BE | 142.250.110.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.187.206:443 | tcp | |
| FR | 216.58.201.98:443 | tcp |
Files
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | a6141a50c0577acae1001da29469d0f4 |
| SHA1 | 7c7c9695c21356e278498e882253ef3b7a7cf68e |
| SHA256 | b5a16c728be034fa1c24b52b2c78dbffa2b0c2f09c1a9dd26fcaedfae80028f1 |
| SHA512 | 01b2954c00b981f705e60e885aa46881ee1b2b05aefd3a2d58e4c516833d4f94072597c1f54cccbbd7427be297935497653f788efa68ca148177d592c872152a |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager
| MD5 | 34b48ef784c6d9d3c7d10336840754e1 |
| SHA1 | 82f7faaf217b515fd98ea481aaf5c2bb451d0573 |
| SHA256 | 344c731c20a2a54f371b714e96a983b6ca82df142a6c2d623c7f781cbbd14ba3 |
| SHA512 | 9157ca3d54204e87a9ec24bd55205fb10712914cd4997959e98f04ceece124080a0cd1dc8041adf809d0cfa40a1a6dbc7b546af133aa72d2b138e8797adb6a80 |
/data/data/ir.ziba.tazyinekeik/no_backup/com.google.InstanceId.properties
| MD5 | 20d3e9753cfc4cbcf60acf1790a71802 |
| SHA1 | 3a2099281a52af4d8542d065c958e1ad2f4e71f5 |
| SHA256 | cb2f1baa6e436e93202287910b3bc692e80a72b747bc63b17e6ccb8127c42dd3 |
| SHA512 | d8586ca3dca1f8a157f3f1ef7aaf45d22b97234bd70b50c91c5dc2c26a0b2087ad4713695382b78a236f7af131a8c62637f5e285b47860ab4dd8cb19c36c0c4a |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 66b26cb1cdde4cd2a975d657ccdad08e |
| SHA1 | 74e32805b489f2e642c240c0e357c2259879f9cc |
| SHA256 | 882df2d52bba50957b9525292bbd0d64841e42ca1fc659ceb087abedeeceb145 |
| SHA512 | 1aa9b2a659f96e6f4e75a9a8b3ac4997b991dadaab60fead6e2aa74d87ead1681d98aee234457665a7e03fbdfc8b12316519dbd981db550bd69a2da934aaf9c2 |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 502c7722ca697f24abb8c00e5437ea12 |
| SHA1 | 1979e8374de3fd43106055c9acca0be0d2153355 |
| SHA256 | 356327af13b9f3b62b394851bd3c1aeb25b032ca725d9404aab3e56993799a00 |
| SHA512 | f0798407ec4b12d551e78d40a366006f1ced5bef2a18e6ac55e928d943fad7ed1cf9d3a41167e6d608155688d43543f08abb85f0e06b8e303eebccdfc37bb8c8 |
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/da7b72c0-a528-4824-aa03-1d1adcfe793a.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | f40bbdfc4dea927f4c7429736603f2e9 |
| SHA1 | bbb80750c47f570a474f122812f45e741da50b21 |
| SHA256 | 4b5aac2756fc86b89fc7f326d2b78c4920499a38b660e3f3f02456ea6f65c65f |
| SHA512 | 6551af272803761dd60192ada8ac4e2db33d00fd4baae9f13a41731a20cc85e4d9701cc9ad840126aa180941b66f1a90f077da33408d540733eba6ebee2936a5 |
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/1f1923d2-1152-491f-b7cb-e12c33090c6a.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 76f00175d136ccb8adeeb334e557ce57 |
| SHA1 | 14ad294e3141fc5686f7bd2c8c826d37868fa4ab |
| SHA256 | 0c785b0de31473b369217b75fd0bf95442df045221aa92b25eceb4a651d099ca |
| SHA512 | 449dcbe43f29de838baf870c6315151b481c581ada1f3011a3ec9934e3262377c89c3d0b90e79927cc35cef3e19c4b31badf96ac8bc5a7592e90fef37ce50ef2 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 98482ebe94fe4349934477b3325e7955 |
| SHA1 | 7217a32b6172f47ebb2b6b4b447d3b96dfe7f9c6 |
| SHA256 | 2c53ef8fac0e99c77b350256affb8b7d80388fcbd26911057157cfade60834e0 |
| SHA512 | c1e709ae09650579c914e9159ebb830ff0aa703859df363143e05cf93f6bf5ca523cd7c3d588887f7c7486bf38dbbb571e8dc03da4003cb4ec0ab6bb237cf51d |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 259a1e4e7ebc4b0d0341ffcf0c3bc2ea |
| SHA1 | 9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c |
| SHA256 | 4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1 |
| SHA512 | dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 3b1c9b45033afaec33e463f25e5b57a6 |
| SHA1 | 29627235abe4539da159b93bdd2bf2db9d2e4e1f |
| SHA256 | f92392ddeb0830eb6b4ea0f4f3cb52b286104a4e309e028a7f87d9d9f91114cc |
| SHA512 | c80d9344108f25dd14dccb0a3acb17d6751893c40374e3c0d3d7cab8f9aa8a5174bfa82d58a572ca5eb685865a3ad9603a033ddb404cd701111c33939851384b |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 06e89ff7ae145acc4ff6f9fd86a867b8 |
| SHA1 | fd95be16caf2ab99599450c7787bdb26c007afbc |
| SHA256 | 64276bdf255e0ff5a70af8ca2276b2caffe96d86d1cb76ca5e73acdb75a71e20 |
| SHA512 | aa5e140239af5f8587e56fbf2c1727ad4b30dbfda7c6a69447011d92cf8126ae53ab29a1c039586187d3f6964c17bfded1102cd3881e8b562b2ccfae842282c7 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | ea628e04765adaf4238a5dcdff4bbd51 |
| SHA1 | a801947619ea8c368efe9c006a324dc6339ac60b |
| SHA256 | 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4 |
| SHA512 | c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | f8e417f4968bc76b2f07d0a8acd5de33 |
| SHA1 | 20ffe5040de831fa609c0a1bd752766e799d0206 |
| SHA256 | e7ffec367c802bc3c483a370c75976fe6bbebbec6d07ee30d45cad45ef285fcd |
| SHA512 | 2aee00687b65b9472d741c87febaaf9260a9894135a8f1dd675b7c4b16aa32cd42915e1771d59c85030e03b440c4b08539a9d200c9a3a77079f3fdd8ddacff8a |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | ce6e3ac4aa887b2ea681c3e55e735849 |
| SHA1 | 20c54bca337a63e24cda6ff8f9c1b6357a4c9751 |
| SHA256 | f4fa6605f5d5b53f97592962097571eab1952aaf87e90863582036009ef63458 |
| SHA512 | 441946cd14481e9bc6c443cee6ba1ea10411e57d2333c1e28e90168074877524b08a2c2fcb78f02fbfebbbc644f66df8102938c2111f2182b9cee87626fecfe5 |
/data/data/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 11b81f32db68047c72327b60a74d1a47 |
| SHA1 | 418484fcdcc85b5abafed6b86aefe19c6eae4623 |
| SHA256 | 6a438fa58937d8f85240e05349eae78653269344985101b7586454e440568979 |
| SHA512 | 1d6eb80a0311b212017010adf41af4ea56a57ff5706d7afe017d42851f5b08651b7aba349202a6b8388bd6dfeec22880800e52ee883b46c5069870ce8390e274 |
/data/data/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | f9e4391e61df5d782f2a36edb3ab63b6 |
| SHA1 | dc970343ca69c2a193c55898346d12fbbd926d63 |
| SHA256 | faeeba264b47b2d0c1a7dbc5026ba1b1d11649a56da11e445b04df717f864336 |
| SHA512 | 93f1ec462bf049489fb8865d7d1ed06210f3f06e938e1724957f13a57cfacb614f02fde4a61c8460b6dec9d454491e97782347e7890b01e84eb3326edae4342f |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | c5381e3f039985715f60cfc3f61cb504 |
| SHA1 | 1db6d433c69939f4f6b1e103f2c92c98daa87c15 |
| SHA256 | fde750c57223918efe688a214e0bcb27f5fe44f06323ec26f0c445e845939083 |
| SHA512 | e972c032332b6909fc6f627fdc41f93b6ff1e820083e5d470cc066d7391bf06979df54e8c0a8ff0d27e74e36dc07fd3de03cb4bbefd8a61ed555df74cdeb6271 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 00971f30880618267dffc3c748169fac |
| SHA1 | d24d0e21ed8a7d9205424b4febfa3ba0cc0610db |
| SHA256 | 58847d4d2bea18acca63b2327265016a7d13c05edc9b80f676915f5268060f97 |
| SHA512 | 38e022bb409225e694dc0e3c20411bedfbc9eb13911e55d42ac32040f9a3246f4dd978efd49a3311af15388e8f1ebd127094740ee4dd1bc6a90c277085255bbd |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 4e29636f779a4b904e580737d90ee68b |
| SHA1 | e6374a8748bcff7c0411faa61cb5560e46448762 |
| SHA256 | 4be74f890be75e6c9e7e6f8582469f995cee050378a4482b23442cf7f683b453 |
| SHA512 | a14f79c230bb8c53de45e1d3d1aa4e26261e35df01c2907fa6a0919519fdcbb9b62c4ef035b6ce623d25fb8a823982a00ebdbff549886600562fb6d9fdb37117 |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 9a5be5e2ce75f953c110ce459d505f2b |
| SHA1 | 97238a9b9e75f127fa0890de52524bbf313c9f41 |
| SHA256 | 2338da19d4e51006047851717d31093784895ff6ba22761541594dee9935186e |
| SHA512 | 92c4111b3ca633f18e516be7273785221615ec688cb7d8573d107a1f0f151e3f414b7dcd1ce4a4da1212960e87b86066a6fc9e8373688fac7b72e7a1cafa31d4 |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db
| MD5 | abe9fa56c177c65db8c072e6d81fc41c |
| SHA1 | abe9e9bb6f7294324f549af4435f58578ae69f2f |
| SHA256 | 53f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a |
| SHA512 | bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | b593883a38b8ddb46ea6bd17be6bdaa5 |
| SHA1 | 3d5d934c7cbb89fbe41df9cd092a28f3bd603175 |
| SHA256 | b286cd80e2a70ec0fb191232d671af4159be0d60ef793257ed138b69379dc8c1 |
| SHA512 | 5f980831d640a118a798f766aa63c667ec9145b7c0984ecf5e1c20cb9994882a000f96f1e82a4092a5242a508bcbdb2a660e5e0da461319b11ba8bc710b398d7 |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 8d53694c5c67a6bfde76656cd31178d5 |
| SHA1 | dd0836ae34ec2f444d8fa3d2c423005193a1a67c |
| SHA256 | 5c0065c8123b54ab6d284f795771e0fbafd0f5b59a513aeed776e5ec105066d3 |
| SHA512 | e79ca99190e735e031d751dc4b996b14edb98b9924a7faf6c7863b9e05cdb88d9d71182a958e32c4ed4d87857cfb1707966f8d9815eb5b79244008a5be493fa8 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | f1a299f4769577b96c959eb5c0d382d6 |
| SHA1 | d01ce5258b4fe598b65bb05a02228f38171103a4 |
| SHA256 | 7bfe58e0eeec7156e4a92cf5b92ebf22fbd216dc94566b2860d208fc604eba38 |
| SHA512 | bb88771832e91964e748f9df59df5123612cea088a7fcc521efb4efc8c8166b96ff0f985f25c443affcf80a9ab0a746d99dafbc5815cf7e63672320efdf5bcf6 |
/data/data/ir.ziba.tazyinekeik/files/info.db
| MD5 | 15ab3f45e1e77608cf4864e629731005 |
| SHA1 | 16fbb984cb68aa76f711eeeb32e322ecdce1bd3f |
| SHA256 | 69c091e8114ad50df9b677c6f539687783601e42a4c8f1e6609c1a7e257bd5ad |
| SHA512 | 62ca6243e638003f9f5e4f4800dff047db25160ebed2c36bc8a2b3e0e53361cffaf2ac70fdec3dfd10d668b03b51852b7dbb672015a7ac1ce6c310d61ff58540 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | e638ebaaf86c48cb2a458f600167582d |
| SHA1 | a767bc5ca908c16603b02947a0933037b8340d0d |
| SHA256 | 2ce2c6d3d284c36eb588893de1b6ba297c9f24eae3aff04d3a61dd320d42104a |
| SHA512 | d425a329b681fa54c9c65bce1e2345d1021f5139826436fd79fc5e6548653829776e3e5f4e92679055a0e377f36df017e6a1a1108a8c06b25be06b8a07c60139 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 0e7261129632f194584f57d97caa7088 |
| SHA1 | bff4b0fe3d6c83acc9dcc1eddd4a12fa5a79f26d |
| SHA256 | f95fde9d39c488a5c4ebbd1c045a5a5f66c95260fab265003a59fc5de3ee0d0a |
| SHA512 | 2c1ec1bdd3f03d30c50ad9623f43fc4c84b942dc14c8da420466e6c8b045d88bcc0079b8003c54663d46031157810a8aefe7e82d99458a6d9d350a03784325f5 |
/data/data/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 16d25bafaad6d158417c16a475df3342 |
| SHA1 | 19f5f3ca61d8e6187df7e380d2101d29617b6096 |
| SHA256 | fdf55fb5d0d0c487f44f35136c21584ba466445659653dccbf647d68b789d051 |
| SHA512 | f197c7ab1d5fbe0baa123a69dc07daa3b1f5e083993745fa190547601ef4109853f6476efc9ce00cb6d5ee60f1a204157be5081cd312b93caef3dc97574fbadd |
/data/data/ir.ziba.tazyinekeik/databases/evernote_jobs.db-journal
| MD5 | 379c8b06731a7fa1e6188cc87a4f624a |
| SHA1 | c166899eb685ea1c6c22f1ddab11318b676eb471 |
| SHA256 | 281bdbf3d63501bf454d5db411ac12467ecfcda6383412fa3c4c2382e32ce44d |
| SHA512 | 8812f4a3eacbeb99ca46332ba6ae96f7ab8111f5265ce91a9abf8a56371bf9d7470d5832a7bb2fca7fc06bfbc6943954ef23322b3d91418e6c9ccd9e1aebcd3d |
/data/data/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 2b87024c384eeefb21c3f463f03459cd |
| SHA1 | b4a6ba1be03fadcb2db20813b8bfd991d517d89d |
| SHA256 | 0805192787287e3417624430c1271a523057a635ac3ec9089ebd9fdefc87cc52 |
| SHA512 | a0f0c134a9981557f67a7a667e3bfe0256272588613c420e9ab62f205f502f752fad96ccd4e1bbfa2627bd87626e5282142abbd87e7a3a433c08afe7e0126a7c |
/data/data/ir.ziba.tazyinekeik/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 9ce8721dd2f15c63e63f1333690b16a0 |
| SHA1 | 0abb40d79c4caf4d467940b47168d0c42438ece2 |
| SHA256 | 91b91baad077ea7136500c8d1a6f0f14e77a631fe210f4310ddacbb7dd40fd5e |
| SHA512 | dadb0d298f83ea64253135e4f953e2de410f7c30489b91263881b20d9dafcfe3f4351bc4a441e778bf8a665a25540175ed3eebe3658cefbcddbedc86d166f5a9 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-23 16:37
Reported
2023-12-23 18:39
Platform
android-x64-arm64-20231215-en
Max time kernel
2549627s
Max time network
150s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.ziba.tazyinekeik
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.10:443 | udp | |
| GB | 142.250.178.14:443 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| BE | 108.177.15.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | de26691c89c985bfab5949b805d6fedd |
| SHA1 | c65e5fb3c1e71bc5fe669b983ffd64af9f3c535e |
| SHA256 | 2d3b2e12b9047e0d59331489a03d51623fb3d22639dc7a813b1ceb1474c96d9f |
| SHA512 | 07fde0574d12bb2f9318e6adfa77d8283a44940edb6704954a000b73621775746e95f26d5b5d72ac359f24639f2a40694b2b3efd38031afc66c8cc1690027f67 |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager
| MD5 | 2bb8e6de6f86c7dde2f06b9f26bbd61f |
| SHA1 | cafb624f87a38c5b371d214edecebbce24542e04 |
| SHA256 | 42f6291f2ceb12dc7a76867c36cfe26f91af9f0880fa26d8d419e355e0117a53 |
| SHA512 | 6d727346cf01331b6dceb5cfe498415593972a398b1a051b8ca195ef13f3362716c7fbab1571a5e203645a6ec07bd15046b92b009b7b525e511085b4624b1df1 |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 6332640a4eca265f7c0e44da2b54d304 |
| SHA1 | 6fb8e5b0ccf8f49c25017754727ded32f37ea2fc |
| SHA256 | 451a65f6c66877c784c8e9095ac3eef183bb24256322bbe9dda523269acfa807 |
| SHA512 | 6962af28c12ddd05d45b7afb1e53449bc6a1a6d87709a2f8c9d66102f65491850a45b48a6a4f7f793fc7e2648e1ae574872be47a17024430a56b742a7b9edc24 |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 2afe9cd256d26a40324041a5fde695e1 |
| SHA1 | d5701017d8b7c873f2a538e4e3668e7262959bff |
| SHA256 | faef01a3e7af27ca77d105bc3e2a1b4ab5b522af8b718d3f401c66a97e2c6605 |
| SHA512 | 3dc4f9900179c1d53520c81d90aec3645330a4c30fd657263f8e54a92ceb17d9f1eba387bdd3c375d7451159b14bd3c433a3c9bc5d8908b1e64525951508250b |
/data/user/0/ir.ziba.tazyinekeik/no_backup/com.google.InstanceId.properties
| MD5 | d8f6986181fb76c9cfe45e30c73d3772 |
| SHA1 | 65caee5b6b9a3cbb92674a36b95b659a6f1c47ed |
| SHA256 | f3ec658a212cab389092d97bd404db9215da21d088904fd144fdd38120fb0c82 |
| SHA512 | 91410e1d9ebd58eae1a4533b7913404f831d9adde2e65a4144cde339c23c07e01f69eb860e9c051608bd287ef160028a5a626b279fa2658a68e2eb263adb8a2f |
/data/user/0/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b6f842e3-1b5b-4fbf-a33e-fbc9b6f2951b.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | fbc85f99b78ab8c52fc251eddda7fd1b |
| SHA1 | 035bb42e2d292aec66f24e730c1c83faad38e6b7 |
| SHA256 | cde272a7d96a0e05c972f19b378eb4e8a09b41fed8832d5745ba3e374614b9ad |
| SHA512 | b440d14f6e42a0d886ccc565c4d9b921ebc3538e69c6f693e0ab231c20c0ee594d1d4d81f9f35b9b45ee7d94f0a00c00be7b6d979b21a0df24dab5c13c1557da |
/data/user/0/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/19f04de5-2000-4111-9ea6-e8df22958fc6.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | 5d8a8bbec522b2bd00321c56d20536bf |
| SHA1 | 3ae6083460c8a7a45e601f63fd5c09c20753aed5 |
| SHA256 | 0c45bf6ab26776bcd0fe2661a6ff8eb6a7ae89d17f8a40783f920940550f4d5e |
| SHA512 | 86c0b53f57e1715e1e4e511eaaf80039009160bef8da921c8abaa9edfd94f9d8bc4f76364fb73313b99cfa86e166c014b249b4a1afe261eb6eeb1e673575ec02 |
/data/user/0/ir.ziba.tazyinekeik/databases/db_default_job_manager-journal
| MD5 | fbd6fc4a7bbd7f7db5ac4f30a6c609d3 |
| SHA1 | e59cc4000393cb076cc965be600ecf21297d7994 |
| SHA256 | 0ef7b0c6fd28be4d64f1f42a14035b624288d64f04f22352b294910bd1dd73e7 |
| SHA512 | 539fe8f212b8c1db37c259bac62c32716e832605a270c69c2bcf64f5c44a217aa8e9fbe3821baf85982f7a4e7cb39e0fd933da31335f5746cd7a19d5dd177a1d |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 846ad86567c17099c9ca05f62c51f5d6 |
| SHA1 | b2bffe3bcf80c2c39bbcc8579b95ca646e0b0fa2 |
| SHA256 | 0bc6f18daf294084655ded18fef56c607a6624ad4de88ac41d05a07f91e3650c |
| SHA512 | e0f81a35fb95297525087fd28c74aea093540c36313d307bc8420402a26c60546f424cf5f652b7fa8d25d88b79c4bcd4da05333a798dda7a7daff82040447bae |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 0660d3ef5f0245096a9fa0f61d6a8666 |
| SHA1 | 282222362a5a05e3153b7f6b49ef35c667b19542 |
| SHA256 | 1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2 |
| SHA512 | 18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 98f081cda2c8270f8ca13e9260b1d545 |
| SHA1 | 5127ab466cfdfb5c19e7fa719ab018d8d7119aac |
| SHA256 | 781d79b38847f54529489edc794d9020a29564e561a1a8f891a56b6dbbadf20e |
| SHA512 | 821ab816e09ed09ecdd944618a248bb592019b0df9c054a0e82a9754f2f69e17c7b0e5ed833673cd1da3da3155e532edf78df5d16032c1a47880c9142d4286ff |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | ae3c4fa87b93127a8e3c5dabb925a1cb |
| SHA1 | d8f457e4762e2eb9996dfa13430449fd81a0fbf2 |
| SHA256 | 59d754f56844efcdd05869a6c5744599f0afd4fe8c63342ec5f94ce5909ba8e2 |
| SHA512 | bd89b64ac627689670443948f619584cb232d66b27718f2e8fc27e69215c0c152d72c74c98e4de041108fb85f38d7baa4465732e7974ffe623a9593e28b53548 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 41dd3129d17b8cb6ffe6ad5778661b1b |
| SHA1 | 8b53f819d19aa385427428c216dc3fe9fc72fa6b |
| SHA256 | f057072fb8a10be49c7dd7f421f40bf0fdd863952ce110e664bb8b247ec1c61d |
| SHA512 | 30ba8affd3ad0f148f0d91a97c2e307839c9888fc27c4d90f46a359625cf57c35b5edcaa62ab8bd3325c1163ef79a98b11623b03075d096033d16985eeec8be1 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 2e8d2b7e3b1a8758ee427d301314b7ef |
| SHA1 | 32bcf7c03fd4934e1224feaf2114df2ae56d0551 |
| SHA256 | 67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d |
| SHA512 | 2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 69f271705bc22c058f8327793d7911e1 |
| SHA1 | fa3cbee990fbcd83e3f8f8e6851c56354105b1ac |
| SHA256 | 97349293fdc7d7f80ad473849260660829a6417ffcf84ea0c30d731147e7e642 |
| SHA512 | 03638d5ff717d5666edcd8cc037f0a2c7bd0dc9a78c3b8c894ee77bb3bf2375369f34a43e6d9840b5f36bdc596b2e475d4718c0c09f66561d19c544731bdfeec |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 171bf7e746d8ea8d74ba873ff20fb36e |
| SHA1 | b39539d4ee09a5e6b6ea60d1d608d5851021700f |
| SHA256 | 087f082dcaae7e2dbbf4101212e04f01783b3ad2acf5308a5d52b466f1085907 |
| SHA512 | 068994fcd259aee38be13b08b8e2caef1ff1e244bae254110075fb34fbebaa0bdbba51a43531a08b5c04f2a3b0b851116eaf73a73c7a7b9a2287a88c4f104888 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | bb657a83beecf97f4b8133fa72d70ac5 |
| SHA1 | 891df83171dc42936c8c9af7bf946d25b2fa48d6 |
| SHA256 | fc1c592806abda18cdf6b8f96ba79111ffe90c388452a089265fad3ba2dcccc1 |
| SHA512 | ae49768dd72e6b6fdf8699ac8a75ed12e49042b842af5bc3465c562fb537a572226e86b26f90a5655aeab4c4f73b0edea0395a15cb5c85836afcdbc09cb9c032 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | fbdda2739afca40ab89c58da099771c7 |
| SHA1 | 65cc786f8dc25301a8c18e355af5914ed50f5cb2 |
| SHA256 | f2126620fbe674e2bac2a0d55d74a44b4b60565ae5630059e5f773cd7dc7c751 |
| SHA512 | 69fe905058d418446c8a1feb953413117dc49caa15c1201783e90fd4b421afca1dd8746c2068b915098bb3c8a80736d8754143f2333cc77c48753193fdd8de13 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 33613280edd516944559a687ed65744a |
| SHA1 | ab08d5227959118f60eaa293f004cde17e314f76 |
| SHA256 | 32611db45538bd5fde0234d315a85876608ea245fcb50a44da80867a415c619e |
| SHA512 | 113d4d58c3bc8f99c24c424fc807483ee40c9d2776d710116965f07ea4df7faf2a56f9a2091cc6faaf048fd6405262b284ff5163f6baa53b5bd79ca1ee464ff9 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | 582aaf01548f52bd06735be39ae1a202 |
| SHA1 | 4a2ce27139058a0e2fe8bcb360e4b82892ae8f23 |
| SHA256 | 9cb4963e9714ace905b0a158074888d8b8f125fd73e0c40ccf6016304c07e490 |
| SHA512 | 6e782cb1c3923f5716ef21577749c2377a0a4fdbb783490a644eda2f9707309c5cae8a5fc757d45d90cb9aa8e9fe4672c4de3f0145facf2433f6b7d8d4a75716 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 5b1125790d48b32ac8bb977886f7ff81 |
| SHA1 | 0d21f41e76d04df1a26dd17f0ec89ad4fb0ce0b4 |
| SHA256 | a93df6c869f1a26246268dafb430e63eaa90e266fae741dd9d3a35f3f3bbd36c |
| SHA512 | 71d550f062a29f40cf818eca0e9524991f5d1ab8e0986b34e0b70eabb94bcaa1fe5b042f1cf6313111e29191fea5acd8d11bfa103bd0b651462c070c6d028fa4 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db-journal
| MD5 | 385cce599d402a0db2e9abc179ee9de0 |
| SHA1 | 4d2f9097f9bd81488a12c03f0d83aac595ddaded |
| SHA256 | 4bf3bc1b8d6d9425832516169e5a522b2cb26f14899cef9a55700bef22f2dcf9 |
| SHA512 | 0fb380a1548d045edb66669c02b2daf9042ab030822fb1ec6e92e1821ec2e0d592146e4fc06e8b393d80f2ce5fe6630fb4487f887b94bbb0f8321ae0faed53e4 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 8982e8bcfb1bc31b4a285aa59de055fa |
| SHA1 | 2fb7a3b4d7202ac86f04cbcd1fd20cef0de27ddb |
| SHA256 | 6bf79f8981fbe0b01e386dde8fb9de0dfa0c9878211f959f118bf069f6e9212c |
| SHA512 | 1a0ea48b2b03936ef8d3047bfdac6ea79942cc68e3f2538e45bc86d67576b56b9ba19914c997e27ef82b14c710725fda02206272862db35f1660f00e48231203 |
/data/user/0/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/ab2ae9d3-673f-41d1-80bd-cd98359bc34a.jobs
| MD5 | 67dd22947e8c1a7f9a87a8d3f0cd1489 |
| SHA1 | ff48e2d6fd74898027f2f082dc02d5b4ee9c64a4 |
| SHA256 | 0d6dac4578fb31a57717c3a22b0d18676536a8318246c6153c26c945fc36856c |
| SHA512 | e1c375815d0b177686c73f8e86808c3d9a22e28608e44568b78641c0e4a71782485ee163721f1d4241e61ea963906151355e1e922f544fcca2c4e51fdd728870 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 1539638655e3a21c1f9541b9f382c7d9 |
| SHA1 | f1ec0dbfc979672a80229ba4900becf03af6b617 |
| SHA256 | 7b6e04d086f1f9713e43f93230ad0e7015ecccf1b807f88d41ca376ad895feae |
| SHA512 | 4db90f65a406802f8f923f20a167a044a83f94bc8b2386b9475253d6a38c54b38c368ba1a3b1f066a34694f0128bf1caf434dd478613d3c4581244e0a7b4861d |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 29d10eeddef5d74391c5b4c45fc7dcbf |
| SHA1 | 2a27e164d20d04a2818ee6722618de4a7150c82c |
| SHA256 | cfcca7280ade70b79dbaf3b9ce43dec799440c5c1313c732c61ec86a6079b10a |
| SHA512 | 0969402f5c49648a4cea941a0282b8c315ad25884fdc0a19462df8bd5fdc14cc7e767180273054f1c0aef4ddb17d0a1d33a9b34ef606e2014a4c82fc2635eb3b |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 4b3dae40442fc03ce7cda17915206f91 |
| SHA1 | dcf1fa6a26eee08fbf182a64329ec3d72baf663d |
| SHA256 | 8d97ad25f2a395d993843dd06b3915d0d6b343320063c99afcdcaec297d26305 |
| SHA512 | 19da2083f6ed1cef3f3bbe277fbc0514868054225704c12383f6ed624fa4c7229d0e7a7f89b2ff65e68ab6b34b721ebd4e81fae2473a27bc59938dada059ce57 |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db
| MD5 | 2cdf77d5c14dd3f313b60c691579a0b9 |
| SHA1 | 6a74a7a3170cabead82152871c90749afdd6f310 |
| SHA256 | 55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0 |
| SHA512 | eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 591999864781016d616fcd79e7d7d792 |
| SHA1 | 8b0fde971defd76258eaa1ea589c880afe7b0644 |
| SHA256 | e1a1901591f02f822f0ddc2992980df814894a9eeba1a6bd85287356411cf7e9 |
| SHA512 | 53fc6f1865dde8eb1ce7f3e7f9ca3b8f575a7449cab0a21cfaa6d355c67426813c2402cc0fc2ad29e7e430e4b3dfdd6a3bd9fcb67536e4d7a2fcfcbdcbaa1baa |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | 6ab9e356e7026b563930042851f66c31 |
| SHA1 | 1d20ace6c4ad8a567968740d42d6006d7985a2ed |
| SHA256 | a22389dc467543b5ccc2a53a351739aba98b37e8ae868d427b144a236fac26d4 |
| SHA512 | 8d8db0c4975c72e3d084825c817ef9ff8ebee3f71b3f3cef60855cce4eb15a24eeeea5001f78d27589a0e40122a21221fa6485cab6da2846a5f2d241ad3716b9 |
/data/user/0/ir.ziba.tazyinekeik/files/info.db
| MD5 | 15ab3f45e1e77608cf4864e629731005 |
| SHA1 | 16fbb984cb68aa76f711eeeb32e322ecdce1bd3f |
| SHA256 | 69c091e8114ad50df9b677c6f539687783601e42a4c8f1e6609c1a7e257bd5ad |
| SHA512 | 62ca6243e638003f9f5e4f4800dff047db25160ebed2c36bc8a2b3e0e53361cffaf2ac70fdec3dfd10d668b03b51852b7dbb672015a7ac1ce6c310d61ff58540 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | dcbbbbfae63be8bf14b1df79da980e7a |
| SHA1 | de8657dbc14ba860e5cfcf32f259c393a82f052b |
| SHA256 | 735141cee32bc54142caa8b08e269cf416ac30a5268447f6043e2bfb9f7d5ad0 |
| SHA512 | 0372fc8b4e4fa12910d6e099604118cb9014b62b113be215bcd4c23d20ae694bf686f5f8f5bfe8b0533da5349339643e5e82dad8355ca03245f45c4ab2bbb937 |
/data/user/0/ir.ziba.tazyinekeik/databases/google_app_measurement_local.db
| MD5 | 8d0cd16581ff038bbc5e88cff4e8ad97 |
| SHA1 | af55a06a1a75e0c5505b71c89a4959095fca7b51 |
| SHA256 | bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89 |
| SHA512 | d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | c2ef14e1f773de87a7f2f0bc842b394f |
| SHA1 | c42251dd450a92657c603b2b857fe7363d958015 |
| SHA256 | a48598ada1d073ad61df9e9cd3f6d41307d2ac135873634a7c09f6fac2e1c70c |
| SHA512 | 974c4dead4b2a0b6cc0c0faf4943c2ca76b01271b17f88ac0f187c7f204aedf15258329e9cb37d95cf88bad765bf6abc2e4940c5a53f5e34315b36aa08003990 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb-journal
| MD5 | a0dd4e44dd75a5557fe312b1b14517bd |
| SHA1 | bf3ebd578073a26474b85af93964da98687eb4ca |
| SHA256 | 7299dc359fd4637a6f353371cd3faeeaec30e80df842dec887cbb7e1c3a9a5a7 |
| SHA512 | 3f3f8c368174feb21a8e0804d6f54becb88ae7ae94e046c327b616aade25fd35dea2e2c52a96da8f91770b221bffab41e6e35cb97a71fbbe7553ef63a34fd502 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 458b9dd08f12c9a2a1356114070c8967 |
| SHA1 | 26378fada50dfbffeaff70cb7077c635f1f08107 |
| SHA256 | dd05a5f1e1975517357b2180b02a83248ee168af64a6617c129eb1071b91faf2 |
| SHA512 | 6f03bb80f91fd2731a5c5c4de24fc0d42996b5611a6afd77889fc8550f074ba8c83328d1bceb680cfc41d898aa433f68edc00586796d454a9c90037d3a67e440 |
/data/user/0/ir.ziba.tazyinekeik/databases/cheshdb
| MD5 | 5af5d459170a768554130880de073c89 |
| SHA1 | d33caa2ba95fa3cc22b58460d41b81877eec31de |
| SHA256 | 2485b53380b267259304e4c47d48726931b531c11453a07ea91d11f02e05e217 |
| SHA512 | 6195ed10e8568023e71b4d5716c1e9a7388f53c0a01f705f23be4e6d5ef12cd663c4b9efae9bcdaf4562a31f680c76f1a55bc5a10b1cc0756f804678e6658b84 |
/data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | c44a45ea9cef0fc2d29ba83ad9113a82 |
| SHA1 | 9dcacff2f2add981fa416f43e322997484ae1322 |
| SHA256 | e74cc0c02eb6b9263ebdf58b855ba7ed0ce5e989d8eb17f2f31f2f433b42cf8a |
| SHA512 | 6f3af1d07821f7f2c5672a15c74aa764cb7d17a5200536533881d4247bfeaed8ee0795a2689fe450b881aa2c7ea72fe80a6b8121b15b7f94bf72cdeb9824be12 |
/data/user/0/ir.ziba.tazyinekeik/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/user/0/ir.ziba.tazyinekeik/databases/__pushe_base_lib_db-journal
| MD5 | b1d5f9af4585a47b898a35c1ffaa873c |
| SHA1 | c0cf7a2f06d106c20a373c43b5ba3a93b30d82c1 |
| SHA256 | f389b34ef507ca496b03ea4356e2775c8277bea740c8e1ba28f3a8a170acd43d |
| SHA512 | ac7b5d4a9e26898ceaae663530d1422393f6fb9a79fdae90a2a9e38b0da2b5573241414c9616a5fd8ecd5387b312a53095d8fcc427921195cfe60d613534d516 |