Analysis Overview
SHA256
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b
Threat Level: Known bad
The file 4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests cell location
Loads dropped Dex/Jar
Acquires the wake lock
Reads information about phone network operator.
Requests dangerous framework permissions
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-23 16:43
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-23 16:42
Reported
2023-12-23 19:15
Platform
android-x64-20231215-en
Max time kernel
2551797s
Max time network
165s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.sibsorkh.gazakodakk
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| FR | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| FR | 216.58.201.110:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| FR | 216.58.201.110:443 | android.apis.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 216.58.212.202:443 | tcp | |
| GB | 216.58.212.202:443 | tcp | |
| GB | 216.58.212.202:443 | tcp | |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| BE | 142.250.110.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| FR | 216.58.201.98:443 | tcp | |
| GB | 142.250.179.238:443 | tcp |
Files
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | c491d92b7283d65b68f50e357304b07e |
| SHA1 | f6adc244f49e9cc36ce2f32b234ec1d4488d08c2 |
| SHA256 | ec221a9bc0272ed93e071d34ee6773025c8ba8c04e5404a700a4750f90d540ab |
| SHA512 | fa373ca2709371149e6a97cced7e88a1b19a19a3538c9e523db91e6dc1929554013ada06d39a3b85dd5b1f002dc9295e5710fa92fb99cd9d036c58cbf270c74d |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager
| MD5 | 163b0e3f017becbc89b9d7f330b78f09 |
| SHA1 | 1ef9cd8ac8655190468d0ccece0a4738634ab0f9 |
| SHA256 | cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36 |
| SHA512 | 6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 5134dcd3dce370519dee69b1f9bdd7ef |
| SHA1 | ce268f18e3af2d9f3c3933cbb428275f3eeb9994 |
| SHA256 | 6615611037aa906bc9d4b06760e8d1e8b6e856c83de3f5facfacf14c760187dc |
| SHA512 | f17521064cd930ab7988f112a4c6ec6d0832a3c0d4484bccfd74d70f7ce3abc644856e15242f44413ce6a962a9bbc15f15a1866e1f47136879f633fd839b9f4a |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 48d4d77df02991ec8dfca35b45fd1384 |
| SHA1 | 52eab4beaee678380ccf86ad390747d41d59e4e2 |
| SHA256 | e9337310ef05e4a15d8cfe4862513a6dc07938dc745f0704a253d691952cdfe9 |
| SHA512 | 5e65ac6eb8a45d78bf47dd7e4a218d8d1c69cd8ef8f462ad68d21d1d579dcfecc72be36f71eddfa77a7213b1513f04d2974c11114b8ff9b26ffc2769f3e4bfd0 |
/data/data/ir.sibsorkh.gazakodakk/no_backup/com.google.InstanceId.properties
| MD5 | a9322d60651f88aea2d336fad1c5b737 |
| SHA1 | 6c67d18aaa36fef4a2158c75f494b53c1def7ead |
| SHA256 | 76bbf9f5f528d99cc0312e55ae3ba49dc0ce2b0be9baf8bd74b76e94646f371e |
| SHA512 | 13cc90c381065c977b4f40cdb2bb14a09233f1514ead5af29b6ea175979b7f0a18e52c0f14e0c1ab491eae2bbe5d81de7b14f135149a85492c88b4bba6b4ef3b |
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f1af8ae5-c331-4938-81cb-50841d5da576.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 0f08baf594b474fd1aaef977643393d2 |
| SHA1 | d8aff5963f57dbebdfd8327d8587386c58ae0a31 |
| SHA256 | 9874fe9a930b2635a8d9af9e00c89d1c968e4687697f64cab4a3d866dbe9136e |
| SHA512 | 92792018e970c822576609323d234c5b4724492154199da9fef258848fd61f4e2edd417473efc38ba3843fcf23e391b2731cc568e5886942ad04edc73b013308 |
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/629b9f1d-726e-4be0-b2d5-8ea6fcc99cb3.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | a295789741dd62ea364559a66df7cfb4 |
| SHA1 | 229f5645dd56169dca7ab0ea78b518cfd1add46a |
| SHA256 | d34ce72b2219f1f773b3cd94396a533b7fd1a353cac1060ee889370feda4d8c3 |
| SHA512 | c6653f009606988d52e28175da82cd0c2de2ae35ef63794785c1b70fec4537590b0955b8e8d1a88f83b27e9bf096181d9d54a42dc87efdb7662c139f22227391 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | 4b3031ace5ea23c3103b871190b8798a |
| SHA1 | 40182327b33709fbe8f2988a25b74398508dcdf6 |
| SHA256 | d8df8fa3f9303b5d16cf035320a9b4630b2aa048a9eb93f8d8e9fb0261647052 |
| SHA512 | 1e94e0bd2c06601c115d9547deb009a99380e7370d66cbe31005e6f8e0b08f08bec7d062ce41f339960033e7b8c6350b62efdf1cc1b270e75d04d2530a0df19b |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | ea628e04765adaf4238a5dcdff4bbd51 |
| SHA1 | a801947619ea8c368efe9c006a324dc6339ac60b |
| SHA256 | 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4 |
| SHA512 | c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | bcbb5ae199b29d81b83873972756bdfc |
| SHA1 | 95aaba20f661f742dbea26f632454dc4fdbc97bd |
| SHA256 | c707d28b00082107e4a311c560f7291bff3139b7490b54f64c1dca4d2aacf101 |
| SHA512 | 0773bd8b96d371a45eeed06cadf5c6070c2f9183224650e5bc8ed5f521e3a09aa257678fb79ea740dc1f3fecbe5790087a33e9a8986188054675de874a6394cf |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | a6057411affff8346c181580bdbe9211 |
| SHA1 | dce63b79dd44fbc5b7ce54fdea73b70af84912b3 |
| SHA256 | 7af1cdf1174ffd836fbdd2c9d4b3ece654e12f0c955fd1c92ffddf276d9740ae |
| SHA512 | c8bab37de91876bf25152346455addaabc0375530ac4662a5183918ca20bcc242c4fd79e24afbdba0010b465b2184db147fe1fb75c11338e247711d3e83e2cd4 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | 646363b6b7ead1686c132420c62c7a35 |
| SHA1 | 246547ad160c770611e72b974ffc1a95accc9893 |
| SHA256 | 2ce7742bd62ead968e163a7363a61a873940052ec035e16ba1b61203783a58e7 |
| SHA512 | f55aea2e481decc962964dea04cc75cc61079805bf54075edcc9d221d6edfcec48e61ad2aa8adebe2d07c8f98526e1859efcc3a9516a61b53ff9f05ae00f280a |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | ef87b87814c6b0c42a5f0ab62009ede8 |
| SHA1 | 52bc00179c13945b4708c45a5f7ab3cfef08bcc0 |
| SHA256 | 6354ee702cedad0c95ce5d1bee99f630ff586597f701736006acc1c47ab53d50 |
| SHA512 | 611a90d89e25fd66487f0f9c7eb7a4fcaf7fb2beeee32a4608d8f3f9822e2ea31091f534ee12260251a2b10c2a8b5523608c694a3228a16c134bc49cb2b4e7cf |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 3fec799f60c5d4d0c8bc95063cb539b5 |
| SHA1 | 1e0a74401e4697cd725b3589261ea24e0eebc25b |
| SHA256 | 6881e7cdd686f1620e9c38f257b8139b406e363731d641ac7222049866af8aba |
| SHA512 | 1329b782ba84740708b1e30f2499911ce9d0ed119f61486b02372c94a73ac8aea08d304b1c93439593d32aa50152d20e2519b3953b72f6faf4bb80c7e6c6c396 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | e2905ef69e6cf2659974dce7294861ab |
| SHA1 | 74adcafb162b84f39c72220725c4c1cb89343508 |
| SHA256 | e52f4a2221929feb797505441594ce64526234bbbb2cb23a23f3668ed8ab7c59 |
| SHA512 | 4b9ace7ac89ed632c28df23cc292256242db83d6ba0c7c494c46f1b5e5e3d837fda598364b4c70724ac51a22dd4ed2b73616d3795cd4739d1ade0e63b39dfc26 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 3c912335e763d213603b4f78bbea0404 |
| SHA1 | d5093556e05de83ce922cbbd2017828f7125e8ca |
| SHA256 | 15317e3c6471a4e6ff1d403361ecdc02355359d62f8ea236931da67b78fe7fc0 |
| SHA512 | 5525b6f91fad0c97048cf9c89bcfd28c88a47fc06154e137ca811d38679d781ba2abc6645a886c67e2e65512a0df99503bacce71a378e379611622143f0b90fe |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | ad24d9f81dfe2a6cc33c73f30ba3c8fe |
| SHA1 | ff722909bf33d6ae3f9ced889d60c59aea2d2492 |
| SHA256 | 7860f160c88d4e5a7ac9d5e2a0b91f5beae8d1af1ddb17e515f35b30b1ef79ca |
| SHA512 | fcc26d605a898539f0586cf9ecac812b18f25b70ca85e434f4b163060498c5c2cc6af57c5f428eef13b0aef0435b30e507be656bc2ca0867d779f0a569bf75fc |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | d03f93ff18da7cd85f08f765866b8356 |
| SHA1 | 75045af7373f24f947bf8c881ae0c1f47482a129 |
| SHA256 | 5735c933acc70703f9c938546dfd50bd7c27814154d845bc28c1d23daaaeb29a |
| SHA512 | f72e6a9096529e29ae320fe745b7c286f936f501ec6031f9ab8f5edcc36bef428e645f0ff9f2a14a4f90a6644e32dd0d3bde7b3980d49020bf14aa0056cdaa2a |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db
| MD5 | 4c95d8bc291aad0748a30ab87299df88 |
| SHA1 | c1c4617278b99f54ff2f23d5839e6cc6ae0abc58 |
| SHA256 | 8258bc89fba5f25b3ed0bd2abd9e5761d40d30fbf193f672900316b64b899a2b |
| SHA512 | 53c4d6df4331f07862bc2a3e79f1b0b2bef10c54ce5ce3c3e4a04b845dc0d04e694905eeb75e702a3c3894ffaab01720388f3b76d259d25a7eb9adb56ef20b25 |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | 445d31f80e3f4b187b86faae8008f209 |
| SHA1 | c65e7e327244cefb24b944475beaaedaa8dde000 |
| SHA256 | 16e4bba135d543de6da38f8faac3deed7de7c90688063b2ea9e812f8b5e6a436 |
| SHA512 | 4f34cc4b18c084415b965f90530ac85682310d2a50ecfad885d827c432c5856ac427fba5c60838eb147da05fec655b64286235cf80315f83d3056402c1da1178 |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | a74440d84d7990cda3d6904c13fac7ab |
| SHA1 | c973b4a82d5569f671aee835a386856870c09d04 |
| SHA256 | d163897570307d819820e20b48858b560f78fdacf270745659caff9055fc42a0 |
| SHA512 | 774f1b1f66cf5086cdc93a451ab5e5c81d17e2f8ebbc6f8fef5b981af178e6ea6e1bef79d61dcda0863c59256d315c270a0c1f3b7685825694c58dbdc158ffda |
/data/data/ir.sibsorkh.gazakodakk/files/info.db
| MD5 | 61b3b6bf7ce36c506752f50124166436 |
| SHA1 | 72867a3fc180185f5a664bf7ca574f40e723b8f3 |
| SHA256 | da124754ab43b99882dfa15688f23395e1f5e8c51814ae0cd42a733c17b89e6c |
| SHA512 | 49954191311eb5b8c56eaad1a5ebce73a9b57a4af30a6b3db55737c78fe2d76108e8ef700f2dfb15d79d8d43162fc06ebf9be60df43058fa806e516b6be8acd3 |
/data/data/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 2e60e62ac085f0c67451bf51e7fdbad8 |
| SHA1 | ea98a205cab4d8f25f5dbde6002f32afc6aa5d3b |
| SHA256 | e22c26506c2521e47dd6d6cbc43662aad30dff9f89f782ee3e92165c8eaf51f3 |
| SHA512 | 989f53619635d70500503404c059a686cb4e0dc91775d0f5cb06a41faef8d9cea386111ef9411424d4fc974daf076d47c8f50ce932bd96035a762114707de4be |
/data/data/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | ab6b197a03e5f433c2beb76189776e28 |
| SHA1 | fc59c366103e73cbcb89b132bd4169910e8a17d2 |
| SHA256 | 582d19cf6a9072a6addf6212b3172223cafcb190da7e1f392c1cdba2fa44ebbc |
| SHA512 | caa8df45bfca3403e9d61a8b1df3503571e03d6f4f300f22e2fc6677fd1a2f28261e0f6cee589abbae4b3b6e8a86aba65c7b737ba1fcbffb6544ac8046ac7eb4 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | b917880df312eeb633c7cecc1a523618 |
| SHA1 | fab152263c6835c6daad3a49f6ec32469e7f0e65 |
| SHA256 | b209cfa45531d22f1ddf5866f6ed20becdc409e78354bc0f60e1f3d81e41bcdf |
| SHA512 | 839dae2b90836063ee2004ef9e14dce5e1b837e608235cdd3566ef8f61186a2837e23ddaaf1c4922954868eb0a7f48d33dd7225013ca476571236efd24faebc7 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | a8af73805ef417f4ec2edb646b539c4b |
| SHA1 | 67a4dad6719c85e473aba0c8901b9d6afe8aad11 |
| SHA256 | 62746f90711572861273a42a6e77c825088d8d1420f8ac0e59608adc984e54cf |
| SHA512 | 160f29b92209cad7e4bcccca9a7a58ca47a5e5bf03423df3da22370b47526d5efe432343e431692dd4d4a7761c0ba32e50f50dcdf2c69da7a8d2324057f3bb8d |
/data/data/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 377fd73bec847780510e2b59a554bff3 |
| SHA1 | 749f5e157dca3be171d3e03458ae36c231c25e6b |
| SHA256 | 5a8090bd1191958118035cef7483e4399839b4e9f5ef199252215dba5610d298 |
| SHA512 | f4e303504e52df65e6bb4c633b33c57808f728fd238dff9703239f65b6ee8b3b6cca3c6cf1d6e4d019a0a41da7056e427418a3a6dacfafababa4df24922353e7 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 955b1f2696dd164fa14c1e4f1e9047e7 |
| SHA1 | 4e12a1f8512e4cb3abafdd20c7f186578c0dfc4a |
| SHA256 | aa4c6ef6610a621b2507fa0d08a5ebe82c699f5cb04e8bd64c0f204a0a3b5873 |
| SHA512 | 90831a9999708a3880d066fd48da40bf714ac5033545af5f7456a8ee6b4bca59e584f6c2dbaccec0c7436ce67f81a9b661a2900be79fa31b52c6432fdf3e3d45 |
/data/data/ir.sibsorkh.gazakodakk/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | 8069d6af3eeb98380f86b5bf2a5dc0aa |
| SHA1 | 4de22bd0cd38759df753eb47857238aa6a7ef821 |
| SHA256 | 64f81ff645987140149f3c53aacf5a567d4579bdc8ec149d94396c8f7798427d |
| SHA512 | e998606451ddc8ce7faa3b5e436dcc43c6f3de9d70189847646a8c8f7c77194874562d434bb12f6832e9522fe8c9783690b3bac9c4bea233c08945169f84cef1 |
/data/data/ir.sibsorkh.gazakodakk/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | 4412ad756be165298c53a16d333fca03 |
| SHA1 | bc0b873c8a001ded23e40aa32d92556992279314 |
| SHA256 | 65d38ff1e4bcaf8d81dc498ead2afc96aaf39d00a0997ef9e43b267d80e86b50 |
| SHA512 | db5a378f975982ee1b129e480c4519b2f41b3eb94b385b31b2530b0a84f79d7e47e6d6d2bbc25c9acc49ebc440b2b0a6aec127b94daa154359944405e5d84ff2 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-23 16:42
Reported
2023-12-23 19:15
Platform
android-x64-arm64-20231215-en
Max time kernel
2551835s
Max time network
152s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.sibsorkh.gazakodakk
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| BE | 108.177.15.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 6e3408c9d05a0b468dd878b3949c6d2d |
| SHA1 | 400ae3fae70e8a5d61ec1d20d32d198bed4f7b4b |
| SHA256 | bda3bc4ad1832f4038c5c21a6c35fcef610f42f81fcf48372f195dd6d6272dce |
| SHA512 | f561e0d85671572a3cd5ba210e1428f10a55f76985a90cba43f74d1024855e1f60c9a16b4a00fd9f827b28104a507d708c99f1a434f0375172b7535e58c937b9 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager
| MD5 | 171aedf968e17a2744d2585715606cb9 |
| SHA1 | bbeddeb3b89fcf809619c35b4a318a80e7d5b029 |
| SHA256 | d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e |
| SHA512 | 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | d318f958deeccd1c9904bdcffeb94274 |
| SHA1 | 0872f0d7280b40c124aad018fa25bb9d7b2c33ba |
| SHA256 | 4f6b8ea29bd7c15766efdcbdebc3456d0aec9096319584115274734213e28687 |
| SHA512 | f842ae5d51c95ad9b267995db9cd89e63ea29b7b5350731f4efefc06845c5dc8b36ecd0c4617b392265e3ff765f760797aba4727a5a592b7a4abb0bb0ca5ed77 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | c7ea19aa506a7742a174fbd40394740f |
| SHA1 | 265cea46f7dc87039c87f44ecc32e78b44c245e7 |
| SHA256 | 562540646126f6597503ad1dafec45a2e2c38f3c8f66a666fe66a8daa988fae8 |
| SHA512 | 09132121347d8a5573ec66bced52098f2793ce8680bc4c2992b8fa5b83422ce0595aa2e1efa3c1d144ace6a71a2291041d1d61c44de97751527b67b03b2996de |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 2b153778d29114d17089f0a5f009d8bc |
| SHA1 | bda4969a02efac4d18797ae36fc806204dfe7ab2 |
| SHA256 | 3e6fc5be3bdd3f9bec884f4cd5d0b01150856b77163ae3bf7e8d1ececbaa92ab |
| SHA512 | 61a7b5236e96f2de9154276457707a3654a4b4238bb77d9574ac31fe247703dd7a2241e4e5533a4895b08ad1bea10364c1c7aba10d576a1e3f77b5a4d175cea7 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | f4d5fef05fd219128ad2346c786988bb |
| SHA1 | 2b26c32262bd56cec99d3926426f4611f49afc9d |
| SHA256 | 3c8c2a114fe1a8807c50ec5839ac2f611328a3b94556a9b9d7f7297fb29638e6 |
| SHA512 | f72ec51a92c4883d984d63066a687e5c28c137fe160401ab85c04d28eee848df85f3808221db813ccc29adab9d69105ccc73582f202fada588e594f4f6c9480f |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | f41f531c07d4141546a531ff9caffdcd |
| SHA1 | 9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5 |
| SHA256 | bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646 |
| SHA512 | e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | eb9bd9ff80ef5758dfb0fc1290b3db9e |
| SHA1 | abfcbec37d8ea96cde106d290f5e9adf54ac15fe |
| SHA256 | 183d0812d47681f8dc9c19cabe7c7b92fe2ba49376987219b5ddbe6b9614d54f |
| SHA512 | 5fa26db4bcda9b88108c1390d48e9d66c7b305dfd80ca414f6bd60d09572a611fcf326272c037c9364be3fd356aa2a9cc2381e275233c49fa139b3c29e96c7a6 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | d2242b82d2f6935aeb02b780abfa8986 |
| SHA1 | 075e8bedcb3452f829599e7acc5feaa425cff656 |
| SHA256 | e2dc77f4aa434cef214a2de25ad951175de12209803ed35a3719f9993cea8fc9 |
| SHA512 | 4dea29c35763c09356e1ceeafb544c53686147f8ef6b89cac32d92af38cb1a9c05624451e65a9e083b9f8df3c77ab3cb4a303b69636dc3d06c7db2374e820d55 |
/data/user/0/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/3b887f96-1db8-4015-a9d3-524007561449.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 629f68e82f5a5959f2e8dafcec63420c |
| SHA1 | 751216cb1dc9399214fcec55bb09e1eb5c229a84 |
| SHA256 | 9f06b0d4df584291829e61a7d6efd96f730a96736d0d4954a3fc359c989b10c0 |
| SHA512 | f7143b0d567c583a40de11a966363f2851677c597303f5fb4b97ff29d1d40171d536d30cf50312e0b9202fc8267a9c9d5f4716846367fe0da5f90c5f88a6d8f2 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | 82db8bdd4362606e3cd4ce2d4142dcc8 |
| SHA1 | cbf687767ffa0d326ce2b33bf6e78795a953c140 |
| SHA256 | b0e8e996974fe9e2033c590469182d9c49885027419f9821ed6c35dfde263df0 |
| SHA512 | 3315cf1e468865f8a220837c8ee18376ff56e308865794a2929a104c9ed88af26860216e945a50f889693a9eebd7f948ac49a52a438b5d72d2e40e48bf91e52e |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | df224c0fff4f980c59cb3f760851c944 |
| SHA1 | d44918eb7afe8b232ea668d1fb510502a677ff66 |
| SHA256 | af1fb0bed34d2d48788259bb723867c41d0c52921a13575a7fa6f99aba185873 |
| SHA512 | d4da9e07b1803dc47573a56976d2b2df540ea851dbf00cedc05e372a6bd3bb85d9cd168371bad3ecce1a15ecc2e8ab35c11377b687beddead46e76d45cfac1e3 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 63165cb0b4bb85aa204d5b143bb6cf39 |
| SHA1 | 70b2a7624016bb70e949c8b4e3646f041d14bd8f |
| SHA256 | 56a12aef9194e62bc397ef5114af98fa4fd2a77048469abbb61248fa4387b6b3 |
| SHA512 | 741f9d124747c6c99e5ceb071f5848596027204ad052e1183f1aa5443cb32323f890e403780a61728cf5894988796dba92f4a5ae66d9caa5b5d156bc07400f44 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 282ea04e955424c8b6746cdbefadc386 |
| SHA1 | ebdfe026fdda6427f7ba50c0ff1f19c1a891e792 |
| SHA256 | 664ce677c1cf595e406f1b5486e00e93dad64c363cfc6a9f0217d7810e41ae9d |
| SHA512 | ff24ab221388ce8a296d9d9d2550132f62a7ebb968163aec2895cbe952e8b1a98fe53b2036b4c4165b981ad23705061948b1b7debb0ec33ec9b94e2f036fa99c |
/data/user/0/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | e93a18882036fd430de55789266c65a7 |
| SHA1 | bb8a54f3c02e5788408b76c3e5d1714d4215807a |
| SHA256 | 13f0417a65a67a271c2b6285d7475338a1f6943e27d91c04b15757c60b9172cf |
| SHA512 | 61ec9f2d12e9657fa5dfce0d6c07e85f602691de192648356ec5c2d8b15790ff4620c16255f358cfc306ecb11856976ccdccbff6ec9a33e61f12427b07ac29ab |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 06fc77776688757ea2dee58ba6e4cef3 |
| SHA1 | 98c978b917754a997144d49d99abe353b0831b64 |
| SHA256 | 7f0eb407d65c33b2e5599cac949719a72b004431acd052c0493cfced9e3416f9 |
| SHA512 | a4cfaa67d941286eaf36a78a76819eb831a677430718da288df26c65ff326cf783a05627a9ff018ad5415c86e104140bca743fdd5d2c8b15f7d685a519aef581 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 583b6e6ed7c7dcd390f605f96b2f38e1 |
| SHA1 | 26e39852520faba72d36beed26bab3cf7c7d45f3 |
| SHA256 | ddc0ff2701aff9a39b16ff4e5c0a4a7f749f555e5c2eb732987371e4967a2dfc |
| SHA512 | b110243b2fe0fb228cb85605f7164238d3ea063948eeb606e134db633bfa914e5da2893fff0b362ba89cd8854a24241969ada7810925982935b639e869271df6 |
/data/user/0/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b9f0750d-ccbb-46b9-bf20-77bfd4ec2312.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | 3870c720ac75abf1c0f4c412a2fd18b0 |
| SHA1 | 4fb97e61df2ba87702d3450d8ec8f4684fc3a532 |
| SHA256 | 1a2347dcdb6895ed00551c65099f32f76f606b4fa4fd4d89ba77e4c7e73ee56c |
| SHA512 | 4ea8b8e9f37b3e888e9fd3073cd8e276366b0c188fa23a99327755494e98204da57d3112caf928916b856cd3717116c2a502fa065d17bcc448770b1ea68094e9 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 8dd42f9c62971830fbc11bea1d1dc7da |
| SHA1 | e79bd5b4554e79a3fad14543520a5f094823ee74 |
| SHA256 | 7f9bb59719f47be819dd55da2cc88b84a0e51c2513a8b0ca5216faa7da39413f |
| SHA512 | c6658077aa00d4841d64c3c82640766c506d96364845563a1b1c83db8aa63b4a8694ad60142e120e73bdb362dcb856228bc32c3b4905aa1f44e264cfb633b91b |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | 5d943c7e9c07d52da1345ab68bc87283 |
| SHA1 | 57f9ac1ee033eff3e2fc4b98e89dae0d9ec58c15 |
| SHA256 | 3e7531ff46bd3ca971d20d6971014447ef42746ed3a28fe8e12f9a8904207758 |
| SHA512 | 47ae86172ea2d26cd4a507c96a2a57b3bc913ea6a16775d0c2fbb7fcfdce684624a51f10cc34bc50d027e39d501027f9027eea85a154a77963b429ad719571cf |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | af954f4aa0fa38395899249a438cdf6e |
| SHA1 | cd067ac6654ee2e8f75d6f15f9c5d1d03ceafdbf |
| SHA256 | aef79580a24f76eb6827bd5fc950ee8622049d13ee97c9ddf55644b65be67253 |
| SHA512 | e40b91362117130b960dfd1e7d8e49d1fd60c4b82f7d5f5624ca0e0d64cc4114d60671c3c6cab647b2358081e09551dc7c9558461ee13e18cfe6d704f58e04e0 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 8c6cfd9d3a9632b14980bf7c83acf382 |
| SHA1 | be9172f54ad7ade2212c087e8800c35c1e8e558c |
| SHA256 | 774421603653a9b146458dee427ce5ab82fea980850a6e9e803ad12344aed4d8 |
| SHA512 | 00ef4e0a4fa840f3f203ccdf2a07a375bf00ca47c3eb561be733173626117a77bae022d11b23fc534e021a4a9e892158154e8f6b712d6b6aeb4aaea8e82c8b86 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 6af9b9f761555bde1c1ce9f2e290675d |
| SHA1 | edc5ed9d092465997b67881bac3aae558dce4e53 |
| SHA256 | 125f3116be6ae239483d33f6501040b1462f866e79a8f4a72c29677a80620a17 |
| SHA512 | 127eb784b5fa51a8d2571e3e3b9ccd84e0a55e424e6ca2d1e87ba85b588e18fb346c28dd4584e73fb447000296e9c26e22eafeb39369410d160caf12ebe4b501 |
/data/user/0/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/91b4f922-3e0f-42d4-a711-4f11001bd2c8.jobs
| MD5 | 8e1fa50831b3ac03a05a67581bdb2dd1 |
| SHA1 | 7315a6bfcab57dc9973bf49bf972fff8f7b560b4 |
| SHA256 | 4ec987200ed383361a79f41bdfcc329f7569611c7ace535f9f0416e14a092293 |
| SHA512 | f5591c94e2d61abc4412ea91ce2157750f545f2e1d47e1a8aecfdf74af12c2ef8cc2b94bffd4f80b7caf701fa6dbbf3657413b0eaba28e799bd8c89a74388495 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | c944cb6e4295181fa639565d66d7ca4a |
| SHA1 | 3e29ad416311adec854b6e46face635d597c75b0 |
| SHA256 | d8fbb9815d4a602c514a8cfd43017a5e20887605b1dc4b919a8e5afd543cfde9 |
| SHA512 | 9292fe1d0f00d7e10c50aea08c33fb6033ae32472934a181c2374079288589767f33641e71e0ca3875eaa465e574b10a2a69de2897ff9678b82f002236b7f120 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | 07e8b6b5708cb29642e77975b2ba670b |
| SHA1 | 3d0d40008713618119cf08e21b89c98cc4d04005 |
| SHA256 | 4ec895039fd236ac0d0a57da06125aa3e8440229f9b761fd12f0fc9af6d64860 |
| SHA512 | 120169b68c32814563b7b5a93b22d242151ff1a1aaa12423261bc4956e6cf946415087d8b3335c016ec86aab931135c662df3b170214815095df19f626d173c4 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 8d0cd16581ff038bbc5e88cff4e8ad97 |
| SHA1 | af55a06a1a75e0c5505b71c89a4959095fca7b51 |
| SHA256 | bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89 |
| SHA512 | d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | dc25b239ff6345db3c56a17e6bbcf111 |
| SHA1 | 124f2bba75d9717f6ea933681ccdc35e3f80b183 |
| SHA256 | c54dfa1e9c5948bcc6d8235a8ab7802a335a73d68906e1f31055c5501b289c43 |
| SHA512 | b34a01f081aec7cda063dca7b75aa4c17363836af2764a7c0c1dcb49965af7efa4c6f0accd22a09b4bfddeda40637188dd52f1e56d81032c68d9579af66446c7 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db
| MD5 | 58c0b6e45328752b20ac6e719ac034f8 |
| SHA1 | 372b2638afd00bbbc4034657b3df3d2e428fb367 |
| SHA256 | 9d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a |
| SHA512 | 2d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | cc5c9dc83d0c894d75985ac7e9d9aede |
| SHA1 | e8c739ab58cf6d8a71e36b6f129bb0baa225c947 |
| SHA256 | fb0a7b861154e60b02ed636915425f7c69170ceeb1b5099c7e573349de8e277d |
| SHA512 | ee2b2c8ff5de728131a0e22775dd1c979275a5a31b21c193e887b5499608d4a8b1d463c15ffc566c755416ef8faf4701715805f7ff7d76fb481bec6ce08f45e3 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | f5ee58b81737a9ea1bffae19c6702901 |
| SHA1 | 3e556e46582e38cedda90c403d1071af5446a5b5 |
| SHA256 | cde5c8e6093114fbb739623489fcf71313a550fd2f14af633ee8ba26ca3c132d |
| SHA512 | c9b45e14ae771c7928e993fee09019f514063b4ba4291380d88965a855498d96cec880465661cd5ea8f5285c0d9a92c0ae9dd0c38eedacebabe3172601874e47 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 0e842eb85eaec5d5da8d398e411b750c |
| SHA1 | 23a7a276048279ea6486a9a07da80c8e2121b83e |
| SHA256 | 0bb02028e8afbbf7cff74aec8ddf7557f3e8ec248542f7b91b789c7a612893a8 |
| SHA512 | 3991843c6d4f46b970a007bf6ad60032e1af7cdb7dd2821ce9f4be815e49df48bb4b6b1085f047a46e8176d9dd1953a979508303cd9e495b5335fdd464972056 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 3db8253eef59c2a0c38f3c2c6d774154 |
| SHA1 | 741d58cc43df8d03c2709d0e7782d6988aea08a9 |
| SHA256 | 661a66e6d870d8be1c829d5f323a16f085dc6a1a3b115c1c19a2f47655714dc8 |
| SHA512 | 2fc6b778a9b17601fc4dca5ee3eb07daacaba3ece99726444d5d91f2457642b9af0b6df5da7a5982b867707979f8d9395a17b165515cc9d93e5b7792ed3eaf3a |
/data/user/0/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 45d46786325a7223ef320ccf26513fa3 |
| SHA1 | bf4c84e91a2c4619953ca0ce5d64b960958a8aa1 |
| SHA256 | 097754a83358a99d5e9b01c6f1c08bf0a7d761dec8ca3f27bd823d7e732d41b5 |
| SHA512 | 01320acf91e732843f361fc91130a337abf1b7ce6671da660626334faa9668bcdada3adb9777a6d5bcaffd3465eab690e5d16fbfec5795378352ee107e38013d |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | 4b363732b0d744505e074947b5b6123c |
| SHA1 | 31ec222a561ecc9593e60f557383742cfe93ee81 |
| SHA256 | c70d240728feda009fc753e15ef483ddef9c1decf3e3ff1e4ddd6acd5d3429d6 |
| SHA512 | 7b89c95e79346d80ba498916a2492ca5f1015f213a730f42c5ced442c4156fd9039b5c558ac1b744badafea77ef11f9d839ed80d3e26b7fa8e178b39ea349890 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 8783b409598ff57d20f7951d9b5409f4 |
| SHA1 | 83fee918cf91d006c80b2582caf2b40c4a00fe94 |
| SHA256 | 06620df30c207a4a43c184bd38a0f9c9862776fcc972df6bc4307addca2091e5 |
| SHA512 | e41dce49d18ea45ed0c34971eb0e556900f1616ff9c57eab41ee82d37d6896f6574f16bbf921844bab32b3f8c5f68fdc64fd97f6969149a32af2f43905217423 |
/data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/user/0/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | eb3d04442fba7ae96c686306bb37172f |
| SHA1 | d6011ce0dd80545081b6bda902972acd5caf34dc |
| SHA256 | 8659343c88094f3482615a14cc111b6e4b35a1a64065cc399abd79db18e298cc |
| SHA512 | b00d4840c101cd9c30649ae4a5ff1fdf3d80d09abafbdc264d4e760bd016143e1e4445ff5445f443c6a0518dfeade04c59072300d9002cb0cddb2f5ebdcd8fae |
/data/user/0/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | 79f0a67b882f8391ec64edf4c55dcb42 |
| SHA1 | f866db6617b89e69696988f32ebdbe442397a326 |
| SHA256 | c3826e8e8cd96e1879f4fdd2e8f2cd006a8fa5ec9af9687aa97fb8f90788ca83 |
| SHA512 | cdf3fe026dea30549ce30ae4840d1465a1c63ec5eb6d10b3e7980a6d3b76b7891a0ebb93c1bac7df0dbbbdd73b6c0b3a881e3c9f0015f69bc75264ced7dfd70a |
/data/user/0/ir.sibsorkh.gazakodakk/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-23 16:42
Reported
2023-12-23 23:12
Platform
android-x86-arm-20231215-en
Max time kernel
2566013s
Max time network
135s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ir.sibsorkh.gazakodakk
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | almabala.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 216.58.212.202:443 | tcp | |
| GB | 216.58.212.202:443 | tcp | |
| GB | 172.217.169.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | admob.mehranarzani.ir | udp |
| BE | 64.233.184.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | tcp | |
| FR | 216.58.201.100:443 | www.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| FR | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | yjlwjquyyzzsv | udp |
| US | 1.1.1.1:53 | oopoadben | udp |
| US | 1.1.1.1:53 | ovvajrhxg | udp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-journal
| MD5 | ff3ceda2f0dc741274bec3aad09da537 |
| SHA1 | f80b355fbed271829c02000444280ea00569848a |
| SHA256 | 1a3f3d495bf0def4399d872769ba49e548b8e302f22a8ac2f35e33872ef6301e |
| SHA512 | 5705ef20cf4f06e7eb818b9d63990c4c517cf83d8fa8019b27e6ee47203f396e5844dc39dcf307fd23e27a39a53e124866418b283681153692bba56b456baf79 |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/ir.sibsorkh.gazakodakk/databases/db_default_job_manager-wal
| MD5 | 2b535ac3a5f953c73f7892cb51ea58e5 |
| SHA1 | d6f1f315c378d5c4edf588f4273233ecdc7cb12b |
| SHA256 | 76fe77c4337faa7173699750a93960e27596e5e8cb90497a6b2d0f71d43ccbff |
| SHA512 | 971e7b9175ab34e50d26a7ce260f95d3229ee9922892812022d44ac16346a65bf9729301a4be615ecfdb4608f0938a930d0e9f1a8fb5d4221653d9e410b1e661 |
/data/data/ir.sibsorkh.gazakodakk/no_backup/com.google.InstanceId.properties
| MD5 | 74f7eed03435ffd3b120ed74233baa16 |
| SHA1 | 54becd0e7ff20f70731c4b95f570c63bd0f1b913 |
| SHA256 | 0f71080b1ee5a04f8d42007fed7e390155c10dbadf62a3207b03b5f6360ca66b |
| SHA512 | b4f5d9578ae03783a73cc49110da040a5961a16d480815c28e5be7dc17b5cdf34dd4339836892701f8eb22710805a593eff53c5bbdac89032bfd1b7b30483cd9 |
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7e215f45-8c66-4dd4-a66d-1b86c88fc582.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/08bf5dee-fa90-41a1-9c68-d042e17eee38.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-journal
| MD5 | 08a3cc4187dd1344b740fcf3f741227a |
| SHA1 | e884e595c795593d5b40019b6f711368da31d681 |
| SHA256 | 9799b7599eabb9ddb76d5ba55fa75c704a1a398f93ac598b9ee1f02797da1219 |
| SHA512 | 0a355cbcc53fe7a776ef4d065622d8c6de57351f0a6df4760074b4b50a3ff7df22104e8482851f84711b4c93f307357f34109409ce56ee821032ec66d1c1da7c |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-wal
| MD5 | d87e5f703ab197bd96db03aaf0a9fedc |
| SHA1 | e3cbfadcf9df79ae55febe977e70b78b3d2d7321 |
| SHA256 | 061694fad78d7857853311d22ce4612c2af8495bd989ad957dacfc82c6cd7e69 |
| SHA512 | fc77023e5b6d0e23473a4bc78d1b20d97543d5be53a9446ff4420f3f435bc332924f08aabbd6f35666f423ba8c7643715373f12489f09abaeb81b197c9473963 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-journal
| MD5 | ec5a4f186572954e120726cfe385b8c2 |
| SHA1 | 2a030c9ee0ebd20124240570353f1bc62e4e333d |
| SHA256 | 4ee407bf9429f37ce7e79ddd7a3f70d591f20b11065333a8ca9563a0fcfd53ac |
| SHA512 | 5cf82d308b82012d43c24b85231e871dac2abd9b9ef5129a92db92ba4a12734e056cd7bd6ea72584bc3aff0703db4a36904121138abef8d27eeca5361354c090 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | 372ce557e932236728de86787516cc3c |
| SHA1 | a9baf61bc077b7cc2e7edfecc6ca0b739dbc069f |
| SHA256 | 15cc499990de846a58b9bd0b947c8c0f43262f941317f25d7f659afa4b68577f |
| SHA512 | f7810756a447581b86dc66ee1d3906343dc718d1693efd802aa57e90020aad620822e5a2ec452462e6b8dfadd43cb6d2183a8ebd74b00b1d2178423904b34258 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-wal
| MD5 | c936f2dc0360121a9b2c31b7351a9552 |
| SHA1 | bf365a91f77cfb5157210c1464f07ecb32253d9a |
| SHA256 | 984f7ee63b0c005fe2b24b3eb14205bb66e15730657136e735021c7e4275a80d |
| SHA512 | d0f924ed8343c7c218eb6559f1fc00acb1e293c0e9a2baada30f831f8ca9ea49fb7eeb815fc205d235e92472def11dff4ccb3b41e39452eb4d4a01a33c47003e |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 19cf63590d08ca8c35c728d06bd5dc09 |
| SHA1 | 6464074e8f286abb866ad248135deb22f623a9bf |
| SHA256 | 2264d4e561801540a60a967833ecbc757dafbfde94d4501bf20cfeb1998867ab |
| SHA512 | 185ba20d370fed9ebb745cd7f100b2a59970e1df766dfc2e807f21008c47704fbcfefe16625695ee2c07a831432b958f06d5fbf8e7f21622fe754b82845bfe77 |
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/99e8e56d-3af2-4dd4-9212-28e073951093.jobs
| MD5 | 36f56df99be3af6f1d114d00614ef3aa |
| SHA1 | ea54693310a0388fcd0bf11c3794b9744e17d1b8 |
| SHA256 | ac85010a3c1df7e3df34717557f5f14e889695478567d9aa8716a832e0351749 |
| SHA512 | d9273fb25fe531b46a8c8b3289a26bf70bde713782d301f4c235aa764ec9e6a001570dffe6a5029d78d46eb1dde30db3d9466c04d7448636462ce8cf03ed8850 |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-journal
| MD5 | ee2c96112444ec1c141d653ff04d1f8c |
| SHA1 | be0985dfc005c58b5cd5ce49104f5d36f02c6a01 |
| SHA256 | 820f2a25d7b23a7c3a34c95b615c5782a654e7a4cde4f34aac1ca22bdca2e6b8 |
| SHA512 | b226f389bb4d24d215b5a8348e4588abcbb6aceed539ba47d1bc947af5badaa8c3bc666c7b111bf1fc9e9f0f3890f40ca03dc1f665666b81f0551afa54708aa9 |
/data/data/ir.sibsorkh.gazakodakk/databases/__pushe_base_lib_db-wal
| MD5 | 618bbc5473ecd79b4189a01be02df8d0 |
| SHA1 | 088191366b8369a19507f487a718313c9cac7a9d |
| SHA256 | 77472c3211df9275fce349c4e4c6e4956b930c5ab7e7010450908df5f5ddc1ed |
| SHA512 | 580c9d77250e5070e122232bb52d607a7559e78c268e8aed42d604fba44cb4c1e5814cf87c304971ddf0f0bf27c29ad38a05a63a9fd96a9b7da748a79daf3272 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | e48e76a0eeb90ceaa9aa28231c58fe70 |
| SHA1 | 09bb5079ebe022e495b2f73d5212a3ccf29ce7b9 |
| SHA256 | b03591b2f3514ccfa3b0233cff92529a224d14c1757b83d15b5e11c9e63b4e8b |
| SHA512 | c8f3467a0589e8911a90fa1dd168e795a3a98bb9c192419dcfd1cdc13ac85ef66530cdcc4f16bd5e8b78af5a60d7093241c29858fd17491148783561b3ffd3c8 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 1eccb39db1d796e642b434a8f3f64862 |
| SHA1 | 2175bae7a807d782ae87db8d0a1c32a3a65c42ec |
| SHA256 | 411f56952967202404fd2721dbd6e3e5a7f6d61c3001692a8f4432f647ef02b1 |
| SHA512 | 901e37038d86cd0d180d92cb4fa9b4abbdf21b53b986aee813ad807634d90726d5162fb685dc8bee2e2264572ff8f7182288419b2eaa8bc389d1bbdb24700ae7 |
/data/data/ir.sibsorkh.gazakodakk/files/info.db
| MD5 | 61b3b6bf7ce36c506752f50124166436 |
| SHA1 | 72867a3fc180185f5a664bf7ca574f40e723b8f3 |
| SHA256 | da124754ab43b99882dfa15688f23395e1f5e8c51814ae0cd42a733c17b89e6c |
| SHA512 | 49954191311eb5b8c56eaad1a5ebce73a9b57a4af30a6b3db55737c78fe2d76108e8ef700f2dfb15d79d8d43162fc06ebf9be60df43058fa806e516b6be8acd3 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | d378b9dd52dd7d4ab3d09c928a7183a9 |
| SHA1 | fc8c996dd6c49d4ec58ddc705eac6f95ddfdf2dc |
| SHA256 | a2635b2677baa597d4f1812a520a4b2942596171ff2627bbe58fa691a11f5992 |
| SHA512 | fad916c99cd16675f5b266e48d4dff138ed79c0dfe11cb9d6a5f616bbf06c9294ee5643b014a8654f3d35bdbd5299bdf8b01f0dc4cd82b432b3ed91625fd153b |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 7bbc64ba3c42ac5c9e7d4a66745071eb |
| SHA1 | d7643dc7e90e6a94646bf11a13eb9f0ffc1b5401 |
| SHA256 | 548a9c87ec5c5ea213ce1b79f07c6d8cb5e4e95cfb1aa81680ce01373f6de56c |
| SHA512 | 3ec09aab01e536cf23a027651864d89be6f1d9ac1bd6a92a5603fd7a3dce9c6520d4dd91f153db0b073cdb6ba16d68f29ba5444695fccbaa1684daf25997eee8 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | 4d6a6418193be40859a25bdfdf35dd4c |
| SHA1 | 01376a889cee57ac26064ccc08ecd4bb775a7702 |
| SHA256 | d2295bdf38d16b4011b5081fead9937f68565a18f6c86f6d17c94832dc3ab682 |
| SHA512 | 3877d04f1f8daa5d85116b7cb127e7856beed379cdddf189590325641039675b861e38adc241bc4bb905c2b07252298537e670fb32fd119430d1c49e798fa594 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 067e33eb374d8918268c078f5f4708d8 |
| SHA1 | ccd0709f63ac166bfb1c6b47cd0068e600277116 |
| SHA256 | 67fa2c3354fb7884369ad6a573111525160c0f32676dfeb8d7f30b93055d4e1b |
| SHA512 | d610eed8c9c117816855406304fe9ab79f1e9e195e300500073bf2132e1c5b6a75e60a9142145bf293cd69635f4b5474f1cf90066261974143b1c0cee80a7d6c |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | 1bd6383cb2f791a63b9e387bb3a48c95 |
| SHA1 | 170c9989f432f26259e6f21288b4191511b64458 |
| SHA256 | b61fac0243a6df3ef4163f7a32ecbd072bf497cd913a761c851ad9e7e6705a40 |
| SHA512 | d151a9e4d40e5fbd5f65aeafd6cda7b95a27bca020c6e58890a2c9c2516f4f8cbf7b8e818089f11ee875291f410e210b5b058948961fd24338448c0728118145 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 62f3b0e89343e7bb1134320763fa4068 |
| SHA1 | 7f76edb8c5c6d45f62a085013a43aa14d2e1d225 |
| SHA256 | 2ecba1af70896b428680828507b78929a4f50df603279b1fde366b9535718e23 |
| SHA512 | afbbf2ec31e1f4483934acc68fc30c7afc717160851b34e7b169d7527bff3ac8b2ff064903a0b6fe7b956cb5b23d1b48d46c49e084ee1e5af16bb10207338800 |
/data/data/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-journal
| MD5 | 19361aa3442ad47371375e1640360bc8 |
| SHA1 | 949f61426f53bfc4fea71befa30a5d9b88906a1b |
| SHA256 | fb204f441c78e14e4839a524f8db52edb28bb9ce4a9402da9c446cdf4461959b |
| SHA512 | 582150cb02b8d782f378ccc992a6e2da31996d3e0adbf6eedd1050ae089937971f47426ffa1327ab6c91b10fab8239c0a33545c40256cf16a2a4a4b3272394ef |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db-wal
| MD5 | 140b9d4f687b9734967375d2fa148790 |
| SHA1 | 25de6d36354c10f54c0572f3ecb34a1246f98ee9 |
| SHA256 | 9f1664572f2147ad4c2b3f5c14a933ad338346ca534141a2fa07a3845f3fa56b |
| SHA512 | 55ed57a85d112d65f6bcce46fbce68e88f374d79a59fa19ae97918c2cc30bd26f495b78e6efdf0e3cd5ab8d620f33d6aca2ebf603519fd7f9cca868f1501d183 |
/data/data/ir.sibsorkh.gazakodakk/databases/google_app_measurement_local.db
| MD5 | 720589f0f2f8201900329edafc42a113 |
| SHA1 | 3dfa3a3e1bc6f006b0488abc3a0143af6abc1c27 |
| SHA256 | 543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59 |
| SHA512 | bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea |
/data/data/ir.sibsorkh.gazakodakk/databases/evernote_jobs.db-wal
| MD5 | 9536dd0efa36ee05184eaf0a888f8ff2 |
| SHA1 | 0711cead772479f9eb9ccbea4b3e1804895972d5 |
| SHA256 | 0ddf3144a1cab541b49ab926376bcac683414a08249402da2c5716200e337bd3 |
| SHA512 | 0606d951e75b3cad5ca6da37e3b06a1822424aa8397b08e1374d9f5c353d3fdee063fb494a902a61a9326e099c0665fe5ab83e7281b819483a1ceca017a89456 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-wal
| MD5 | 990cc502c304cfedcd47b6a8db7ff479 |
| SHA1 | 6a4c379dadda35246fa1ebe08845822a1dd50185 |
| SHA256 | 2eb1a066fba761d6b68611db55aab63f891fed14544dafa07775bcb39c916398 |
| SHA512 | 36929eb660db9f66158b10cff8fe34170c9388bdeb2988bae5763321a779f6d57a1de3e56650141e264edca98fa5933aa85ada51259f9eae20e3902b03edebb8 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 69370c01bfd0e55481ac3213927c35ef |
| SHA1 | e65405f3812cdc13c38e04271c7be7bdf7013048 |
| SHA256 | 3edaf87cadcf6ac47dbf10a999d0a5b9962e07631776cdd08eb685bf30934f01 |
| SHA512 | 5f96b138cf85089a8fd6c77d08f712e5b252db96ec260cde624e9526cce34d16a972e6c0cc760001760f7637aba7df46c3029ba76e2cb40ae9b4712f2ba0ffa9 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb-wal
| MD5 | b86fad7410aee8828de82c33a6bba85b |
| SHA1 | 95bb5faad49bc9754db4260206ca6fcced9a5cbf |
| SHA256 | 70e1eeebecccd31cd1455497ebe9f42492c4987d7be1acb34dc7745777e7aa84 |
| SHA512 | 9adefb9e460ae6b7fecc97e24dd2c918e918b434c64cd7a9f522c97ee1cd200b899ece32e03929be2da5959dcd47f123e477a3984518909d2c36ba4ec9f6ce58 |
/data/data/ir.sibsorkh.gazakodakk/databases/cheshdb
| MD5 | 87bd9d3cb4105fba015a75fdf9de298c |
| SHA1 | 5b29d0dcec4035baf1eb35caa719760346300ac0 |
| SHA256 | b5677bbd5d78dac80837f71c3c6d7e177ed60a5b3b8ad2e7e0f85f5fcb3e0e30 |
| SHA512 | 9d07cb3cbc5a063371dee1a71e3e3e28e77bbfa56deee4344e4dc0f9fba07a612122514e2a60ac093c40521dc0547090c0608e14e8eeab65e54b048332f5ef29 |
/data/data/ir.sibsorkh.gazakodakk/files/info.db-journal
| MD5 | f8bb728cded70465ca86633a3eed4b11 |
| SHA1 | 84237debc1b23384e268eeca07ece5149476a85a |
| SHA256 | 2d66a80812f3b48c1237ecef4b1cf5d2c2b31bb3de71cf71ba99159007474ddd |
| SHA512 | 28e44671a78ad6dfebc38830401f55e325a51ba1285a61e7455d6f84d78718c52e43df8235e2c7ca493fb91c7bb26a22e3431334c2e44179ecb7ccc97c2312e5 |
/data/data/ir.sibsorkh.gazakodakk/files/info.db
| MD5 | d8e64b140c3b26d4add360e91237da3a |
| SHA1 | 7718629d6b481be31feec795afe3f81ca9104a6c |
| SHA256 | 0170fa325e4cd2b762d095f4b72b8ba922b93034d10bc3619ba456b1cc7384b7 |
| SHA512 | aa78c3f99af92abb84839c33d00b56b61e61d54115837b7312f9d509ca03557db805e1cdc800080ce897e1483997cea2e01d3caaff403bb6aaebc6282cb52341 |
/data/data/ir.sibsorkh.gazakodakk/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/data/ir.sibsorkh.gazakodakk/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |