Malware Analysis Report

2025-01-19 06:35

Sample ID 231223-v1f6qsdch9
Target 57d3835edd2521775e6667480286d90dce01b780e740a6b8bb0823a9abacae62
SHA256 57d3835edd2521775e6667480286d90dce01b780e740a6b8bb0823a9abacae62
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

57d3835edd2521775e6667480286d90dce01b780e740a6b8bb0823a9abacae62

Threat Level: Known bad

The file 57d3835edd2521775e6667480286d90dce01b780e740a6b8bb0823a9abacae62 was found to be: Known bad.

Malicious Activity Summary

irata

Irata family

Irata payload

Requests dangerous framework permissions

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 17:27

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 17:27

Reported

2023-12-24 01:50

Platform

android-x86-arm-20231215-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 17:27

Reported

2023-12-23 21:41

Platform

android-x64-20231215-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2023-12-23 17:27

Reported

2023-12-23 21:41

Platform

android-x64-arm64-20231215-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.213.14:443 tcp
GB 216.58.213.14:443 tcp
GB 216.58.213.14:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 udp
GB 142.250.187.238:443 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2023-12-23 17:27

Reported

2023-12-24 01:50

Platform

android-x86-arm-20231215-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 17:27

Reported

2023-12-24 01:52

Platform

android-x86-arm-20231215-en

Max time kernel

2575706s

Max time network

163s

Command Line

com.jovetech.CloudSee.temp

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.jovetech.CloudSee.temp

com.spiny.ma.widerouter

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 hx.beilamusi.com udp
US 1.1.1.1:53 t.hypers.com.cn udp
US 1.1.1.1:53 int.dpool.sina.com.cn udp
CN 82.157.37.63:443 t.hypers.com.cn tcp
US 1.1.1.1:53 www.jovetech.com udp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 octopus.jovcloud.com udp
US 1.1.1.1:53 octopus.jovcloud.com udp
US 1.1.1.1:53 xwmediasvr.cloudsee.com udp
US 1.1.1.1:53 octopus.cloudseeplus.com udp
US 47.254.93.223:35553 octopus.cloudseeplus.com tcp
US 1.1.1.1:53 octopus.cloudseeplus.com udp
US 1.1.1.1:53 octopus.cloudseetech.com udp
US 1.1.1.1:53 octopus.cloudseetech.com udp
US 47.89.228.202:35553 47.89.228.202 tcp
DE 139.162.158.81:35553 139.162.158.81 tcp
CN 139.9.64.89:35553 tcp
CN 117.78.28.232:35553 tcp
US 1.1.1.1:53 www.afdvr.com udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 adv.jpigjqg.com udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 114.115.164.163:35553 tcp
CN 117.78.32.201:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
CN 49.233.14.127:443 t.hypers.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 adv.99yesrs.com udp
CN 82.157.37.63:443 t.hypers.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 139.9.64.89:35553 tcp
CN 117.78.28.232:35553 tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 adv.myseld.com udp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 114.115.164.163:35553 tcp
CN 117.78.32.201:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 49.233.14.127:443 t.hypers.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 int.dpool.sina.com.cn udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
US 1.1.1.1:53 adv.malinian.com udp
US 1.1.1.1:53 int.dpool.sina.com.cn udp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 1.1.1.1:53 t.hypers.com.cn udp
CN 49.233.14.127:443 t.hypers.com.cn tcp
CN 139.9.64.89:35553 tcp
CN 117.78.28.232:35553 tcp
US 107.148.144.26:80 www.jovetech.com tcp
US 1.1.1.1:53 adv.quanburen.com udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 114.115.164.163:35553 tcp
CN 117.78.32.201:35553 tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
CN 82.157.37.63:443 t.hypers.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 49.233.14.127:443 t.hypers.com.cn tcp
CN 139.9.64.89:35553 tcp
CN 117.78.28.232:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 114.115.164.163:35553 tcp
CN 117.78.32.201:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
CN 82.157.37.63:443 t.hypers.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
US 1.1.1.1:53 int.dpool.sina.com.cn udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
US 1.1.1.1:53 octopus.jovcloud.com udp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
CN 139.9.64.89:35553 tcp
CN 117.78.28.232:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
CN 114.115.164.163:35553 tcp
CN 117.78.32.201:35553 tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
N/A 10.79.217.129:80 int.dpool.sina.com.cn tcp
US 107.148.144.26:80 www.jovetech.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp

Files

/data/data/com.jovetech.CloudSee.temp/files/login_guide_video.mp4

MD5 6e79d076031bae1e45ea3d6783f415a2
SHA1 c5a881a56087024c7f9cbb0cb714e615e0be79e7
SHA256 176d1f3572c2ca9696f228c991ade1bed1ecc74e66043624027e7582451c3588
SHA512 f36db83c277b351201090aa75e28726cb9cf6b817a16bd6e6fdd1d652edb9171e1a7d47052209b805dd402fc8f2bc49fd837b35fd6b9e366ecd22e3aa6eac127

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 2b2361606753df86e9f576b60cb0778d
SHA1 b2eab056104714d13320fba2b4fbb3300e245cc8
SHA256 e263c570734dbcbc36965104fb08c42a6bcc10a9b7113bcbdca8ebfcfbdbcc57
SHA512 4f73fd346608b9dc8d628341f8892823c706ef963a243365c6ab0b554d303a85987f65fb9560d4bd15cd53e5544f76160a1c2fcb3e6481390ff0d6632786ef40

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 dbb79f57b242a12de6cb0b0dcae9fd81
SHA1 1a9d132c39dea1307374f96a31662e3921ae5313
SHA256 ed3b78d903a05f2649456de3096cd1b90512edda4f5f26b92532e1c168ab34c1
SHA512 9124ec62a253065670601417a04d1f0f5d76c2b732cd2e1d613decfd34fc33010741b596cf43904614908c9d18fc16e8969d4176994e1dd490c18ea60ee321a6

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 4c88ed00b57de8faa941369fb9913442
SHA1 fa2e356bf509e502bacdae75a3fe686d112d8e1c
SHA256 074cb22ee41128f89f59cac052c53c5f8256a6cd28d38a6e6bea8df3c0accb07
SHA512 2970d6c100ca241187ffe210414dbe858cda1eb314eed5f8985ce01fee5a50d80a3893aeebe5cdac1130c2f884ef6257e0892159324b6b69254d1b44884cfcbc

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 be978faa955e3349e9e1d2c73e3dd57a
SHA1 e3c89d895c5b41d80eddfee14850b5c8eb7b6487
SHA256 e3a00c3e8d55ac413de0be8158885afeb4d767359d4c3be722651aa6a2e7f19c
SHA512 762116e5c6dfac34eecec75c8eb08b4c6e59632e0311ac7cfa4b9403bf04f8ffd6bd3e274156d6959613b7d2b2139c232cdac73a02072aa17899f8538bbbc060

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 bfbbf62b171c2d1e49dec78e76f8d21d
SHA1 daf7374d73198aef9df148955e96a068ec43e282
SHA256 58e9e991528d5fe014c6101585c35716d36a5ecfe982dc25d5366771bf3b8ae1
SHA512 bdd698d25b407d8deb259d22baaf3f65afa74a594802201aae0ffda959a182a904442cb7e0275b7b76190fae0c63316d1039e0d738953fbb107123304c670df5

/storage/emulated/0/CloudSEE/log_cloud/2023-12-24.txt

MD5 5feedd7bb2af16eb3faf6ce28e07303d
SHA1 2a57e2e03b9b0b37e9388b6440733ce698e10f20
SHA256 44b5feca73d5a23e158e9c6336141156aeb60d413eec3234dd7a91d9a49c3654
SHA512 1182fb246e97b8be21cede9fe14578ffe171cbd0ecd064197232680496545242e73534bc4d8ce11d91e69b5a866050547a60385f840e6bc19cca3bd689c2fc27

/storage/emulated/0/CloudSEE/log_cloud/dl.log

MD5 08f74d466f906f05b82fbd6f6db58809
SHA1 5091ebb8e4b5e744774bfb89fde6466bf4981270
SHA256 6806ae1874bc5bbd4be3695d0cccc386e5f96d0035666e7243710da5ba8e11cf
SHA512 7c3096280b67ed5506a226bf0e256767104bc1b8d64e69a0c6307a090cf37451841a71402f69e4083818b9c646697f880633364c3658b3bf49a22902af5f753f

/data/data/com.jovetech.CloudSee.temp/databases/tencent_analysis.db_com.jovetech.CloudSee.temp-journal

MD5 59e8065b2d49ce01f8679d84643acf6c
SHA1 0ccdf3c5b22a684532f569195a5abf57264fd75f
SHA256 bb600a19c470b60ecad716f91e99b425ed0a6f8f1d7bba8cd6a2230d2efeef54
SHA512 77daa0fa8759ad6fca0d59d45eb0bf376af2a66230126777d5d03521605f212a460bfa623e83458b3072070ced4e5ff9ba4b7c228d471bd048e6d8404c32f8f8

/data/data/com.jovetech.CloudSee.temp/databases/tencent_analysis.db_com.jovetech.CloudSee.temp

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.jovetech.CloudSee.temp/databases/tencent_analysis.db_com.jovetech.CloudSee.temp-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/storage/emulated/0/CloudSEE/log_cloud/yst_connect_log_20231224.txt

MD5 7cd23f32c42521b0e7c43f562a221ab0
SHA1 e306f1dff7d114a56d9191988bf69b76bbddc3aa
SHA256 61d1f251c5e2b2c4a8c0e53d58f77babda7dd07e20ad0a665a3eb64244ad4111
SHA512 98d2c8747f3cfbc2fb90e765465dc0efeedccbf8bc95f66c0563e2fea415564828caf6880c6cf44b1f0232fb2d82057ad0d9fde40632e3540905937f8578ad8b

/data/data/com.jovetech.CloudSee.temp/databases/tencent_analysis.db_com.jovetech.CloudSee.temp-wal

MD5 8c37b19e225e3a889e25e8c28e5ce487
SHA1 2a6899f933994710165b1953a413c1c2e5405c47
SHA256 5f4230d6b60adc71851387a5e11d780e6ee6bf186b1f6eddbc0a5af060b44305
SHA512 0cddcf591247fd0816633b5f8eadd3d99193ea327b5c6e7554bf2dee9e3949cf358f94996c63ec00f92ec04ecd933baa42445fe7b693d6622096b0601e93d71d

/storage/emulated/0/CloudSEE/log_cloud/css_cache

MD5 a604fd353568538d9348b305864d241a
SHA1 7663f762fa1e8a89d39f5bd245dd9cd0bcc05551
SHA256 135856803564cfe79e7bb1e88e4ff892cd20a1ad010411b237287298598f45c8
SHA512 b52ba1e8bf4a476d248fca3696ce43464d73d204c2919bb512cae78f240ce84fbf3519562c079414b929e87fc31c204b8ed9ec00428facea5b8ac7dd350d73cf

/storage/emulated/0/CloudSEE/log_cloud/S_index.dat

MD5 96ec69eef4fe04cda7eb0dbbcfabcb8c
SHA1 60e1e6ab3d3c017159f2550966389d5de33bca1b
SHA256 83cde305e37ad1deb17d86f23a39bd2434d6719e30b307adebe5a189a78ff6fb
SHA512 a8bc5a95767b3cadba530f1a5c6201519a6df25a969f86bfca1a46a86641f8bce1d2983f51322314bae5aa841d1db774adf1093a5a3464e0d64eb94b1269ac7b

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics-journal

MD5 f89f7512766f3b8176920f5df4d0f82d
SHA1 308dd7b63f44607d75fbf2dd54110d0954fe4c09
SHA256 0bbbcc937118c8c1de495e37d95a5023afb5a19e4c4d16537ea05161a72905a2
SHA512 8470bb0f331270b5c2d871e2ad335b13ccc3a097ab5533a6f87af95310e212d755fab226b7514c960c1dfa1bffbf0df85e5fc4b0b825b4d9191bbb38144d2184

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics

MD5 a712158e11ca1da301d1cf0574f2e919
SHA1 f3ffe2e51b28cd749fc2ca3971da47fb2da738a9
SHA256 6963583f9bf44f923c0cf4f76fa88f4629b16060fff693902048dcf4e71e0f63
SHA512 d486300a076dc93694a5ba457e7149d017075f47ef590ae7acd7bcc41fd3d77d5b292f442dab7022dd709ccac67b5a658108a656bc15fdc43afc78d7956757f0

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics-wal

MD5 52d2b167d60dcdba643c35ec3c7d5c92
SHA1 39b9a94471f31ff9ab63a18c62b529da557b59e7
SHA256 ba27cafb8d3fed94713b26e38c0a43e3d10476a9aea35543b5f2f9bfbb6d44bf
SHA512 9485c708fd98ae98fd2c99c8221c6e3303b35a9056841bfdee3a688ce8811b52b1adaea73c010e350ef9a11e153d6ef9f8469d8fff8440fb981b19f1aa3ecf3e

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics-wal

MD5 868bd479bd97af49b9af0cdfd6e4c9f0
SHA1 eb53d33cd65a5aafeb750fd417ca5187b09df015
SHA256 e1743755111e277cd17c2b5c9a22f894073f03523da016cede69fd156fb286b3
SHA512 2a7db37ae33a8c1707a1314e6533e188e9236a45ce927a346b09af2186ed16f428c1ad87024505546bdff3af7381d1e73dd3f9738f3f506fac8fd899518dae58

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics

MD5 c2d56216c6e873fd8799238508fb569c
SHA1 df61173504319b4f8cf5ae065d4f2a198cc4fb73
SHA256 f8dec91ab48bd776fd3555fbe6752ba3c20f34ff23bfa75d8648d09bb8106aa0
SHA512 aa6c849b9fe09cf3a2466e0aa3d95a2c0e906a599b66650e2d891858b4aa25b355e765d1e4b3c013b542c8fa7f436cacc01ecdaca50195659f3c7365b22d4958

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics-wal

MD5 daa2885a3e9374e26fc8bfc486b7d4e9
SHA1 a054775e9ba56d8608fbe1e53e3fd00bf0a23af6
SHA256 4cb0e542e537fae593b1319d1ddf8e0ba6a12d9ff8627d9be2b2b3c0d78f2bcb
SHA512 3b1e7f98218f68ea15e512d97988906a5dd88e604b6dd605d71e1fa6a82136fb2eace80662e5680141dda7105891afb25be949edebfc75ea143a1221d0619f63

/data/data/com.jovetech.CloudSee.temp/databases/hmt_analytics

MD5 ae50935fc98b4522e0905c952fec25e7
SHA1 e6f38cc70fbc3998cdcb3d0687c5ded00e52c57f
SHA256 c2a0ce180b7dbbe6fa4c7c01637e32a6edb5a0df708e1d065085caf5407242ff
SHA512 5a7c2fda762c13ea0651f2be0f4592805b83bb5eac191800a817ed70de76d74fe000fc422b500e4e47f5bea39e70db0ec8892563c1ac3e4b35f2bc64f5b1277b

/storage/emulated/0/CloudSEE/log_cloud/A_yst.dat

MD5 58996da52a3106fe46cebf61cb152797
SHA1 c0eb77d10d1f0c1aec63ea08b73167432f3e0ea2
SHA256 64977d784240767467ee28f786dfe2f394d6c378fd1932b35d611f783158a2f3
SHA512 4819807c079572ea09c7ee033c251dba9d9b3a34800e527fec06e430383c0f8a27c3deb15c7c81dc621cd153ede3d1ccaa479268dcf2babf718735073e27d5ed

/storage/emulated/0/CloudSEE/log_cloud/B_yst.dat

MD5 7876ce543589c62bd90bebd0d104bf5a
SHA1 144b76a135a9007a5324ebb18fc548fcd0856421
SHA256 71d309dfbea863b2c437fe50f629345b9d89dcf11a99de344b4f8130d1ffde9b
SHA512 15156e41b1949d9a7e9eb953fd5a319afc174e17a326ec8b6a635f2a1aee3ff0b1700cb5351951d45ee6e0670dbe53f9a34fdbdaa060b94bd27135303d78694c

/storage/emulated/0/CloudSEE/log_cloud/SC_yst.dat

MD5 20588f879cc5f17588df8c106708da34
SHA1 a188ec04ae07eb0ed3d6cdea50a673e50664a8ad
SHA256 14d9c46fc34d4ab6c0b3b57b08adf60cbcf15ca35bb01ab571c16fbe639eec08
SHA512 102291f3ecd25147e20a811c63013c3e601ab27e3614425448cd31d3564d0e546ce5a5b3d74e1c130fc0e60db8eb517b04a02ac66bb1bf149763b36ab84d742c

/storage/emulated/0/CloudSEE/log_cloud/SE_yst.dat

MD5 f5239c24208eb36dd2d30af6ac022d69
SHA1 192004869f24f7ee355deb438e79cf1442d18a49
SHA256 d3e51dda33cc37f2bb74f1f9691fe0b6b57c0b89f3358a18b28541ebda1615fd
SHA512 692a5233edba0b8bc32da42a2d82a7b8eb068f0a9f868a1a383398cba061d2e2f4851e9d7fb55bab34a1edc0151f7e2562393e2db4f1894e9ef84d3e655f4aab

/storage/emulated/0/CloudSEE/log_cloud/SF_yst.dat

MD5 0a35863809bfae49abb07d15dd6b466b
SHA1 04c5a45f1e1b1f6680d5db26cd9d2fef4f492b19
SHA256 dd975d4cf566de7341621df4f7d7c0b9a5a775b24f473fbe353c3b27ac0af7f2
SHA512 582399a34ed63a9ec340302ee75ec7a39f4b59068e5fd9b84fbd02c2dac347791e9361b6747ed577948888062c8a91d2e7663cac34e8cebb76f357606c3a0aa5

/storage/emulated/0/CloudSEE/log_cloud/SH_yst.dat

MD5 293fa91401018f225fa7bb8a3807b563
SHA1 f37247c6899a223dbebceb3dcfc65c27175fe445
SHA256 ca599d5e7f91c5671157f1ab450ca5d84ea1d8df443aa73f78c71bbb90a08e88
SHA512 d115603754c3c063914871d65a86c4a3e4d6747a57ad03f2654e06e16ee0f7f2d1a00c8e6288835b92a2781371c49b517a27806e7886822f80f6f10d90a71f1d

/storage/emulated/0/CloudSEE/log_cloud/SK_yst.dat

MD5 889d641eadc36d7e148a388987a911bc
SHA1 0caf2bcc74512bce22ab1f3292cdf89c5e07b0f5
SHA256 e0007c558c248bda897147792f749e39be974d76f29e44068673991c0d75dae8
SHA512 b7c4026b4cd5a716d8292afa4942811d827c7bf6e790a67e6f2917a8226af3e164f6c0ccaa940ee46b4341e6ae9f0148251565f85c17ce3bf5b0f6c5ebbc0466