Malware Analysis Report

2025-01-19 06:34

Sample ID 231223-wsjgkaccbp
Target 6240eb972c593af5f5baa0fcaf20e09cf798abc2e226b148ff5d56b8632db31c
SHA256 6240eb972c593af5f5baa0fcaf20e09cf798abc2e226b148ff5d56b8632db31c
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

6240eb972c593af5f5baa0fcaf20e09cf798abc2e226b148ff5d56b8632db31c

Threat Level: Known bad

The file 6240eb972c593af5f5baa0fcaf20e09cf798abc2e226b148ff5d56b8632db31c was found to be: Known bad.

Malicious Activity Summary

irata

Irata family

Irata payload

Requests cell location

Requests cell location

Loads dropped Dex/Jar

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 18:11

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 18:10

Reported

2023-12-24 15:31

Platform

android-x86-arm-20231215-en

Max time kernel

2624741s

Max time network

130s

Command Line

ir.miri.deser

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.miri.deser/cache/1582435991586.jar N/A N/A
N/A /data/user/0/ir.miri.deser/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.miri.deser

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/ir.miri.deser/cache/1582435991586.jar --output-vdex-fd=87 --oat-fd=88 --oat-location=/data/user/0/ir.miri.deser/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.16.234:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.213.14:443 android.apis.google.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 almabala.com udp
GB 216.58.213.14:443 android.apis.google.com tcp
GB 216.58.213.14:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 173.194.76.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.212.228:443 www.google.com tcp
US 1.1.1.1:53 hwspdir udp
US 1.1.1.1:53 lkyuhfqloebdpif udp
US 1.1.1.1:53 uxxtpwywaadqo udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 3050142b84e6a85574629c7aca1d0f17
SHA1 33d49592617b65432300202149b888d40fcf3085
SHA256 867498fec700d093f634a7c2a456e9532182780b581f5584c398628ec567e02e
SHA512 0e2f2560f1414d5a269846a35bfdcf8d3418c721124315a7734fd25180f17da23de8bb0da530e7c3978343a0471b81721b740f3611a2f9b4af006083e3a11b77

/data/data/ir.miri.deser/databases/db_default_job_manager

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/ir.miri.deser/databases/db_default_job_manager-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/ir.miri.deser/databases/db_default_job_manager-wal

MD5 cd909825e7a18554c54b66144e544a6f
SHA1 29eb2bffb8255a4f543ac74821638ba28fe166ca
SHA256 55affa19450dc80f74dcc843a0534b0554e5cfbff07fba4a1821bd6b708ee7be
SHA512 60143e31f56db4bb76c8031f13ed8a62a14ca0fa96f5667a4d24d9429751e56cc68e3a37726f7fe0b617da2b1fa4e8703975a4190472b5af819108c89b8f2e91

/data/data/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f2264ec8-29ac-4415-9334-f50da939b5ad.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e63d8674-6a93-4a56-8186-e3c8f508b30d.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 1525fb59602eb8ad3a06c28a0bc3af16
SHA1 fcfa80a5ed5ec5406107c1788e9948cf8bf8c617
SHA256 99e61559fdca35d2ebebd52aeb61443632713e5bfcfc1a40f1315d917f6f71c3
SHA512 d2bba3e30cce202ecc6f798ea1b596b396ba8b5b98d4ba6e1bce38c604b4798aeb212926abc0413acbd47cccea7a951b1d7693a7b4e64f64538427c57217fbc5

/data/data/ir.miri.deser/databases/cheshdb-wal

MD5 6014e3198f884285d9d66c832daa6223
SHA1 3cd804096e5d486956d68462177fc047fdb2f6e0
SHA256 78f5de7effdf41fefa9931e88df790c2e0381c6b3296fc731f3032532c156e1d
SHA512 30b0da2bdb92b9a122b1fbb9a63c38d4e09b1c4344dc59349192a8583cfe166dea98d123dfe1aec5ae3312b7bb485321bb76ed6bb0bb86c3bd3b3869d33f8556

/data/data/ir.miri.deser/no_backup/com.google.InstanceId.properties

MD5 2af08cd3427366fef0a01db6968f62db
SHA1 d826816e3a26e9c83cbd74f3b9450014969c9a4a
SHA256 dbfbb1012427e028a1e549fe7d7d03d807a3eabb19c4c3686e5bbf3782677e94
SHA512 509349bfd09f61cebb977121ee7be526072728e2b1ef9c8f0a0bf15650ad4596cec691f94fe482844d2ddd9b13bd3f4780b2ddc966647d2a81954e1f78e8c9cc

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-journal

MD5 e54fb41d9ae991a8824c70b3cf35bbd9
SHA1 bcdfd90a38ad5805dcc1fcdad148c266efbfc90d
SHA256 5e73381bb9b075acd2325da3b511aa6a05901897b0b61ede8b764b80c5075166
SHA512 653d3300d6c94e1cf3cbbcce4f8a7f3b0b0f8e70208afd09748e668262e52951e820287b836e965eb3d29132698e61bca2a302a63b4ab5b7525e78c19bab1a2a

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-wal

MD5 2ec433569467123a7b536c6aaa764967
SHA1 dbd901ac28a6e2cb02c898efd90eb2f1d076af92
SHA256 72ac2ed19a9c771b5beab786278997255a988d808c44d101939abd2dee9e8104
SHA512 8977a29c4e7fe2d9a8b7b97d75a40255ac45d5080cb60eab2b752419f4d4ac900cb21e2c9ec4f1f582925fad4d697c7a6805e45ba659b498939bb93e23479f9c

/data/data/ir.miri.deser/databases/cheshdb

MD5 806a860f7d04fc9585e786a47fcdda79
SHA1 2ae25ffd2f0d3c87fb643af690e21d30ff15aced
SHA256 209f2514ee91363ba0ee84f9591eff0150388c3faef8d33d1e2e08772bd7ef37
SHA512 10ad8fc55aebbf27f09a930d2a80d2066e518d72e09f7eaaea1570c51159d55c647159fce1085e474ab2f0822ede2b5cfbbb9375323dff5f706864e9305e99f7

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-wal

MD5 1427e34af463071fb17eddcb00112557
SHA1 17d88914498c9bedefc44562b967ab2b50f92194
SHA256 237c4edde7f1f7733594f63db318bac8e132f2c4132bb32265243e7b5f963020
SHA512 3b7633a069beffeabe453c05277fd09406fcc6579ef8ad5821cc8e655680f8525a5c8c9c73988903d1728fccb4badc95ba473e005ed6f815adf92ef51d6cbfad

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 1662b773014b2c1fa7d68fcbe5dbf1a8
SHA1 f761838542e5ca60a93eb0843bfc73bc144dcc87
SHA256 cc5b70e52032bcc6a40a18528b6eed7d2482e5e48dadf61a68de6c5715aaa48b
SHA512 f8e844984396fb691347c9fc639bd7decee8a54cc0f3fed253dc0e33309c457b25165b153bc4802930ea2feac21e8ee5f50b5f424043913a5766d843ee7edb58

/data/data/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/0117e9ca-cd94-4f58-b86b-422b28c72a59.jobs

MD5 3bf21fc66d196ac04ddd472b505d1b0c
SHA1 de08dd8407b0eec82e7d6d41aa1886087ce48df4
SHA256 104d26116a9b891bbd95e0391c74e36b96b4c240dbb1eb9e73cf1d1657a62f16
SHA512 4602d7fe3ef8aa8774f6c702990ee731e13939cfd5f557ecc24357e1b3131cbdf130f76fe12a12d7afc6f4363bd86bb32543c2159bb33baf3c0a1450df60dcbf

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 cbc512352f74264efc0776e0d1d4b556
SHA1 7d1efac8ecde0d0ec7302f7eda32e5f909b0039d
SHA256 7d6a53a35b047fb0086169cd218e455f66cc63993d5cfd8177adec25846e7c98
SHA512 3b47181aee9831a7942d33bfd8d6cef04ba60577d997cf64248dd409a57e71da6e42f2543a8ce8cc33248f0361ebcd188b3130929220b03e6448f20361c3a0ef

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-wal

MD5 b3b93c9bbfd44532f1ee023198f02c80
SHA1 ccf54e6e4e15cd32122586cef26341e79d11f598
SHA256 2286b3576b2ab1324ee2b213983ae21c0d40ef3a4ce7b1181f8f2cb0a8f9dc76
SHA512 11c19d4d77b91d9255ffa980d7de983e52695ae703f83b9f55aa54617f69aa2a3a9c6c7623f746949a2155151d813ed36f9ab0e2956dab555df855d3f40ece37

/data/data/ir.miri.deser/files/info.db

MD5 ab458c88bd657e78457ac69e2717bfcf
SHA1 f286911ab67de7911394926da7ca0e5fe5013071
SHA256 41cf31695b5bca3b0d08f42f95c1a81182fab9ecebd41e4bb03a8917b92d64d5
SHA512 47abe4526fac8a5004561cd629bd06a13e821ed908f6e1d26e85f9dcfcdc8299008157dcc77fe6ec93599d01fa54934261ccbd35a9ef184876ec6285468c0043

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-wal

MD5 74e69a563225cf64ee2aada86b429781
SHA1 5a30886d7dd11f102534304866b6ad4f5366c155
SHA256 276b4b3826465561d90862423025cf3cf624eb1cbcf702d3f963b96f5aa2f5ee
SHA512 935f431dcc7cc894dce2c0860805fbced3aa149e70a9b66743753692537810d00d693e0d4d8db8e8d72860acbc19268adf9e92633e4ce00d455c740887c2e88d

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 720589f0f2f8201900329edafc42a113
SHA1 3dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256 543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512 bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea

/data/data/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 587fe8f3c71ad157395ea9acdebf3774
SHA1 7deef0cd31ac465d82c69666d76ee8c4fbd68921
SHA256 78e9382839d11b2eb691ac3daf6c8f784568c24d60b543cd4214076e1f992be0
SHA512 defd72fec79f90cda5258a05e1d9c6be973bee4edefdce08ab40faa231affae2fec8763916853d7aa4934f2623e3c72f4c604c606f4167ace9a5b6af2063e832

/data/data/ir.miri.deser/databases/evernote_jobs.db-wal

MD5 390c33299fe7067f5b667ee66dac9ad2
SHA1 de5929c3693364283f4b47d5ec29c725f9aaffeb
SHA256 dbecdef51a36b8c2ffd841cf107c18a8672d4d03f7e83622ddeb6b6abea9f9d1
SHA512 4a9ddc310a342158b5ecf18c382e9dc0425415aba07524c62e75e38254210128bea0355150351f91e5e54dc9b68ff49fcee913b844758f94aea9ad27b769ded0

/data/data/ir.miri.deser/databases/cheshdb-wal

MD5 95be956422467b3aca33935298c3b405
SHA1 6bd36920864b7914bbdbe9300a1e131ae4fb877c
SHA256 87414e55f72b968054b85962e6832856cc48284e13bdef8480f7b920e38027ca
SHA512 e5f3fea4e0a4ff098de2809ca6057a30380bec0262ebd8b076f10906969880dc4b04c6bfa507252210786388c1e1bd8b073ad3646fb431b0e9c3020cd1e2b0a2

/data/data/ir.miri.deser/databases/cheshdb

MD5 c93782377b29f01d1ab25c93ca94d47d
SHA1 f250ae4a68a7b70b0cd02e3704b7ba7de9d939cc
SHA256 52ed0a6e9c5f29f9b29f7f9fdde0e8ff247a1c2749949a814da6bac2eae99659
SHA512 396e54ce136afb3e41e9a46978a9885196eae02a252a5963f80c80868a0dfc50c90c83d5302d8686ab2e98ea95e772dbc3ddd75b5ba40fce3f32666cfdaccc3a

/data/data/ir.miri.deser/databases/cheshdb-wal

MD5 2eb980dcfe5ca9463690bc83ba3171d4
SHA1 8c9e1663776cee0c84b0ccc4fdf66b5bd19aaad3
SHA256 7b080c89adcd4ce5785a282290f089f8eeaf0552f666cac22da2eb59b022bfb7
SHA512 33082d0a593fe896a3f6043498a781e85a482a38065c7a18fe16d6595035c645b9300689c339302742daaba8b84d838995e8cb043e7a5eb4bebda9dc3ec1b476

/data/data/ir.miri.deser/databases/cheshdb

MD5 7f967d01f0eeecf1df1c3581d01e582f
SHA1 3c9a585693f9341ed821bcf47eadf1979d1f633d
SHA256 ddb7fdf1438cdacc13190617eb9aa9b9e124b58b7042ed30ac80dbc16a616968
SHA512 1d39ddbb7fc787a83ede001429fde44d1fc5cd0c1d742c70d0c962e2b9c2b5bcb61b5001ccc5c741794c98a53b4e914b150491785c46c51b0caff8372c47bb96

/data/data/ir.miri.deser/files/info.db-journal

MD5 006808582f9e1c00afd9f44f12b2c78d
SHA1 6f213e5706ce7f9ecb257417d4c3298bd8a3038c
SHA256 5d8bc35fc52a9adcd6cd86a473d065d49b766c773d82d9c105b9005c52c25244
SHA512 237ad648e8cb5bed76eec25365787a053c6adac0412ef72db5d404f77cd9b7db4b7f866458d5d1457c4077f6bf0a66cd83fe971a7ead0737e5a34f041f6dd69c

/data/data/ir.miri.deser/files/info.db

MD5 188e9889c2f31f3da3db067daaa11095
SHA1 9240db2635e9cf9cc30e74fb38e670dd15a8de10
SHA256 b8d73be28c100da0ba7092bcb85582552e47d3422709448bbd486775160ecb14
SHA512 1d4469d337a6d495c8646b4d7ba926fc05df758c02580eb72ea238d7bea9324e7f7cadca7cd4636f33a68ee7d56c6ba39ec24d0410f82aa93c226aa3d4b0efdb

/data/data/ir.miri.deser/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.miri.deser/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.miri.deser/cache/1582435991586.jar

MD5 2048eb6124a452540ee51dae4145aadf
SHA1 d05005b2cd7fe4cd652b0d7fd1bdac2c19d51451
SHA256 105c54b6fe3f25350e92187467761598e4c21d62b1091b77d091f65f3bd98864
SHA512 bb6cb3853dd2a5d0701e20607d4e153ae201268dd2e5e2d06cc2df208b3b4dc50132a4ab428251b1644d2399fcc717662438d082ff14203387bab8794109d44d

/data/data/ir.miri.deser/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 18:10

Reported

2023-12-24 03:52

Platform

android-x64-20231215-en

Max time kernel

2582839s

Max time network

159s

Command Line

ir.miri.deser

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.miri.deser/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.miri.deser

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.200:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 sdk.cheshmak.me udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 almabala.com udp
US 1.1.1.1:53 sdk.cheshmak.me udp
BE 142.250.110.188:5228 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 admob.mehranarzani.ir udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 216.58.213.4:443 tcp
GB 216.58.213.4:443 tcp
GB 142.250.179.228:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 172.217.169.46:443 tcp
GB 172.217.16.226:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 b0d57d384e9da883b1c07443ca80ccd2
SHA1 a872864ace531b9d6ab7eb804a8ba1cd4fc531c1
SHA256 d68086c340f7a840766ee59c9ca33751126f85a3ba52843f7bced921568a4424
SHA512 3ce556f97ff127a57a74d5d5b6711f9389eaa9d6d018555eac6cbfe4cdd3eb5525ff4988ffa426fb19cf7c857caae8beb1577e5f4edf46832ecbdf2b1915b582

/data/data/ir.miri.deser/databases/db_default_job_manager

MD5 eda4e5f53129dca7344c7e3f3e6d9513
SHA1 ed01e856ac998b6c3de46ac8a2a155f09d6db185
SHA256 7c4bbb192102dd3dfc3d30cd5542d9a115cbc6c52369f1630eeb9e5ea81c8e5b
SHA512 cf733d69c95b4db67de951dbd2b4f3c9b31008dd0b7f8a1d42bb14820def6b34a5bfa178d1e8cee0dafdf64531751674e7f6398743e915ef469bb97662c063a1

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 f82e85dc30b2a3dcd422c484b6f95c2c
SHA1 98285ae08eaea04412c40106ccddcb3c7936d278
SHA256 e18f2e007431688cdb486c4ba387031ca9fa45b23d777ef34c3a3bf5a55e122a
SHA512 6f6071057c5e8235026bde715697b1fbd6cc971111d17b6398a74e640788a621a489cdbdfd698763b9746ab82f2eb5436df4b6aca23e0093b54df7600fdf23f6

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 c0abe89118c60b8df4db91a234d17623
SHA1 6ad7352fb02bbab33fd16e7fa73c24fba1cf8302
SHA256 92390e51c75f2a5a7309e1766b08fe20eac0ee9640c8d71f62ac6504d848c8be
SHA512 481ae1b7d725c24ba77379f9ebf0e13b487ac48f679b8734a0abddb3c8b5295671423296ecdb112cef405d578244504f3df5ca7581bf3dd6b8cc9fa55893c513

/data/data/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/ba9d01af-3bf4-4659-83b9-c1ee0d063784.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.miri.deser/no_backup/com.google.InstanceId.properties

MD5 fa69a232900a21655e8a9e872d8f4845
SHA1 e5b49798c4cb41e0ebc2eda5b4cd1761f49fbabf
SHA256 03be58771663fc01e6c2bff88178c89624103d9d5e48d48060db9cbd8c77e3aa
SHA512 14ef4aaed509378d107e228116db5f3a55f57d2d7e5c20405dc9858bbc63596b2622f118e74cf5be834c5161dd6dabb3f934db78e9f32d8c337c54e023ea5aa8

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 08c7a4c275f18825a0ff19216170f057
SHA1 4aefe7b5b34d4a9b3f0cc180640e63e8d5eec730
SHA256 f1dc73728f1cf89e16c8879f9aff96cfcbb626515cfbb9d95045379626b08197
SHA512 8a60b26031f580033f402a5dff6d841e94dcb0e7e3081fe3b66553f55fbea6e7b981eaaefe02f0ad9a176ad3b4bd6a5693ec029fbaa05f1831de9219b2a5a77c

/data/data/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/a278d3d6-1e56-4133-9593-351113372f07.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 dcbc33a6c9605bcf6b0a18d06b97675c
SHA1 f684316d990d3b8b96c2aa102214337052d98973
SHA256 a5bedff840fa0dfd98fb815bbb40c7eadd9c26c395e78f46f5d0e609968d0c96
SHA512 6aad6a1d0fb08f2f0ebb673e6acfba27746504e8b969fb10dfa05366e2f9a7f0a6671b1a27e666656b45c4838be3ff1683c08c55bea14069df93a7caf0beb4ff

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 41955435840b250dce024c89b16516c8
SHA1 910bb8fd2e1124427a6c55a3a18a72807776c409
SHA256 1b589537a44bbd17e4d7d2b285f08d4b3d86681d67a46209198bdbcabd373855
SHA512 1557b56206d79d7f40c3199689b57118f9a553f56e7d25b882ba3afa8bcf3cc9c85c670c6b67914a0c9eebc703f9ca7bc6c890d77ba5ccfc674ae641e7064f61

/data/data/ir.miri.deser/databases/cheshdb

MD5 259a1e4e7ebc4b0d0341ffcf0c3bc2ea
SHA1 9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c
SHA256 4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1
SHA512 dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 4329cabb52ccad63e560ccf4373a7a16
SHA1 86e300758e9f4b3288bbe7c35cd2b8a390777a2c
SHA256 60193cdd014e0dfaf93e15e20d0ccf92e5737efd7351458a8aa312b0fed398cd
SHA512 1aaf56f05f81881db3ccab7cc059577c0e2245a6a841e0e31b2af2c7e82c89776d700f4e0ef95d3b2f70fe2998e269ed268a7b36b7d7466f946a1d7f6068111d

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 5e75e6d44a445b9e8018a6c2fd9eeeb6
SHA1 247cbb5ce47ecd648bc1e13b3c21e3b90ab60278
SHA256 49df8c4ba10d6f68f8624f4a33372a1158153346bebf0a9f03aaaa73dfa56f6a
SHA512 9b742f297511c5ac2b2525901ad994ea0f918ceb1a7c3c5988a2462da184d8f1dc65444a309cc20f607ed5fead78d8f7e055688f8b26067f421e014d9cdf78e1

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 94d77e6ed251e74ab01deeb6d0b814b0
SHA1 09819e8f0a5076be40ce8ba16738ea0ae4e7e489
SHA256 d092de16afb0a062a25265e0c9871629623b6a660d1531fa4616a76bfefd3dc1
SHA512 d1487e355d604d2145054e6103acebdfdd427e05e0268b6ef6042666b3be68c222c02916195e05ed1c5e7ccff5a703831689a25c6606c85264d980d5fb71c1cf

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-journal

MD5 f5677a30a22fe44b952efd91b2d22e04
SHA1 1a337ac37a72f1540f91a978aec660ad4de24e39
SHA256 510e9feb977ae4a4a43f1b8ff90fed9220dae771b9ff1c61ea35cf133ba5e6b7
SHA512 84cc97579369fb78c459882df322eaa38c0ba20eec03525fdb5ef7679d756233eda2d1a1008c6fc860629f93cc1d6c1f53e85f80583c7168f80464e4db46258d

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 ea628e04765adaf4238a5dcdff4bbd51
SHA1 a801947619ea8c368efe9c006a324dc6339ac60b
SHA256 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512 c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-journal

MD5 e5fb467ddb83911bbb7c2022d3995d5b
SHA1 64458a63167c6962a87fbe04287c5b20bae80b8a
SHA256 dec95b186dc3bb8963a3281417ab475d63c84bd4016b5addac797fb17f480fe0
SHA512 dd8e2001283f7bca472f94d052004688e50be31891d1bf24d1ce7d1aec40ed10b2e064839de82a8e8e3970feb4c46ec4ae00b24b2f57f68abdc3d376179b4e17

/data/data/ir.miri.deser/databases/db_default_job_manager-journal

MD5 ed3cda9a46536c4385a9f15b4412e709
SHA1 e08a29f43a8da62fb54e36958d312d861fc1640b
SHA256 b4d73887ca85d1c147e0551d60ad4e753e92916f68957a5d09f77f042baead34
SHA512 2ef928a021e611d901c52342fe02641ae6f6e640c93333535f449518000df6f54d31f572b60b3fd4b630565a63fd4b15bc098339dcdba93fed6f62037f23f10c

/data/data/ir.miri.deser/databases/google_app_measurement_local.db-journal

MD5 f60b2427f1c666bd48d115c59c8dfbc8
SHA1 7e3c876e8768617d491ed7ceb95d40fd74f0bbc5
SHA256 6d88224cda14a8bf0d23d393557ba852b4e78e0128f9eeefd1e8d74d11ed4aeb
SHA512 835e159a2d64b59626e4b88e14fd097e0dfd7dbf960640d1fe6a8858f1adf5ea811f0caabcbb2b89b757aca4312addbeecbe00fbbf0b93001423b6731bfa5a3c

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 90276a8934cd2b4c1a68d88e477f5965
SHA1 b2080f92c48086e0733a9d444799a57ed33aa03f
SHA256 73077a41d7fff44a053ac5bf544e5cc9c65470e2043856fe80390cdb95747283
SHA512 c2cfacbc57f3e08f6ded5f6aa91a020ce7dbfe9b57180d063146a5438a8f8dc638224c7adbaa9aa61c93e62fcdb780f54658f1b25dc7e435a2377195bd4116e2

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 189a45e10ba38071a8da94e7c7295e98
SHA1 7dd3df40ebea9459282d15f99cdbfd5d50a3e315
SHA256 f65a2eee36da828d3169cc2cb65149a888af4921b1a41f482807603792bbb2dc
SHA512 c05551a74d67343eeb4bbfb5cccdf2c985c3f6c3623d6278d1f4996b6033e0e59a8300291ef858bfea13f45af867d37ede1153ba9a85b4711455906af811b95c

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 c6133caafb07e147756dcffcf287fae2
SHA1 3538ccb621cbc75cbfee34dc0ef560b621587bf6
SHA256 4d12a28268178e7800b1dd5a9f660030e7e28ed617ac7b848cf523682a87e179
SHA512 174ba3a74ebe74678713c12213edb5fd32fd6b23b2b95eab5b5ef0dc98c141b8f8033b2200a3c97b6be34fd2799ac766c645cdbbab65527cf1f17a68bca8730a

/data/data/ir.miri.deser/databases/__pushe_base_lib_db

MD5 abe9fa56c177c65db8c072e6d81fc41c
SHA1 abe9e9bb6f7294324f549af4435f58578ae69f2f
SHA256 53f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a
SHA512 bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 1100d238b5926f9edfc29965ebef5214
SHA1 8aa7dc66171c6d7d519109bfded259cac27bf800
SHA256 ce9e2f94c66280db78eab632304f43349fc818b0a4e4fcd2e38d1ef45463513a
SHA512 374cd1e429378705b2fd6b520a1e4898460e8f43f50f52111e24f28b8251a96020f983b3e5ab47a8a630491ca0758e32c3963787e098fc33fe1b2ad5b99b7e51

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 e705c1dc845a92182eddae1d0d1ab041
SHA1 0ea2ded3cdcaec1e9c3b8f65c781eecdc94ceb7e
SHA256 32d183aff5a097961b9c6faa5be96043eebde1a43b843a59b4982c689bba4146
SHA512 8c4dfef534e1f974af9a3ce1da21164747537bbc1cbec6d7b5879e7ebd257703b2593619a6dacb50281f9be3a7bf1d24bc796a9c90895d02c9444f93714a16b4

/data/data/ir.miri.deser/databases/google_app_measurement_local.db

MD5 ce508fedef89097902a0f536ebba0318
SHA1 3db881114b9ca82c2020b9321df750fcd6d23688
SHA256 881e11d99e6871f6eeffbd82af5ffe59e1847ffae3f0fe2baa450c9095b7db6f
SHA512 30c55f7c2aee4bafab9de0b15fe68b672b47ed0782a535801ce0c05d7722432db9da10d3f249c1497dd594f753fada9ffa15921731f336211acfa186bbacc7fb

/data/data/ir.miri.deser/files/info.db

MD5 255e2aca7224ae1a9995e3cd8e65c45b
SHA1 c371898676987dfe6813cf4426a817c13653be66
SHA256 5b9cfd511c352da2649e4b4f104200dd76b3ed760d6cf868ec30a1df2895f66c
SHA512 902001cfce1d6a4f75cc95fec351741c9a42d2c46b7a0518279536b5dbcc62b37afd41df9cb8a0ce9503ed90a79d1991232e6e5fa936b2e1fc33354206961853

/data/data/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 4261052ffc093b5e05a2cd73aa1279b8
SHA1 e7d1ac5fe9777fb26ca30b70c999b8db119f675e
SHA256 0a0932a10ffe37e54c59a632dc3c0c3ce4dc969b79b11182f29c23f73c8ea781
SHA512 628e73766f2fd1c4fc1d46eaa86e485714b2475cb9aeb545c0be172462d7cd924b925d6be18559a683cd2fbccf8cc783a2d164bfc0c15ef676817f74511232da

/data/data/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 535cc2c1eb5297e1daa983be60c2b709
SHA1 23dddcf8c57eefb8ae25a2d0dbb38c8714b2124e
SHA256 0999537518e399c0ebe5e48ea8e5065b2d0d7459d36a76e232ad5a84c6d92d1f
SHA512 67a56eeb9ff1db1be97e70998dc02cab9e512c480695dfcf78919aad44cc86c0b8c25f46570d86ffe9ae0c2dce4819b9152eb4b5c1b4efe56c5b2e35d1077eae

/data/data/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 7b26ed0762aad2cd3a0253f3e271e961
SHA1 3379728a45780ba4d4a8235683041ba35eb441f5
SHA256 cf45e552b76afc1f823becb03d82be5a3e1e76ec47f17ea23128587d31e79fc7
SHA512 534d4e03af42e7f022d3263e80ff99f0032a15f7c1d93d970813f7459bb5e80b07f55360ddcca85e8eaa0bb002c2ad7fe4ad4d8acf537afb27d4d0eb9c70dabf

/data/data/ir.miri.deser/databases/cheshdb-journal

MD5 5ddbb5db5da22045938d3d5371478ccd
SHA1 248a305dbfe20c18b583c5d073cb578113980159
SHA256 a3418e40de11654e08954c411419689d19e6fb8a33c40d1a98deaf0161473534
SHA512 7bd4a75831853a7031a74e0c5722d1f5b1f5c20eb5d42121c473ff4f2f9234f80d093999751f7fe62a7a189405c5127de3af078d4aaf45693bbacb1c7e997de5

/data/data/ir.miri.deser/databases/cheshdb

MD5 ddc905007b21fccb3f16025605fc6201
SHA1 69d0af353adb7635b550f3a185c83ac8b173742a
SHA256 c6332f4b9d6dc94a71e75cded5d372872d54fc1125e5857f8c9735ef45c4ae96
SHA512 9c1ccbd901c7571c87921a3cfc8066114d701f00448f24c4411d2481f1418e37410d1fc2a1858d77c0d87c8a5643cde55e34a19bd419cb9f1a5ff35f9a6c1c20

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 28168a990615d8662e324a03d30c67f3
SHA1 f7effec7051b34b6d5112c642123880a44e3598d
SHA256 09d921e83a489d92ba80694090a01ce21f2c8844893186197117272fd7a96d65
SHA512 d818752224b3f4423f3063b3e14118730fb041408633c83b253629b7abb45abb9d59597fc6602ad2ce7ad66ce708afd61ea53be8562d4aa1598324673ab689c1

/data/data/ir.miri.deser/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.miri.deser/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 0a5ed177261ad0398afc271040521eef
SHA1 e4b0bbe0018ad62c9c7105614a125867b3dd2055
SHA256 be30e985fd8f9b257c1338b9eaaf455d6236fc0d21cf963ef58800c0729c4723
SHA512 5007799f040210fc4ce68caafea9380946a1d41350998190e20d3512ba4ebf3ea5b231e21673f5aef070415bd8059705aea355657d570383072ea438a2f88b89

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 18:10

Reported

2023-12-24 03:52

Platform

android-x64-arm64-20231215-en

Max time kernel

2582897s

Max time network

162s

Command Line

ir.miri.deser

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.miri.deser/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.miri.deser

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.10:443 udp
FR 216.58.201.110:443 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 1.1.1.1:53 almabala.com udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
BE 64.233.184.188:5228 tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/user/0/ir.miri.deser/no_backup/com.google.InstanceId.properties

MD5 b6d68786713d840a11a5faada700e6e9
SHA1 9632e90803981f913140f77fd6d011c731a960e0
SHA256 6356d5d1c5709c88b334d1d8468956e1b8114f5e588256dca9db750a23499ba2
SHA512 55ce33728c75b667f6c212e61d6b6ece52198aba9e814135605f2f7bac69ac85375e740e0b45d5463b89b33da8439dc32188f24890eaf9d1dedeff9d3a20e0b9

/data/user/0/ir.miri.deser/databases/db_default_job_manager-journal

MD5 f5d8dadeb17497790993a9f91a61ffe1
SHA1 4ca30efa47c862e8fb34432b4be5531b180dcd5d
SHA256 d23ea9143df877d5da2eab62df527cbd9380f9ea7c75cc5b9d1ddd12d64869cc
SHA512 b186817ccbf92df307381e89712ca05955fbe39ff633968ffbc92d450ba1b90fbb553f83be33c3d5a91728a711d09eb7f8b21e901da9d03c3004a08a8ad4ddd9

/data/user/0/ir.miri.deser/databases/db_default_job_manager

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/ir.miri.deser/databases/db_default_job_manager-journal

MD5 83a9d85b3632b8e013bb6ce73d466930
SHA1 21b5a23a65c9d2936571c2722355017d7920eee8
SHA256 66f2c0f77b1edb660a51a7d39ee49224f5c5cadaba5de14a61847de77b480abf
SHA512 76b028ab76721ccce19bf8367d1f2cc5fcc63fcfd30666a89ce8a6c1af25457ca36eab1abebedc27f5a9c823fdb38c1c5a61316256ce3e81b7f0343e865b7e51

/data/user/0/ir.miri.deser/databases/db_default_job_manager-journal

MD5 a9596b85f3b5af762805dde0580b2672
SHA1 715f430cacc44361e6220d9a586b4dcccfff7a41
SHA256 0102a44589fce33c19b00fbb4c64bfaa905e9c8524b1dd91552e547cb0316bde
SHA512 5e29a0dbc9a6dedfa33af18ac6163288f33d9293b4965c6c51af6685ef84f3ad2abfaabc43d025dac7fd836672758c846bdc2a8e69ece337c7e8d8439bac050b

/data/user/0/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/8150c28f-5310-469a-ab0a-4147a25e4c28.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/user/0/ir.miri.deser/databases/cheshdb-journal

MD5 d79c7ceded880ee58931b70db59fa399
SHA1 1cbe07c13a8a9e864883d81a473e95a1213ddc0e
SHA256 0870f35a7b34ec6e15fb3d31b62d01977bf4b3e93b0ac99582e3910d774aa083
SHA512 16a206e64d9bf04f00ef619553b1aaefa0e70799f975743f99d884d8deec88a6cfba9ef09e101035228e1413f7ff09903ba7dab99dd4384fbce1ef7f6246a009

/data/user/0/ir.miri.deser/databases/cheshdb

MD5 99fe36f7b3b714187cc1585c90de6f1e
SHA1 d2c7f1a63715d75c9b3830d84b26b5f9b5b574ce
SHA256 c7b1d0410fefd3f1c1993e12006b9308677109777a8c12f11d0c6693ffaa2e7a
SHA512 48ac1ae3a77a062ee03136067a86b6be3b513ad7372556c73e874c7c9cdad95d8026b7bf1abef59f13926ba160c76ecc9f7a36e033d2b269f8dccb3a0320335d

/data/user/0/ir.miri.deser/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/857f935d-f276-4e4d-8321-7bb479735eb8.jobs

MD5 46956fd5072a713ba8599d18563b39be
SHA1 833a878acd5ded00eb903a33c9654ba281d1c00e
SHA256 52cc517913b18255607e6e72b6aaf97524af5077c2007948bd18f14bfaaca0d6
SHA512 4cf3bf029ef91e18c25219f6c1ddb5a889dc30b67ff0a8677e77b503179a98852731f495ab368eb52445cfb97d89edbeac566ca3f495e2f0b85d88da48f38e65

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db-journal

MD5 b34ef2652bee9e415312203f168c4a29
SHA1 417555c32b01584bf0146ee37cd562016ce5a0c5
SHA256 3636d75ee0ee051d1381bd6cb126a9a2796c9564db265a558f96b3ade6c2b458
SHA512 36601d0062256d1764759ee598495213b288f950588f1c2dd1f6f85dce2633bff6ac72c49bb5e6100bf0b111c7850503ac27539eb583e389353e2f09272f3560

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db

MD5 d65a9ae6c75b38123e52293aeafb6fbe
SHA1 ad6c4ec9daf8154d7bb44005a24e326e04f9f18c
SHA256 e036de40898eb583715385329297d86a86c38d39f6dbf9870f75607fa3fa561d
SHA512 ec4ba7138b69d87579bcadbece8193063500123378ffd006cbcc8767459abb6adfcc3a3b0a430bc7a92850309747fa8f9bcf17e2a6c0ee6b95478eea21dd0475

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db

MD5 fad8a939a00ca8937dd25d1693d5f620
SHA1 331594d6dca12120fcc44b4e19f5e89a03d6243e
SHA256 0dd096c6133b5926c1e74b1f8507e76b5c0323fbb7612e90e86c7510e448d64f
SHA512 e20334bccfd60eaaccb723845d303b613ff74d2b109acb6def13f208e39a7fc68bdad50396c6cf66b6ad707f06b370824f4736b0f8510976566ecfd4965cf0cc

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db

MD5 09eda1ef06ab18f9d3c10a6ae65054e9
SHA1 c75ca1df1780e5600552c064cd8511f68249856a
SHA256 fd66694bec49ca186b72979b65f754c03e51618af604fa090a1dfb541b6c4e62
SHA512 f8e3b54c460b7c0652cce5577d995fcd7b6f6035e1eb0bfcbd2272bf9ee2481149f8cccdc1233fc21b2d57a8fb6200d201db5bdbbf4da109691001b07afb2fe0

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 6f9860f2b8412e070b88fb134bc049b9
SHA1 43c1fd50679254db995ca83ba48af30bed4116c7
SHA256 506ac2d46014cefaf5d45233424986991c8c3a6bc43841dabe9f0f8318960a4c
SHA512 e941b13859c9a1f42de594ffe2700e3eab51e7381fb674d660ab43fe6e6636682ac9b4c8cce1de5d4e64221c87937a92872218e9ebb0e02ff97738cb4d4a146a

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db

MD5 f41f531c07d4141546a531ff9caffdcd
SHA1 9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5
SHA256 bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646
SHA512 e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 ae613d27533428232e5487c3dd7b43cf
SHA1 9854a515e08a657c20e458ff0db3388f169cf135
SHA256 fedd1f933435fda4b1adfeca9e8c5689011dfd11dcc8b0c8a9c5df9850cd4d61
SHA512 9266ed49ef7656167e18945faeb21c2b769962f808bfb9dd04128767223cbd64c0716c6dd7533cd6f7efc6774a735bd9479c5e21e6463186a640d9719b485439

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 765bba7d7869b47311bfe12fb777e213
SHA1 e8703aaf4d17329ea5394146b636f4b2f3a7a075
SHA256 63b325322319ee3e51f95c7769569b78720ad45adcef9466f4c85d9377f93150
SHA512 86127f00f369a2bc3e26a33c7e4de53d0c984af49219d4ee23eef727baddf843e2d3ec70e33b7de8ab72dadea6df2546c8e30a47e3bd0f4d64292ba96b1eb494

/data/user/0/ir.miri.deser/files/info.db

MD5 255e2aca7224ae1a9995e3cd8e65c45b
SHA1 c371898676987dfe6813cf4426a817c13653be66
SHA256 5b9cfd511c352da2649e4b4f104200dd76b3ed760d6cf868ec30a1df2895f66c
SHA512 902001cfce1d6a4f75cc95fec351741c9a42d2c46b7a0518279536b5dbcc62b37afd41df9cb8a0ce9503ed90a79d1991232e6e5fa936b2e1fc33354206961853

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db

MD5 4b6cbe192ab71dbcb4b783dd9d56f745
SHA1 6d8c5684988f01e1a305f7475f935d93a2dc618b
SHA256 84918c652bd6dd8d67b6e661da361f1a45e3eb956d95058e3b0ff89a22466856
SHA512 0b3b74437acc261a8029b28ed1b0b4740dd35966881a3675316047fe533e4a36997e8153824ba1222936b03eaca4d1043b6b73b9912f8646a7a439944cd01969

/data/user/0/ir.miri.deser/databases/google_app_measurement_local.db

MD5 8d0cd16581ff038bbc5e88cff4e8ad97
SHA1 af55a06a1a75e0c5505b71c89a4959095fca7b51
SHA256 bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89
SHA512 d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 00dc54138ff0c0d028c9789f51ee2d25
SHA1 d525aa055c2144f37a077335b16a6a948f3ca1ef
SHA256 6a6b7b1e479867de1fa3592e9e10cb3c3f133ce461e38d9dff4666c7b9b2c808
SHA512 a1c2868b62d57920ae449c8f1a6337676075a56bda30e06f6e2ff9c4c9f1dd2cf70df47def1b53d1d248dc3c984d3019ba86551685c27a5ae56902ecf18b6b2b

/data/user/0/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 5d81f94223a88b1550eb777eaff6f631
SHA1 75faedc910dddcfb61dd83cd297aeb5f38cac9c9
SHA256 811af43706a59895763154e87979bc8a29e7b65dbb79b380f56a2e7cfa682e72
SHA512 73d24bd535359f4e06659ba87faf8e2118ac0731831b3ba7ce97a18f6bb2e56adc78b0f817e32db6444c73ad6fcc8116088a93da016ebe78bb88a0fdc8a96447

/data/user/0/ir.miri.deser/databases/evernote_jobs.db

MD5 58c0b6e45328752b20ac6e719ac034f8
SHA1 372b2638afd00bbbc4034657b3df3d2e428fb367
SHA256 9d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a
SHA512 2d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab

/data/user/0/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 fd1fc3f04ac6802bb93268f9f470ab24
SHA1 e5215c1f2938acc9fda9e8b715259aa402f3b0ee
SHA256 638608ed7476128093bb24aa6d25bbef9101e25d61569169387190531ee6a599
SHA512 40ae9e00be94c0d68049d19869c1b12c592d0534ea728e99f21326110b8456ca3da3293884671634ff6644c4b05f4a0ced82c284aa44c8bbc36af7f7e0f094c1

/data/user/0/ir.miri.deser/databases/evernote_jobs.db-journal

MD5 b5fe2ea689224f40405d065d2ac4637d
SHA1 88ce27f35f4ffe4c42a75ac9148feab2b338d82b
SHA256 e950e2d3016079e967c62df0aa334d1ebab82066dd2affe054308cafd6b45560
SHA512 111ad05c905282fc0df9c2a9638815424e8abf81b7ccfdf16bd495bc5fbe4de5bc8f0ed22d0d286f295b9472c38eb0cb060b26a61f9469f08782845bc7dae315

/data/user/0/ir.miri.deser/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.miri.deser/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.miri.deser/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/ir.miri.deser/databases/__pushe_base_lib_db-journal

MD5 1e6e1ba7cf42a656d7c475c9e3f647c9
SHA1 7ed924def07141151973dddde8528d211863c73c
SHA256 da2ec7c459e06ccca7e4114315b3bfc50f65f0c97d532e6716ff3072aaceb0bc
SHA512 3d4fe9a35c631f3d89169e871208d892c9cebc2e48f1a30a8487b9752b1a769d5ec77ad861f0531d5323fa02a5921fd734aff74a6f70642a8a6192407e0e8f0b