Analysis Overview
SHA256
6adead79c597943a8db40268ec6adb428b29c684c2b80943f44036626b34fd75
Threat Level: Known bad
The file 5600676c99de6e1ec35f104a37a0e341 was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests cell location
Requests dangerous framework permissions
Acquires the wake lock
Reads information about phone network operator.
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-26 04:57
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-26 04:56
Reported
2023-12-29 14:19
Platform
android-x86-arm-20231215-en
Max time kernel
3052382s
Max time network
157s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
ir.askar.noshidanii
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| US | 1.1.1.1:53 | server.magnet.ir | udp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 216.58.212.202:443 | tcp |
Files
/data/data/ir.askar.noshidanii/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | 2021e2fb13f5cbc70632f1e4efa78c45 |
| SHA1 | 2265e4d563161b34575cb51f539a279e538d8e29 |
| SHA256 | 325b83ef8dd347d4f56b5fded64f0216176068c70da6589dd3a0079eee2953a4 |
| SHA512 | f593f333372f753d004cce7bfbea9c15542c10de0e24465bd7ad908cc07b1d2af702de89c0873d53978e4b5bc4ef7e5b2a3b2b6733a7b0d24e784055998a5a9a |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 978fdf85b8448e3a7c9015e51477eb49 |
| SHA1 | 793bb88398dc9457935a4416638d5ed3974baf19 |
| SHA256 | 8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92 |
| SHA512 | 852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | 44d4db593ff7892dd13cf2aab0f2a30c |
| SHA1 | f4b894e3e342db63b8b5219eb79223757a9b5307 |
| SHA256 | 7a5f7a30d7c65d522e14f284f4b4894fa72f2edc2502fa32cface00e525a2f1a |
| SHA512 | 2c43928ab8a03af2a378d544cf988994839b1d983f4d897b5d2f34751890c6e90342d6bfefa674c0739f46e6b1a084ef407d94f9473e7d48ec70edbddcf43c76 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | d7f40195ba95e72e8788219bcfa70e92 |
| SHA1 | 6430112550e5e856dc5c85ab1757818116431ccd |
| SHA256 | b0c0fd9d36e44db30e25d0796ff357af705f66f5796fee74a2ec93f2598a5cb7 |
| SHA512 | d3f6736ea6d6fc9506724300540b7ec51b94eecb0a2ab99c976593a9a16ad155f8711cdedc62024e8a8d7e8d632094adfa0f87103bf9d2dd946066790c2469a7 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 5410c4e7a652060bbae25a160ba94ae6 |
| SHA1 | d2e40c15484758072c6d2331cccde3da5be375a4 |
| SHA256 | 65531817f2e318821ceafe29e3c4a05119301b4b308e0c6ed37fdb06bca705bb |
| SHA512 | 2c92ac6fed878ceadd3e7727834deb49bd578a047847932f59b3c5ed0926bc23f408e37804803d6c46e71dea9823c9d90408846f51c2cf2966cc454aae8ff079 |
/data/data/ir.askar.noshidanii/files/db.db
| MD5 | 02e5217d57abe8d010a592215d3617ee |
| SHA1 | 151df9e157cf82fadf27c50a905f1a918ab6f410 |
| SHA256 | 2fb777e58b9434b661640ce5cc263dfac03253575b4cd5116b34918f067e2a47 |
| SHA512 | 2caa925ab90e034a812919838b82136fd4f4ace97464840d0ed7e2072bb912147b0a7c3e3811149c72abb7334a519bd73c7c61358f546edc0df8d8f6154b2633 |
/data/data/ir.askar.noshidanii/files/db.db-journal
| MD5 | 2b251b8ee954d729c6fb8c337cf2af6a |
| SHA1 | e2839379f75659822c9b743713e4a913c80f7af5 |
| SHA256 | cdee8f384f38a1bf085e909c9558ea774a52c81a06e751ccff9d25deb38a9282 |
| SHA512 | e741f1bed37fb68cb8515d8c4dccd82f3f2578b98cbd3faedaf1a0ec489c3ecc8a174404c99b5e8120b5fe70e0e7dae245b000c0bc1988fc4de09963c18c4cf5 |
/data/data/ir.askar.noshidanii/files/db.db
| MD5 | f528526d43b3c061eb48c33d35570aca |
| SHA1 | 09405a201d8692627388de1babac8504e5643848 |
| SHA256 | b069909336a95cdc7dca125c1ad73949dd53f5b20b7fdd7f187ae40d1a61c528 |
| SHA512 | 65a1974c20ec36de693391291fcbc8dfd4b44faec07c5467d7c98f66c3c2f44b4549bdc6e1c1bc076c3d81c7b531f577fa771bf8d42e644af347e109e171a6eb |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | 6f3abea49dcdf541d2717c38194029bc |
| SHA1 | e64a0347011ec276effd2cae079717e3b2310b26 |
| SHA256 | f5b5bc87877f1164941f02003aa8bc07d6ea5f11e2de0e34db1050bfd759b9e8 |
| SHA512 | 55de892786b83403e49ace7154705194cdaae5854f4a36d8ef178576a7360a7c77539030821fdef2b406ee518a3fbe5f4eb41f0d5146b738679622bf8a22e63f |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 48380b456d4e1367093abdb73cc43322 |
| SHA1 | ae24e3f76d0253a06aa6d00f6eae61ee00137a61 |
| SHA256 | bafe1991097809f18714f85c9d4e77eb222e2e4cec50ec12c3d33725bbeef8b7 |
| SHA512 | 1f6cef4355dabf9cc046d5703ebb4a5cda0fe5fe5d163d48bf535523d52285b7a7c1af22b3bcc86d4dd30609dc6f62a4cd3db6728d3b75d6f3f7374183d8aaf2 |
/data/data/ir.askar.noshidanii/files/db.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | f80af426199a13cdfba7a057a2559db9 |
| SHA1 | 9b0ffd1848f2e5f7f27a00fc45bcc64a730e145b |
| SHA256 | 82109e281a4f22ddd50532b4ab7eb4e0cc368b60bdfe9eee7e02b7b56c2989d8 |
| SHA512 | fcdeef2002859e375c74998e79df6052a8d00eefeea2a2ef1d964817e101ba9e070fe7ee3841f83040315a255f2a6ef2969e53de3285fe769ba5f005ab53fc08 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | ad05a044bf38e74fcf28f548d57ea11c |
| SHA1 | 2d5baa01e286795213a29aaec92cc02cb386bfb3 |
| SHA256 | d64fcf26669de980d97a77bb957cd046d6aabf38877cb73a17ed21267acd2dae |
| SHA512 | 9cd3737fb66084c183e68f9939a3ab3ed357d8d900f4eabb99008f3aa8d2242293867ea855a3d87adfd5dce05c3fe5e3b94092c5394aa02db4c81a8b9d6ab4fe |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | 79300b6e65bf2086a1ea291818e98fb0 |
| SHA1 | 76b8a0e947ebb2a012e929b71fdc10a2444a6ae0 |
| SHA256 | e5b124b75c1f84a2135ba418848758bd258191f02926e9e1e55fbd0d712f2f0f |
| SHA512 | f91a722ef77c7f3b3aaae10e13a1b5c1d9fffd59358ae6b78b3c88a9f3dde87b557534e7efd14985bb1e3eeee3576b5b9017e3ffb730683ac049ff9f5bf7d9b4 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | a494299518c93672ffba44fa27ae0a01 |
| SHA1 | 58ae28b1ccb6b5d573c627b18f3647b18d9b3c48 |
| SHA256 | 9069c96fc4d5af682e00ee7133373d609ff9f129b4d24ba5b6ed6669e4ea5a63 |
| SHA512 | 7cb4d7386636dbdec7b800aa1d2096a6236c67e8778511689eea67affccc17d1388525401f458de22f240643089a560dc7a1735b3acef8792284dcf65cdd8d07 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-wal
| MD5 | ad8a74a3bcc340280ff81318c56b942a |
| SHA1 | cc01bcc1b03fe636b53cc6f7b62334e6f57f45f0 |
| SHA256 | b44e6eae05eb7000b009922c253d7f044df1fb5c65b8364d2f6717b8f9a1ead2 |
| SHA512 | 956b98d91eb04738fa2b5793369bc17963e4128385d7591080af721dbc9f44e7db20291d10298f394c489263e9ec02cf3b6450809efc7588f91782259f6f24c9 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 67c4f4b7139619beb469c21ef9033276 |
| SHA1 | b949e7ddf1cb36ed9bce087d9c9234652b3b8df1 |
| SHA256 | 602c323a8e5c5f22c655e81744e7cfc48de06c737ff302ecbd4a2cf16ad39340 |
| SHA512 | e58b40138691959a409934b5dba8c82366d6c4f596532f63ceec5cb5512b15288907f9856cb2fdd2c7521be004add5d4a05169b63ffe21928039ed7395ecb490 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-26 04:56
Reported
2023-12-27 23:01
Platform
android-x64-20231215-en
Max time kernel
2910947s
Max time network
164s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
ir.askar.noshidanii
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| US | 1.1.1.1:53 | server.magnet.ir | udp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| BE | 142.250.110.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.42:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| FR | 216.58.201.98:443 | tcp |
Files
/data/data/ir.askar.noshidanii/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | 2584814af709dbffcb40c5c1acdb730e |
| SHA1 | 04eb07484c06b702915997adf0d250e69c1933de |
| SHA256 | b0e1823367c7594e9063a1234482df4873b82f4dcb61561c588f5b8636a1a3b2 |
| SHA512 | 672f2b6911407bc5630e7bcbe3da6714a1e6137de11413b0fbabe6e0ce5d8a55890d0d75961262bb8e0b0c4b78cf24cb442679ce61661582f8a15d7ac4607923 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 58e77b089de3ff3412dd107033e22c2d |
| SHA1 | 8b6561bb5fe893dd90ddf183877fb6c164521249 |
| SHA256 | 7b640a7f648e99956c43f5493923a6c24e90ed03cdfa8b6dfd148067c48a5cd6 |
| SHA512 | 97efbe22753e3488a77fd7db10e845ac04c1e2fcbecd005c6f477e419e53aa34409510d94e4bb01b01e32967818950514544a1c604efac3b2c05abf94896670a |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | bc97ee929abbbcbf0fe5b66289e22435 |
| SHA1 | ad92bc8f123ce417a4a2bdeb531f89b707e70146 |
| SHA256 | 6c3e438eec139fabf68b3b1bd8efdacdd62884263b373a8ce0806728eb97b0b7 |
| SHA512 | 514c1a81c0df1cf44a0ec1914cf6623ae9b3207cfebc83faf97d70f4e7e4d2d2bddd424d9c1e89821e3751c5ca1d8205f1e71d87a811879bd18520714f0607b3 |
/data/data/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 4407c54cb0f82627e34f6b04801c1d16 |
| SHA1 | 057e59ceb904748a321988c12ef615fc263e1cc1 |
| SHA256 | 292688ab35bcad30c37e9ae5b3e7346fb790414821ab06834d9da14aec1a10bb |
| SHA512 | a93af41dcd6810cbd0fd13edbaa256ce60dc5dba17bb2375e9f7c771c71c0e0fe1e2799df723a9951e3bcb3a831b4d7f8cb8204d6bf4a16c305c24c54494824d |
/data/data/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | 8cf46da4762d30bf922432ec2176269a |
| SHA1 | 78428bd2cdda303b3c0e5b037cc5236cda61d046 |
| SHA256 | 68160c926116d1a43abfc05f3a3847dc62db645a886086d2dbc6a0dc31c63300 |
| SHA512 | c1ff65c6a359b07108bd4938772fb8e6e63866fe0336946bcd3ef3e82f2b9938e390a95e60f4b82052ec76761d58950068520d6091d7f89341965530374794ad |
/data/data/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | bf453af6725b05e003ad10d44220d25d |
| SHA1 | 5ef3d872bbf413f776e0eb7d1febeade9d4417f9 |
| SHA256 | 6fd4fc761b527b98a91438ac2643c304836cab02a679b749b37c02f348f4df58 |
| SHA512 | 1d1881e7e8e9513ea605445d89f1a818d718e3b8b844ac7e81209921fc7970571ed932c4274174c16698f363a6a5ffb4de2dba968f8f07fd90a66534ec9ec529 |
/data/data/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | ea8fa584335c3bdac1be01755957a1fe |
| SHA1 | 4f009818a3c1494a2e86f8ce426ca968f8f2285a |
| SHA256 | 40359ab4df9f55807a02199a425a7959497785b466b4ce14bd42b101a5cfc223 |
| SHA512 | 008d0cb40e0d7a768d73e477848cdf0261b35cd0a41a43f5706ece698b6d47f8553943a76a11bfc332d234fe2ff93a566dde4d1e43506e765466be428893c502 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-26 04:56
Reported
2023-12-27 23:02
Platform
android-x64-arm64-20231215-en
Max time kernel
2910951s
Max time network
132s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
ir.askar.noshidanii
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| IR | 178.216.250.25:80 | srv.magnetadservices.com | tcp |
| US | 1.1.1.1:53 | server.magnet.ir | udp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| IR | 178.216.250.25:80 | server.magnet.ir | tcp |
| BE | 173.194.76.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| IR | 178.216.250.25:443 | server.magnet.ir | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.200.4:443 | tcp | |
| GB | 142.250.200.4:443 | tcp | |
| GB | 142.250.200.4:443 | tcp |
Files
/data/user/0/ir.askar.noshidanii/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | 605cf5ef9d01b5441e2f2c280e390574 |
| SHA1 | ca455b85e7f9a38edaaf8ac8d4901821dc23b8e1 |
| SHA256 | fcbae36ee384acbb5ea67e439c94789aaaf6081b636b7169c4b227ca14310b08 |
| SHA512 | f60792d9dfbe3a68ed1a9e71675374f08cd7ff7c4e1633ad5e1c00ec7ab9ecf27dbce0e36212850fd1c909b2c132296914a8bc9909a7f5816794e735df9345ef |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 47080e3bfcf2db9b8620f2faf6c5857a |
| SHA1 | 6f63c1851255e0fa99567f047382074b086d38bc |
| SHA256 | dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb |
| SHA512 | e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | 7882995d822f19cd565434d8c85e4f01 |
| SHA1 | 72d162feb83d21cff4fa89933ccf0072b1515f21 |
| SHA256 | 34aaa0006b2e57f3e55089c4fb862517f6fbcbf02183987180b46b9de455f33a |
| SHA512 | 7cb383e56d37123f366a679cd48c6bfc6acdd2de7f20838b49421ada2442f81c8d367e9b1de75f829ab83a3375fd5d20e6e084af0768c378cd9f7de7f0c2a458 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | 0e1567430e4f0552e7a881a4d6e9eb95 |
| SHA1 | 7439f17e93ada7d7c74b353903363de45174837c |
| SHA256 | da10cee15c77b8761834aa4779772f4027ee677808cd321e31f1db7c05d5e381 |
| SHA512 | 305fdafa44641622cbbacc90d8975f598ff46abfd412d20bd6bb7fdc385ef31a5c4eb69a0a8d3c7279b9dc928f5c94f1c1a6b64c11431bed16d45eea496b3064 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | ba38166cbf7b865baf214c768e580a88 |
| SHA1 | b35e2456df4c7bb34a0ce103289e4c6ee6aa30ec |
| SHA256 | 68adfbfb45c7759f52c4a0cb4dfd0fa47425afab08aaad82a3988fb8eb48a237 |
| SHA512 | 99ef15ae951169a57b43c811e2f025d4337d62e78bfd0ff330e97797913641728c63277780c07af0b6fe6a181fc94e8e9e8568ccd41a881128712ff057ce6fc5 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 962754941cdce210b314385c0fc77212 |
| SHA1 | 55d0d0c4eccd62224c06a99db2e342e19549d420 |
| SHA256 | 891f560c779742a28b3b319e43d3e92103cb76633e5548ab7711091721f1efbe |
| SHA512 | 4112e5019d955b4c29a1b899ba9bc799a7bd0f03e2d3b5606f6ddec9c24e9fce26baf18066d8b8656f99a9ddd47b95c6ebc048590cbc93559373696f1b2414c7 |
/data/user/0/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | 513b7bbb26839255349edab277e28ba0 |
| SHA1 | fd918f01827dbecda741761762cf7787446a19b9 |
| SHA256 | a2d905564dce3f320efcbd561c4b7bf9a6bc1a7c2479f0bb28ebb6d0bbb15133 |
| SHA512 | 72a97c53ea00439bfbf475527946ae000bad8d088e0694dd13ecd078b63578809ec8c29967dffcd15477d50e00363f9a4c1719c55167ec586884ad2181bd30c7 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db-journal
| MD5 | ee8dee9a3132134c947e3456f613d793 |
| SHA1 | 26bbae3d9fd3c8551c3b3bae9683117e3712dc6a |
| SHA256 | f274404af593915367715e851938c3435ba09495ea0c7b04f6e379e1461bf094 |
| SHA512 | 27f2bdd30ba57f59878d304c65f12fe89c641c80c1f59d8df190368f64e70dfde8154e9b35193cd3e8760caac03d97ae985b9b8995939518f053912c6093a518 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | a0510be55c4ec20b7a962149204d4c5c |
| SHA1 | faac124d958e076fc6e19f7266fd3642f5dc8e54 |
| SHA256 | ea449c4144ded955863c9e3579bbf79af81d4de0ee0901bc920d3f8ae69c5dbb |
| SHA512 | 621b3e0638188aa5a6b3c700dc6bc826b2fb8bc99c48609a642cf7d23fe801389736387813a370a6f5be280f1c65d9d31ee4168045750710999ee3066aaaabe7 |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 59458892a2368ffacdd9873e530e9f05 |
| SHA1 | ab4a5f0e28e696bb9a988db7bfc78536472e56ea |
| SHA256 | fc6e1e5f5d4ecbc2c9a0c695d6b5c8d45a9f961f6faa009b8ec3338482533ffe |
| SHA512 | eeee681efc711c31e2c4b99ce24544171a4fb146764141879b7ea59c9095e164298718f20a9a4e79245d765df9477967bd5bf51b5571adfd7d75e9fb159811af |
/data/user/0/ir.askar.noshidanii/databases/evernote_jobs.db
| MD5 | 12653a8f834e8e79f561968957686a56 |
| SHA1 | ce055e28d1a2a0f3e6244f68865d335dab691b2e |
| SHA256 | 41cc1b7c6da984567668cac66d43b0e08007cd595131eb251351884d2e30305b |
| SHA512 | 56507510e0629bf4a2d281287477e533903361dc78a47262747a55a1ff008c3418f11eb1e9b3ee093386c93ed03d682c097fc4d60120dbc31b25db8492349de7 |
/data/user/0/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | a6eddf07c939e12448c7ff88f743029f |
| SHA1 | 68f1f66d9a5462af21f2ef37ec8e509dbff8de58 |
| SHA256 | cd08a12cf40547c17294ed83f25bd2b014e1c87893093207be1ca4cbd55727d2 |
| SHA512 | 01ff48ad615e5dcb42ebb88bd1ad963c298512dd06b6a1ea3b2b93acce6a3add88fef05715f242eafc536bb17b7b8b7a145bb231b74eac5c4b5a6d5284f5920e |
/data/user/0/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | 7f6d487db41100f299e34566650d6da7 |
| SHA1 | 8d3d4fc2cb909d49359b152fd90e461f59128161 |
| SHA256 | 22afd3ea74d7060298c628680245394c5723ec827fad734ba8cf97f85819aaeb |
| SHA512 | 256cace7c5288ed9eda5504aa8e22a9ff8cadb28ac5a2726a8119ae8f509c288b5803546897aff762839b7d5649d6293352c7cc1ef5fbb6ad38dcf0ba5a0a2c1 |
/data/user/0/ir.askar.noshidanii/databases/__pushe_base_lib_db-journal
| MD5 | a998a304472023c587b1ac15515449a0 |
| SHA1 | 096f78c669ce55db895c3e5f5b3def6660145977 |
| SHA256 | b579ddd790bc7ab03595a5898a87d5f5163f831bf35b7558dfb39cecac8c5b7c |
| SHA512 | f44e2c702f6cc3b66f5eb7d4dfc7eaf616b33a4e3c2a95b1e0a2f535fffcbb078e565065e52908bab64586de2830d3a637a676bfaba979b63ebca17e6d3283f2 |