Analysis Overview
SHA256
b2becb9ae44822f4786e28fc66392763e3e04ee9fd2bb40a8268bcb3b61fa21e
Threat Level: Known bad
The file Application.apk was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests dangerous framework permissions
Acquires the wake lock
Reads information about phone network operator.
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-19 11:10
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-19 11:10
Reported
2024-03-19 11:12
Platform
android-x86-arm-20240221-en
Max time kernel
29s
Max time network
131s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
com.mycarroll.app
ping -c 2 -W 10 -v google.com
ping -c 2 -W 10 -v google.com
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | godamir.s4.telegramrobot.xyz | udp |
| US | 1.1.1.1:53 | godamir.s4.telegramrobot.xyz | udp |
| US | 1.1.1.1:53 | godamir.s4.telegramrobot.xyz | udp |
Files
/data/data/com.mycarroll.app/files/PersistedInstallation3577607344474371989tmp
| MD5 | ee33d6ed06e6ea12e39227a6a711e368 |
| SHA1 | 3266c0c99d3b3999d21fb5a651b7c9f0eabcd9d4 |
| SHA256 | c209b4e4a1825a1a3e0cd0b78bf6553224613896d3d6bbba67461198b188845e |
| SHA512 | 4160d98d1fd78468725567d9c16746bb87299f7afd3832333cb69cfc7055ddc3dc47b18c662e67e331e5a4159a20bd93643b174773e62d9e02ada16e120fccfe |
/data/data/com.mycarroll.app/files/port.txt
| MD5 | d848deba64c84dfe2c675a2e9fc1ae94 |
| SHA1 | 7fce123044f8a7fa4134c15b038b7f5a688e11a8 |
| SHA256 | f1e66d2f3f548e5d1bbd14df978500019848492ed7dccd5eeaaf96f0b6690dec |
| SHA512 | fc77e485ad8834c6b9f24f9ca81d025eb35de3062839763635959a7a1016ec0a78551812c6b91c86308127ba16a9fd85f1d2d1a5da13c4a1036676e6e8de2dc4 |
/data/data/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 6e3c420d6ef803836da67b3fb3ef994b |
| SHA1 | d336fe2a38b449afb6a3d3769ed09797ce0b7866 |
| SHA256 | cb4e087059b10712d2a782e09444a0e5de1d4534e724227d2958c6e7ecb86e05 |
| SHA512 | ed568f54ff703307b0dcced1314e3f0a876628d20ec818f1ca761369ffb2e03057bed5946b092ad9d2f366abd9d7a8cf147fb074f303ebcc209a8f00d508d560 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 7237409e0640cfab7bdbd429bf821a3b |
| SHA1 | 4c3da934842f8d4835dfe2a9c275a300e5123309 |
| SHA256 | 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa |
| SHA512 | c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | a17b12b8bcc421f2b0d16036cd883051 |
| SHA1 | be26f996af09f031608fdddfe5e5df68d50bc436 |
| SHA256 | 26748cd1e18394895c9f673a60f8d1fc531bc95aed9c290f7b17758c4a75d961 |
| SHA512 | d5ea59987bb390b5cc1b943c476476b621ed47e23c0da3135a65141cf095125aaa5364f1a65d6844b330fbba32b87fce4b12b5a8bd61256ca831897d842bef0b |
/data/data/com.mycarroll.app/files/PersistedInstallation5044979714824601886tmp
| MD5 | 43400171fd75fa9a30e5c07874fb2129 |
| SHA1 | cf57a020a9b28feaa418a7af360fffc45739bc54 |
| SHA256 | 91a4f90b4ab113c450b5ec1057de7b83f68b31ba880ddb00f6655b19537b611e |
| SHA512 | eeaf4fb3ca4d502ef8ee4bb275824c00ffec303f7dc41ac4df698eb00d014bb5efbd2af9f92a547f92d223aed8c44aaf40ba2b1a5b37d6f180a8cce4d792bb60 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | d4aeac461f54209f3dca2ffa024a827e |
| SHA1 | 67f969b9e10075d9d18e8c732c1e89f0ad04440b |
| SHA256 | a37480f84df5e7dd7491eaa425ca6d08999acee04ad569596eee55672ae9c7db |
| SHA512 | ea875514e210ad7deb8452b8a34b93aec20ebc926b6509ce554df21878dcf92c97ced6d6c0ce10294c151fc7bf02d8ea8b15e63c3f0a59cd2862c835d6bd1e3b |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 007a1e7f01505bb10604c8e5909a1b75 |
| SHA1 | b6f777462924d9b70fd306e8edf2f5e6735b7bff |
| SHA256 | 62b33e7f29717c179fabfd11501229a5130b01e40807ca18a12b007e41d7ae75 |
| SHA512 | 7c78b94c47893506073b59f8f85a4e1f6e18309f9532a4ad5cc18ee050bf6408cefd00e78d9baed2e5d6635a8f24a51e686181094f1b04f57d5207fea8efea34 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | 444d033b585a5475f6f5eacbc0fdae31 |
| SHA1 | 02ee15f93a6cff3edb9f8883f4aba7b12afd5f8d |
| SHA256 | 6b4237fb260e0433e9699173e803d4d0bb538a839d5e5e9360a6229fad189a86 |
| SHA512 | efe9db0673b99aa2cf0d21ca618facb59c50eb35ca37e8fbe4708e6c43c607e1e9da88f73e2b708ba3d582f23f461c7264a7149ef2bd6554d7d0ec5e60f228d1 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | bb2704d240fc484637953aeea5411a0b |
| SHA1 | 11617939792acc3f267e8ff907a8d7b236091fa5 |
| SHA256 | 29dfb289c6e4b357e04407488c3b6f7cb2dae16fe48df6820cfd6323623101fd |
| SHA512 | f37b8cda4c117f20f1accdfb7f1e02d3c530a2b70386801049d38a00ae60b1be9a3971b9e9d8bf7c2024450c358f1f522aa116e23a773742c2f4e64bb02fbe99 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | a40e2222c06e3f9b1ffcbb634b8fa2b7 |
| SHA1 | baefa2932f36a034dea60693eb0e0bb7a3b65dea |
| SHA256 | 39f4c55768daad20569023636d5f58393ac8f8712cdfa9de34d08e8437a8d3a3 |
| SHA512 | ac85b90a906e7139d3b682475579a3ed7917dfa7a867dd9daacb3d7bbb5689e5db19604dc385e42fbcc428d3d42f81bbf88bf26a0f6744b992b049552c586f38 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 7f1e0433f6f95cd50e3dfa06ac6e1801 |
| SHA1 | 33ce85a3730c940f6bbf575dece0219957394c57 |
| SHA256 | b8888e280f5475e43f91de12b1f7327f7e92d1cbc646aa073e68cc550f766849 |
| SHA512 | 2ae44785a77e161bf61a645800a48e4944ccfd818900c0636dd38786d23263c9de3cbe8dbb52f965f9d98639495baac153c9f0061c313b16ea1b9f28ead82e38 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | ca987c1a6da482a4722429a61744a59a |
| SHA1 | 9a287c9a635769a44ca5ff30a46c884a071ff206 |
| SHA256 | 26c5c2bb8cca777ac8511de1991435a1fb68b20192258f4439ca32d2f96fead2 |
| SHA512 | 777024d4b8691da44906dbf5f9ba35dbbe0700ff34d9a988707595253d2de5368c812fb6f00d5a857257f3d5323ad8f32b0c3c1bf53eb6e2837e9ea2633e43b8 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | e41741aaf77d639128b7b44815b7c7ee |
| SHA1 | ceac56ef6085912bc327638dd1193e2880a29154 |
| SHA256 | 5016a8f7cd858edc72bdd984f01ee1c172d62d3587d2b194204b91c17270b2bb |
| SHA512 | ebc6b8e03380f16bcbdd7306437aa78262685286d7f431365603d87eefb30a4439d48c52efef944b4c23b4ed8cea2bc4c8c9a5753a4f1685e225b8f51f0bda07 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | 7e83b59886f4a60796ce3fa73ff27d07 |
| SHA1 | 23d41f4f6f4928c07d64220f36d293bcf29e9a56 |
| SHA256 | ceb40ca180cc09c3a2c9815ee327c30b2c0ac5c69bd6c3f2883119238b73e491 |
| SHA512 | 86256e9fb5f04e1e13304434ee37c664d6d35ea28f719905c537309b383fa705c439f9caa6cc414d0d5107230d21326d4975b1e9060a3118d0a11736b1e086ec |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 3660658e4a28983ed55e419183bee061 |
| SHA1 | 5639cd68221ac4d4f55585cb7929b6cd95393d17 |
| SHA256 | 69f328617a1b3317702148dbaa0d3b191bf40e2ca5ba207f4aea16ef6837b2a3 |
| SHA512 | 6667ffab4b7454475dcaaeace929d5c5947797aa40bc26ee4235d1d2913990eedc8a801d3cdb98d37fe7ae3ed40eb3900b89c7802a764851b77b36de2ee90bef |
/data/data/com.mycarroll.app/files/MessageId
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
/data/data/com.mycarroll.app/files/user_code
| MD5 | eed9d8e92fc0d52017a00a082f196384 |
| SHA1 | cbc80c9efc6dc7beb44c6016ac6657a32a2273e4 |
| SHA256 | a976688999f454091a8116609f2473276d58ca3acac109000b6d4f4cf3d73777 |
| SHA512 | d71213358f63f914c7e74b5d6272203f93b9d88ba2309430e624450e7d27eb17d044dba98e35286bd292044ecfd48664ac9f5580b3a1896862b4261ba5a78fda |
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-19 11:10
Reported
2024-03-19 11:12
Platform
android-x64-20240221-en
Max time kernel
122s
Max time network
165s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
com.mycarroll.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
Files
/data/data/com.mycarroll.app/files/PersistedInstallation6590085575634431871tmp
| MD5 | d91b351c70aa4b1abbdfb76e04bcd333 |
| SHA1 | 0cd3237fa6a6600e8bd87eb6e99924858da8c235 |
| SHA256 | 8bb807e13865eb3365ac184551701d4ff0ee1dccfd5aaf8e83b0a04bea01f5f7 |
| SHA512 | 08fb58a8b1d16e0a06f02877f16c04121c40dbf3510ba9a508a9114fdd84f85c72ff9fdf033a35451b6248887d5f6840d78fe44ee3f7ecea4b31eea493a8238a |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | b245c4b4039cd17b056034448fc327a7 |
| SHA1 | cc3f8a7fb1641b59e7d38a91711506a81b722e82 |
| SHA256 | a495f63d02a71af249391a873b653926b5c4d96ed09a5a8ef6d69311be0605ab |
| SHA512 | d2c1a553deed4386bfdb9148732aa89cccfb26fe8fcecccf741a298802e1b31822dae297679eadabdc1fec5bbf4893d13677daf32003faa3eaa3ee7d54fefec7 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 2b202d438fc45c37f9bad0cfb4279620 |
| SHA1 | d6cd659a096bc0b5ed76cbe167aefaee62deb9a7 |
| SHA256 | d6c8956be9fdb78c8e8f43cd5e9a7d353a7a824076a96f59d3f05eed5ae7de65 |
| SHA512 | 74f5235c82fdd50c95b3e05e117d2905252e85765348571c941864d311289ef9436e6986de2e365f06b05a310f8c9d080231a39a274d1914f803bd00737f8a6b |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 186ee24fd970807065b177b64f5010d0 |
| SHA1 | 42c9988ea414ea4f0118ec2cd4137fd858eb3ea1 |
| SHA256 | ceb54f7af30e8efea92eef553ccc3d17e538dc769e73610a52e13e3b45975c55 |
| SHA512 | f03f15d179e4a76faa014d3f0734b982ced55da5dcc65922342db78a8e2611c26e54c2ba03f24bd67a7c332e10b90c09673e8008520aeaeeb7f8f61b574ac9ef |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 38f9d5a2b549a0aa4d639f6f198529cf |
| SHA1 | 770804669683e2e1a774eb2e60a577cd7e42ba73 |
| SHA256 | b63bde2cb3ef0d9f96ddc19ea945db8e852216b43420433dd151aeac84a405e6 |
| SHA512 | ae04c7f94101247857f0a44e84ace1368dc966869f32abcdb4027b3f0b13dce05cc467dc5567da508465e20fe74943d4b23bafac7d5a78747985843880598fb9 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 406a75d31a6a625a042acc5e849dc03b |
| SHA1 | 7de272459c7decc6de8684ff452ca1629edfac06 |
| SHA256 | 81b99be99f7494b76be46a84d4ec03b3402a32bdbe82d1652ee8d9dc8b45a9fd |
| SHA512 | 4eece6c721678b3424ea0c5eac210f2b29bbcde30a6466f35a0aaefad6d26e9f53189f10ce22fcc91f80921feb536a0d3d32c162abe5fac65d0eaad3709b27d1 |
/data/data/com.mycarroll.app/files/port.txt
| MD5 | d848deba64c84dfe2c675a2e9fc1ae94 |
| SHA1 | 7fce123044f8a7fa4134c15b038b7f5a688e11a8 |
| SHA256 | f1e66d2f3f548e5d1bbd14df978500019848492ed7dccd5eeaaf96f0b6690dec |
| SHA512 | fc77e485ad8834c6b9f24f9ca81d025eb35de3062839763635959a7a1016ec0a78551812c6b91c86308127ba16a9fd85f1d2d1a5da13c4a1036676e6e8de2dc4 |
/data/data/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/com.mycarroll.app/files/PersistedInstallation3579673413036385815tmp
| MD5 | 185c8df424782410f26924b9cb4742c2 |
| SHA1 | d4130d8efb929514bbab4b8d59b19419e8fb8837 |
| SHA256 | a798c38f634efcae4b72af43d761b0fc9c9f0ea9e6b14c0d134db6fb55b521e9 |
| SHA512 | 44de0b4986a9096c48df28bd2669b6c8e01c355c39caa614aa89e6934b3f75aa2f71994339fd23a8bf4856e233388c311ef43413f112d48722641a1a9fed3b75 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 0d94cca9da49c81d3056172d48956298 |
| SHA1 | 9c25cc8a9f641a7d412a73d0b363c5c834ce0967 |
| SHA256 | 6e6eb1a9fc54b4e4e6c466548ee55a78307c214219d2e099f93fe5e32cb2f352 |
| SHA512 | e30e124189d3ae06dcb63dc8b0b7a84524c5ab13beda28eeceec80808832846858a3397240cadb6250876e5c3583353c196bfa05ed792cb747c8523e511a39a5 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 4ad5450dbe0a56c7d6706cfdcbe1bd67 |
| SHA1 | 45658e708748561755049ea2a982d8eb0e5dd025 |
| SHA256 | efda621e6cb26dc0c404649d43d6893defec20698f0419d680b9b4c7238f6245 |
| SHA512 | a9d5323e041d630315db8f47fdef28d76eb935c32d5493e5c577b8b9e8972545cb478784c749d0ab859d7ec09672ad8cd91c5cb2e39cb2cc25a21122f48a8cbd |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 437a568e4232dba5d1d0b89f17d62ca0 |
| SHA1 | 59ffaf92abafcc351ea8f6a5994888cc488dc084 |
| SHA256 | ea87a7bd9e73af5f9eb90d37e031d570ee680d3b80f11d7d6e626dd65b7671c9 |
| SHA512 | a4959d4438119f9ad9549ed88241412dd1dc35532d0f13184d6fa91fc92136170c43407e7869b3461582872c56c21203e28711b6f15cb51dc07bb15fbd505349 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | d9c784fa817f83ba8a913ec7cc4305cb |
| SHA1 | 40b6f6eaa8559a0e5ce5cda4f44ff9feda547a83 |
| SHA256 | 10628e59447128a2cf99d38ef5e421d8305bd05eeabe2170d779676a26c8624a |
| SHA512 | de98a3595a1d04e8914e53d67e7c31b7c5a68806e8ee3995b1a39350294509cca90db1f5461c3a3de8063bad1c6449739082d8e734681c7db0e496e8d115635a |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | bd9e62f3c8df4bbaf6c07a22f033ad69 |
| SHA1 | 5047edfaa2445d77b85faea5788807d4887ef297 |
| SHA256 | cc9217529d43bf28aed92f8400a8d276fea0969d8fb0c73f04a33f73fdd28cde |
| SHA512 | bdee8e65c729023f04f3fee81d0c537a3134efd1fd657447942dfacf729b2fb1862dcd3cb69660678770438bc1d2347a467f97b2ff3c3c4baf66cf4a515cb130 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-03-19 11:10
Reported
2024-03-19 11:13
Platform
android-x64-arm64-20240221-en
Max time kernel
10s
Max time network
134s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.mycarroll.app
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.10:443 | udp | |
| GB | 142.250.200.46:443 | udp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | godamir.s4.telegramrobot.xyz | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/user/0/com.mycarroll.app/files/PersistedInstallation363591896240845312tmp
| MD5 | 67d6fed95bdc59037e1c72974bbc0c19 |
| SHA1 | 11bf803a48875d9f80c8a4206bd3d5710bb21bdc |
| SHA256 | 78b4daa6ec62fb38888c5cef4663bf7ca39c8cf5f15206d4c3cf0bdf6a2584e9 |
| SHA512 | 20d6257dc498b4093b0b7e7c38b6168ab49b548f3f35fef42bdddc5ae7247cf37737364a81884241bafc8bb26484d0596196bbf52c7ac1902d62d7768d8710a6 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 0c21c73c530443dfdbb5df7a0a4e213b |
| SHA1 | b207c3f2cddb8bfed03814e2d98fa3e19ac21a5a |
| SHA256 | 79cad1bd8b23babccec6a4f639bbb41ca897f3dc073033594c6c1b9143fe7434 |
| SHA512 | d76517cf9c3261b0e52273731c425bb5fb27ee7e7b1b90b05e40ebcf8e8c9d16d237378d5c7f4720ea845885ec022e499377c80fdf60aa8e0c107d9cc2b78113 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 73dde037d43818d6392e51665bee0446 |
| SHA1 | 79d2b7aaad055aaa21aa371d61b05684c2164073 |
| SHA256 | d8aa44c8b932aa136e23d352f22689c2173c343125e0e7588bb111fb635b30be |
| SHA512 | 95c88a7ca75a3f60fc3715bcac6a0a0f67bcf8a3a9fde5482f15e8da321521faf184548fc7a31df3f6019c48214b97a683b9fd7d0d2b1bd5595e50fb5d80f4fe |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | d02144cb551ddab993683f913fa6b84f |
| SHA1 | fc3c3fdc65f784e8283eb44cdfc019a7b8e84919 |
| SHA256 | c36ac3b19db44cb88132bd36013d5cdffcc08502024f5b686ffd74e027afb040 |
| SHA512 | 1ea95419ffc9563712f1036c78f778aec77bd94b96f968d634feca89676053176af4c09c437b765b2a264dbc901672dd3576a34c577cb7909c8355f09adab8b4 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 7c3246a19fe1aff02ddf87eb7a0faae7 |
| SHA1 | 35c5b92df8d2645a9ff35bf3d001ed68a85061aa |
| SHA256 | 25991ad92fb88718ff2880f504f16c5e0b20e08fab466f007725b5d6b68d80a8 |
| SHA512 | 9ea37e578831530fc36af46f27bd570b3aee1be502720add1388303e81c56bac667e04a0b6695413c48dffff10d1961fa206fdf260e2a6f2cf6916dbdce7bfab |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | fe1a6cccb34c401a53b49d6caed4afd2 |
| SHA1 | 65f38ef2ce6be91f774355b429d75e049d094938 |
| SHA256 | c360964037fa6e8fb73e81f6d0779c78e0b72cfd6e0c85f40198d02e56f58c22 |
| SHA512 | dfd9fdf89c61a9b88ad80aea85ea2af4e5e8c7a0b310cbd0c52b18dd48deffbaf4be49a81de9abe1d3253d8fa732f0b1fff2373bcd541e2147be44ae10ddcb84 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 58eaef90aa9fa7bbf6c16fd5a670d20e |
| SHA1 | 62a57ead976dc449a40981a3b2ddc950f360a58a |
| SHA256 | 4e5816942b30a159ff09c0a8ffe1eabe16543111f102bb667fd3ed91169f1dd1 |
| SHA512 | ca4c90c3a68daeb1746b32991c86fb2b91763d40f673f5b40d3e89c40bbfe6307d361f7ee18bff750fdf507ef394ef86b42aed947d03790af4bcbb11ae198f0b |
/data/user/0/com.mycarroll.app/files/PersistedInstallation6245416321532955349tmp
| MD5 | 60692d9ce98c955bff2a15c4db09393d |
| SHA1 | 6a62a4ca362e8d201a426bad4988e710745cf4f9 |
| SHA256 | 13d5f249fe99ca4a5f9102dc359db7e8e82a8225b570c1982901775515990b1c |
| SHA512 | 7fc7f5fbc3aabe3e88eb07c20bf53301bfae025eb02827b509ac5f9e8400d3a70802c761b24b9a469e373292a8fb73a0ffccceb18639f7de8009f99829b530ea |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 02661ba4c22c5d5e548497ea60ceeb16 |
| SHA1 | 9cbb2d5f8ad99e0d23e9d3142c293ac52d20eed0 |
| SHA256 | b1ceacd9e97241507524da534bae4f9ddac1a975a8277c096fb2f17aa3e6a1b7 |
| SHA512 | 1cdf25c6423eedb107bfbbf7c5613068c8b0da362271323dc353457441511dd90f690188afcd0d64a4557a873e53b3588856f84b486d8268e5689e9ba6eae319 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | d2b9521ffb98304c52f47d7b1919a7a7 |
| SHA1 | bec05b8df93c671830482cb8cec9f1720228322b |
| SHA256 | 3f6ff0e5c903b683f1387c2160fc2e70c02e9fdf72c29681ed1f7863a499442e |
| SHA512 | 09e8dcae5419dddf3f60c20db685e864cf30644240e599055eeacf50ac6a16181f24459ca965399b841c0b5de6ec214d1e8b2e31c4d135079609f525a4f9bcce |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | f05a2cd3b5b9c4dfc0db0a9bd39bd644 |
| SHA1 | 97d7e6d284e65085219074e2624608ce79f618a5 |
| SHA256 | 5d5635ff26c9b74f27abb8f1a4a922d282902a6d8db07de7e3a27ddebf2e7b77 |
| SHA512 | b05ec396e4b265ed957117164cdf00639aca17247b93706865819144161dc2ca74b3ee7cbc8966897212d2032621701e55d7550129783e8c99b233b783696a90 |
/data/user/0/com.mycarroll.app/files/port.txt
| MD5 | d848deba64c84dfe2c675a2e9fc1ae94 |
| SHA1 | 7fce123044f8a7fa4134c15b038b7f5a688e11a8 |
| SHA256 | f1e66d2f3f548e5d1bbd14df978500019848492ed7dccd5eeaaf96f0b6690dec |
| SHA512 | fc77e485ad8834c6b9f24f9ca81d025eb35de3062839763635959a7a1016ec0a78551812c6b91c86308127ba16a9fd85f1d2d1a5da13c4a1036676e6e8de2dc4 |
/data/user/0/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 261f8a80d2616eba988103e88ad3a3ef |
| SHA1 | afab6ba951ffc448e220ce966581ba8c2f169fbe |
| SHA256 | df04d61c18dc6d10237d85b5ba5af95d5d1d0f70cd5a5f6cc3f83c758e596d4a |
| SHA512 | f4436b8b448bce021ca3e64d8d7a5c6dc7ce921732e42f73d18a2d883a0c2a3e2e843c45e56e972ecbb6e5f33a1940b49434a653b3a4ddddd7122e12443059cf |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 7fb3c88e67889de217e9cb794acc8080 |
| SHA1 | 7fc28b440d05e7c5630faaeb4cdf02ff3d11c647 |
| SHA256 | 7feb4715946169d7d5677245749253fdcd7b74add9136d9efc2a271ab12c49db |
| SHA512 | 631c2809f2d37bb0515cf43299622811dd808bea139860e0d0dcb0b45b4a866272de284423e8cc328bfc618aaa18d9be0e1f16e40589bfbbdbcc4d6601d0037a |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 4aeababe446351266333ef9e93364429 |
| SHA1 | b07327fdd2d851ee062b36513e4c0fe414f608b5 |
| SHA256 | 41f8c5539feb2c5945a17e45f3fe97ea02567e4fffc6eb4b766bc56b83c1a639 |
| SHA512 | 42b0cc3b906e623f009856a7b85c043b0683999290066ea34ebe718ddc06404f1293cdde6babf5eee79c07f9ce8e4583a62314c204fb3c97e6d9c20ed8589b0f |
/data/user/0/com.mycarroll.app/files/MessageId
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
/data/user/0/com.mycarroll.app/files/user_code
| MD5 | c7062dfb394ea42e4d0c2b4d472ba2dc |
| SHA1 | 5b03aa6dfb9ecd9c57f5ffc8d732d1884a96ed04 |
| SHA256 | b3c7814bceb792660c2add4bd1eaee2a2ecc0890de5215f35b888c3caf8f12c1 |
| SHA512 | e2a8d1cbada646521c2693fb9c8b6a729ce3d4bdb468d2245f2c86edbcf092a015a5c0bea237ad092f737a251bf42ec6b00906cdaa2255a2932225d69a0aeff3 |