Malware Analysis Report

2025-01-02 08:04

Sample ID 240510-k8hdnaee4y
Target 2e689ebc1cac9e9f24c33718367e2786_JaffaCakes118
SHA256 7f67cac13a2c031075d57014daae8da6e254b4bb8c8546f3fd5c7d5173eb9b43
Tags
discovery evasion impact privateloader persistence
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

7f67cac13a2c031075d57014daae8da6e254b4bb8c8546f3fd5c7d5173eb9b43

Threat Level: Known bad

The file 2e689ebc1cac9e9f24c33718367e2786_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

discovery evasion impact privateloader persistence

Privateloader family

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Checks if the internet connection is available

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-10 09:16

Signatures

Privateloader family

privateloader

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-10 09:16

Reported

2024-05-10 09:19

Platform

android-x64-20240506-en

Max time kernel

157s

Max time network

147s

Command Line

com.ikgames.crowdclash.mt

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.ikgames.crowdclash.mt/[email protected] N/A N/A
N/A /data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.ikgames.crowdclash.mt

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.10:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 a.dan665.com udp
CN 39.108.120.165:9127 a.dan665.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
US 1.1.1.1:53 game.62game.com udp
CN 47.107.234.67:8001 game.62game.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
GB 216.58.201.110:443 android.apis.google.com tcp
GB 216.58.212.194:443 tcp
CN 223.109.148.178:80 alog.umeng.com tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
GB 216.58.204.78:443 tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp

Files

/data/data/com.ikgames.crowdclash.mt/.cache/classes.dve

MD5 c77522442bee56b0f0eb814e34095272
SHA1 c686af9f740ca24d6416120248629052e497d040
SHA256 5dc7987a690315cf9ba9efe27e8e39faf0f7bc17321a55e1db895ba6f72cf6e6
SHA512 fab06f7d4eb4b4f39d84ea3bc0e7ee219e23d209d06d1983965c2d2599461d9747bbd4423e732a99e2984be1f8a334ad1a755819014fbe5c36c54ff5a091c506

/data/data/com.ikgames.crowdclash.mt/.cache/classes.jar

MD5 a2cd3cdf0cb891d470d02d7b1b5d17d9
SHA1 04f3f3206c07423ab675a2824713f8adf824ea04
SHA256 9c8e8dd979217f9ee5c94d8f9439a20140423255436224bbbc002ec7f60ca231
SHA512 35311abb6b94403d1a9ed95454d93ed2aac45ea7bcaad50c3b1ce83dcc0ff9b35aa098186f549927fe09c758f084b062d0a510bd2c83d7f91997597c41427240

/data/user/0/com.ikgames.crowdclash.mt/[email protected]

MD5 18c6986d6306ad245555caebf571e188
SHA1 6c567eeb49391f4d73e48b97716efa9c95a9cde6
SHA256 c031c779c232b1379ed661d24ae90c19b0113a2831ad1ae6beeb5c1b83da23f0
SHA512 60efd6c356d44b1921c45c313e1c0c1aa416afdb336cdd286f9e0e7f954990089a64da007c2673071edff376cd88af35f8c3589374be43348965f0a64a124b9c

/data/data/com.ikgames.crowdclash.mt/files/ebody/seey/tv

MD5 317e30985b2c3bf93a0fe849ddca9888
SHA1 caa5f0269baa3c10f3edc603af3ed09a83f8773b
SHA256 16dda80eea786b11ea1967e7170e5e18c5b9c0b257b0f389b4a46a69cff08311
SHA512 ef88de3bba83283adc4aeadde0b45c8fc5cd7bb1b05ba74130836a3e4ad8fd693db999726273dda8d9d12c990317a4f4b0376e30fe4e6be9db0cb8f538457f99

/data/data/com.ikgames.crowdclash.mt/files/ebody/as/cheuu

MD5 a6f27d0e64cb597b16695559739a8bc7
SHA1 94d1a2c2dceb36212452e6011d7c98cab97e60ff
SHA256 3af06e7b32c4aacc0cd81b813372eace1d5d80707efd6533705f62905cfa2f34
SHA512 51bd4313f6393b6c31993fc6a5bd46dc9acea7b32193dd393cf1c2b0d9db5c32f98699f2b5b8cee4ab78ff1c7223e65c8a6efe79a83976807f9c1b6b2a974ade

/data/data/com.ikgames.crowdclash.mt/files/ebody/seey/tmd

MD5 b85be09652cdfe259f629aeb50bb2ae1
SHA1 9831e6186effa39cf0b3c6897897b00db4e28528
SHA256 7dffb6888d560538602be34ab2abc0c5146e429b56303446e41f794237f7d28f
SHA512 a94d2a7c6048e8688e7cedf2aa2fb299ab6554fc5329002ec1095effd5faf0c6aba6572c2a3b5878ce4315a2764fa0b507de461d9db00c5d34691dfed4d03bba

/data/data/com.ikgames.crowdclash.mt/app_ebody/res/xmtok/32099/uuloi

MD5 d5ea5777489a853e8bb50db31e5dd6de
SHA1 9c9a52334b843a6d490aff945a6433e9fcfef0e7
SHA256 7646ee943641ccca9d228a7e188d40ece9a2e604f319d9a4b4ae20b4295d5413
SHA512 cb61a4cf3777bfeb83b6e7ab967f5dd57f9ecacd4503caa4ee9e6978853d8d9a23ee71e8dfc48a3dea5142c128712937c08036c38a880c30852207df16c284dd

/data/data/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva

MD5 e051dcbec9923e2ca2e6c36e001b55e7
SHA1 ccffc67e3c0213cc40867defd7e4d8b0a4769ffa
SHA256 ce8d692b03f4ab06b62241b0dd5ad7c4622a7e8f79fb0045ced3755b19e23a64
SHA512 34a9be3ff8c0667c1d3dd21c02a4b72fc4290b43c057343d4f86684fd09544e1f168420cbea4666278fb72e4281e0fab23f07007b3433e61d68cd93e3fce3de1

/data/data/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar

MD5 ad99a935316ee84dae20690d0db18e39
SHA1 3c39ab93a35212ff76fff447fb71223dd7a208b6
SHA256 9d1ab06459b3395d38a574c70292051e3b72baa3dd575b1ddbebfc0462a7fb24
SHA512 47ae9aedf2e0ae3402a2e4fbc1222649f2bc996f8c74aaad910805f3274780aabcfb98662f1df6f9e811ebd8925f3a23ae3f48f3f59617136645b70960fefc5e

/data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar

MD5 1fd667afa6593a7508641c219579650d
SHA1 553ab564b792aa12a91133e2a1fb42d58fcdea42
SHA256 d49c94d43b2f9271d4fd8d763bb33e0a5796f34052da8679fe0ef265c3e1e8c7
SHA512 82424709a711bc276c2e4ab0c7bc6e96b5c2d935fde78b281a73e9288db27e8a82f082a45e2ee3974da6e2eee496adb6daa4891741b081266d4e99e433fe5291

/data/data/com.ikgames.crowdclash.mt/app_e_qq_com_plugin/gdtadv2.jar

MD5 ce0f508c6335a0f27f412774c447e177
SHA1 37e5567b224e0a4af8c00fdea41f1dc00ab4ea4f
SHA256 365f148e463ef91e0f8d8e6a2050449a5a69019bcc7d96b54e3985e61fa99b53
SHA512 cdf4ec112bc01517d29480f660d97ef583cec811b7bb512d2ff1dac51177b173d648ec267858f14ceb4274565d432d1b739ac3a95ca49624b18bc2e16cd18bff

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 dedc0ed7e8ce75044a0d0e7c0b484179
SHA1 4d08ca93ad152d87714f2a1997d8a011cd209df7
SHA256 2154f3e9720870f1568bfe091995a5d306e1381013eb725dd9a65c8c50215be0
SHA512 9b4880239ddd84c3fa6286209d5ffbc5ab28f19d5e48ba18c75538fb9ea889781c9306e154333b4c3c08b6d01f397cc18f0e06a90d1ff149cb5cd712dfb1763f

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db

MD5 0908e924aa236931dc7166fef6e00862
SHA1 7782648d6d8f6e835bd47058d4852932c096a467
SHA256 38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f
SHA512 3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

/data/data/com.ikgames.crowdclash.mt/app_e_qq_com_plugin/gdtadv2.jar.sig

MD5 b6eaeba6a1c84dd2404e195e68470847
SHA1 a5412849f19316b371dd7e00d76f90801c12e4ca
SHA256 6fa69f99042de4deacde22922488977dc3602d0aa8c86ea86e693ce938feadcd
SHA512 e6ae9ff6b2f5afc3e362ceb9b357ed48611f4de091cc2e7695046a83ba10f2e90b33b37e29b3cd1be1aa4e254184d64e8b3e98331c43b5ad3156f11f302e0c4a

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 83abe6671f88b6a1fe017cc6157fb812
SHA1 29c01892b673bca3cc065fdfdbefd49384a5fc39
SHA256 4addee0232ade2bf73d8cacd1f80e3f758618393626913a68d269434f2322ab0
SHA512 8b867d554953f776ae63c5a585151997f71c19b904ebd69867563074696d80e1eee2c641ad60500f231ed466eb314832d6402c17ecf367389d13706acff963c5

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 92b166c9b1649133e165eb43e582ffbd
SHA1 88bad1f44bec4a590de02955e2e03166ad59b684
SHA256 fd5fd2c5199be5f73811bd7f9de36dcee05af46dd09a845a64904c925c0c4c39
SHA512 2907adebd428200801c7c5070a5ed2b2984aced000517ba6131a81955c713a1c37120d6b4f53bfea37cdb2890d66e5950de26ca5637dfdd71627ca9df7b700bd

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 45c29e9755bb5c79355b4209103a6076
SHA1 187d49e9c8ed6fa408dcd65583b5532905cc5016
SHA256 512bf6d25619df7b0fa9d4fe4eb8408ed3be10f94862567e56b0f19a8ee231e0
SHA512 756a7dea1b674ec17e7cfd72faaea5a425e3ac0a6ec41ca4f6a7c4dfa00a62297c889025986f954aaef0b147bca774b4b1f1b7db4f8d8ae220322b7e879c3fb8

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 3ed195d9c48a1fd8964b10d03ac322dc
SHA1 13cbf2073382bad122eacf57c8cbbb25a5cef951
SHA256 5f95337638df97a4f3dedd61bd63d46b08fe86cf185fd52c80b4208944053483
SHA512 e76c8b51d1c389d9a3b436e3d8a329b4a23e042f3ef85fb17a3d3a6ec572e4b97a47c24226b46aa9201288129e261c544e9f8fcfa69540d5221607d2bb31130f

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 4903dab60a9c3b27e286ccd387cd4bdb
SHA1 cef1c13dab4884072840283e3a9de72f89ee4b66
SHA256 f940de632dc52a76459b7358e74e5f9f018b4f0ac801c77ed553894974326035
SHA512 689f92159eb750cc05d9bc6c8a9bb0c44fbfa14d09e89b03808be7ba620adb487e68ed30e001df43312db5cccc5f1a7a0223e06f9d7d68b38022ba7f35e9a644

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 649cc83d003cb3d336e9940615344dac
SHA1 4f7380167f65ef34713510a937f2afd860c299b3
SHA256 d3165664725073ca4f026aa1c65434c57e7b4b4270ea61a3d93c8d33689957de
SHA512 b01efd7db63410ddecf14751f94894a8241c0154a56ae2885fd9b17c3e10cdf75403f83863706ef7d2e9cfa2736654c5be3b5b4ff63837b020443d24bacbca9b

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 4c3f9219e2575ac1794e58a43df13432
SHA1 1c8023fbd8db49a1c64db6c2ebf246381bfc545b
SHA256 479e7c85b21e4dbe0effcb9400c137c63e455297d14c4803014179175fd38771
SHA512 9b5bd8affd6fb63e3b28a88a2ee98788e1153b1feda0de231362760ae2c7f4a60dd52f2d621dddd6bdd221b5ad31468e10b258e6c39e6f9c7a13e91f00430d0c

/data/data/com.ikgames.crowdclash.mt/files/umeng_it.cache

MD5 a0e33d17acfe78bbaf9ba3780203b6a5
SHA1 5f1693dffbb3a72bfe163793259c6be4e0ecb7ed
SHA256 f7c9d50ec0ec3efe415e674bcd1f9d45c2abc0b5d3dc33ff65f8611e13fe61db
SHA512 d52de9844be9fde3eae6c769ea613fa1854f017f381b0cd00b3e3b13e3366318a81ddbf0d59cfd611f1e90fe1b407fc6f95e10680cc78868219c15a261604114

/data/data/com.ikgames.crowdclash.mt/files/.umeng/exchangeIdentity.json

MD5 ee8e465cc462c7eaa19c1e36eb49f117
SHA1 d402dfd33458c7efbfa6cc53139f8957ba4cfed8
SHA256 c7e04d96f33d5fc3b0f062df5d838a1a61a923c0eb6a233a16b6a2358287dfff
SHA512 cc115406c54302a486dea815e86ebea0647c8af3a70f70818367467e765fab7797995817a29679f3deb468ff7c5f6a6c6dbcc65190372ccc05f4c7e42f7556ca

/data/data/com.ikgames.crowdclash.mt/files/exid.dat

MD5 122d19d396a21b021a50eaa89260682b
SHA1 22edaf41d2f083cefe3fdf692a9d6906ff0decd8
SHA256 a1f62c2d0ba5ad2bcac956d244d07858ec52df2a4cefabf3e0679d1afa33b8c2
SHA512 68d9026838bf6d032d7f9226c2fc8cf75fcd265013c65bedeed8d44b5fd688d27f0a9877fdd31b05a34287eca124817f1e68cc4cc8f5bd60d0c3112bc08768b7

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 003f622fe4013d27aceca5e204de5fbe
SHA1 15855fd9b7b4eac237c6d6172e83145c2f8c0198
SHA256 4e4fc4cea9097d99d9b69217e42b341e6cf37b9b1ca9250efe546824a7776f00
SHA512 d5051c373cfb6dcf3377e8a802b7f05102bc26b1f1fd6578817dd89f8713eb5908455a7c2fe93b5db88e5b8a89b003297ca5c0a11a5a6d27139ef26e48589549

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 38564ad4c73e5619bc2264b0c44997a5
SHA1 e55f6fe1b20347ad4cd58d77af0b0feb149f63d0
SHA256 1820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8
SHA512 30d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 4ff5255a9b2ad57cfdeba4707bbe7765
SHA1 b40c4bcb2dd3510a6f79a4e7b1681a2f044b9fd4
SHA256 f622f9619fc786c25192777fdd1c844ba3d3c2d2595285c85ab41eea12530d49
SHA512 b2e9c2a5110dc96817c7cb825c302a1a848b516b5e73b8a76e613c47e625d3428cda04bb07fb9c81839084319b12cf67de3c4b17490d588e5a366cf070d67536

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db

MD5 67c12933d1e0e63d9801a6aa43092ce7
SHA1 b6936908554e4a1986b8eb08289e2d3545e8ff74
SHA256 abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40
SHA512 db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 8fe72745cc4621801fc3f0d681408878
SHA1 bd6baa033c17d526f6fa5d5596ed7bd30ae1e19e
SHA256 c5f72621e615f257377fc5ef353fc661facf64a1c08c0cdda96f6d6e8dcdfa6b
SHA512 77576c2898e6bf3a33993de0bea5f684b6685cd235dd4b1787ed5c07a8ef9397e665587cec0e70faa1a5c0cf6c394b6e95557439a585f12df7fec8751ef00cb2

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 a4edc37d2d95a037ad3efc50f68be7b8
SHA1 d52c8f3f50562d3b1976939fd6dedb4a7a1accba
SHA256 3b7ae4f6a80fb21335b45585d41ff0fa59c1ba2f203fdeb59d2281d3a3d14f6e
SHA512 69b6fb8e93d1e632d02e204afbee124aa037ea5286f0c65d25c7a9e65d6228b6ab3cfcb759351843f0e7de0d56e746c4a7f3cdec55c3aa07695ef5c14318b9d8

/data/data/com.ikgames.crowdclash.mt/files/.um/um_cache_1715332736337.env

MD5 e080ca3076c6aae4a54457c82dd153bf
SHA1 eef22fbbffc621693d910b9a13c1d43b625a24e9
SHA256 17edba463d17a3f95eed1b7225d5edde3090547d59628fb96f81d1a5e24a9a34
SHA512 0d82a1f56ad0f4b7bb437d3a6766d638bf2060698c7481fc68894774e03aab1e5bd1a6d1dca88d4b42b8cb365455a4e938df64cac809d12614652b4b5c0495bb

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-10 09:16

Reported

2024-05-10 09:19

Platform

android-x86-arm-20240506-en

Max time kernel

7s

Max time network

131s

Command Line

com.miui.ad.mimo.plugin

Signatures

N/A

Processes

com.miui.ad.mimo.plugin

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-10 09:16

Reported

2024-05-10 09:19

Platform

android-x64-20240506-en

Max time kernel

8s

Max time network

144s

Command Line

com.miui.ad.mimo.plugin

Signatures

N/A

Processes

com.miui.ad.mimo.plugin

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 172.217.169.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
GB 216.58.204.78:443 tcp
GB 216.58.201.98:443 tcp
GB 142.250.187.206:443 tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-05-10 09:16

Reported

2024-05-10 09:19

Platform

android-x64-arm64-20240506-en

Max time kernel

8s

Max time network

132s

Command Line

com.miui.ad.mimo.plugin

Signatures

N/A

Processes

com.miui.ad.mimo.plugin

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-10 09:16

Reported

2024-05-10 09:20

Platform

android-x86-arm-20240506-en

Max time kernel

149s

Max time network

149s

Command Line

com.ikgames.crowdclash.mt

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A Anonymous-DexFile@0xd148c000-0xd17c5e90 N/A N/A
N/A /data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar N/A N/A
N/A /data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.ikgames.crowdclash.mt

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar --output-vdex-fd=62 --oat-fd=63 --oat-location=/data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/oat/x86/vva.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 a.dan665.com udp
CN 39.108.120.165:9127 a.dan665.com tcp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 game.62game.com udp
CN 47.107.234.67:8001 game.62game.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
US 1.1.1.1:53 config.unityads.unity3d.com udp
GB 143.204.176.71:443 config.unityads.unity3d.com tcp
US 1.1.1.1:53 config.uca.cloud.unity3d.com udp
US 34.111.113.40:443 config.uca.cloud.unity3d.com tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 143.204.176.39:443 webview.unityads.unity3d.com tcp
US 1.1.1.1:53 cdp.cloud.unity3d.com udp
US 34.107.172.168:443 cdp.cloud.unity3d.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
US 1.1.1.1:53 publisher-config.unityads.unity3d.com udp
US 34.110.229.214:443 publisher-config.unityads.unity3d.com tcp
US 1.1.1.1:53 auction.unityads.unity3d.com udp
US 34.49.168.197:443 auction.unityads.unity3d.com tcp
US 1.1.1.1:53 cdn-creatives-cf-prd.acquire.unity3dusercontent.com udp
GB 18.154.84.108:443 cdn-creatives-cf-prd.acquire.unity3dusercontent.com tcp
US 1.1.1.1:53 cdn-store-icons-akamai-prd.unityads.unity3d.com udp
GB 13.224.245.6:443 cdn-store-icons-akamai-prd.unityads.unity3d.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
US 1.1.1.1:53 perf-events.cloud.unity3d.com udp
US 35.190.78.8:443 perf-events.cloud.unity3d.com tcp

Files

/data/data/com.ikgames.crowdclash.mt/.cache/classes.dve

MD5 55b888b94995e327b079ed2eaafec6cc
SHA1 f2b5641ac7fbecba72e22b1ece563faa98098f02
SHA256 41c25e42dd9d91b95a35b39e1cf49afd1fc41ae0112cafd70630954729bc948d
SHA512 5bd22fd9cbae2ae31ead638e6bec23577dd17cec39e27be739a17043cad7f4d36ba80baf64a8ad1f22d943a1af24dea438b1d939d42065840e200fb006d5b89c

/data/data/com.ikgames.crowdclash.mt/.cache/classes.jar

MD5 a2cd3cdf0cb891d470d02d7b1b5d17d9
SHA1 04f3f3206c07423ab675a2824713f8adf824ea04
SHA256 9c8e8dd979217f9ee5c94d8f9439a20140423255436224bbbc002ec7f60ca231
SHA512 35311abb6b94403d1a9ed95454d93ed2aac45ea7bcaad50c3b1ce83dcc0ff9b35aa098186f549927fe09c758f084b062d0a510bd2c83d7f91997597c41427240

Anonymous-DexFile@0xd148c000-0xd17c5e90

MD5 18c6986d6306ad245555caebf571e188
SHA1 6c567eeb49391f4d73e48b97716efa9c95a9cde6
SHA256 c031c779c232b1379ed661d24ae90c19b0113a2831ad1ae6beeb5c1b83da23f0
SHA512 60efd6c356d44b1921c45c313e1c0c1aa416afdb336cdd286f9e0e7f954990089a64da007c2673071edff376cd88af35f8c3589374be43348965f0a64a124b9c

/data/data/com.ikgames.crowdclash.mt/files/ebody/seey/tv

MD5 317e30985b2c3bf93a0fe849ddca9888
SHA1 caa5f0269baa3c10f3edc603af3ed09a83f8773b
SHA256 16dda80eea786b11ea1967e7170e5e18c5b9c0b257b0f389b4a46a69cff08311
SHA512 ef88de3bba83283adc4aeadde0b45c8fc5cd7bb1b05ba74130836a3e4ad8fd693db999726273dda8d9d12c990317a4f4b0376e30fe4e6be9db0cb8f538457f99

/data/data/com.ikgames.crowdclash.mt/files/ebody/as/cheuu

MD5 73a6b4af2eaacf392a95982aa7f075cf
SHA1 281671fd35eb4db4f8095707af380834d8d4745d
SHA256 7fa0618c4d8291d99670401346ea59c4bc7cbba0f1ded65b51d906d5e89657bc
SHA512 9c015529e67b8735a4b61b7478dcd0b5a0b527e5b34e764923ea4dbc85d9cae67124d341bdccc4f6ab4a7eac1e4cf16220293e5cd5f773d7efa2fe29516e9a05

/data/data/com.ikgames.crowdclash.mt/files/ebody/seey/tmd

MD5 b85be09652cdfe259f629aeb50bb2ae1
SHA1 9831e6186effa39cf0b3c6897897b00db4e28528
SHA256 7dffb6888d560538602be34ab2abc0c5146e429b56303446e41f794237f7d28f
SHA512 a94d2a7c6048e8688e7cedf2aa2fb299ab6554fc5329002ec1095effd5faf0c6aba6572c2a3b5878ce4315a2764fa0b507de461d9db00c5d34691dfed4d03bba

/data/data/com.ikgames.crowdclash.mt/app_ebody/res/xmtok/32099/uuloi

MD5 d5ea5777489a853e8bb50db31e5dd6de
SHA1 9c9a52334b843a6d490aff945a6433e9fcfef0e7
SHA256 7646ee943641ccca9d228a7e188d40ece9a2e604f319d9a4b4ae20b4295d5413
SHA512 cb61a4cf3777bfeb83b6e7ab967f5dd57f9ecacd4503caa4ee9e6978853d8d9a23ee71e8dfc48a3dea5142c128712937c08036c38a880c30852207df16c284dd

/data/data/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva

MD5 e051dcbec9923e2ca2e6c36e001b55e7
SHA1 ccffc67e3c0213cc40867defd7e4d8b0a4769ffa
SHA256 ce8d692b03f4ab06b62241b0dd5ad7c4622a7e8f79fb0045ced3755b19e23a64
SHA512 34a9be3ff8c0667c1d3dd21c02a4b72fc4290b43c057343d4f86684fd09544e1f168420cbea4666278fb72e4281e0fab23f07007b3433e61d68cd93e3fce3de1

/data/data/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar

MD5 ad99a935316ee84dae20690d0db18e39
SHA1 3c39ab93a35212ff76fff447fb71223dd7a208b6
SHA256 9d1ab06459b3395d38a574c70292051e3b72baa3dd575b1ddbebfc0462a7fb24
SHA512 47ae9aedf2e0ae3402a2e4fbc1222649f2bc996f8c74aaad910805f3274780aabcfb98662f1df6f9e811ebd8925f3a23ae3f48f3f59617136645b70960fefc5e

/data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar

MD5 1fd667afa6593a7508641c219579650d
SHA1 553ab564b792aa12a91133e2a1fb42d58fcdea42
SHA256 d49c94d43b2f9271d4fd8d763bb33e0a5796f34052da8679fe0ef265c3e1e8c7
SHA512 82424709a711bc276c2e4ab0c7bc6e96b5c2d935fde78b281a73e9288db27e8a82f082a45e2ee3974da6e2eee496adb6daa4891741b081266d4e99e433fe5291

/data/user/0/com.ikgames.crowdclash.mt/files/ebody/res/32099/vva.jar

MD5 803302cbf2dfc7ffd6daffaa97961022
SHA1 b18c0fe38e69cb6b532620ec3aa3fe0103e62352
SHA256 920ad288f44e43e8dead58852383ec15393466bf2ccfaf508559687919bd88b4
SHA512 a1edf11cb5e4eb9ff6432656fc976be668971d831aef9f1572ee95236bcc711a8861b068e5c3569d8a840ba7c82671aee9fac145f6156c0684fe577c7bfd97d4

/data/data/com.ikgames.crowdclash.mt/app_e_qq_com_plugin/gdtadv2.jar

MD5 ce0f508c6335a0f27f412774c447e177
SHA1 37e5567b224e0a4af8c00fdea41f1dc00ab4ea4f
SHA256 365f148e463ef91e0f8d8e6a2050449a5a69019bcc7d96b54e3985e61fa99b53
SHA512 cdf4ec112bc01517d29480f660d97ef583cec811b7bb512d2ff1dac51177b173d648ec267858f14ceb4274565d432d1b739ac3a95ca49624b18bc2e16cd18bff

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-journal

MD5 d8bae138d8f6d3882d948edaa6427e1f
SHA1 e75b685f320d8ddba02e322c3ceab2d304435660
SHA256 c6ba2aae77188c72edc6d9b92f74ea417173f6bd3a66666bf9d0145a10506f78
SHA512 3b6ea1f96a36fa5ef3cea327c53d537e0ff23c059357df2db37800b83f8190ccf4724f68bba6aeb5a08923fe0485a621c7fcf409ac0137435bdfc7af95d50f8c

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-wal

MD5 8f8a6b62788244a3c8796e1445edeb0d
SHA1 060cee2bf91eebdd0ab7e1dfa56c5f9b0be353db
SHA256 6e166fc59baf8fc4a36e2a969057952c0fd3f11f9bb43c7c59d56028c8234a21
SHA512 86b8a6554c11acc3398e6a9a2195b608b06475da2ddf8dee95a5729ae08c65e558d8912e1e5caa2bab80f9588e00188dd71d85e9ea41aee0fa672fc1aeac39d0

/data/data/com.ikgames.crowdclash.mt/app_e_qq_com_plugin/gdtadv2.jar.sig

MD5 b6eaeba6a1c84dd2404e195e68470847
SHA1 a5412849f19316b371dd7e00d76f90801c12e4ca
SHA256 6fa69f99042de4deacde22922488977dc3602d0aa8c86ea86e693ce938feadcd
SHA512 e6ae9ff6b2f5afc3e362ceb9b357ed48611f4de091cc2e7695046a83ba10f2e90b33b37e29b3cd1be1aa4e254184d64e8b3e98331c43b5ad3156f11f302e0c4a

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-journal

MD5 ca2e3ba020c0880562ec299a3f90e33f
SHA1 5e7c1a75f135f4a6f228be440978e21f0e72b191
SHA256 d0f36349a0153e5895e7f312c16a23aa1481952eff196292091fb834b1091cd4
SHA512 c4fde1b984caed5dbf0a797840d30d2aa42295a7a66062b88cebda89845798e93fdc87a3ee67845b42f79e5318cf115c09c75ba7f9bfc55577b46ccb60787345

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 605d3f77d271a71b765f9c6b5e72dc9e
SHA1 ba437de9d7e8cfbc275c9bd53b331e572a146015
SHA256 406d446ff5b7985501c9721f133d82d1e32bf126f1df0ba2f5c7964900c9ef71
SHA512 6d308559946a88ed32f3a5c5c625b0838192a63cba6a3ca024b8d05be40b77aae2d4e91bb3679a290bb31525096e4b464f6d93b3c835889624ebe2eeb8678ce5

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-wal

MD5 42a67732283f541ced0822be3aab328c
SHA1 3c0333db60470ffcfc47e0bbf07296608131ec4f
SHA256 5fffc10678b1dccb51b7202538a45d9c0589d26d4354411cf291673642c2edac
SHA512 f41f013bb5abe3f9bdaa3038d0dc3dc38cc2c946142a4ba4c57d9ae98dd0a4e811dd0fade89d01d2a0dfe8138cc32390f1836ad90ae1c53e30be15fa6c11e8fd

/data/data/com.ikgames.crowdclash.mt/files/umeng_it.cache

MD5 78793ae0d22662fe1318d73a088fc6ac
SHA1 886c594177bd83920b34bffce3ee2a7de35e65bd
SHA256 b37e65b7e974f5faa61cea6e24c6bd5239f499bdadf0bf197e053f3347d13338
SHA512 16a77e0e67a0d2fb73d818e523f73dbda57638c5ab32b1b445f93c19ce47f4928400b2688cbfd36c624fc6c5f2680b3c530fa01b6f456f63d8e629d48e2e7556

/data/data/com.ikgames.crowdclash.mt/files/.umeng/exchangeIdentity.json

MD5 f64c2e63040f4814b034834705737bde
SHA1 ddb67df2e504243639681bef0a12c9aae6a855cd
SHA256 4c74f8b4ed3d7999a11be954d8ad0b55bec979f85d5ec5ca67ed744faf28f063
SHA512 f909ab6553c8b960820dad0b4d22c1fd276d738bc43449010653d5aa0cf7087e1fe34202666e80ffefffb9b10c64829b967a4e16e099e8261f0362316151509f

/data/data/com.ikgames.crowdclash.mt/files/exid.dat

MD5 122d19d396a21b021a50eaa89260682b
SHA1 22edaf41d2f083cefe3fdf692a9d6906ff0decd8
SHA256 a1f62c2d0ba5ad2bcac956d244d07858ec52df2a4cefabf3e0679d1afa33b8c2
SHA512 68d9026838bf6d032d7f9226c2fc8cf75fcd265013c65bedeed8d44b5fd688d27f0a9877fdd31b05a34287eca124817f1e68cc4cc8f5bd60d0c3112bc08768b7

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-wal

MD5 51d52c84f547d9ba7e17cd473d502fa5
SHA1 5052ddb81fc4df59d8853f702c8bd6163c853190
SHA256 bb08838927ea97724f8307f72366e3ae02141330852910e49a63946d3670937f
SHA512 59cc14ad4e7c930bbd29d56b2dcdd43767c7cb09a76ecde46c5e050119c42cb3a84a7b4f65a458a8ee91b92bfe22348e8b610333d51fee985c27789636f540ce

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 d604a3bf1f8d992cc320ea5b1f7609bd
SHA1 247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA512 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db-wal

MD5 42da435394fad1dc83cd1b512cf2c069
SHA1 49453e0e6cabfa85ee39b4eae8d3919ca7c382f6
SHA256 dbabea937889c34e58b73103a237f35e2202617dcb2a21fe66dbcf27b2efd3cb
SHA512 b3058b85c4c2691e672a7dcf78443d4253ab95405307877a40e60a9217a8f060aa05a50dd3804645a584a4b33a176b83cdc9917337d1c61fd9f9d79562807b6f

/data/data/com.ikgames.crowdclash.mt/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-wal

MD5 1e251db836baced57d812b54d28bfd92
SHA1 1463c564bf44601bde4dc4a42ba128164aa70d32
SHA256 42385ea239fe73af4cc2586c6d04feb99e407e415dfcd20e6e3328c773f90042
SHA512 d13e2bd5b22e97ac484bca3d16743d56069540401448e2c0f05038ff92a97686c4ca49aba4d2e58af576ec553f6985b807869a7dcf8c3ae42340cd37de7a8dd3

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 b87c5f1298b1fe6916cabdae41c42e02
SHA1 9bd57da9f4dcd143cb38dcc6568a9ebc0c1f58e9
SHA256 af9ad171c72d62aa86787ce66ea21791194695a8e7be898852921b29d2405c23
SHA512 0fb18512aecfca2198fad17f3e9df05882f8014faa48a5b7c0b7f52def453a9bc9c9b18da6fb6737377c710160b8fec2aab6f668a6b4423407636c6ba23d3b76

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-wal

MD5 b568c3ae13029ad8ddf70dd47fb11efb
SHA1 274f3b44efcac1a216f4f58f66f5500b2b2a3d1c
SHA256 75b0f0ba82b4e58b46d0112e6f58ac4c910683aa906cbbfab810e2c43a529752
SHA512 76c64f0b627c2bfc862ad55b8fe9bc16729b1fb8b4798676dd63ce4764d0c670a5c061f8904690f5cc4b1f082b0859f86031dc28de6fcbfdfcd681f831e1d59d

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 1680c05656f39c7a59c7c80813b2d1c8
SHA1 f838c07cb9dc2f95b869a09644ade1550691f6e7
SHA256 9d5df3503dc1c82508896419b64710028c4bd76a998fcf9e013930d1b360ba4d
SHA512 cfa49214fb3c4e9c03c569179a760be2c304f18a151d76b90ea20eb540f8d5b2bd99672cc4d24b301c143f21c8af929a9d0fdbeaaf8a2c4bf0119472d68a5c5c

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db-wal

MD5 b961fcf76392cda3ecdacf6eb490c08e
SHA1 e039dac3f05e26639860e5f55c0997e352ddf4a2
SHA256 48a761f77e441aca64b22f083d5033772b09130d90f8ae64046c55285b2c2416
SHA512 f350ee45c5f383839b28d4e5b022eb4753e94de8e7e2aada150ec702f9d09c188cba7e37423455b5f5ad155d75d3bf7ffee35c4d84e1ea91a03afb3f1afe6306

/data/data/com.ikgames.crowdclash.mt/databases/.ua/ua.db

MD5 4bece45691e3def499cda5ed6923bc20
SHA1 bc03312d0c93f7c804789eda5ac80c1ec2c8eec5
SHA256 75a7f2c555e0381d4317f53a7738aaad8d0620308d79f7ae8cff802e1bfd4bff
SHA512 eddc2b326eafdcf9485776ed2de86365ad57a258b7102dcb04a261388436e9c2dac08164d77a9388ef3fcab2731133ad821ad93e0cc50e055bc50a6e34a4d1d7

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-public-data.json

MD5 28b095345e448a5dc1a4d6dbc654466a
SHA1 74d15375305239526aee0cf9fabcfa428fc73afe
SHA256 4f6966579488e93440e110774674302ed99f97c2d21839d15c722814cf0078a4
SHA512 fda82f3be3d1bf90a5bf8c1d30427a55babbb8918a2020abab52c2cef41a0e9cfd95d5faf6cd0c3d38b0ab4d3176df9393f6c1712cfaa9fe135501e0c1f37cca

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-public-data.json

MD5 d82fb0acc7be3feb3180356cd260fdde
SHA1 b396a6fa92bad476f7462623fdeddedbe2531b17
SHA256 e95e941cf88c85d877484a6093afd92a9c510e877e6e581d826f73de29343a8f
SHA512 60991ea78b4d9ac0ed3ff0a8013ef0148b92e7668a205ff0d4183e49ef2a3db6ec224e85c465f72d28194342701c6efe078472a4a45866457912aef99513fb0c

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/config

MD5 8673a8ac0b06a9d056d08d62f857ba4b
SHA1 a351bea1932270bafbe468584058fef20dcfc31e
SHA256 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96
SHA512 edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsWebApp.html

MD5 363b47ea6469dc3796801225ef245ed1
SHA1 b0595caf8f1b92d1d22cb129ace69d7cdeb0e367
SHA256 7250666de71aa78224175a23a8a907ecdf66d9c4925f51b93ee79f6faccbb178
SHA512 8b5637b5a7c095f87bf655e3269fd3cb3cbbcae4a179fed27ebbd9a54cdb26c90615361fbb6fa382a534a35499bfb5acd6354235b168d8c05149d52a279683fc

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700000.356fda88/s

MD5 b4a22a1aa1f36fe61c154bc972919103
SHA1 726e36b024ed96e5ac92ba3a258dcd16d4c68c48
SHA256 6b44d479d993145a3c6a331a35feb7d930fbf4e53d42194e6e078bb710d55eda
SHA512 ecec073f60d2b524c199f7cbaa704affa262c830c0729356ee29175199b995a67cecf69d23415763cea80fefeeac050c81cf71af250275f47f5068d92c246ce8

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700000.356fda88/g

MD5 c81e728d9d4c2f636f067f89cc14862c
SHA1 da4b9237bacccdf19c0760cab7aec4a8359010b0
SHA256 d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
SHA512 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700000.356fda88/e

MD5 e5d39eed15459747d69e0cda9d84e24d
SHA1 56986f27520cc62c12b2e9deccce025f8efeb592
SHA256 ac4c8b8ef3a487bb56340b5225e016d5381e8b9baaa7db40cbda5ad33df183b2
SHA512 d2702146fefeb5dc070b6511c3f49d01bd8cf559abc61818c082a4e298c45fdedbf165775437c94d44b762492bd169dda4846ee2395f9ea2c7fa07e3af0c2803

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700001.356fda88/e

MD5 c676fa2dd08ce06e4a63bd33085d5995
SHA1 924a21f5b0405dccf421b25a337f64a62a950aa4
SHA256 20a9105dc75bc0c95f2b7f14d14cd3644e99a0e4a43680dd8a410295e5a1cd5d
SHA512 3627791e51b3aed109341c4d00a01c3148dd954744ee01f7a965e7ff13226ffcd39986a86bc34a3675f3bbe130586a7b7b39895b409872002127bacf0f73560f

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/values

MD5 a5f59dc93e44bacf04549ff19f32d856
SHA1 94416fbf0e86bc1f14ae095b0d0592f3ba1ca887
SHA256 669615f34d8051bcbddb5fd81942d4dd07a60f1d69f6d2a5e2b78de3b86b7b83
SHA512 cb50cacd07fc38475f081396845d4609d3ae6ce8b3eecbeca814a0dddcad76d2d63224317d3ead5348fb40a9d00895ef4367195ba2ffd844f158a61aa1d9aff4

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700002.356fda88/e

MD5 7c175e4980f0f1b552e94b6636995248
SHA1 9bc4eebab758b819b182dc4549c1c92da427b6db
SHA256 47073ec46af5a12330992a69492d29d7b2b38d6f0d357a57c8c64983f1048b22
SHA512 42e1f76a725a09b68797c104ec584aafe2095af9693d17499fefa21c31ad879e2474613035edd72cf82e2538a4c2e738085d6fee80b39dcf08ab2004e27bb857

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/files/Unity/27d8f123-18dd-41a2-9994-5bb3cc2ff70c/Analytics/ArchivedEvents/171533270700002.356fda88/e

MD5 723b716d6547a2de6523fac0437c0ca7
SHA1 ce95a64fbd9d8896f3456844fcb0006784beb3ad
SHA256 de01257f44afd5f3c15e51852d3b76b5ef5bbd30c6d112df642f48867a911395
SHA512 5de1651ded48b74923a49732c34d2ed89f9e62282c39cd4e7f4fee181f2ba90976416ff97ddcbec28458f9e4c59f71644d57510e7f054e308b30cbababa7b6bf

/data/data/com.ikgames.crowdclash.mt/files/ebody/res/32099/oat/vva.jar.cur.prof

MD5 dfe6eeb15932e291dc75da486801d6d7
SHA1 bbd04efc41d7f12cf8bdb04091e951124e3b3777
SHA256 288432710af09395a00e2a168730f067f93a7f0fccc09f39d967ce20cba0f690
SHA512 ce456507a279addd170203e060f520967f92a429d2253aa60421217e5dcc9cdfd1ac3fa238159357a728be9a03773d9742d039c892bc7d1aa627b518178d699b

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-private-data.json

MD5 16d3e6eac0e79222a9b368edac765b34
SHA1 48d5e621fcdd84108f5750d6905180b622715b11
SHA256 3a518b70256a689906d6740062462e3124aad6e55c5aa47339a87a56e4933ee7
SHA512 d0aaacf86100135241426e2a0e9ba44414aa456cd708124e2f9c3a8037e008870cbcb506d316e4fe7cfe1d6dc3073393989a6f3c29f7cfabd6b0f65057afe747

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-private-data.json

MD5 b410d412ee5c022895e8a12147b9a6d1
SHA1 8d9ef9f68f17dba93ba1d2bae3b4345e5a1fe284
SHA256 ac9be498ce2d18ce76ce0e1bf06477eb8ba9b480f95e08a4db88bba04335baa3
SHA512 9c458b0cee7d1e370c33ad1db591f456d10fa74b1d893c76cc1b04feeca5072eca1f0f83f47d7ef47d8fe5b2274a655d955f7bfc10be609516764d7657dc1859

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsStorage-private-data.json

MD5 364e5d7db29fa73ab53efc366ccecb64
SHA1 a2e7354a18ab264a0a9db1f1fedd9c8d647d2916
SHA256 0592def477068c6842991e17d8b94c26e85769e1c942761d7be768eb92c12c29
SHA512 667ba6fab0a7874d496ed227a58df3d724041bff2c0fd14f9f43a9cc036d1e0be9cb6c146eecf7f397fa943cc3ab555a40247cc94271f22ac3e3669e97699564

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsCache-a9ea2c6d851485cf6e445546aabf1b0d67898e845f8388a918bbe2fdb5c96da5.webm

MD5 67f0e4c73822f9902db035ee1fbf1915
SHA1 84fe391c82302cd33cb0a285ec64019a260ed5e9
SHA256 667ba8e29ac5be94d93c925202d38226721932aaf654dba9abb738735b565a3d
SHA512 8459091fbb68c789415ce20bb4ec43314899b5a4f9d09586a01544779ef95b667a4e091bfda4f6d5faf2ccc451f33b854702b34fd3fdb04d32136d565c0a0c4a

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsCache-c96e907bb05c06eb72067e5bc0f5a0fce814e738177a6182a0f00648c70d3d08.png

MD5 bcd452975d6e2dbe43fc66af8489a84a
SHA1 2e8519d458f1353af2f61260b42834bfd50ad82e
SHA256 77e429ea0a657908ea1e4ab5c41a3c70dd88c43dd70a14bf8559dc68787e0ee1
SHA512 512aa443570a2ad19a5cdd071c614edf8d2f9d98e968addde0f5536e867a8f223bba7eade9f443eed9163a29f679d94a1648b285dcdf22159e5b918497549022

/storage/emulated/0/Android/data/com.ikgames.crowdclash.mt/cache/UnityAdsCache/UnityAdsCache-0b73d25c93c24f5d43ac04c969be1b8d56fdae58648a2a5f277fa259d22b76e9.jpg

MD5 145cbe88ab9d88356fc4d56ad47a389e
SHA1 4651efc2f11febec8051d72105b8863e20717764
SHA256 8de71f095be0c480bf41bd57c7e17b5ea04621d3c440a3b49111139012f32b3c
SHA512 fe21068269fabad13420c271868a6f93f666a1a3003c631fe9cc42f2889e54d832bd721511170d0d80bf5da88eda30e76f97c7c24dc3185c7016222f3ac764dc

/data/data/com.ikgames.crowdclash.mt/files/.um/um_cache_1715332797801.env

MD5 f546a1cea43f17a609c157cfd4abc24f
SHA1 ca51f8554728d758cf8a0132172536c560b06686
SHA256 9dc0f4760cf59f1efa28f6bd78e377cb7d9d775b04ee1f5b3447749fb06dd806
SHA512 1189d2a8c5e2123aab12d7a617834a04076a4f3b16100937c82fbf8609f97c606f3721b2d87c81efaa82a6764b857de63050e0c4d51cb4f4554792230063e4b6