Malware Analysis Report

2025-08-11 00:07

Sample ID 240513-ht941sbe4z
Target 3e44bcb72a783328b2ad38a9daa7d1b7_JaffaCakes118
SHA256 8633364cb6ff37cc11dbdac60785717eea40edac8da8c057c79f9908054beae1
Tags
banker discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

8633364cb6ff37cc11dbdac60785717eea40edac8da8c057c79f9908054beae1

Threat Level: Likely malicious

The file 3e44bcb72a783328b2ad38a9daa7d1b7_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion execution impact persistence

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks memory information

Checks known Qemu files.

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks known Qemu pipes.

Loads dropped Dex/Jar

Queries information about the current Wi-Fi connection

Queries information about running processes on the device

Requests dangerous framework permissions

Checks if the internet connection is available

Declares services with permission to bind to the system

Schedules tasks to execute at a specified time

Acquires the wake lock

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-13 07:02

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-13 07:02

Reported

2024-05-13 07:03

Platform

android-x86-arm-20240506-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-13 07:02

Reported

2024-05-13 07:03

Platform

android-x64-20240506-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-13 07:02

Reported

2024-05-13 07:03

Platform

android-x64-arm64-20240506-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-13 07:02

Reported

2024-05-13 07:05

Platform

android-x86-arm-20240506-en

Max time kernel

148s

Max time network

157s

Command Line

com.mobile.indiapp

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /sys/qemu_trace N/A N/A
N/A /sys/qemu_trace N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/qemu_pipe N/A N/A
N/A /dev/qemu_pipe N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip N/A N/A
N/A /data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip N/A N/A
N/A /data/user/0/com.mobile.indiapp/app_plugin/sdk.jar N/A N/A
N/A /data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobile.indiapp

com.mobile.indiapp:worker

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip --output-vdex-fd=106 --oat-fd=112 --oat-location=/data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/oat/x86/libsgmain_1561566970000.odex --compiler-filter=quicken --class-loader-context=&

sh -c type su

ls -l /sbin/su

sh -c /data/user/0/com.mobile.indiapp/files/dc5ca3db7868d01f39

/data/user/0/com.mobile.indiapp/files/dc5ca3db7868d01f39

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 openacs.m.taobao.com udp
CN 59.82.133.78:443 openacs.m.taobao.com tcp
US 1.1.1.1:53 msg.api.9apps.com udp
SG 47.241.15.144:80 msg.api.9apps.com tcp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 gjapplog.ucweb.com udp
US 157.185.189.158:443 gjapplog.ucweb.com tcp
SG 47.241.15.144:80 msg.api.9apps.com tcp
US 1.1.1.1:53 portal.9apps.com udp
SG 47.241.15.144:80 portal.9apps.com tcp
US 1.1.1.1:53 amdc.m.taobao.com udp
HK 47.246.103.9:80 amdc.m.taobao.com tcp
US 1.1.1.1:53 puds.ucweb.com udp
CN 59.82.23.146:80 puds.ucweb.com tcp
US 157.185.189.158:443 gjapplog.ucweb.com tcp
US 1.1.1.1:53 gjapplog.uc.cn udp
US 157.185.189.158:443 gjapplog.uc.cn tcp
US 1.1.1.1:53 holmeshelp.ucweb.com udp
US 1.1.1.1:53 sdkupgrade.insight.ucweb.com udp
US 168.235.204.65:443 holmeshelp.ucweb.com tcp
US 157.185.189.159:80 sdkupgrade.insight.ucweb.com tcp
US 1.1.1.1:53 insight.ucweb.com udp
US 157.185.189.159:80 insight.ucweb.com tcp
US 157.185.189.159:80 insight.ucweb.com tcp
CN 59.82.23.146:80 puds.ucweb.com tcp
US 157.185.189.159:80 insight.ucweb.com tcp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 api.9apps.com udp
US 1.1.1.1:53 api.9apps.com udp
SG 47.241.15.144:80 api.9apps.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
CN 59.82.133.78:443 openacs.m.taobao.com tcp
US 1.1.1.1:53 adn.insight.ucweb.com udp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
CN 59.82.23.146:80 puds.ucweb.com tcp
US 1.1.1.1:53 gj.applog.uc.cn udp
US 157.185.189.158:80 gj.applog.uc.cn tcp
US 1.1.1.1:53 sg-res.9appsdownloading.com udp
DE 18.66.102.127:443 sg-res.9appsdownloading.com tcp
DE 18.66.102.127:443 sg-res.9appsdownloading.com tcp
DE 18.66.102.127:443 sg-res.9appsdownloading.com tcp
DE 18.66.102.127:443 sg-res.9appsdownloading.com tcp
DE 18.66.102.127:443 sg-res.9appsdownloading.com tcp
US 1.1.1.1:53 res.9appsinstall.com udp
US 163.181.154.240:443 res.9appsinstall.com tcp
US 163.181.154.240:443 res.9appsinstall.com tcp
US 1.1.1.1:53 logger.9apps.com udp
SG 161.117.34.233:443 logger.9apps.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
US 1.1.1.1:53 openjmacs.m.taobao.com udp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
US 1.1.1.1:53 openjmacs.m.taobao.com udp
CN 59.82.122.110:443 openjmacs.m.taobao.com tcp
US 168.235.204.65:443 holmeshelp.ucweb.com tcp
GB 172.217.16.238:443 android.apis.google.com tcp
HK 47.246.103.9:80 amdc.m.taobao.com tcp
US 157.185.189.158:443 gj.applog.uc.cn tcp
US 1.1.1.1:53 ynuf.alipay.com udp
US 47.246.136.188:443 ynuf.alipay.com tcp
CN 59.82.133.38:80 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
SG 47.241.15.144:80 api.9apps.com tcp
CN 59.82.133.78:80 openacs.m.taobao.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
US 1.1.1.1:53 gj.applog.uc.cn udp
US 157.185.189.158:80 gj.applog.uc.cn tcp
US 1.1.1.1:53 gjapplog.ucweb.com udp
US 157.185.189.158:443 gjapplog.ucweb.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
US 168.235.204.65:443 holmeshelp.ucweb.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
US 1.1.1.1:53 puds.ucweb.com udp
US 1.1.1.1:53 puds.ucweb.com udp
CN 59.82.23.172:80 puds.ucweb.com tcp
CN 59.82.31.175:80 puds.ucweb.com tcp
GB 172.217.169.10:443 semanticlocation-pa.googleapis.com tcp
CN 59.82.133.78:80 openacs.m.taobao.com tcp
SG 161.117.34.233:443 logger.9apps.com tcp
CN 59.82.120.252:80 openacs.m.taobao.com tcp
CN 59.82.23.172:80 puds.ucweb.com tcp
CN 59.82.23.172:80 puds.ucweb.com tcp
CN 59.82.120.252:80 openacs.m.taobao.com tcp
CN 59.82.133.40:443 tcp
CN 59.82.23.172:80 puds.ucweb.com tcp
CN 59.82.23.172:80 puds.ucweb.com tcp
US 1.1.1.1:53 audid-api.taobao.com udp
CN 59.82.122.130:443 audid-api.taobao.com tcp
US 1.1.1.1:53 gjapplog.uc.cn udp
US 157.185.189.158:443 gjapplog.uc.cn tcp
CN 59.82.133.78:443 openacs.m.taobao.com tcp

Files

/data/data/com.mobile.indiapp/crashsdk/tags/unique

MD5 52591d0fa97759e83f55059909137787
SHA1 fe384fc86eeda0835c927e741ca93e1bdf9a7ca0
SHA256 5475fcf4a42499c218bec231387fa9e38c216f74aaf5287f43985f89cd784d5e
SHA512 b29469de3cf4efbae23677fcdf05975daac38809d3ff98666269a192e51ae0c61d2dd8066d00ad7cf124878b7a5b9e9bafd9772eaae26a79dba454c3c19e461b

/data/data/com.mobile.indiapp/crashsdk/tags/ver

MD5 dbdce80de8edef0eb7db6d5b6573ba58
SHA1 a148d3595a82be0c538b61c6c4244c7027ff9503
SHA256 11d2572b3a4d888be403ccef9ca841088c5c235e06dd65b5ffdc0232fc797f6c
SHA512 0ced0eca58fe4aa248b10e45d34f5a0c644b351ea5dfc7f55e82191c446096f7b6b13c032084b3a04e5b0bfc83017c03d8638fcb2bebbf39d71b7eb7c8a6aa4a

/data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.ss

MD5 8aa6fcc050ba73317ee98ef08a415491
SHA1 e5567bbdc5edc33e3a5431672e14bc66b0b2ce6a
SHA256 4f5b7d0fdbbab7aad705bbf7e15b1218f4b37a7fe904c19fd27ea6a58c6b7f4d
SHA512 a882cb1af4c745cd9e59778102fa0b2e02f5133dacd68e4ddae25c2b0b491bb991cb079c772c7d2acc66386dfe4306772f43c615123e37a1b017baa855688af4

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 fc5a1be57e9dd872a62343f4b5d7b054
SHA1 b2eb30807ee381d0f35066f8cbf4fb1942bd0f1c
SHA256 e3c0cec386e11f48864de504e123e6ed9038e840fe7de2e8494d68c6229b407e
SHA512 e70e1a8b1d44dbfbdc39d8c6cccc71dfb65d546a9c2c7be020f9640027f5583cc44452a96f34fa46cbde5c0142a144ba60353f6994b22771159bb28527677c7a

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 07ce7403985f7fa34e19cc37386a4861
SHA1 daae4f114de7a84d0366f57638b31266fd048b47
SHA256 a8def0b948f3fba0361aa2c3702738bd6e7eb63ab668dc3bf3263d10cf5cefbc
SHA512 221b9b88883328b359f4fd2047ca1d4b7186199904cc2fdba23b3bacd214597b631cbaefffe9cb61a13cf11cdeaf05e9d2e3e9c1fa443dfc0f1cd9201838f9bf

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 b15b00bf90b7c93b3665eda88fbc4808
SHA1 5d90cbaee0798753afcad7e6555a92d2567dd02a
SHA256 92882182a7ffae56437ee1b2b3a68ddc0594b28c1e3a4254920023015cb4b429
SHA512 cbea5c61e2043c01bbf5b0ba79e45106bf011e29447317a4bc66560afb52177f2268f5fd95d84868152b25b1aa4368256392d24eed3f4fb9a56cb2eaa1b27059

/data/data/com.mobile.indiapp/databases/accs.db-journal

MD5 8f787d06c1a81353303b873a4c711b09
SHA1 7360758cdf874e2f02dccd24d498a279ccfcb69e
SHA256 c885e88a1f5c07e31e9b37fed33e049e97c96e7f98d132991d23b0ec15a9ae47
SHA512 1dc55fd453f94e4cd9125921b29c777a51425d7f9d771fc52696a2c7630ce6a1da4910fe82ef3c26f7b2c00002deb9565b4254ad5a1bc2145184b41d111d216f

/data/data/com.mobile.indiapp/databases/accs.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.mobile.indiapp/databases/accs.db-shm

MD5 b59e1841c7148bf9f739fa6ff34cee2c
SHA1 2c147b4a6c20b6a4ce0697bb4ceda5d4bd893f73
SHA256 042d6630c459dac4cb052f23399a59c525de818a71fb24c78559f067edddf52b
SHA512 427d25bde07b0fe582a27e134b30192f62d17a183a653df39731a55c9260123d3d0ecfdac92b4c01ce580f96d282bceecd834c550137b181827624d7c1becdda

/data/data/com.mobile.indiapp/databases/accs.db-wal

MD5 d2c9239240c0d97d51f8cd9f757e0d5e
SHA1 67feab6ad2048ad05bf329d8d13dcc4d5bd51c48
SHA256 d06cc3985afaef6f8c3588c9209b0e753d10e06f655390e038f1bab365b9ab56
SHA512 7535be5267b9e70a0e9c6ab85f20bc518c1b0a9fa0cd838570678a49ffaf0229bd63b6346329e5e11a39c19ec05d327ee4ae0799a83070d1e121beecd0117aa7

/data/data/com.mobile.indiapp/cache/httpCache/journal.tmp

MD5 4225effc0ae42b9ae31eb1642fec2823
SHA1 96bedde7cb66ddc773be979d90ad9898d2e4d119
SHA256 719f042ea7fa5f1adf5f1b9408969c840e9a39d38e0c50a30b5ceeb9f925a640
SHA512 4baa1ac3c12e40ce2223f4549f223db35bd7bd264e649541d092cab1cabcfa79a1a1ef8a75cb6f8880c47a43e2227f5ad2155f65b83538873f9ec6cf05c94e6b

/data/data/com.mobile.indiapp/databases/common_db-journal

MD5 e1a2ed2a8445139eb72b157dc6a66b3c
SHA1 b5a277e196f92bc05ced3ee6e948a657caa9f546
SHA256 16b3d0086e560c9d58baae543af7c8365c98bf1c23e319735c1dd2c784a93663
SHA512 52a178aed08c1f3fa63e04c8e73cee00f87da10d44ebd91a578c35ae58e4cc84b6177df9cfbc7b540750d15158443f7cdcf58f3df1052a938a4989a68980e23d

/data/data/com.mobile.indiapp/databases/common_db-shm

MD5 4f2e0dc61539df809cc9b22c98bf4fa4
SHA1 5e6875a5bf34268f0724b680b7ac13536bd9a2bd
SHA256 f5c373d2c7fc29321bda47762510e2a1a8c487091898bbd457e841d611fe9b16
SHA512 04359a4421f4145d7cbb3cf057166a4fdb0679c852fc3b2cf6b3597ee513023af2ab4c559e82bde3a09c966592bbf09d36468cef4229451f9fae7659edfebab6

/data/data/com.mobile.indiapp/databases/common_db-wal

MD5 677f9c7ef490c8844134c5534998e94e
SHA1 07be6f92b3ae165c47fc7bd1256b9214724fd2f8
SHA256 6b930ff71e3dc9a4f5697cd08fb2b69d24e6308b9f3b43f29df623d410091244
SHA512 b849607e069810b50a2071693ee146ba4b63854911f45fc3d07474762fba22d0807db57f36d2085558823a9b86056ad1f98293df15768616026effc8f6a9ff2b

/data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.ss

MD5 8fa14cdd754f91cc6554c9e71929cce7
SHA1 4a0a19218e082a343a1b17e5333409af9d98f0f5
SHA256 252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111
SHA512 711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b

/data/data/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmainso-5.3.7011.so.tmp

MD5 cf700b21ec224d3bd3bcd210e6424e00
SHA1 7c8bc069087cc119f08c236c435606b7c5d363f6
SHA256 24addb5e5a182e0f36634c2365606283343d75bfb28ac77a91394256b8b57bac
SHA512 a567d67c636ddb5fe32371d87a6375ae0016c90bc1200a0492b6dbd9f7452fb6e3cc0f2e48efbf83ff24d97b6f504afc7f59229546e9f6ea223fbbf31c129b55

/data/data/com.mobile.indiapp/cache/httpCache/journal

MD5 8bbbb2d2901930d6458274284b1c7c2d
SHA1 691b2d25d44dec68fb72fd9c11010702435adb90
SHA256 7c01c815fec6fe7c7bf6bd72016489be88c5cc50bb60212a9eb4ce06eb4aa405
SHA512 e20262f2a9ad215b359a174079fbf8507dc7ce7e3e2523da95888e7be08a298a1fa7fee92d922357ac4f3ce6382c5a9db9c894c57c13a2aa9059ec16847ae80e

/data/data/com.mobile.indiapp/cache/httpCache/a40bafe0e3068fcae5987526ab259779.0.tmp

MD5 cb482722f34df4a95e0d81cae310c89e
SHA1 b63c0a75c5c8e0cd2b2c1df8fbcafc30471b1c4d
SHA256 e40c9231c6a599a3cb7966d5ead48683922c83b9f6b19c186c4feca3d6b9cb52
SHA512 4d22be91c7b1e47972b310d297d7d4782ed7016eebe910b0f26004fe3a911cd765a6588b792b0e87be962ceb8ed18311a72f3c56234618afcc2a475cc51e557a

/data/data/com.mobile.indiapp/cache/httpCache/a40bafe0e3068fcae5987526ab259779.1.tmp

MD5 c6c8d4a9730eae9e5a4080b910b8ed57
SHA1 b610293b6d3ef1ea2a4197bb6b50a796c2912c2e
SHA256 6ef1a70a49ad5532638e2bfc4f97756e4405d509e04e7607e3a4e93b67e6300d
SHA512 0c0a7ff22e3c94e685a04e6579f23f90abb4cb1919be888073c2b51fde51e64c68571c5c5d2c3d42dbd27453d8aba3aa43c2176e868cf3cbd4613eb9da8b77c9

/data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip

MD5 b9fff83be0423460003164d3f885b71f
SHA1 a25c7545f0a83ec66dbe5550a2c906d38d7244e1
SHA256 6343f3d34569d3a38b2571ecaf0e754d9c49360296e4ebe23c6813b6bdbbd4b1
SHA512 57abf9d30424991bcecc6d09837fb85461a8725556efb7bfc4374c34bd3e372c1bb3f0c9003ded7e97a52d4e78907424e19edcfe146a2539b3b96d01d2b9f954

/data/user/0/com.mobile.indiapp/app_SGLib/app_1715583784/libsgmain_1561566970000.zip

MD5 8f388f06caca62732f1de59df8454b9a
SHA1 55c04257d8734090960d179f5912b03cbe624eb2
SHA256 d2a4094f53a9bab584ae7160072499c0eddd968d14f56221d0ebe698174312b5
SHA512 c186e0146cd9848f7798545c680673521bf04958e38bf9cb6f37c284e2fcca854e893d0751b65151a2279c16ce879b59fb4262429e14f3b804c54e6d30ece68e

/data/data/com.mobile.indiapp/cache/httpCache/24750a77b26428c8f0e2e5bc238c42a3.0.tmp

MD5 d78aba7dd74519ae1d72dc9ed34727c0
SHA1 726265ae2e82a9e408b3e447ce4a1828cad92ff4
SHA256 8cd26a2c00f5e6597042f6e66adde58cb1cffb8bc1aac989e4fc83b43cdf7a8b
SHA512 60acd3583b22e85738e301db45f73bbb81fe437554ff4ee74731f6ac37860226ac0d41292cb0451106d8c5285166ee1bcd81f43bf7ed46463f0ab021d8ef1ad8

/data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.st

MD5 3cc5216a8c3de38099682e78397ddc55
SHA1 479cf0eb838b361082ebcc4c715f776aa08667cf
SHA256 7f951160218e224e0985a171c771b4db3fe6b633ffafd3156b47d28a6218f53b
SHA512 fcf66ff5ab7ff886f068e6156e7e901267bac994d60dd975704a63c3aa7493abe05ac7c74ce44d8ae9098c02fcfd89f5c10dc351a3c970b88759e4ccad021ab4

/data/data/com.mobile.indiapp/databases/downloader-journal

MD5 ff92db2c7817fe5840b10aa064f39c2f
SHA1 3eb73edf2ad924faf2ed28f81f05471fa2289a60
SHA256 c3270f281dbfcca17f4ec6ec9799f246fcef78c1721c76ab08822779d71cba35
SHA512 5992268a397695dc154af973819a8ce628a09c3eedc01fac4ecdbef72e1624bd7b3401a8e0c44bd67ef37b9c1ca35c6b1cc47e03e52739f3efc205ef6bab7f23

/data/data/com.mobile.indiapp/databases/downloader

MD5 a86dfd7a465778b86aa21d5d5a26c7af
SHA1 60db617b6ed9313cc23f4b41aaed121b65a72107
SHA256 7256f1fb64cf5130f0e0810c8f5be73d46f881f38de5bc6405c92d6d21ce1276
SHA512 dd31946acd018c2e9b5e54c486ff5f3bd134c4bd1f2c2b3b957f4dfc82cf2115287b6e2ed8b3723ad86c0ce679a88467d2db8bcc0e5071563f6d96cf36907a10

/data/data/com.mobile.indiapp/databases/downloader-shm

MD5 bf7f53eec1a589fae512561ecae5cfda
SHA1 a91703a1842fb35d20a47bb9672418b21b896e55
SHA256 dc3fac66ec7fdd0f5b08ff7f061b7567c4fcb6ecfaec535e61a08c9b65c16d49
SHA512 66db78853a682fe1d76169cb210ca6d3250c7c705064eb1e74c573d7eb8ca9d0b3ae1764c7def8a4f55060e643f72bf519549d8ddd6a073bfa7228aff3d2ba06

/data/data/com.mobile.indiapp/databases/downloader-wal

MD5 2e5646237901738ea390fbcfdf5bf6d0
SHA1 4bf584c0eaf1f8a0b9cda9d8cb1e50b72cef9345
SHA256 3a6baba466064a6fada6547e334ca89e7b5845f762bc0f19744cb29ec7bfd806
SHA512 1721e6ceab5cff02cdb125e751967f9156aace1021da639a19e2d427c92e8a8c6e7d345962bedbc6ba510f158ee255707c5b241738ff70f7c21c733b6e7b5240

/data/data/com.mobile.indiapp/files/SGMANAGER_DATA2.tmp

MD5 28dfc43c8df405e2594c8d7a15860947
SHA1 12589bafc4b5fecf802223345890044809de7f7c
SHA256 84cca9cf7648edef37591d99d16633a17cbbbea4028c25d5e6571900cb98b39a
SHA512 7d5eaa392131d18f6ee760df99d64d22c9201cf16f67494f6c6a488a3c0fa9f6a92a46a53d6539a96df35a3854b9ff9629ed0f98c3d25cd1fba86c915fdd1753

/data/data/com.mobile.indiapp/files/SGMANAGER_DATA2.tmp

MD5 e75c18861ef4de6e998405b1675597c2
SHA1 314970f465eda5bd9e3cc58fc498e8265b112e4f
SHA256 184a231ce98d6a1dcfbba10df77f8fb6742f7a59e99b4e4de86befd001287f55
SHA512 04fb61a181a013d4b43e3a88949b1b8915df64faf307671eb7ba0d91a5e034e3659633ab6cb7c208c78a711cddad1ebcb6a06cd6a56d33a2911f53d83ce7b571

/data/data/com.mobile.indiapp/files/SGMANAGER_DATA2.tmp

MD5 6da27fda4785500c3664f60c5bd36b84
SHA1 44b27571e8196305a68a736030f8dbfb9cd04b89
SHA256 e411222cb937d9603bf44738ea26ae5d0c941a3db02a12389f9f5c0f3a0660df
SHA512 c7a82ec3244d08193a083a19f156e39eb0e6b325bf01c464a13d711daf19cf145e33c6bb587fb1f2d27abe54c484e488ec3fe39077b589d740e002c86c61f72a

/data/data/com.mobile.indiapp/databases/WaSession.db-journal

MD5 ab5d7f048d08a19e4eb2b56e6e2dc73d
SHA1 d752e718a3605409f6f443534c51e29b9926a0b7
SHA256 dfa1b2bf76fba84b307c4b8df6c4ca5dfbf12992be04d3005e0cfda3b5979d99
SHA512 b007b7d08ab640b9e21ea32ac9d20375e0ddc8f87976f71189e00255789ecfd64f3393a7c8b7e92b29690d3bde6dfe3451757db039805473b062565746c2f272

/data/data/com.mobile.indiapp/databases/WaSession.db

MD5 88a6f5e1a28f495d9c5a8d36ae8c2166
SHA1 447cb7c090dac56a3972063b399bc31bb4d21963
SHA256 3dc36eec01e804e677fdde1cd609a457fa6b5f572a769f776dd93cafd3e6b55f
SHA512 d3797f21813ca0669038f3292f6ac6a6bffd823a783be7d21bdcca92fb4c36f0b88e48c04e4b7583a9d3bb65444820e24a6c41a410dbb1f77c712a57fd57fcb6

/data/data/com.mobile.indiapp/databases/WaSession.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.mobile.indiapp/databases/WaSession.db-wal

MD5 b468c365ce0ae98b415615336cb417ae
SHA1 4350a4465eb6dd4f977c6e6f515ef5dc967bfad7
SHA256 fac9272cef8cab0fc429a417a63eeb677835eaeb3832e4e8cbaf4b0696d719ba
SHA512 d6989c5d52298c95bf57cb779661f763af5e0a0584613d511fd4be375acee9203b88b73704f38a6f6806094bd8f0432d2eafe27eff51c83c5adf0a42991b78a4

/data/data/com.mobile.indiapp/files/SGMANAGER_DATA2.tmp

MD5 f2522f73c8182095eb9aca59d57971f9
SHA1 f34ec302991e1f16861769bc8931d57edcd70ae1
SHA256 da2ddad82bc008e9b4ac2cd79a640cabcf05833267cfa1eee83a213f46c20dff
SHA512 152b8acf1c2fd06cbe9ee3140546246c8160357f7f77b1cab7677a3f344f82d0ec6143b47b09b01d576fddbaf1efae02f4bfcf90818ea2f14167ea5086df3fec

/data/data/com.mobile.indiapp/cache/5cd25d58c023479aa39eb9008cd7352d

MD5 b9717e92182f25241f4ab7624e5d08de
SHA1 051708eb67290806017989bbba0f0d923d96bcd1
SHA256 9504b1e242118d856b88b562c623894a439603c0aa5ed405ea4b6311f1b6a49f
SHA512 733ea9ccee335d3a9f0a63ab47ce8f3cd7b1837e87fd626990f4213fd3abca760960094ab857002a0153666f2ca53ea89d332469d38e1b560cb9daf085e115b6

/data/data/com.mobile.indiapp/cache/15f674036071422cb0945d8c21ebecb3

MD5 e5c91814b4c46956b102f541b902e91a
SHA1 4e940055f8ffb42d792d6244c8c1bedd5f351717
SHA256 091f09825bab7ce94778c19d9b49e432a8ef46a5fb168e8a75cce3910d631034
SHA512 848b503b8fcf5ad89e842a335a769891ce33ff908616341399f901b0265c09594fb1933522e57ce84bf3e4ba8e97f5e7423bda436c1e64b2c0c8e3bdde674ded

/data/data/com.mobile.indiapp/app_plugin/sdk.jar

MD5 d440d29973a4652bd33f145221ad6aec
SHA1 a6883bfa17a19d266b67de42c243de503d5be2f5
SHA256 61a9767c427e8b2eea2421ee1f3541aa6735302d549b2eda02ab718994f70bcb
SHA512 9fbfbbadc9ab71c38d001a1c3db081a7f3d2568d650409c9daa8f626ea45a66f1d02fe0f52e8edcf430a79ba4e49f3102d91c6dfbbf599449edc958734325645

/data/data/com.mobile.indiapp/databases/WaValue.db-journal

MD5 b12c340452abd26aff045c500771317e
SHA1 c96361ce2b132644e0ed6f7493836b749ab2e0c0
SHA256 5484f46c3fab4903a0cf17a4ef0496b2d65329fdee0fb8501088afc0716579e3
SHA512 ff8ccb9276cba744515dda1a02b2feab20728a353351faba6961c1b776a334c96557756af2ffb060e8dac57c8b528773dfbbcb6e6067381e60aca85cfcceed78

/data/data/com.mobile.indiapp/databases/WaValue.db-wal

MD5 5f5b12a777135db02e3559e9d6c92dbe
SHA1 fb83a338be682b5c4128b662ae936eb95d5f64c1
SHA256 1141b668621ea09acab5f878a5c0d264af3f5d59baca9070cc4613c520276d5a
SHA512 b78c493a3e36042ceeb9fde4cc40693adc3705f7467460ace85f0346e65a998967e47b76129d27c316ee06877b6184469091657ac6aea18c9e37370f87d86777

/data/user/0/com.mobile.indiapp/app_plugin/sdk.jar

MD5 d648df8892c12ea4243425449f2a1668
SHA1 bde726d13e43f02e58f97abdded9c8608b009a1b
SHA256 f208b08222db87ce9fd8c75346d464d03e2481849c197e7b63123020a6e1931d
SHA512 1c62a06d35a1c636740efa1287bd72824f7e13b46b4f519ea05f32482d8ace9465af651f22873ebfcb1418f671841f53e6ed0407ae70a953575b2c9a37ba43b4

/data/data/com.mobile.indiapp/app_wa/wa/sv/11gpsdfe_1715583797736004280.wa

MD5 83fba5b97cab0b49badd566776de8303
SHA1 a705ff2b6d2d3b308adafce3057cf12ef903015f
SHA256 fa668a6bf2653234e35548f090f76ca2b5d224efd2d969d4ca8e6f20718260e2
SHA512 99819c0dd8bbb2df5c16bf8984fe83d97be6c1c8cd77a2be8cde9a8e622ebbf3e42127ad9d3db4fc21d6646fc58e442993232c69e12f82ef1b5f8f1c619bff9e

/data/data/com.mobile.indiapp/files/daemon

MD5 bff3b7a7ba0403d746f79f44cacb03a2
SHA1 985b9e2689b5dc4d6d1fb1eb21cf3432f5380976
SHA256 103750b77b32d0ca54d76695f47e4378dbce65de66841e5b04cf5ca2e1f890c5
SHA512 ea0238dae3e5d4a71cfc6b3422532cde9e6422a7daa41ab4f83ce80a8b6ba96a241de3d38a855a639002a8eaf53ee14a23622d1146227d290cfe1c4cd2deb301

/data/data/com.mobile.indiapp/cache/httpCache/24750a77b26428c8f0e2e5bc238c42a3.0.tmp

MD5 3109f3cf7527aae85bc9287e0c77c789
SHA1 69914c037e4cd42d2fd5cdb663a9b0e9e020cb4d
SHA256 1b743e5e923d3aba85ce907a59ce256e98c3cf6d861c7bee12485eb334abd119
SHA512 69c0d348867c827139b14f84607f6965265f289bf44a1128e6be91aac6ccca49df2d40301ecb972effd487529d1503f49ac0a6e51039334ee1f5967b9f981212

/data/data/com.mobile.indiapp/files/agoo.pid

MD5 da6cb383f8f9e58f2c8af88a8c0eb65e
SHA1 0bfddce6e0f24ce1e3f84411fc5785b2cb7a77e5
SHA256 6de23857db0d5f415b6f5576f5514a0d3dd5daaccfd00f458959c278c1dfcb0a
SHA512 dae9922d1969b101d5d384a39d05ca0838c463b9b8c18aaca3eb9455f6c03670c8196e5234578eab03d78d2bf1a3ee02c2bc8899bc36b148807a2252b77c75ef

/data/data/com.mobile.indiapp/databases/message_accs_db-journal

MD5 fb7ba3756e6ee071ac16f07e78a57b52
SHA1 6aa7f795da819dc03bf6e1b19ce8837e36b4d7b4
SHA256 d88c9f7a8f8510304fbd14499f680af14b98eb7b08ab053a57d074dde52e29a3
SHA512 2de6e42780f197085ad2a85531cb1301ad29c13cacdc1911a5e572d22103c945d4498a9fd7269f87bdc59e6bf4af52ff31ff431497d0ffa846eb2a09fd275b09

/data/data/com.mobile.indiapp/databases/message_accs_db

MD5 486e2bac2b3e9e1cb411d2838a4854bd
SHA1 81dd0a7537f4af319b830ae834908986be85da8b
SHA256 5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57
SHA512 c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

/data/data/com.mobile.indiapp/databases/message_accs_db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.mobile.indiapp/databases/message_accs_db-wal

MD5 d90ee59a6d465127560997a7a50cd407
SHA1 cc5d2fcb41d1a966e3112542e705d5018195f3bf
SHA256 172cab6b6f98d1818165b1fb637389c019919aa35683db4771e752c8b05bdbde
SHA512 4a5bcaaec367568e77193b1b2de6066e3c9a634d791770bfb57c87d6ab45393e7dbc7244db2f6e46d6c55108a64cb2396d5989eeeb6e53d0fe7042fef05baf09

/data/data/com.mobile.indiapp/cache/d5ac0edba10a4618ab84b049cc13c9ff

MD5 b19fef6b64971b139dc61c9c6a3ae87c
SHA1 862ee2f682f7d8ff5ae6f565708ecce332743dc7
SHA256 4099055f250eeeb34bf72a472fb99d6f16a798f767f6e64e6a2e163d9542d39d
SHA512 02cf92520449599ea55cd8a70732c076523aba38a67ad4f7f7ab609fef5ac7e40ca451a70b0ad98fc15532e916beb6034770b1254ec2aea0cb9f5bababd2616b

/data/data/com.mobile.indiapp/files/SGMANAGER_DATA2.tmp

MD5 00355ebd863ee5709d7872845c34ca06
SHA1 08802234aa72b8d4505f82cbcdf3cd977f591fda
SHA256 25b051c526072e52b012edc8da9af10fd5c69ed6d2c49a9a38eead7f20319531
SHA512 bf0acf479a528fbfc320a420427cf78a991d2b19a603e7004c574733261c52459df3529b88084b470aaa6671ca7a9bcaecc0a3d49a2b2db812f644b1af958f2c