Analysis Overview
SHA256
fadb7686d81a1bfb3029f33fd08de4ce26402d93b3be30a1f661befac197b811
Threat Level: Known bad
The file 83ae44741a62282a0133cbbda73cb65f.bin was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Checks memory information
Obtains sensitive information copied to the device clipboard
Registers a broadcast receiver at runtime (usually for listening for system events)
Queries the mobile country code (MCC)
Checks if the internet connection is available
Requests dangerous framework permissions
Acquires the wake lock
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-05-17 03:03
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-17 03:03
Reported
2024-05-17 03:06
Platform
android-x86-arm-20240514-en
Max time kernel
123s
Max time network
139s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.mycarroll.app
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
Files
/data/data/com.mycarroll.app/files/PersistedInstallation6002354220556726738tmp
| MD5 | f31e0e68955a83b4965c9465bb258249 |
| SHA1 | 272c717ecfe9dd979baf32b73a3426b97e729216 |
| SHA256 | 15d205e37b2fa61fa9e5b4a294599ef8c6e3ea6d6abaccb065657e212d2f66c6 |
| SHA512 | 6f76aa186d1b6ace06ad99e9298e66c86182bc9cd495f20e8315f4d4f2ec7247d1854ca367ceeac7ac474886f6b3ac3634349f9d53337a1d6b24a7c27a889d4b |
/data/data/com.mycarroll.app/files/port.txt
| MD5 | b143bb9b14c916972f31e4ce92ce9fb3 |
| SHA1 | 9d365fb5be0934e134cede71eaf6c29e5170f656 |
| SHA256 | bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c |
| SHA512 | 89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | a0f6a541b4870d4b0ccf9a22832c5094 |
| SHA1 | ebe260e1dd19de69914ba48ac24e7af4baf23b5d |
| SHA256 | d55b42f67f624384f54e7cfbe6a0747f139d311841a48befb033293dd64578ff |
| SHA512 | f62ff5f4c1ed6c8a6698312fe7c253350d4266b85e98385296f4911b70b1cee062a4659723c3d4b0d33fc6d2740fe132e740d4b9d47a7ccd729bb826854deed0 |
/data/data/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 7237409e0640cfab7bdbd429bf821a3b |
| SHA1 | 4c3da934842f8d4835dfe2a9c275a300e5123309 |
| SHA256 | 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa |
| SHA512 | c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | c0cc77849d889c19585dcbeb35631d2c |
| SHA1 | fde265875b46dc4006a311d22dcd109bba7843a0 |
| SHA256 | 280573d142b0a6fd8c19bcbe333d8ab14523d7b9c7a2b5fd1d3ca38f0b608de6 |
| SHA512 | 5d1e2a580008aa59feb700fa243dca23ee4190e430a005519161bab84d10b89832953689e84f54fa0b9df36102e2e6bfd7d9041e8cb0e721240e290f6e632f13 |
/data/data/com.mycarroll.app/files/PersistedInstallation865136576673226016tmp
| MD5 | 3849a69b4b85a9bb78f181ed5a5916dc |
| SHA1 | 50d03966d5ae8e94a38cc042b2bfd532a74d0359 |
| SHA256 | 99c240f37062799ac78848148aac60b933be7a04679dab75cbfb490a789bfc5a |
| SHA512 | 2d31422ea2046d88664fc34a43873560d6018473ca7a3367024d7670a0fa4390e33989ea564c95247559efebfad5f8c23714db5cd71ea7e8796c6c014f50fdec |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | 083cb0af76605ac46b87c1837cedbf57 |
| SHA1 | 65990b542bcf242ecbfad4be521420ca04975bd7 |
| SHA256 | 6108de8aa4c86e1e35a2ba3a2e704886ef21fbc5fd91d0f5202bd1d44c75c247 |
| SHA512 | bc08b4ec7cb141eb87eb91bc9a543af4aa23dc41d5f680f278032eeb2fbfb748fb4b52aa65dd271054b2ed4ab98d70a058768843c305be39bdec4fb43a33dacf |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | c1d56743cc7825f7437ab55be7073df6 |
| SHA1 | b9957ac614165d017b1af0276bb35bbcc0988139 |
| SHA256 | 2a34e3114ca0472ab9f4d94e3f760858db044f7fc180799b08106ce85d949527 |
| SHA512 | e772d5b58925b51539e484ea4901b704e14079c983a3f0075ebb5a2d925b0cf810e96bcb0d1198e233ae1d47b25d658ee43db1ab93ccd589bee4d4753084b88c |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | 7ab953a4696c0d8830afd3fab1677a9e |
| SHA1 | 87054a91d6208a0e56a1e8245e70e6f2cb9bca47 |
| SHA256 | 8b794029c1178701bfa00f495731336a87f360a44fe6d442ab7b4a95ba6575e6 |
| SHA512 | d4b90b1d025f84bd2607c653a1c9a0b38f7d45ec6f38caa32fb90db76ffd4632ee699e8aedd091070549934326fa65bfd4d95261ef915a702fdb5336c0aa8870 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 85dc6cd6c84af3bb015084c9207e69c2 |
| SHA1 | a94c15cbd46f4e8109c42c3a6b1bb1b0358586fe |
| SHA256 | e57505e55ee2bfc64c94625b9d40e72ddb024790ce90c33f1d68fd81c4c26531 |
| SHA512 | 2493e7d44292eb79ae44e365b91c8e26dd15891083127578f8963877f63372befd6eb9d30c9f18c0c34b24663e10ccf7b33293ab250d8dea102904ea99fdb122 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal
| MD5 | 4b53a009eea0d96e343bef41499c4c29 |
| SHA1 | deac18ea813cbb56b25cf5d236848300327a6068 |
| SHA256 | 51321c2f1ef2490bf177bf621dacd3081dc9968fd04a7e088b114a2201594500 |
| SHA512 | daf6b64a5e652be3e19cea0a37168bc45f10f920291010108ee6bc4e7411ae68de1e25668d6bd8aa9106d783daf5ec6d5dd19c47cc890f3e0d9dccfa7478df7f |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | e801cf6c4ad4a16064c73da848696e37 |
| SHA1 | 2530cbb7aafe6605e2e90726c8a2b01ca6107e13 |
| SHA256 | 0a84e92c0318bb1909f1f0597c94138a1d305281141fb0b8bd20b542da597e40 |
| SHA512 | f0413c28a648fe794609731ff59b6a467f5e24b61906ce29d5f5a3a507201b1e0a5ac31bded972d36e23b8b8bf756397df91e2c7c958820fb44257a57eaeb0d4 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-17 03:03
Reported
2024-05-17 03:06
Platform
android-x64-20240514-en
Max time kernel
147s
Max time network
145s
Command Line
Signatures
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.mycarroll.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | irnadl.com | udp |
| DE | 94.130.217.114:443 | irnadl.com | tcp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp |
Files
/data/data/com.mycarroll.app/files/PersistedInstallation6696397476506738531tmp
| MD5 | 4c1c15237667a37d7758a4492e3c1eaf |
| SHA1 | 0b4d607bf6bd7af4f00eb1e80587f9548789f104 |
| SHA256 | 763e7ff2acfc74f3d5097a49f28c8d8b0ef7836aebd2eccdb3cea8b34a405bab |
| SHA512 | c3bd1d884bd5f0fd37aa990fb9524112d49afe2329650ebde134bbc1b81bdfad9a081fa9a4589e5508bf82d6ee2c987b80720c6977ac15b8bbf27a7dc4e0ca66 |
/data/data/com.mycarroll.app/files/port.txt
| MD5 | b143bb9b14c916972f31e4ce92ce9fb3 |
| SHA1 | 9d365fb5be0934e134cede71eaf6c29e5170f656 |
| SHA256 | bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c |
| SHA512 | 89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2 |
/data/data/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | ef41a2aa053a54cb2115b965c51b8420 |
| SHA1 | 98c60d4500617013ae761f404df66bccae28d264 |
| SHA256 | ad05c34162dc553c073b534fab279fb12322c3dcb6c6c5ba4e9a49553d3c9e09 |
| SHA512 | f83ce27bfa9b14b1e6960348089eece72d91223ff3235c4bddd712a5edd27e33ccf581008bb6c9c78cef31619daf38b6a927f33455aa099c0e6e2e3605f2b3d0 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | eb52a90bb70b76e946b62f50b6f7fb85 |
| SHA1 | 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0 |
| SHA256 | 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4 |
| SHA512 | b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | f37e61d327ec4d9602214808fec0d292 |
| SHA1 | 6d6967d5d631578f7e5509bd8aa2b5181bb6b55a |
| SHA256 | fd841b97409a88230695f90ef7603025c5d03570f762338613705ee76b0f1fc0 |
| SHA512 | 30e9d02f3079bb9c7c0e72d4d1be9ca2ffe43672b3fcb597ee80235ddf3292d96eb1b07e6c7777ff60c76e7ce37200e6874b29f5b0b77d9e9a831fb9b788b1dc |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 6a8c3e0b6755aeb6db2e91501225af1b |
| SHA1 | 0a19a93210f7b16033be0a67745b4f7ba4a5a173 |
| SHA256 | a18e8593b20bc5c9d0215197eb4280b78729e5483cb9bf5b2d76af2b0b5de0cb |
| SHA512 | 2daee8242732fc32f7cac695e09190fb62e1b18cb830f37309b8b672248cf1c2d23cb869d9a79125b71d4e79e7a8d0b672d9071bc890ee6b3b048274b8ee7194 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | ef9e7ecfd0c069501183ebd0ab4ec07b |
| SHA1 | b542676dd7e64518bcbb38988a19b438695c1ca2 |
| SHA256 | 26cb33aa98e7fd713be1b42e6c0f635c7a090fc6cc0fd3cbb0dc03de11229423 |
| SHA512 | 0b58bf3107034ea33ad59aef4920377741799e9b7b378bea258462b85153b3155898ac93c17ff993218d2c52d96174882ed413de291635ca03702a5c7d58d058 |
/data/data/com.mycarroll.app/files/PersistedInstallation2983710844768116244tmp
| MD5 | 40409aaae13a8d34cc11296c834fd36a |
| SHA1 | 28c5203277f7c3a8c3b202fbb87ce1f051a64184 |
| SHA256 | 7047fc3df3b2cc6580af6358bc4b220411daddc31ca29061fc848f4ac4274158 |
| SHA512 | 0bd5c096bbdade65685d77f8b44b70d3eaa1e32104b5d91ba178541e7f1c73cd2f6b96a5368e91d3958b64f3edc69e426c160d434e25f9e8870d02ceffdf38c9 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 1f4253419bad64a97ab60f8a0dab9a92 |
| SHA1 | 9089d59ee77c88717595bb8f181c56524d64c7a4 |
| SHA256 | 8becf294119c5460802997de324fb5891f6be578dc42c3746187a3d1d567d960 |
| SHA512 | 0cf74d1c71fee87ac8b08cb9cb74b44fb83560ddcbe2640732434bd7fbad1e7c1e2aa03e72aa5573f54f6dbd1bbc7bb86d9f0c573f952b4e6506f87bcc99e40c |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 203ef01d8b4c1bd19123b5a8596f06c4 |
| SHA1 | dfbc102759f95a86bccc321b7d0fa51c3a094b34 |
| SHA256 | 69f519c20004e5e3b412b6aba599e73e3b9574543377d17f5c412153ece4a42a |
| SHA512 | 0a61e0aa4cb661e0fa3512888fdb134051dba570ab07ed147a3ef21afa7839fe7fbc89222b23a38de2c2c9603c1c9a230aa4930a01ff6d73fc6d999e305dc5f3 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 154d1e2a6ed0236037621fdd5e866a04 |
| SHA1 | 3e11666f37551e028f414bde87a87cb85118ce8c |
| SHA256 | e2d808500e1ce0d2d6a0d8cdee972a315d41cf5deedd1c131dc1f6c3e8cc5846 |
| SHA512 | 96e6894772debd7b6432c06e536c060fcf77727cdf9a14b74a40204fdef42a59c71c7c056775cbcd0a0ab56ca4141fea98a72ce535f83adb335e9bd662db5a90 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 93ca1951b6d92ef8553b439fd4fd7924 |
| SHA1 | 60d20bc38c4d38e0a71f469fb1a5b272191ce995 |
| SHA256 | 28be8a6006aeb97e19a3cbaa37db551aeafa0c5d8be8eb12af68f6ef5f6d383c |
| SHA512 | f2457f81a9d72649c5364c8608d41230e0a50435a2ece535a54af837b0eb122860f808f51b83617593ea3c0bbff6f33b493e440bdcf5c517907ef03c5495930a |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 01b69aa91393672019427e4df34e7a32 |
| SHA1 | b05499e4bb71394dd16ed9c2e1fbd59aefa850e8 |
| SHA256 | 273201efd6ef728479e235847d3cabdf740d69f2009779e4165048b94d690574 |
| SHA512 | 2b407f90f3d7e2cb7dee46616ac7a717e15fdfb507354fccdb12726aba26d01626d57b296ee479eb06bb042b3ea80c45097140ea816655f77a8233e01d7e6bb9 |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 9fb93cc5995a8e50c76783994bcaef46 |
| SHA1 | c767ea64506975a995fa3ca73c3c316b80413bb9 |
| SHA256 | a868c4f977a9abd1489a65eb6878cdd9a026e70f2dfa2fb0124e7ee24d4b1b1d |
| SHA512 | fb18867701b24b60a6db8055879b00e3afac6a945b566daf3668803f0d5fb770a3296623dcf1831e2e5f8df1f7b085329a87b5a4f2c13f66f9a4b3234333521c |
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 3ce5bd7864f78d68ae0043f499258c1b |
| SHA1 | 66657337f643c8f3339a5216b3a1860d28bfbd2e |
| SHA256 | 1c74d6c83d3a3555869a6586c14efd5af881e2ea09c9a78aee96a4ff97b97b73 |
| SHA512 | c68cc43838fc3f4d029946e91a1b8602a8fac291531d0ea67a3b5d951a0e083d671660a427b3bbf1f4c1fd43893343be9edb0b38d799a5c56e49ed547ee69d9f |
/data/data/com.mycarroll.app/files/MessageId
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
/data/data/com.mycarroll.app/files/user_code
| MD5 | a025431491496ccc81e48f18ec917059 |
| SHA1 | e2424e587298dd979810c0583a3bc91085c8d146 |
| SHA256 | 0cd649d08e033623f1caca7a96f9d38b95a2ad4dec3f64abaf69714c9e045580 |
| SHA512 | 12b6908a2bc7f969957d52e95b203429d3e084b491c65bf4f41515d5039f2eb429f1f14f1e35f8aeea33c8f931d20e1058f52b331481af36c5fb32a775bd608e |
/data/data/com.mycarroll.app/cache/1
| MD5 | a37fdc64d7874fb2eaf8be7575d04159 |
| SHA1 | 0caea3dc8e6c2b001809c1cddfd901098415fa07 |
| SHA256 | 81554eed2a00801aba3c4f9c13ab332205f488f93959c01bfb96fe4b17624864 |
| SHA512 | 270fad7324d0930c8ade89273ce4429aee4ae3d93ed5ac7c894ef30c8f3b4c98edca4e88abad1603ac11712177e9acea7906962a693caf33c58e68c19cb0fa33 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-17 03:03
Reported
2024-05-17 03:06
Platform
android-x64-arm64-20240514-en
Max time kernel
4s
Max time network
132s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.mycarroll.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.213.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | google.com | udp |
| US | 1.1.1.1:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | irnadl.com | udp |
| DE | 94.130.217.114:443 | irnadl.com | tcp |
| DE | 94.130.217.114:443 | irnadl.com | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp |
Files
/data/user/0/com.mycarroll.app/files/PersistedInstallation3434459993514535661tmp
| MD5 | 9b7630dd888285175dec7e211f2508d3 |
| SHA1 | 1565d2d6a9bd2956ed8232bcb475fde6f3d15c3a |
| SHA256 | bfba7911961be630ab11d9b94d864892cb726557c2723edb720226d8c0167282 |
| SHA512 | 35718950882c51d59f5140fa988f5a7a7d3f5bbfa5194772e5401ff8c2cd3d30049ad4c15b50315f71617afebd340920326586669c8ec5748d00c1364828a341 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 2f5cc34c40d2bf6709fc9fd257f352f0 |
| SHA1 | c5512202f646c0f9b0856ac85144d3aa8eacf143 |
| SHA256 | 8ceaa7d4fe5dc78669e4e6392b999c4b970c783b2c309d8408acea385107cfa3 |
| SHA512 | a92837150afd30415e5079123e4e15a69a34a6e7b694b959384ea7d89f69570e0205c8f17ce554681c971f19669f73d606195409a0af15e73dcbe4bdfb44b3be |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | d9cf75fdd1c2292d986f6c3d5d60f2c8 |
| SHA1 | 07ecb1d3a26d952ae5fecf54f36699ab498510b1 |
| SHA256 | 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a |
| SHA512 | 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 1c2421735cccca2d72410701119fb65a |
| SHA1 | 6b517c0c3169edeff671513c9e72ab0a7e5357bd |
| SHA256 | e074b68b8cd7e830489de0d27e4e4cf2af4d4c899d749960fbfe1d575d16d705 |
| SHA512 | aa77ea543ae0d0230c7812e9da145cbebeb9163b6fbffe023c22a7c768a647019c9fa6b74826cb76f29c4ebbae2bfbfed92237ad9d035f615cbc8087ae87c6f2 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 87c994edd53acc4967d6fae2724793ca |
| SHA1 | b9b022a78f9a9a237057c05e67a9f5b819dd2a0b |
| SHA256 | ec5cef38a634b84a129c826169ed8d5f6d1f57fd43af12ed2bbc796055681b24 |
| SHA512 | 80c17b304f7694306550254934d881ae0b6b6b8dc6d9f5f7cb861729db369ac2d6b2a8055833f163435e97a074c2cc5750cd556b78947382b8e3cffae76c1764 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | b93f33c2f10c96d08e24b11c54235c83 |
| SHA1 | 3a7aac5e18af22d9015416c11a353019aec1e36f |
| SHA256 | d9de2c42fd9a31a99d8b407ab27c087f3af2dc4bf421535672a799ff88809de2 |
| SHA512 | 133130af0d6d2c036d08c8672a80c6bfbb146a93fd6cf85e4f5208cfb1dda2150e804dc66dfe6b44a209c206935e0992a8ab60bef6abbddd12f9287ac781ca67 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | a28dc4594c1a02ce07340ca40fa8dd02 |
| SHA1 | 3366260babb2799a4a42190dde05b0a2c288ac1f |
| SHA256 | 66bfeb64f4d1f4bfd13a47410053decf995ea3c2bcc6ac9c59ee614a5d53fd9a |
| SHA512 | 428c2c6abb46e2d73c0463f8c758f37c958b9d35a5689e4fb887f343d4928a0e9688d17cf03ad6e62d077bb7d9d55af9dee92ffc8463f59e7e124a249fbb88c4 |
/data/user/0/com.mycarroll.app/files/PersistedInstallation2637637356825286130tmp
| MD5 | eb35fd6c021e2de72254b72ddc7b067e |
| SHA1 | f26a9e26c513e08b87a19fb2d847846659bfaf65 |
| SHA256 | 2e4953de337fe9c93eac3e12bc8d3509e701d1c66f114ff2ef61148fba8cb95e |
| SHA512 | 8eee824df412e0e44ba947f3c49e8543b2d3348657a1180f4f8557ef3477edd869b8d3830ad680d9ccd274e7841b3d75ab88f2f2e18b0ec7191b90621038f770 |
/data/user/0/com.mycarroll.app/files/port.txt
| MD5 | b143bb9b14c916972f31e4ce92ce9fb3 |
| SHA1 | 9d365fb5be0934e134cede71eaf6c29e5170f656 |
| SHA256 | bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c |
| SHA512 | 89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2 |
/data/user/0/com.mycarroll.app/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal
| MD5 | 915332306915fa187ec9d5b5c3ea5765 |
| SHA1 | 57421245c9c7ec665949b280beec5f876a653984 |
| SHA256 | 6005146a63784623a9d218879eadf694563a3abeac45cd593084e83bdc9fbece |
| SHA512 | 1ae040014e8e072150fb27c4631cd124e8fda3ad46227b2bac4e982a2334ce7ea480a071a11b2d03edd123b153a69cbaaada2a9474c737bd336694392df126b5 |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | 4dc4e468abfd91bf65d133699d23ef7d |
| SHA1 | 9fc2f7cfeda38aed2e5a243a0463c79c2cbc6061 |
| SHA256 | c9400f4d8dcbc844d80adaf34a021f8007516b37b9b5246c45ddfcd41a615e5a |
| SHA512 | 0e10c47d547e19e7c8cff4eba2f77dfa7a902fac6efb7160a61b2d8b23580936d80ddac5dedef4b46cddba7342b3bf13d15c284b4c595a88485bcac113afd62b |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | bc854b50b715bcd746402fde3c0d2791 |
| SHA1 | 844ec8a79904ffede05104047a1f51802d589a37 |
| SHA256 | 1144f863b5cb29d95c2f71ba81b4d89a4853294d52be9b8f31eceea086512d1e |
| SHA512 | 2388a790d1adc3c2d86a768d5fd4d632c44c5f27b64798a18d755f8ee93bd37fc6275cd9a5c8ae7e1e11ed520870f112fb84a60cd093434605dbe64604c3827c |
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db
| MD5 | f21614f1808e2732735f59efe7c1778c |
| SHA1 | 6f32799449593a3003dd896bac758ebd6042a31e |
| SHA256 | 9330cfab0a1279a3b298acf04a8ba5ccd2b11bb8b82a4f8018a36cbbeb769cc9 |
| SHA512 | a60542a850182da18e58e352b6acb102517a70a69e7317923f9826570a6de473b88378907f0520bd7ccba880d20cf0e2cd6667ffa85e2d0ec14a3bcde2678bed |