Malware Analysis Report

2025-08-10 23:57

Sample ID 240518-hnbn9sge99
Target 53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118
SHA256 fb7aa2aa45ebc2128392a0ec6b060b0c0b0cafe146cedc364e6e0ffa95280db3
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

fb7aa2aa45ebc2128392a0ec6b060b0c0b0cafe146cedc364e6e0ffa95280db3

Threat Level: Likely malicious

The file 53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Reads information about phone network operator.

Requests dangerous framework permissions

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-18 06:52

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-18 06:52

Reported

2024-05-18 06:55

Platform

android-x64-arm64-20240514-en

Max time kernel

178s

Max time network

132s

Command Line

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp

Files

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 de7ce06d90017ac331d943943a9e75f2
SHA1 7d6f6a630059c132e83b4c30c985f86989f888e2
SHA256 726419e3eaff9ec111b13d1e6fe78412109ddf01217da2614d744dacf5f788d3
SHA512 6c5e707323e061181fd11ad524cc743b24393a8de579b019a352d42853252f736e4c132e49af272f2e33de25aca16141b8504e54fc871f17eca8d880a4e88e47

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 ff90fa2e87630d4dcfc05d076c764fb5
SHA1 d57dd67049f4877039618a7918d993a489f4dec3
SHA256 5d8add7cd65c138a1596b936345715068abab4bb499ed4101864f36d91cf3b9a
SHA512 05d859d0eaebe30ba0f0588f247b372146b83cd681067969213cb4a33245a723d74b8c4d63e4b4cc443a213aaa0608d71ba0e0b8c036e05cd2f6dd71f46c44b9

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 5f6e150c8d0a80b53673f61d0dccc759
SHA1 683bd6ac4b66ce0d8f8ad4d7162e0cf2f681d6dc
SHA256 b63030373c93f49c018b3baca554428b42cd5f8429a2b89355e14c7c8c6ac5ca
SHA512 eae7e28d5d80f5b42603150d1a28f40900f6a504d65b6c79e8e1af708401a7dab4664995c84a9c3fe6cf1c0f7d6c3179882f43e0bb636bfbc428576f6c071169

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 053880a8528e8900d142d08a31cc19be
SHA1 c6a21ad85eac3d41306b6a5f9059fb8609d02bf3
SHA256 6d70ff1723bcfe6624e98f38f1eb575824733dab50c205adceb79305e5a9d7a1
SHA512 622df63196448b4ccadf88eed708099ee67d7d3a86f53678c33c1743c1421100b507866fbabd8a97235fce88f605012d14c163b4a08a7c3b1e3add86b92c442e

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 768050edbca1a86f95e3bcc9ff1719c4
SHA1 12aa545c67a781600b1da6e03cb875f1173a067c
SHA256 8e24d6766899408c5e3cc9bf9ed83c3140438ba2e1120e4c6e104937ae69fd4b
SHA512 47ab86d8c4d2c2cbc79262863c6e5bcdc433f95bba259d30ee4a3ad2e238e2b5c41bb08dc9076b6032ff53415faa3b71efd12a87615ccf9a9d2d1365c326c966

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 e5639b469346d3d19c79ae3bdc2f4a9a
SHA1 b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256 cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512 273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 e06241deb0595ebe2e39863bda48f0c7
SHA1 5162597f355514e4fb7733c42c990db393552fbf
SHA256 12a11c8791e36d7a0355b0d9f0f959e6cceb20aac9287f686cbcbcf62160ba05
SHA512 e8502752c599876515a3dfa1bab3b23f833d6965a9aa20ed620e93cf53f5f936bc684754b2af594d358edfa2971858969de986fc958455716183c8f735ce15b9

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 5fcf42232b95a9cee71978c6cd36ecc4
SHA1 dac92fbbbef0cb069cee96b1b148b890cb0da024
SHA256 31658800ab11d03469287fd2f6978d67db170015b3afbf59f27bf856b2577d4d
SHA512 7ea0d9a0140619e4b57d6944ce9b163673348f1ab84ce1ceab8a5da23774a1261bf043e24dd808cc7aada9a1fa611c8acedb7a3bc149daf417d077f8ae279dbe

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/files/ZPkFS.log

MD5 d01115ab3b3ab6cd76adfbc07994cd9a
SHA1 2e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256 477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512 bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db

MD5 28f2a9104b76e13c2346bce579edae6f
SHA1 d85a4268019f079ab4871321d0527dfceb19595a
SHA256 78f82c1eded7322580670fcfb5d2bfa5665390db955cc77b8f6780ffc106e975
SHA512 b80fc1f8bb7d59baf8af75c47b84653e73e0e51945f3065d3c4ad3178000771b83b3a51571c80d5f6ae8818412079325a51fde9e383ccb0084a3f3388e5067f4

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db-journal

MD5 07b5530a4cfea6d360f41126d51b9918
SHA1 8d708c06a8479589e06cb1a177806f51d2fe8968
SHA256 5eece641439e6ee86913d6203415ca91b508b38c919a46169c7f111149ff7a7a
SHA512 47737afd459a7c329e18385c6124531b66fefaf93e1e467918840f5b7ed89a654453d55f386cb9153db0c7f3a3551f9ce7b09c1c7ca3689490b2c8d013faf1c6

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 9f4a8b3a13f38ac517d50e19603cf3e3
SHA1 43bdaff3950cc0b15721866314b8cdae23fb058f
SHA256 faf37eeb87ccb9e03704c27836b5ddb1021aa66a484acb9e2c5d67cce9651596
SHA512 70d36ae163fbfdfa6176136fb01190e67ce0291d97d996d4fbb46aaab10b3f3ae2f502f99f95731faa256df07b9b41cffa04889a4ee78d3c2b96741cb0f8cb72

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

MD5 545b520b88985b8bb64bcca59ec15fd4
SHA1 860a3f4c0976e5854e710eabd3e5341f778de66a
SHA256 f4ea3bbf7e3dece685eb6803c9cb3f693fe6093f32ce891c3d04da5905a23f03
SHA512 e2b09f594b3d39e84e797dcbead38c2b6c393dcce0d6f2096ef0a68452d35e625e17529f6c2901d50278879af4b3c0d39f5cdbd24620e09524cf5d3cdaced7c1

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 2b871328183129407c2e10357b5852c1
SHA1 15845f3e426d6edc3ee835cf867d461cbc3e439a
SHA256 41aa595ecb8462954bd4ef53d99eb3726d3739e501e29b28fdc11e18f5e9c0a9
SHA512 1d833609de66a63e57ea2995163c0abfd102a39feeeac9985874ffcc3831104b2bfb9dccb1bec476c9b8560b78e6154476ff4bdfa2a88d455d5bddc6b25a7eeb

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 f6a5d7237aec5651611b74d3df1616c3
SHA1 3c0a9d870bbb8902c029a79f4cb93e9d98c6f386
SHA256 1e641a8afb0517ea2c26bca53106fb2f1a01703475a9ae5703b892f0a8792140
SHA512 d429bdf0a24b6d522dbe8f24fcee4b3de81faf27ac40b1c8874d98b9203687ecd623b51382fffd4d41024a507ffdfaec96cd2e55789280d270d8786a26475e82

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 ccd3c94b7fa1fcb968524499112a2886
SHA1 d3c84950e7a778150568b446c2ade6da93eae191
SHA256 d4c6cc311f8655fbab57a4653405cc03362c371672b623fcf97f3877ff920fcb
SHA512 15d53a144ee8a2ed4876a53e7234e73f001c8bf09de03a1108de78fc7c37832e0ca42276a6926ed0013457e9db1086459f819824cda3cabe6f79718fde6f6151

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 bfd3f2a6fb8ad031eae68c7806bf01bf
SHA1 26b62e3f264ca2d1d2429b39552ad30a7cc5b0a7
SHA256 88586b811fd4a304c331f83a558ef14f67eac8e0353a63f8971d56f465395b2d
SHA512 a37928293026628a02a4b5c3bbaa4d1bec7b2d3c2e1a2aab7a0dbe9b4cfcb696fcec2fc5632128d868df1933a672500af6972e3aadaffb5cd523038fb23cbe85

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 5361cf313f7d9603d2c4eeb01bb8b1c1
SHA1 b990c966b4d5e76883b9bda5cecef36d266e87dd
SHA256 4ae631b4708fef87c19881cb363f8ebff9d375bb5a6c00a055c12feb25e144fa
SHA512 aa26bfc89992d195dad715bd1744cc7496c067c09da13e9d73870f920b4aaeaa62c3e6801220e5841f9a5dbb0fcb358aa7ed1d5eb106eaff3342e6cc89699287

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/credentials.dat

MD5 cdd17b3fbe5828397d6e6e2af01fa870
SHA1 e60bc53cdf015d416df23b81c82652f7153b7dd2
SHA256 4b322f8f169f08b96ba13c379c5593171b6d7faa0d62e21c8017be5465549ebc
SHA512 0cd3b719ef35b5041ebec67b07f25c5b6ef3a6b2c3cd284b4553f2707e1ff8aec1f177cd21a954a4810ad4a39121f5dfd1014c9a10feccee400498c1b700cc8f

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 1f9ec41dc40f7318bd99bc785331782e
SHA1 0ae68af0c915def98db1f04955eaa4d6b5f58b47
SHA256 cafcf6530ee2ec28bab65aab7ef0dd3a86dfa3d8963502deadb017c9759f2031
SHA512 8ebd014be38a71906c287ed3f51a3d7e70e6381e7a214c40e6e3725f0dfb321584100605e0d51282568fd0631854a45f765aa0ab3f7cb7c91a88eeacd17deae0

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 a6c6cf43689e7a6f4fc02ea75b8abc45
SHA1 d08e2a5c561359993ccb06c433aa2e239a99d64b
SHA256 89f05a6f88a7db775d7b74e712152741a6e4f61764a08093520107dba210cd13
SHA512 c56774e5b8fc129bb6ac400b702641297f1514d2d624942fc4e5e5a348af28a4209fdcbd24615103d9ec32223d206027690b30b483f0590a76c1c52c97a25183

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 c170f196da644505a0a76164f61341fa
SHA1 b2ce8fc04f68c5f4e7758541efae53c3335c45b0
SHA256 9fe839b7fa7779954e2dbba2c332023aabf958e966b44c149ec417136965d7e9
SHA512 a414e2f63591e444efa1fa5460ec0a13508cd64e66acff38caaf3d11f73403e705a9b3c2bee88f9e2b57f493f296ae2ec2282f1ff6471d1fa3ab24c194933d00

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 c6a16c37ffdc7e4ab9bb99de18457324
SHA1 e3a8593452e1edd1a259e4f626032138afe59a49
SHA256 6b31042439a99d7782f72ebf8821dc2a330435b962b1a7839ca8dbce4cc75049
SHA512 3b9cd8b10f15f5155be5fc0cbbddcb34dfb9782e69c362a81376e6b565b835a47ed7c0a6636feb3e6f12fbbddf9124dedfe7f4d39ffae2097a7a5c002e42cb71

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 b983a7a38d09bf20f6c27a5338edf580
SHA1 383282f05832f797a2e40fa46df08d5849207eb7
SHA256 8830edd3c6c57df8c6723e3a86aed867ec0066212c6bb8f7dc9f54e84a338b70
SHA512 8951b1e72128c0aa453d6e304d6a6d9fb6070831f001656cc7aa7a219aa6eb58ca2e01542d14a2e628661646c9b0fc73dc5d97908f90b5e54d093daf76ae1e99

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 b7bb41665e9f0ca527232c96b221d71e
SHA1 634db5502433b471402b7509545dad23063aaf6d
SHA256 dcda0194756d3653774fd5d617fdc6823414ae1210bac456e4abd1d06373ade5
SHA512 0b2eb828016dc8e5f12b39cf6e5fba9a32f6adc1c6e62d9b06444d2e1d1ad43ea7ef7be77b0a0b1d31a62ea0677b5027ec03aaeb68769cbaee676e5f14da38d7

/data/user/0/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 006e3352665de20ff9583e332bcfad69
SHA1 3060bfb11880c2b9e59921b4d7a8121f259914af
SHA256 acfd2c6b487af4255e482855ca11a7ec4e5d74839d1e1027be9dbc47db490f91
SHA512 b77457a6b293d547fe251fb8c264d5a77463538ae669a5ab9e1dfeb5b14bc95c59834651decc0f127ea90968ec83d89cb482ff83905cae7609350be0bda35d69

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-18 06:52

Reported

2024-05-18 06:55

Platform

android-x86-arm-20240514-en

Max time kernel

178s

Max time network

131s

Command Line

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
GB 216.58.212.227:443 tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 6607ad2b8ec6d3fe2a4a8ff64b1968ac
SHA1 7534fe0691fe1584dfa3c227778776e6b182d609
SHA256 5c0163949ce640dbf0523a50452474d926c908eb5a5036c158b6515edb383b6e
SHA512 4fdaee1ea82af2a93b193a0ab083571a63809d9f1cef70826265013d9c152bb18ce9358f0958dfee38781d37870cacd2e90d84206ba129ae0062e4f5acc2ac85

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 c01519cfa9aee7201f2aa8b1b853ee86
SHA1 66eb18e3012d7ca9c25a3789d846b22ec23f6e19
SHA256 67ef09564f5d5043c43fcf04a2ce0b11b708a3b234a74073f2f8e7ff60577f1e
SHA512 07eebabc156503986a2fa5c2da39d006b76f7fe482799aa9be3103ccdab147c374a5a659f7a6305a9b18c0df4594e45d7987c52a968f88946937ed91661fbb59

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-wal

MD5 5c5a940836e524bd4c177f3e28a5a22e
SHA1 ac95beb4590e7cf874562879939dcda5b1ba5180
SHA256 dcab9ddf08e64dc446912960f0d68903e4cc28f4c6615b9318748e20d84681ee
SHA512 ba3ed5a2a0a9d093205f7237b8348289bc813f94597e5707d984f46d110e8d071d238c45fee60b0ef1d4f728763871ed7bd1a12534876ea7fa55031f3b330842

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-wal

MD5 311b4a6fe1914ca4b7c129212e33da3c
SHA1 9ff452cbe12c86c24847ec9f987d611ba6ba15ec
SHA256 f409cf152839fbeeabb2a8e56239f0047dee2ec6afcee1c473f4c0fc417211db
SHA512 48bc1c7f8fb282a1e8254fe4fc16cd876d86018f3f52b01fb86d1bb6529584989986bf7f578df03253b743bb3b5ba066852e6586c4eecd34b1f764b8206a665d

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-wal

MD5 9e0cf355c51594998582d97595b3476d
SHA1 db89b21cf7d519b4ea9102d88b68e6afa40fab7c
SHA256 979fdf7ad1eaac7a874fecb6e6f1fb0df196b36e0b4633e0c7b01bc84b424ff0
SHA512 fc604bdc1fad8ba29faa85234f6978b1da3415bf206f3eab98602a92e050d52cf57f9ce395e60b08beb0e10a40c4c96f9fbf895f34eb936be8a2cbd813dfba1a

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 768ce98454f6c41abdf5cb6f1321a606
SHA1 95d7568369c1c436e3d9e455b50124d520d41dfc
SHA256 87173641db4eeb19773d75a3111c8912dcd0b1834e41c06383195b6f4f0617c2
SHA512 07e06ce861767db23940ca926f1ba6eb720408a613cb1504015fce65d52ff77968720a800f6cb23ce5e23be755313fd5dd9a597d37c976e9d3fe37fb3c2d36b8

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db

MD5 a03098487e2ce7a4e7c6f76ec763281e
SHA1 e927b90e6dfff4b3faf69ecf23fc5e5cd133b0e3
SHA256 0ef4eb2f4541ac5ba912650d61222fc71b0cd8432d729198b43e3076e1bd9622
SHA512 5776eaa3a9e4ee413a03341fa5215d6a9f76cf71929dd008dfbffd97efd89e8079ab8a07b7307103f45005debcaaa560778ffe481dd790876fdfcd2fc617b4a9

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 17f46efa3218514421361e63d416c56a
SHA1 f6bd64de41b729fd2cf844d6166e6d84d44cb979
SHA256 90f06ba0dfa31b32d76253eda9628ab1e4faa026c1539f9126dae016b5dee5b2
SHA512 e1acda201621cba94479017ab1d086f430b7d97eeebba4c0b1b964da08f2c54ffeafa0cb342be22dc9742382d327342ff811b8434344f3fd7dedc3d302ac601d

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 4c68d3376a22da84ddf3ce32f5e542d5
SHA1 1c571f4f1e3105ae021ac4fc96d6edd87c665ee7
SHA256 eed5573106266d26b03e9de9baf371681dd6681bea3be10d308783990957f5e6
SHA512 fc628c4698ef6252daa6bb4990f582f3b416f2a4cceeb3134d7b0d5fe3c39385dc08a1766eb98f08af9c830d982827da275e28ac1dfb987ad8741cb239207687

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

MD5 db706fa2b71207da4facbdf189df49e4
SHA1 6682e22eb34a510cf224c889e5c1f0e3d0d07e0c
SHA256 d9e651cdcdc340be4518a539287c3d154950175637d7d759d5d38418342d0042
SHA512 84feb5b4e2fdff6c6deb4664634e99539e25bf1ad2b0f93df13575595bbcb79219c591d2a62152bb3a27ca35a4b5dc5a8455a567dd99353f4a58878a8067da1b

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-shm

MD5 13d46f876552f471346946b725691933
SHA1 9a25797a072f1f215dd49b0355a3f619311f84f3
SHA256 13577c038c8b9534efd6d0e9230226bb16e34477afeeeaa7657970265bbfa409
SHA512 3ea5cee2b979ab0b46306a4853e6d6a31263bc121d3ec4eabecb59f3a97153437a7977c95064d9b6cdcda7b12f3aaa09982eea9da5489136b038bdcc76388f93

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-wal

MD5 6be1f1a9dfcae34058962648f1e0c95e
SHA1 6650297b5c429b5962bd73a85fd6207b38f0011e
SHA256 f809bd73abc4308ff180fdfd9385105fdde0d7e22c7e9730468f06eb857fea18
SHA512 79037da4217c9917e12f0a237e892570599d164df8fc2300881210c4571df60b6a9befbd5cb1a018b13792c13369903caf3a4c64bfd6515cdf5b92e1895da550

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 4a1f2465b2521730303146f12311a96a
SHA1 0f47cc0b3c2cc845b880b1082c3eb3c21e760d6e
SHA256 7685cbe6cc20fb1cf4a71e6a57940f86b0471ed5d4cd5a8b341a2346faf774bf
SHA512 d966f94480d260b3fd565dd555e24168daa082e90ab7e388734fbaf32aa26e7f8733492857aa898f236f49ab960a3e928ee20c83adc2dbd2aeeb7b8faee476a0

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 a6d24fc4c98a3b483cfd9f7a9a9d5f41
SHA1 a5f183b0f7bad231f63b47882abb2d1085e790bf
SHA256 978bdb45074f4f6d074606a3cd191e38110d4751d58cdeb59c5a1e65d0e05286
SHA512 39441fba12fd0ae59cee3620800bf2318ed9979d40c92f5ce576d7daf97b6db4c07e2be8459b2a8bf01a4ef879e06dae1aeeba466f0e61ef88be0b50555b7cac

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 8801e47d9c3ef4cf19667360cb44893f
SHA1 78a15e454761d11987e0604e5c081b845785a67a
SHA256 3b6fcfdbf661ec82fdbfe44119e4d766d42062e261d1389155291a777c4b0a3b
SHA512 f4cd8dec4710f0eb095e67e95fe79b38dea91335b6eb430751100b814ae51a04ac9df8372ed91f89cfc310e7f2556e225a1d3399daf10360dfbb3cf3d50f7576

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/credentials.dat

MD5 9889d5b34909b0d27a42d017528771c7
SHA1 357f435c6d272a0d3904dfba2f053993841fef3d
SHA256 cd2be183670f40ea76a9b0612ccdb478fbd58a62f1a96851e6c320d5e465e872
SHA512 ba0cf1ca85a9279f4baabd1b3d4480f5ac3f4549f9ab1bf379e22460be9208e6b74fe3754079f3e0816f33e2fca563fe3df1162b025cdd4fa690a17b7c3c03c7

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-18 06:52

Reported

2024-05-18 06:55

Platform

android-x64-20240514-en

Max time kernel

179s

Max time network

149s

Command Line

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 172.217.169.14:443 tcp
GB 172.217.16.226:443 tcp

Files

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 60209c4258728d23c871280764c42655
SHA1 661b126c277e75371293a355e41e6986a002ca8b
SHA256 b296c1353940a28a72b546c8c74fdf1c7e7230c1fffa042672108039bcd18cb1
SHA512 525a5bb7b1734b95c01d218b9eaaa656b181e26eee601508db8eba91ae19fc721e9687a5350238aeb1c16a1e955f014807f745a25e2c0e0951f8b0a944b2cb8f

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 a397e03f19ff76ae9e76eaed83c31382
SHA1 e13d27ecef301914a3077d488028bb98cb5485a6
SHA256 373f680e8681651a424e724d76d563664d2ac85aab4dfecda445a85af6176699
SHA512 3d2dfb3d1715d14362e1165eac232ae957a386f73eda7ce34113b24b25e815f5166ab3b09ec6a50f58c9667e5349e6d32edb77b5e2fb326c128f5cd54b38234a

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 0a4f809b8a66db16ff2d12d15e576821
SHA1 c32e7240f7416c7a5c9401acdeb4793ffe83c5eb
SHA256 b0540ff9ec266c7039d9819daf8993d3a8a56775cd3dc6e0ba7d75304b3e5856
SHA512 08b45ab405f8726e617cdd7446a272915772778b2afa7c8c10be43706012f8008613966e6192637201a5de8b5666121c74524652a867dd151c2416ca903cd0eb

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 caadfdafe99df90155b7ddf4b3116fa0
SHA1 d11e70494db87034c5c7b93c31771406a274ede2
SHA256 86494a8081335f3a3f5a0a800b63bc91deccbe7999f1f1c7c43754ac2d82b91e
SHA512 b5c3c48f5db637fecbf416c1f3f4fcaf737588c6151463e6ab56c0bd6041418f8315946c3b701fe5d72a5a7aff2736a1b55d66f4db201016107dc8a60b363882

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal

MD5 20c15cdaf64dfd2dce75227cea214bb1
SHA1 1b2f24715d79ea32cb43fcd6ffd6a9e5ce08bc4c
SHA256 c48062ab648798956b219162e1acffc6c6c8f24336a1663a6bdfb6a9933ba41e
SHA512 54566000bc29df9ea070ee23d9aa0f3b902c4e818d370b7d80b8f9ae00dab731a593e57a315065f269b6811eb95df2717add6fe6d041c9d32e67136a77d50dd2

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 3d0fbaa526255c4f6ca5150a78a1e431
SHA1 151812571f00e034e070bc410c1811a06f1054c4
SHA256 b28fed914e22977d19ccce0b14d60c943b30b5dabd79fc615ddf25228f4f527d
SHA512 9e8c0f29cef1e4ea0562aeba83f60066e49ad0c7890d958bc7475cb03e5853a5ba442b76b1314f7cd8ad3e1c17a9fd1e1610dff02f9a8c3ebddf3958da9429c3

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/files/ZPkFS.log

MD5 284a1568b412e621c1568c59164db44a
SHA1 2297c491f98728ba832ab2b14c43b93da3fafc50
SHA256 ebda6badef0b2ca84773bb4fbc32cf3c40ec5073e845b06fe0e69501ef6a41dd
SHA512 329c5aecb76c79c526925e01f1b221b23f29ca0fc41269168d3d6c27026312b256683bd3e717c9271a8f08972d3145fc14ed3e1ec0e5b6e4132bdb366164f03a

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db

MD5 875ce6412ae2f8a2903e74fce263385a
SHA1 031163128d086c288c174f45d304f30535befd4a
SHA256 05dbf43d5dc8bed14da1cc582a015e9460f809e67ac25976224caa9bc8ea3d9c
SHA512 a4fd7b9fbb570122ded233e732a4b34d9bea1764ae0d267880c4c4c8feddcdeb45894440528a1a93995484c022ce8cb1404c90b8a9661419e744982f9887611b

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db

MD5 dcd5d5762cd9b1a4c03e3f00b87eec5a
SHA1 5720824b12740b93aa2ea7d209e41e68a102cfaa
SHA256 fa7825cf750de26d8bb5f5a91bd529e80ade14d01781c4d48527b7d54d15ba55
SHA512 6bbae8144662490fe3c22c301e8d22f9f538503fb3a85a7299f9cf154825ae419311b49f3f0338d3c360da58fcaf09d876c283d466c8fa3f788db093812d3ef1

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db-journal

MD5 516707266b7cdca78a5f11ad8f8d26b2
SHA1 5531b8941526dd2e5d9b4f3d7ccdbc2988ee7878
SHA256 5649c832122334ceea18fcae95bfdedab4d920adfae705324b48757288bf16ce
SHA512 1439419e32a27fa62fde9a5ee69c5905aec8a6757c4b8f48790dd5856801d664cffee69514a9110e81c59a715d8f654b03de6585c2e14a368be5d490e4538b16

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db-journal

MD5 c214789fce3d6bbfa37196e9387075f4
SHA1 5354b94350efc9effe909d09924e8e8a7a55fcb3
SHA256 45cd804c3b3e36b93638bf17a1c6e1288522814e999d5f51dbdb8b5f7b516c08
SHA512 4dec1efa8c5de754812192e3e76e3ab269d7b79fcd538329456feadaa26833a456030e0196212df05ea702a7435a482bf48c6122ef398971f7a322c97baf0b87

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 34f8ac6e90b6d7f5504fb492d71ca5d5
SHA1 f4cb7670b2e64a14cceea5145e668714d567d4d8
SHA256 e94d03fcbabf4fcc80d859760fc55e087ef9ae53e4c67b7fde722fb15537a2b6
SHA512 d73cf8e12151e13f8ee629100eae8f66eb9c3347e1c4fa6371467ba1cdf9ec46533b2fc416c858efe00c46d2487e7661b174ae46c7a7d454b65b867549773d12

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e

MD5 0de897310970d40fc79a465b85e2b341
SHA1 47e524d6885c96158da4771104e3136ce50129ac
SHA256 bd6aeb3888d0ea637ba6b8a53434bcf0d81f0c39f24fc88b9fdd632055df099d
SHA512 00558f99ed3e67beea648306d90295c9e706a7252055454ce00e7c2cafc3b0f56579b335d293a52a9e7b9c7641c1b9301b5a5c8c971c6cd974eea27060994f47

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 7f1dba0bcb3aceecd2ff00b4957c66c0
SHA1 4c1105099d4cd038f801f6482814c6e67dd0062e
SHA256 9a1a09e85458b155d3076cd5ad51f97a6750ec376e74c176e218119f5cfb23bf
SHA512 e7c5f4498c2798b988bbc1a27babc9e80c4d8879cff4892be62e2a4b60bde3b2daefbb23bdb3796273fa548709c0d21f8a179e9806583775ce46b43b635a4f9d

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 9ecd9b14266004a11e70fbe4ee631156
SHA1 eb58bdfd7e070a528b81bb0d44e2729b922c4dd4
SHA256 6471666e78fcfc46cb703d305e6ca24c25c2bb690224411c2ad083a96e9697b6
SHA512 fb038bb7fc609a23479aa82d980bb23232ba0e50b6d2e386f3b54be161c22af6c4f4125126f2476d4509775c7047df54bedf25c0c6a7094d63baf60f1b6358d3

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 82363c860ca6ded817028dbdb7a81644
SHA1 00163dfa0dad3cc6edccfc70f2adfa202d430a59
SHA256 2af7e61a5f1971c96282249d846831d9861f1c565a2f08d15c2f57426cb11b6b
SHA512 6fcf0654bb36207ad0857cca2d6581e91d3a798707d276f94562c2e21d2d0c30659407212ae63283fad06992461c0f15c286c53ecf9a00d24ce056090ba36839

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 7b39b6e76b48e2399baa81638d14d6cf
SHA1 51b443317cc09831597c497da5c40cf6a1fb483b
SHA256 f8b11d462208ac00a517c4e0569be20fd8d9122c5302364eda7cb8a6a74a43de
SHA512 52d6b53cffe195fb8d9297185d28957c536052c40e21dc35184df81777498d539cc254fa76d3d90ac812d0b722048303ea1c4a2e6e4a926277cec35ed4eaa852

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal

MD5 ccb059427cfe8d10aa133013d6a9cb37
SHA1 8dc4a2818d0f660166a93e711780835d4b234c8a
SHA256 eacb5387e65953f93bf5b67f8c5a62f7c9d0e5ad3a62008bea4ccc1090433e14
SHA512 c28674e19202a5ba76ef2b5e9b4e26393f2cbbf49a499151d573935273f5772f9a66e79513b9238ac49894f60175855791a8a207f97d8d95d8b4e6725dee2698

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/credentials.dat

MD5 31e2a78bad3d5ed9f928b5af6fb1ff55
SHA1 14aa4480c7cb3722574cbdcf789a9891917fe6c9
SHA256 2545f7f28ebfa511c494a1d70d890481c125502163f48eb65a9224ce1e2f7cbe
SHA512 3e7ea9d24c85c1e628b06a5b383b3bb0f17d70fb0f4a85708931da5c9dd4918914d8417451c787854987d5fb431ce5ac174a42147c8642b855b85b162c168178

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 de8b719e2733fdeeb1f5bb2c14c10de6
SHA1 98c4935f69abe5edfadf7bef64acc12d1f247dad
SHA256 0c4d6475fcf6723069adf6650a5190202089c47d50bea7c236b29138611d6542
SHA512 feb100d17dd39315773ada3216c0258b9791410a5edee09cc4c02dad91bba1e7a418e8798fef2c072582b6d0ea693c325055354bb400fd5eebb25b880824d19e

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 f7b52de081d7c334901d73d828e979ff
SHA1 f93aa6cf91bcd57462e3f026ab3065fec12a896b
SHA256 5f9fbfd1b5918e4fbeb6475f226d451e77a64a50b2332f954bc36a505562ba8f
SHA512 c0f3a5dfb1ef73a0ac5307c68704a321c96a9bec14169172d8adcc0b53cc9ed56f96f09000a97c31bb52dd4a467e771d6454220df64522019dfb284f4b08fa38

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 a58404717354e2b91c3fb90a9d6892d4
SHA1 08708d10974561d3d55ca7b9d6fa99b8f693891a
SHA256 1e1fc6046546bc21db5272967440d333f4ba0bca10a995edb2c04cf26df37cbf
SHA512 ea286d917ffff30eb700fbb8ae4748c1430de6028d19994d83eece61322da09de5053ea6662e10d0693b496a758c3c3fed6aa5da14f30552ed302d233d3fcd9d

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 ae4253b229870ae253618a723bfa356f
SHA1 f80ee25a2e7b8cfaf64002089b1bb90d0091f058
SHA256 d0adfe5181b81ce6412a4211fc2b1b5c292939743205b6feb45001deb223a5d7
SHA512 885e29a3184aebc392bd300654bf9a548530e1714f4ea21ede7026cdd275715814e0a26083800f842d788a78231c19b0e9a31f515e6a305ecfe09d75ce1a3b87

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 1d89fdac9aa2deca5374ac6dc3383374
SHA1 3b535d55098ae58c3a2d3b66ec9a27cd24326546
SHA256 e8f0b0aad9b2097c558f36f9869c9b4b90ed0eabe1cb3d48fbd2d3e4b8d2b017
SHA512 3c175576a5b7d272de91a7b26ea5821df056f5c872adbd53d740846ee7e868317874468e947b0a0be0e5c75af5031dcaaf03c2de511bf0ef32f6f82c10043f5b

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 1d4ff046854ccf31d4aaa28897e47cfb
SHA1 03fe67c9a378ee8e4064a699041f7bd7268722b4
SHA256 69ffc4e0053fed31ea4167a35423ed02899594a5c0a6b642c72f6d3ec37dfc79
SHA512 233b4e112a0d9c477ec78e703f601d331ffa9619c65a7b042278167a17c7ce756da3a848da4d41f06ff3ad3596e95326326b44bef494e762afd5d134e0e17d48

/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 e2fa66ffffaeb82d45bda9dd33528a88
SHA1 816e38d69538efe6721a6d45ae607d738f03a088
SHA256 bc91a0adf5a47ee2a269fab5a3db69cb6bf90b5a3c16c8f3480b31348ecbe567
SHA512 c5c1813fa55cf7b340f5b01ed74ecb044ad1da2bea37db7a23200e180f91ddb4d4495b3bfa38ca33a7e31a179445b0734033296da90a22bb25f095c3f1d8008a