Malware Analysis Report

2025-08-05 19:10

Sample ID 240518-v7l1kafc84
Target 55f9ec3a502ecd0375acd7b0078b6dfd_JaffaCakes118
SHA256 074ad9b885e08810449572bc395c647e952b009663e26398d6f81a81a89cf967
Tags
banker collection discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

074ad9b885e08810449572bc395c647e952b009663e26398d6f81a81a89cf967

Threat Level: Likely malicious

The file 55f9ec3a502ecd0375acd7b0078b6dfd_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker collection discovery evasion impact persistence

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Requests cell location

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Registers a broadcast receiver at runtime (usually for listening for system events)

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-18 17:37

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-18 17:37

Reported

2024-05-18 17:41

Platform

android-x86-arm-20240514-en

Max time kernel

179s

Max time network

182s

Command Line

com.iquizoo.androidapp

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.iquizoo.androidapp

com.iquizoo.androidapp:pushservice

cat /sys/class/net/wlan0/address

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 download.iquizoo.com udp
US 1.1.1.1:53 api.web.iquizoo.com udp
US 1.1.1.1:53 api.exc.mob.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 static.cdn.iquizoo.com udp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 api.share.mob.com udp
CN 180.188.25.42:80 api.share.mob.com tcp
CN 180.188.25.42:80 api.share.mob.com tcp
GB 142.250.178.3:443 tcp
US 163.181.154.222:80 static.cdn.iquizoo.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp

Files

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/journal.tmp

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/journal

MD5 b0566640d889d831c53f4300e3e4111e
SHA1 44a0ee7bbd0bc1fdc461d1254208092d814bc249
SHA256 41d11375235e264f76a7fed74a6c35e4f56f0046c1e6d2132c69d02bbb4ec7a0
SHA512 74712b741bb5c561bfe97f6190c5894e98579266cf88a9d5b4756718ec3b76459b0527a32f532fdecd1d29215fd65cb27d08f23504747969d3357b6c53d01360

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/27b98fb15bd04aaa905190524152e6bc.0.tmp

MD5 24c24c2556689cfc8f9bdd83a75df67e
SHA1 0dff4d488cb8e708035dd35d89cc311ddeb9f399
SHA256 cf1a3acd23065d498a933eceb11ac72ea2e1ea464b1d28902f819a2d3932bac8
SHA512 cea8e6d37913efbbe4ea51a69145aca87d2bfa6f4c5a6cd1fbcb770619064a4866468c5ce62fbe6b649e3e62b7a50e858af5176ba364dd19a08310c2632a334a

/storage/emulated/0/backups/system/.confd-journal

MD5 7fa5985811fdf0888550281c819a5232
SHA1 8f2a3ae54cc3f824e4d3b994cf4242c9c0a08b15
SHA256 0d8f599ae98dc66a8ff5ecfa488de558dd3241420b08b4ee16fe4ae03a7980b9
SHA512 99e73b4507ca30d77330333fc6f1b2082c6bfc745b899a3505d49cbf78b62f614ca3f43e9ad6c8a18a9d418c913b554bc72ae324ab03f9d5929c2ed8468000b9

/storage/emulated/0/backups/system/.confd

MD5 048c73f536f234f0ad0d2fa8bdbda899
SHA1 dba2e666721e0b0988807b8bb3ce0452dad3448c
SHA256 f1a64586ce75e770e2f36a7ef6f7419e26ebb9e9e786df3c5adce50a196d2d07
SHA512 6ae398c682724f0008ce47cfc790a7ad3dd7cc801fb3a8a692d28da5533ea7ed830ea36933bd3e3219fc8cbade90f073c2c418611921bc7d6877d94b6745c4f0

/storage/emulated/0/backups/system/.confd-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.iquizoo.androidapp/files/libcuid.so

MD5 6ab00779447ab1c4583168adbc0c115a
SHA1 320b7a69682d6a52fac21071e02dc297bec3659f
SHA256 3bd93c963b31e25fcadcded9140bfb2582f7c6966b017c97632d6a05544651c6
SHA512 586994b07a57a2a2fb39cdde84b8c7159a4209cd37e53be1ea8bc8c7b0e2469c5ec89ddeb70d2336dcbea94212d14bdebddaa5e38c5001986b336734599aabee

/storage/emulated/0/backups/system/.confd-wal

MD5 00ecec848c46eb78f97314b02ac08494
SHA1 5353cc2a51f0af841f29c2442e0a0f8190a9ee5a
SHA256 7c60d4b77cdf4dd456dfac2d0e875203fd222f0df0dcc5d062feafd574bfdb40
SHA512 13a0b6cec189fcacd5c996dcd981fb9bbff37fa68b9e0677570e90d503d09c82d1a0c45ef211d05134838d6a20e61338f657f7214b22194f2b3f655c7bdc08ee

/storage/emulated/0/backups/.SystemConfig/.cuid

MD5 45c680eeae739c18ba9749c66763e812
SHA1 1bf4af303ca4d1ef8282e278a3618a081a959d10
SHA256 401bbfed19c8044c4226a06ae4d8c9d68fa7160fb161c0384926a6e2e6bc4763
SHA512 01b7877506d668c8f18ad2e1cfd87f8e0c23e84d00270694ff5500a9a29dcb8ef61f560b9535ca7349c3049f9bec7f0bcc0266228c16dd56c0dbf6844f96c431

/storage/emulated/0/backups/system/.timestamp

MD5 c6e8a7125de131eda4ea43e2c3110f9f
SHA1 b43596389b268b9360bc3b95f3a531b52f257437
SHA256 ef029fb3663a3cc622b69d432503435509f4ee605e04bb148b72a64bc7ca0673
SHA512 7f76dc6e66ad4a57cbd4db9c48444b279848025f79382a374f70ee7ff5f042f0d8f0055c66c5310aaeda3a073958fa43c2e092219e9b53d4759d2cce703019b8

/storage/emulated/0/backups/system/.confd-wal

MD5 8c8b441e51ec0b6a67642548a309a973
SHA1 e151b834bc50027bcc9c7e9ddeeffcad9348e206
SHA256 21dff4b6258fd76fdf86e3d1cbaf16713f24f509cf3d9e6add7976ab12cf90e0
SHA512 7e5e133e7e6e5ce77fb53076b36338cd6f886f655031bf1f447ba36aeaae11a16b772110c7af6cacb61be63384ee7d79c7244f60eb2306009c2a09f6c6267120

/storage/emulated/0/backups/system/.confd

MD5 20b4c5a4e7944c6575524b67929456e8
SHA1 8c00624e72d53734b11bbd36d92523e4d80ed5b1
SHA256 269e0fdb977c639320baa5a0f88db814d17c1058fe5aaffdfb723764e5029f69
SHA512 c4d54bdd070a8c6b8e8be330700b75c278cbebe6f2325337dbd958b2604b81f9d23e27a537352abf1c628e35a88818efa0c37b6b796b16619754db62f9481cfa

/storage/emulated/0/backups/system/.confd-wal

MD5 079f7dc2162850be396e4f0cf9cde3b0
SHA1 3dd4c3e87dc72c0bf622de1542809474806cdf7d
SHA256 e09e55e6990f1abd7df254dee6364123b81a575a330d740d3399a6d977a018d8
SHA512 f12fd029a7f1cc6c4a9df4105a5bd23f70cf31dfee94a40d48002d6a6cda412cd620c59a42e8ed39cd7126daccf2f91074ca61b7904361d8cee164cf3a1767e1

/storage/emulated/0/backups/system/.confd

MD5 cef9cff7b33a4ede6b2e6ee9a942a23f
SHA1 78ff16edcefe8eecfd65482f6718d2659138c50b
SHA256 bcc709bed430e7f67e2ae0de79b5c91cc8897a16c57186d1949ff4a8a1142ea9
SHA512 1f8a24af7c807f16360cf84a94d8a5cfe084938dc271243890e695596d61617b994a72308a1792449cfc97777eadf50a8cfb2e90f144f90cec5f9461a26752fd

/storage/emulated/0/backups/system/.timestamp

MD5 ec03e2fa3ce1b73d6eae8d568207b01c
SHA1 551ef4177db6d1a156d913dd7b1b2289c11b45c4
SHA256 fa4e59638761e2b5b8ab8d815768294ce745ad9a4c38437930e97dab6a2e26c8
SHA512 b64e3f6830bc797ec647475d20c3cb5f9c8b9b501a4b4eebe6a184c983a499ff0b4d04167c99546d902e74b06d36c61ea82a6885f7f1b8018cff96b138e5f42f

/storage/emulated/0/backups/system/.confd-wal

MD5 69719525cf83d268d32b197a168a1773
SHA1 c74c1dfd000bef5ef2dece8275ac8bbf55822dba
SHA256 4ae474253ecd22515371cbfdead90a89a2cea247e10503afbfcb1f915f7e86bf
SHA512 d2b8dd6662c9932d2a18a8ea79c71825e8e305f0249f9827eaba49ab560d3e80a2e2015b4aa93442a5e7d4b341fe2865e1e71340045960b4f2a2426458fdc5c3

/storage/emulated/0/backups/system/.confd

MD5 41dcdcf9d83b64945ec987ab2817eb2a
SHA1 9b05031a6f21e5c11983e143c46d7a3dd6b6b923
SHA256 f54db37b6d4719dcfe1cc28030fadb636ab64e0d5a0ba04d7e2bcf461d5897b1
SHA512 16444bf1008821f5c967b744441436b85de295c493a833f6ae8b9cf162e76d135138d4dabacabacd7608e3c3c429fb756e660f9d37c08c68ad68df506f9cc8ef

/storage/emulated/0/backups/system/.timestamp

MD5 b80a69b0d7e3129d60cbada8bfb875dd
SHA1 cb18367ca6768304c210f9fdf1335445252a6aa4
SHA256 d57bb9b47474bafd3befaaa51e5eec9c6e81d49edfa1069ae867b191f7177e30
SHA512 b70a64d24acd4b5f27327884f272f87c4d1739c1bbcabc637f8fbf3ee375f674508824f5caf59263d2156c52a5da05091670e42328d3911e9c55c827693889b9

/storage/emulated/0/backups/system/.confd-wal

MD5 5aba9dfa2e07b8e858501c3ff509c390
SHA1 159235ac63ea1049ea08137d19e5756eb58c0d35
SHA256 dbc876c387028d81a27a4a27efd3bc8dee71a79a68da6581a06b4a7a09cfd189
SHA512 3b0804ef94bb3b50a7f29b048f07fff8936d5aa165c2715b328fe5f669952d469d8f4f86da67491a6f6e5da723e627e9424c425cadb406ae515995a904807597

/storage/emulated/0/backups/system/.confd

MD5 4d5bb9b90d1c441cfb6aac237ad570c8
SHA1 530081f79bfd4d2aff71b42b409355c4f48f6946
SHA256 fc0c91b2ec213b668ff3bc73a1b042224a2e164fa5d8e91336b649c2de56b9fb
SHA512 971e56c3d5c2d479d9c77f44626ef66f834e50e31ac766718ed221042316633d5c1faaa3ca94c684eda79fcf91976429306fa67097a50ebb907d798854ccff1d

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 5dd7e33553ea0709051b14a90bb4eb44
SHA1 ef40aff4b4ad42eb3e53113908ab9b4298a9a49c
SHA256 3004209001102b3da430edac07e8ec94d470571422b4754baec690565a08e404
SHA512 ba35067a76ae371e20e3ccb834f8f998178349ab4f4949a8d96ebbcfa16032992ba8cca7f078d54064a48d8d03d25221f9e1b88d7d4689ddd5393071e9e5db08

/data/data/com.iquizoo.androidapp/databases/db_iquizoo

MD5 91c0f9c85d56363e6521f2b5d7c832ee
SHA1 048974403d70d7f8c0b50e340a9ef9c74e1248a9
SHA256 d17b5ec10367e3e96e8e4a09bc41d94c264e49bc54a1f69abda0d15bf4dc146d
SHA512 2711c5fd92f6521b6256431073ffc6f5304380659844e97ec2122bc4e6432bd6802eaebaeb8ec98133ab03d914771328415b3d7125db535131460078d1e7ea0f

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-wal

MD5 c2f38a937b3da659b2b82bc09b3e1f7d
SHA1 bc691e5fe280009c99e1ba05a1d468eab32207f9
SHA256 9759eddb8b4af7db9953523e6731760197c883113638733722cf49cfd350d4db
SHA512 acfa75e7b1a223b8f9865b22b198c6c063dad6d8a9fe9d12fec200dd528329d171e7c5ce1d7b7ee4e91a3aae82978c41bcb3fdb37633a23ccb89611117dc3e6d

/storage/emulated/0/backups/system/.confd-wal

MD5 d4cf260011d229089a5702ff7aafe20c
SHA1 9b3185e18c3fbf667ef01144d1afd465f9164903
SHA256 b012902095adc26b865beb5f085562a52a6303eef7e489d3fb21cdc23da0327a
SHA512 dac54127c50845c131143755ff7b2fb078dd72bbf3b9d820b52de48ca45caa07e0cc34a494cb60265efa78d799647adbc48acd2eb7cda602d25f8f73f1a0f5a3

/data/data/com.iquizoo.androidapp/files/__local_last_session.json

MD5 ded6db46277014ed2b14c56c7ebdb061
SHA1 50c51960c37dcbb8d3526f825100f7a85da4342b
SHA256 9e35a4dab7ea237d94c0c2c0b0a72a8f5d5d9b507c5ebccb0d4049bd760b7850
SHA512 2c94555d162fe6236a2e00830679fb138841d5a4ca5fb5a3a4e667ef7e8e8b6ff91c44e88842d5132801712b721252d2d6c2c636199c8869742cad3fa0611b17

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/50a3e1b4e6f836d825fdb6aa95ab01fa.0.tmp

MD5 e2e9e0d438d4f73294a4af21399eae98
SHA1 0c9b0a70ba5bf6edb2b4ed0a8392a023ed6c28d1
SHA256 4922fd3b7e9cc4d856d3d4ede4e8e5c6e478b6cf41f0b98cea36fdde8f3c9d3d
SHA512 44c8ccb9c806b58f456b677ddcd004abb868e45c7b0f3dc57b2806c9963e524b6f0b297186f5e44cc7dd8fc4f86055f71c4a722805141a182b4eab8ccb92c0ea

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/ce463c44cd7a2301f1d27dbffff2bf49.0.tmp

MD5 3d07c6edacbf538b5f7bdd2df4f55e06
SHA1 1cbabaede8733ba0411736fc89274a255f4a8ad5
SHA256 70b30ef054a4b35959a363f53444515d6ca5f76b07261ad2e0b8723aa2ebc1f1
SHA512 1bc6d4e50091c231cccd4d5ebb15eaade1d0a1508315ce62fb5d98b56ea3959f530b86208f27a4f337428a468985f1b68e1aa9c920a8a64db7d2ec47d8747be9

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/8172071df5e5fa174e5cd3e4fa73416b.0.tmp

MD5 ccf467c87e135b66fb4c8c3e2dd19937
SHA1 d1b5e49922f55dc2ee0af440c102d419be0c3774
SHA256 efe5d49d6fc33f2a07c7b50afec9e6fc0e35260b2544df1caf396a0fcb366041
SHA512 3c48ff4c7578222eb424cf9fe08d85a1cbcaad338dc216076daceb91ced3dae1c6908fdd6ea76b2bfb1d8aaf633d841a5c479cf9a2e347c2715078a71752757f

/storage/emulated/0/backups/system/.timestamp

MD5 7077273f1cfc74b48b40e76f3ebb80e1
SHA1 a7c840080a234f3313e6c7c47f14eacd1c0679f9
SHA256 82c3f3b66cfd68d4b5c62592e6e096759ede49f0a34a53ba73f5717dccc6bd58
SHA512 24a1213f5e8d8ab4ab450cdbf7d101fb72103e58db653ce19c7409ce5e6174694ffffaa99470e200ab9323533b8552445d2ca039c1afa852cf483099afcd545c

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/38e773c019762e70424262addf125ba9.0.tmp

MD5 ee4b07ac2db2931779d7dce280097340
SHA1 68c27781cb6e9d2fe8fd701f72477590570beea0
SHA256 0b5d9595c851b2e8b41c2d4b69931510f26f0ed645c6e56bdf74a82de10a896f
SHA512 9744e8232286918f46df6fa3703b737c3d6d26463385ff954a1ab85c4a0e18353e10464beb4c0f2daae63fefaa0e8c91ccce2e624040b3da19198ad69f54f1ac

/storage/emulated/0/backups/system/.confd-wal

MD5 efe418513b412b3b42da2b55d6fe9621
SHA1 c8b74edc5eacb24fafdccbc442dcc84bf9ccad78
SHA256 d893057032e51b66f289a04db5337cad2f5afca35176173d9d98c4144602cbfe
SHA512 8875eb752e6ad538db678270227915c32741c840b32585d03c7c248a3a48c836552fcaedf342305cd02710468082ca53843451cdc63e3c9501b6ae4224ec7449

/storage/emulated/0/ShareSDK/.dk

MD5 c9383021bd97affc44be4db7018c4d7b
SHA1 7e680409d1c86e35149bebc22f2cf8c484f0d23e
SHA256 b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65
SHA512 7303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81

/storage/emulated/0/backups/system/.confd-wal

MD5 1e34a66e83be693df60134520af7f46c
SHA1 1794b37f2e4c42acba78d9d04e16be9c2f05a2c9
SHA256 b0e937cc5ffa294481466ff3c82db5087a2b7f5d4104fbcdcad9b01870a25de3
SHA512 5c445ed3160b1454c2ae4af4e7b0a4a005e315b945ea03ba0508740f8cbf3db69f057e33ad5f67aa5336443f480173e9d0ccf348563ac3dcf1b69c989e32de2a

/storage/emulated/0/backups/system/.timestamp

MD5 3d8758824a560d8a2aba923fcc810a9a
SHA1 82c368dc2eaf2c252fbd8b05ea7439fa71119c66
SHA256 e81b5af7112d30cb01f8c287f49ffcb7adc3cec883774ded18fef2fceedf25f4
SHA512 b369a99ba103512a8302925eaf236e015ff9e44a37efd3448d0679835d959ef3bc1303a9be1dc5945fcb84844b607416f8708ef01ff10ff37a98436fb372fc22

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 a3c62f0f522639f3a50994079ea6f15d
SHA1 dd6d2091fac78ee0ceb5d532471760792b862adf
SHA256 1f230b2c02cae1193e412819304323f497430d83c1d0393a7735760139bc10b4
SHA512 2fd029f73360bd0009b9177398853845c94e42c32b87cd1b24325dceb10df13675e15b92d1f40510e0cc518f7b37bdaada0b3ce94dfea11087573cd8fcc7fbec

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-wal

MD5 cedff0c4e1e3b12ce74fad7295c1eb82
SHA1 8b57aab59f37f7fa9cf9bfdfcdc6e1462c40a8cb
SHA256 463bfee9e782c39015b7db2996761f29d956b6a603ed3368848311efc38c328e
SHA512 530e8df6cd2ca24e2caabb0baacf6b8bf011332bcad6df546963ce6f4e1eef077c31eca31f2358a8236fad2ec760aefe624923510cf74d02c9e991629fc92ab5

/storage/emulated/0/ShareSDK/.ba

MD5 45659bfee1c26bc0a059c9cad9219b54
SHA1 d013ebfbc6bd9936b4015efbee1bdd944008d81e
SHA256 7c95d9464367a584879ea1178862717f26bb75575264677aae3c8234a41204e2
SHA512 9f95b48ee9914a18d1d76a56a95861b1880f737d7e933cd6a9942a7146589c2dfb222fe21ddc0c4078941da03f7f7ce9249f24231ee24670fc8581b42798d757

/storage/emulated/0/ShareSDK/.ba

MD5 f5b46d276553493ef7e718749a9388cb
SHA1 1a1dfe552fb3873e73ca4a38e9d1c4db23fa5c9e
SHA256 2fab87dfe22147ab71ea9b2d5de88b3e0930cc0cba8d46e3f2cef93c947785ec
SHA512 2409b03398a0e31ae76e9987b381bb679b9996df6702921a2b360cc91322aa19ca2c23507ee9bb5414c7eb4f9074b12124ed46d6cbba927bf76b7c5d5f667788

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-18 17:37

Reported

2024-05-18 17:41

Platform

android-x64-20240514-en

Max time kernel

179s

Max time network

182s

Command Line

com.iquizoo.androidapp

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.iquizoo.androidapp

com.iquizoo.androidapp:pushservice

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 download.iquizoo.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.web.iquizoo.com udp
US 1.1.1.1:53 api.exc.mob.com udp
CN 180.188.25.46:80 api.exc.mob.com tcp
US 1.1.1.1:53 api.share.mob.com udp
US 1.1.1.1:53 static.cdn.iquizoo.com udp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
CN 183.134.98.102:5224 sdk.open.talk.igexin.com tcp
CN 180.188.25.42:80 api.share.mob.com tcp
GB 79.133.176.235:80 static.cdn.iquizoo.com tcp
CN 183.134.98.102:5224 sdk.open.talk.igexin.com tcp
GB 142.250.187.238:443 tcp
GB 142.250.200.2:443 tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
CN 183.134.98.102:5224 sdk.open.talk.igexin.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp

Files

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/journal.tmp

MD5 5a9ec38f17c5c41e1aa67d28c5cab51a
SHA1 39216e69987e81f41e09d4b0ebf7a4285b0a3bb9
SHA256 66260725a25beb14fa14ef34c32d445776167d4a0a6ae98e5c55eb1cf32e04d1
SHA512 3959e962b2072547790cc8d4ad09d283f8ab931f99ffc31484a975ee85b5c7ca8b00c9f9836437422d775e5a71eab4656906cbdd6b71eda1398f3b88c22fb5ed

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/journal

MD5 7c32342d747da693c747f48011b4d26d
SHA1 6d6ee3b56a2885b5484f10c8b363e6443bf044ae
SHA256 4580053b155594240402a5b26b40707e592c839b15bc35e2ce51be4ccec5f402
SHA512 904c58d4028aca24cd7b6ef4951d5c5051a7af8ec672973fa7fba2569f9417357a181a8fa7bb0183b4807687cdb962908609882b1d80144ff825597bae8e44c5

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/27b98fb15bd04aaa905190524152e6bc.0.tmp

MD5 c7a0ba5657c2962c1ad8408808071e5c
SHA1 00c34067151988bbe3ab224b9c89da187fe1f7a0
SHA256 0d3a2ec69bb60e86d4de8a6f228329c1cd1528fae3ea3699bb0dcd53b27a0854
SHA512 80038906a7e3c985cc54e06fafa7deb9ab5075401beb11a0e879c5cee84bec08fb4d55eda7b20872fb52a9f80ae8b12f802576632c3ba219abc7a953a146a3ce

/data/data/com.iquizoo.androidapp/files/libcuid.so

MD5 d87a7bdf1a1fabad13b1137fcdc78d6a
SHA1 4bfc06b690d4da40fbd6b0a0760652931de62e59
SHA256 1e256da98a868e306ab83ac1b050dc589025654a0ad727dbe26d60b366b86087
SHA512 7967a9e745134cf3ae96c73f16259a3573819e4daf32cf0dcbd8f7012de8c51f64317b6c37ee3b1223aa0979deefac9b2b9383515375414af459a2c08e2e0cbb

/storage/emulated/0/backups/.SystemConfig/.cuid2

MD5 bcc962e1e8ef29be7794911d553b4e5a
SHA1 310b175297997e29019dd92f6cbd4418d25b5259
SHA256 31528b681b803df77e12e2c8e63aa4c63f0e10bb1dd81d72950c040d290c4ef1
SHA512 954d29bedf85e83bdb8fbfb71061bc7e3c69751c9187daa723221be87c30c4170bfb62d1085ca5be58a906043a0329782dfd7d4f5feae7725795b58139d92349

/storage/emulated/0/backups/system/.confd-journal

MD5 bf39a63a32577242924b57b8c9da5468
SHA1 04ab96cf82062864f251b142caf4bd5e87e585f1
SHA256 70a2862c1ea41585066f0a8c79fdbb84fc40ff64c606b909c782dbc3a2b29dd3
SHA512 1b8d70ffd0fe3222ef286c38a6908e7c80cd8b924dd48876faad855e3f36b03fb0743ad8ca8c83e2e2942dafb6145f5770e1caeb3ae97e632f4a55ed3ca9c085

/storage/emulated/0/backups/system/.confd

MD5 826d5e706922799591873ad10d261b23
SHA1 01d46a29ea4a338669f7753a50a19d6ab54f5c4e
SHA256 2418a7e344c022770996b8db13d3bb83ab784ad167c1c1f40f2689a4c2c30028
SHA512 1b143edc7b49f7289fd3e7a52ee0a90c72bbdc8fda7825b3d854f94232528e6c8f920470ae7552881a32c3f4f2275e670e4836f3bface35fd3150edfb1c3e815

/storage/emulated/0/backups/system/.confd-journal

MD5 a6b37e7ffffaa16eb1e0e952efbeec51
SHA1 eadc42f96a2536ce7d2728dcdca732381eb31a54
SHA256 afed22634550503f2f42bbf2c9dd598d3c7e695e52d289bbab8ee258de22aed7
SHA512 e1701f417edaa97d18aa0de03b027e24432205ae3ee4a5cd2ce80658e668e1d2f8cc9f1f5b6cd85c459a63bf15d01e1565e96d5a189d24c9a923835d10a167a3

/storage/emulated/0/backups/system/.confd-journal

MD5 b56c7b41979183b563f8ee37c6fb0a16
SHA1 764d349509ac6fabbd2c2b90ab59a15f086d81b0
SHA256 7e9f81ac23029560a8e03be7b1f147c57bd7a2d179ecd60079d0de0cd76823a8
SHA512 b52d9ecf1588858687393b9684d24c34bc6ad22ab7ee0e612b9d79f79fb69e953e697631cf97b044b62ba478dfa3c04398ec1fb05d9b1884cb5c2764f8ef29d3

/storage/emulated/0/backups/system/.confd-journal

MD5 3776911f7f769b927fedeca807bb3396
SHA1 97625714d38b49403bb964e4e9171941f00ba0b4
SHA256 9990d51124b23d7801621e4fbdb52d3eaabecaec147e0ac806aa7489b63e09e8
SHA512 eadb3e8626f32c08e40728d50d073c1315bbfb155a1dd172a01be5fb9bd614c6a474e8c76ed173057afbf5f368fbf51640fa265f0422844e100f9bec83a74f32

/storage/emulated/0/backups/system/.timestamp

MD5 ca4bf4f6885de95e777b5fff0cf4890c
SHA1 7f178941bda925d124039abcce939758b4762560
SHA256 c06478677483435991b07200027e5ca0aea911951ab398532b2c103588b7126d
SHA512 98cebb870c6ad697c9ef2f150b98836e0d66f2a7074701307d0ad044b152f070148795ba3ca38190ce6191c909658192e016f9135fe1acd957e322ef714d1514

/storage/emulated/0/backups/system/.confd-journal

MD5 c79fff20d971680f20f144d58bba06df
SHA1 12915bbea8b32fc467292f49f6cf60e7162454e9
SHA256 26a202f8793a351455caca2f8b656cda9abec501a362737df34c1d91f07c5df9
SHA512 aa73e1a3d23e8057814a9c89596a7ec5f8916b0616a8d94c11a28dfe9725d46663b376d70c272234acccb9781e9d4fca95a7cf1b76b1ac72479a8292bce543d5

/storage/emulated/0/backups/system/.confd

MD5 e833300dd2e1df29b95a9139e1e6bca1
SHA1 e0158acfa7495e2fc2bca567d0a4196c94d0ba9b
SHA256 67e386e6ca8398d959d3dbb45f5dc06f205c2cc4f68958d1e4fedfb5c423cae9
SHA512 4c14c4e57ed780de2e8a1e921ac090c4e84068552c47b6e260b47b84bfdbba047a7b84e1e6a77dc4b8ce7a934ef9cc7ce31bef72edf9b2c6493378c7210800b8

/data/data/com.iquizoo.androidapp/databases/pushsdk.db-journal

MD5 d47f301fe0d7e918394fe942962fcb60
SHA1 31e840a088fc89f22d4b842172394163ea080ae5
SHA256 a834454edf7a129b8c50e23d2bc4a0b0e56fb75576bbd4bb8025d02bff2b8f52
SHA512 0efee85d623e0b70b62f3a9100c601ba4702b8e09797c86e17a285bdd6eebd181fc16ce8dbd10ab591a19816b4cdde96377faa562f5aa9215408882a0db5a24f

/storage/emulated/0/backups/system/.confd-journal

MD5 66cad4db7f957fdffbddae8d92a57a4e
SHA1 921544fc0cd168983ab34492092899088f18ccf9
SHA256 45fbb276660fab6c608ba22cecaf4c5bed5de86da4ebd0b61fb65e275fd524c6
SHA512 5a1e622cb9a3bc37b3ae106d3ef67df740b1108c8dc3b9728bd2d9b261435b7166381c43512802b7a603d595c1609b05984e2a788803a1f995278823128bf6cb

/storage/emulated/0/backups/system/.confd

MD5 90ce091068ad4d886abffcdaa6eeb52a
SHA1 8d2c6b3ffce4ce20609954fd2013649ebe651c5f
SHA256 d8bc8b380a51eb6941c98487dac6357f0b6178e3d52ef04bc1160ffe733aedab
SHA512 104d4c2f473ba10393a43d3c7cdbeda359e7284ae950fc7f3995bd8e50aff702efbdd7996b46c78c01691c66b47d34f6b721c21c05d84a6194128946c9e96133

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 43495453cb7b49af64a2d26b6e548b09
SHA1 64910d8e99cdc64f91669481dda2577be1749433
SHA256 2e7d0fd1a51a323378f5868186d7562245721ea449ae641112e1ccee070ded80
SHA512 06570784ab2aac8e585dd197eb05b093155acd724e687dad7058a28b9fa2a70189ebffd6e513ad619eaf4a6a8d37a853e9efb7ae7358b3e2f1d3007de8f2f68d

/storage/emulated/0/backups/system/.timestamp

MD5 ec7565572d95ad69970c84040c57da07
SHA1 7b96df15f2dc448e92a0368dbebc865ef191e669
SHA256 67a06ccbe0a410c9acbb85ff1a900131bc763af727dfcfef88cce1f22b5caef1
SHA512 b7f47a18ff194de1f3802273d022f9050cdbbb1108028ba1d7a85605098a047a8c1cd061ffea94efe57d1dab1134dd5bee3c2be3f5905f781bb2e2563ac4e550

/data/data/com.iquizoo.androidapp/databases/db_iquizoo

MD5 0ba567765df4d87731e93cbdba183444
SHA1 204141a2d1e2114c43aca2659fe3473b65a3d446
SHA256 6c7168b1aa7ee51963c284a9ccc9c798e917a67a640d201979a53b64261ffa02
SHA512 48df4f4d2dea84f7f3cb705c88adfb3c47019550b4a03cf52dc01cb5e75f1f5432d7773972dea41dd41151ea5b1436d67b507adc392ebb70665a41b3440e5adb

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 55e3ab244eab401766d842f7eb131b33
SHA1 642c15fb9848d3f37c20cc7bf7bcb4cb19df8905
SHA256 d2581423dd2f52f8b75027df78d7c46731b48a29cf6b149e8d1efd351ba33266
SHA512 df48d98c0c9a62e48bd4f5c73f1621e58521977e01d2f370635f96f75f87c42c54d51ac786e07ee3ccceaa71a201322b97a5b1918135df9b781cf70f6d89bc94

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 3b0eefaad6f7947b0e039ce9148452da
SHA1 3c1fc22778b196cdcf93000de449d19f319da74d
SHA256 aa5ba3a132021f45fc769c17f80c31132baaccb701fbb3d341c917bc0aefdac6
SHA512 267f0c504cb6d8106305c36f97cfbbeaf549822ea78138ef6e2e890bef6583fd6104662697f8f87f3b17e907b16cd3e4d069e660b7f0a3bfa0ecbf0bb784fbd4

/storage/emulated/0/backups/system/.confd

MD5 b494550877e3c0ba22008a2d82f84274
SHA1 5e53c2f633d96ac7078ffeee2f3010b28a0919a7
SHA256 da624186e26d8f029d4f3c9bf9beccf0bef748e552aff9f7ac0ff36f9594cd8b
SHA512 ef6c749d3b158c5df998eafd9f3a0a00301db0814b824b3d69c7c60c00b6cb3fbd171bc6021e46ec1e08940bc1b9a4f4f3b287673804557d74225864b18ce714

/data/data/com.iquizoo.androidapp/files/__local_last_session.json

MD5 35e0620b77e1bdf6249ad02a0e1c041f
SHA1 135bfb32362d39cfd17d0e43d7593943146eb0d6
SHA256 7a9ad2b3781e6deb50af42194e479030f9c95553abf109dc2b017c94a6c667d5
SHA512 c9754c917652980d1d6b68d7a445d05eeb709ca76174ea8fa96aa1bf0d75d7ea062bec61e9aaf184d6934731f5e40870f842a58d7d1c3a5f5f8260c713c788d9

/storage/emulated/0/backups/system/.timestamp

MD5 d3060d7c2bba38e5e58551a6f7e89fd3
SHA1 0147d35cdecb7971942c6d4bf4d71017289970c2
SHA256 c2c8afb86d050859b07dcdd0516f47290d7cb8be62af7f7af310543b1ebb89d8
SHA512 cec77b8bacd79ade212fdded6def7cd2af9e1f31d558d83b5767a59a6a0ba87a1f8b5d02d9b1e1ece0dd1e0ddfdcef09e09ba21f8e4165e1c1b44b01a6c589a8

/storage/emulated/0/backups/system/.confd

MD5 6edd4ce4fe50e11e803f2ccb03461a3f
SHA1 bb260606ebfc116c7923f90470d5fc17bd3418aa
SHA256 652ae7b6b5cf7a7a56f6cf613fa2c4243cd7da1767779e5f962eeb6c5bc14557
SHA512 479c860179cec0d41e5a01bf51fa3d5bcb7e348d15f66841d637b2ba1f42e1979888bf7674ab433cf13f11d4623b8bbf85e558f3fca2c812f32502a8d4495332

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/50a3e1b4e6f836d825fdb6aa95ab01fa.0.tmp

MD5 e2e9e0d438d4f73294a4af21399eae98
SHA1 0c9b0a70ba5bf6edb2b4ed0a8392a023ed6c28d1
SHA256 4922fd3b7e9cc4d856d3d4ede4e8e5c6e478b6cf41f0b98cea36fdde8f3c9d3d
SHA512 44c8ccb9c806b58f456b677ddcd004abb868e45c7b0f3dc57b2806c9963e524b6f0b297186f5e44cc7dd8fc4f86055f71c4a722805141a182b4eab8ccb92c0ea

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/8172071df5e5fa174e5cd3e4fa73416b.0.tmp

MD5 ccf467c87e135b66fb4c8c3e2dd19937
SHA1 d1b5e49922f55dc2ee0af440c102d419be0c3774
SHA256 efe5d49d6fc33f2a07c7b50afec9e6fc0e35260b2544df1caf396a0fcb366041
SHA512 3c48ff4c7578222eb424cf9fe08d85a1cbcaad338dc216076daceb91ced3dae1c6908fdd6ea76b2bfb1d8aaf633d841a5c479cf9a2e347c2715078a71752757f

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/ce463c44cd7a2301f1d27dbffff2bf49.0.tmp

MD5 3d07c6edacbf538b5f7bdd2df4f55e06
SHA1 1cbabaede8733ba0411736fc89274a255f4a8ad5
SHA256 70b30ef054a4b35959a363f53444515d6ca5f76b07261ad2e0b8723aa2ebc1f1
SHA512 1bc6d4e50091c231cccd4d5ebb15eaade1d0a1508315ce62fb5d98b56ea3959f530b86208f27a4f337428a468985f1b68e1aa9c920a8a64db7d2ec47d8747be9

/storage/emulated/0/Android/data/com.iquizoo.androidapp/cache/xBitmapCache/38e773c019762e70424262addf125ba9.0.tmp

MD5 ee4b07ac2db2931779d7dce280097340
SHA1 68c27781cb6e9d2fe8fd701f72477590570beea0
SHA256 0b5d9595c851b2e8b41c2d4b69931510f26f0ed645c6e56bdf74a82de10a896f
SHA512 9744e8232286918f46df6fa3703b737c3d6d26463385ff954a1ab85c4a0e18353e10464beb4c0f2daae63fefaa0e8c91ccce2e624040b3da19198ad69f54f1ac

/storage/emulated/0/backups/system/.timestamp

MD5 5b4350345c25694972985c15e0f70d0b
SHA1 c1878eb5d3763387eadcab3df4b46da8a8947088
SHA256 163a224b238165c7bbe7b3beac0647025e6ab3015f6d69d1b7bc939879cf6e04
SHA512 15c8c28feaa76d942685f177f73b1f1f193dc2922c490c8d5d00d357deb2bdfa4091f993fce6f48d0abde0e1abc001c12a405f55e75a216e1ba530930011f413

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 7ea5ad091c389522919aa4becbbc1a98
SHA1 0649e93cc8d7552020f83a0b8d00066e632f0b86
SHA256 e25c0d392c994e97dc8075de0565b408503af8e2015d49a808b64aa6446ad368
SHA512 124bff01f75fd36a7aec0625065c8e7a4ea563a6c9ff621c1976ca8e06b0f7a263d5145207486ddf873e27d16c3d11ee8551206437d076bd4526c44df399e374

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 69e3b3ce777a4d2548e74f28f723838d
SHA1 1c22fd24ff573b9c9ffa58edce0a1f6e528d6329
SHA256 30aa332391e9f878731f7b85499cd473d94f4df39a9771b7b147fef10327d756
SHA512 f0701f7a4357fb02e1f6b06c1c1bb32d8924ce3f98269c5c689b45e9d0f2f0f9fa34f46a2ec47cb52552956a451c49f8197e152493166764bc2e0b5eafc3d575

/data/data/com.iquizoo.androidapp/databases/db_iquizoo-journal

MD5 8878060ee280ade4b6604c8b1e72d348
SHA1 91ac1ffa6bc5514bc6c2e895034d1e0d8717cb6a
SHA256 c8b27d91964e4b01c630ff825d1eb11fec49399b451746eb62540ac3422ba57f
SHA512 172791f0952a03d637bcbbbc93e4775befef4e034f81a2ae3d9b1f4233a44f035f8f2ee656d8463f7357d14e105674b21880ef8ed48653c76551ee798f35e17a

/storage/emulated/0/backups/system/.timestamp

MD5 94a574926704291279d615ee32cb33ad
SHA1 75bea1884dadd4270ed4b134ff8ed92ec39a9dad
SHA256 4fcda50ed4c0930187d5d9584fdfc527d23a99e05e89095658d612cde9579aff
SHA512 2f5f369b43731dd5674539ffa811f810b3b1b483f7c783c00a6ebe3608bf74b4bc65c8b703831329277597064dd0d9804460e40a9860c01106c4fb1c65415fce

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 d003099c4f7059425574df3c02f1b7be
SHA1 2912a86eb188f7c21dc6793a813c365612e64d31
SHA256 1f84116648845d4c159084f48bfe15188bdbc7f0ec74baf4b8b6ac358b26999f
SHA512 e9bc6b9835be32b65661baaafcd48d3c6cce2bb596a8226af9e4e272e42a17895dd4a6159f18a882ee3d9ffbe739005b06568b283cf1657c71d589eff93f2468

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db

MD5 ba98c02ca160fb26342fee0d02cf02b7
SHA1 3a4a95f62e759920545abaf6d735bb6cf1c5d5d4
SHA256 8f615a1996449b9a1e6386d4438e71c1e1c538b6ad762093204aba18ee1a41d8
SHA512 50dbcf5151afcc6a56ae2b9e923d8093e37f6057f65ff9634167a2d01797523855e269552a965585f0c452a3c67f91f496c60e61d321a77c08e24e3033177cc4

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 71aedf36a54dfaf151ae2cf2b3dbfe38
SHA1 5f8f31ea3d8490c1b138ba265b93ebebf67c7479
SHA256 f01be9a2766e5d9dd15c2ec26d54c7e0364d88146432848546d6b3da309b45a8
SHA512 8798babf6df9c24ae808cd7ee73c26bc82b770428e0caa7072322b3abb390ca3239152ecef03e882553a6bb44f41ce5003e80f44b4b3c0fdb2d6bb430d0800d7

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 213d422016fb7bdd2199a5e24ca43a73
SHA1 3f28868a9c25514a67e3384fac75ad65f61ef83c
SHA256 07ec24523801ca7dc20dea58ecb5e16e0b8d6a0860489bb5371f34cfe769bad7
SHA512 d73198d460c707a17e720c24a767c8a8b9d46aeb2376b63a43b8be026194a7cf9170dc8b8db83a3a9183929a1d7f918ee728644a2dbcb72d7e892396694af121

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 aabfbad654296abd630a59f3063e036a
SHA1 96578dceaf627b4efa0fc45fb78f0f56459ec48b
SHA256 12baa90c1cb45f29f7835bce1ee8f378091bd84c8ebf25f1fef9fab5be08ea5c
SHA512 3152a2d851db3c93cc19671cba6663a2aa887b2ba390bc64591fa582ebe8def732a6630ebb6974f416f2af731db5352ef7b95a7e89b6a9ce6ccf47bae5615a49

/data/data/com.iquizoo.androidapp/databases/ThrowalbeLog.db-journal

MD5 454cbef7413b1d31afb572a78a11138e
SHA1 4448ef095f848f3cc558555428bf4b94fd977053
SHA256 d6d974c7a10703d48637d7fe6124f40f4db07f91a40e32b31943aea63b9341e3
SHA512 b3485fafda3b2c0d5331cf0fa6acbfe64eea02412116516f4a7312156540431a61cd1713b7996368a5f4e14f9ca4a335ef8448227449732cd17df6f59d0772d2

/storage/emulated/0/ShareSDK/.dk

MD5 893bb9930a6efdd3211826f4114b5a29
SHA1 57b8895adcc3bbfec87268d5f004cdaa6caee8cd
SHA256 45e6cf5549bc12c1150b2a10f20de32ec5b86fe23221536eca2cb2a43b1e2d21
SHA512 78f094bf00c6b440a57dc5b8edc10c3abf4fac63176dd64a54b2e7b03d9973485504d619ae80312fed1bc72db9f1617a990f37edc7bfdfa032ae47b054939010

/storage/emulated/0/ShareSDK/.ba

MD5 45659bfee1c26bc0a059c9cad9219b54
SHA1 d013ebfbc6bd9936b4015efbee1bdd944008d81e
SHA256 7c95d9464367a584879ea1178862717f26bb75575264677aae3c8234a41204e2
SHA512 9f95b48ee9914a18d1d76a56a95861b1880f737d7e933cd6a9942a7146589c2dfb222fe21ddc0c4078941da03f7f7ce9249f24231ee24670fc8581b42798d757

/storage/emulated/0/ShareSDK/.ba

MD5 16a6d4dd13bf9d2c7555f3e80aa0d481
SHA1 2674b50673022d004a2c1ff8fa135d4aaabd7317
SHA256 7c20be4c94d787f7ad0597c9cc8edc991329e0689815a5bcd3133e39c3207c93
SHA512 0c0d7ae836596372cf28f1b263a3ffd098dcbb3a60879b74c72186c6ae55daf8e78d64ea1dbab5513074d06291a6faa18a3dc2615c26601747c696ab71a2e42f