Malware Analysis Report

2025-01-19 06:59

Sample ID 240522-jg7nssge44
Target 6681e57f5436ef60d17d9b354dfb16a0_JaffaCakes118
SHA256 0c278aaf3bd91d69f4db29757a5766a6f712e920cb1769f89ebe47d521c18357
Tags
banker discovery evasion impact persistence collection credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

0c278aaf3bd91d69f4db29757a5766a6f712e920cb1769f89ebe47d521c18357

Threat Level: Likely malicious

The file 6681e57f5436ef60d17d9b354dfb16a0_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence collection credential_access

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks if the Android device is rooted.

Makes use of the framework's foreground persistence service

Checks CPU information

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

Obtains sensitive information copied to the device clipboard

Queries information about running processes on the device

Loads dropped Dex/Jar

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Acquires the wake lock

Checks if the internet connection is available

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-22 07:39

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-22 07:39

Reported

2024-05-22 07:42

Platform

android-x86-arm-20240514-en

Max time kernel

179s

Max time network

187s

Command Line

com.mobineon.musix.lite

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobineon.musix.lite

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobineon.musix.lite/app_working/startapp.dex --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.mobineon.musix.lite/app_working/oat/x86/startapp.odex --compiler-filter=quicken --class-loader-context=&

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobineon.musix.lite/app_working/yandex.dex --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.mobineon.musix.lite/app_working/oat/x86/yandex.odex --compiler-filter=quicken --class-loader-context=&

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobineon.musix.lite/app_working/facebook.dex --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.mobineon.musix.lite/app_working/oat/x86/facebook.odex --compiler-filter=quicken --class-loader-context=&

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.mobineon.musix.lite/app_working/oat/x86/adcolony.odex --compiler-filter=quicken --class-loader-context=&

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mobineon.musix.lite/app_working/vungle.dex --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.mobineon.musix.lite/app_working/oat/x86/vungle.odex --compiler-filter=quicken --class-loader-context=&

com.mobineon.musix.lite:player

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.3:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 data.flurry.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 74.6.138.65:443 data.flurry.com tcp
US 1.1.1.1:53 api.appodeal.com udp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.206:443 android.apis.google.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp

Files

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 634718f36b1c4466c1502030cbf17d8f
SHA1 b5f7d58b9a9ba53643c782597fe6aa6750f6a182
SHA256 1ffac80fe5010bfb451a67abf1f773aebe1419dc2c55e1f7ca47d12fadfcfe49
SHA512 751f0ffb69f3e8da4ea1307666343b5140977e2f7590d7541015c992938f832faa8749a7c7d136e3788305cf6cffb101ffe4f2334b53a4150f7335738cf5bb7b

/data/data/com.mobineon.musix.lite/databases/media_db

MD5 d0d2072f74d5d0d13b65f9ae60880c01
SHA1 bde6c544b8f514f0b1364a7eca53040f5794cbe3
SHA256 8bed685d3a30b6a4479a6ab58fbbe91c72ed57fe153846ebc3a69e03c6f61a8a
SHA512 4a2376ae89451ce794b0c3fcbc3272187a421c22124f6b160bd38f3d8dadcd7c24ff8c1af923fb1b28a8805b29a6ba8321f42a3e357826991a8ed44edb9320d2

/data/data/com.mobineon.musix.lite/databases/media_db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.mobineon.musix.lite/databases/media_db-wal

MD5 758f9e491d3f6795bb79dc335cc04539
SHA1 39dc040e89cb86c492ffb6f08978e646209744d1
SHA256 35d312d008a55e47dd5099739bda104c9ee5ab64de069348cc622e9a35935ae4
SHA512 1a61af5edd95b0f80744a6c942c67cc56d8e42061b4fe1efc80a054d04a7c1dcac288e19dbe53f469e9cf51ee791be066479bafd2b6e482ef6dcdd147758700b

/data/data/com.mobineon.musix.lite/databases/media_db-wal

MD5 a2a99e5b6baee0deec62f94bbf2790c7
SHA1 b35db01463f4024d66417f3669d67c6ed05bebdd
SHA256 f1e45ccee3e7779ae944d0ed2efabd87aaf31501e61a6fd590d9640ef960687a
SHA512 c14d172bd04a6ad72406278f9c7b4ef7c40c6efe50a9aa2a6a043b4449b33c6315daa320b9ae787baa464e4a88d32dd349f421c1b6cb0102c73edecc58851c98

/data/data/com.mobineon.musix.lite/app_working/startapp.dex

MD5 a7ce3758ab5597482c4d81f7b9c696b2
SHA1 a197b161e1130cbacef099094f2a5d26e0f136d3
SHA256 94f0616813e653cae87216f49f3f8f4988be5f792932e61c5c5a908fec858d62
SHA512 c6dce2a63682b09d69fcbfc0dc99cd5ad705e1236cb7a03e099b8e83c97ce50cce206cf912819082a70c8e6946e2f8d96055cdc65af573d62b07dca9636c8b03

/data/user/0/com.mobineon.musix.lite/app_working/startapp.dex

MD5 f8465e3268a279140d8d165f7e6ef13c
SHA1 ef3b3d0552bc1dae12003ab2f0fbfb2bf75b0756
SHA256 9a6fe64edc9dfb0f2f2bab40f09a547e0481ada5ced84f8011f6d504fef351c1
SHA512 528d09f2e6dbc159330d029d5e404046fec000230ddf1396114dabaabcaba2fcc9e4ed259df20c690db74ae14b110f5caab63d08bb901317702456329212349c

/data/data/com.mobineon.musix.lite/app_working/yandex.dex

MD5 c9a1db3fadfbd6980ad0b9ec0e60635c
SHA1 bfd7abdb28be7b5107426d9c0a43204efb89bd7f
SHA256 0c92b22ed8607b60f88a397ac257d75e12b2f4bee1902983ebefeff9f14332ee
SHA512 bc854a56f34c72323c1b101a1bf22260415d0a428c0befa588e45a41f80e96ef0d7337081db5caf5156d81ad135b9ccfbf5f3b4915120bfa5ea2ceeded553f71

/data/user/0/com.mobineon.musix.lite/app_working/yandex.dex

MD5 2fe6c7a8c52f1b67da44a9f8f25e7f47
SHA1 dab50e87f8f280a6e37c5f3143e01a2c5552dbda
SHA256 10904471eef547d8621fafd2206c140dce8d3b93c7fbabd607204e186d54d288
SHA512 86ae41521e8394dd2f6f3b485fddc637f7ec17d97cd4aca604d352f0decfd8139cd529120cd412a0524d95a2853987b87840877bce4a71ede3a33b523d6695e8

/data/data/com.mobineon.musix.lite/app_working/facebook.dex

MD5 85c8edfb5743ca37d63489a2b2808099
SHA1 2effc4cf76c44ebe32cadc9a9cdfd94afd0a2ef1
SHA256 dedac9fdd8941207f57e4380ce5e9f107cb1902403f83d5882fdfb36d875569f
SHA512 58aebd7fad21533a67a51bfcf137a3b0811d93d7b240b1226829951f22d80ba1aa2571793916d10ea6d97156dfa01514f56fc9ff8826030f8f67f45d3529352b

/data/user/0/com.mobineon.musix.lite/app_working/facebook.dex

MD5 4fb26de31b1b337758b52f1d07b8d9fb
SHA1 4394dbfdaa96aaedb50c55e32efa5f5058db6705
SHA256 9b705ad462b59c258556984dda7d54c82349556e2f06a83982422420d77cb26a
SHA512 eeb91bed54c34fbef7b21785c5626ff989612f92c2c95b5f6400825285eed27fb1057da2f9f742c7cc98029503010edb766952f59069f5ce66c393b6481793c5

/data/data/com.mobineon.musix.lite/app_working/adcolony.dex

MD5 37b5582108382d2ed012ab205ae79e17
SHA1 8973c56f72132634c487ab889cff4a17cdfc6ebc
SHA256 0d4176c543e9d6d6f02b0b2834b3f499042fd2dcc6529eed71478b7ffc5f61df
SHA512 fcdbb11f96b3ea16043c9d4fbfde0be642793b6aad23e8ebe0392c5c17317f110fb5ffabb4b8140f2fe3170ba2e498cb642db56e6a37f7cecaae349fc6fa5f5f

/data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex

MD5 2fcfb754d83d843c3b766f2145221397
SHA1 220689f4dc286ca2c0e7a8da5b41c2a8452c00d9
SHA256 448dcd34dea380c10c1481edcf027aae186b9362d1552d3c10e82dd20ae0e5e2
SHA512 4b268e69423f0bbd4c2e7e3ffdb9a9946b0d2df4e5cd6ae4f5e26ab7cf68e4ba17a314e48cf911dd7e03d46a582bbd75d9673b499ac2099cc19c9586cf1d2a44

/data/data/com.mobineon.musix.lite/app_working/vungle.dex

MD5 4da56a4d98f4e4fa0f6eb8a56f4184e5
SHA1 907a6c3362ebd00e1eebbf158e025a2c03ad9abd
SHA256 8c90b442f00138496607e307e83da5a20e5b0d15c015b788902af25e50d3b7bb
SHA512 b1430ddd62068fd084a4b48a8562712eff06972b486ec4adaf204e8541f33caf0808b980927bae1f137b2aac364f9d78be1dd99f986c4db6fbf959def84acafa

/data/user/0/com.mobineon.musix.lite/app_working/vungle.dex

MD5 89b18b13c3fd37921b57ad3c67ab9b44
SHA1 42d0223e9c964895f14cebd3ea1a97578e9f5bb6
SHA256 29d1a6bedde1ad402e28aef70c9bedffa371c1997a1822724ee920780f1544d4
SHA512 bf619e4678703a7299c7bff3537690935042329f94d1dfec5ebcd7038d04287cc1f07313ba7881a7ecbec67aac91b1f945692c7f5e64b81c0742b383113939e7

/data/data/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 661714d2cfba50cf9eac1c2997529f62
SHA1 38aeced87b9d668e8283088b2c31fd0f5bd4d0e0
SHA256 73dae093c31564bb31b0b66672e862f66d1924ed3fed0cf34bc62ef61221f66e
SHA512 3f64b46d7de75a505f43dbb27c33ac16f411a4e39105617c008d0450a598b94c4ca7bd415e78c6e925af6a544b4aa563f928e45d884a32e5689ccfb5999127e6

/data/data/com.mobineon.musix.lite/databases/service_media_db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.mobineon.musix.lite/databases/service_media_db-wal

MD5 5591e559b47e33224c040f8f3dc6254f
SHA1 37e6668c6a699db286ce915a9b56721d3a8f0c1d
SHA256 68f96b8335dfa50a41182d4586c242c3ce8dc05c378220aed0a418631ac86394
SHA512 43488601ce27339f8936320b9a9fbc8a4349eef06caadc9d7192932d7190e68a6bba7f64f473855ea18a74d886d376900c7aee2a5fe5df902c8a51d06b1ca0b0

/data/data/com.mobineon.musix.lite/files/.yflurrydatasenderblock.948636a2-d088-4f17-9b23-c700bb3bc383

MD5 49f1fe676f61f806dc930555e41ffdb2
SHA1 caeb0a9b998976577a3bb21d5f23be72fa869c07
SHA256 77caf9f23eba633dcd3bc93cf22ed8c9640141f480fee3608c300b190347f075
SHA512 8e363490ff05f3c5d2c2d1e8304aff57fb554ada2193a2696a1d0cfcb47485af8e74f38d38d28be37900bd1698e0be459ae87fc2254b55123eeb64876c03998e

/data/data/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsData_X2MF926N2483VKWSBQQD_216

MD5 08ffd409191677a8841e7049d8fe0fa0
SHA1 bdc6b1a900f1edca7bde61ed26e1940419c46448
SHA256 d485060a1984cc28b9b2215c354fb06f564189fa773080f7656cdbb5b522f931
SHA512 7db48db9440679dfa370b1a97569ff6adfc4d7353c9893b6e80e8321f2f67eda8eb8952fd411dced5bbb9f7216727a09f16c4196d1ff4f073013f8c4bdc6d1b2

/data/data/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsMain

MD5 211b4b70a4c03f623171f5b2e23b07a3
SHA1 b7a48dfeb22f103391edf7ba70d288a0b22338d1
SHA256 80208ea2b4768e6f45bde1366d59efedfcb459690b32e3179291e7e33a75bcfe
SHA512 f5bc1c82e93b3dad54d16644b8165e5e4b9ad043491e1e94620eab51cf0e8b5d143c3611f43e41a8ec7d2d32b35c0ce04a48ce6ddaaac79ae4cbe746b965bcba

/data/data/com.mobineon.musix.lite/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/data/com.mobineon.musix.lite/files/.yflurryreport.4eb29873733ca3b9

MD5 1269cfe86a4cb531957bc24560eecc7e
SHA1 d9570993d026a0258d7c5af1af870927bf3fa7fb
SHA256 4e0813d3ce63bab59ead35f83476da393e58e86c2e35ac03102150c8d7504955
SHA512 b7fa93a90016505fb7fba633e7632dcd11135416a275fff9bfa089a6f66539442e958ed29bd30634c2ec466e79615d1763a305cfc4d797f18a1088aca2069a27

/data/data/com.mobineon.musix.lite/app_working/oat/startapp.dex.cur.prof

MD5 9744950378c4492f1a4c2025caa6d0a5
SHA1 062a38a6c33bacccace961a2025fd5b85b10c3e6
SHA256 449d88c6bacb71af3f900d204bb0c1216877cf7c7d556f66b11d74ac6b6424de
SHA512 f3232260b69b6635a70f6a0ba5801e839207b12da3e3d8cf638e5aabc4d88703186650092a0994a125e3ebcf49fcebb249a1a0aaf464f9784b8799f460d19c1f

/data/data/com.mobineon.musix.lite/app_working/oat/vungle.dex.cur.prof

MD5 fb71d94b453fc75c2ce368863dcbe808
SHA1 aeea2ca8c82d1037dbf69a9e140f272b42f6615a
SHA256 c3917bfe01a8982486ef950ee4af4385cd09f415df9b809deb8972eaa71284ef
SHA512 50a7427a1ba4378a3d2af50fecc2bb43b6d84e2f745965b984a41fcd8e506f3c708d588059dc4e255723c7596a40de022fa8f037499dd961453cc73c8969a3b4

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-22 07:39

Reported

2024-05-22 07:42

Platform

android-x64-20240514-en

Max time kernel

179s

Max time network

151s

Command Line

com.mobineon.musix.lite

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/cache/1582435991586.jar N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobineon.musix.lite

com.mobineon.musix.lite:player

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.74:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 data.flurry.com udp
US 74.6.138.66:443 data.flurry.com tcp
US 1.1.1.1:53 api.appodeal.com udp
NL 213.196.36.132:80 api.appodeal.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.200.2:443 tcp
NL 213.196.36.132:80 api.appodeal.com tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
NL 213.196.36.132:80 api.appodeal.com tcp
NL 213.196.36.132:80 api.appodeal.com tcp

Files

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 ef75ce8a40eb88b9d9eb1850f74cef0f
SHA1 343f8b373cee67d671fbe155d03fc87212b41298
SHA256 9a0906663d78ead060edc1cc59eaab1da6e57c3cb931eed0fea8efded07cceaf
SHA512 5b9758d041fe94846ab0f264646fbbc403004290345ae19d98d7d7b0171323ec197630f3776f8e37b6a5b80560b95669833d3d2e17689a94b275abd4b38b911f

/data/data/com.mobineon.musix.lite/databases/media_db

MD5 07822d45eb13cc56d4a3a7ba23805cf9
SHA1 e38e7fc31a0e6f1121a693f8f38a5250c5139b12
SHA256 b97a2ca9e70103e2e59fd175af804636f2546a2b937e15e8de1cacb02ccbca1d
SHA512 690e34e9fd2570203f817978a2ab55190d809ea3459aae0e6bf948a116015dadf8496a10d5938aee5e0905927455ac38e66d4fd9b7df0158aa0b16c311b80002

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 f2541dd8ad4758bb8f05becc5572cf41
SHA1 03bc1cf3e5c17a9fb6a3ae2b7613658348916419
SHA256 4ba6addf531e0c9ca1dfc4860b3b816e2610e0ebd23e160d0bd738be39bbaeea
SHA512 6a4713e431ca504907161d5b1202f765867c0eac87995a880493ab288820e5ca4ae24af773842cd55abfeae23ee4cce1ec662099fc137c718dc2e4e030355c2c

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 e6d031a8b96191f1d4c9e09f0200e011
SHA1 d3d1e936905afd91ac2f21399a6bf6ebbab1db22
SHA256 672f3b22c1f73cfe2ed453828e93f2db0e25ee4cd87d3eb03c70468e329a86a1
SHA512 d0e9354c168abf8c35d36ec6c21e2947911ae9ead194fb3a900b5ff71372535d1c9c9ad7a9a4448acba5894730c1ee6ffc75515c6186e5499c4807888391b935

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 cc941a801913e820f74277f5dd3671da
SHA1 fd4a4eae9554404451037aa9ea76cb3e9f1e8c14
SHA256 b74db07967b4bd6ec017be2cde263a1f3216277f919da423b96b1380a4174382
SHA512 1e6106a7e778e3d9527c6c7403adbc31c42fdbccaf0eb1d490bf189f3186ec702ce756d9d58ec7c4991732820406a279fd13a0b786845e7ae22d92625628220b

/data/data/com.mobineon.musix.lite/databases/media_db

MD5 dac91b65b2f57d62e2e80d15f7d4c6ea
SHA1 313f142649ca48a4f2fe5c3fa9449b6f37fffe29
SHA256 883c5763f58c7120317145ed1b6d9f350d82d2a6afb2ba9d5f02ab8bcc9afbe9
SHA512 9df2633e88c9135faecf7549a08c4d2a19051bc51f01a70893fd65c49584c75d1e1255c23d92817a9f3f8ebef30259bb347551963960960ccca244f275585502

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 681393f76602246d682d427b1d64e3b5
SHA1 db78577a0ae5540267b6c4117d8497bec4705008
SHA256 341a6cdafde98d702c6f9ac6c1e77336f562bfd1426a0ed7605125252b8efc94
SHA512 b5c9976fd2d35d90ff0a8eaf7e42feb972f12fc8989bda2f65977c7e2f6d2d3ef19f6c47f015acbdf2fd7bada93b9827e00db0cbcbd89a0a7903aa43c454b025

/data/data/com.mobineon.musix.lite/app_working/startapp.dex

MD5 a7ce3758ab5597482c4d81f7b9c696b2
SHA1 a197b161e1130cbacef099094f2a5d26e0f136d3
SHA256 94f0616813e653cae87216f49f3f8f4988be5f792932e61c5c5a908fec858d62
SHA512 c6dce2a63682b09d69fcbfc0dc99cd5ad705e1236cb7a03e099b8e83c97ce50cce206cf912819082a70c8e6946e2f8d96055cdc65af573d62b07dca9636c8b03

/data/data/com.mobineon.musix.lite/app_working/yandex.dex

MD5 c9a1db3fadfbd6980ad0b9ec0e60635c
SHA1 bfd7abdb28be7b5107426d9c0a43204efb89bd7f
SHA256 0c92b22ed8607b60f88a397ac257d75e12b2f4bee1902983ebefeff9f14332ee
SHA512 bc854a56f34c72323c1b101a1bf22260415d0a428c0befa588e45a41f80e96ef0d7337081db5caf5156d81ad135b9ccfbf5f3b4915120bfa5ea2ceeded553f71

/data/data/com.mobineon.musix.lite/app_working/facebook.dex

MD5 85c8edfb5743ca37d63489a2b2808099
SHA1 2effc4cf76c44ebe32cadc9a9cdfd94afd0a2ef1
SHA256 dedac9fdd8941207f57e4380ce5e9f107cb1902403f83d5882fdfb36d875569f
SHA512 58aebd7fad21533a67a51bfcf137a3b0811d93d7b240b1226829951f22d80ba1aa2571793916d10ea6d97156dfa01514f56fc9ff8826030f8f67f45d3529352b

/data/data/com.mobineon.musix.lite/app_working/adcolony.dex

MD5 37b5582108382d2ed012ab205ae79e17
SHA1 8973c56f72132634c487ab889cff4a17cdfc6ebc
SHA256 0d4176c543e9d6d6f02b0b2834b3f499042fd2dcc6529eed71478b7ffc5f61df
SHA512 fcdbb11f96b3ea16043c9d4fbfde0be642793b6aad23e8ebe0392c5c17317f110fb5ffabb4b8140f2fe3170ba2e498cb642db56e6a37f7cecaae349fc6fa5f5f

/data/data/com.mobineon.musix.lite/app_working/vungle.dex

MD5 4da56a4d98f4e4fa0f6eb8a56f4184e5
SHA1 907a6c3362ebd00e1eebbf158e025a2c03ad9abd
SHA256 8c90b442f00138496607e307e83da5a20e5b0d15c015b788902af25e50d3b7bb
SHA512 b1430ddd62068fd084a4b48a8562712eff06972b486ec4adaf204e8541f33caf0808b980927bae1f137b2aac364f9d78be1dd99f986c4db6fbf959def84acafa

/data/data/com.mobineon.musix.lite/databases/media_db-journal

MD5 baf2046bb209530fa68cd0d8f64847f0
SHA1 b0d9d500bcdceb550c4d8157f22d93bb52eb61e2
SHA256 8adf74c5553ebbec4c90fdc441697e32fe04290bed1b873360ffd3fcf9194f58
SHA512 4cd686031f1b512b7ce1a64f6a7b752adb54f6df3b092bc6818e01586defdde9403ca2bacdb036ad9651b0c9c40b8bd3cf920e5bb6af3d949c04981e4d0cef22

/data/data/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 4540e204252ddcba1f92c06cb9571417
SHA1 faaeaff440fe481411524e0f2b27be44d09e5d48
SHA256 93d514cffc4f3495516fbd9b15c81c38dfb09927362855863ef31f837f5c904f
SHA512 289922979a9aa7c2d334d1303e8e4a223d1d3fb7ae3c13f0e933621f8cc988b8a8c9e4ceea71d879ceae62a9551c2fa6883c8cec6cd68f37775f51671ca8be9b

/data/data/com.mobineon.musix.lite/databases/service_media_db

MD5 1044076a1658bdaffa4e1f3d4a63a810
SHA1 1abfa02de75b4272577c7e6155343b9a7853b6cc
SHA256 76a1289787f368afe34c903252e6e26ff781e32c51edce72cb4e518d1d62de01
SHA512 a87451c1fa9e92ea5e6310c7fa45e99bd5f2861491af21931dffe5dc7354fe57e6a77e75eb92a6de12e42dc4944bd665853ebffe0ad60d246ecd46f4bac917ce

/data/data/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 b139d5693bde6e2f3652605c522804a8
SHA1 0653bde25a9cb699433983214a2d3366bab18aad
SHA256 5ea860aa4a9dd07fe90215bd319123e84ec1337a95eb805dae0c601cc40db61c
SHA512 d7feb15957c7fea02743d7d8642c4818a339181c74fae1d76c72ec67c72b5e4c796fb7731d2124d15db4cadf4e0920d640a9375dd7496e8c16bf86cac22394ce

/data/data/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 a8632e4625401ed49706daee554146d9
SHA1 cef472bafcd2459d355a2eb41146997c51ace9ce
SHA256 5e8b7272a58a3ecaa9100a5dce041218550ebe20d1a5dd54cc65f4fa23d26b29
SHA512 9ee32f95dbbac262846ae7dc5860b3e0e711e16f4d539ad8d63fc3883d78ea79120aca4aca48babe44db2e5426a799933fe1cdb7c6fbe52e321a05608d474ce3

/data/data/com.mobineon.musix.lite/files/.yflurrydatasenderblock.e5a88c39-4158-436a-9c79-f35258d900a7

MD5 989cbd5a9b0db9755ba7b882a006bdb9
SHA1 2ee2589516926a098928a268ef36262f93f55248
SHA256 8bef7b326a51dc4ff415e8558b26b91ecc95c32190fa13e424dfe056e6bc0f9c
SHA512 e83a828d84b91ce51b4904bc05895dfc7285776c34fe7fa88a48e790e62928ce73f93e698041d36b4ff48cf6099b1a900de27cc4a3b07947f45edaf769a99747

/data/data/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsData_X2MF926N2483VKWSBQQD_216

MD5 68a178acdc23b250743dc2d9be9519dd
SHA1 2369b2b69eb5ae9ad0274c3bc2df02877aa6bdfc
SHA256 c9e6ac89900c317d30292b6b00d84735c2e78a52d531c3b92648e268fae5d605
SHA512 073b810e3ea980d517031f25e7a2f61e599eccf92aa6f7c761ee827865e0253e78ec73d0af17e958701f68c3e30bfad15fd8510a751a1f8743862d5e53bbfc80

/data/data/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 7fb61a7ca5fa300e985fec096021b6b3
SHA1 dbd43e01d08317ec0bb0ec37585e72b8dae838fa
SHA256 8a65e826b23fa07dbb68bd15fd21896225a85baee05fad5cfb943feee1067e0b
SHA512 96c7cb15cc71ecfc1f3c1a7d9de56f1e402137b2058f3d13f84eb0d0c6fbe417ba94a7dfb5426fc5c6066daf9f0fc44e89d762d06a10a29b4364e47ec0204dd4

/data/data/com.mobineon.musix.lite/databases/service_media_db

MD5 de6b647434eec1d377ca68142b2867b4
SHA1 8c9cf391a25fb610913ba8e70ea48d71cb5e2034
SHA256 0fa82377bd46ca4c4a4a05186fcba6e8ec83170d98c5d76db34c991c47533d10
SHA512 da591fc37df5b0054975275a8fd7ce817aae7bdbd9247fcc86bc0bebafc712ffd330c08bcaaa591e81f9aa9af723f338e4c6c45918a7764c374a40ca581c8ac1

/data/data/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsMain

MD5 211b4b70a4c03f623171f5b2e23b07a3
SHA1 b7a48dfeb22f103391edf7ba70d288a0b22338d1
SHA256 80208ea2b4768e6f45bde1366d59efedfcb459690b32e3179291e7e33a75bcfe
SHA512 f5bc1c82e93b3dad54d16644b8165e5e4b9ad043491e1e94620eab51cf0e8b5d143c3611f43e41a8ec7d2d32b35c0ce04a48ce6ddaaac79ae4cbe746b965bcba

/data/data/com.mobineon.musix.lite/files/.yflurryreport.4eb29873733ca3b9

MD5 cc0a560b1bb923fc9e435c2f11d563cf
SHA1 a0f7fdf660febff15afe567ecb7439b3edb78dcf
SHA256 56ae1d1199f8129fb6f917718709875fc4ce5f301c3460d4e77f339f33c31c77
SHA512 a5a64d9ff4d4f08f2e97986a67b3db955f8bef749818c1e51bb79633ec18a18080d44a5f55107fff40c6bcb5f17477ac53bd34ad8e9ba3e7d25dcbad2fb5e10e

/data/data/com.mobineon.musix.lite/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.mobineon.musix.lite/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/com.mobineon.musix.lite/app_working/oat/startapp.dex.cur.prof

MD5 3017e8fead1394c0f9dd33661a920362
SHA1 f1dc3677d7837cc07e192ce2542ceebcb8c6db20
SHA256 d73c98585462e9f8afb9e45e0ef6654779c54ec53c8ffeb5107d36ba980546ef
SHA512 3747bf33d51def1c99894bb722e846366edc3465e40dfe1ce9bf0f88ed21ee8fc09e64391f53e4c355ae315452255df76c97273dcb17a291769d1de6500d3d95

/data/data/com.mobineon.musix.lite/app_working/oat/yandex.dex.cur.prof

MD5 0a30414600f9c1749c9d09f21be2857a
SHA1 2d3264c4685a88d619bed5fe3b5bf31a117105c8
SHA256 63409dbf839a963bb051db0b6f4fa408846830bb8b0771a6d0c7ec0b53ea3b89
SHA512 ec34a8d273fdc95ecf2780b2cd590eef6935318a0a0f5aa1444d5f5a26a90c5fcb50e214602f736f089f821de10a68c50f741642c7a12ce6e4cc69ef2d3a9e25

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-22 07:39

Reported

2024-05-22 07:42

Platform

android-x64-arm64-20240514-en

Max time kernel

178s

Max time network

188s

Command Line

com.mobineon.musix.lite

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/startapp.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/yandex.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/facebook.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/app_working/vungle.dex N/A N/A
N/A /data/user/0/com.mobineon.musix.lite/cache/1582435991586.jar N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobineon.musix.lite

com.mobineon.musix.lite:player

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 data.flurry.com udp
US 74.6.138.67:443 data.flurry.com tcp
US 1.1.1.1:53 api.appodeal.com udp
NL 172.255.231.52:80 api.appodeal.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
NL 172.255.231.52:80 api.appodeal.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
NL 172.255.231.52:80 api.appodeal.com tcp
NL 172.255.231.52:80 api.appodeal.com tcp
GB 142.250.200.2:443 tcp
GB 142.250.187.206:443 tcp
NL 172.255.231.52:80 api.appodeal.com tcp

Files

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 8359a9a59b07e4db7ff8ca015a17edc0
SHA1 bdc1518f95d7e3445cb2c8348cb9b5d7add55125
SHA256 73a4548075b02ed7acce57c03ab19d627931fcfb0ec2e211a5fdbe699461c4db
SHA512 79248e878bc54b0ff039ec58121901e4ac0ea06d44d835bd7f5bd3457030999222e04427ee5c7792dd7dc938afdf44555ba1f82b0acb554c48c271003ec6e6a8

/data/user/0/com.mobineon.musix.lite/databases/media_db

MD5 02f4782f986451f9097decf8e7d1946d
SHA1 8765008c7efc125bbd21560654adaf002647ea5d
SHA256 58c172ef6bf40940c0266ea1b8e7d80af98bbdda5010f90807832b1cc6f59272
SHA512 10af644c05d4092944f7a148966ff447d5e1231526a8241773262531283bab33c4fbb61371dd8bd3e60e0be9661078f8f6e9c0179124341d06131e5e70be2ecd

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 ef4b18572c06e131a58daadb54fea3c6
SHA1 14ccb1754a3375b13a41a9f7c618549457ce7af5
SHA256 52633f63e7b8b804313669c144ae4151dbd54233ad7cdbe39bfb70483ba13903
SHA512 c47679e3029fc2c52aaf68e87bbf175773fc27d8840dbff7992beeedb4d472bdd7a83dfea00e1e1ccb0c70080d67384aeac999f53a1a4236bb253b5373f01285

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 693f2ae19866b77b70d3c41d364c2037
SHA1 50c386450be8f436556e51ac39fe1dc41f4aa368
SHA256 7ac5d3737af26850a06365d4aff06ea7bd7224f0861b640e93cec992803ef14f
SHA512 3a18e075563dc007ee38cc6aaf1d1e512cfe5cb92357131456b26320ca4f2e8860513ea21635a9cc57ded36caa0355bdcc528f8202a7741835c56e413089e7f4

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 200116d5fb17f54934ebc24b43c508db
SHA1 e93172bfdb72a981c115ef653152f8ca46592f55
SHA256 2809f2f27f4f7d91c9b8b749f0f5132d3db3035ba274041939becff4a858c88a
SHA512 4fec58307f42ce7d0858dd36391b36274d95a9cb33f1e70d57db2661a5aa7f124cbecd29733239529b55aa0ca511107e3ef5a7cd7b0dc0d9c90a26025918c43c

/data/user/0/com.mobineon.musix.lite/databases/media_db

MD5 73abcccec45af9b36164a771dd3f1e33
SHA1 1c64b8a8289693736797930c56b5d867ffd221c6
SHA256 1690ff7b687e07afbae4407d85df049bd055876f9cea86601916dd3541cc1f8e
SHA512 5f2fcf3793e5691f7262cc0e6e0d4f2ef288deba97a8dd301b36c632d7381e78c70f130fb46a362a22022c37a5c5b5444e38b4ed541284d2cecf039d3bf67b64

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 b5fac3b5c92086d31e3a07c68256fd3f
SHA1 d6fb1929f3418b05cde13799caf3e632b6f7f698
SHA256 b5357c1ce79d88ba8a9241fd3d1f16537383e8a0ca53f55f001b561d8ef61f78
SHA512 a782d1cd2d09876bfafd49f61ec06c55ad5d2ac88b68d007791cb2de20dc863a50c601e75c49290a94bde0f281aca6516fbe69ea400b41d7d8ce66db7d1c78f2

/data/user/0/com.mobineon.musix.lite/app_working/startapp.dex

MD5 a7ce3758ab5597482c4d81f7b9c696b2
SHA1 a197b161e1130cbacef099094f2a5d26e0f136d3
SHA256 94f0616813e653cae87216f49f3f8f4988be5f792932e61c5c5a908fec858d62
SHA512 c6dce2a63682b09d69fcbfc0dc99cd5ad705e1236cb7a03e099b8e83c97ce50cce206cf912819082a70c8e6946e2f8d96055cdc65af573d62b07dca9636c8b03

/data/user/0/com.mobineon.musix.lite/app_working/yandex.dex

MD5 c9a1db3fadfbd6980ad0b9ec0e60635c
SHA1 bfd7abdb28be7b5107426d9c0a43204efb89bd7f
SHA256 0c92b22ed8607b60f88a397ac257d75e12b2f4bee1902983ebefeff9f14332ee
SHA512 bc854a56f34c72323c1b101a1bf22260415d0a428c0befa588e45a41f80e96ef0d7337081db5caf5156d81ad135b9ccfbf5f3b4915120bfa5ea2ceeded553f71

/data/user/0/com.mobineon.musix.lite/app_working/facebook.dex

MD5 85c8edfb5743ca37d63489a2b2808099
SHA1 2effc4cf76c44ebe32cadc9a9cdfd94afd0a2ef1
SHA256 dedac9fdd8941207f57e4380ce5e9f107cb1902403f83d5882fdfb36d875569f
SHA512 58aebd7fad21533a67a51bfcf137a3b0811d93d7b240b1226829951f22d80ba1aa2571793916d10ea6d97156dfa01514f56fc9ff8826030f8f67f45d3529352b

/data/user/0/com.mobineon.musix.lite/app_working/adcolony.dex

MD5 37b5582108382d2ed012ab205ae79e17
SHA1 8973c56f72132634c487ab889cff4a17cdfc6ebc
SHA256 0d4176c543e9d6d6f02b0b2834b3f499042fd2dcc6529eed71478b7ffc5f61df
SHA512 fcdbb11f96b3ea16043c9d4fbfde0be642793b6aad23e8ebe0392c5c17317f110fb5ffabb4b8140f2fe3170ba2e498cb642db56e6a37f7cecaae349fc6fa5f5f

/data/user/0/com.mobineon.musix.lite/app_working/vungle.dex

MD5 4da56a4d98f4e4fa0f6eb8a56f4184e5
SHA1 907a6c3362ebd00e1eebbf158e025a2c03ad9abd
SHA256 8c90b442f00138496607e307e83da5a20e5b0d15c015b788902af25e50d3b7bb
SHA512 b1430ddd62068fd084a4b48a8562712eff06972b486ec4adaf204e8541f33caf0808b980927bae1f137b2aac364f9d78be1dd99f986c4db6fbf959def84acafa

/data/user/0/com.mobineon.musix.lite/databases/media_db-journal

MD5 0ec2b0d27293c864b0a3796bf56b6857
SHA1 856f0146278c7a059a4b7f35a27f5b9b67a96f51
SHA256 de78edea11eaab2488efcc178399a727691db752db1472e163ad43640fb664c2
SHA512 8ebf6509fab244bb97db8cb4208b60c546e5957567ad73eed5534231fc22941fe3746283c03a5261b7a300882a8201a240cce587aed69e580a76fbaf9464ee1b

/data/user/0/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 84aef6ebd283fc795e3aaa2b64ea8258
SHA1 3383c65cdcc61dd0b165474d61434dcf8625e510
SHA256 519c56ac71131a3343b921b4b8b367d6fc3f1daa2acc6fb7899b060c20190775
SHA512 212f9242c704f1171872e73a3a4775f3b944da2a421f951bd871afc1fb5e2f13a75a4b0b9491d63ed55f9273f1c661f05abb64be5e290de93be5e138972c63e0

/data/user/0/com.mobineon.musix.lite/databases/service_media_db

MD5 e2c6230809b9ce5913231449b4d5e80f
SHA1 032b265fd739b95b6a59fa5f508f3f7cfd106803
SHA256 a68812b8004f60622fdc0a17257a3d9d516b898cde02389dd620366e4ef35f3e
SHA512 2fff13576148b55688695bda04064c81890c80d9fca80013b921697274afa89bde7cf1301aae0268e428852981e7008b0e7e0379089ca0f171000d2b895c34c0

/data/user/0/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 4e34d3b07d3cb93599b1bc60e29e90cf
SHA1 3f004652c8494b768cab2f3add69f8988da07b33
SHA256 37bb32cd254df9a5d86fe29f26c6807e5c0bd6181311175932a508cd0f758fd0
SHA512 4a7648b68e77bcb3df9ad1e370f3a82d207189a1871ed9103dbd337189793529b3f88459d50ff1cbd8fcbdf3937462f20332bcb687999736b8bc2ac8a272cbcf

/data/user/0/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 2b56b6508c2a2871e04589e70c16ab67
SHA1 5a30163a30ac633f7b62790624d9d034432add5a
SHA256 3fe98f5c7753b62d148a28a216836d964d5ec8269d002ab11302d722027e63ae
SHA512 16fbcf5f280fe29de4719f1c2980f352ecc593cfca1255189adff3cc7a3a279fff387f0f22f08170f34fe34dba209bec67e73d5dc238fd42d58fb9a627f01983

/data/user/0/com.mobineon.musix.lite/databases/service_media_db-journal

MD5 40ffa570ce41db14d43be30e86ae8a52
SHA1 8ff677c7ab73ecc5a493f90c4e8772bbf607c3ce
SHA256 352586b5cf9372f4ab062f4e896883a925a003a8688aeed92947bb251e57039f
SHA512 89b101c0989d569261fa5fcae027facddf4dd70fe75ec702991901947ad6b73f79ba29bb1beb4d37fd6a4316cf2481ba3d78d66e09a03a4f6a12a3c29d42369a

/data/user/0/com.mobineon.musix.lite/databases/service_media_db

MD5 07766c8b7f36b04601cb3008e4785424
SHA1 bce7c6d529af8e5ef68d72729127948cd2c57ea8
SHA256 19a6a15aa47b503ef951a57cc3ff5a4ef0d75a0b9d683a566204066612d536f8
SHA512 76c39a5078543cb90ff1b8ce8d1e0e3634690d217535673ea5ada1e57c50662b804f196ba3bdb9234d628b685e1fa3f7b32954fc4e2c0f482fb6d86f20c50ee3

/data/user/0/com.mobineon.musix.lite/files/.yflurrydatasenderblock.150ec9b0-d0ee-4d61-81e3-12ca3bfadbca

MD5 3d9d22ecee157fe2b5e080111d3dd369
SHA1 95dd041b1c16e73b855e54553f092ab58e213317
SHA256 dd9f088795c9ea8f651944ea7b3ee2bd8f691aef5cf24887e1a5078e0a92953a
SHA512 22ae3b8b01101687d02ca91737ec8e586a79cecbb9a8d6d774aeb258e1043cc3eb883231e74ae67ae003b47019d9957fd66ad91e13182322a0fa5ad7229c5322

/data/user/0/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsData_X2MF926N2483VKWSBQQD_216

MD5 5173252d518433827d3075cf2f547ebe
SHA1 a3d4e0ebc6f28de680d0c23b9631736cae62b826
SHA256 8499486eb841cf3b5ab9c6f560774acc9f9c21c249a51a9414d83a03f6e9bb27
SHA512 fe91c45304eb27a4655952b5946967830da808746496be28210c778ffcbee9fe4878d8fb6d8db7889565c548b882c42d309214927405fd24c6e58a5cba861bea

/data/user/0/com.mobineon.musix.lite/files/.YFlurrySenderIndex.info.AnalyticsMain

MD5 211b4b70a4c03f623171f5b2e23b07a3
SHA1 b7a48dfeb22f103391edf7ba70d288a0b22338d1
SHA256 80208ea2b4768e6f45bde1366d59efedfcb459690b32e3179291e7e33a75bcfe
SHA512 f5bc1c82e93b3dad54d16644b8165e5e4b9ad043491e1e94620eab51cf0e8b5d143c3611f43e41a8ec7d2d32b35c0ce04a48ce6ddaaac79ae4cbe746b965bcba

/data/user/0/com.mobineon.musix.lite/files/.yflurryreport.4eb29873733ca3b9

MD5 3e5e21b1d8cd8fabd33686ca5b8bbfa6
SHA1 ac6fb9f1aaed7d378f7520f9780264b5be3782df
SHA256 bb940f0dcc48024ad4652b22707a5c1ad0e20d48a99c4388c65dbdf1000b6381
SHA512 73ca8112632d0e4677535b6f29b080013399817630ee68949d664ce2f4787d5fef6aa8a5fa27ff1326b15ca20a39330814445475ed295b605710caca3b59aa7b

/data/user/0/com.mobineon.musix.lite/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.mobineon.musix.lite/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/com.mobineon.musix.lite/app_working/oat/startapp.dex.cur.prof

MD5 3017e8fead1394c0f9dd33661a920362
SHA1 f1dc3677d7837cc07e192ce2542ceebcb8c6db20
SHA256 d73c98585462e9f8afb9e45e0ef6654779c54ec53c8ffeb5107d36ba980546ef
SHA512 3747bf33d51def1c99894bb722e846366edc3465e40dfe1ce9bf0f88ed21ee8fc09e64391f53e4c355ae315452255df76c97273dcb17a291769d1de6500d3d95

/data/user/0/com.mobineon.musix.lite/app_working/oat/yandex.dex.cur.prof

MD5 0a30414600f9c1749c9d09f21be2857a
SHA1 2d3264c4685a88d619bed5fe3b5bf31a117105c8
SHA256 63409dbf839a963bb051db0b6f4fa408846830bb8b0771a6d0c7ec0b53ea3b89
SHA512 ec34a8d273fdc95ecf2780b2cd590eef6935318a0a0f5aa1444d5f5a26a90c5fcb50e214602f736f089f821de10a68c50f741642c7a12ce6e4cc69ef2d3a9e25