Malware Analysis Report

2025-01-19 06:57

Sample ID 240522-nypxjaee4w
Target Emtiyaz .apk
SHA256 961606a5c8a4551b28f860da2a8d322e2f0063fcfee07179697bf93d7d94f3a4
Tags
discovery evasion persistence collection credential_access impact
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

961606a5c8a4551b28f860da2a8d322e2f0063fcfee07179697bf93d7d94f3a4

Threat Level: Likely malicious

The file Emtiyaz .apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion persistence collection credential_access impact

Checks if the Android device is rooted.

Checks memory information

Obtains sensitive information copied to the device clipboard

Checks CPU information

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Acquires the wake lock

Checks the presence of a debugger

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-22 11:48

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-22 11:48

Reported

2024-05-22 12:03

Platform

android-x86-arm-20240514-en

Max time kernel

47s

Max time network

152s

Command Line

app.emtiyaz

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks the presence of a debugger

evasion

Processes

app.emtiyaz

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
GB 142.250.180.10:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 web.emtiyaz.app udp
IR 185.143.233.120:443 web.emtiyaz.app tcp

Files

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 3494a8b248f6dfd70776e37ad39a5a0c
SHA1 df1996960b06e4ef5d0279251534709b17413b86
SHA256 492a56040d56a1b47462333a13d8679e443801431cfef396c9e2c256066d895e
SHA512 e85d1f78d87f6577e7e9a470450de07b914928e851c27ec4041d0cbf9be50c1f6d985cae16c6936829b40dae2933059d87821d100ecdbcda6e610ef39c94c233

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-wal

MD5 3d1a71a96c9f5cdb2cdd337eac4b1a91
SHA1 58edb0f8cf5f7a260f4cc8e8a1945c6aca5bf15a
SHA256 30f10cb7e295d6898adf5ca26c319fbb08f84b954e1011bc8de423f1d6f13e4f
SHA512 ad43734eda34c86f2d5b00d0baaf5dc6e0475351a215a95acae6e9826a9dbc5ee6a98c24178b4097f6408b21a13d201d728a1a00348f84718bfc14ffb420f433

/data/data/app.emtiyaz/no_backup/com.google.InstanceId.properties

MD5 4405687ace9d15fbdd9286258f3b8555
SHA1 0da1ae6d8c59798907797ec3b2601f608f89d875
SHA256 52ca1e8fe4220fc37ed9cd3def3ff6aa9fddd425a89deeef2f71742f31cb868c
SHA512 d0bbc0fd4808cd233ad7f8af09fa63dbfd9d4716a3ea29a00c9c16870e67a1b72b24f6383c7b1569acd19c2ff92eabe5b018687dc3ce4209b6704f40efb67425

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 0e2f30d4e3979666539ce17bc3f57b7a
SHA1 8144cd8f6239447a2656f806d4364ee14d757c47
SHA256 8ba4b7d751e032221f7cbbc9286d57ee4d1c9ca276ef39293717d645db4b449b
SHA512 c519dfcfd4aeb7eaf7e2bbed58506fabe7b79c5339897ac8585e8ea08805f40f0332bf86dfe4366d3672e71b07dcf0ef5779464f8829f9d1ad9d40cead24bf99

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 7809e697287a4f100e2da20fac437b4f
SHA1 828f5ba0cfff6cf35c38946b12e8878c62e32d89
SHA256 0b82012ce67a22f5edd5894a271516978c096758d54bd15c2e5a7cf8ca64f899
SHA512 67f7a5ba7b76044908401b809e93bd9b29b94710e4b6802c6d15d913c5e428fbd5476e744feb0026c7fa22507c312cfe8966dddfb1069808ca5be14722f7eee4

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 592647f4fb7f4e60000610792e54d676
SHA1 c85ed6b140c102cbb7050c884e5196edeeb5345a
SHA256 e259db314fc75bc229fd911b8c7f7eaf3ac2cf048353b9e24d3bb7c440c7d49d
SHA512 0c324e80648787a0c39361f2d489e8e2e8b331c769bd2b7fe5502e73bcbf2259acc8e6fd27535e6ebd0aa36b6b206cc83dd3e0e4330f6e0a8cc1b4f3a645114d

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 24c05206fb0bbc79c8272a79b64cab1c
SHA1 71a04292251f2667accc0df77c0e0d40b49bd5e1
SHA256 289ffe14cddf335581fedad271c25cb5eeda3efc852d0eb276309c77073b1063
SHA512 26428f6b8c14befe40d85135f1999a29c1c9d049bbf9251da3ebe20c25587b9bac42f5cccc53984411bee7a699c3f8ebaa667671bb8acacc619741806df5fba7

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 3fb820f0e2b180eb268e5ce028f15890
SHA1 bfaf4d8f4db677c1a7d3a5c617ddefe1de90563e
SHA256 4b2ac88ad632faf27e7feaf3f102d9a78410204da95a5490bc6810c1901bce9c
SHA512 9f9d9fce9d722414513cb2d351992168d5d2b31ac34ced64821cb7261eaa7acded9fe5c61c4e66da4514485c9097f117400eeff808d01de148020dee5efd2309

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0BeginSession.cls_temp

MD5 110a89e713f6cec17833f082e2ac218d
SHA1 d2bbc31368a73f6903fd6facc4fc9fb2173fc9e8
SHA256 8251b5c76ebaf6bb6a7997e2f4535112470aebdc26c9a9857971a28a4f88e92a
SHA512 1356a86058d3258e803fdbb39ac15d350b76300e891e0b268d20bfeb57da48b4e63af9d18b6932e37887c50cb9d910111d9c39ce1a317a35c65b8edf69fbfbdc

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0BeginSession.json

MD5 df06e1248d3c3aa3bc7a62cfaada8d53
SHA1 481e63eb4abfae47e8fceb1ff268e2a84ff10dac
SHA256 1973f2e19d78389b34803d1ae5245fcd457eb9f23a1752f16dc8aa0f94bb2986
SHA512 461574650e761c38b148e9d37b57c8e61b827a105bdb37f4be9b28c2a43efc90ed312f07397daec96b1ae71a12b7727ea713f5dd0a521b27c868b2e7d650c2c5

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 e1189146fe2f1cecb3413e2d0ed4bee0
SHA1 4cff30bdd6009751bcebc1ab1f40e4086e1d3d7a
SHA256 20628341944e94998befdb6e09b7dfbbd064e5eb3a26c68f997543e8ddfa0f4e
SHA512 d8476999b14a9e2e6a32170bbed2b61e6b945f5930b0b5f38b8bca8d26e9f0a841c2e52a038e99b8d3e3c6b00c8ef53fabd1db7f0956773e857ff73a06d95001

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionApp.cls_temp

MD5 ea68f05a3b2ca72fb7551a3162cdd0e5
SHA1 173b0b549519a9a1dfdd024343ab0a1d7534c6df
SHA256 3f9aaa0580c6f0b0248d7ce977748962d3540319dfdb3089583eab2dc8f9cdcf
SHA512 1b03654ca70884396c943ffee3f72b41a8033381040afb36b0fb9ce8e9bdf30221183d0a23b24357377e68f89d3718d526f2a3d2ceb9bd5f2cac8eebbc6132f5

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionApp.json

MD5 22fef7f07728ad1754c41462fa36d90f
SHA1 e3cc213500398f8fdd08d4e14260d18bdb659f21
SHA256 3afc1bc274d9fe1ec4c8f70634281773bddee5699a4a08764f0c43765537eb8e
SHA512 79358fdb3446882045ffbc11948e9425d4faedd348d0bf9636e64657b002b204942bbdd095f6570f419ddaa7418288543b979ffaacf9d4bc58e2663fbfb829eb

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_aedddf59-8b21-4e1b-8971-6682ce1ebf49_1716379205389.tap

MD5 e28bf2e4d137cf808c3ceb8cda45dd1f
SHA1 de8e98fe3736ef5429c457d45a3cd02474da8697
SHA256 18d96f8360763cc6b494f00eb9319289cdb673586e4c3ab5e3f7ce68e06bc064
SHA512 ebd31d21ffac788cacf84896397bf46839dfa26dfd85ff28caf6d8ab6170fc03c82dca302341c05c3862671e6d45d1b595aa811de6b3ead771262c413cbb1597

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionOS.cls_temp

MD5 9b3d4522944ce6396563812bfdb92fa9
SHA1 6d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256 d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionOS.json

MD5 93023624eb8dff5c20050da136aaae0a
SHA1 acfd1ffed752c28fb135ba83c0c6345ddf2f6995
SHA256 968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c
SHA512 bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 9613adadbb43090843dc02f71204416d
SHA1 b1b0d8f2aeb3d35e646083e29a5b1f2f7d2a63b6
SHA256 83e79c1760041b660c45efaa632c5aa3083a4fe86c0a281caf591f9b0d8233bf
SHA512 491abd93257ff9c72565004eacb6073b7e3b789b458f90ab8a407fc10a66b016d4526afcccf9ef9ead268ccdfdc695ca0145501318abda06f3015d65133c98d2

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionDevice.cls_temp

MD5 cf9cb0612d588a1f71b63084cea67316
SHA1 3d035bb92fd3f8997160cf8025c40239af74d3ca
SHA256 0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9
SHA512 70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE4301EE-0001-1084-A36A6533B6F0SessionDevice.json

MD5 75db92d50c80a89e068550028c62acec
SHA1 d78ea55f5dc682e4da456d26383249f608fe894f
SHA256 1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2
SHA512 dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 7e49b8cf41297004b16bfb442876d6b8
SHA1 e319fb018203568b3450bbcae0696891b97a2d58
SHA256 9b1ec9976c8d35a3fc02c1e07f78ada49872162c4b97ab05c7da74b4091fc7d4
SHA512 c10a6d39d2f2e6f96d6b8938820e548706e10e88894cc6e1f600f39a29d37aeb0297a40459b4552cf39e4d0315ffede61e7ce5cdc1c0f32a60afe76e56ac9f33

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 6a47c89e01b69a70d9302b4b65e790c8
SHA1 76190ce869f77f09f6e939535e95b30eafaa0c21
SHA256 7c3dd84e72502e9dc25a737d903012ab55257f7b6cffd42ded8b4a9b9325fe1b
SHA512 984245b9cd62b941ddd1cb670d3290509bfb50b0b36cd023d462fa7bba46d9ec57e9d25abfd7555d166a26f155475eb3a912b4b2ca1da08cab6216476457fac7

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 699567b125351f7f70be3cc898de0ffb
SHA1 635475c384c7066307d46d74c0ac536cfb5e7cff
SHA256 6dedd3cdea0101cfb5c4fdff47c5c242ae85fb40e26eac15b1fa00fbf2ebdd14
SHA512 f310ebc6e0331ed1d22146d5ab80b48ccd33e5c92513dfc367a1ae6455a281a2a63e3e0045fb39150cd6e5269ab7cc8eef7b145d6d69356c86e78491abd5ce6b

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 27da053e6e0a77072666753af74bf493
SHA1 ff7308e3593e1cf10200ac23ff9e79c686fb080c
SHA256 29ffc430f3cfa691c1f0a6915ccc16c4ae45ce84ae2eb581238c4e02d1974e32
SHA512 1e2199d8496ca29ee34b25a736b2c1f09cd61c709dda3afaead5277c00e2936b41553ca299d115e07866f2ccac09ca78e9220a0a1ab8d4753101a63e320b559c

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 7bd3f048f15573695af43e3b80f14021
SHA1 98d3f292b599f2329aebb2fd2f79ccace266a3b3
SHA256 728338561e22c09f87d5abd89022d7cdd083f8f8cab0a79586253a706ff55c85
SHA512 cb91acf073adddae63dd6a8bfb9e02e41e7840f2c6f0b81d9d8299d7313d5e0957c52cf35481a910ab000022c37514272a0ceabb970f641c42aa96109cde7fb4

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 e200818f26fc9c7ff4167871b9d01429
SHA1 abb18363186478197c8a185e210dffac76fcf36e
SHA256 fc206a8d97988b9318a00a73559050cb9fd683984b00a65b2300dca04bff0c9c
SHA512 d84871a9e23a6b575e3437159eee9d036a87e7e0422bd46e155b5cf3d91815f9c3b788d3dac40f7da56767e66e837854cfacffa4ecd189dab7533636f0d28f32

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-wal

MD5 f743ac3e750b043b2c02febfe02457e6
SHA1 5d871270b215c3a07571e44b274b50b930224232
SHA256 9de7d0c84804ef35156d83947b23fea09d988963e57b63a647bab57984d2c1fb
SHA512 7085a509afd905abebe6a2c84459551444479c85ed044766ad409b66e27d7fb3d9c65e56df7d70a74b379e50885bf43269d64b0531f104907a01d6f9e013cb47

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 4162638f3d4ea723a79e20c998da3b5b
SHA1 0d2492bb85bb0dbfab86325e96bd29e3ff10630e
SHA256 2a3ba9e7e237abba2f2b9ca75110737717fdef96307321fc7b9a38ce9bc56fee
SHA512 c7f6a82e8a91e5b2ccd5f4d4594dfbd735e69342ad7e793f8b3d6c12f7485b85deb966ccb14c089964f4e844ddaa3d8538ac05dbf05612439846dd52211ba539

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-22 11:48

Reported

2024-05-22 12:02

Platform

android-x64-20240514-en

Max time kernel

53s

Max time network

150s

Command Line

app.emtiyaz

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks the presence of a debugger

evasion

Processes

app.emtiyaz

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.74:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 web.emtiyaz.app udp
TR 185.143.234.120:443 web.emtiyaz.app tcp
GB 142.250.200.2:443 tcp
GB 172.217.169.10:443 tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp

Files

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 520db88d736efd3f36e47e47a2eb22ac
SHA1 1a065a9b694093e88c7af106c0558e269508a3b6
SHA256 9eabfa2609186935873983e5065d5bab842874ddd46fa7c4a0b16d0c21fd02a8
SHA512 8589c3b21d1b06a96b9eeb6cf15b089ee751d436f7f71b4e8f34ad5910dd6dc07da426a939f1971934a6e623468b62159bdf34fd6fe02699bfc8d60599263a85

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events

MD5 ad7bbdcce258ba21d0a07659a3849e3f
SHA1 887e17f38cf736cc82125092f6cadd5753184286
SHA256 a6417906596802ee2a80cd22ef848d832848a6f36f4e45d320e9b98633a5c456
SHA512 4519d5aec86a163c9c2c97d1cf9862cc9b421749c0d78c0f4ceee31c9fe07ac557e736d5b3f72942e2d5d44b578fc8a6789f2e7a3ec98ec2199fdc50dd3ac45d

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 dccbf041413b0f2653af40bb648c98aa
SHA1 d75770aa1999d44b122b649edbcff9ef13decca2
SHA256 d18a6cd13d999c08d41b3ec3e1c76d060032c515ed5a5a1829623866fb769e94
SHA512 2eeaa4d2d23f586319968fb243250471914944ff19d2b096c4e3da811e3b0a4e3bda67929965d20a07b30e32d6a031d2e02dbb04d8aa18d5fce94e2d8e431a4c

/data/data/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 672538a40d8a376f3a55b2379e82205d
SHA1 7228932cdc0d2efe60030d9f97c3f43e993e83f6
SHA256 7b3548f1ea0dd1dacfdebcd5823608103bd82d32c336e85dd543c061237305e1
SHA512 3762e53947d12feb1e9395f55384e4f2f0b27ced025df075eed69a1acc17af82a53eacc6b9750d6e97322fe94ddba04b8234d9117f5a3a2358b60b6a2635c98e

/data/data/app.emtiyaz/no_backup/com.google.InstanceId.properties

MD5 24450695cb7b014ae69bdb774d9f605b
SHA1 339b6f45f11dea5359b8edae0a380d312892dd5a
SHA256 e58068857c82f13640812d0fa46023a9fe050928b43dd7ea6d00329e3ef14998
SHA512 f5d4261bdbe5577fd66ffc37c5df68eda5be1053961164166d10e1d790767acb8a3c4bc0a3a5363775fc49fb8a7a9fec45cbdaf04d38d28fee921d8720ac7581

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 f3a5f444442b087d570854080874b25f
SHA1 394ca36d60b31fa1d87286418d39f559ea265d7c
SHA256 cad89e6b63aaaa6e521ec209d6b9eaeb148d53c6330b8319fff50421b0bfa87f
SHA512 6b2c44b008954719a49c8581c6c6eb53929030bc1d1534222954d67268fc30ea981bb2effda36c4091978fc77b3e278866835349d246d9bb73a9ee2bf85afb16

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 a8aef1376c5438521db576a34ef8b02d
SHA1 5aa9aa59da8708a0d459053ed256515232dd6498
SHA256 807a730a3fdd317a498fc47219974a77164975674c7bb36d33049a1d02da020d
SHA512 1ac8bdf63ae848429d7a9f608f7f47aad8bbe6b49af9b03d3c6bb437f18da341518c68cdf3ecc57a80ecb73b0dc076949ae15daee12a05a515c405296a4edfaa

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 33c0ba2f20f7ba5f06df0d43d1cfcc05
SHA1 e7306ad5bd6c4c9cf07dd4155322b7c16929e475
SHA256 b7f66f9695694308006e269accc479820a8d4d8a228dfba951c03f3117c53541
SHA512 7bff5b5360163e7b2360085261a1b26d7408653d64ac962596704287351b80636bdb6eebc1c588fd29248784c6e4b4dd74caae063cc565ad6a752104a5743e07

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 bf08030282821164e4733a4fd2896401
SHA1 470b5d441dff484797523cc79eaedefe8c642e35
SHA256 7f9e9951e117a55e177c42666abfc133435a764fe87d9a7c972bce4b319fdffa
SHA512 46163515b215591820de48f04fb46d72cc30dcaaee5aad85209106d437e8f0fa7007df0f2d776a964b8e3d0be58b9bc6c9313ab63abd5effb5c84419a66cd3ea

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 c7a818c59eb0a6da693872d8ef84f315
SHA1 9c6d60931b7f8efe537d677351cf9d49b69604a7
SHA256 3b1036e93311b11c85ff044032e65650d392837351a4e90b2118b67ed05f3bb1
SHA512 f168f5a2c6431cfabdef1661ae23001d6691ec0b10ececf8808d4198393ac30cc19a4f2a18c306779e84f2973b99338eb23a06dd16791a81c500ae9ed41be51d

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 92e5444fccb7db18a0d4ff5397339483
SHA1 fccd7514b583fa9c84e42f25f7baede6512814ff
SHA256 a9e7b43213d225ebbcd94afd699f8030e62d172129afb73028c729489f30bf3f
SHA512 8d36a7313c549af6e245a5ee1f6451ca8146a4d8b134f28082630729185ec265f7533ebe0a6cfe52b43a06c7f61b25146b388de8d8258b1540a0cb55827c8a6a

/data/data/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 5951a8b25868833a050b15866d215c62
SHA1 e232a8b73f490762c92130e6eed80d1587a8fbb9
SHA256 c3e858041840f35b7e44a179529916568879d4fb7a3aa0aaae9543a0bfb42f09
SHA512 04833b12021ff1a84059ea11e75932a7d640464dc475bd1858062f6b1d40901c0658a709ff92afcc0f06cb5e83a2739cc6806fe01234a48adacef32963d1a574

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 90ebb38d8ae3d484cebb131559079f1a
SHA1 e8b16644bbac544299a1e3b9e3a1821267abefa9
SHA256 f4344fdd0ac1351893f663125f9994ec451e5f730de2e071ccb92b4fd4058910
SHA512 fce92427c0ec92378d6404a04a2867c9a3c50c87228c0f22aeb016f9b4e53d67da6ccd0fdc3975e5c5f97ad73f0a4944092ee808e8d67f49741efc5a1b7f83ac

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617BeginSession.cls_temp

MD5 0afa9337b3d8c6bd68f107839636a712
SHA1 7ec813392727214856791a6a884245604fb1e876
SHA256 5ba2299b2f4a0a87d2783c1d1fae0e85b8fb7e736902077011f4325139c013d9
SHA512 dcbbd5cdae023bcfe083b8743bf29af845e57151beec36e05df4cf3b37c035db8198951378c01390876bab7f7b433e00b4263163db854dfefb040b8385311134

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617BeginSession.json

MD5 653e923a3e36b3ea7e1d6bcc45dfa633
SHA1 1aea2cc0d294a91811b5dcadc2d190c6d38a2141
SHA256 1dbab69e42572bfb0b20a79e24b93cca786fd138b7b4e804692d97dd00812589
SHA512 fa0adde2e263cb93d22612a14d6bf151a12f50fb829f429150f8ec6819ce27c834d5fb1fcdca31cf3ca4595926aa96065ff0fb561b86c5227cba0940eefca155

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 1f433c12af9b6bd234b37d3dac217799
SHA1 c702fbe344d3ea8a98b06a56e3b3cdc9c14f92bf
SHA256 5009bcb53cb58284d675588fe7702e733159a61deae082ba2739bdb3addd79e4
SHA512 f2ec556fe003d61d53f406c34f7041680651ef658c41b393016b8c6b862782d20bec98aa1d187a3214b7e29a2fc409aa96250a0b018957a4bfe753022d756395

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionApp.cls_temp

MD5 e925129c59fa0267c6854b2ed33a2f4b
SHA1 f18e6411e944f7d834e571ed68571e7c6ffba083
SHA256 e84364de550a16fa15e65e527500cd5b323934123ca26b0b2d764a245a929b5e
SHA512 8d559b8ef7f469f024a9c9b7f892528ba716acdd8bfc5f5262e856c0a6d5fc07bbd3531a64ae4d008e8858ab9487e19e817aa6251a43bb9a5d47c6d1d3f3985a

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_89922355-8675-4dbb-9831-919d3b249e64_1716379149722.tap

MD5 2ffe88841662969af82a7841815618eb
SHA1 5400c3bd0a4be056f3711a7ebf38ffb7bd098a79
SHA256 9d1eb79124a3f2b370c51a26d625412afd2e26f6c82260233ba683005645eb55
SHA512 d10737597e6b09a3dbcde68d0b78cb3b2d7e5b1e2f82122f7693f1ac06a27f9a4ab54f68c61cb327bd40c1c6b02f42066d5bdc567c8ea6867530b4c92413173c

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionApp.json

MD5 7d01385e1a5066f76461c27ea2fb26f0
SHA1 b0e199f9f837c25d8c65e49a27b46d6fafb2dfb0
SHA256 bbfbd976a81af4a886c70c17de465a2f05cd7ad7e1fd8174eea947f36a50b0eb
SHA512 78ec49eb01a4a451dd8c3d5aff85cbefe47311936d02e63eb92cbf79ae7a859aa61a63c9168b45331aca5091bdf7e2c3ebe9b2f66f331e357fded5521f4635d2

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionOS.cls_temp

MD5 2566d27ce8c28d8961f082c375d7535e
SHA1 92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf
SHA256 5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a
SHA512 1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 ae3cab7ab1c1c6383914c5ea3c4aed77
SHA1 0b9cb2116b853d90f3547c0cdb8dc56c24f65481
SHA256 947ccf93efdae630dca462a900828c35dbe1e904ffcfb6b52602628d8f460d3a
SHA512 cf222e131cd2773b5e65b3849893b8cd5c23a38ee6730b51f23e405b9c5873b5705c61e3b110c9f55d9babdccfce06f18ca93eb76fa57d8d55503f7182ff72e9

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionOS.json

MD5 5caea4b68c57072f7f52a5a41720566c
SHA1 4d9712f1702c7238949da43f7d8ae6efb233a666
SHA256 3223857b618b924c2b0fbc7bfb373a1aacf300a7b5ab585e18fffcf19039f363
SHA512 fe1455d21c521aeae3292bdcc386f6d2005dc253930c03e44dbcb972f96b849670d2aba039ea59e1a5ebc0350e6315151d17bcda55c161a62987d4bb01e91f9f

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionDevice.cls_temp

MD5 2390c1f21db00b20c07107e3ec7275fe
SHA1 e663a646460acc071aebee942cc1776c23d77655
SHA256 d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699
SHA512 43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63

/data/data/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE0C0102-0001-141A-27680F1B4617SessionDevice.json

MD5 afa07370d07ed0a8ac9554ee7001bb72
SHA1 d1e9de22fda1295087525ff3a377f7d7dd410ac7
SHA256 8d4b99fc4968c9cdff4626ff6c1467cdb427f7a597b153f03b4bfb62dde6c07d
SHA512 a7a974b1c4ca3d7ca92e1449dc9718d5ea2af7f8e4c605d25c731fb4bbe891fdf340835e2a4e3a363558744e5ee30aec22542f377eb5bffc0097c70d24f241d1

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 095cf55009a99757bbde90774acf7226
SHA1 29d55b493324153e6be72b821aeaa975186decac
SHA256 48b85439c3c1fb44be4da21bf3ec027481c5cff91e3144b6eed9223b2c4769f3
SHA512 657c2efec1bdec70acc1e3eb0ed2222a1c788c2e59075655b8677bd990ac3c6140c2c89996166586f87840e4a7f3718add83aa304220883fc7552538b2984a9a

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 c82c23bd0400dc4ecebb03b8ea5ca09f
SHA1 38bb4105a8935ae19e971a44f4ddc4ce3214c9b6
SHA256 b6ef1954df60b691ae902eac13462896ac4aee32b75e5e5c7d6f1905f02f92fd
SHA512 b5ea3b39cd7ed527089f90163bc9bbd11c0632beffebdf492ee85297b3d1dd992e31f5c78a979919bd64cd86027eeb219d7c61be5fddb55a91a66e5ebfae245f

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 52816c2951cb66d054d0ccf9e3f1d107
SHA1 d99cda00cefef2a2f2a957657d9767cbf2c7a410
SHA256 e9af19ab4b53d057b3e62dc6df647d21d402c0aad923af4c3a07a48e25f159b5
SHA512 4637e9271850123130627a34a0a280a7e27fa8776b23833ee4791c7606b7c8cf650dcee0d96080200e31c78cf1b3dc62bc4d68bbf7e4fe6cbe7bcfc1c1665a0e

/data/data/app.emtiyaz/databases/google_app_measurement_local.db

MD5 de50a4574b0837d2b186d808e288a2c4
SHA1 b08ec652de8687cb0d1c8d9867837149042a5529
SHA256 dddd24fe03bb4916d4c74e47aa46a1d9ce3c63c745643468682e1c841d1dd01f
SHA512 4a2a581a71f9d74033836701b05ce7838c3766a8158822dc1013e6793e2e9e8b1da9e720588edd0c23131ca5fb0c967b977cee3695fb87e644206790ee0a1fa9

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-22 11:48

Reported

2024-05-22 12:02

Platform

android-x64-arm64-20240514-en

Max time kernel

32s

Max time network

132s

Command Line

app.emtiyaz

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks the presence of a debugger

evasion

Processes

app.emtiyaz

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 web.emtiyaz.app udp
IR 185.143.233.120:443 web.emtiyaz.app tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp

Files

/data/user/0/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 498772ce3751ba8f615ce6202af355d8
SHA1 2efb522f7862ecd97b70841819c2e1903c880c56
SHA256 a164a2a9702f92cf17b41b4e426f81e47da67f36cfdadb98eca89ba9117d435b
SHA512 6200966c21cb082aab5103c6662361b982495a87faf5d5118f60953136955d2a4911bf24a91bb43c67f09e8c601ae54b2c302c2c2748931d3976aed29f10ecd5

/data/user/0/app.emtiyaz/databases/com.google.android.datatransport.events

MD5 7daa8bf70cba1177c0aaa35143f5ff54
SHA1 4ddb8e3e373296808fd5a3832a454ea9c0c60b0a
SHA256 f02ded6053bd0f124da16cdf40849fb201797ddfac5536ab36e1feceb21564a3
SHA512 7178eae8e99b2f8b571bd333a3c6916bd088c96dc2c6d5b074ac388e58a345de6a82daceb39994019cbdc5c2d4065912eb0c52787ec50d9e1f746ba92bcee22f

/data/user/0/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 a3d1ace896af9d2ca5708006531e765d
SHA1 e32b3b39cbf017fa280a3e9ecd6212f0a9a8a866
SHA256 cfac8b548ead9ad494810711a763de052add113d6cec51fb3436e619048ca472
SHA512 b6e71623cc9781485bc478c012d442e684550023bfd1e6fb06f7f564f8db72bcd8c86f52f6537b502de2a7f0d956fb5abd4109fd529cbbe2fc790954762c229c

/data/user/0/app.emtiyaz/databases/com.google.android.datatransport.events-journal

MD5 944e999afdf1f57a36e4461f2581f886
SHA1 8c60c311f263430aabb1525a47da829ed852a72d
SHA256 16995a351fc2f2b54b76002b031cce8374fee9a09c925a95eb40153c55853833
SHA512 6e9f49dc8cd54ca12f80007175eb9f8fd3a0e52947a7ae3d1830d445e8a65cdd45584e93e98612b2c7c9a6e62d0848dc91f2421c941c16d5101e9a77889e559c

/data/user/0/app.emtiyaz/no_backup/com.google.InstanceId.properties

MD5 e9871f51e2b8454fc147f161c88049f6
SHA1 1d1b7f07b5994933a4036e3824b6985987eb07ac
SHA256 7811bd6c5beec5339c2f10acf10cc091b21e9e11f6553240ac46f03cdfbce5f2
SHA512 60d82193cbcd7d4a2cf85d5e44c2f0ac99105911bf3f33c8021d7233b3dc22ea5af4d26b748149288a4d39a90f3729779f62bd57533a947f6c9981a6e9943682

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 c38818e9b353cce1d4285f1a47603ec7
SHA1 e6d597efb7bd35e600a3cb03bb17aad0781e71a0
SHA256 6a629c27ca01dd7b44099b0bd5adf7b5360ecd664e315dcb766ee9b8edd85c72
SHA512 f70ff008c9d7b9e0d380003b6af8c1097652caad843821f26e2c199a3ab6e6e0c3ae6e928c3b5f1301f9fc04470f4386133392622bb7670075086fddc6d41e5e

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 a575630919b8ec6b7540ed777ed31aab
SHA1 0cf9d83e7134a771dd255a1ee1309908a84a5a3c
SHA256 f823a43f718675a2eb822244b192a38e10923863258ecc543d9dd800ef688748
SHA512 5544efbfe3a63eca77b5763a134c268a25bb405f844a0033d87aedd05c4aa0a90bde89ebca568baacda5eaae22a18cae18c5fd912bbca6284eb592e095138858

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 1469c5c6aadad35f05a499364aa723a3
SHA1 6907f6621a6929eceb63081b36913f0e1e54d50b
SHA256 07269503f28ea7c4ab8b47173c8e316e41db451ead9b2ef2aafbc1469dabc4e1
SHA512 c41637db4ae8d6cb610dded0eb7fa948d2571f71658b628c482a64291d3349adc00198702acbfcd020cb620cc9f4cd687f6dcaca86a8077af7297423088daaf1

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 d7a3ecc6a26d04cc3947b9d33df3a78f
SHA1 f561f75eef763d4e8072855774f09defa6aa25bf
SHA256 4a3fbde3a7018e930f947fc2af88fd4afb15bd57a263e29405dfb801d0aed385
SHA512 2e478c7ba7a4fd1aba9edceff3a8e2675ad70fad299ca7dc7fb6f9a8433ab63cc81055ac1f9efa06db473349152e3ca7dde027dd7358494d841b4950e4fe1daa

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 bcab3a633c3c0a6de8407b6371180b1c
SHA1 9d5d7fe480e61f28fe945435aa030a5bb5a70e3b
SHA256 5107d914bb17aaa12a5912f5113ad9549d05d1c540bb5f33f8057808ea1e7a33
SHA512 7390646acd7c203edd5aa2a97cb5e7ebd8c34d4f1290e5fd9fce870156451144621f9916239531500218c664a379f273343586167a05c36bd3074affaf817688

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 bdea7f1c56e75a1fc900ea751eecc919
SHA1 dcfd2979f115a8b52596d98e4eb8f9d899775e39
SHA256 a154828089e678433711122f3f76fac65f9adca8f0e4aef006abf6e639cc29d9
SHA512 e1d759ff0628eeffea4188ebb2f3fbbb51708a1d1c5407e4a1991cab169cbe58199f6537c7d7c403d1610f0fab14887dbb95351f927df3fbe9d660b2db13849c

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db-journal

MD5 442145635d78866b96cbda07ff1ce28c
SHA1 befdc043443359c9a8e73a3ae60c664f36a819c3
SHA256 afe1582ea09113e2860283c602254d502276185f765821667ad74cd09b2ab549
SHA512 796902693d0da88e9dee9667adb6ef9414875b7116fee00ed636a1f169fd89f82b67e0990628754eb0759b996d6a46dd1cf26fbdf7ce1c52a7b1d32d6a86755e

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 b0177f386e1f5c4304a636b7d33cdbd5
SHA1 4ac9d806b15efb7bd4667bc531fd346b59ce3a89
SHA256 d66e739723e4437e4c2cf19a3e33723d63c1eca9977ec096d027a23661d0aecc
SHA512 7b189a74c3cce3022128e8accf227d6e4b10616d0899eba64fa4ce46c9b8c9e660959d5a0984a47224721a49854d5b43b00298d0382ccd66062339351139c163

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 841a60481f32d7d69cc724992b4ef35a
SHA1 33683ed8cffab01ba48fa40404265f4b6bd06611
SHA256 ea774c5576e5cdb46ec20ad38963b80a4e4a543bcffe7e1a049851deaf5b31c8
SHA512 400883130e244b4c4c3a8491dbea4172753d79a8fb983181cb105549c482f66807f3064dbf69a7507b12915bd5f2bf7192e342bd74f90f8949289b2eaa07474e

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 9fab918a4a3ec9525eb0a25555cde4e6
SHA1 9a68fa779ae8003bc90dc9d2a92eeeb6fd4db5d1
SHA256 0d087401e0a789802d762b6b0976cbe75062ae9c34ef67348e47894b1a4fd57f
SHA512 c72fec36592451258bbff3880b113ed7ec23a77c175cbc8091298a47676dac3aeb4ede4cff519fbd30a38aff40447b060cea8cb52d6ab426182d5ac5a56da3da

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 e432d48830f2cd1c320a31a82bc2099e
SHA1 396e35767ebed1028d49a51136884e8484d148d0
SHA256 d2280481d402ae8684563c2791f3dc5d5ef8e1a93bcd654b872bc8a0c599bdba
SHA512 65d3b3c973cffcc37ecbddf9c675eae3a83c5f94dfbbdaedb1fe666ba5f8d72121ccba96cb3c58b2a5945d804460a0da9032f376fec100f18941d60393bc8bed

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721BeginSession.cls_temp

MD5 acbc7d3f396e285cf364a22ac88b7e64
SHA1 69fdbba24815d52c6ecfb162f157d928a1c29303
SHA256 86aa257ed7231f35e9ea1a128a5ba297f55fbf52e3f5e317189f84c688dbab5a
SHA512 eb476e4b6574004959ec8003b5c0c04f7baf2034d4f5e44b0336817759a1cda4abd4d7fc7b4bbf210adbc39908e6e4065b3d4ed34607436f4e925544a531b6cf

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 28c1a0927a37ff4c1d50a3dca0c80c61
SHA1 22a9effdc57f913fabc5ba5c9aeeeea95b597550
SHA256 3f2ea8b3e51a52f1f5cd6f1d3087c5987e3f8f5c0c80fa15d194cba689f603ac
SHA512 0d8e0ef5cbecbaa192964de54be0a6a36f6f7c2d661cdf146b4340dbc2d2c9a4e88a59526363f7d979d3a0a775b530cf237b19daabd204a541393f963105fdc1

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c85eba9f-86d8-4103-aff1-2d29e48dd0c4_1716379167606.tap

MD5 74c0fb8c7b9bf6e46a8f5ebff5d07db1
SHA1 b310f64102b4b02ef9423ded6e22b0991c611cf9
SHA256 b5929602873f2b297192b8987322e73553d335c59a3cf2a5996d77e6ef4aec7e
SHA512 85b91e9bdf90f2827b5862b5cda748294748b1ab1c2e6db34f0c5c400f2539b9dfc682fe27e4be50cb4609f89a17f399e9972aa4cfee6a1173408dd3e99a5f73

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721BeginSession.json

MD5 f823b4ecc8f69e21f99a74db66f55835
SHA1 0164b8d2e0e8ff8fd2d953e16e88b12c2b0aa42a
SHA256 6126ab4177a0cb5f3180e7854a22e7c350b33c1845caea52fc4b44521284ab74
SHA512 1335eb7be300e39f64f14275314a92151b67f79e1f78c114967200e1e89aff60f9b772da96ef51e36a8465621b479bee8828e6635f4ef7689f6c2868dbbd27fa

/data/user/0/app.emtiyaz/databases/google_app_measurement_local.db

MD5 ad22b18b5d504a6fc24de7a474c0404e
SHA1 010745c4139e627f0db21acc16e33be769980dd9
SHA256 896bbf2ec783b1ebf023641cc22cfa2c059873ce9c5f9f40b9b3f4e734c2c815
SHA512 77aba4a74ddb7d5c2b2c340b7aec79f004f97af49916dad8f430e6f675df613c0e6098cf8fc8519032e47993281c9677b226e2379d895ed4a4c7cf0c59a40023

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 b300f99eedf882b2290663e43d511f58
SHA1 cbcf8b48714d376b9054b52c69c1d00f3685f1dd
SHA256 6bcba8afcfd07806a88d2e85b3ab495a018163c09b3e490f5d1b5e1c1f9dcf56
SHA512 fa492859fe20a2842e0d7a7335d4d54e51e81628f3b8dd8d43ff4d9293582bea90513bc83bd0edd506aec47fd514e7f781fad358cdda17cce17933f5995f97a3

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionApp.cls_temp

MD5 299dbf0f9744105a3183aa6ec88d9eaa
SHA1 785de7f1a14e5c1a2fa8624305472374471d5c7f
SHA256 dd29330ca41f55b49c89480c52cbac35f694162c53f225290ce717087f51af5d
SHA512 b1a31127dbf7d4c252517becf59d58d54aa355a2cdf2906fa1dff36ab187cdfc01c268f39c07a74c33f0420a768e5e0e254259705ca9590896769249b6c0a0af

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionApp.json

MD5 e1e7655e667437ba96e6a18d2746241c
SHA1 79be5ed6a93a5616afe5ffc076d305be441522e4
SHA256 6d19f927e8016ccbe0e7453caa7b8d68a0d9561beb7110f2df841caed348e2ee
SHA512 2973215b522cc51153c65a87681561353e3df9793af8dcafeff92264b488fe03efb110b70100073a23fcd6fa8130174296fced7bd4428e372112bbda896939a8

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionOS.cls_temp

MD5 b3d9541cc92a9153d14e5160f8d8c008
SHA1 2e1ac80eb381dd82a03795b682f92020348c0113
SHA256 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d
SHA512 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionOS.json

MD5 fc1dcee4e422d77e7fab7c08c8a41344
SHA1 d5340127e9d5f735b9d33b9dc61c772fb0e2dc15
SHA256 b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7
SHA512 3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionDevice.cls_temp

MD5 fd6372364a5c5c9cf8945ac3ea7a5d94
SHA1 3c798cab71f6ae7a81e71e58712368231230588a
SHA256 7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641
SHA512 a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

/data/user/0/app.emtiyaz/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664DDE1D006D-0001-118E-437B05043721SessionDevice.json

MD5 eeeb942571fa704cf8ae49731fbe9789
SHA1 b5989c4cb932ffc779ee25bb3f7bfb79cf720427
SHA256 78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71
SHA512 71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565