Malware Analysis Report

2025-01-19 06:55

Sample ID 240523-lvfhkscd39
Target base_095844.apk
SHA256 bc0439149e747ff8b39325d2d3b32a5bf109297fb67540238a80c0a4475b7097
Tags
collection credential_access discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

bc0439149e747ff8b39325d2d3b32a5bf109297fb67540238a80c0a4475b7097

Threat Level: Likely malicious

The file base_095844.apk was found to be: Likely malicious.

Malicious Activity Summary

collection credential_access discovery evasion impact persistence

Checks if the Android device is rooted.

Checks memory information

Loads dropped Dex/Jar

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Obtains sensitive information copied to the device clipboard

Checks if the internet connection is available

Reads information about phone network operator.

Requests dangerous framework permissions

Checks the presence of a debugger

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-23 09:51

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 09:50

Reported

2024-05-23 09:51

Platform

android-x64-20240514-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-23 09:50

Reported

2024-05-23 09:54

Platform

android-x64-arm64-20240514-en

Max time kernel

172s

Max time network

182s

Command Line

com.appsomniacs.da2

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.appsomniacs.da2

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 mobile-collector.newrelic.com udp
US 162.247.243.24:443 mobile-collector.newrelic.com tcp
US 1.1.1.1:53 config.inmobi.com udp
US 20.39.59.188:80 config.inmobi.com tcp
US 1.1.1.1:53 ads.mopub.com udp
US 1.1.1.1:53 rt.applovin.com udp
US 34.111.158.155:80 ads.mopub.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
US 34.117.147.68:80 rt.applovin.com tcp
US 1.1.1.1:53 a.applovin.com udp
US 34.117.147.68:80 a.applovin.com tcp
US 1.1.1.1:53 d.applovin.com udp
US 34.110.179.88:80 d.applovin.com tcp
US 1.1.1.1:53 assets.applovin.com udp
US 34.120.175.182:80 assets.applovin.com tcp
US 1.1.1.1:53 img.applovin.com udp
US 34.160.119.165:80 img.applovin.com tcp
US 1.1.1.1:53 res1.applovin.com udp
US 34.149.87.163:80 res1.applovin.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp

Files

/data/user/0/com.appsomniacs.da2/files/nr_installation

MD5 5ff034fcbdafca9e3f07adedad02f43e
SHA1 5027a20dff84f7a35a9ce0fe2b8de942bb24e2d8
SHA256 a379b414d471893c12d698e39619baaa09ee784a8a69b62f77cd4a5d2385642f
SHA512 fa2000761481ae1c568cc920eed8ee7a043b5d2e21d03b8774305f9e2095f0fdb60e76a54ac68ff739c058c4bfa6fd3c7be8c0c59342975a6c7f607fb0370803

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AC0387-0001-11F8-5CC5E5B5CF61BeginSession.cls_temp

MD5 a1f0a2cc8f056e52da96728a9302fab1
SHA1 77236bc8cbcc1e599d9e9b67e06d067f3f72462c
SHA256 6cc9d6cc8637d4499adcedad117844c9a867b95b4ccfad750babd52a249454a8
SHA512 6d2a4d9f64890dd03279c98c1e6017eec9dc52a92a60a788cdd6b8e3ce6b62ae436d618aae934c42b34221cff800be4de874acf132f8cbb1cdca6725a90103cf

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AC0387-0001-11F8-5CC5E5B5CF61SessionApp.cls_temp

MD5 f2290f576e7740ba202844866af8e42f
SHA1 159611b2d14a928b1a7ff5225c082a7edecf8d42
SHA256 66cddc3213b3e1e447d288c32f98b5a36548df5e1183e6d59a76aaf9775d27c7
SHA512 5a148bd705091612891e03481cd62eff2676522cfa3b6d9856dd051cbeca02334719e8f117f4e44ce45e227fdb58551104936c137d01e9abecc82499baed0c60

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AC0387-0001-11F8-5CC5E5B5CF61SessionOS.cls_temp

MD5 b3d9541cc92a9153d14e5160f8d8c008
SHA1 2e1ac80eb381dd82a03795b682f92020348c0113
SHA256 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d
SHA512 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 5a3145d118c7ef6de90671894954f325
SHA1 b07dc796d18476997dcebb2a48d53e115443b4aa
SHA256 a3f6efcfabf10b07e002ba634dcc48bd76d824fa47194ab63af6ec495b69793f
SHA512 95f9640f49ca84d1857a1e90174630946bd2c367c2ed7eed80674ed3ade103476b0c8d22eb7810f11ed25d9e642b88dd51f3f0ed3c790a7ade01622f75e83fc6

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 e082a577b0eaf9202144b220a1d5ba74
SHA1 64383ca5c11eda75f8a73483ce1766f5745c97ae
SHA256 39091cfbc1cf073d32db32c7a606b3a77aa6b8f31ef3c9ffe1050038662d7d47
SHA512 dea5f58c7d99804e552d0397fb9f0a38482dd4cb2fef52cdbd15ecf1d751ad0c071dc475e74f8c572d98ff2e599066db697cc10c7a26b71bcbb944f93ee545cf

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 dfedc8040b9455fabe84a796210fdc60
SHA1 969f5932d50e31ad257be5456d6d062b22ef6c97
SHA256 01b7c86c4d2d9d026fb49a104aedcad7178494f7cd0c5141d43f2d5a0bba743e
SHA512 f54753327b0a917c757044f6034f47da810c0bf197be7b1800f9cf29a7a28c5d20ebd02b7c5850c08f3a2a7dfede7b05db85c4fa00cc33e85f270448c22b40e5

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 06ae55ffb2537c76c2a3fdc7b6ca102a
SHA1 d6b9a44c26080dd3dad603168f63f242c4682e06
SHA256 921d4d6e3cb0fecf45e01f55bb79abc43bff31f4e466bcdfc08fa6ba27b6f3ae
SHA512 6d81d62249c45e66e883bf74a6326076031be5d17307e2153b3a3adf7f77e8471f76744b66b0b7d4f37b1a0dffee86fb4a35e8b71c71a6343b456f30c8f13334

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 a7f50f560d5cfc998893805cb9d6666a
SHA1 ba4c81b9cf254d481578f366c55b5cd56db009be
SHA256 975b7988ad7371f58d3f8155dbe5d000f674219e8a4dbf7edda29843f3f4ba42
SHA512 98ba97797e78793ae2430576c7add1896126d03a3d8769c5118f16562951ed883cc0558b09d7661d037c17ac85071aaad095df6add57c8b4bb327547c005ca7c

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 0fc974c5f9c0c608441a6ae9eeb73dd9
SHA1 ce433dd4b50e6ee3bfaac14846c103f0078cb39a
SHA256 d6b29db284891c313de04ebc3d13d5ecfda3307154f3a34a80b20a062f2e608a
SHA512 36fb2f4b59149e2768a71b7e71d3e4acf44fc319beafdfa05421f24582a0661c2649fb1aa24fbb45f484311c64ebee17ee4424b6c1f88640855b9644a0c762b6

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 46c3121cd0e06d568131e0fbfffb37ea
SHA1 5a630345671f72bc01f9ff916861922543a888ad
SHA256 2fc312e16f23d4e6b1846726394e59b76f77327f31e5a767ab942942fe11a50e
SHA512 8b128df32159f0798d3bad6d42311d9b552802a0a4eb9830244603e48678caa6b7b6cf6c8fc267a6a519bd48c14d203d57e2de1c0812290c44fa57c20081a86b

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 cc41397c51d7cf40566de5688cc3fcda
SHA1 b86c6e0b509b08d9804b8432da94488b0e229540
SHA256 8b3ed11ef6c57c78d3293c7a4988e103f7671bd60f22bbcdb2975baebef30171
SHA512 ca2685f419c3f7600f70c225632222a85bf500f84e68529a468bdbee012a0c604a9f25d3dcee292a4e7823883529e01879ee3bdb05cf2ce1dde286ae83d38171

/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 311be70af04aaaa7742dce5b874809bd
SHA1 4ac8ef4bb43ac432b2690c62fa96e3341564b51c
SHA256 fbfc5ed2ff5576fbd77d6eb57e3e47aea497f75db735985b44ab7ce2f17f518b
SHA512 613cef9f2a37540852d2286301b631d777f7ca31974872deaffa236c76574922a3d9c10fc3356aea943897ccafdbc7fd424ccc0611e37bd4c0d048f2671cb5e8

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 97d4ac1d45c48720784067249a5ea3c6
SHA1 326f507ca81927d9d6b1d55663c7dd750dc806da
SHA256 468843e4ccd9cac4ee1054f23f624b542ec1b3d8d07bbceaaf91b6c70e4efe6a
SHA512 c2ad5112bb5c5cab533c7f90adde9889860c17c8259e4127859c7a0d1886e797b2e07ae91ace7330c181aa5dba4edf19e63bb932a29e0d5832329bafd07d0768

/data/user/0/com.appsomniacs.da2/databases/http_auth.db

MD5 ed710a8968441282a5939621c2771927
SHA1 b6ac28b3e32ea66790c52d6934608b5e71f3d5b8
SHA256 6e7b95a553c2528d6c564296a9e481a6d913074c35011a19f2da8e4807c53bb2
SHA512 547d7c530ad345edf6b880b7685d2ddf3770e595fe3a40041677cb0c296b15ec6d9e8ebf3f2db51624be41766a0af6764512f1c352d5fde22bdea81d7c08e364

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 705c3ef8a5906358331a62a983d90f94
SHA1 19bde1b50a9b55d25aba8214cf542d4b6cedcb4e
SHA256 f34c01b7a5b7aae8b22fee8de59e833babf36da9e67b10076fa493d00ff0a97e
SHA512 47ce161b71c735affe9bc8d6a837712e066557515c8a9dad357f846acbccb1954eeab2c8abc2da5dd413d9abf9843d6b7066a82fc8c31a17486738b24265a180

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 35be0e57ffa287a1b3a8a94c5d4fee5e
SHA1 c03c141bfc478119a758cad4a20b13d5917c62b2
SHA256 391e2b2f43006d87e930eaf0491ea0a4250061a42c5958783532f256fa4554a4
SHA512 79559bdcbf6a3e08aede65b6b79d43025a5db0fe01b1c9501a7d27654336cb81debb2be6ea23310fedb23f2eaac83c41f06b7878196bd1c8b7a9457ffc568d58

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 d62474d7c56a12627a198dc702bcb167
SHA1 f5cfdce55f212f04074b2c674f79f3e619d40e94
SHA256 4793dbad5a091dc379960a72d5a423c04fbcd71cd950fc8ddec8553ec24c0dff
SHA512 491cd0086737c8ef2687dfec3628d7a64f2227701ae773652fa18cf084f7637d0b454aefffd9d82a8bb1bd98a6c6c6f78d2a77d05e9eeaad9f1f7f291c36a10d

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 7a181bf64ff4c9feda1b70d3a7c5cced
SHA1 7eb390926503fc4add5bc7dc6ac409700c6b2441
SHA256 c94bd7ef0fa0bfae1ad8230e8ba8b75fd11a0ea9ddf9a46c5ccfe0b01c7d5d08
SHA512 c3b987dd11331c638ab3389f3566f2a28cb491d9cd7535b9cbf7a919a01090acce33ce052776436d01f1ff37a5be6d8418c43578915ff77636acead9b53949ec

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db

MD5 52c21e4d4a1d99233dce61141376ec35
SHA1 2e4fe96a1481414595f63291d17004e29027b586
SHA256 32d252bbd345201e55f85eb685a565d8bea52fabecee935dfc2d2192aaf3dc9a
SHA512 cd0d86f88f098676ea753ee5eae334a9e52a2c880d2114c9555c69251a25f725935cfdf66e8c2443bd554279807ba0edc30afb8dc2055babe2c13ff94639c516

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 9951630782e992ea737461130be9687d
SHA1 e732a58ea7e7a7c9a0df10fd74048ecdc726da59
SHA256 b4f9f6578188077bc7e79c4256ac0437a7b86cff7bedfa50a209323cda4c2626
SHA512 d99fc64e59a59b66c3584aedaa6464332e9c9c244fbcd8c34dff0e0a7dbb6574677eaa2bbbd64ffe3f996903b01820aa5f8d874a45436a6a382d7efe0bc06c8b

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 45f4c4d113ca9c63e0daad9228089636
SHA1 36564921e189ce10c543d2488066b0e12c0bc9c4
SHA256 87ef9c9660ccf67277941a5acbb3b9833765f14614c2cb3ee1f7b7918f7e8e8c
SHA512 440206647ef147cd41e60178ecb34cfe38d835e56a16bd34308f50754576de41951df6b7522dd839f1ed4640336c761eec6c3a8840357dfda1a79edf9addd79a

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 f508d477fd6306115c261eb905c2ceca
SHA1 ffda0fd4784f490ec0507c4462f70111d52ebd83
SHA256 600272390042034dd32e0bce4bfd8c96955ee5f629382d81662cd02a55cb7ea8
SHA512 d9c579c14b503a0516a39cc0d27000ce0718adf32771a48c32442869ed953ed25fe94721918429b0875a40c279b1ed6d3f31b7cbee1071e4be8669afaf42819b

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 26da157978071ab340aa4b255446d90d
SHA1 33486ed5e0b02cb1598ff9bb904722972216986b
SHA256 c5edf8c72aa3a74900cf6cc4856fbe2aebc4e805a31388a1fa285ab6ba35e381
SHA512 dda3c60667762c0330264638f0371bc053228ebfde3c65cc418b740d624fc5125b974a921d860d9cd051f00453a50c1ba4de224620875dec0e596876c76f40ee

/data/user/0/com.appsomniacs.da2/files/gaClientId

MD5 720b79d804e089a88919bac9750674cb
SHA1 feb5290f6eaf3dec85df33b0439f48bc3a441801
SHA256 4e52097f82af859d81fef2d9c2ca928ef1efdb44f721a6fcc6fbceb5622f04de
SHA512 be119a393f4bcdd0b53999131772a9f89a208cba45548c87d7224aa8e284da4f14c6aa7e97c597025c9c92745ce91d8b622aed08dce7b9d15d0f2289b4df26a5

/data/user/0/com.appsomniacs.da2/files/gaClientIdData

MD5 1f49d4f537e39a615c38d942941de684
SHA1 c7bd73044c56b7d828d53220180ac5a000a81690
SHA256 c28e4803a07ba2bf683ec1a16218dcbab2af9ed68a72cfc2c73ae2596146c78d
SHA512 4819f8800bc801347b62c408206732be31d84a7d7d766922257c3e3156a14f1abd6a782cc24493c49da04168e2969cceb19c2fd871c1f1e02ee21ab3b713f1bf

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 c80b0e667e5496d0be287cf04b038ee9
SHA1 1de58baa8933e343d939de53591dda638fa654d5
SHA256 704b7ed442f90e86df02a3e81c1c619a92cc9709a49f51db905b6534ed8e5d1e
SHA512 91b85fb247f8e776c07425e16cb55edae0233a08452bdcf6f8f321b4f42f5cd9ce11763d2cb967964fcbee458f2dfc23655b7c03f6dfb17290b37a1d2b4e8ef7

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AC0387-0001-11F8-5CC5E5B5CF61SessionDevice.cls_temp

MD5 e5863c0227819faefd25292e13281584
SHA1 c3a63e8cc4758f1d7299452ee0aaf48086b468ce
SHA256 05392fa47c0bbf4cf65856bb452430af7a48fdae15d36a5f5ca6f9aef17f7e89
SHA512 618189d160f227cbaffc875d7e9abcba4ecfd0c2a055356a9ca052ff62c4720642fda58fb56aeb54b7fc7e1793323414f6ad49ba9b45a8d1d3100d94e2e07ee6

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 c2d910572e315394be6f1d73a3fb8040
SHA1 165cc2a47deb195405d91372fd1dd112f0886e1f
SHA256 3881c33a419f3902be8afc5658265f65e97e80e3380cb270157d66eb7e5da3f4
SHA512 094d2acef2f5cf2d8f6c6c1276923a74d3d7819e884077a63733a9b5c3ed584c36dab2da4344c4cb093b117b6e6b3702022e3b75f58649cc19b7e0095e43dae5

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_d46a2a72-32fc-4c58-b426-c473650f78a2_1716457906701.tap

MD5 181c0c539c45921a7166b5fef4738406
SHA1 d69873dd8912f2b3fe7bb9e2689d2c5e08b4e890
SHA256 8c0866f4689d427d2a46247d8a966eb021f991b11f61a6070ec21f4c1bd4c917
SHA512 bd1349b9a1ca8fe2c57cae85216ad453764ad568658162d0e09f0d951c0028b34592953f2f4008244a90d80dcdfdcbce0367d3d10bfbebb9b6c46ac8712ded33

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AC0387-0001-11F8-5CC5E5B5CF61user.meta

MD5 e9fc232a5518ecd2a9d6c0c53bd8e82f
SHA1 c214410a01d1b1dfb7b6273122afd7df33b71c5c
SHA256 1b9a99edf5032c8a0da18006c336d6f0c9a9049551d8dc5fdb1d587ce01e317c
SHA512 aea0238674e561ddcc4a6c597d82648e1ce5d6573ec8a3c13a59a30f5522583d7f8ee29e8310cfddfd7c9d3635fbae385cfc1105c7bda358a5215c7b52664fbf

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 a4da1f5453e70bdd845e534fa7a68dbc
SHA1 2c4aa32bb4ea1b44f637f66a261c59b93867fdbb
SHA256 213c5ae18b5180d18eda6c103f9dafef8e2246c6eaac8cdfa34db5fca65a5165
SHA512 2d59caeb9bb59fe7a7dddbc562fc1347f59e5e5351beab0af62188499eb39e25dd398ae4217c15ff56c8e00e4480d6af2583a3ff1f0817de1a4adabec74eeadd

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_aa650788-b2fc-46a5-bbec-9f814b003dac_1716457911767.tap

MD5 c7ae29e4291357b3b96d3677f63acef2
SHA1 943d675544fdda8f667db41473defd68fecc0bea
SHA256 365b237f88e5e8b56706f7296b2b7e558bf63f7d193fdc6ee6cf7deedb85ae68
SHA512 1ab3bc4b70d9b43fbc32a2bd0278721bae4330527cc65c207fba1afeaf4b66a6a5ba50e8505d7edf3ec223e33414fc83f7bf6d56250e72da65cd7f76b29a4340

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_off.png (deleted)

MD5 d9a4fb40256f67255242c0f41a0d3de3
SHA1 1c99e725cebba2c3f5808d5e00c73af58f0790bb
SHA256 a7e16ed6d339c6a85870e5c18952f839d61dbd93d47dbbb49e7f7f9124cd0d2b
SHA512 a09d5d878cbf2f58ce256814b9d19d9122858609035b2c15e19e2da8171e36d0ffff4b33420d4d27233200b430307f1fa42459889b52f66e4282af8a84edb8fa

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_on.png (deleted)

MD5 74485ec832d65f19b05f5027220df53b
SHA1 49116a6b85bec84512241c9dc6e511ce10bdb7b9
SHA256 7a89be15d3a268c6820f385ac6d4585bf04b45e2fdff37948b2a73afa34c1268
SHA512 9acf56fe90a687ae653ab5014aacaeb7ad6f76982271df5f63e536a358f3f53b63f7e865fd8180bee96980cbfd4ba9b07b81977f86c9b9d0b41ca1dac0556657

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/jquery-1.9.1.min.js (deleted)

MD5 397754ba49e9e0cf4e7c190da78dda05
SHA1 ae49e56999d82802727455f0ba83b63acd90a22b
SHA256 c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
SHA512 8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358684111_392x696.jpg (deleted)

MD5 7d84256c8f0feae5324641c23aedf033
SHA1 196c822f8f11dc736ae7c930b221214129ddcbea
SHA256 955a4320b4b9594969b785d20a48c743dbd3de668d440cbe46011d0163672f01
SHA512 897ff3f92e41283694e24e5a61feea8e8c0506f6830bd08d3e479bfaee8cdb40190e3dc4fb450dff9728de39ad1b2ed739daa99fce044a5cc6dd059577f432da

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358686556_300x300.jpg (deleted)

MD5 3bfbab587c120f9ee8677eb062528982
SHA1 0fd42323a18a423e4645899595151334997ed342
SHA256 fd3cbe0d8b37bf1a071484d28e32c6f809609f962d206069defcde3c1b1355e1
SHA512 4f65e45d11556cbdc1d0d61c060369c85dc94c4c8460c03b194c4e2ad3426da0105dcfb404d780d8611f9b225cb29c6b21a01e1d2e85526428bf8fb5d0c8a503

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1381250003_28x28.png (deleted)

MD5 759a106983ec92f34344dc5064efd29d
SHA1 2c237ecc3297a144ed9eed2c4e0ce68d5bffa07b
SHA256 1b5b3be1232ba117e19d81f6d0a2d6d1d14ee6cf726fa2a2800e19166736ec81
SHA512 516b0053563a00690e503780c883d51b84143498305e2cc7bbee4489e1a06d38a2c637eb3c125b7d5e1def35e31a66434f403c2a7d9634e87c8b87f05a94bb49

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358685529_392x696.jpg (deleted)

MD5 bf75039fd9a68f1f44f73267f71c47c8
SHA1 aa7e014fbf639d45ddb016afa411ba8d9aa6e114
SHA256 c4bb7c6ae138b061759057004a0dd9a0d32d4c8f8f791ec14cb2b769fd62776a
SHA512 60ea20169d1a22cc934cbdc51ba57b32d88f23c977132deaa3bcabddefd71d5e285b64ff35d2be555a742bb020f6729f341fac600592768a015b4606a21b2e6d

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358685987_392x696.jpg (deleted)

MD5 3bcbbb35f4bbd239fb7e9c6bc35e5ff0
SHA1 673bb5ac51de607baf202d8a832e4e4088773bbd
SHA256 49ef6ddeec78e6c9bfb48817602c51d4ceaaff62027ae50c3d05b09d91ca8133
SHA512 ae5d17265f966eee99f98ead5f878014f26176dfdf1ba5019849bb4021a351db15dbdf03384f54e6bcf8269ce8cee72eea66dbb6db9e765c31417c29129a072c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/Star_Sprite.png (deleted)

MD5 3e9f8ed7d7f351092ee72888492b2176
SHA1 d2e24bf5118c4aca3fae31e68b2bcbac129965f5
SHA256 f357811e4ab12919588c788fdde0eab340469045bc604914868e76dc15fcfd7d
SHA512 678eb76d42bc4d696d91edb75060b477c9cc427ab50afe1ec7b19f557b2a05e007e51b757d9abf0091481da1edc41f99d16c715813c8ac8f74222d30a6230afc

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/e531fdc9f69cb5ad503fe38531ee66caada9df5e_v23_phone.mp4 (deleted)

MD5 58651ab60009befd5d3ef3ef156a362e
SHA1 fbea729e936c22a0d93b63ee0e6dd645c3301533
SHA256 699c6b35ae2d4b3034516d4e6cc9142323910cce7e244aa79e8af910787ab89c
SHA512 cad7b26cc1a8a619eaf0d64c6e784cf58274d90f967a06de80c500a9474dc2aa893651dea5f1d527a2f40a1d902726e803166bc84f631a40e4bb9b83b80523bc

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/od6eeae3_a517bbb8f1cc05a32bcfbfd9a8aa2a138fa027eb_v21_phone.jpg (deleted)

MD5 c531ce964c9277fa7a0a6f247135f04c
SHA1 0b1343367695995c4b92d6617c8a7a4e535d0aa0
SHA256 6ff08a838707a9add553b79c969c777308384b0bec30007c48ad63ba5f2941fc
SHA512 ce69786931b65b3842534856105ad05ca01a29e9cc26d7309e894a19fce5010afc10cd6c43fda980611ea6d164730da3c086e9c04d52f66adbb8c4d6d00ca953

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/ba6e4620083192b37ffeae85f3e0cf6d7c361955_v23_phone.mp4 (deleted)

MD5 bb2271110e3998e3d600f9d322f74aaf
SHA1 1b0066cd2fc718d06d2b3095b23a92fe61e42ddf
SHA256 85634dd8c7a6542d954f9c583c7716cba8def52eef55bee5c454bb06eeef0258
SHA512 ddf682625bc34aef80da26576b7c0238ffdd9b92153fe27c547025bf928d38104f65745ca136ad1c0d2b0dd31d3760b7f7599b99676daa5aea0c22a2610c55fe

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-23 09:50

Reported

2024-05-23 09:51

Platform

android-33-x64-arm64-20240514-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-23 09:50

Reported

2024-05-23 09:54

Platform

android-x86-arm-20240514-en

Max time kernel

170s

Max time network

181s

Command Line

com.appsomniacs.da2

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar N/A N/A
N/A /data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.appsomniacs.da2

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar --output-vdex-fd=105 --oat-fd=108 --oat-location=/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/oat/x86/d75c8e1bbeab9e1ddffb9d332585db71.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.212.227:443 tcp
US 1.1.1.1:53 mobile-collector.newrelic.com udp
US 162.247.241.4:443 mobile-collector.newrelic.com tcp
US 1.1.1.1:53 ads.mopub.com udp
US 1.1.1.1:53 config.inmobi.com udp
US 34.111.158.155:80 ads.mopub.com tcp
US 1.1.1.1:53 rt.applovin.com udp
US 34.111.158.155:80 ads.mopub.com tcp
US 20.39.59.188:80 config.inmobi.com tcp
US 34.117.147.68:80 rt.applovin.com tcp
US 1.1.1.1:53 a.applovin.com udp
US 34.117.147.68:80 a.applovin.com tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 d.applovin.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 34.110.179.88:80 d.applovin.com tcp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 assets.applovin.com udp
US 34.120.175.182:80 assets.applovin.com tcp
US 1.1.1.1:53 img.applovin.com udp
US 34.160.119.165:80 img.applovin.com tcp
US 1.1.1.1:53 res1.applovin.com udp
US 34.149.87.163:80 res1.applovin.com tcp
US 34.111.158.155:80 ads.mopub.com tcp

Files

/data/data/com.appsomniacs.da2/files/nr_installation

MD5 8c9acac4589c1d20c70f81abbfdd42b8
SHA1 65502dba1dbac48adf2621b06239cef6da9a034d
SHA256 0b810da31691a1ae5021068d768be90a9d61740b293dddeb6ca1f61572d60c4d
SHA512 bbe894179635dae3024e1e0a15a400626d8e202ac21ef2a89eff25de16a9f4c72c4fe7b322e6a1b52d7f07cdb41b52b25cfbea36f5c370234e9373d06897acb2

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AE0110-0001-10DD-DCC08B233480BeginSession.cls_temp

MD5 db02163317047ba67485dfc68d748c1e
SHA1 e5e44e0c14069d6e64923e45f460b2d7cee16620
SHA256 66de2b7c0f8acf60a097e2a9516ff24b94936b93db1dd0a49d50fc5531c71693
SHA512 95902c62418c219d4ff0d9df05da2d525070e19cb6e18139f0101a53e7bdc070459a7e393ad5a2065f35acfc07d11e864f5d1851840245257ae7b4b2659aeacd

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AE0110-0001-10DD-DCC08B233480SessionApp.cls_temp

MD5 6cbaf8dd02499aa1708932f85836b397
SHA1 73189df41d9a54075d9a6682c59c778e1bd17530
SHA256 4c83dd5b2564e107e907b5237839f9c2ab030626206a7bb0ea0061cf791aa2a6
SHA512 8c4499e67500af92e069d5dc15b43b3005b3d210c441c4ef2e342825fb8000a8cc2df1747aa79a9baa2907e8748daeeacbc8d6e6f717ff90a43605400f6475b1

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AE0110-0001-10DD-DCC08B233480SessionOS.cls_temp

MD5 9b3d4522944ce6396563812bfdb92fa9
SHA1 6d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256 d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 724a98d83c693f389829b027734f290e
SHA1 49a88ab3080e060da33d0dd9a3884863de837c14
SHA256 c01dc8cec30d9439e28b41ca0935d2f0fe6273a909d55c29a840503d902d6a20
SHA512 b41f88333b5ca60bec7d99edb9146b30cbf0cf8f39b2689abe78feb5bb215b263ce66533cfecf65c527c9d9da6a3e3c0f1f54014646c7094b7c5695da7f94c0e

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 ddb4bdcb3bdc63f92be9f90d11fb6ae5
SHA1 9a88231d8dfc76709b97a80e174b9b833c84ed31
SHA256 cdd5efe012fc241e246a1c7dac53f045e633fd01448e6f253ab4ee2d684ec2df
SHA512 fce4fc192e4f9918289dfbee67fe8c6ccc92aba705962cd31fedec3a2d6777246dcaaaa0dc908a3b3e28efadec74d5a76f2b34381bf28ec00eb7c364c64ac0f2

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 2296dc843a07ce8f48453f90aa577eba
SHA1 6d9b9aabf8cb943fe7d179b20cb5b4f2ee88073b
SHA256 00007742e5e768f4cf262e7b1cc6072d4eff72664a63e058dab0a3f6cc10152f
SHA512 aa774fbd6f55bf2527a1e4c6dc264189839bdbb16044a98f5fcb81d81acff374236eb8e72e9035ad513ab61b88bc0ec47b15984013373278f6ba70d30152abd9

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 9d3b2e27a550144e677447cfa93c4d7e
SHA1 efd309e4322b1df224e0d6cf1df510547503e034
SHA256 943f1b0719d0875069f2826b013dbcac0162a12ed58a10966da64bad141441c8
SHA512 258714c7a76f407dd81c69e5d3b3ad040cb2ff465917c60e967b745719d27c8586e5be7bfd67856c993d6fd987ef29e348d9b74adc06fb8eff4c7a9c2616c885

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 1e711c453ec9d9ea0967de3e1a758672
SHA1 3fa272a9300dc4df6fff54931ab035085834adf7
SHA256 c31e408d60d92fbe3818c73092aadf4661a6f2150bc7cb787cdb7a7293b90aad
SHA512 887eb56fac50b32f811bd9cf5ed383a8a38f32eea79de1d36b568743adacc9ff3cc48a2a57b14161b88590a3facfc46478cf2518d56e2d7f47b9f3737ba91aab

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 a60f825b4e6ead610c5d4a16c746f1f2
SHA1 d4beb2b3a3936146ce42e3e7c92af8f5ab075f46
SHA256 8bd1939942bcccdb668f8af7cf231e2b3353a122796a2a59705dd4163fdfc295
SHA512 40121f658c5ef9b9680774fc9444366bf64fc2bb8b23e94f927e98ee379e2be5ef2352c3fb851e78e93c4531d310e9a2f27cc2e2c5c5c942277ea28bc8c4f43d

/data/data/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 d75c8e1bbeab9e1ddffb9d332585db71
SHA1 e0315ca8cf540c87b5fbb1a7929b63b83ff7a2d5
SHA256 cc8d498ff06d960ca3fe78bebd47552467c6e0d5fd38845f450b9a07b9aacd57
SHA512 4dfe89a728a3bf549f18b7e42310c06136365449d92767445e8ef09fa1bb5963ee87dbdf0334d57d1f06818d2bb4c03fdb1b7e7264d1c4cd73492d7b3bbcb60c

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 dab18ffb4ea54c012c8cb70b8dc0e974
SHA1 d242606eafcda9432fdb7172c5716374753bb38a
SHA256 c0b877f514aebc232d6b6bba683ba92c78c07ddfcd19391ae94cb574a33a819c
SHA512 3b7c0543239c992d93dabdb7d5cffafd0854c6b0d1f66a1312a5f911ccf5f5c303a525573e7aa0a68be7379db5d921bafb75994d4c505e3a69606491d71d17bc

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db-wal

MD5 2c5a76e7706ea1acdeb9290868ffd44d
SHA1 85b503eacdb8a7595dc35a4901926a44ab347147
SHA256 96d38856e2d04130e0d2bf42cc5a215d4ced80a28d1c0025e788713fe34e018d
SHA512 33cc255c7376d8da40f3d21a734ab268dbc1a255694dd73e9376d3ba31ff024f619876d05d600bb0c17adfc483bddf9c0456289a4c277fa6bd37fd46d23df6ec

/data/data/com.appsomniacs.da2/files/gaClientId

MD5 78459c8b41b23a73f8c42e5b98d3e166
SHA1 c1961970057d2fb67efc27c5fd9989d11ee6d373
SHA256 82b371ff5aa6e68fb33cbefaf2bce348314ae4316204eda5278e72c245b31b60
SHA512 74d1d4b12f8ba25d52977a9953ab498d625a408eb0c33e48e97991daf44e55945a017f2f3c53527dfaecb31fe5b0077832db45edd0170d3dbd4be2eb38111995

/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 311be70af04aaaa7742dce5b874809bd
SHA1 4ac8ef4bb43ac432b2690c62fa96e3341564b51c
SHA256 fbfc5ed2ff5576fbd77d6eb57e3e47aea497f75db735985b44ab7ce2f17f518b
SHA512 613cef9f2a37540852d2286301b631d777f7ca31974872deaffa236c76574922a3d9c10fc3356aea943897ccafdbc7fd424ccc0611e37bd4c0d048f2671cb5e8

/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 ca8c0b8b591117fe727f3f016255b3b4
SHA1 bc8d180834c3a67689895a57f02470536ebaa00b
SHA256 f21d332aad5756bfd0f5deb8df9d1a3341c8d444277d2471959ea43025626e39
SHA512 4cad332b20e498f48891b8cefd532b8dfd3a399434c01a4ea333e7e49bd0d13f74d7de8d3344db21828a6d37220ab9b20fe145d4a1e7ab4df8541ef9544203bb

/data/data/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 ee10c1f34c099d18e5609d4c14c18671
SHA1 b2ee99cd79acddd9091ef89737b0f270c1e510f5
SHA256 615c26965c5f6439586ac38ca93100b3cffd77a9b2f88655f774e841fe4a3083
SHA512 06c431dae064b7a5cc842697c467e47c46d11f6dc4f924040a0b78675ed76059191d2dceb1de12b4d5e7bd2cd46acd7904d292f216b988902bea16b8e68b5c25

/data/data/com.appsomniacs.da2/databases/http_auth.db-wal

MD5 ff05530a0b6608a160e4a337b6302f2e
SHA1 42bcc1e064264890e678bc941fba07192c0258ad
SHA256 c24dc1c3e624eb3a1b90aac03385f85c40a304f659eea93718947a7423d8841b
SHA512 18836de90efb6d6df0a097c29e8ee94b6660bd53cf93c2f759385b74f9fb1e68ca2f5e98fb9371d056b7729e39a6c4c26b0e88db6e458d0324281079e0722fc4

/data/data/com.appsomniacs.da2/files/gaClientIdData

MD5 1efe853c158f581e70177debbad15b1e
SHA1 4570c69029d9490b74f7cbbc14b9fcaa898d552e
SHA256 14d3a8b3a0ff8799c5843877db031a4e26b699a1604447c8d209d9a059863f46
SHA512 47d9fa1e6b55935d7c0580fa308685454afe627fcc99537bd9846161989dbee31c47fdc30681c10d3c3f455be1027898a0e81745c8c0290d42f2431564e380a8

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 84488317fdfa618c9b496b02acb7936a
SHA1 07611012b597d706d195f008224822823157ef61
SHA256 24ff335c2790af9140d6e0c5bac1598dad7d6b6cb291ca98e950dcd4e87a52ba
SHA512 5791fd0a1f7aec5ca9bf92ade1168add3aeab19c5b4323dcf8282b3d51416dffc5c8c1fd570069730444c43c32940aee24beacde392406fae7d58b0f2eb4752b

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AE0110-0001-10DD-DCC08B233480SessionDevice.cls_temp

MD5 1ce57e002ffa9f9b127d893ad3c7339d
SHA1 ca79f97934f0f08eb122ed50628267a1ca16503e
SHA256 e3f8616c2c76da3ac98b008c09380dd7a67e8f3cf126f339543bf222cb46ff36
SHA512 a75ed15d60a0fc4868174eb2ed84bf942b42b0426e8a552544be2fb40da6e9c31d42f7fd6e071d245a6d692cb1847ad3cc649bfff0ab12db694c56e570cd41ee

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_ad0aa723-dc4c-476f-b8e3-53e364fff6d3_1716457907264.tap

MD5 21db618e0fd2d6078ff807887f794c8e
SHA1 07ffd27f32f0dad206f097f834eb028028335108
SHA256 9825d746b6cef164181af5bf4d10d39e58fc5e7cfa9d2a4e52a1b43f65af5788
SHA512 ec2ea10ae12f628636ba7cde26a9d283df03b85c56d32b7bcef1928c224339f9a72b76860f8486532feaddb23cc52506569fa8e7c6a98d0c7fc347e7eaf27e2a

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 224c3a81b9cd7ef9780b7dacde101f5e
SHA1 fe92228386d2c7bc3ed0ac2b6e56a1de7457a7a9
SHA256 e0eb1784fe98f33aee305e6c7bcb737d224e6ebcdf3ca3050dbf50a2ed3ef9d7
SHA512 efec40b907d9a8ff91d9e8eebcd8567831afd41e13d3d83b67c0d09f5d002b6b7c87073cfffe23e66ef3c2f3a47743e79b761865d878fa06cb3d42834dbed449

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F11AE0110-0001-10DD-DCC08B233480user.meta

MD5 0244abb9fe81de2d6acc325b9db59ec4
SHA1 6f619589dd99e2720cdad4df6ec636ba4f4c6ed3
SHA256 e6a15a8166d50d9adfea88b1c10654aef29e84362a05f868604298f92374abde
SHA512 ce6b1e72453f94fa78ddca2d0bc929cb524c4302afedfb9557c1c95eaed2f1b120023384730a0b8925e448f7d404c449324ddd0f3f5db0028b390fa1bd2aaf34

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_06b1fee3-73ab-4205-8df2-2f8c2be309a9_1716457912229.tap

MD5 55f01db4e887fcf51ca5f14ec54b3b6b
SHA1 bfbf000655db91e4807cd712b293dbb574a5ba9c
SHA256 e4c50b16b1bccdfc1f7e6e967ba1352a5a85ae8bfb13571e48dee4f8d5b9a005
SHA512 7f16a95a9dde1fcd73ad18d0bd126600de7f710a87072f43f0e3edd0cc00cf7658364a06c58e7078db58ade6a4c34a0f2603ef31e226afe1dca066d8b8d4a6f5

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_off.png

MD5 d9a4fb40256f67255242c0f41a0d3de3
SHA1 1c99e725cebba2c3f5808d5e00c73af58f0790bb
SHA256 a7e16ed6d339c6a85870e5c18952f839d61dbd93d47dbbb49e7f7f9124cd0d2b
SHA512 a09d5d878cbf2f58ce256814b9d19d9122858609035b2c15e19e2da8171e36d0ffff4b33420d4d27233200b430307f1fa42459889b52f66e4282af8a84edb8fa

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_on.png

MD5 74485ec832d65f19b05f5027220df53b
SHA1 49116a6b85bec84512241c9dc6e511ce10bdb7b9
SHA256 7a89be15d3a268c6820f385ac6d4585bf04b45e2fdff37948b2a73afa34c1268
SHA512 9acf56fe90a687ae653ab5014aacaeb7ad6f76982271df5f63e536a358f3f53b63f7e865fd8180bee96980cbfd4ba9b07b81977f86c9b9d0b41ca1dac0556657

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1381250003_28x28.png

MD5 759a106983ec92f34344dc5064efd29d
SHA1 2c237ecc3297a144ed9eed2c4e0ce68d5bffa07b
SHA256 1b5b3be1232ba117e19d81f6d0a2d6d1d14ee6cf726fa2a2800e19166736ec81
SHA512 516b0053563a00690e503780c883d51b84143498305e2cc7bbee4489e1a06d38a2c637eb3c125b7d5e1def35e31a66434f403c2a7d9634e87c8b87f05a94bb49

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/o8136b7f_8468ec184d704b7245eb491f322a8c19910b2129_raw11.raw

MD5 3de8269c6731278f9b008671578f7685
SHA1 8468ec184d704b7245eb491f322a8c19910b2129
SHA256 58876258778dc523b6dbdf5a534e54919f2402b964afce1b97b18bfe087264de
SHA512 e1d6413a9a039f5a2e4402c5bce4c40bb45c708b375631c88ac0b058934c964c1ad6855b969775c57f871f2407efc5cc0cadd5916952be98ed102274cc1f414c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/93371e08674b64643f2db488eaa3bf42e3bad401_v23_phone.mp4

MD5 c464a1b1c31bcd1e90234ce75a857a2d
SHA1 fe303800d2417feb67c4e3fe15e4fbd4c1afbae3
SHA256 1e47928c7a950e2121fb6799123493dc80db34dc30b9525fde4e10e2bea33376
SHA512 8edce4d8601bddd3ef9a1f71c7fe9e04669ca4be2d0c457d84339766c3398bd59e042430065f2d7057f264dcbf896c684223d23e8b565ca26db0435d303e5f9c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/o86adc78_55a30ff3ee62229c331f70a23e092304027c5496_v21_phone.jpg

MD5 30f7bc6bd4b24102e04b583e70ff4982
SHA1 b75d8103ddd1e97396eda85d394881c6148e96c7
SHA256 db65fb42d0064df4405cc9f159948b90f3ff2902e5303d5580496490c4f1c707
SHA512 faad66f2c0a9eca144a9b9d4e82416af0f6eeb61fba50014b53a63f8b21ba8cd06ed16c58124581d60539f7c3a4741c5b2afdd31eb2e38db9f6b5abfa6dd51ec

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/a53fa94488f68d80bc466af75ecd368d3770633c_v23_phone.mp4

MD5 4e4b7f9a4283468093a62204d93383a9
SHA1 b15cc4fd5089faf81a13598a53d1f2d3eee92d71
SHA256 42054811bb10a64d201dca880bde0994e834d03886e53cf9e2b719f0fa2c4aea
SHA512 d8575141c2005a62f7b4c2e6515b35d433f95fec8b819b81ccce29e6c8920106ddae4366db96713f6d22b26e13ffc7d3fbe1ac97a330ff9eaf42acbf3e595d46

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/o5d493ed_3c4460a2aa1eb496ac643e008633a0c27fe04c50_v21_phone.png

MD5 c50e3fc327d7d6a9f58e1783ae75b992
SHA1 a0a969bfa64b3f731b2dbf58603cc12e25de212f
SHA256 be091306e186319074c004109f6847dd28302724f5f95604c9d395289f5b5a19
SHA512 153d6c5a4c40cfca57505b2a876ed49f83afbf73e44f676c90c6d6ffb9b62c185567c931c002e8d77fc1a389f56535f75526bdaa7d275ad5a31bbff668c2572d

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/ce1b93de5792cfd02cdd58814828f44dbb08937f_v23_phone.mp4

MD5 f6b3e50369243e02b9c9dcb7d098a8fc
SHA1 68ad80ccb8aa67bef20985d64498d4abbcbe6a5b
SHA256 ca11346b1338c26598e5043c8eb9f9a914840de846fb04a8051e20e831efe5ec
SHA512 c0815b9ad810480232554286e1411f953d13642cc662ea399ea8faae2f8727dea7697b1422ec2e7d3409f23c675764d16ec8a7b7ba5943cedd9c9b9fe49a28f8