771e05a0caa0822e6cda930d66447d00772c2ba36fe83e62154b6a0d76413b0e

Analysis

max time kernel
177s
max time network
184s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
24-05-2024 13:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Root_Checker_5.9.4.apk
Size

6.8MB
MD5

9e2eae5051f3834834a0346712bda07a
SHA1

2dc4aa2b57ce8ce580dbf642a0ed0cbefa015277
SHA256

771e05a0caa0822e6cda930d66447d00772c2ba36fe83e62154b6a0d76413b0e
SHA512

20e902044289f1bf11b6304dd91df1a0deb07955b1c7c6ab75fb2e89e4b0e81594f92585279c3acd7d790c37b72e92c512535ee48fda0eef0c69d1f0498542f7
SSDEEP

98304:s8ALShhdccY2qtJFUhK7W59Ddua60PNITWBnnY+qFsHYA2HKraYCpyV+5:ASfqd7t7UN5buaXNqG4pqrah

Score

8^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.joeykrim.rootcheck

ioc process

/system/app/Superuser.apk com.joeykrim.rootcheck
/system/xbin/su com.joeykrim.rootcheck
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.joeykrim.rootcheck

description ioc process

File opened for read /proc/cpuinfo com.joeykrim.rootcheck
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.joeykrim.rootcheck

description ioc process

File opened for read /proc/meminfo com.joeykrim.rootcheck
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.joeykrim.rootcheck

ioc pid process

/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar 4637 com.joeykrim.rootcheck
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.joeykrim.rootcheck
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.joeykrim.rootcheck
Acquires the wake lock 1 IoCs

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.joeykrim.rootcheck
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.joeykrim.rootcheck
Reads information about phone network operator. 1 TTPs
discovery

T1422
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.joeykrim.rootcheck

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.joeykrim.rootcheck

ioc	process
/system/app/Superuser.apk	com.joeykrim.rootcheck
/system/xbin/su	com.joeykrim.rootcheck

description	ioc	process
File opened for read	/proc/cpuinfo	com.joeykrim.rootcheck

description	ioc	process
File opened for read	/proc/meminfo	com.joeykrim.rootcheck

ioc	pid	process
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar	4637	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.joeykrim.rootcheck

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.joeykrim.rootcheck

com.joeykrim.rootcheck
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4637

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
Filesize
568B

MD5
50af6ad928b38e678bbbcc638f06c038

SHA1
c9e555a07b5f4c4adc6c0563712d9a3f83a522ea

SHA256
367f0a0c35c5ce2535d3051be53503cddce3b63132f201ba424d6d5d5e249a79

SHA512
f1faab6e5a0b943a6ec941a6bf2e5df720d453273ea7f5181d07c0031b8c31ed4c33449e575c8ac79dce09481fbf4709ad1ed36b9412203a463a627b73c304fb

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
Filesize
597B

MD5
1fda972191ed2cab8fd0a2df30580970

SHA1
a8a7397a110f4b519977754c58c48d53a6c9337e

SHA256
fc9e73966417226b7241eac23227e425068b0985db11a54e68142a498ac0bdaa

SHA512
29cdd2a44e08f573e1696365af27b925417675846301780ae0ca609ae5b18d10ec0b3c9ea7db78d3153258a509278ecf65c22599fe828fdaf1cec84972f4b0b7

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
Filesize
577B

MD5
f93b18fb6df0a59a341d1808a8400bc4

SHA1
e5052c579ad0725d8b2f1035cc51ad03d3ee46f2

SHA256
11805942bb1b415f4d31304cb04d05de0502e8555226f978c626636c185a6400

SHA512
201c75586a0fa47952b870406d4942e460c8f36b1a731d387a15fc3742dc09aa35ad410829412c5658304ea3b15fe6a9381301fa074fb0a6bcbd3e06d6ceb67c

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
Filesize
572B

MD5
d7b46c334ef36c377aed777927ca6365

SHA1
12f2c09716b350d70075dc39dc881611b9adc249

SHA256
a5ba8d5463d94847741b4ea1e13982b72a9f6bc75b662ccdb9a51c9faf403329

SHA512
20d4cb7456be5da37779d10deb48a36cdeb81ab071fc5497bea7fe3f5e0d8dc896ed545697ff64f4a88fcecbb6c0fc7bb11f1908fd14a0fc3e17a9297bb8e9d1

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
Filesize
538B

MD5
9b54a155d630a097f1d6c6048958f3a1

SHA1
cec1e2d5c4e98ef2ab31c6e8b8c35ec59960b317

SHA256
f84a75a8cf73efb09f4be7255a14fcf6800a90d70c178fdd4a19066b08290253

SHA512
b6bc533139149c166b0ab427595ccd19b331401a7f8843cf18c043082134fe2b0db5530efe21ce2c5481943db70a00e2d14e8de24eb340462d6de80018a76cb9

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile
Filesize
493B

MD5
848a9b175d60076da2fe44c68c388c58

SHA1
95e6eb3cc8e32bbb75d9eeec32c209f3d78983bb

SHA256
8df954a745efe733d264981443d53d40d2541df8a8a4c402050c980f5507e0f0

SHA512
a020faf6e48cf1fd214723732caab750146d4fc7dcab7468713535468b2d710db6385db8ee0e9f3b5cc89cf7ce29683b2d947f271ae50ac99db6a2c5c4b616b0

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile
Filesize
493B

MD5
163b28bcbcd5637907e16a2aec095550

SHA1
531199144f12802043e7251a50a174741b6b4546

SHA256
ce54a7f554d483244b5bb6b5cd6633924ccbbe9f3e7046a7a438dd75ce4df86d

SHA512
eaf9f861424f8bd576b25f6e9628384c6bfdfb5343267fe8fdef349b658961f08ed34ad08f54fe5e773da860e6ea088f1acd9b511982da9fea25acbad317c23d

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile
Filesize
621B

MD5
0fdfe19dd638b871324244bfb341ffad

SHA1
193f14e5a7a29635007df6b5c01e1b6fad8f3edd

SHA256
9bb349ba959adac6706189e78744ae6180e3d74be66476e33b3d56677dfef01c

SHA512
6ec6dfcce400319cb57a73e10ed2daa406a102fc5aab6ef8b957ff26c24e7909deb9dbc86fe1f4336f8bccb2303199ba831e016af00d937b45d9011b63a7b828

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile
Filesize
621B

MD5
344e9ba2625c25a1244e2ec7837a7811

SHA1
ca1c970feee54a7e62b5af9e2e0276cf37f36322

SHA256
6d7cfeed5ca88f175f12e6734ea2cc2db9a18dbc91585eab540cbac75a2eb510

SHA512
c8765a1b396c4b2abed2cdf9283f2ec22f7bd22428cddef5d06db0c82522b8c39696276d7aa99624d4e1c81470766b799d04aee96ebc3e98aeed74a44d7da794

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar
Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar
Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/oat/1582435991586.jar.cur.prof
Filesize
151B

MD5
d84562aa03175b10177e4bb2fabee0cc

SHA1
d631d967089d0621b72654c67f1c8e8cc6f93a16

SHA256
f259448b55c20285026d28a354eae88970c452ab2c92edb3fc7054516b27eba8

SHA512
167858a485936f1746fa51ad9a4176e068d67a44de0b9dc4121c78973628efa19e2648ff67bb84f55e56bc62471df330ff8c058dbd5519c1f5c181d42f554f57

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db
Filesize
28KB

MD5
7c0dd935d29209ac309f27e2a65707df

SHA1
9446a21fee5cef1c2400338e3050caa4e7ecce08

SHA256
f51118a27b4119b1dd46d2046591a38d59c79f73e9779dc4efa9597c172baacd

SHA512
da5872ef279e208b4f5cf16e95d39c6d7ccafa30ad1e2d136a0acbfc4b7fb5cc3e6adc5649896d9382cc884cd55c183f163a10620438c3b7038369b5a5a88574

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
3d74c9be2977793c1ab1607437f3fbda

SHA1
d0d8d47f3bf9ff4c29e3d3f1ed2913a1be2571a6

SHA256
a74d6b010a886b7d3265f6e123ab3a1062eb7dca6c5d2b1721c9380eb920c370

SHA512
d7d2d3ce59c6db5297eb45132f57e3184f1accee1e29f7ed631aa29354b07f0164816d89387f5855f1b7a1edb4f4ee458d432dc0e2576c5c8bc54c34a8d91c7e

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
c1b2fe99051f8592e60818fdcaa9d544

SHA1
b66df6ee0f69d7c73e64546520d3421b815c0ff1

SHA256
990be208586ab1b2e1e5b77854fdae55747a0ed039a603f2e91a00842c3823d4

SHA512
0afad64c5e2a49e93b9cd28fc6c728cff4b1e03a3600419118d325cb8c38030241c27fdcd21b776146605810c6da3c3958fedae8c1d0b6e1a67585e90ef415fa

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
4KB

MD5
87f579f8e3026b28a85ca86ec5b2e7ee

SHA1
fa77f1c7a52a7f06412f37f61a6064335f9a6803

SHA256
89698a0b81c32bdc737096879aaf0ab0ea4c2a91a51f762459a9ce2a084b4f4f

SHA512
70b0c392c16599ded775f783b0a7d957f22fa93888129e9e08eed9ea839e815dbe4bae1b65a2f79c220d23fb893a4da166b82a6930aba6933d8011baf3eaa820

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
428d4301eeb15581bea786c024300ffa

SHA1
b6e4dc7b52d0c124ba89f9ae53c0c93a7f521e99

SHA256
050e5448140a11dfe5371bcdb7f9370808ad4f7d1e0398c8a9effaf5fa5c8511

SHA512
3dc5d3a870d471611ebd2277cd5dc0f0e594870976b2c414ad61e75967966d9b077f4ee0a72c8e7e261ac91783a923b21fe659465af2afea7a16938e840b7777

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
54bd16f0b013df56bdeacdbe75abc17e

SHA1
dfcf149991c79408b773e952f212f701925f17f8

SHA256
bbc086e1bc31006125a2dcfae1fc31699b9b82ed6848709e240aa1338889b0b1

SHA512
cdfb9d8193c08e381e441fda0ba47995408cc383a419d4cd85d58591323e3b274215fd02b4847edeca6dbcf0d98cf392d5f83da6cf6d6d3d33d04126c41eae82

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal
Filesize
12KB

MD5
593a82167617f6d3b652f8ba03ca0e0d

SHA1
7f9762bc463c8468b94e2a3352a3c7d05d193eb8

SHA256
3a8a2b09f15597539e822c878458b1c74a230dcda2777aeea3162e19adc8d262

SHA512
434f332c5f2c1e060191c43ed9ac9413cfe2b3dfb104ec5278cb667afc9ee1fdc2645ea85897e80d3471e686ddd6b100db9655ae8955f7294e4646548da337a9

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0BeginSession.cls_temp
Filesize
77B

MD5
7e1e26f96d9625e75e0c8da21722703d

SHA1
fe5b442b938acc65155c2131d185a29fae289393

SHA256
872778ae7f98bdec94dae0e97ee93d61c668eef54a17b4b1033d0e7f79107201

SHA512
f609ecdb8feeb2be614ed958d3d4069622ec696f9c080db13e57ab6b38262309d45d3a41a94608f7138146c946f3a4dce10ec89c8ec571774fbc5c38338dace2

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionApp.cls_temp
Filesize
118B

MD5
5ecf0dbb7bf4c58ebc6ad1296917ce3e

SHA1
01f502715bd21e0daebe5c20de749740a012bb7d

SHA256
330034e7a2f63cbe40f706e1b56270033a3e73fac103096cae9e6a64b12bfc2c

SHA512
032f193b8fc491f2527d082b4fd3036f5a24d193d6c2baae28b8a8cdbb91b5358882b8649c73f47f11c999fa629934be744023112135430579fd83a464814e2e

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionDevice.cls_temp
Filesize
131B

MD5
f2e4d316c1b710f0968160f2d4e9510e

SHA1
237c7d8fb72b601a399ebbc37c1027bc8378725f

SHA256
ce75515b9ccfb0cc54404065e62559ac7008ddb7fcf014401b308f4913575b9d

SHA512
902deca15d19f6224d0d4593850af254565a4bcff8b2c8deb826e7ed69cfeac8775134cd553b71e69f808c26b0fde319d397049b2c0287847449623c739e0d53

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionOS.cls_temp
Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
541B

MD5
fde7d36c11073e44b477954bb0ce614d

SHA1
70317f97403e5791f54afbb79be0924ab5658480

SHA256
9aeb478d36d33826ff692a775feef20ebc2ef768a1d7433d77248874790fbdb7

SHA512
889fd2f2923fa2602c73c3ef38d315c980a2ba4da19f97d2163f3aee69d109cd3a67192bf9c4a58b22b5d0572a99dfaf066dc503691d6cdbffaa63bdb8e75297

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
1KB

MD5
e7b46ba9e3fa46e63bff1c9b8c70a245

SHA1
963bfd7ff456ab23f0989c38d37f2856ef5a9cfd

SHA256
23cf313e691613e2074cce04ac299c428f610581c8ad8bd8ea9079e4e9682696

SHA512
6eb26bee1ce06c5df81f88128975f0a9dcb5788b0bedc7cfb726f0cb68717c1b731211757de147e5940132a859914e03aae3eda3c21ed9416d4c226e696b7a05

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_71907725-982a-46ba-bceb-b72b7e7566ca_1716556736065.tap
Filesize
411B

MD5
9fd47a9e214c83c58d89b3e910de16ac

SHA1
e406a45941adf44b9bc73fa73ad12d87b9a090aa

SHA256
770eaaa83d2a4c437666d8407178101f77b02b6ee15b4990578fdec02743eda0

SHA512
60dd423b74e64f7166371d2c74f1dbd83c19c87e9bf4df864e9f2f6dcd57391687da342a007eea61b454524dceb4873065860a740a520419b3dfc0344fe10d7c

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.YFlurrySenderIndex.info.AnalyticsData_RG6P5WWKVXRC8CPTJZJT_211
Filesize
88B

MD5
d98f9fab37e9929cefeb57b53bb74eba

SHA1
af1dd2c469e69be74582e1ef2418d5d8e3a95b45

SHA256
a32f1c7053a7d1d4146fe6516547fca4d348da85f3389883967254afc55b6413

SHA512
b699ff00687be9254ae4c50fac82e78fe087179bb866dc8a5bfcb583eb7998a2b930eb45a8c79ec4e692e3349ce813757f6431d89160998bba561507167dc7bd

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.YFlurrySenderIndex.info.AnalyticsMain
Filesize
72B

MD5
9d52b65d0631d3dfff877c5bf56a8440

SHA1
9d66929722fd30153a57e30f0f68f17380e2b0e1

SHA256
36936bb994843fbb0b91fad190471623a66ccd059f85ccbeed8d755d4fb3c98f

SHA512
170cfdd8ac8959e0fbe9a261cef3c5c7a0848b426c9cb6eb2fe0dd296d1d71bc6e1c8348d5c887c69ef1c312f711df4cee402ab9ffd3da0f88801d018a3444e7

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.yflurrydatasenderblock.cb4331c9-4f38-404b-a4ab-4e9e454406ed
Filesize
300B

MD5
0cabc2059365c7325ffe5eb8d0d024a7

SHA1
38c0f961ad977dd9b2d2ce8334194a4ce513c496

SHA256
69ec3e9a7b762cc73a5012889b2c9868ebfb4d99a1da4da5edeb156c771d1a19

SHA512
8eab818f5bf7262f3abe680f7b03e06d913ef1fd3b6ea73ab85fbfc71b73c37223638166b90c41286faedb5d7e1b56f80e8546c71cff202ba762b1e67ac0d116

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/AppEventsLogger.persistedsessioninfo
Filesize
495B

MD5
9b78982a5d20193287fe3ded0d9a81c0

SHA1
9386ee90081f94e547af7c981d2d869ed7ed49fb

SHA256
e6ad0fa44f3b468b19393e80443e7dcb30009b0879e4c9ee6c8413abf1c27a9b

SHA512
ed16efb218b4f10f6ed29df03af30152988e63e029b4cbc02ef5c8500a119afc14678e242e9906221112bc99c00a18b5f6d7182091097d91326377e79c3b78b3

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/gaClientId
Filesize
36B

MD5
537973f3aeb23b16fff356a5cfb92b4c

SHA1
4ea96379a135c850c0c1fd4b1f45d076fa7bcbad

SHA256
c4948f2086ad01a1a505b18d1eaaf601bd9605c45e9bfca2fe713f0f0b82b736

SHA512
9e4d59fabcb43a7c31f6a9c1edbed2a9ee5c344e052f7ce58f920d5905c40b891d1e7339f89b6f42fae12de78f1ad9f0bbdcee53c3e12701ce0a2012e5ca7ed2

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/gaClientIdData
Filesize
32B

MD5
52daea4214189ab7516e4102cd438ccd

SHA1
8a8299ea47acb1aaeb9793fe566a8d3f20c26c79

SHA256
27ef69047bdd25d108f38b5c979c7941f96d421122f12741ad68c7b7c51e89c9

SHA512
8456e68709266fa9aefab206fa125306da8b25474df1e4d71906f1765aba25037774ed8ff56e1054e74da78541c4a6497831215180ff8a2f7526f6087288b808

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads