771e05a0caa0822e6cda930d66447d00772c2ba36fe83e62154b6a0d76413b0e

Analysis

max time kernel
177s
max time network
184s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
24-05-2024 13:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Root_Checker_5.9.4.apk
Size

6.8MB
MD5

9e2eae5051f3834834a0346712bda07a
SHA1

2dc4aa2b57ce8ce580dbf642a0ed0cbefa015277
SHA256

771e05a0caa0822e6cda930d66447d00772c2ba36fe83e62154b6a0d76413b0e
SHA512

20e902044289f1bf11b6304dd91df1a0deb07955b1c7c6ab75fb2e89e4b0e81594f92585279c3acd7d790c37b72e92c512535ee48fda0eef0c69d1f0498542f7
SSDEEP

98304:s8ALShhdccY2qtJFUhK7W59Ddua60PNITWBnnY+qFsHYA2HKraYCpyV+5:ASfqd7t7UN5buaXNqG4pqrah

Score

8^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.joeykrim.rootcheck

ioc process

/system/app/Superuser.apk com.joeykrim.rootcheck
/system/xbin/su com.joeykrim.rootcheck
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.joeykrim.rootcheck

description ioc process

File opened for read /proc/cpuinfo com.joeykrim.rootcheck
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.joeykrim.rootcheck

description ioc process

File opened for read /proc/meminfo com.joeykrim.rootcheck
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

Download New Code at Runtime
T1407

Processes:

com.joeykrim.rootcheck

ioc pid process

/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar 4637 com.joeykrim.rootcheck
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.joeykrim.rootcheck
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.joeykrim.rootcheck
Acquires the wake lock 1 IoCs

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.joeykrim.rootcheck
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.joeykrim.rootcheck

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.joeykrim.rootcheck
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.joeykrim.rootcheck

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.joeykrim.rootcheck

ioc	process
/system/app/Superuser.apk	com.joeykrim.rootcheck
/system/xbin/su	com.joeykrim.rootcheck

description	ioc	process
File opened for read	/proc/cpuinfo	com.joeykrim.rootcheck

description	ioc	process
File opened for read	/proc/meminfo	com.joeykrim.rootcheck

ioc	pid	process
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar	4637	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.joeykrim.rootcheck

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.joeykrim.rootcheck

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.joeykrim.rootcheck

com.joeykrim.rootcheck
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4637

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile

Filesize
568B

MD5
50af6ad928b38e678bbbcc638f06c038

SHA1
c9e555a07b5f4c4adc6c0563712d9a3f83a522ea

SHA256
367f0a0c35c5ce2535d3051be53503cddce3b63132f201ba424d6d5d5e249a79

SHA512
f1faab6e5a0b943a6ec941a6bf2e5df720d453273ea7f5181d07c0031b8c31ed4c33449e575c8ac79dce09481fbf4709ad1ed36b9412203a463a627b73c304fb

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile

Filesize
597B

MD5
1fda972191ed2cab8fd0a2df30580970

SHA1
a8a7397a110f4b519977754c58c48d53a6c9337e

SHA256
fc9e73966417226b7241eac23227e425068b0985db11a54e68142a498ac0bdaa

SHA512
29cdd2a44e08f573e1696365af27b925417675846301780ae0ca609ae5b18d10ec0b3c9ea7db78d3153258a509278ecf65c22599fe828fdaf1cec84972f4b0b7

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile

Filesize
577B

MD5
f93b18fb6df0a59a341d1808a8400bc4

SHA1
e5052c579ad0725d8b2f1035cc51ad03d3ee46f2

SHA256
11805942bb1b415f4d31304cb04d05de0502e8555226f978c626636c185a6400

SHA512
201c75586a0fa47952b870406d4942e460c8f36b1a731d387a15fc3742dc09aa35ad410829412c5658304ea3b15fe6a9381301fa074fb0a6bcbd3e06d6ceb67c

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile

Filesize
572B

MD5
d7b46c334ef36c377aed777927ca6365

SHA1
12f2c09716b350d70075dc39dc881611b9adc249

SHA256
a5ba8d5463d94847741b4ea1e13982b72a9f6bc75b662ccdb9a51c9faf403329

SHA512
20d4cb7456be5da37779d10deb48a36cdeb81ab071fc5497bea7fe3f5e0d8dc896ed545697ff64f4a88fcecbb6c0fc7bb11f1908fd14a0fc3e17a9297bb8e9d1

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_0de7788050864972a25d2d9c40c503e0515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile

Filesize
538B

MD5
9b54a155d630a097f1d6c6048958f3a1

SHA1
cec1e2d5c4e98ef2ab31c6e8b8c35ec59960b317

SHA256
f84a75a8cf73efb09f4be7255a14fcf6800a90d70c178fdd4a19066b08290253

SHA512
b6bc533139149c166b0ab427595ccd19b331401a7f8843cf18c043082134fe2b0db5530efe21ce2c5481943db70a00e2d14e8de24eb340462d6de80018a76cb9

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile

Filesize
493B

MD5
848a9b175d60076da2fe44c68c388c58

SHA1
95e6eb3cc8e32bbb75d9eeec32c209f3d78983bb

SHA256
8df954a745efe733d264981443d53d40d2541df8a8a4c402050c980f5507e0f0

SHA512
a020faf6e48cf1fd214723732caab750146d4fc7dcab7468713535468b2d710db6385db8ee0e9f3b5cc89cf7ce29683b2d947f271ae50ac99db6a2c5c4b616b0

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile

Filesize
493B

MD5
163b28bcbcd5637907e16a2aec095550

SHA1
531199144f12802043e7251a50a174741b6b4546

SHA256
ce54a7f554d483244b5bb6b5cd6633924ccbbe9f3e7046a7a438dd75ce4df86d

SHA512
eaf9f861424f8bd576b25f6e9628384c6bfdfb5343267fe8fdef349b658961f08ed34ad08f54fe5e773da860e6ea088f1acd9b511982da9fea25acbad317c23d

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile

Filesize
621B

MD5
0fdfe19dd638b871324244bfb341ffad

SHA1
193f14e5a7a29635007df6b5c01e1b6fad8f3edd

SHA256
9bb349ba959adac6706189e78744ae6180e3d74be66476e33b3d56677dfef01c

SHA512
6ec6dfcce400319cb57a73e10ed2daa406a102fc5aab6ef8b957ff26c24e7909deb9dbc86fe1f4336f8bccb2303199ba831e016af00d937b45d9011b63a7b828

Download Submit
/data/user/0/com.joeykrim.rootcheck/app_febcf37b1b614b9dbd822fb2f448801e/events/eventsFile

Filesize
621B

MD5
344e9ba2625c25a1244e2ec7837a7811

SHA1
ca1c970feee54a7e62b5af9e2e0276cf37f36322

SHA256
6d7cfeed5ca88f175f12e6734ea2cc2db9a18dbc91585eab540cbac75a2eb510

SHA512
c8765a1b396c4b2abed2cdf9283f2ec22f7bd22428cddef5d06db0c82522b8c39696276d7aa99624d4e1c81470766b799d04aee96ebc3e98aeed74a44d7da794

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/com.joeykrim.rootcheck/cache/oat/1582435991586.jar.cur.prof

Filesize
151B

MD5
d84562aa03175b10177e4bb2fabee0cc

SHA1
d631d967089d0621b72654c67f1c8e8cc6f93a16

SHA256
f259448b55c20285026d28a354eae88970c452ab2c92edb3fc7054516b27eba8

SHA512
167858a485936f1746fa51ad9a4176e068d67a44de0b9dc4121c78973628efa19e2648ff67bb84f55e56bc62471df330ff8c058dbd5519c1f5c181d42f554f57

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db

Filesize
28KB

MD5
7c0dd935d29209ac309f27e2a65707df

SHA1
9446a21fee5cef1c2400338e3050caa4e7ecce08

SHA256
f51118a27b4119b1dd46d2046591a38d59c79f73e9779dc4efa9597c172baacd

SHA512
da5872ef279e208b4f5cf16e95d39c6d7ccafa30ad1e2d136a0acbfc4b7fb5cc3e6adc5649896d9382cc884cd55c183f163a10620438c3b7038369b5a5a88574

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
3d74c9be2977793c1ab1607437f3fbda

SHA1
d0d8d47f3bf9ff4c29e3d3f1ed2913a1be2571a6

SHA256
a74d6b010a886b7d3265f6e123ab3a1062eb7dca6c5d2b1721c9380eb920c370

SHA512
d7d2d3ce59c6db5297eb45132f57e3184f1accee1e29f7ed631aa29354b07f0164816d89387f5855f1b7a1edb4f4ee458d432dc0e2576c5c8bc54c34a8d91c7e

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
c1b2fe99051f8592e60818fdcaa9d544

SHA1
b66df6ee0f69d7c73e64546520d3421b815c0ff1

SHA256
990be208586ab1b2e1e5b77854fdae55747a0ed039a603f2e91a00842c3823d4

SHA512
0afad64c5e2a49e93b9cd28fc6c728cff4b1e03a3600419118d325cb8c38030241c27fdcd21b776146605810c6da3c3958fedae8c1d0b6e1a67585e90ef415fa

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
87f579f8e3026b28a85ca86ec5b2e7ee

SHA1
fa77f1c7a52a7f06412f37f61a6064335f9a6803

SHA256
89698a0b81c32bdc737096879aaf0ab0ea4c2a91a51f762459a9ce2a084b4f4f

SHA512
70b0c392c16599ded775f783b0a7d957f22fa93888129e9e08eed9ea839e815dbe4bae1b65a2f79c220d23fb893a4da166b82a6930aba6933d8011baf3eaa820

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
428d4301eeb15581bea786c024300ffa

SHA1
b6e4dc7b52d0c124ba89f9ae53c0c93a7f521e99

SHA256
050e5448140a11dfe5371bcdb7f9370808ad4f7d1e0398c8a9effaf5fa5c8511

SHA512
3dc5d3a870d471611ebd2277cd5dc0f0e594870976b2c414ad61e75967966d9b077f4ee0a72c8e7e261ac91783a923b21fe659465af2afea7a16938e840b7777

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
54bd16f0b013df56bdeacdbe75abc17e

SHA1
dfcf149991c79408b773e952f212f701925f17f8

SHA256
bbc086e1bc31006125a2dcfae1fc31699b9b82ed6848709e240aa1338889b0b1

SHA512
cdfb9d8193c08e381e441fda0ba47995408cc383a419d4cd85d58591323e3b274215fd02b4847edeca6dbcf0d98cf392d5f83da6cf6d6d3d33d04126c41eae82

Download Submit
/data/user/0/com.joeykrim.rootcheck/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
593a82167617f6d3b652f8ba03ca0e0d

SHA1
7f9762bc463c8468b94e2a3352a3c7d05d193eb8

SHA256
3a8a2b09f15597539e822c878458b1c74a230dcda2777aeea3162e19adc8d262

SHA512
434f332c5f2c1e060191c43ed9ac9413cfe2b3dfb104ec5278cb667afc9ee1fdc2645ea85897e80d3471e686ddd6b100db9655ae8955f7294e4646548da337a9

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0BeginSession.cls_temp

Filesize
77B

MD5
7e1e26f96d9625e75e0c8da21722703d

SHA1
fe5b442b938acc65155c2131d185a29fae289393

SHA256
872778ae7f98bdec94dae0e97ee93d61c668eef54a17b4b1033d0e7f79107201

SHA512
f609ecdb8feeb2be614ed958d3d4069622ec696f9c080db13e57ab6b38262309d45d3a41a94608f7138146c946f3a4dce10ec89c8ec571774fbc5c38338dace2

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionApp.cls_temp

Filesize
118B

MD5
5ecf0dbb7bf4c58ebc6ad1296917ce3e

SHA1
01f502715bd21e0daebe5c20de749740a012bb7d

SHA256
330034e7a2f63cbe40f706e1b56270033a3e73fac103096cae9e6a64b12bfc2c

SHA512
032f193b8fc491f2527d082b4fd3036f5a24d193d6c2baae28b8a8cdbb91b5358882b8649c73f47f11c999fa629934be744023112135430579fd83a464814e2e

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionDevice.cls_temp

Filesize
131B

MD5
f2e4d316c1b710f0968160f2d4e9510e

SHA1
237c7d8fb72b601a399ebbc37c1027bc8378725f

SHA256
ce75515b9ccfb0cc54404065e62559ac7008ddb7fcf014401b308f4913575b9d

SHA512
902deca15d19f6224d0d4593850af254565a4bcff8b2c8deb826e7ed69cfeac8775134cd553b71e69f808c26b0fde319d397049b2c0287847449623c739e0d53

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665093B80271-0001-121D-A0569477F4E0SessionOS.cls_temp

Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
541B

MD5
fde7d36c11073e44b477954bb0ce614d

SHA1
70317f97403e5791f54afbb79be0924ab5658480

SHA256
9aeb478d36d33826ff692a775feef20ebc2ef768a1d7433d77248874790fbdb7

SHA512
889fd2f2923fa2602c73c3ef38d315c980a2ba4da19f97d2163f3aee69d109cd3a67192bf9c4a58b22b5d0572a99dfaf066dc503691d6cdbffaa63bdb8e75297

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
e7b46ba9e3fa46e63bff1c9b8c70a245

SHA1
963bfd7ff456ab23f0989c38d37f2856ef5a9cfd

SHA256
23cf313e691613e2074cce04ac299c428f610581c8ad8bd8ea9079e4e9682696

SHA512
6eb26bee1ce06c5df81f88128975f0a9dcb5788b0bedc7cfb726f0cb68717c1b731211757de147e5940132a859914e03aae3eda3c21ed9416d4c226e696b7a05

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_71907725-982a-46ba-bceb-b72b7e7566ca_1716556736065.tap

Filesize
411B

MD5
9fd47a9e214c83c58d89b3e910de16ac

SHA1
e406a45941adf44b9bc73fa73ad12d87b9a090aa

SHA256
770eaaa83d2a4c437666d8407178101f77b02b6ee15b4990578fdec02743eda0

SHA512
60dd423b74e64f7166371d2c74f1dbd83c19c87e9bf4df864e9f2f6dcd57391687da342a007eea61b454524dceb4873065860a740a520419b3dfc0344fe10d7c

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.YFlurrySenderIndex.info.AnalyticsData_RG6P5WWKVXRC8CPTJZJT_211

Filesize
88B

MD5
d98f9fab37e9929cefeb57b53bb74eba

SHA1
af1dd2c469e69be74582e1ef2418d5d8e3a95b45

SHA256
a32f1c7053a7d1d4146fe6516547fca4d348da85f3389883967254afc55b6413

SHA512
b699ff00687be9254ae4c50fac82e78fe087179bb866dc8a5bfcb583eb7998a2b930eb45a8c79ec4e692e3349ce813757f6431d89160998bba561507167dc7bd

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
9d52b65d0631d3dfff877c5bf56a8440

SHA1
9d66929722fd30153a57e30f0f68f17380e2b0e1

SHA256
36936bb994843fbb0b91fad190471623a66ccd059f85ccbeed8d755d4fb3c98f

SHA512
170cfdd8ac8959e0fbe9a261cef3c5c7a0848b426c9cb6eb2fe0dd296d1d71bc6e1c8348d5c887c69ef1c312f711df4cee402ab9ffd3da0f88801d018a3444e7

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/.yflurrydatasenderblock.cb4331c9-4f38-404b-a4ab-4e9e454406ed

Filesize
300B

MD5
0cabc2059365c7325ffe5eb8d0d024a7

SHA1
38c0f961ad977dd9b2d2ce8334194a4ce513c496

SHA256
69ec3e9a7b762cc73a5012889b2c9868ebfb4d99a1da4da5edeb156c771d1a19

SHA512
8eab818f5bf7262f3abe680f7b03e06d913ef1fd3b6ea73ab85fbfc71b73c37223638166b90c41286faedb5d7e1b56f80e8546c71cff202ba762b1e67ac0d116

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/AppEventsLogger.persistedsessioninfo

Filesize
495B

MD5
9b78982a5d20193287fe3ded0d9a81c0

SHA1
9386ee90081f94e547af7c981d2d869ed7ed49fb

SHA256
e6ad0fa44f3b468b19393e80443e7dcb30009b0879e4c9ee6c8413abf1c27a9b

SHA512
ed16efb218b4f10f6ed29df03af30152988e63e029b4cbc02ef5c8500a119afc14678e242e9906221112bc99c00a18b5f6d7182091097d91326377e79c3b78b3

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/gaClientId

Filesize
36B

MD5
537973f3aeb23b16fff356a5cfb92b4c

SHA1
4ea96379a135c850c0c1fd4b1f45d076fa7bcbad

SHA256
c4948f2086ad01a1a505b18d1eaaf601bd9605c45e9bfca2fe713f0f0b82b736

SHA512
9e4d59fabcb43a7c31f6a9c1edbed2a9ee5c344e052f7ce58f920d5905c40b891d1e7339f89b6f42fae12de78f1ad9f0bbdcee53c3e12701ce0a2012e5ca7ed2

Download Submit
/data/user/0/com.joeykrim.rootcheck/files/gaClientIdData

Filesize
32B

MD5
52daea4214189ab7516e4102cd438ccd

SHA1
8a8299ea47acb1aaeb9793fe566a8d3f20c26c79

SHA256
27ef69047bdd25d108f38b5c979c7941f96d421122f12741ad68c7b7c51e89c9

SHA512
8456e68709266fa9aefab206fa125306da8b25474df1e4d71906f1765aba25037774ed8ff56e1054e74da78541c4a6497831215180ff8a2f7526f6087288b808

Download Submit