Malware Analysis Report

2025-01-06 07:48

Sample ID 240530-qehp8aag87
Target manager.apk
SHA256 c2da3df534ece06c4e87d60ae4690f4c58a9b6d3d05a45898181123201c1d8d9
Tags
discovery evasion execution persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

c2da3df534ece06c4e87d60ae4690f4c58a9b6d3d05a45898181123201c1d8d9

Threat Level: Likely malicious

The file manager.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Checks memory information

Acquires the wake lock

Checks if the internet connection is available

Schedules tasks to execute at a specified time

Requests dangerous framework permissions

Checks the presence of a debugger

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-30 13:10

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-30 13:10

Reported

2024-05-30 13:13

Platform

android-x86-arm-20240514-en

Max time kernel

42s

Max time network

131s

Command Line

com.vanced.manager

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks the presence of a debugger

evasion

Processes

com.vanced.manager

Network

Country Destination Domain Proto
GB 216.58.213.3:443 tcp
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
US 1.1.1.1:53 api.vancedapp.com udp
GB 216.58.212.227:443 firebase-settings.crashlytics.com tcp
US 104.21.17.27:443 api.vancedapp.com tcp
US 1.1.1.1:53 mirror.codebucket.de udp
US 104.21.234.28:443 mirror.codebucket.de tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 142.250.178.10:443 firebaselogging-pa.googleapis.com tcp

Files

/data/data/com.vanced.manager/files/PersistedInstallation1006059675629958158tmp

MD5 bf129c3c65d6c737f586f7c52ad78ac0
SHA1 9331ba1e516f8211efea2aa7aca969213991876d
SHA256 5ac8d69622228aa86de047d0c68d07c5430c1275e057a34b951a31e028ac722b
SHA512 a240a6f415907a3b78d73a6c8b9ecc2f1a9ec63ab956ea743dee8b0cdfb0ca7c33b84b02a1c039ebbddfb4b940ee54b16cbe05be4afcf81e95f3fce69a06d155

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 4bb4e677eadb2bda3214fa7e832ee279
SHA1 45c84d6baaee5d6f46a76edbce532745de282a16
SHA256 7846444436f3c7904778876cdb46abd4f3e7ec93317032a6a3b2c35a18a9e057
SHA512 537b0b10210ca5440b57ddb80b8e3df6d76030100f4472daf6f0b3572f16610cf1240488373036628b74236b4c6a2e764f96447705c7766b789cfda620d176e4

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-journal

MD5 d89a1a1ea04ff3e7e0eaa8e369354eae
SHA1 8ed03d09f556f20085862acad171ff2638d91c8b
SHA256 ecf245ea1823ba676cf9a8962fd0f9c62d3609291cafaf03564e37caea24f320
SHA512 a7788dd8e43af1b8d4fcee7840b70e3fb832644164fec4d13d1948db7b6caafb8f4e70bf582357af3cb79e2cfa3b3df83004eb0a7fb8464299621e78e6aab93c

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-wal

MD5 4818ff9394e145be3a28cb554fcccdc1
SHA1 e1affd789a0617fc7426fa26aa1d774f277a55d4
SHA256 551cfff13dd36379f72388109ab228739d156dcbac7552deb3c908246ff31f9c
SHA512 9317f76fcb9b815c3f75ca0d695b91661e978b5c7608eb1e09c951468df526cd5fd919a4d51ebc83e617ea5f42497b8f012e2f472fee1251dd4daa99d44a3a66

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 b7002ad68f2f0519118ad8140a946216
SHA1 b2fde43d225ebb99cc4cdab0990306f54748ad39
SHA256 602c68092210d7e849f287c71bd47bbb28b3959f754c5b453b4ca477caad5d74
SHA512 66d0a7bffc95dd2bdfa2273dffce80ace5108ff1488bc4b8ba65e6fa357aac858c4ef334451795d5e379ee6d08a8070a14b37e861240f2af763f9cc56d33b7c8

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 d9fb8e4ed4216bdb6a4174d2d3d36c06
SHA1 a5aac2c610ce0f0e72ffd68a27a7956aa125649f
SHA256 8a23846f1e6a0a32b3dc86853bd82608ab200e48e26536b955f8cc05813d833e
SHA512 c7616d78ca5afae9e01999f3fa3b16bbbb459ddb3d02fa14be46253e7635838b803f62c45f92b06d7b2e3ab6d5c3c90f622748c8b857e0a1278747bfec65bb91

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/report-persistence/sessions/66587AD00280000110BE705000E947FD/report

MD5 983e933846f0af8bf55dd7e4f86b13d2
SHA1 2b7aba0bc513dc1dfff22c529a81c186d7dc1bff
SHA256 856fe5a21956cbc5c2979e9808f0c5b81721b5eaf0be66cfa3d2f782f292e205
SHA512 f18351d41f5a107aec9209a370ed12eb56a54f2ea80dbf0bbb6b99f2110d0d09d06e508c3515be6d59f6e1b20144cfa782e8b51498e07139baea3e4ab521455d

/data/data/com.vanced.manager/files/PersistedInstallation4879336460694053266tmp

MD5 b949aca9ba1a3175ea0b4a9621361277
SHA1 3517ea10c3c25218209d7a4886cddc4da2507d6e
SHA256 598bf5bd3fc16d5a76c709231d810e59335e444cd3952d0ff8b0847a63ae4dfd
SHA512 49d0e71ddcee883529a53fe33c1a538f457a38426da3282cf31ba11cb16ce2eb8b5041ea00ca172eb12e04d914d499a9804a3abafebcecb6056aaf6341d7027c

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 479221b03165c15fc0dc4c92979a742a
SHA1 5c29ad7098078d7438fb11c43f289a4943066b87
SHA256 49f1fe504698b179bb1a476642cf365b9337f7fdfbdebd7d85066a25f6498454
SHA512 eb80b8cbf05b10167ac8fd7d0de1a0a2fde2ceb9634bf520b40d2034df7b28d26b49b0d9c9011a7230f2e81c2c1936833a44450a535990b4d802b34675ab0db5

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 71f59f3d78214957a78b2d6faf1d501d
SHA1 3c138e3d235bf36b55b7fc1ccf95113c71bd8e17
SHA256 d91b5ac673e6c2b4131c38061eddffd96b2a090844b00a6a53e7ad4f557e794b
SHA512 720b143797beaef45139478944e3e1dfb0a6f2bd18a06de17dafb74c8a071e325f602d7659b4da647d4484669a2b60773f7c5a5af44b3459d75a3615112b7ff9

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 84b5a88414433d225d7814a6b3d07c9c
SHA1 75ee512a808be89a6cafd5833a974c32047429d1
SHA256 f11a06e85d476fc1c8d318f06c7c657e52dc97cfa86259c8224307a2f76455f2
SHA512 44b434b12936feff2771e8f0eb9a8e1154c9d14d062559090811d3118a34e7ac9d8566aacdd0a0af2048509ad9291e6965676a53a0dc36fb7cc17c6b9ceba8cd

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 5e39b0b17fe0fd49a9ab5412971a76ce
SHA1 cc201b4a5748c1633027eab83761675095a5a1d1
SHA256 5f5a4445244511996daac89d615fbb33e8fd2d1d0a03bdf12e2049c45d3a9d68
SHA512 da7199f36a38ea99546e3efc345a79d16befd61912cf25a339f52d7fe4067a1e094232979cce85df745ae689bdc44c0e84d8b78076acf5c2722bb390fe3e0a91

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 a46e84287b4fcf80b430c0e8cdffce84
SHA1 a1c2b68b62cae204cd29ed62f04b07e4c49d6c97
SHA256 7c3e79d18114a3f3ed14df875ac6881d201468d984fd438f07a500ebc3dd37d0
SHA512 139b1c9978724688747a779899883bf0bf159f9a801cfb573dc4f137e6c03a82af1f9ad1d28f7b2bffc710bc9560eb0202f3a9ef1ee03f02528b70ea0e007074

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 488892bca23b4d2386e58932b1f4eb25
SHA1 cc2b375aad8f3546c45e5696b05c99d746902247
SHA256 a358152239ebf22a5d5a737ae7a0e99ed0cb2175a8fcda6a393e3fa5f9709406
SHA512 47c70de9f75acb6fe0d25d56e48b73e3c12190ce09d28da7408362a2b5035995c00134616c337979f12ca4ed67459fbd9872a07cb98bcb06d3f1774c3e65c9b2

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 f7fe5161236d70b49534da87d8441ef0
SHA1 7a0fd50cbe3ae2a79ca068070e1b3ba145d8ebaa
SHA256 aa35929cae8a586baffa5350038f3cdfd450aca12b72c081ce9fe942a31c647f
SHA512 31ff01f12617ca30fdcbd4f425e57a86e1019255608afdb715bdd18f2575f126230f56e5bf5965900485459397e4fc204438725fb37811143c3b096318997ffb

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD00280000110BE705000E947FD.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD00280000110BE705000E947FD.temp

MD5 1e1a9c509a16c7478690e1f227d61e19
SHA1 bde1a6be9e3b3a22451d2ebfd40635bf549ae6c4
SHA256 eb60c0a2d7e82fcbfa88fd43676716401746fc15f72cf0c2516973c6ec9d3735
SHA512 07a8302b1b50ad6de4e9194a22f133c0a741cc6c104e772d3a0ed2bc17bf3a07c7959c5e47fd7e8e28cc94dce156984c147370100f944eee2be7cf9030f72f7d

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 7c982a1e0e4851642ba298db66f0f685
SHA1 2b53df37e1bc17bdf5cf06826f0b7a21e41c83a2
SHA256 571c466bc73a4882b0eaf184c6d32ab1d1397c0c3d2101bb56f71509ddcbe4b5
SHA512 7574e543b0b8944fce464dbb04cd161462ac1b0356105a63d41248b1a34af8c961e837ee948b9e4d370f9044cf51a7686d987fb09d6ab565dd147c13671ce318

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 bda90585ad76417535569e621c6e4225
SHA1 db549852f8ff8b9637e07011ba25e3118afd7b08
SHA256 5111ffd635b0f4cab93da66847b91b8a980264673af940fd5ab6fa0c84bc6776
SHA512 e840cefbbc8632e96126a4f57ebf70ca18e29f6e1c93cdde178aed1adcac31e0a22970a3057b49928a5221e25945e7a193fb8879cb391d9f7093ebab63955b92

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 3a499dd94f1680704671874a8df54c29
SHA1 c642431bc042c773e563d2cb43ff38c1527f368f
SHA256 6f37b05aad80235110e67723ef89b942288930c80d2b0b9aa84b5392c793339d
SHA512 246ee17a9f20859b95318fb5619e2c86ac3ed805adf48b389220078f18e1489945a229734af29bf11374b96ffb7a84469eefffdf39563363a9d0feef33781f54

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 d6ba0cbadfcb2e2912c76a1a60ae57c6
SHA1 511105898c78b868a18eba5a31be9a3a37e71bb1
SHA256 9fdf620a563aadb8b2cf496488d50372ea020ea9d340d1f2171aecb2795d8fe2
SHA512 05a33730712e53809b759efcbc39314057ecf862086cc5fc50db56330b75309f436c77e57376d1adad480175cd86ce48e0cc457b4e19a9ca640ec84af06e89d8

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-wal

MD5 5d1efb3ec11f849d507397ef95554424
SHA1 dd69e5f132a6e3f51ca2270da8e97c1a669f7959
SHA256 aff9c652adfcbb4ae1ab2d5d1ec8ce9ed830063909b1467195f7a603451da6c3
SHA512 ab7ec9ca5edb9d457af4bec83232739ebb41bb196f70370f05f78979ecb2ea473aa3248460697f2abca3dc8ce2cc4df89024c71993d37ba210ec8ce20254aabc

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 45b02aa3b9020d721b87fa72e494f823
SHA1 1dff3197d9e6c9aaf74b6b266f746058c9c88d8e
SHA256 35726d4a82ec197a4e34ec0239eef93b09c6afb5276ad705a0a7f18b41f2bf7d
SHA512 1f2f8cfda07e5d9b6c6dab42acc1889f91ac8c4d497ab18676a033ad60536c832d34f3ee3ee281f512925ee725e6879bf81d78562c1a760445d1e011079ec91b

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-30 13:10

Reported

2024-05-30 13:13

Platform

android-x64-20240514-en

Max time kernel

47s

Max time network

153s

Command Line

com.vanced.manager

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks the presence of a debugger

evasion

Processes

com.vanced.manager

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 api.vancedapp.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.40:443 ssl.google-analytics.com tcp
US 104.21.17.27:443 api.vancedapp.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.200.3:443 firebase-settings.crashlytics.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 mirror.codebucket.de udp
US 104.21.234.28:443 mirror.codebucket.de tcp
GB 172.217.16.238:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.178.4:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 172.217.16.234:443 firebaselogging-pa.googleapis.com tcp

Files

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 949a8a84dc54f6786a97ca0e12b70634
SHA1 bc3b66937ae11b731c2a8f929da74e2d91e00a1b
SHA256 74be24e280faa43894244929bf4e09c17e6dc09f9d1f846ca1b915c24c72744b
SHA512 934040fb5c267ead1dcf36c9ebae858e0ba26a2c0c5b873f856d6ef66383db317f5bb9d05efb26f1ddacebde122b5204a130a19a4bf91bc3c0888f18fa50f9df

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events

MD5 5a58283f14250b84dcb566bd8ac19a70
SHA1 53b2265e86e6657197f3cfc0ae925e4119cbf825
SHA256 3bff06b43c10be176dd0324ff28bda74ad25eede6973c2e13e25a591ea9f9f06
SHA512 9f667a7bed869d4bdb8be0c8f5679cdc801da1191dc5c10124abd50728d761da62876b54884c14d84747eb8d4c4b3559e6e59abdbddb8cd3cce78c44cbbdb7a9

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 8cb3d4580db7a7df1d3f6675e09de5be
SHA1 9b22f35c1638d34f394a8cd8dfc8b38518c1a749
SHA256 3f1661d71e756c1d6d62cf705368322156f465299efd6cba1f5e51831745201e
SHA512 eeab59819c9ff4d962da50c897c38632f5b3e2863989172330a5403c74429e2e1c482409f5c3f28fb0a0b253d1ff4d9cc945eb24a9de8b9dca9c687c91c9ea11

/data/data/com.vanced.manager/files/PersistedInstallation2913137929823846854tmp

MD5 0297c3f750a2ab7ab90a6724659445b8
SHA1 274e2058eaf61a4b5aaa00fd1ca4d18221320b34
SHA256 59ed6f647647b53b585293f55328ecbd4a64c93493de2dba6766a43466418572
SHA512 72100131f34dbcfe7f40542beb32fa79b5185a0f8f34f17e789a2d928ebb095beb53d37c85214fc73874b0c456751b99d194dffe6edca32b152edc2d717a7789

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 1b61c929fbc8a2382c1221bbffb9873a
SHA1 354959360563b6e17500e532c75244703bc03b53
SHA256 64b6f011c1db0801c526b69f27bb6609f7869eaf280dae229170c26eb78a4c19
SHA512 0e95c8c8ca72355152eb1c22eb4f9151038042978f079ac4434b22119852ec3b0bd19c8a1fe2bfefba51f5b679037433401a261b695d72a641641054390530fc

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-journal

MD5 dfc5209136c3a87edac101ce864ab4c8
SHA1 45358ce4c5fd6270eea2c0846da8f70107f38b1d
SHA256 4d5a4975f1a204f772932316f63953a4811e22e904828d677d7de1df00364802
SHA512 7821d307fc6f31d89ac3ac6d25865eea300f4978f0332cf12cabe57f80390100476e5a419f890c47bd19ad48c7beac8f292e4a52d49513ec4881262b28a9949a

/data/data/com.vanced.manager/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 c5a03f20056576a1ff4a8482c892b669
SHA1 0b833689e18ffa1c6b2945ec6c9c0e990501eb94
SHA256 a5588986434a3629a305b2946d02a0afdf47203ffa77264846a53b680e9df5c8
SHA512 76cac205b7b86bc98898a3ea29c85d61201a79ab3610a1a2ffe94ae5b747068c1820971774f51a59b310e6fa794d36a3584d6a05873f6f06b7f1bc6e88c6cc74

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 401c57f17d3ad353d423b8532fa2c87e
SHA1 168e31d119aac9fa136471430df9337ab8ec639c
SHA256 925e6b9e473d38c3222c369e1c61107a834761916b85d52414bfc0d236f19995
SHA512 c75d90f104014a1493de5bdebafbd81b6677533d8fb048b723eacf50e4a6d079dfe2e8e055160e7ab17d234606169711a28d431213265aba7e8178838e54417d

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 41a4c8d9cb25ebfa18b8d0f6b7914b36
SHA1 8b976e3ae02d71a7342f09e91471f07317682a28
SHA256 fc85d471aab0729f21f127e12abc2d6360628d8d2b4f0497b3c5379ccfb96e4d
SHA512 070f2299b24e8b1ca484da9a57e146213a322e38acd255a9af389a8b099bf5760690d3a1696eac39124cdd65b9630a56f152ee8c6dc54f562c1e8f03c576d3ba

/data/data/com.vanced.manager/files/PersistedInstallation5407954512918584619tmp

MD5 699eaadad2257ebfe955793d5ed004f2
SHA1 f0e5c008d31d9509ac91adb842228c4b3238ce6c
SHA256 dc38bf6ec362e4de04f1aa5bf14e85ba654b2eb32e66370830736c46bb062051
SHA512 790831499abbce5cfb172d560c4cefb2e73da0029da875be4a9194560bd66c43229b8a79cadd92f85403154c94e70103250ea7c211d45b13056cd3a6017eb3f9

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 47daada2c174afd76f90e9692c4a6f21
SHA1 eca4bad6d8571daa2504d917764556376bdfa96e
SHA256 1532bc5c1b3b592bc3717bea0801e91aad4c39dab2be5f833ca8eebd56a279f6
SHA512 4839055a32878aca37456cb92a9ab036df8daa533f10467230d720c0e11de7952d8bcaa8ced6a7ea3ea75fe3cd0ac6a3f667303056c0c73c275b92874fe4d996

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/report-persistence/sessions/66587AD2007900011470446A96EE8278/report

MD5 72c2ac8598304f9a64df9d1ad57fc9d2
SHA1 bcd6668711e586e94c484f330ea994fef4c26bdb
SHA256 01d071c3f845f5ca6674de6dc70b9e3bbed1c20adb2d75ac9aa60ede437b8c8d
SHA512 20d7711eaf11a53729b9fc357ec08c6bf336b3f8e0ddb05024d0021bf08e4733e12ebb9dd9b3ba4e6e9c9dcba0923e08656ff56b8faa28e259784e9b45d0bbab

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 a247f46eb92b2fe8f8ee66d97a14146d
SHA1 686236aa46ef33b3b4f82786a7148bcc918acaa9
SHA256 0584eaddedc72244594036234773516b67a53dfdd50779fcc4f2d510c6ba88c1
SHA512 34f3662d539fb5f1f57aa9cb9fa1df4822864b7daa009c1e90512e9d0c75c2e29fbe23522a706c0b3b506bdabadb153df54e995649d9fcd8c2445f1cf73b0a59

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 05fd09b564919c2c5a59687c8aca6fd5
SHA1 102c52df500f171dab2814ed13986686e92e1f62
SHA256 d15b7af92db1324cff87ecee262525b9b51ba682e52756efebb3ddb35c9685b4
SHA512 dfe7d1b14bbc1871cc4e1716fa7cd92a0ece2d936c67e1e5bceac5cdbabbc93d0da1c28faebcfa4d20e90e08022a7376544b6124744cc6b53040498c3d331b47

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 3d61531925cd272de47345550d423835
SHA1 b4413ef7c5b22859f8832ffae263d2f336297ae5
SHA256 d89266a39d0c26e3ccf61ae77674199a824fb1453fe5c12b66e8b8f7b0ee70b4
SHA512 86588a6df86f0869a271178d31a54386f5e9807e4947538a9bb239259304fa6372dc9aebb5c5cdbe5ead88696fb2416462952e16073f0fd092dce5c2798f10ab

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 444b5f6da1b9b7878a6a6df9eb649773
SHA1 df9deaa53b3e040ad07dab0cce6c123680def5ed
SHA256 4690d31639f8794d155a892bf245a84ec7ae6af8f75784c24fc007ec2c6932db
SHA512 b234b9b704465ab40926ea6a4c79fce1a2065da2367727468c29fc86aa991a8dd02b4fcb8aaa12ecf366e775c525b4be3393c85caaa6c2d6ec462917cce3c1a1

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 7a3ac2e52715fa6f297966b993d74984
SHA1 76104ad57aa2a4ddc0d9c0f1f03387f7cd4ff481
SHA256 f8428729980438f509611e7d92c9fa64b86886195750484a9b91fd44c6abe141
SHA512 f1f2c58104e65659c824bf83fedb8b81f34bc3c99a10fdc58a3017e7fa6de168f164fae59720ea345f5477d8810da826d147bcd3d83b4ffd0b1c1579ae96ecce

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 0b6d9b9a4ff162b204956d5d52283b62
SHA1 ced10fe8b97389fccc80444efb946135cf25af70
SHA256 71cc1b9416e94c332ac650cb1076b84207b4ca912189c9458b2949f0b73b944c
SHA512 843d1c9c92d58e74f96d045b1250340fbe48458a460c5fd10e3df57f56a6c3bb216e0ce8335195662d92af46102643d8539e402dc3b24adee9ee61f0394b2498

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 d5072379286eac52216b3a027e6cc613
SHA1 71c0ca739ca4a24d3ab84d26ca5c1c946dd24451
SHA256 dec5671ef63490a8459bc440de00bb3601104da114ab643cb341af10d7adfa64
SHA512 78a74901534b48dc8ba3f17cfd9b27b9ea42e181677b2fd3821b2992a293e8e7f457735fd4ca5e4c24bb2f46cca9c93aea4496b651333dec2116a9a1bbbecb7f

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 da7cd0eac16f18eb86a381b3231bb6c2
SHA1 9c9703b886cf2860d6afe2329afc238ac02329fb
SHA256 d7176694e3ef01e510b2e4e74994b6fa129c4775662e158db26769171fcd124b
SHA512 bc666810080e8e785eca054bb35a7f4659425f41e459a69e1245f647f7c680c85590b488b82a3eb669198d5f90d4feb53c80649ead4791f066ef4ec08a2a4ca8

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 6cb56a78a18c20f7898537611f39f6f9
SHA1 5e335b06c4487600aca20faf28b1e17456b124e1
SHA256 f25c55ad50137d7bfe81f6b041de802bfe3852d1b5179812c6b1e7c8267180a8
SHA512 7b043c216a7a9dc9f9b47b4d2d713df358b1bd50cb42a5c1137d5b70e5f73dd6ced851f5cc11fcc5b7a20153688baba919c6942cf29f176decd7bee1ee0fc74a

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 afb99d23b762ba9e0d3bb2369eb9193e
SHA1 994313922763c24dc85911aef8617bc04ffa4b5a
SHA256 00650465ccb86db852446563ea5ee3b8401d86c9ab163aa386eb84c314b75c20
SHA512 ae0146420053fb93cea08056369b71778568dda8017bc8dee716440e522c4e35224642f30c407d4bbed10ddc687f3a1955a0530e0113a3f87bb55fb4ccaeada1

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD2007900011470446A96EE8278.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD2007900011470446A96EE8278.temp

MD5 1e8b11756772889dda6d888dc42e5e95
SHA1 f2781b5af5bff1286a66e5ce5557aacf758112fb
SHA256 bf20225a9cfa696fc2eb741de5bc0e9b920477499b34d71ba25f7d2e3b90f787
SHA512 ef7fb9937ac05efde183461b18ae29bb0f538474d5e3f3c7130ee30f61abb6f67ee2a070fb70e598b91f2bedb094f497caa8d5788da11e4d81ad40eaba146546

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 c79d8215e6e408ee55ef33b6493b5d3a
SHA1 a72eda1151099992b9fe4e16e45b118d4743f6e9
SHA256 5242ca9d0852c276fe9aa8e045d1586bfed6493fb144d589a3365c24d949484a
SHA512 157b6bea8b7e599dbf710a3f21b9de756a615e3faa8648a576af998573980f102a58772eb888a58005cf07856cc5b165b7b0e94c752e2fe5d8c0d09d52e43ed6

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 015107523714beacc027e28e04dfd9c8
SHA1 c528ea0c2565d3cfb626fb36d3196c4bf81d4c6e
SHA256 8e77cf0f60cde63ec796d6e3db91a637c26bd215090ee800d1a58f5a36eb7bbc
SHA512 3d5c24c588b57ec0190abd2d4ebbd0c748a7231b296df7280090393d7886a0dac6c9bef75947e563acf717ca07cd1bcc244ffadbdc26fca30478b864107ceaa9

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 81f0bdd39b514be1c7b64d2c025494c3
SHA1 52b0e15dcd0c96c5662b2aa222615c6a5af4ca3a
SHA256 d8ee6f7ccbe82fbdfc46a5624a0b79646a2a77a6eb78c5f6b88046268c7b8314
SHA512 470bc599ed101d406ac11fc3f01627917b8a5032a02de7d347145befb5e1f8f083f2887e486a9684ebb8b5c115eeeba6751afc749ed8381168f24bf9f94fdc51

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-30 13:10

Reported

2024-05-30 13:13

Platform

android-x64-arm64-20240514-en

Max time kernel

38s

Max time network

132s

Command Line

com.vanced.manager

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/xbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks the presence of a debugger

evasion

Processes

com.vanced.manager

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
US 1.1.1.1:53 api.vancedapp.com udp
US 104.21.17.27:443 api.vancedapp.com tcp
GB 216.58.201.99:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 mirror.codebucket.de udp
US 104.21.234.28:443 mirror.codebucket.de tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 142.250.200.10:443 firebaselogging-pa.googleapis.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp

Files

/data/data/com.vanced.manager/files/PersistedInstallation5132203845045762620tmp

MD5 5fdf9b2b90a688421113f81915f6f6ce
SHA1 8063fd8a895ff85ae84fc77f1d00244eda4b1235
SHA256 6b488aca51d9e113ed19b2ac1e4244b9e99cf59b5c7998e82c18839094d0a0a5
SHA512 a8f1da5f56cff651289578c9f045a85ac7ea797bff51abdd6d96da6640de7855f926b0066ca8080e750fbdd5a874c89e0dab711cbed3db34f66e1bf6da742cf4

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 1ef5f3016a3bf55a47c7cdef4124dda3
SHA1 2b73255500fc1247bb8c684877daee1b29774172
SHA256 692c934a90986e814c5546af2d050d18f019568d86cff5ed4d084fcd0763e372
SHA512 c202cd289770d5a18506e25531a1083ee008bed12f036da352ba45ef905c9379c4256ddbc352e317455e00ebdf4499781420836125ee75bffc5c298ed003c1d0

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events

MD5 1d81bb3e2966e3517cdf9299f85e2247
SHA1 bdf2e42446eaf92a55cc20e912341aa96e7f9ec2
SHA256 e21fb9293a350dc8d7d2fdebb938e3d2f997c446d29316f49f02f778d0ee075c
SHA512 23796abdb86812b19300d376b50a81e7747733384eaaa0eff69f9103a072fc016dde94e6b400da0f89e44920143772a26b6a0649d6d319faf32ab1e3d0e990d7

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 b2e9d8a27e2de70fc69be3b27b221fc7
SHA1 f6db87df943c25fd0c21aef807d0c04c6d0b5b09
SHA256 604576c1b48ff1bd7294bc66928e6e29760f9c8b8ba0497ffc1280064acc8e2a
SHA512 ec86ca7805b4c2e04a2a3a4f2a207f134ba2d705a44ff2943a1eb7077f3f2373fa8be91bc9a9e09cbce1955cc2ef5a2901194156b3fdd61d174a18db741a20eb

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 4f35d11fa7a42469f5a95bff20241ddd
SHA1 745df60fa812aab9cebd7b6ecb9adccb1740c6a6
SHA256 1144c7f7efc15c590db189b9717be81dca10fac6ee15d143339bd89e1a4c5f8a
SHA512 c3e23fe2bbf575ff426ed0164adce37c2d7debe4d53dcb145f46fb2e4d6a046ee20c68901460640a7509a34c69c67d1332048889fb7d0cf0c5f846bbc61b1364

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-journal

MD5 f4b53595e598390d7d653031d02cdf9e
SHA1 88a3de75b7edc6931d066b84dacc9cd67e5ac5e7
SHA256 c961019b7c9533053959b1e15e00a6b8e073713b001861fef4f01ad48787db2f
SHA512 43bd8c01700f78dfd488902ce2078e7834afdb1de8b3adfaabd74f8c8bc747678d84e4d79799938a2bfbe5492ec5e1efd5ad27c7803785220f51ceb9082cdd2c

/data/data/com.vanced.manager/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 1570f57bcc15ade32b45104532684508
SHA1 66651a6662839b515be14aa5c3a022e50e0526ef
SHA256 23c3e2f340ecb8ce84eb200f28062adb389151700b094e33a31c399cd80c37a3
SHA512 c628fc11ad01aad966c5e38f44c25620cc2d11f91a8d3bc794004221a4a93a95df956af6870c0fe148383313a9819d32888aa8a0a1be6418ad65d512d3bfc2b5

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 7ab16072cc1a439ed481f75bf4c162c5
SHA1 25ecedc126abb49fd0bf02b395a684ae178a6f14
SHA256 4fc2dcd9ca92c0249d0e925bedf85b32dde3614259020ab0fa612121fd1b254e
SHA512 56ee937c0c19dfe3a3591519875472eb17c8691655a91b63fa5448ca6f1fa1eed53829fe2392efee4f305fa4694b4932bf73eb0999303322665b29349939993f

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/report-persistence/sessions/66587AD0013A00011217AA7BA853C208/report

MD5 8370e5ae4fe0a9e7d303450ac7fab891
SHA1 e1ebf747dab5807283d0867a9c0d52a3a9ef6368
SHA256 978e9507b61970ff49fbb48227ac871a32881b180aa3d23791ff6d55f9dadd9f
SHA512 956ef810ccf45354e59dbd7642848cd28d9074a5ca1343b4ff3e43c2c3aa324aea6c49bfc310768723867db2d36d3154b07e7db9ae20fcb78b712b3b30d783a1

/data/data/com.vanced.manager/files/PersistedInstallation3752459395823504788tmp

MD5 d720eb439ecc8ad45d9178f1d3940cb2
SHA1 5edcc506e10d72c3dff2aa6978e11e9392ecae09
SHA256 601244c140afb3c43b1fa4bcbbec0f62032eddf5043983733026e452b11be5e3
SHA512 b731128f1484fa59ef7525ef4c620082bef0ca0eadade2b67e23c79553f29d9a3694b217cb15ae8fb218e39822eed8f0d08a4703bf3db405012cf91ea8501eeb

/data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

MD5 7028596e55a7b31ceb1b846cc865ede9
SHA1 81826abc27557b7d83a8d73be5a614976475cb4c
SHA256 a02cf5380c1d28854b53122510e1bccd86a1becbebf565308e88576a1f2a505f
SHA512 969b91383fd7fe704ae5b373816f7c1749d39726cc568d66193c8deac0cbea5ac78493311dca436d7f02f4644a7a0b29b3e0e6477d1239077f30bc2f9668e799

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 599e78db7df5b03f6abacef90306aaaa
SHA1 2f74bf3efd3a50022fd95fb4dbcdacc5c0da55c3
SHA256 49ec4ce66e1695db7bafb739fb17e17d7a815668a9ade171c00cc94c53d17f7c
SHA512 df765405586348cd5f13f9a679580179be23335466485101fbb7dba6e9bf3ae797ec2c9385d5ad569a74349a5da1a1fb8c3a1a28173052b141357b08018d8791

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 461312456d6dfcb2511c0a35f72da07b
SHA1 7386a8807cd7704594c44f2d7165d57486b09216
SHA256 cc7415b35380bf6a59673e7e3f448fa5a6f90f67a1896f4a5a1784720abff239
SHA512 227cd7ae66943fb57c63cf0c9b36d68656f0a2746a37399ce9b52896e414e5c0df21c0c66eacc73abdef9ebab35070d80112f8b7c19ce608498f28d33f885e9e

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 616bf7e6dda63c288d1977963da22670
SHA1 4a566d3b5d0522b33410f47f2837a27ff6f1ee06
SHA256 5aee48fbf3172d8a00a46498dc968233ad63e3a3e2d0f8373a6db58267b5c493
SHA512 55ba4a367ba7ce3f17b3c82235b96f955cb3241e1f85af50289f2c25f5aeac03cdf7cb3ba663652fd170e035b05b3b5f2e0ea573e450b4ca33072acafe0da708

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 1a9f223c96fa728146fe60fe2a74300a
SHA1 3f221989b32b16d49d22cbc6e657fdac317b5d6f
SHA256 0d7ed09ee388743a003ed55452558a3c511ef2798c3309e1edb62a756b099446
SHA512 3111873af733daceb1ac574e4b14082d97cad1db954a4cba904648b0c255a505491107d3f8d51a1b1592fecd4251238f3ca5a9c60ff632426e082e6987064d36

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 8154fe7e19934fc17d676f5c88b93c9f
SHA1 4e9f8c740b7adeec59b3bc6e01a135441adfec9d
SHA256 f1c6352340c22c700f22cdbbe75e369439437802099eb3cf3c97bd3358d0b06f
SHA512 8d95f10c00afed18b25144a7b7aec2ed9c864af647f2cd7cd042918681ba8b99daa64d1929e406c91da039303dff875afdf9b8bb570a5feddfe7dcc47d116a4b

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 1538d7b2374238fbb860f41c9cd83d89
SHA1 1e88984121f9b488452107977fb7486c238fb879
SHA256 4e355be406ae5a38bd9b87dcc316052f1c7187bde3b7ccd0e671dc5d030c066b
SHA512 fc70a1d966486c7b986950565507577ccdf022bb7e9f668721bade60685176ff537155ba23ed4d3c7d39f820bbaa8b286e20e730b57e08fb0de99cf3248d7594

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 6d5554c520f4e5bf0165e57916826e7e
SHA1 96c6898ed36605e60450d7b9eca25fc9bc4797b0
SHA256 b7c1abe13e26ec7a8d0aa50226e1a80e832c376a6b73434385b63676b481664d
SHA512 8cd57d0853ad952a4873b6e8e57b955f111fe9be3c44968666a2a034a2d2931636ae05ac2be180225455ec23e8bea3a764a0d09fc8c3bb0229e312e470630568

/data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

MD5 74e8f4f75d7e308a20e5897651da890e
SHA1 4474dfc468778bfa056035dfd8ae1477d9fe0513
SHA256 b7894f18ff8e0b7c30c993b2f56d640e359e5466cb978c6d59212e4112f9a43e
SHA512 415f267441dc4b26e1f20bc1ad827630b246afbaa14072689506302907e6980fe5630d36e70525d14c25fe151263a8b38427acc14c11fcef2cc1de16ef8619c0

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 49bf5ec196154ee96a7485e755009910
SHA1 c87b0afba32e43bb70a8701aa7993515c1f793b0
SHA256 d4d38d7319af9a955bac84f7ee4a3030803575b205bdc24a35715d5bf7cc321d
SHA512 05a1c91ae51216f822c2f29dbbd6454c4bc427bc021dad637b2fc03a5868a09f079f7bdf56fde4cbf7364c7e59bd47c2c38266aea53138da24c07a7b96153584

/data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

MD5 6f73f168e8048f0d96addcbe9d7093d7
SHA1 a51e8497facc377868572ac97f418c581c06ebbf
SHA256 40f7fc9a7bc4debfc1416260ceb42579f1c64374b42c796437a1421bcdf84777
SHA512 d3ef2ca3f6739dbea5970eb8720ca9d56acf72421a826d3c680856d6848815c42fbef86ccd740e9543cb84ea34cbd108b534a4af15f7b4eba0cd9ee53ee8d59f

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 994d6a357c929fa00724de3787e1c13b
SHA1 df59d0c0f2392a0d6b3c233f69479aa15a248a1b
SHA256 79b3829a973fd743516bcd5969016c655c8b63ba14fd1f7be6440c9e57dbe99d
SHA512 3741d8491c8fd96baa6f5a6ee9ceab7a2eed665ff52018c7fb3f70fab6bc9aaa863222f4f20416aa9d40300d9afb3278ccb928d45ed1828405b71ce0728d2e7c

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD0013A00011217AA7BA853C208.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD0013A00011217AA7BA853C208.temp

MD5 0ec890dd5deaf5ff2ec70e171c846b95
SHA1 46f452046e60409e21b3e8c08621030eca5ea849
SHA256 41110f1fb41b8a712f60fa1ddae686fc5ac15e1d4cae391470a604ce1176e9ae
SHA512 0c4edaaf659276803cfd2ca1602a53e579b52afda90d41de8d23746caa0f0cf5b255017d206bf69b3af74cf1016779179b3bce9c583b53263f9d43cd0f459437

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 9f33e88661c1e0a5f8dcb987175bcf4d
SHA1 74cccb9224cb9c984ef980fd4f501d551fd52743
SHA256 e45fee1843b3fa185feed8255aef111617cc8807d608413716647acf7358104b
SHA512 b8ad527156aafabc443f062f72fe919814b3c871093915bd9c10c360d010c1d7f6a9e5dc5d28187acc533e67fc2b39450749f0f8bf25a26dc0f618fcebb444cc

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 0a8d44713463d3979f2ed7b63ff3fde6
SHA1 e612fc867d882d3352a97bb30beb541d5e65a484
SHA256 4ac2ff1d70cd0126f2e9726c2d026605b3dd09b51bc799ee51c5c9efcd928980
SHA512 174b6f470b9dff7082ce861a850e7f6819fc9e3131b030f25e7f84344de2e5e69c446425cdda1b6df88ab3189b2cfe5ebe4ace83a584e66cfe84cc740f29d6b5

/data/data/com.vanced.manager/databases/google_app_measurement_local.db

MD5 bb4bb9007ab7e9463b2a4474e22eb5da
SHA1 70b19344ab36414c50e5638d2f2e1c6409b93ebf
SHA256 819c28064dd81fcbe76a08c692eac1912d453a17945f2ee717079d9fcda47994
SHA512 0ef1ab9627c522843e077ca56ddf45a722f1c5856e8965b5aff6bcf7300092ce0b230b6a3a803c7e465ddda04be33002a324dcc21368f0f3157ed33dc8b8f371