Malware Analysis Report

2024-10-19 13:18

Sample ID 240602-qk7arseb58
Target 8e36f838aab0624da9c6d88c50a57c87_JaffaCakes118
SHA256 56d805c7aa02aa41a34e2e0e93cd038b517616fc463c92931f74ca4fc037c737
Tags
collection discovery evasion impact persistence credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

56d805c7aa02aa41a34e2e0e93cd038b517616fc463c92931f74ca4fc037c737

Threat Level: Likely malicious

The file 8e36f838aab0624da9c6d88c50a57c87_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion impact persistence credential_access

Checks if the Android device is rooted.

Checks memory information

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Reads the content of the browser bookmarks.

Loads dropped Dex/Jar

Queries the mobile country code (MCC)

Obtains sensitive information copied to the device clipboard

Queries information about running processes on the device

Queries the unique device ID (IMEI, MEID, IMSI)

Checks if the internet connection is available

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 13:20

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 13:20

Reported

2024-06-02 13:23

Platform

android-x86-arm-20240514-en

Max time kernel

35s

Max time network

132s

Command Line

com.ios.browser

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.ios.browser/cache/ads4440224556594158169.jar N/A N/A
N/A /data/user/0/com.ios.browser/cache/ads4440224556594158169.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads the content of the browser bookmarks.

collection
Description Indicator Process Target
URI accessed for read content://browser/bookmarks N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.ios.browser

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ios.browser/cache/ads4440224556594158169.jar --output-vdex-fd=128 --oat-fd=129 --oat-location=/data/user/0/com.ios.browser/cache/oat/x86/ads4440224556594158169.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
N/A 224.0.0.251:5353 udp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
US 1.1.1.1:53 cp.g365.cn udp
N/A 10.127.0.1:12000 tcp
US 1.1.1.1:53 ticks2.bugsense.com udp
N/A 10.127.0.1:12000 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
HK 154.211.12.106:80 cp.g365.cn tcp
HK 154.211.12.106:80 cp.g365.cn tcp
N/A 10.127.0.1:12000 tcp
GB 142.250.178.3:443 tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
US 1.1.1.1:53 media.admob.com udp
BE 142.250.110.101:80 media.admob.com tcp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 142.250.178.3:443 ssl.gstatic.com tcp
N/A 10.127.0.1:12000 tcp
US 1.1.1.1:53 clients1.google.com udp
GB 172.217.16.238:443 clients1.google.com tcp
N/A 10.127.0.1:12000 tcp
N/A 10.127.0.1:12000 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.204.78:443 tcp
GB 216.58.201.98:443 tcp

Files

/storage/emulated/0/.bugsense

MD5 d4ea1acdf1a2bc87b24b145084f2c18e
SHA1 fe6fc74b408424eea708fdf219609ba3a0272dab
SHA256 d12eee2341af813652e5881a82a614b0d80c21a716dae503d4c5d9eda6a45fb5
SHA512 af2260c01b366bbb1f7f9fc067e4168056371518fa273d4afd2be2406a0ae79a00cc2e488a401a23cf4622735fab5ddecc975f18d416039c96eb8d2442ac465e

/data/data/com.ios.browser/files/Ping_1717334425773-66188

MD5 ee9024cae78caab74e0b2738ae363615
SHA1 f165e7de4f515bfe0617070122f10f278634e39d
SHA256 d4f67f82731b6e4dbfb6658c8f3e0aa91e8f3cc58e160af607bc4c27f4d78f26
SHA512 1c302164c83648a4fe505d1e428afb980209e9c4bdfc7e4d3454125fcc195e5728acd8f2a7ce36434684655be55382559ecd7b36f04d7acbffb35fb50f0a9d50

/data/data/com.ios.browser/databases/historyManager-journal

MD5 5fd4529843b0bc74f6e0afec14759075
SHA1 90b8b3c94c3606c5a528ab1e254482832ac0eb1c
SHA256 29132a4868d715438d0b4b1713f51f4aea44f3f0727f9f3a96e85f0f03397370
SHA512 67be9af3941ddb4f0a01d3c7741208322e1de51065f34c4cb9ae96879df41cbee5b86292b23a882c5d39c1204c6799ac3bad9976726651ea146fa73495c43c77

/data/data/com.ios.browser/databases/historyManager

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.ios.browser/databases/historyManager-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.ios.browser/databases/historyManager-wal

MD5 16233cbea3dc3dd7fc2e8b1e702fa40d
SHA1 bcad5181625763ecb075f8d41e4f7dd6c7acc22b
SHA256 ea2f79bd7227366f50c3ccdd71300703ac0dc86b675877b6e4c1e4d0a2cb0642
SHA512 cb2ee3f41cca4c565a1771aa8ca29e6e260d1bd4b77f65548b1d48d3dd21f0f3d1a6389c5c5e58ee06415683da3d7adb19f3e8e0173191f1ba4bf77a8a265802

/data/data/com.ios.browser/cache/ads4440224556594158169.jar

MD5 d80f6d032778b02d10a9c9a2f1a24714
SHA1 e34d4ea9618b1b499b65032723ea029ab3998500
SHA256 ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA512 34fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1

/data/user/0/com.ios.browser/cache/ads4440224556594158169.jar

MD5 12670a32ad1380c9021a9e74aa5f2281
SHA1 7e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256 f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA512 1277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06

/data/user/0/com.ios.browser/cache/ads4440224556594158169.jar

MD5 6175efac331cdc88f352d62e1e1b596d
SHA1 d2e2e8ccdd8ca885dfa83f28208459ac60e9ec1a
SHA256 3d3736a254adb3086b9cb9017b52fc7dbcaba3043e284ebf90bf27c0fa6b74e3
SHA512 c5ba4e091370597ff6780beac694a37b1fd9400a21f20b5a388a62a04253054ed91ffb14d2e84c233b7e4760f6f92fa324a98b88cf90dd868b4ad7f6db3e49f8

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 13:20

Reported

2024-06-02 13:23

Platform

android-x64-20240514-en

Max time kernel

49s

Max time network

180s

Command Line

com.ios.browser

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.ios.browser/cache/ads2171788616314577028.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads the content of the browser bookmarks.

collection
Description Indicator Process Target
URI accessed for read content://browser/bookmarks N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.ios.browser

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 cp.g365.cn udp
US 1.1.1.1:53 ticks2.bugsense.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
HK 154.211.12.106:80 cp.g365.cn tcp
HK 154.211.12.106:80 cp.g365.cn tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 media.admob.com udp
BE 142.250.110.101:80 media.admob.com tcp
US 1.1.1.1:53 apis.google.com udp
GB 142.250.180.14:443 apis.google.com tcp
US 1.1.1.1:53 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.187.238:443 tcp
GB 142.250.200.2:443 tcp
GB 172.217.169.10:443 tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp

Files

/storage/emulated/0/.bugsense

MD5 cd498fd4f9247e9f9ef99e940063433b
SHA1 1828b2bb82aa7129dfd4cc01f61e1bad3f9e2895
SHA256 af525fedb16ebcb058598ce37e7e69d6374e3c900aa9fd8593bc29b38725ba36
SHA512 a2f90938ecf8190b20f3e565dc69976ef8e59071d764da1a17a6d70fcb52702701c54ad68ceb9408865f6c44f419d285435d36e2ba0ed6df146818eec0457f4f

/data/data/com.ios.browser/files/Ping_1717334426980-16258

MD5 a757049a22d0a9d73b8373c4ca63d0d9
SHA1 d309e40e194d5d3820c0b1a1ea8074ad2b9897bb
SHA256 324ea8ded317574a6192dcab92d53d26a102f1f876c9269763a9d1260d8d13c6
SHA512 a8bfdfcc823cf4281342e3415a46d4ba77d4a903ff3fa22faf6392728f199a6b4f11d70a43c0609bdfe7149dfbf076e270de624724d434c7928293d4ed874708

/data/data/com.ios.browser/cache/ads2171788616314577028.jar

MD5 d80f6d032778b02d10a9c9a2f1a24714
SHA1 e34d4ea9618b1b499b65032723ea029ab3998500
SHA256 ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA512 34fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1

/data/user/0/com.ios.browser/cache/ads2171788616314577028.jar

MD5 12670a32ad1380c9021a9e74aa5f2281
SHA1 7e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256 f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA512 1277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06

/data/data/com.ios.browser/databases/historyManager-journal

MD5 0b8719c1917de2a3c56f47d4db6505aa
SHA1 e6bd2ce516d91d5854af901c7a8666e00459f92f
SHA256 3838e275cb5810d2bd7efc7459d7789bba37d647f34ab24556adffc66e46ef49
SHA512 52834e5f28d576827ac72e0df6948e6bb60add62961d5395a569869dc143649cfb55ad5ee1043454bd3a020a701935eff1433b85b0cf8c88efa42ac69f2854a7

/data/data/com.ios.browser/databases/historyManager

MD5 7f5c184e8c83a02c69a84c8bdea77729
SHA1 030cc4b0af8c2f7b6ff2507d3d3b79272688b707
SHA256 cc1ab419a11ff84b63d85c199f5b63995d8c49c72d665583c2917440fbf6ced8
SHA512 d59f3f1e4244b122b4a8beacc51101fc01a2532106b6e566b3be3e620bad68091b12153c26b0fa6b699099fc19d5665b6daa6f091dfe3a5b59238cd81f626c61

/data/data/com.ios.browser/databases/historyManager-journal

MD5 77fec51ea7599e05b970886cb231cc3f
SHA1 275a10a668bb978973a73c06f169c551c8cfbe2c
SHA256 2133ff052ab268991fa2c88c48482cc0ceb79ff1238fee88c912f0d5e978b800
SHA512 8919117785a00b7c955f8ae17377fd6c6696927c8526ea8713e9463d198a706d9ce8595f2f02f612f691d95f4960b37e28cf808fc4d94a7982ad4cb94f998b52

/data/data/com.ios.browser/databases/historyManager-journal

MD5 fb697bbb226231f8bcf91d263c91ad99
SHA1 dd3f0c2fa5481eee4ba7c789cf1dd46e0f3136db
SHA256 f7b6a8474394aa0644361af5182e9b7ed430d21c6e011b421821c1fc7364f0bd
SHA512 93eb27773efd4cf521d4a815e2c73ff1122276b72f600ef6c382c0adf35bcb28580ad4a28d91ec22b6d26df89a26939e28785448cd53f548b4137756f54f27cc

/data/data/com.ios.browser/databases/historyManager-journal

MD5 00f204b4226c430c55bd4a1350c84b36
SHA1 c6d71a9012f00e9c3c476105194640c9f3016a98
SHA256 8e2add9ba61a57020252529cd753a0d830dda96404b5064003bd4fc39f25bde4
SHA512 80763646a7f2960cd3a637295b2ff6e11447c64df88a0de70f4bbf5a8f1ec718e7b284d0c0289de4f00296ba1fff8a57393a06bffdd6ed655b7b9c110ccb767f

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-02 13:20

Reported

2024-06-02 13:23

Platform

android-x64-arm64-20240514-en

Max time kernel

48s

Max time network

180s

Command Line

com.ios.browser

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.ios.browser/cache/ads6723405112879079328.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Reads the content of the browser bookmarks.

collection
Description Indicator Process Target
URI accessed for read content://browser/bookmarks N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.ios.browser

com.ios.browser:remote

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 cp.g365.cn udp
US 1.1.1.1:53 ticks2.bugsense.com udp
HK 154.211.12.106:80 cp.g365.cn tcp
HK 154.211.12.106:80 cp.g365.cn tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 media.admob.com udp
BE 66.102.1.100:80 media.admob.com tcp
US 1.1.1.1:53 apis.google.com udp
GB 142.250.180.14:443 apis.google.com tcp
US 1.1.1.1:53 play.google.com udp
GB 142.250.180.14:443 play.google.com tcp
HK 154.211.12.106:80 cp.g365.cn tcp
HK 154.211.12.106:80 cp.g365.cn tcp
HK 154.211.12.106:80 cp.g365.cn tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 172.217.169.46:443 tcp
GB 216.58.213.2:443 tcp

Files

/storage/emulated/0/.bugsense

MD5 5628b3a4fb9cfab56d3826f39cc07058
SHA1 26e0229159121e8647eefadd5732340192b09c2e
SHA256 8fd4d1c88a8d426a8a7df052850eaf39b92d9c24acf20bf738ed4b2dea8cd101
SHA512 bdbaaf072a8abdf1818408264161f139d9cac3fd9fc5029535f450816f4d7610bccddd8c3b3d76e503d82744cf016446fd19ff5b35dcb7c1ed9a5478dd09cdb5

/data/user/0/com.ios.browser/files/Ping_1717334428078-78483

MD5 69c44cb8d2aa7f3441eae36347e08675
SHA1 7bde79f6831b86eaa6d295d742764d95e4697421
SHA256 9ba9428d7533008fe7cc1bde0968f0a53e73137b9e1c5e7b8c8a47c4348e9411
SHA512 72f1ab8ae80768135ab89f28fb8f4cf1322bb26c7d6b1a2f6642f308ba0f4818edaf5142cacdc9f087f95790535b363d48e19315e2c5a3f2ca81d177bbd82978

/data/user/0/com.ios.browser/databases/historyManager-journal

MD5 ce3449b12f6f131535d488bbb2001005
SHA1 ca9b68bc7a527c7e79b7e9b3e98c31653bfcb3de
SHA256 7d00dd754134eff82cfa91d0a7718ba840b105e4854abbcf28cd67fe1f96ee4f
SHA512 afd88cce533dd2a821ecdad6aaf2cf66435a729961958a7f1126dab2c78944594a1a763ffe3d995a6edddb6c63bf06ea35f59cc6419699bfe296bc6dad956b57

/data/user/0/com.ios.browser/databases/historyManager

MD5 a72423bcf6ba2f2e2dc56d4f6fd2515f
SHA1 cd8581a438a9281be57065f46f5e3260b15e75f3
SHA256 b83e90d045f859548f9c2043a96371a900de8dac93f3cf919ff79a1c8758fbc2
SHA512 94d258b33b0fab32555740fc7bce1b114025f442c750e5523e47e7e2b1df1ae88e55ff04e0f7da042a785d687f0e7176ef739aad7e90bd7a2c9f836031b9ef50

/data/user/0/com.ios.browser/databases/historyManager-journal

MD5 81bbdb15dd27ed00e1d3c1c5e2c91d6f
SHA1 d513a5b68537d92ed3be25eccf9616222b798258
SHA256 cffb628adc164e5ec939f2a15bb946d83790bbcedb43ea71982065aaa937ba32
SHA512 d5309682f40dee20d5683a1123b406de8f59d60f96214b49ebe3dd39dd31be1c5a9179a5a40f54b11308e093e59da73e5add824742f68c794d21d1b749eb4719

/data/user/0/com.ios.browser/databases/historyManager-journal

MD5 3fb1d4631d951bfb04098741c830b062
SHA1 343074090519611fbb77641404f3bd800359b4ef
SHA256 4bbf55a112093dbc91464e178c96cbe40a08d52ecd54253fbbfcd14e56cce362
SHA512 bb0ef0966181beb1b838d2413e90361c1606e5e9339be1fdd38ff9b31430a7f9f22c654c2fed3a1d3a1c146a360086d58b06cdbfbcd6ce2c945a701c8a2efda8

/data/user/0/com.ios.browser/cache/ads6723405112879079328.jar

MD5 d80f6d032778b02d10a9c9a2f1a24714
SHA1 e34d4ea9618b1b499b65032723ea029ab3998500
SHA256 ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA512 34fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1

/data/user/0/com.ios.browser/cache/ads6723405112879079328.jar

MD5 12670a32ad1380c9021a9e74aa5f2281
SHA1 7e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256 f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA512 1277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06

/data/user/0/com.ios.browser/databases/historyManager-journal

MD5 ea60fabeac12522c595b8cfe970ae5b5
SHA1 18491788bbf02e6eea87a7748f48ac4cc4264c74
SHA256 f6ef23f8729d55ca2774e46c67fe91eb33b7d2db11106f12f460f1ae0d7e50a5
SHA512 572fa52262ccecc2600659a0cf2ae22d665daaf4e51738ffcfa18bedcd6a00468880e18988db288c7cacba8627d53d6fb9e07f0d9826cad2e437d7da0856f676