Malware Analysis Report

2025-01-06 11:57

Sample ID 240603-fnv2ssde93
Target 909c349fd23deae561fe9fe31a87db4e_JaffaCakes118
SHA256 4ee53f8c4e6ac0467de6b74a910772b1637e8d87727ec7cdd9a94ad0b8b17218
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

4ee53f8c4e6ac0467de6b74a910772b1637e8d87727ec7cdd9a94ad0b8b17218

Threat Level: Likely malicious

The file 909c349fd23deae561fe9fe31a87db4e_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about the current Wi-Fi connection

Queries information about running processes on the device

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Schedules tasks to execute at a specified time

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 05:01

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 05:01

Reported

2024-06-03 05:04

Platform

android-x86-arm-20240514-en

Max time kernel

179s

Max time network

132s

Command Line

goldenburger.creapp.com

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

goldenburger.creapp.com

goldenburger.creapp.com:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp

Files

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 090b707bdeee6b2f108e2da16bc2f73c
SHA1 a5f1c61c7d50def8a90c6a9ccc67ee4d411880b0
SHA256 7744bc9217412e367aa32269ba5152ab8a5424961fdd0560306a220b8a4fe311
SHA512 9e03bb5fd5d4d2c3bbff1d9cbb3f2a78040e33b40b7483eb99675a818c9eb240a04a502ade22d8cdf0a2893971744a8db07b4a50ed991018e250ad209e5c8d10

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 a58391ef30a6232b5346895239eba527
SHA1 7c75641cc228c71dc8e749f9672f3a716f2f8427
SHA256 38adf03759ca9bde2e9186a0383221a13321d12525ced4f56852e15908f1bdf9
SHA512 d9c84ab017467173c54fcc19c7ea872a6ce40154a66f1f4b6b37fa44a3409ca8cc29989c1c008dadd130acb07c4d61f9f63678fac9b38d0a24bdd62de6fdfeb5

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

MD5 e510025433a6737f7ed62ebc69dc49e2
SHA1 84aeed17b933a2999ec067780f9108fb621b8413
SHA256 2551f36f5e009f8ad14960f4c50e2fbb1649491d8a801b2c60a4e9a774e3f00b
SHA512 d9d2112b9b309ab10b86d36af7aec8d107c9afef7d8167eee6b8b2ee35db1068c5d7b59f27c749b74ebe72cf87a5101ce294c036f46efd12ce16e0b92493b5d1

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

MD5 eb5f1afaf139c6e60c7213293c9d0a0c
SHA1 709e6fd705ec82f7b59b6936c7b7ffb3ea91ee17
SHA256 ad9d25308c8fc2a7c079157669494910c36ebf8ab95eda448a3a794a75a66496
SHA512 b530d77aebb94d814b804869f0506501d22abb2537cd6ab692c232e1777773776855b5a87151ffc2dc228093d0ac6b8f336afa3ee1f0e35fb153c296f7d0b210

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

MD5 8848d36e9bb7a4d0210b8c6cb3b60546
SHA1 37249f14cce814103e2457715149e7ab48b75c8d
SHA256 7b44ecda4246cc66a97a776afa744b97a51fec669d18e68cd177c8ef791c0427
SHA512 21d67a77d64cab8dc7e1ca5bc270ad20aa059ecbb09f06828bb85d82f9b1349fea9a2ad4dacb2bc9187482b383e8f3047d7401f833c467b833381def0fb8573c

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 710ac9fb55c52017747858776d2e8d6f
SHA1 44a87e92024d1e06f33e7bcfdfa800facafcc626
SHA256 c23312cd02ac8a234f7e7c538fec19e7166d2774e35ae6120933a11a86ab6398
SHA512 8e03c5b7b810bcbf8f9ce6a5e7f2e0fabd46b7f4facde90f85373866de6179fb162504f75cea861d01ecfbac96bd2a2f217f0a9bb0793debafb035abb47d4645

/data/data/goldenburger.creapp.com/no_backup/metrica_data.db

MD5 085aa17c27538a60ccbfcac05cb2d391
SHA1 fad9f5d0f1c002b1896b23e3f596a32a21226982
SHA256 91e01aa528873ea450fecdb7ade9cc3241d341ddb2e8574f01005f704c6fff2e
SHA512 9f3a05b925f57eed78d4ff7a995b1e45e0761dac6411bfd1f5d8f2268562d5375fa82e4057c856b4bf717b6ce436ae188d7883a6fa0be13200842d65bedb7135

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 4c8ecac506bc248e1b1097ed8fdb0911
SHA1 712cb5ae30652fe84ec72b88862b6c2d51139bc8
SHA256 c5c7f50bc2b110003b68fffa7a7377ae36451cf913620b770d69ee90d6dcdbbc
SHA512 26497ebad34add3b5eef9ff26e87172ae0cf2df9978a66c632ef36f952bae06387cf933bb8025f2654c397c789cbdcfa5ee5f86579ba572380c0b8d2d0cb1d41

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 00743a5653029f039390674041209f89
SHA1 9bcb60e085725203cd962e4d8624ca0511f11eba
SHA256 737a7a830a488543f19bbfc3ccefffa7fd90082cbfa03ab7145cd6870a76c6bb
SHA512 da685e0ebf46bbf4934999866cd5bf9e932f79597dd4563f8d3eaa1f00bd568f0676047559aaafd737579f7c020415bdfca87e11c8b08b69e61acb593784c2a7

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com

MD5 e6729017dff8bc083d27e64f378753e1
SHA1 62cd874a5780d9dedf62593c26b31538e68e3da0
SHA256 1c20909fd1ffd601c57b9417da670478cda6d93ebebad2d31c70b63bc38d3ef5
SHA512 cdda00d85113c4a6cbe2d140943c2711326de7bb1e252e9c554f1b241986659639be8e2f1f1929bcc780262b5a25aeea1749f00db42da8e616125ba8904ae3c8

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-shm

MD5 b5a302e128bbe34dd78e663a102dd8d5
SHA1 c0d0e9bfc771c42e5391d8e508a6cf75fee600f3
SHA256 fabe17271efbd16b098c258e4165ed76122204a192e8df06d1427b8b825e2145
SHA512 842850f5dddda19d21055b4b2d19e3086f8d40960caca2976f9c140cb5157961973bbf955854c6a5fbfb542644fd2237feb97179b2e7dbf615d0bd1f3666d286

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-wal

MD5 b363ded3301c020d353a6be53c81ff1b
SHA1 76b711a5440b87754567c107286a2a446c0f2e8c
SHA256 ff62e5397b3f522cefb4202a7a915d7a9a911c7a94df674d22078eeeba48db12
SHA512 c58e1715787bf2d7f62c2ab956cd99f73b2ad85297abd2a3ee84ee85821a5281de90a4a95b65785b4f1aee8c68590c8449fc5042fc0bdab3598348c70ee24c12

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 3f248b43816f48a4098a242b0f088c41
SHA1 f4941918256d9ba1e9789b8dd07694d98ebc9287
SHA256 42210d0d797605fa4ebdced3abddd25f3aea39cb0401adea5abdd5c7797c41f7
SHA512 70c8756237389340ae08f71fb85bc80789d83efc67663979193ffb6adb6594eb98a6f2a81ae563297a4f8169dd81fd04d6c5dd71ac24e7729483d5184854ec9d

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 02e76d739b73d89b12737fe024bd8b03
SHA1 772501aa6616a2cef956426719cfb919dd3cd866
SHA256 3fd5487cdc34c6998b6b926882dfdfc740ec25f1e89b340bf633f520af0bcab5
SHA512 feafede418a9b82582ecc0c643b8bc0f0219e12ef36007de4c0aa1d4c58134b49eaeba9ad5e5a7361363e80f91491964309146a6bd9e1db3a09472eb2c2822a4

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 4626ba36bb758718037e96e1c3c49082
SHA1 616636c7328e89ae9e75ab577072957cc27e6267
SHA256 d3182983223836a98edbe61b7ab3e5fbd2f7f0c4e6dbaeb917d500b0c8b92d5c
SHA512 a98044c641eccf494ba608189feccc86e6cd07cd67a227819ee149d89f402fddf90f94f689b556e37326f273a57b19b4fcc3d159c2f46698e9e7d145cd31e978

/data/data/goldenburger.creapp.com/no_backup/credentials.dat

MD5 6614f5f6290ac7128f57dab227c33430
SHA1 43a79c99927ad0955e207663b0bc08a7559ac95d
SHA256 4eb12d7c51908baf29f746ee04645d77edf8fe20d2b6340b3317db882b30e53b
SHA512 5bef54d9b03b7f8ceeb599f8231e00a75704c15a9ebb184911278742f0c87d5b44f677dc83478ad96de4a64a36c9fc32f0b5ed2662b47693cdc3e1ad9dc56244

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 05:01

Reported

2024-06-03 05:04

Platform

android-x64-20240514-en

Max time kernel

179s

Max time network

152s

Command Line

goldenburger.creapp.com

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

goldenburger.creapp.com

goldenburger.creapp.com:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
GB 172.217.16.238:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.178.4:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp

Files

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 704c0aa510fe7472ef62a1414e39b00c
SHA1 2a0042ae8c4afad5252629ab60411c965f53317d
SHA256 6af393c6c6e7c9175d06fec22c351369714bb42796d34411517826a658468c28
SHA512 65bc010f257120bddb87f6a3d1245be202a0429e7631b9ae296dee27f671545b37f53b15a7b9d9dc81daa0b205bc76270c4cdefdf874bac9b6d14433d6c7bc75

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 09754d0438ce030b6ca1fce24fa37c5d
SHA1 fc5618c939005bc2da0c527eeb7f3f09aebc5426
SHA256 db5f1068c4e1496e49614e0c8c4f92abe1063fc2f4fc559755b5648e744b4cdc
SHA512 965a939b97a34290a9e17f1b96114387d5eef2f18ce4b4cf1124ee726e6db74e33c8f182e785a1a701993252ee69e94a36f7ff330e157bc1050712249f3512bb

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 742d7a55d4dbc9d7ba61226a1c0ada87
SHA1 20d990240039a6f97eb34762828d63913891602f
SHA256 284747f5fa43b0b75dc6117e1527aa52b3bd79d10d69bb36f971effa27886f01
SHA512 2a8708be1736d109f8a6d5fc07a67082a56dbe9bbaa4a5fb7370cf93315661398592d6b5d94dfe6cec9f45ab3156c23d8dc5569b2b4d3695026bfc655b8fd9e3

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 bc8b1ad29442402dcf3292d82da386f4
SHA1 60e0b7da98dd4a2fdf31ee424229ab09d387c0de
SHA256 38e4dc70f283414289f61d17dc55da16e165c9aa30ad2e6e4aa82528a2405bca
SHA512 48586172f29e05c9b8a7762ca46a2ed74414c67573e904eb8096b3a93071f4e211c7f62e0515e71ec3cdee85582f4fe4af3d8bfabc6ff26feb04eb496324baa8

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 31a8c2c27c88053bd380339728557a4f
SHA1 9e923802f76321625997d4153ac6a925d94c5abd
SHA256 9d3847ca1fa2d23df84f9f98aef4d833d9e4a0c4f43e4b99bd06c77e00c5817c
SHA512 91ec85ce41241e33060c67977a3e796258b23e681307d9bb2beaa5417f35f15aa1f9fad1f9d48e041f25050aec36a99d0b7f66f75b4ef0f6cad22959ed569c95

/data/data/goldenburger.creapp.com/files/ZPkFS.log

MD5 2fd8dd0428cc66fd754e32b9f5384f48
SHA1 08bcfbd2bad7aa68153ab1a205f2e56e4ea8df83
SHA256 5998c40408586b9f3b7fab52e1f23b8d1279d00c8377438aa6f131fa1c2b94d4
SHA512 26769deb6a3fef4962f67f76f9eebe03048ba62ea50db32772b84acc71a47618314115733d6ba0040a411bd01526bdc288696d46dcf2cd96aa286f3ea76bb35d

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 44adcd78d1a2a1dd6179f5c846f9ded3
SHA1 d07b7d90fdcc2304809106e92a42df289dcb13b5
SHA256 c3a8f4de38aa8a0bad3effa847fede52c6e66a3964b951288e57c823714cda65
SHA512 82107f970b2a1e5f2108d381bf8cafe04bc9cf7ae21e74c167456962f40408df982f9d9e523fd971a692939fc5bf566005628353478857002580fd08def62d04

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 85116ae9bb6e7d6f0e1bd5a348c8d5f6
SHA1 c72a7312abbd5e17aa26b4abf311ff92acd2e838
SHA256 c24f1ef3e10fc3cd1c65016f5830085717053cbae246bd4bf2a86c4cb32be932
SHA512 4d73eff99841cb20ae7efd9bd17e6d5dda1bf15f8fa70f82b7c22f248fce84cfe2b7f6de1bd715ed4d198f85ac3eeff89a4ab63c569e126c92e379c96903b18c

/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 ea9c2dc01d788f2ed7ad6a455e32335a
SHA1 3da6ee06226734e9a402c3ef2b542af3b509b6af
SHA256 ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7
SHA512 5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

/data/data/goldenburger.creapp.com/no_backup/metrica_data.db

MD5 d46515ef3b55ab38c22f30368de18508
SHA1 dcb02831ecd45eb34a216c54ae27fb9a33852dfd
SHA256 73b5d6473a150728273c7d1bd2c1d08d7e59d0e94e60aa4cbae891cfc7929ce3
SHA512 1e12d77413c5f5251b18d577ea63c72eb8c696567039f6c2b9681152f594b3a98e37385b80e956e44c7032761583cac31356c9049a22678842a554399289ad57

/data/data/goldenburger.creapp.com/no_backup/metrica_data.db-journal

MD5 ec67d95d3904ca350a698f7458238c86
SHA1 228bcd51b44b38485e087e0d2af36b6c3a850197
SHA256 77c0f7b69909bfb2828dca935ec9cc3897b07bdfe6605a5c171832c8a97ad04a
SHA512 7dbfee28337941c1e54bc7dcfb3e1e53e429c273ed0d0a1e25e68467d198de8edf8796b7abda78ab63ccab264dd536bcf4c431f19a7c0840610b8ec8516ebcc7

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 e10280b9dbca3a1000c1ae7ffba8cb20
SHA1 1bb3814ea3776a93661fa58d667cd9a4fb2654bc
SHA256 ff4b0c9ca8d1ea97c10b276c6dbc98260f1120ef62d8e1b12fb09a412dd85629
SHA512 e630cb1c8c1acbc263251343ddc0960dd29b2176a861215e2e2ae9856df1e31bbf16bf18d3f57a2208a55ab4a15867f0262ab839e32dbcbf80e58aa680c2f78d

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com

MD5 a7762cf5f7f98885f2c30dfba19f71cb
SHA1 875ab54e94487bfaeb1da2edcfc2d2f7cd89d4a1
SHA256 b70a68aa2764fa8912ccc9cc426618dfa8a19a2943de03983d68e0638692b5a2
SHA512 4ca2913b460bfdbc7877376d67972c1999dce0744bc4cae3c1c636a401f5b0bd09b883746365028e781b95ffcdfb6c5c15d3f97ebcdf25250aa519bc042f97ca

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 1880f69664118c8e6059e8ef27c2bde7
SHA1 3802671ce48af7b4d9e2696a8f39de1cccc01ef6
SHA256 2cfef232f5d20bd0831e3a6fa9570bacc374e4ea336fd190bf72f83c6115754d
SHA512 dada51475564f6f26bb91cd10bb89d9a57501fbfa6347dd05ef552b23f332f84dcb1b50be43933fe31536e315d6bb7662712f2c09d0820d0ee02a4d4a1ca1ea4

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 33af498085985d47fe809671ef6e8ce0
SHA1 054955b5c3cc777e4f69dcbc4d2d009bb80df292
SHA256 63764f23ca11ca6e1498b87b8b6fcf071b1bcd44c1a3ad30d03d3c7ab9efbaa6
SHA512 ec3ccf32538ce8afc1f88f1e55cba6886e4bdd3b49dfdcc66b67a19c8f62a99cc10e8baaf771328cd3a8df2a61b63bed4493227e061748e48eaf311fecf72785

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 917a0a9ae20e9633e94d53f1c6ff19ac
SHA1 2154e16b1b0c5f29b5c36f2f31311bc5af2a0265
SHA256 217e51ffe7d827c56f3a515de5fe4cd5a8c7171ae2b5595232fd1ed59cfe94dc
SHA512 21953f151ba1574b6e4ae1fa8e17159ee9c8857690c76a3c09e18227482258d5565baf5a7b2ac9464fb9238a6bbbbf454edf637259703aa171d3e8219fea710e

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 6356aa0858b5721eff291e493a8475ff
SHA1 7492a643597fc4fcff22c91c11029e558dee34a1
SHA256 ed68ae71ee9d78a5b730de9cf04bdf1d586a0c6565e0b9b629862f52c19d6940
SHA512 67d8bb837f1250eba5e49f3f16ca5d869e0d79a763bd0c17c4b6316c698c0826a4648efb341e782b823919c18348731fff5090bc5a82da6c54693cdc2191ce53

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 01183837a93e28afe3320eb975a88580
SHA1 c4964532bc292e22df3298010a16f7929b88dc1c
SHA256 322b6f2f8ab07698ef6f4b91119efed9d830961e1c56c1364d00204ca94bfd54
SHA512 7f4ef98fac01522c2b37388138952ce06ffdbc3def39d700df9affd70254f1d05723c05411e6270b73344c01e1bd08162ac5bf86d8bb83e04f984517a014c666

/data/data/goldenburger.creapp.com/no_backup/credentials.dat

MD5 de12f4e73449ba83561bbf953d480fde
SHA1 e465e34f97853f87b595c2e4c8d8e8d160c225f5
SHA256 21d062bbc3a9abae251ba6d7b3f4f44f2566bd56c85718781dc84ed9975e5ff0
SHA512 1cd91523eed04d5a7c65bbd540ab2a70ef0d5d67e79c0105818f5e1233224c0a41e5355e9bd687e0c16f587950e925cea19a0cad75a0fbcd126267e4385404af

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 cb6593c4c437f10cc44514d78229f95d
SHA1 929096a02ca8935db409e6c442c9fc7633d9e86a
SHA256 48d663225c8353644232e2786708f9e6a505740e2bb208607dec9d1d36bdd465
SHA512 09cf793082b3ba27a25eef7cc4a3fbd1efbb5dac38619a4135c1e0f289a7742a79028467d10768966028d1999be711952e73ae4c12f762cb0cdefbcf90f0b643

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 c0d42326cacf47c8eba3ca2d083b4b71
SHA1 846af9803e39b1ff92e1a868baa9e3fda8c9d53f
SHA256 a1ffff7959e8aaaee902f091215d35280d74761c6a19cb370d42af31b82c119f
SHA512 d5b3ec484ef4916a0f2217388d0f01f9ec7c20b933cf3955dcaccc1831e0521d40ffc45a1a1cc62521d33c1a15fd4faa046f60025ae8c92a039d770be42313a9

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 3c6dddb30b8facc647ac9b54bebd1ec4
SHA1 587d6e1073c5e3bcf3eddff028f1812c4e722bd2
SHA256 470be16162e7d3d9e555dc59e4a06c290ca63ef828ad0a77b8065628c2cc7e8a
SHA512 f3d8eed8498b7c3605aa83c158170e8c0404cb4c7a0f8d973dd96404937a99bedc146af21f43c6237637e2c18a678f641c7eef53177e4c33340e141fda850a04

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 c08d57c159c3e08ecbdad406e179112a
SHA1 de014f1d88df51ccf130fe2eaae901f3df06d330
SHA256 e5005810af65429094ab63654243c655ee42f1373ae67efe538c744e40587e30
SHA512 e3e2baec591b5845fef512dbc71e516b215ca8d8db1b0d1534ed76f350117c8bf9acd25f9b4520b6f696507e2a8ccd5722dbe321f7a94cb5217c47dc070fc5b4

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 1ef0063e91840ab79f375961120d5c0b
SHA1 b6ea2ef9827ac59233c77498de185070a3c995aa
SHA256 bcb40b9417cd9bb2c4e877425280309434891ccb65d34eb66d46c93401071980
SHA512 47ace6737ddc217ccd8933f12be6a59d2e89c92b3a4474adb51f7125f4ee8c5fec7ff172859ab044929eca6689e59a19150404e6960782739316b78d70bd15e0

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 a516a3eca4abbc0f0a9dd4f66fe7b746
SHA1 8933a6ee46d45ba18f88db1c50fd552333141721
SHA256 ba8fb345ded1be576419d3fa5a0de666249be9fc350b3223a847a9e4717ed577
SHA512 ebf4e6b5f700669fb6079a6afdb69f1d16001b6107c3bce2f80c3dd50eeedbedebe1deff4ead2832869b9250f64ad2ae3c51704f40693a65dfc27be69e6e0c78

/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 8c47147a0d7cf3696c798e5baacd103c
SHA1 c295644b35de1018c579f04ffad2ef3d6dacbbf7
SHA256 7e1fab83ef3dd8b9dc737121cc8a7eb4f42bba709edef676ba3737a08fe9fcb1
SHA512 5efd4ddd9defea729c655f5cbab13e5cb818241049001ee1932780851a7be083af22585a0106f5514958136e49682f7409ab5ffe2c0320e38a54f22fa9cf5d3d

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-03 05:01

Reported

2024-06-03 05:04

Platform

android-x64-arm64-20240514-en

Max time kernel

178s

Max time network

132s

Command Line

goldenburger.creapp.com

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

goldenburger.creapp.com

goldenburger.creapp.com:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp

Files

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 d7d05f9bd8f6c47f0795e653a78f9cd2
SHA1 0eda16d5b6cf7476cfaadf8cf8f290feeec3a3a1
SHA256 309cfcf4d93a74582a69717d0647f510b7e47e9abdf7713ba569e5b89089e6c6
SHA512 d469e93568240e601aa90ac9e65b368e05749d8ccf269c970822e2e93632911a25830cfc3d14ead8f42b11cf20df314fb9d45df5f890672dfd1a8933d86fbd2a

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 1f68ed9d7e1aa72c24fd98de2e5d7cc2
SHA1 c945308439a01ef36fbe8ddf06518cb0e48fb91b
SHA256 56ed5a91cc96870a0cafe2d26e939d691d63db1d93b6ca89b45aed9678a099a1
SHA512 14094292761a5fc73145772b309310663e276ec46df01a1585772c49140a325e63ad7c3dd7eb3da031a7bbd5c2f29c515b1bda921cc19c12127a5d845615580f

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 a0ceb83682d01c2c7d8f438490b0bc45
SHA1 64e4153b69d22d75376ba1dc63b3392550fdbc70
SHA256 2149c7d2eae8ec821a064d4c06e92443937b8accb1ae3ba0f23f1f8d8f7015ee
SHA512 b3029a6e12e03d99c62cbe8e2d32cdcb21aa7b588dc888869992174d43ca192a2d26ae129105dc125ed77e0553bdd008b4a9811543e9102a65d5b072976f9263

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 bb5c1aceb039291cf1c0eec46dd90bed
SHA1 ff69bdf734d997e946a706b206c1e22de2be15c4
SHA256 807a3af8211850ea7882e47c989a000bd991a9810d4a6ccf6a03dbeaacc1f057
SHA512 400822c2716916b5dc44832ff156a42271fc88b0b2efb9ce86c889c6a7f260282143267556cac564da445b3dff7b3ced7dcfa49c72fc97b8319673b3be9dc60f

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 efd5cff4e1fcbaa634c81d4efa626f3c
SHA1 e406e063c4c15ec1792faad654144666a8d95df0
SHA256 7574884e45d10dea1c9f9a496221bc4fc015d32b969baaa6b634ed07ba9c5c43
SHA512 d0850b8eeb73a4b003dca62a0ab9e8a305b55e2cf0cef7f4f22c8619cecb8e9355a0d4ec87654ad3ba8fdc319ede3ad28a56f4b5174b8a46f89d9f1fac3cdff8

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 e5639b469346d3d19c79ae3bdc2f4a9a
SHA1 b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256 cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512 273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

MD5 587aa49e33b0e3b453ed33e54a917c4e
SHA1 e0934971785e7b95e6c50f9fe4e16518ecd1c2aa
SHA256 75176fea01cee2c4d94c63b32f195b50e7e3acd854fa08f548498022d43d54ac
SHA512 80dac25e97213103a36433c00aa06f0c91b45886b88e5c32e18b6a459aaf476ee798d4c10b4674c6ac9dd17464a3d517aeee5cf80fd9ed81c6fc6ffbf73b2787

/data/user/0/goldenburger.creapp.com/files/ZPkFS.log

MD5 b4dc985ec68bc9f1d9819e05693ab605
SHA1 ceedd8b2b9b430a558c5fe71b6f0e000961af10a
SHA256 af986095cd0788e32555afb3460064796d768847c7afc0ec0c43cdcbe75d3c06
SHA512 90c0c5209741547bbb09e5d12cc25903a3fcaa24d91664f588c533141158d84970aa20d319e6aeb820ddce498795e79665e3337a2aa8ce09aba1154eafbcff54

/data/user/0/goldenburger.creapp.com/no_backup/metrica_client_data.db

MD5 d01115ab3b3ab6cd76adfbc07994cd9a
SHA1 2e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256 477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512 bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

/data/user/0/goldenburger.creapp.com/no_backup/metrica_data.db

MD5 41845fc24758bbce26b8750ba5d76d0b
SHA1 3739cfdb182868b61f48410c27dacec8e9978b7c
SHA256 1004e3c4c6e8700ccfce87f6ab10ec87b8df3630fcd1447a98ab0e4ed75d698d
SHA512 9d9f9473b1a20265d8cc280f2cd4051353f84490f8ad7ae7fb9aab3e178ebe1c09124c98266a0594a1fcab070b6582500d25affb2b2e0757ae75efac89095cf7

/data/user/0/goldenburger.creapp.com/no_backup/metrica_data.db-journal

MD5 f1995f04e7d3bc2cbdd8906ab9bda8b2
SHA1 10bf1436d94840094995dc78411062bab8644c57
SHA256 3007a2f5e25fe98513f8742eb047d761533d703ba7b8148b18d338e723a20b49
SHA512 0d9c728803636e6212b0e2ab6560598db175962a9923462bbe2ace73a872f895ea0d2c3227b7fec74546a6428d7e8cdb0a35628566f36bd7f94533e7281574aa

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 3f34cf1082f474e524c4e54a22fabc8c
SHA1 639d7fbe4541dcaa34911d64c18395a0a6c20097
SHA256 f5adf96c15d9dd10a1290ce4bf43af1e52207e7c9b55fca2ad74412db0fe3e1a
SHA512 69be57aa98033fb7e2dde51205525cae43f2299184053bd9423d7a26e03cafbd8f39b0e99b582f4f86bff55bdea8654a192e7e4e356ecf63029aa875d84643ee

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com

MD5 946433446e305933e932d1f7f9ff6f45
SHA1 3dfce4fd940f5a5b993d602922c4131b0fd3cf68
SHA256 0e9c278be413bf1ce1490037ae4c7a40200c86273489de86436a59102d40f410
SHA512 87f090cd5ea10a1052bd6084e5a13461f45957e96ebad23969dce65a35e8613b7e1daf26b53478f64c39276bd09971dc312fa8128d6a58592e7e4ca2b5497a8d

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 2bf2214302b4686277d50be3576b6232
SHA1 b99c2e2e53f164cb3e3279a793722923069bd282
SHA256 b9e3b4286e772153f35bf916c073948d85a7e1c24f8930fd319d64380968586f
SHA512 7fb546bd5e91d4e816365a2a1ec9f31cd7246d53cdc3be342af54a5008839e36e2ea0153a747d76184dea987ff7261075d913c1f6287233ced651a467400490b

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 763b617b6c560c8d7779bbcd151ea5b9
SHA1 2459b18f0500c2b412504ea1775cc672a3ce71f9
SHA256 0f55a093d131ebcff6e0509f407d27e0d1151979d930d1cfbdf8ffd18c33e9bb
SHA512 97bd726663a014de85d53eb343d6a905e90b319eb6b085442e2b044f8f95662ef291a6a4dfc4dda51e8c7a31e5c83f3271299218c821101755427e64775524a4

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 a81203182281bf1cfcb187aa90d77b10
SHA1 2824ba8b396b6af1b213918eeb54b6324e863cad
SHA256 fb0bf383d03fe0bd4cca19c8c38161359076ea27c94bf8e40ea700274c2da10c
SHA512 0d77b74affb42fa4997ce0056dac8aa27484dc5680bc639e6d675d42f42808ba77a0d02299d69a8cdea93cc6a16aa894cca1327ddd734fe2546b03c28448f65f

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 fd12948e67b90b764368cdd7bcddf616
SHA1 363c4c68bb650fb91ecde978e362c7d55506dabe
SHA256 e1470738da38005a4c7eb96e466693218307a6c6943de1b71eeae53d6c93b510
SHA512 3219819506f154db23e627078bd14986c0581317dc68de3b70a122ac49e21e888c05ebde69a71af7706418ceaf701f0008cce4a04b834b65a97ea23b96ebb770

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

MD5 32516504eca58d59b3b0a2579f79eb6d
SHA1 73d8cc45826d5de6005f790e50ccf97f55dad741
SHA256 e0b9483dd317f996e261081eedfb75c86dbb9bbf1e30ac0852bef5c5cdbd5e28
SHA512 c9c4207b3ae79d7f23426cbeacf96c9008af5d0a7f9cdb76003f5a27315b4a920c49c7ee71a899e5a4a03b7438a889793aa10f2d3c56b30ce97b8560551a640c

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 e17eeca9165913ea6e4c3d356c6350c9
SHA1 4b2443646ec21e8cd61e4459735458dc594709b7
SHA256 229da159ae1ab1890f37a8015ffd8161a4f070b5db6a6fca1c74705a60226d72
SHA512 2cb76bb17eeac30636d4af651862917991d7cdffc23d2350bc3cd4bcd7a4ad15936c6c69db9881fe7f002eadbc1cf120422c1ac4c5204b1db2b5b869cc49eb26

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 bdcc245de2c1c5c70f029893f70ac87c
SHA1 1d8f28b3b158e40a3b132af60ea555bab1f20bdb
SHA256 c98f6945399f5d0b386f5653b95a9a46aaf7943257729aba42190eba28062bc4
SHA512 8101c7bafc6ded1f02f416fb896332cf2541bdd5e8c3c798c958439d39a43f8150a640ab3b8c9fe1ad70d5c21605b73d787904d883af104ffd4b58f8c6730d5d

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 b6bacbb09f7630dcc4c3250c3fa950bb
SHA1 e327d433c50e1130746e35fd120f7aa4a0ce4db6
SHA256 bf03237670524cb89061f5b270ae3c14a881f61c37022ba441d3630e5f001312
SHA512 e4602a2c3bd1ef4c85f9e000fd6953a10e9ab0deed4c9238247e5e624646584ed8015504e56953584bd5e882e018f779e124548e26c360696d8e10e8216637e4

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 4644e3601a10bc2037ae38c87f707be2
SHA1 e2355d1331817702b6137f10295c30f758ad27a6
SHA256 cc534f44c28db53b5e312302d9918096458deb26855fad631f66015b3c0fe0ed
SHA512 8ad6b2dd85fa9bbee3328e60bb79e09fd22eb305d62e059a1fff436a1916d48b108b6df0b149b4439444bad5d0f51b8b5b928de84286b153a519185ef212fbb9

/data/user/0/goldenburger.creapp.com/no_backup/credentials.dat

MD5 186b7e8ac30fbdf7cd9eb11e0798f8f1
SHA1 ae72acbecff3e68c80a332f929d1102da2c9d1e1
SHA256 e9c73bc45a70bab84c9464aaff357bb719fd525fbaaed4ca81dd38eb3d58cacd
SHA512 70d40e66d525677d4a441ca1b8a6653077961891a893d417f4dde310e8a42a89c0b580f2c070180d32fc2d9a364872accfcec40bddb30e8ee1e1d1d77a00a6b6

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 82544e55177f4335c1d85a0cb9a38ff6
SHA1 6607a54b06f969dc939aa2dcf92f547880325010
SHA256 7d358a42441d7de2e7ddecb23bcb57401af11d1922ba79889f668222c18b34dd
SHA512 3f982bc3940514ba7008dceb66e3f5754c4492d42c53be60a9973499f31b9108ac50dd9bbd9bcc72dbf431abe006fc5c42ccb2a999293e416395135d7a505c69

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 9352e3bc017b6fef157a69051e9bdb46
SHA1 4496575dbc27b12f77c0a46b399bb0db83312018
SHA256 9bae5da092430ee7c09b8c8c5f80647ae17f1767e00dfb8b6781da67a642cb21
SHA512 14629eed335cdd533d13f7af2cc1c5396242538b4bdba8b6ed34b2ca29bbaa8dba2d6d235fbac7d940f74ff049c21d0104ece111da06cbdd8713a4864a49b7af

/data/user/0/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 a3a95ad6a2f31fe3c8d2d434d7cfd9f4
SHA1 24824b12fa52770acb7830cfd3aa7dd75f67f731
SHA256 57d778a96237f537698f198884d45c723334c7fd5ed46421ef15deb729b787d5
SHA512 93a90e9f028677126097b52e6061b439fd59721b35fc1cea4cde3d3a77f279c4b9887efdb437620e804eec37fe4fd93dff03103c4aa5933511bbdbc997f12aec