Malware Analysis Report

2024-11-16 10:46

Sample ID 240603-k8wlaahh51
Target 9140986b805a5582f5e071dfb76f94d9_JaffaCakes118
SHA256 d2139ab5f76dd6f5881260dc79113cca5c7a591891fa5cf6edf373a426de8f4d
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

d2139ab5f76dd6f5881260dc79113cca5c7a591891fa5cf6edf373a426de8f4d

Threat Level: Likely malicious

The file 9140986b805a5582f5e071dfb76f94d9_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Registers a broadcast receiver at runtime (usually for listening for system events)

Queries information about the current Wi-Fi connection

Requests dangerous framework permissions

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Checks if the internet connection is available

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 09:16

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 09:16

Reported

2024-06-03 09:20

Platform

android-x86-arm-20240514-en

Max time kernel

178s

Max time network

150s

Command Line

com.gentongsehat.fudzapp

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.gentongsehat.fudzapp

com.gentongsehat.fudzapp:Metrica

Network

Country Destination Domain Proto
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
GB 216.58.204.67:443 tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 arb.grattomania.space udp

Files

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 d294ad71d5e0f3ae99a75b8ea2558a1d
SHA1 206ba38f23d11c65eb01324489642cd212163b11
SHA256 844ccd681424c12fc25c6f1a255d3400dfbe9bd14641d7d7fecff492f062d354
SHA512 e6f5459e0ee8f59306dc48e6ac1a50b045756ab6b7853a47c892f1eb9678f5ed4836b991b1496a71f28757ebcf4f2bd0ce0af2948a1ef364478f5a2f36aaf808

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 d080869a11994bc590f2cdc8e0b37821
SHA1 6166dc4bd7cb58b185d458f64f1f64d0044a67d5
SHA256 838ed0271773e3bcc2cc09198bdb430cca5b15093e26dbe340302ef953a83e3e
SHA512 874336c092ab8bde3cb5450f85822e233a6fc24eebca6c4dba745cd852004314755d7d21f3e01b6ba07cd4f97ee25b4185ec688af1d0459f434e4e86dd26454a

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-wal

MD5 9e7d5205432a928f306e628e5331b581
SHA1 bf1b6e9d09ba03a304df9ac60a90a9b4744bc327
SHA256 faec580e86dc8f17ffd1ffc7ade7d61fe5d6456bdf0b0acb790494fd93217f82
SHA512 26ec24c51aa27563fce66f1938d4d015eb7db4d5c30e0f2e3d388a9a1aa37deafa0b43d7fa925dfef33ad8be4e6e4924010ec2dc6323fa314f3234e4586be65e

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-wal

MD5 163606b2ac53616e7cbd28227499447d
SHA1 165848632dd5e9ffab3c8486ccac871d56a9cd9d
SHA256 c82e464790bdb92327c845e66071b9df64df86ac58ebe5310ffd313572b79235
SHA512 846d13ada9ed3ba22cb4886abdea04aa4b2859e38e0aa9d793e54a759c77cf8114b8efc52f94cb12786fcbc0d4101f0804d409ed247ad54cbb86386b0421b817

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-wal

MD5 1e5e6a9018175affec27792d308245c4
SHA1 656deccacfda8c14f7359d07671cff39cd855f60
SHA256 0dc560a84aeda12bf8a5b6764910f69c3fd67b71d992e8b917066ffbabea7615
SHA512 88ea157db2bfce9b6798db2db7809f84b0ca78878883888745cf667b5d25fa6d99715335473eaece512eb86f4ed250b14e505c32ab20b6b4605e29435052741f

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 1bca81dea2f344076f63db8d7e238013
SHA1 32a5c8de66b24940585e1ce9873c964679f16dc5
SHA256 a3632301ef0754ddb8758dc7ddded2c46dfeb951f556dce3c1b739f4ab9d4c4a
SHA512 cb031252049538adf102f5c05636a1c2ac7583b0dd39f84b3b4943cbf0ce8a4f1c2a7dfcd4ac807a20beb9a1db3d37f59d607400723c1b829a755f94a8388908

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_data.db

MD5 5d02d9d42c0005f336c339ba7857d63e
SHA1 3700269a9d49ed56096137a79591173b71704206
SHA256 abcd4ee63ecfb94dc816f3c12d3d3507b5a4ca79dc455e34adfef3c34c94621c
SHA512 684f1b6dcb8b9821f6daa9dceec4984116d07d93aec4db5ea74edd8644dc3d21cef4eb7607b09fbae06383d6f7a53d3face00128c8ee1e669f671ac1bbc6775a

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 52af43071879983ffedacdb6f1c3acba
SHA1 08197cb29a090bba3db62e6f4b535975839d7e57
SHA256 3112847dcbdbebd9b77762080a93120e82b3d59fe3fea035eaf03a419c9199b1
SHA512 b792a2cd648fbaf9650569a043bda8cf60ce4498789c52583de2d302cce97ec3ad2d29731bed02542182abcc28de7c24d4abf9e146d66867b44765c921187710

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-shm

MD5 1cbbb3fa36459c4f28927e0be64ba275
SHA1 ef32744c976a24677bbf46549c18bbef13317a96
SHA256 8eb303694ef0ccd09bb6860a74b2a79e745e5d5304612a769efde58ed739cea1
SHA512 fd82dc4ff793691f01f7bc51279ffa7b8c992a3cd2f3f1bbff6b6c08ac398370d9851b0304172c8f1bd4ffc910ceb061c33af3774f21d99704c3de063317fc39

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-wal

MD5 7e0269953b63ed0a328447b4c53989a6
SHA1 32d0c5df69008f6117e8cc83ad1c8793aee07256
SHA256 3baa1287d34ab1594adb392d4a551f48a6aea39a559a7ea214bc52f34c8fd6bc
SHA512 2a1b82481d7c39a8a6480c1463481874e5ca2deba9f7b9da1866f19a7f3c4ee2ad8f132884142d3a71743d289a7d2ff5d8f523c0a7dde791925559c1c665292d

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-wal

MD5 32fc4410cf58b47adbd1cff080701034
SHA1 e97cde08dfba028414438d7adb68d0343ca06fa3
SHA256 fee862bf86c1deedb40111dc7425284e37efbc07822a3bcf7beb6e5fd8652760
SHA512 f0a62d1ef7f1ac6992fff807ecd37f1a79f48ac95e910ca3ffb14528f4188f4bbce8641efe1e80ca4f0709a498eecce71806c1dde4a547fbdb03b5a2bf0600be

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 aee09f52594a69b7436b6a4527a80fb7
SHA1 2f87b451fe8f91bfc50b9f974158651099ed61f4
SHA256 ea3df2e6288d5205081d9386bd0d8cb682b79eba066bd5d9ea34c85e6d71961f
SHA512 cd27f44879b14e6b214654c61c16448b8636da0306635ca21a1ed7509dcf05b844b5b0129530f2ce1e1407626433feadf23f35bcdac89f2328fb5df7c78f2722

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 cf104f75b697f9b809da61d140ba35b5
SHA1 c1c0189c36bf126ebcdaad3591caa1c27b9157ed
SHA256 5090bb958de8bad65d328c29201a8c6663b9951a53b3bc593684b44a028c4cee
SHA512 6d2bcde681970ca4a82eab7fd3c97baacfb4bd43022d5c3f9bc8073291752f318d6985c1f484c6c44d9c1ecd36ee05d6606e69191bffd21dc672065483ed4417

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 31bd92e87412f7f119c5198a9ae13659
SHA1 297425004ae8da1851a0c87f40d48754e7525c38
SHA256 e16cf35f596cbbc13a071d09cb49fd4f428e1562f4a5422aa23e75ec0ccf868d
SHA512 3826401e72f115a069b10f0967b2df33f470fe5ac55f0941eb70ec06c9a0fd1246e5027411b9f239bdb3007cae92a2c4addedf7c6d89757d91c6efd4bf8850e9

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 013968c701afa3affe5e1100941a98a9
SHA1 f2dab0232666b2df1fd3b64ab0d9a2cd8042a4e9
SHA256 585622c8e0f829aca873dea21d520bd86629646314b740c12b4b58db42ec28b3
SHA512 3e9d1cacdd56b55747903218dc50c2f19c355cd8bdf205f1c5d4d04afd3d404b2f0b8df83fe1ac832874642c164269d789dbf21ba78db2ada74932898054714c

/data/data/com.gentongsehat.fudzapp/no_backup/credentials.dat

MD5 6af4035a8a14c5bdb1411c44ecc0ea72
SHA1 f3db7ab93556de9e67e31ab5e7038c1212283d8c
SHA256 18c9210507239eaf361a7b6118ed1f3031ef190b58c327cb16c6419208a71ebd
SHA512 d5d4dd9c02a56a7b7179c87acd067724d93549f23b7ed1a6bf93815ab8a2705496cc4df6dac78e806b7d6055a4cf18a53f8a968c7c5a0528a05b924ef5eece40

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 09:16

Reported

2024-06-03 09:20

Platform

android-x64-20240514-en

Max time kernel

177s

Max time network

131s

Command Line

com.gentongsehat.fudzapp

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.gentongsehat.fudzapp

com.gentongsehat.fudzapp:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 172.217.169.14:443 tcp
GB 172.217.16.226:443 tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp

Files

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 74b067681ed71461d68adeddf4193fc2
SHA1 518839965bd82d6268e9d31b1985ced2c7851bf1
SHA256 5aa5447ea7cdbd491464d634a7cc131b9056737269e6beb7eaaadf74c8908021
SHA512 55c519179f4df2757357010c8c46e0b35b809d71c33da94567642fc7dc0867a080461e4302a76add91b52402d9cbb09b8cb72c25b66b717ce214917eec23c927

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 499e7805791dea7dcfa315cf82001dc8
SHA1 2bd515b6b72c03f68228fe80f15d7166e8a0351d
SHA256 c487bd520bf56b6cadbe8bd8e205802784c2dfd04520c34142cc552eef48ded7
SHA512 61c560186c7b0123eb46ef5c6fec8a09cc379f34118c3bc1010a245a93769d15087a23065316808e78ada9eb2096e555d9dfa6e9e42316a102e2cabf6a60dc44

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 58455035ac45c8b18955c9e1962a4f93
SHA1 2ec4cc418e48dc3e671eec0bb67f2569762ff520
SHA256 3b5ea6658913169be32a2848f41e069ad27acebae9d9c136e8c2427e5953cb94
SHA512 8805bd4107fe79711542375038fb7e48cfc454bdebc979573c71f7c956124aef6ce27257eef56387bb10c07244ec0578afcd48eac2da8b09291af975d8a05460

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 ea7367962e459ccf8b6811ca14054659
SHA1 16bb393368057892fda00b6f370a119cf1c7de75
SHA256 6ef3904d7084e2815243213c904231f1e9fe45a1169a006025949920dd3b39b2
SHA512 2c21711f0750ea7caee0e8cfd29cbebbe5b78aea0b6ac9142f04f124b87d242e5752b305dd2035a5baf634e475cd0418122cab56296a32c764280b0820972cb4

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 6b367b8cf0983c0253330f8d7a3d907d
SHA1 d6435340349b88220867cbaad6c7ed495672ca77
SHA256 188fb3ba2dd2b06b818b9881d1d8ebe6f2f57fd20a259a5abacf868427981b8b
SHA512 8d459df85d474f07622d803261e3a1003c5dfd6298d9c49d6f6016b79c19c60c0ce453fac512f0a972f5c365d094137899fbcf1ed156ff817f88d9a9c5f9cce8

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 89037a00eb158e168cbce9b871b007d1
SHA1 a441d16044acbf98d96d6c89c179fe25ba4606e5
SHA256 31788d10182d77e1b72cac1498426b52678e82d47c700362e7f346b8361f2dd2
SHA512 8ea0d0f8af19a56a7bcc18972f87b4c0c612f1a9252a5499079efd2047ff0994b6b2baa4b4cc2fa4f244e894e605af897afae3d76b5e6d6630e98fb52112d02f

/data/data/com.gentongsehat.fudzapp/files/ZPkFS.log

MD5 38e18008d3620793b1da935a5340d004
SHA1 43a920c502e6e4bd781e22cf2239aa6d0052f30a
SHA256 9c6e3f0c78fb30f9e8e8faa70d6a3a0db506d097542fede2745ee21e82703ffd
SHA512 5897e57e012668ad93de8fe798f7f2e015b515ea6ce5b8413a3a3be560a3bf51bc9b90a9920c42924c96a241e865ee3ed4545ea2032aed11229b8f52654b8b85

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 8999850f31436ec465f582eff256aa6e
SHA1 1f466d39c6f9f4f5cb68bc46464eee06e4a2a847
SHA256 67522c1d1cb12eb0e0a5d0be60651994273f2a23b0626183912967bf075bfc32
SHA512 74d25182c5fbd6e7adff3338dbbfc5b844505a3600e689825f457ba0ff1ec1a1c57727640058de6933524b9619d2b5fd723123340e095edb29c5cf7c0e04a910

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 9ab0f1189462b95b88f1d67f1d56588e
SHA1 b71ba742eeebe5669b8a6d0421c79809de4713a4
SHA256 f513041660e03eec3c6bb45a63cb5336a5beda3e60219b8a0be5dc65be1c55da
SHA512 e59b72cad528dfb6fc3fa86ac4bc709982f6996da94a070121aa35892b2dabe0e396e380369798da5730d173c11d851f7db6455f78f5c4b446f8497d71ffef7f

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_data.db

MD5 b4124d81b24fb4f506030e8a82937d36
SHA1 0d663024b708317ad8b16bc8620ae3abe2ec3598
SHA256 1276bf3a7d821d10686e6eb18ec12ef5092c9f2065895bf504bdaded280798fc
SHA512 fbe34d05f52674c54bdc74b0387e16b0cf31a9f223b3091dff6520e7a8057f8488b3ca1ce8e7f85bda06066a001cf85f5fc659f112db3caf4b311dd381747e08

/data/data/com.gentongsehat.fudzapp/no_backup/metrica_data.db-journal

MD5 a9cf0e7b406ffc579360df4c123181f0
SHA1 2cf287d1d7a96c9ce1e072981e2150ebf36c01a5
SHA256 e22b82ecf27fb92b1f65d92ebaa4b6e53e9e09e4eaffa572c578f23aa16d41d2
SHA512 4e4885275c06f5df22e4228e76cca85b2da31b3461a359d45ba836b037787fd95f8660bcb528170be1c444dacf471e602d9ce652fe1811b76c855703d7bf9e68

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 8b1940d31e7fd80e692e19dcd94a260b
SHA1 94a5bfe6bbb11172b9c84c96a53aed85e3300a21
SHA256 42b9a2b7e9315631f06caf2431c51cbcae11faed9262d832d6ab3eb1566bd40e
SHA512 fb2ae403ebfa1501ad9189b909faf5dc3d275ed28e5d8fc9fcc208d7cf4a2e42c45dff69a90398285215c6ac9b3028d13dab16e3679c741b3722ec4d94480460

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp

MD5 be12a3d9389c925011867f48f1e5a520
SHA1 3b9d125b28b7b479fda698ebea9b5428c8241cbe
SHA256 f957bea630eaecca4da935b31258eb2441774df2b1785ce68525d931954f8d87
SHA512 3dfb3657c35cb952cbf960487b57a9a42cddd7aac28ffa6ba7482371829cdf01426015c0d6ef783cc877c3188514e4153bcf0de8ba44dc9d115450644c80e4cc

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 261a36d0bd1221b0bb353f02a2e6cb0b
SHA1 6c20705ab7dd9d78d35904631c783f0bbd5fdce6
SHA256 10fa071209155a4e198947907d273304f753b27842fb39b293137b6ecd8730dc
SHA512 dff659e121e0f0d72a27e9a8414dfc0e33e8ca9f90c4a2972644049ca08761e05e9fec13ea1c945f3849ba175c161591a5331eb7ad4580ae2abeec6f1857f659

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 8d8abc26a065baf1b2dbe908cb625455
SHA1 0ffa613d84092505edb6b4e2fb6a3900dae07fb9
SHA256 2e2b524620f46802608f343e1feb2cdcc8875b80d9701b258f24b202adab91f6
SHA512 8471c25d301eaa789c6ac8e84beb044f78b6b69baf360b71fbda1eac24fdf69d62ee2dc000f9c4abf6e29614c787a5a5c69d3cafb01ac00d1c897f65995cf31c

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 bfb8866e9832404b1ff77ba98d4fb605
SHA1 2c85bdde0ab517b8fef1c06a11a1897b26afcd84
SHA256 70ed9a88d6df092b395edf665fb8879dd07278635cbbc25a874cf4a097dcc055
SHA512 9ea524c78d8ededafa66649766fd2637457bbb78889506a51f4be8f5f80e0abbe0a205d86e2679b735e3953661cc51b0d081206cbace94fb22f5b619dc5c8b73

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 a735b724479306ce439aa75103a45ba6
SHA1 9345a4766c65b45f68bdb1181d3e670d099f06b2
SHA256 288328ad06f111740bd16f3dc067353bd4fd66422738055bf112cc149f996f8b
SHA512 4727d7fbe9b7cdb213ff818bf298829f803971d98c2de54c1dd858d60964630e71a3e6982dcb7073c6f37aa686ee7be0bda66502d3288efccf96528e1d4f8928

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 2b5cb808d570170fa9c2d344e5ef430b
SHA1 26a889bbafddfde78f1d54843c218f3da2ff4e8f
SHA256 acc0b31b806b31723525558e236adf3a3ca15b941fe0e52057c1a982d2434e68
SHA512 32ecda61822547a11033bc9df402737e11e8b03831a4479b103067d57da6c60070c0cf168314f66d3d004451062aa7da6b868e018bb29a575535dff3ce6f6f99

/data/data/com.gentongsehat.fudzapp/no_backup/credentials.dat

MD5 78fe711ffefc1faae4a911cf1b55c391
SHA1 f0b5a9700631163a63bcb003420c734ac7dd7f93
SHA256 6b6942dbeb2012be5655dfba239d1fa8bf395271c9b33974c125c053c6ed8b14
SHA512 4bbdc6a01ffe3aa8e1327635fb5c8b4b0527486c78dee8659ae0dfedfcfcf5980fcd8eb997a4315b21af9cdfc0c6981b2a674e3088c729f1051388af3dced661

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 0917f12cd7a1fea01f2573cd0fc8bf94
SHA1 0b5413d2a68a982f9328ec74a734f5bb7d2f56da
SHA256 afd976e7131c74947f49be13fcd031290c410bdc775aba7be5ea768f4abeed53
SHA512 5114ec0c766424fcf37b1cbe0d2c7363494eaa53f18bb17108df40eef9f095ca4c2dec277867eca3208cdd860486d4c10e6f21e962ec284497f6e006c3e94f75

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 a9b2ba3ffb527ea75232297d82888c6b
SHA1 3fab3a19bed8632db1b60ac1652eab94edaa1230
SHA256 f90152d0d6872c5baa4e49fad9a2d38cb1e3e0198d72e7ba7fcf686c23b4fa96
SHA512 1c906ac774fca52e8eea14ade8e07ea8e28b06d7924a6c527c51abb11eb7dc2c96b75c89cf03d1d216b1856891272a8f55ca20317ce501ffc79dae12b1186ed5

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 1955d12c132d14b179415543c6240a15
SHA1 c61c5c9cbf23ebc3b5d9ba395e48c5e90a40c5dd
SHA256 a0e64bb521e2ee978daf8825f023d47a04ffc609fce57e1c84216f2681e00496
SHA512 ffc9d60ca8d3343fa32d687c2c934f5c0961378111d3a842c12f8625599db28c84def3315f4c8ca26c084d63d87d1727c1f64bf4fb0f0f76b4fd026b95beaf4d

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 bb39fa40d2d0ba9c6c984d4dd1067422
SHA1 0da23e9aa8a1dd93a38ea119147213480ee87105
SHA256 cd0444344e21cef2c05bb863a04cba72e19b7aeeed1a280bc02fe7ec1991e02d
SHA512 2f3af281d318336953d233f250a9692478abb6db353486ed9006d534d0ffd77358032afb83b4ae0e52a847cdfba12af1c1af3e9b2dd30b7fbd50b9431325b9b6

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 4656feb6ba555dc69768e73640afb72d
SHA1 c9e8d3ce1afa7a0ca97a5eaa5fbbee53b0084dc0
SHA256 d8d6d281e3c52c3baafe47999d377973719163ed067e46d7bf302bebf9eefc9b
SHA512 3417509b1527ae9229539e230a8caf8eea48be4e16dc623f735db933af7dddfa2e85c7ea173211eb0b4c04584100f9fd1be86e4ae94c6e0515b8200994140aa1

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 12a66588515ec97903f42250d2de63b9
SHA1 84f8eb1d8c65e9e42abcaa3ddff0e0a667af92cb
SHA256 472e052c4b20a0a6474dd5963759ec8c6fb7a1d388329d223e1c0296121619fb
SHA512 b0439db5d9d84fcbc7bf66d5a1c9ae961c53d5872fe2a0abd2d28650308c3c64593609aa13b0242f65f20363bc109814cb04ad52885b83e0527d266a2514dd75

/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 27a41aaca7ee2d61d62a0f79b9fc6ee8
SHA1 7f02ddf21c7a5571a7e661519be0cab5b49e2b7f
SHA256 9d7f0db5227ed40bea140f5eea9ed12d475d9dc0c4ba4efed2f44de349d01dc6
SHA512 7cb3f064c2868a04ed9a2975b35678ad5140906a1dedc1dbc9b45a24250582fe268e44b2dd41c07674f75830ba2d804094c462cc30c44f1567187abb3f2c18ab

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-03 09:16

Reported

2024-06-03 09:20

Platform

android-x64-arm64-20240514-en

Max time kernel

179s

Max time network

132s

Command Line

com.gentongsehat.fudzapp

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.gentongsehat.fudzapp

com.gentongsehat.fudzapp:Metrica

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp

Files

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 18646fdc0a85af6a6f2a736e47b84264
SHA1 ef663c8ebb133a5b634fcdbf888d4d2d5f00dce9
SHA256 6f8b180fd08eb9be8d56ecea98ba30385ef9ac255b7369cc8d22ef5bdfe94e00
SHA512 f6a5977d74a7d0c26a2ddb4f90ce7ea4f35fccf6cbd0bbc1e43e6ceeec7395957504498840fd6f9d1058b2936eabcfe6e09800e0c3e3453dec0da46b141ac74c

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 e8b880926e636e6ecd7e64d69804ad69
SHA1 178459cc676c31ea0f1b17ed9a0fbdfa712c0a99
SHA256 5191957c9137743505cb4bc0c1bbb5b13375a1bc1eaaeed3cd11e1bd5ace15fc
SHA512 bf7129a65dc08c2b2e4b4ebfccea852fa3c6023edaa444ebf18e730f95e83191848e867d7d20b89ca666f4995cc6d2b4ada7c3b9f7335d0d44d27df782b93ad8

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 1a8012e3dfc337382a620fd79877b638
SHA1 3a0accb417a1f24c6b0d488c6f776bb6b0b7c628
SHA256 8b386b4161d0e3932bfe5487074a6c9956ebf21d4845871d75093e05d8a19d82
SHA512 6d7dd764815a5d89e47e482e0c6aaa703fa72c30bcfa9824066223816d8d466344c48bbdc03ca4c29376162e7d3107870b56715ad3dece12056b737fb301035a

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 3bb4e69772d88ca34fc820227d53d0e5
SHA1 be15516be6d02aa76989128cfd74fb159f688c19
SHA256 ccadb7769d1fc091e8903377055f3583683f54f71526056818c1abab5e8f7595
SHA512 5a11e316d9ff8469fe2e42e35cd723ffce70b035b09835c2eae6214687b6bf20c3a5c94f671a7af3181710b6b1134cf9097879db6dd2a78e278c93289f163e93

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 78fd1f3014fe7aba0087349a9eb545a3
SHA1 188f39f020d87e5efb65c5ed80b735ebdab7c639
SHA256 87cb346932c7c03e06f67cbf92cb34ef4f8a4d457f3a9bd0f3255feb338e50e0
SHA512 465d4d8d9247354ec4d5221c1a8e201d0def15850bd549a81c36bdb0bb5873b3545c51eaccfa238ffc2de09045044528391582eec0dd501d398af017e53754bf

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 e5639b469346d3d19c79ae3bdc2f4a9a
SHA1 b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256 cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512 273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 4cd1b1106c25d08467952ceebc0f9221
SHA1 0e45350ef003973e17c039a9e439afcf67b4ace4
SHA256 9447ae638588c40ba47f19accfb2fb2edfcf35621dd34461d15e63ee38c39aa0
SHA512 36c698aeca5ec6cd539ea3c2a471dd467ec9f7eec29a15b2f7fd168475d67b128282977df1c98877a0e6e9b8d5fadc1ddf6ea3068fe74162b2402b237ee0c524

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 6d7dfb781772c407c4ad588f80c2ee00
SHA1 febcaaa134836e0cb8c24fa1e333d4a3f3efc751
SHA256 ceddf3441940c7b33ffff065f16b96f54de86b5cba6260494ef087fe021babc8
SHA512 0b88ba15e613d3154f6555094222597e880ad790a19cd2d5b8e5cf4dd5f1a6c3e652a1606abaee54d6914290b739368b9602101b449f872eeda73e08f906afc0

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal

MD5 05a6c36c0aa3c8208b492034c4fb26cf
SHA1 e958e4bb77a632a1dd6610eb4231f0fecc6b59e2
SHA256 25c9033211936f4618aad5339aef0b41c413f5af99913f1395065baf7e2b939b
SHA512 67b881835f6ce90e6559662342b59d1b3958b9756cea80d0e214f047116e4e52ab22c742d5437ef8c1c71e6350f042180deba46e67464c0686f1237eaa1fd74f

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db

MD5 f51a769b3cbe56981f1ee4426cd63868
SHA1 76ba550d4bd3e3d49e19e27f122e5f413ce2b5dc
SHA256 192e91baa7f355638eddeadc2d77ac98bd489509c849fbef69286587aaf9e04e
SHA512 83299c9e35d6f72f7e7fc08fffba984c624d701d136ef1584089885995caa5797b4daefaeb7683f24fb33a4c1492ebd786f44a70a133415c84ae1c2d42723fca

/data/user/0/com.gentongsehat.fudzapp/files/ZPkFS.log

MD5 9a9fdaa26a8dea30e0a85a390cc45625
SHA1 1249e181764aa79674873cbc77400fc01fd2a410
SHA256 d62f7cf8451d3c8c07ba630b7c30e5756877ca69c72a2782d249c96914b679dd
SHA512 0924d9ee0ba2ffcf4a06328175a54d572a230c577fb9bbedb199088ca54d398d59fca4ec31d2c3c39cf5d19a205755f8eba6b4ca931af633961c1eb867be03f1

/data/user/0/com.gentongsehat.fudzapp/no_backup/metrica_data.db

MD5 4958e7641422b5e038505078e0b4d0f1
SHA1 111d5364db594bf450b82715ba71061b8bbd1161
SHA256 fd17d59f8701cc957edc67e2546a7cec091f8776de61af6b21aa30a6437eff61
SHA512 aa31fa6d36e8b5d3ba344d2a677c3c3280f139624b5b50d89e18a38e8a39f12790aa076edefb63d4636a645b1f8f3fbb772add3b69e87f8916d5ae383f401d14

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 693bb853fa96c766a71142f11c955b0f
SHA1 5f4fac4478514f18c197bda68e1fb98bc4b4bb37
SHA256 671e103ff5861b732c3f9bb7c08b72c398b7b07d13c2a06eb4c3b0348236553d
SHA512 7cb4869d49659b175899f290ea7e2d3f09f39a6d460457769af0a6024e1da7803ca0332fe7b7f94af421e9accc7630ece7c2efc0018135e489c43b678b9a53aa

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 2b906a7505a5a64755dc1b4c18f5963f
SHA1 97f71bc8e1c73b3e718c9da8ec79803a7a5ad0ee
SHA256 19a5a0e3710c08a4f220fcbacb53a5a456cdfc72970ac526af3280868838b17b
SHA512 df4f4445ebd925723077f24c105645c714f420a5025ca155367a20bc571eea5ea824c8acaae927548887c55450ba18a60104a201605c55a67fb48f995bbffaf3

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 67aa9a43f701ea139faa23805c7c7109
SHA1 c5a4651c708ebff1ea8abb1ec2db4ddd6541bab5
SHA256 25753fd9f63e55706a0786a21c14791fdfc94c23d95820f932c47d655b11f532
SHA512 25972dc7e74c4debefc7089454b8a8c0f4c12775f82de095d9e5773bc89c150a93e209aab22d9039a6a79ec9a9fdf82ec6fccc842a27a93e32ae50c1d771fb57

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 05b6735b5f9f8977dc9983343b508268
SHA1 b78051087e5a30afbc9dfced53ad77cb2e142cb6
SHA256 c2a51010ef491b6ee200e1532b0f39174a3f1555f6e15822bdb1cc6b41752d5f
SHA512 ca9104fc8f00d7b398a848a9934275808677fc73874717f5cffd1b27d41e4417767ba5b001ef4d0d91ffcaaa3080938aa9e2f4e975d6085db00e3d3429db3cb3

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 167fe86d24d9131ca93101d349d04108
SHA1 0f4c627a40d01aa3c3e163b2926a0dc1e1c45200
SHA256 f9a449b9ddf441620012e5580c693d47db9d12323ab4c0e611cda9f894559de4
SHA512 d390f6fba14acebebc53379873fcbe67a287a2a66f96e4448f81bbd67ec21d3c1190f05faf9f8efec94da3230d72e39ae58ac45965cfcab93c8344eaa3c7a609

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal

MD5 79f5fec3f0e9fec3fc2809dcb100feff
SHA1 1fe16e6af2d87fe78c5fa4ca01d3f3783dc5afc1
SHA256 9622d0bde0176ec97bccd7c468c227d6c9dae5380823a9626641b09d432da963
SHA512 277579224eace454cab36bede3d4aa103d2c121271bb2a39048c719777e0570cb3d022296e89c7c5c188ba91b981ea7c58a8a4e039f4dd1b03f977686fe1d96f

/data/user/0/com.gentongsehat.fudzapp/no_backup/credentials.dat

MD5 d874bd35c07055d2b2d7bd59876152be
SHA1 c5ce22593e4b1c36090cba0219ac91e24f9e5d37
SHA256 c40c6dc4efbd12ee3e2d76694fb003f33d633f37b03db8e9e5130b59747d284a
SHA512 80f5e6ae3f2b4f2bfde115e84af1324480f8ff2dbe7fa51b9eda7b124de8b53e159a01bb019860539a5203521a43ddbedf096cf9b5ed17b98c05cc14c65de374

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 41c8933da880c5980b7a82ddc7292d2c
SHA1 c04abb15098fdff253e5813732891e626b76db9c
SHA256 d61dcc1f03e6f4f4f4b5aff9bcf52ea5bdd2b8dd6edfaeccb9594557deaf1e20
SHA512 651fcbebf5a39ce504d0565d7442b0f1bb941f0db5620283e7d0169dfd6138db0b86d6ed995654b075112880cee9eff6ac2c91846829fd59df62828bc9699ffa

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 f5c66ca6d3aefe53f86e0e864d6bcf82
SHA1 305ca1f1beda76287ea3910f644d0ee4a2f9b9e2
SHA256 ce28bdc65509415ea37fd07b66aed41ce6ac38a038aa6c1e1048492da0b395f3
SHA512 1e540eeb17cbee212356d1303e9730adc5fa0419253eac1ba10653a039b2a8e6a9589caacf77ff9b06600e4583f2c8ad077fd238fd68fe75d27aedd8138d7a35

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 491847215c122af9a39b1c069ac409f3
SHA1 1d071bb2058b72d61a4cd8f117a3abced69241fa
SHA256 3e855034d547eee284bdb77866b272571c70f7d8d2a4bd6c9a9216fc282761db
SHA512 1e601b98da450e2878eabc8c34047c7afd30501059eed8d1ab2c6603d3ebc8b10237122cea778c02d707a4b727656e238ed8b53ca13a0f3b55224fe36b9578ea

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 012eab870d20ff5e64973eafd2fa9c85
SHA1 76a87eff2e68e4cedad90f469f833df4e480847e
SHA256 5b6a5b67eddfc0f486c0db0543715318be4af6be5abe1512bbb17d2618bb2821
SHA512 764f4a493ebd5858dedec125ce8bfb23c72b3dc31ba31a666456cda547ae537bbb327ea1dc6c53478c02aac5efe6e74cdcd97a59761953ec6132cd855ef09cfb

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 98ce3d61e33ef2a18c03f885af9af3d4
SHA1 3f3e44a205fdf8cd43973f131d2e87ee418274a7
SHA256 feffd9d36770ad364110f1258aa87f3e78cd2040b8128f517c66ea6548901708
SHA512 5415bc692f7e4ca06f96175d56d6acccf40e6e1eff401b0d764b1b1e57d8ad0a6ddf9124e2e3046ed471962bcb156018c56014e08a4e622b9cbb8f0d682dcc5a

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 7fedba44f7e08c66602822edcb1b8e1a
SHA1 1b6ab542a2ac6ea2ce28d0c5cd0d643648ef0e7d
SHA256 3ca85ac1ba3835f023fcea6601d064f7bd24d40c43a89bb9a49c108bb7e70a61
SHA512 908f34bff13db6d699cde88959e00faff2bf16b73a2a60b24ee6fe5cc3b6cd2522028c39cd457f8cc66ca64871d505da38b5659f400eb00fdaf09aab4a887458

/data/user/0/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 cf35eb35f0199a90a25228e11189e8a0
SHA1 f3bb4eb2be6a925cf1954dc4e7183bae57f4e4ed
SHA256 c3757d6b92d0a0fbabaed3586ba60220ef2b74255d05122bebd435724e538723
SHA512 1e46b14f4c60037d3e48a44c3e31b0b991de47f5363455307e5173e84edea7a6ecad5be6a85846fa8a2af8f7faca3de52fff148a4ffe067757f3c2c0082547fd