Malware Analysis Report

2025-01-19 08:07

Sample ID 240605-t8fphada69
Target 98a9162c74f5c71d344cf69635fb3709_JaffaCakes118
SHA256 1290669536c842e48d7825cf7fa302c937aac8c919b4f585a9411103eea794e4
Tags
banker discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

1290669536c842e48d7825cf7fa302c937aac8c919b4f585a9411103eea794e4

Threat Level: Likely malicious

The file 98a9162c74f5c71d344cf69635fb3709_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about the current nearby Wi-Fi networks

Queries information about running processes on the device

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks known Qemu pipes.

Requests dangerous framework permissions

Acquires the wake lock

Queries information about active data network

Queries information about the current Wi-Fi connection

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-05 16:43

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-05 16:43

Reported

2024-06-05 16:46

Platform

android-x86-arm-20240603-en

Max time kernel

123s

Max time network

131s

Command Line

com.estrongs.android.pop

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/socket/qemud N/A N/A
N/A /dev/qemu_pipe N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.estrongs.android.pop

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 = udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp

Files

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb-journal

MD5 18fc436ded42f0389b16900257f3f279
SHA1 317b2c5613d93bb55053a2d3654606367d15ae69
SHA256 aad8a057735d28b69cdace474d5446a4d2136768d45596376241951611699898
SHA512 fbf96478dda6d19d56f0c67578bfc64b1fe4a46243c2351842263d7cdfb7f567056c246e54bac6d5b67bb4beda050cf0d7a241a091e9e7c64377c04dc9f2d3b9

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 a737623b1258c64eddc1b4bc665742da
SHA1 62b7392233256bbc26a07904678b7582aea62731
SHA256 d2d371e858c1970a1ca3ed9b7747480bb97634bc35f2643ad3d5c28d462c4aaf
SHA512 cf766f5980de70462072b517998651174113054fe975062960c08d458993601bb7520f7ba5354d0c537f7f045ac5cf770b997dc6c0647c86821b6e6105773e7a

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 beb27599c90f30d5f061e01051216c22
SHA1 3eb13d28acc38725e541d9f47ad1d7d3c85e58f5
SHA256 902f3e3ec2cf9dca7bc1705147cc61d9b02959bd8c2ae19900215f471cb97b78
SHA512 40d31d26e6b3a3e8b640d0f381678dead53965984594c63640c4b8e7b8e8d0ab0c0c5386227b553cf16d977849d78e7103c3fe118ec2a3ea84db0c6ad0a877ef

/data/data/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 5331339c0b24703fc1cd98e0301ba71f
SHA1 a85426b5f142427d731bdb3bd2e1fc3d92e5a3ec
SHA256 76d1a7f3ced2ced4319593ec22396c3fa65503e1ed9fdbac3b85d576da37d3b9
SHA512 acf0aba5f4a290c08275e2e7799de69239d7ffd93677c7b018dbfc52850113b197794d2a852682b7511730ccd5242118fc943273f8511c0ce13a9c0a0a9a9e14

/data/data/com.estrongs.android.pop/databases/notify_items.sp-wal

MD5 dde9401498744f0ccf181dc33ea79ba1
SHA1 c58c57f5a34f849dd42990611e07598ed17873ff
SHA256 0ebf274ef05f3608ce195c99f6682505d6384eba4bf1a2e68c3c4800b292ba18
SHA512 f7cbb1cda336a728f2b95e15a9ff9d8913d40486c1b740a011cd04ca39b1ddc3f89732657e239d08e14dbeabbb8996e5eefb6e40acc49e13bab071f3736b5582

/data/data/com.estrongs.android.pop/databases/ttopensdk.db-journal

MD5 fa1fd551099d49cbda6df9e0803ca863
SHA1 b3f9c892ee2cc781b623a8133e83b96999c7cae0
SHA256 75ef75d1b6c4618bf7fb31974f061e0aab1a4fc904175e4ff765441474764421
SHA512 adc0c24f1872896e78b3951eb919965538a933408ec8bea21cdeb9dae173217730e8935f19aacf18aba38a2c75f832191f68ee5b7601854beb1106aa7c2f45a5

/data/data/com.estrongs.android.pop/databases/ttopensdk.db-wal

MD5 e7b455b1cc60066d41835f7ada8cc879
SHA1 961cc1f7d3f9a445967f14c8fe93464cdd07d4c6
SHA256 cf42e3a56d65b74138c4e6d40bd24384cee30ba2077c3a445c5de62a369830c9
SHA512 fe833881aeac37c79bd7492f81666618ce23b5f3bebee19e12e05eee2ca2b7f72711970b407fe8ee07e6263554efe9fcbd4b3323cfbb4230f06693fa2886f89e

/data/data/com.estrongs.android.pop/databases/download_table-journal

MD5 5ef60994d42ad97fcbe0be0c8ac1621f
SHA1 081e047111f965136661b6e2c83a380ef40ae395
SHA256 2b12a87d81ed8559195fb0cfcc488aa00554afe781022a49562be709d1a0d582
SHA512 aad547e9fb457dc717bf9722d18643cf089e2adfe6c74a2b16c581b1397c132096bb8c35a093afc6ae66365b6470f09829c239c2a6db4e77e114d60dbc1f858a

/data/data/com.estrongs.android.pop/databases/download_table

MD5 0cc56c0ab1fb80270cf08b9c32285865
SHA1 825dc01f9ca4798a666603df048e192fc2fce720
SHA256 7ceda035c3a38d8c675bdb33eef78cb6f7ce806615fec3a9663b61bdd0cb67b6
SHA512 51f1e658a8c68a42423cd9dda44e7a1b4529e17753b133b23dc8eafd511178d74d4f16e2ad3cd445ea32d569bd80c1b866b76e1c8684936e95cc33c3d741a2f5

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 b8120b2c1579abca3c2fbffb1dc5dc6c
SHA1 ec5f5710c065f668917ee0c61588ab0f625814b7
SHA256 1c40f36b01962eaefcd9e831f98d3dd11beb90e85f4f5b6e030b4d8e53f2f593
SHA512 446aec7c0a9ccdbf9ba95c379c87df02394a4ffb6387908c83c8c86cdbc353bdda2eafc2da1c5a34029c307dd997c7f9ab5312d52de96fd3538e19044fb45246

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 5b5d886148ae58b870fd448f03efaa0c
SHA1 21f30f9f5daa1a529a21740e6f057dece7436ae0
SHA256 13ad925934ce19d6262fc47202acab55b61e5735e9c70e5d78e30a79b06026b6
SHA512 c5f6dfd658104554b61325d71efb1c32e6c5da4c53616c7965e464084997167216fe890bdd5dea8a57332cc2c4a3bccb50cf109df3d169175b7a25e917465b74

/data/data/com.estrongs.android.pop/databases/download_table

MD5 b4163b3833c1b0d968c136c552cc38c8
SHA1 57a931b5307cf4f5195394c439b4fec1f5e0d914
SHA256 b09b8385e1804914b695a6fda9541b9c1e316b09f42ecf34cd296046197da6fa
SHA512 7be42c3203b17b9108ff40894f5ea943738e9924690956fb7465e0e53f14597e2eb2599cc2190c9042fc81db54421806adf0f7557a65fa322264423292d304a6

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 13ad0f368c68ff52c9d8386f7654f9ec
SHA1 c03aed2f0faaa3cdb5c6ab18f21026de55fd9c0b
SHA256 848749b0d948ea236a5df9b4043ffab1dfb8441c1bfe24a764bdc118836ca9c5
SHA512 2349417fad4c42827a47a37ed579edc1a57b4cc2627e1d9bab7b4f2b17d5c06267303bd86708f43d27cf41845cddbd18cbc4519cb468ed28e887715b791a70e0

/data/data/com.estrongs.android.pop/databases/download_table

MD5 800900d007ac190e0084fd872b0f2ccc
SHA1 be607dbf638c1d888a1fdda9ce2a9ca57777ae4a
SHA256 ca9459666671e9b6c9da7069d7be1551ce38f5188b4f9ee8da03e1ada281126c
SHA512 578c4021de0fe237c9ab62926d083ab3bf6836d3006cf95e2c35aeb74136fbf2f353ef9554fdfb456e236289de169364cf632d61e2e2090e37074a24783283ed

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 a275207263b79d7e4273dca988382acf
SHA1 7fd31f3c83a99bf77be749ba622bb025a9049e74
SHA256 f4adf19e995bd44d75c2008a88f0043a826ccf2f71ac2e80501c7e72a2db1673
SHA512 12b3cf966805a6bc7356eb0abbe7750dbfea1a7ecd55ba06d0cd673db944ad804814978e6e61d449caa64eef22464a3d572996da706dc08a2cff70113df34e99

/data/data/com.estrongs.android.pop/databases/download_table

MD5 8dd8a71dbef2d2edc91b420fb91721fb
SHA1 98d7bfff93651995b76e67183644f2fd08de390e
SHA256 a6962d31aa70be3ece7d0a998c42204cbeb4c6cef62ad3e540ada549bb7b2b87
SHA512 5a6b68b6b78dc129fb078afc426bff98157af16acd1d95e7c06c042e8a86e4204af19fa48bab36f213ae237d5c8b7428b8fe4f272582b69ebac3c6eefb459e10

/data/data/com.estrongs.android.pop/databases/downloader.db-journal

MD5 973c1f9788ad06cebb24a4cf7b9311b8
SHA1 68e629a388f2b985cc4412e9aabb22dbd4c3e149
SHA256 df3fde389c7860be99c15335dc9e6d9f3e83235f519ba1e33dc321d1963cd0f2
SHA512 c2c4a82f72f4140c53b3bebc3e302c86494c2732dd8fd30aef64d8839d9e890eb1ab2d8e63dadca74a8eddedc7911a739b9ede67acf31bda9ffd52d0cfb369f4

/data/data/com.estrongs.android.pop/databases/downloader.db-wal

MD5 32884b2603ff434188f5e999085d53b9
SHA1 3f22e2ffc584d76de72c9f9c5daf5e7f35576492
SHA256 b597aa6f6a68c2dcce9e8af721c5e0d9c499a844425ab23289e66188e2abf4ce
SHA512 fcd82a024c5894892be178c8bc5fb5196ff6adc37b17e1727fa18ad74e2375d487a8f80e3bdce27df7ddc0460ed99c5a22746075e585ff741d8773fb48a3da83

/data/data/com.estrongs.android.pop/databases/lock.db-journal

MD5 5c211fc42ed255813a6007b0eda551e8
SHA1 7e4006cd252c58ae0280d105bbea786d5c5b62ba
SHA256 dbf97277d01bad61980d32aa1d7b8004629352e6a239679292065b11a867f577
SHA512 9c0d1b32a50aadbe27b1adcc816bcd68f53eabc496f83af4cdafe051f9ce6ed1b57cfa35d4b1db627e0fd7abe533949084351249ec2a9989743e347f8d911859

/data/data/com.estrongs.android.pop/databases/lock.db

MD5 74eefb5bfcb7cf134cbe1645f0eaf0e3
SHA1 91a91789c2854633b93fbac0c74dfb4b44c60d96
SHA256 16c8740bfd12b9a02350739c3086f5ceeef60df3d143257a131ab6e4badda491
SHA512 b52cf50b18995516b79f841ce580e3a95a022cf13608e201017b62cff7aee74ce12193db464e94511f0ac0e871a114636ebbcf464e7ab794404bed491cbc5e1f

/data/data/com.estrongs.android.pop/databases/lock.db-wal

MD5 14cf58785593b5944ac53cb5d2849fce
SHA1 e62953ad2833b15169a997a85b38d3ae136cb73b
SHA256 e05ebb1450983062046f6abf4dc43c187bdda6137aa1aad646841f4db876dce8
SHA512 ecba41765f9dfb7ad52b50dfdbb92a18c0efbe4f0975a5504551add856e54580d89979f229b7fb177814b214ab7539b41b95320fd94aa211af896314e6a646a3

/data/data/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 bda29dc7a7b9f1cb5dd0ea3fd882a92b
SHA1 788fee38d24baca58aae7676f799411ed8b08564
SHA256 8a10e5704dcf49ce1124f6f754873003f318250edbd303369f84953455db93b2
SHA512 ad392ae130d30d9dbb78628c938dc66e12007d01674de6d14a1b89f02d1614886403e6cdaa37ab5579eb3581dd804c41aa5dfb8057d84b1954ccf6bdcbd0fd98

/data/data/com.estrongs.android.pop/databases/scanner.db-journal

MD5 b0c753e728ada2dc1198eeb990d959c8
SHA1 1f7098e17c457da475a41cac0657cef05ab3ce1a
SHA256 2f0e533be1233700de0eb1afe2aea8251ceaefe25a0a3aa467d218f59f43c9ca
SHA512 c3f1be76abd82fb36185226bb5a90d0e3884bfbe6c39bd5e5ab243133444dfef1c825004ea973a8542eba8a4af8b6de926fe10bb47d987fe5018da648467543b

/data/data/com.estrongs.android.pop/databases/scanner.db

MD5 20120fcd173023709572b2ca57ce875b
SHA1 39b1257894230d4571e44fce85c2005cea89a81e
SHA256 a08d32e868ba1ba664a83500585c9b71a6b2ae5d49d78cf71e81314714f5c8e0
SHA512 82ec0a66888649a6cbb9c457fe55dc6e6e998bfdf4b71479c24bd4728c797ca772a87be9a3cc854ea947e1d243fd68a15bb112808e8a3b4e5e049b3ee8035d74

/data/data/com.estrongs.android.pop/databases/scanner.db-wal

MD5 72807ba5af4ef5116cad668dc62425cd
SHA1 1451bcc1bd6a836eae6ee39d28007a2fe70e8943
SHA256 b42495749975da5e428dbee0944b355b7d9cf31541f832e28620f8522616df69
SHA512 21a77139fcbbf47d794fa6b05d7c6746890563331c4d2e44e9fec9226568e9791017bc2f0b27dd991e062f8c92f8fd6ae16f66e20361551a089865cdd9f85011

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 522acded204c6d0d8570eeebc836e127
SHA1 87d7a1309819246da7b488822d92f51ad04f701b
SHA256 e18bb80f53edd0b0904ec14a6003d1b89cf3d4c3705bee66f51eb191e9792cc9
SHA512 8e982154b584efc4338e1291102fc6f6bebdf17febc941428d290f184cd9984deeda20ecb50f2042abe582f42b7b54d17744ccf00ffb725f6c5131e55409e0e5

/data/data/com.estrongs.android.pop/databases/download_table

MD5 bfcc4be07c0b86db2f4c6f61d59f3da8
SHA1 381ff9821ca8cad6709501d84d2bcd7a73228727
SHA256 f2a7d1b0532aee22b243bc1ecb2a4a019e7b15f5f5622786f1799cd2433507b3
SHA512 11e0dc811f66328189f9c411c6a7f720216134a7e6820691e6acc57368c9febebe636d3e42f8cb3adc3b8e935de03f6e0e9e01b3272fc41c3d545b446a31aa94

/data/data/com.estrongs.android.pop/databases/download_table-wal

MD5 cf695cb1a745fe120eabfbb955aeef97
SHA1 70aca8256578e8546160059bcbd3c1680b67e9b0
SHA256 cc4a7e50f1b069da2b69a1e82652ddef202e9beb9d6e484f78d886ed38cbf22a
SHA512 4652a10175a30e5cb7473c54916f149139166947bf4daeaf22ea5552115f1afd17a5eedb820cc66ca62cc4dbd6dee20ea2d740d617f51abebd55fc246d00d793

/data/data/com.estrongs.android.pop/databases/download_table

MD5 ec4381b1db86aab8b841f21377e59c72
SHA1 b2ca155a31fc6313d6341a2976f9cca72009b446
SHA256 dae8f97a21997d6a16d2709ea7f51df100a6f47c293b4cebadeea4afffe2a9ce
SHA512 36c2f95f960f4b4a3252b31402989eb624ae3cc41f9d8673d154cc938136d737e2d1e59c6b7119476e14942a9129930b63d9e532b4f066f2e922c56dfd996207

/storage/emulated/0/.estrongs/folder_app.db

MD5 14fc31d9d0ae4e3f0b842d110eea9041
SHA1 c9460d736da11a7e34610a166189686e225edbff
SHA256 35dcc59de1c087e48dc6bba2864f95bd67b41d4ce0fa2c3c76bed728dbb28612
SHA512 a39fa54b9e49afec824f58290d7ca4421fd248f611fe5a08b0108ff5c3ef025cfb9603cee96b906fb665eaa6e840da40b1bec035fd1641c8a0b63c918bd2f53e

/storage/emulated/0/.estrongs/folder_app.db-journal

MD5 052514676291797bbe66794a995cc807
SHA1 6983a5864070646eaefc84ae88dfcefe8cd2cfa5
SHA256 cb5edd1c3769821c19d978465842381b0b7ae3e20c1a4d4f91e0f10f40e72bcb
SHA512 07154c075112fe7769bc0dc96bc4c7578669ec90b9543d5d77281b6c78c83808cb17cafb2f547ef713f3e145d5855f0819aa8b1c3979659fe20ad4c5d5591fdc

/storage/emulated/0/.estrongs/folder_app.db

MD5 b1932fb4148f016b7baa23dd12cd74c9
SHA1 a21b7800a101dcc25f7dbd8b01f807b4c2f5c8a7
SHA256 ace4713030550c311827217b1d2ac2a5854d612ee1e580511e7518f3fbb3bf66
SHA512 59d1bd723e134a577d3289e47513a1dc56c5d6c2b06e54549131a0de16b8e0f766dcb122a111ccd604e335eecd2f6cfef0ea51458dc584b8520dc022f96c7f42

/storage/emulated/0/.estrongs/folder_app.db-wal

MD5 ffdb7edac023304038e41ad9d96357d2
SHA1 ad97cf5bc043ad83181a0bc12034e8aad8765525
SHA256 bd09af5d1ffb627a8fc4d26d257eade6e85271b605d360ee4908b46a410295ab
SHA512 4a508f4da3e7b58b1e39cd0b3170684e612288350e17f74074e088c984250b999aa4ce82371d63eeb6153f5703be7b4a076b7d67d8d4e7305e74783e3cad48aa

/data/data/com.estrongs.android.pop/databases/scanner.db-wal

MD5 a96edbe24b655992d66bebb0e07a73dd
SHA1 1d134c17bef55adcc45c6ee145d1550e962e9aca
SHA256 1c5eb43f673d182238ad6e7db84de0daf41143019787ba10e505d6c2df1ff063
SHA512 853520296c3e273fe61c50f0bc7a18152f8206f264c15269c3769f8593eedb855b33753617b86753bde0daef516c43c60bad456254ad66b5b42c348803e1b659

/data/data/com.estrongs.android.pop/databases/scanner.db

MD5 d91965f3ea8199fb82dced68cbb7ed63
SHA1 d7ce83b544f301852a970741e17c47a96446c000
SHA256 642aa4f903e315297c9f0245a4c22c98e00e88a25edf62b7d1e575a20da320db
SHA512 9976ce29bba18378f588321abf47da228be91a808480d284448394560a728e1771f087caddc2296ee3985d62a3cb14f591064e614f82105a9bf2b204cf7066ef

/data/data/com.estrongs.android.pop/databases/scanner.db-wal

MD5 bf1aabc1eefad0bdb1e2adda36ecd356
SHA1 d25e9e775b428f21dcffb8dba5f8c4a08f958d4a
SHA256 081dfd1a46608ed205552b8c45f58ab6880a0974c5bda0e848907f344ecdd8be
SHA512 4eded83a63dc657204693e8b0449777187fb7010bc432654c339b00fedab33f65d82797d4381087a953ffbf753cd58498e1ab87bd487e6079b941de045bdc332

/data/data/com.estrongs.android.pop/databases/scanner.db

MD5 86545a0076162492fff5e9097251503b
SHA1 0cc10da34eb41328ef28584002cb6f4ac4ee238e
SHA256 b3c2670e3a919b8239d66b5995ece95014196f738eb5d8e30a564342bdeedca1
SHA512 3b1567e455a77c7eba95be80ff3b4d24575072bb7e44bc33f21f8345584d70018ceccf4a8e736a1e35f9fbb4529ac68559a5823645fac56e3534533b5d360133

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-05 16:43

Reported

2024-06-05 16:46

Platform

android-x64-arm64-20240603-en

Max time kernel

124s

Max time network

167s

Command Line

com.estrongs.android.pop

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/socket/qemud N/A N/A
N/A /dev/qemu_pipe N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.estrongs.android.pop

Network

Country Destination Domain Proto
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 = udp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.2:443 tcp
GB 142.250.187.238:443 tcp

Files

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb-journal

MD5 5246c609bd37628a9656cd7f1bc889e0
SHA1 316b0389d13b9eeb1a96e262f970c2295308eaee
SHA256 5b09fb98c446b084d123dc4b9dcb80b2623022ba7485af9fafb4986c9125cf8a
SHA512 2d6499e0ebf5e8058a01a0db3df38715a771f5ea3c0358e1acfd08627aae9ef40f9ea403bc84e4aae02bee1cd69767959307b82441800636510344d8bd26d95b

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 fd543bb08c4d710fba3ed2f9379dfe5d
SHA1 3e73883b8452aa0dd74299890ba7fb6e0239dff9
SHA256 e5582dca792e53d4fa553d08b081b3fdf5b7a0e87049cd6f9368c9079886fc79
SHA512 642a8c035c33d03de77f451a16effdbbcd549f4230da614cdc5cddf4b05e8337151246ec3d220ed7d6930fe41d3ba10a0386a8c6449013488e12c6eedf07dde6

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 db8d58a0aeb52534deeb7d674581d933
SHA1 12d8d5fd5e2378a87342fed98cf505402032b957
SHA256 2e417a5f9e8685d96aea1169fc2880b875c7eaccc8b6daba72f0fddeacca7f31
SHA512 0e414bac4b73d9c437a7c1aa99c6a6bfdd829b7e774fd4485b5d22279a52ce4a83d7c6a1d3a9dfae2f4a7c371ab797224cbf379160942012cb21362e7ae516fb

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 86f351d39121983521f8447b1baa08cc
SHA1 66f90ddacf9d97b879960155ac83b58c17f771e8
SHA256 e2ddaf0ddf4edc4d1b50e586ff3e4b6b022da5a4c603a423310a95e6c8faf216
SHA512 e669b1d6be5cb98e6cf480a13a953157e75497523340340207d94e416ac360c41946e4cf0ba86ca2416ccd85a312912c90a632a9256633b12a4704c6e11707a3

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp

MD5 8a8667fb337c2acf045af43238ed6e1f
SHA1 3eb9c8603c576cc899c46130eae4b1451e3dc75d
SHA256 317ce68f9e53258614696144af73176c2f229d44c17e86fc0d5a82887b2a7c79
SHA512 9f0b68f0a253f931263a4cdae9e157005893ca92a49e65ea83f3f6b9cda69f3311a0543c06cd92386027828ec916826b17dfa84db9d8028a10761617c41d9d01

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 17cc93b7969bff7758613b6f46ed23b7
SHA1 cb3a71c5621176961edff45ea4b7c8aa9443d943
SHA256 e97aa75a47d12a80c0b2572744e33b7033a3d581ed6f805e8a0e6486546e68f8
SHA512 197b2921996c197faccf60404b725fb763a5be83893eb3cfb5e28dcec728a4155dc38d36839b9c98fdb3c52d640e6da8e83389ba7ee856ce79f9d542d6b7769a

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 2a68cd24c1d0aaa7718e94f63cd66e07
SHA1 0f607fd4fd992d71e96f5207d13d2859a606074a
SHA256 a72d48b1639b395c01284b91fd8843f6b65f917302108467c3cf778cae0ed2c5
SHA512 e4373303e78de18e4e63cfe5f40e6259b93f1d2b9029d69fa91cbce14b43d12df33ea9518ee65eb7a5863fe3e5221c5653204e120c73de4464cddcc0381bd718

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 9da6789468b45819614f4c2ffc228bc3
SHA1 9ab0faa9de982c9d429c9e7f2a53b94093d94f3b
SHA256 9315c9d3215f1a3ca47e9522d6a47497cbd8de4eb4a708fc679edd93c1d4a022
SHA512 c18fa97532946564c7d7c42affcee6eb7c2e9162135a9f1d406ebbd16f17af18e087af5218ecfb66b6f4ffc68bf1f9d922116d871d47abe06945b718d7b885f9

/data/user/0/com.estrongs.android.pop/databases/ttopensdk.db-journal

MD5 0bc0d48d8b8add105c25dff8f0efc9ec
SHA1 4d007ce52449947ee1928a95b234a90f329e74c2
SHA256 c1f9aeee6f2cb49546a673610ef2703d8060c1484bb2fef6867ceac564f9d062
SHA512 1b7ae01a5a679fcf852b2240cc00af5f60be59a59a4091e41db9bf44bdfb5c414db06cf50191045f26beb2a8fe6d6139e279f02eac870d5eced8f556680a7e20

/data/user/0/com.estrongs.android.pop/databases/ttopensdk.db

MD5 6b5d2877e25169c410a81940333ce159
SHA1 50ee8d11b2e65b3db024b64e90456ffc84be8672
SHA256 c3a4eb7ff5d5ea3a68e56ba7c7299a6061552204d1c224e7945e3844c917598e
SHA512 36fe9c8268c79a806e1a6be1d01c1e771da14a6c69600331f26adef03c7548e8570fa87ffa50bf72691d3cf97d05eb1b35653ee03190859c48de07aa994e2673

/data/user/0/com.estrongs.android.pop/databases/ttopensdk.db-journal

MD5 18d7a171fda9e7c0ca8916bd5f97f46d
SHA1 43aeebc2735da08283d7dd18362dbc78fcbe593d
SHA256 09fc4a890d2f90656eaf2d46038e0699c3b5d32210075cfc1e4480977e87f108
SHA512 e7763a224e6554559af7c4fefb3ea462fba3a962b9387ef53bc6d191da30099af592b6237ec32db4afe34e167faa0627a2e8132b956f545f3a7f4c87ba5e5cc9

/data/user/0/com.estrongs.android.pop/databases/ttopensdk.db-journal

MD5 7421cbc7bd5b965db0f1e0704a78d94a
SHA1 576c28e6743808163cf5791f4d8be178ed5f1e72
SHA256 237abbd4ee852411fa4b1f0e22fa9e2804c843ecf05c324078208f8de59bd357
SHA512 6c73571ac02beca9e78876821070951b438e22ee1d02e53d6ca4f13825ec89887b355a7a6c2b28d71a8f1d85171b9835803c0dc4bff8159ca40b03b3a35b4345

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 e169623b37ec3732987c18d7ba54950e
SHA1 257643d1accb7933214331bd37a5dacdfb266903
SHA256 d53e2bb89e3d72b21e0d3e615e32e37cf6b6c03ab38994e38b17e841a4ce250a
SHA512 b76abe769472c7955411565512fde5590e3465b628124d916b24a0ced11ddbff56eff51f00004765a818c0d86c9d6d93c368d293b1dbe29f36ce14c94bb0671c

/data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal

MD5 9cbc8dee23c4e4a2517d2972c700cb62
SHA1 c8994f9d0e7f2f0236a690f5b0542756ce53f971
SHA256 c0971ad5d9e13de7212f4796009cb622f4bad37c3961f029cc5cb9beea23ffb0
SHA512 bac92052d82092a5d81dbdbbe916a53547641a3f7d2a4b80db82e601ae07be071960ff7c97e45339d22654f53d5da566c1df10ca2632340d0acb26010dda6d0b

/data/user/0/com.estrongs.android.pop/databases/downloader.db-journal

MD5 db934fbd68533fe11ea69686a0854e78
SHA1 51fb4f33a14104de21742ff4ea7103795d0b6095
SHA256 3908fdeba95c76e40d6756771e7145caf88c38b0a133126c35f5f98f8a1bdad5
SHA512 b6d211e9e0195ad70bc26fae2ed289db14511c37008fdff724b6f9b42cacb0dc1147e40a88accbb3ca76e6bee3c1d90af532ed98cf22651701c1826a719126ca

/data/user/0/com.estrongs.android.pop/databases/downloader.db

MD5 40b7d099fc8c4320b1bb8dbc6e03151f
SHA1 bb556886aaa719ae155b8e499f530fe970e6e5c9
SHA256 02fec0e756afa49755e14043766cf3ff533addef9567b0243e06beeab805ec0e
SHA512 dd476b16caee9c451571a95c98fda38496c8a75a4f5e778b4900e122ce34a7b474831c6ca84d1b42e83af4e6cb0b693ef0fcc8fe5c3e4162f7effc6c85f6fe3a

/data/user/0/com.estrongs.android.pop/databases/downloader.db-journal

MD5 d6bac178238f98277cc3dfe22f57f73f
SHA1 dab50c25f6df10b16abed07cd1733e6266350b17
SHA256 8dbc1e7cd7b11037476f7016e6cc5f40c15cc6bf24ad0a16550cf9e255cb9414
SHA512 76a81ca8f3c67bf44159ee3b410a71b19788d009a710ebd02b4dfaaa1665f2db36a6e3442bf507bb12665514b8cc7b960aac3ca2aabcaa2d237aec8b23b50c47

/data/user/0/com.estrongs.android.pop/databases/downloader.db-journal

MD5 a85faa01b004f0e148d0a236be3d27f0
SHA1 4f703d5f000ec0e40a67f9638f8e9385ab335390
SHA256 7c5f9412d0dbbbd3dd8c22c92da97d8731088281aef33ccbbee37096c8870921
SHA512 992738ae058e3ee18601c888dcb3d2edf407db5f33c7e37b79f4cda11f609b626133235029f7f23b982816e64938122c74ec75c78246698313558a441f0d03cf

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 17d85b81398df29faca3934213aa988b
SHA1 5d07c64e2c6aac2f936d7025a4cfdb3af1cac7b0
SHA256 8e1c5e5762cfda44a8846a923303e023b281fd2c0ea9d45637d1e25ad6d91667
SHA512 f6164fc96bdf6dc3e7d51021793f0ba996070a44b84e984b6e19b3559b78434c5f1af4a6843f55960f52c64b65acf896c50fffa419a75b03c12c21b3c016c808

/data/user/0/com.estrongs.android.pop/databases/download_table

MD5 4baddc1d411bb22002e4e299a15e6eda
SHA1 299d9c01a03d2ae96499fa68fa005cb6f9dac7f8
SHA256 5b9b667cfc6f2e4ae3239b794bc717360f32fde7c6f8e08699ef9b21b9e801ed
SHA512 c32749066269a62994759c19cc0d18a0487c0da53f1aeb78fc83488a5bc57019fe5b4b16e998e06bfc14741af7114e630e6027ecad0e5283bb5b3c14dd8ff591

/data/user/0/com.estrongs.android.pop/databases/lock.db-journal

MD5 d769fa77ed06db25493fa4c57eda779c
SHA1 873cd772186f9718359206fe5e5a27b14cf5fa6c
SHA256 232ed6356b75788260373168ad82ae31d2625f86c946c8fb41acba9ee6d9045b
SHA512 b6892f16cd0ee9c0e241d2191cb052a310c07eaff7ce76f1d115f384026c599f41648628099f5761ac5c55452c89a98ce6d4d9295f5ba6fdc6fd2888d4aded39

/data/user/0/com.estrongs.android.pop/databases/lock.db

MD5 65fee65d317a8a9d35c775429c00af24
SHA1 b36eccd59048884e20eb308c4c41b88ca40d40d7
SHA256 8118187f996f6892b5bcad4c1a8410027f9b1065db21b14ab26fe729a75f93cc
SHA512 1f0c541a522f128ca10855e0814dd1a35f56d595d47e9b2891ef92b1fad0c6e9714af558665e0bcc180d9182c3e87473b4c09dd837a1573885d246eda665780d

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 83b06048f765631a45072bfa5bbe92d8
SHA1 362b3d2048b7f7cf1293822d561a485a56028501
SHA256 b591ab7ba32acc12e04f04094d6e92de7ecebb08b9f941c016ed9864f7f3ecc7
SHA512 c646c909b3f7a9360032557bc4c072e8830f8889688a6c9a95de10c427eddeab3951c738c128cec97766c1780c3858873dd3c0226a9ff5e995b8a994068f0a86

/data/user/0/com.estrongs.android.pop/databases/lock.db-journal

MD5 4502135dbdc9b51451953c9e5b55f865
SHA1 f77bcd0b0a8f02d98c10e6bdf80d600c5d25d81f
SHA256 19c0ff59afbcdb4138aa7c6b412754e2f0e48dba6fffeddfd91d927d25d92a74
SHA512 b0bf93542d4fce177b090ce01e2b88c90f783ba22c256a074e6404c2f5f4ee2866bfd2fdc0e38d2f157addaafbf651322b0fbf7a53f7f28b09c32bd30a15cc7f

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 353fff29c377b36a14dad25e1c4dbd44
SHA1 b69e6c55f42fec07f5316cf30efc4aca6f57cb76
SHA256 5cef52b5f4f9196f13dedb322aad0a720178bcc0c73db7b9c0f8be0a74bd435f
SHA512 57a7d2ad243bb31ec22032ef3c56922cfa11d17a10963409c644b91d52c7a382a7c4fd179b12be4409c30e20342e619974191a243faa0de353a04a5759d54cfe

/data/user/0/com.estrongs.android.pop/databases/lock.db-journal

MD5 3c4f6f9507c53389f93bcb8b813d14b6
SHA1 31b0e3314f1a2680361b8a78db2ae89c164be612
SHA256 6b69948b3b28341857833e2f8d041b0150f55341bbd3efe09cda0cfdfbdb9b5c
SHA512 08e09f9f5299a5d1a9620edeed5db0f0e02326c8d39e83851820f5f43cbf7aa272b416d7df2b48d84baff4f513c075310495db964726c73d4afbbdc31f72dde6

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 991f0d9fb4c8c107a87a74f91bcbee18
SHA1 01b3c4014da897d76093447f7fc4f85266a37469
SHA256 728cd8373b0fe4b73b80244b5d245a8357ac72f12bdf0b51d548b9bcb0a34d67
SHA512 c31d702af7cb18cfaf00c95b10bd0e7b5c35370fce59768987908beefd3abbb9d714e8c9d497eece4d5d955c37d470a7c717aa82e6a79218b4ddf09e98d8cda7

/data/user/0/com.estrongs.android.pop/databases/download_table

MD5 2336dc89cc9062d9b7a4f2b33472074a
SHA1 69f84b2cb4fc14f44a660181e7de3189f6884fec
SHA256 8eee73c3e6dae5b53aecb227d4040e33fb793efc2063572b5f95190ef8dab804
SHA512 afd82eb6aed9ebf2920c9debd3787e061bb99cbcc6c95ac73dd10fcd3f6e8b4857173fe1eff7f6cec9180ad4a23ae1bdc8736a1538164ec83a2f0c7eaa791cb0

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 11e9c7ea1e63e0736b38ad723f8b277f
SHA1 25bbde161ad2765a8ba9acfad3e8382ff47c5d37
SHA256 8f88de19a1f0dddf7cb1d152487377b0ed1c2f32afe8039e14cea9b50710102c
SHA512 40d16615f5231afc1075f7a8e8de2af07e19c13f256b9db7165b5e94ed860928ee91564cc0f645b92dd7b269aa5195395ae429b6f0668c7c64e0116033aa5cb6

/data/user/0/com.estrongs.android.pop/databases/download_table

MD5 6f20d214139e40da516ed064e5029ace
SHA1 03eca97dd52e12c5013c1eb2daa9eed908c957d8
SHA256 d191b9aa1d77bd11ce7f23c38c949f6a39d06389d30f034386451d6a696d1403
SHA512 f90968ed71932f398d61f7af8f282ee1f2e49319fd4643a5a532d0d3705981bccd18e92633ef273567834775817bb0be050f666ab4af63c3dc7765e850a45473

/data/user/0/com.estrongs.android.pop/databases/androidx.work.workdb-wal

MD5 4ef5540343232b092e105b6df9ee175d
SHA1 1bd8d0b407e871793e38ace8cc6ff647208d1d61
SHA256 f1285c48e8e0c74f09c92b5c7eda27e147560d312f6dce53f742a9e0f76ae3bb
SHA512 a0ea0e5199688dfb2908753f170e9a2c68dff2b52267681f803716966a3f9fe3db20fb8781dd91424ed2d06effa205b0d2dadd560774c082a9cc8022d297018c

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 9f193e57afc6eb67fdcf903f7a500943
SHA1 5a20b2b5eb8beb213902668ff057632d83e56b3d
SHA256 8c18f9ed5d1aa975877c4011eccd04eb5e46b37163ea6675e6aa95f01eec7af8
SHA512 ba48e5ee712f3e19f3d3e4a96bdd16940a01299a82768e67156db8f1de5a359b3206bb8c2a3367f0561194cec3190f97f6dbec621b14d95b711ee5dd1c17a041

/data/user/0/com.estrongs.android.pop/databases/scanner.db

MD5 859200ab067f0d2faaf10a169eaa38f6
SHA1 c6ed79258e5fc01f9dba85b0c865b538d2524a0e
SHA256 92fc93b25c8adea3bff3d8f5504a7a684782806804e7ff849279f5af6ce23f92
SHA512 45bef8d162eae1a0a823626a4180c9b2facd6a122571c9e46d432782e72980dcd4fbb5da6965fbb2509ce25b14c5ffe25f67c642b83f556fc3d9698bca1d3cbd

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 c11f8fef82b68321c553f0627c9947ff
SHA1 a32153ade8873f5500c5cb47828e539ef216ad38
SHA256 a0158d7442ba53c7cd3d5c8f9ebb5a78b946fccf7b670bd2b50e38012bcb2dfa
SHA512 81ae0ccf7d9b7ee2fc2185d023b43b8862d3f2f6c1c13042b0c5e9a463a9ea1e888bfb81b4450d7df8243d347f1e168b450210700ec6d598502e858d1c455bbb

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 04c5375b867284df638258ea68a6f7d1
SHA1 a6bd794ebe620d753764bbb0689c4a521805b589
SHA256 4b8d7bec506e930ed6a1cd00e18f7df6f484efbb373ba6e3b45b7fbb6081fc44
SHA512 527a346123a0fdeb5f6ef2e4e9f0762d13e4151ceb50ec7918fb333b00dcfe434d25d37e9996c3eac8deec1070d7c5d5adddbe3d9f306f68706af830ff6ea782

/data/user/0/com.estrongs.android.pop/databases/download_table-journal

MD5 60af8a2ce6d9e0caffb1970784fb72f0
SHA1 594ce1cb9ea87ccb8c334a112228bf5a25d05ee6
SHA256 b7b6037666297a3bb3a4cfb3fce09684cd0032f5ee4a8dd88b0b13aba263b48d
SHA512 a20572ea0567444d8d7f564f830fa294c00857e7bb2d285ccefccf4826660d511e9f1b3d98ad46c20c4d1718162f73c8deac4109f7f3b4f46fe12399b63550aa

/data/user/0/com.estrongs.android.pop/databases/download_table

MD5 ef738abbd4bcb4d35a3b588508cb5d65
SHA1 0c7141f3150f300cc165b56aefbcdc00e0c83f64
SHA256 2a5bda697d617cd68e09fbd53a35a52a0f6ef45fbf8fe7780f3408e7c2d146c4
SHA512 9cbe4777022ba27ad661872b2c187b092316e5288bca3ff1f6f699f14a26f257c6296aa8de63af6c40fcbcd82798efc7f43c04a2ee05a9974bd89a18ffb4834c

/data/user/0/com.estrongs.android.pop/databases/download_table

MD5 6461f59ea5042a44d39a8f1c2b24f3d1
SHA1 ef1b6054db20b45792459e1b7948addbf93c960c
SHA256 c0c5842989ab78f9166a037f5860c9c6fadae943190e2d7a0d802f8a060dd866
SHA512 7fe5d85fcbc348839536783edef11acf00aaac9b7867cf4f425c6a4befdb4498c27d1b5b84730facec28fd79c31754f69c3309ed9af61f92e47c0d42e62a99f3

/storage/emulated/0/.estrongs/folder_app.db

MD5 14fc31d9d0ae4e3f0b842d110eea9041
SHA1 c9460d736da11a7e34610a166189686e225edbff
SHA256 35dcc59de1c087e48dc6bba2864f95bd67b41d4ce0fa2c3c76bed728dbb28612
SHA512 a39fa54b9e49afec824f58290d7ca4421fd248f611fe5a08b0108ff5c3ef025cfb9603cee96b906fb665eaa6e840da40b1bec035fd1641c8a0b63c918bd2f53e

/storage/emulated/0/.estrongs/folder_app.db-journal

MD5 a286d15c08ee1c7bd05165c2cd3207ff
SHA1 703fd305f4923cbc5e954dfbfcb4960bb5c3e0ed
SHA256 d128f5aee9d407a279dce50ecbd0304caba231b43266ac7315b494709c05861c
SHA512 095ff53aff19b25e7cec76cf6179724b7d8296d4024f36c74b445dd421603ff2199d8d7390b7a3a17e19e7cf261295e5a8d6a0c09985361e5a13fc640d0ff412

/storage/emulated/0/.estrongs/folder_app.db

MD5 fb87211db265f49c6943e39a764d6543
SHA1 67aeff2556a3906c035f8dbf4117d0d065709c31
SHA256 b3ad4fc0fb70844391ac44a6bf46779c4d7205d582247dc6643b283d1576db0a
SHA512 2f2c80fd4c050692fdf193382336b66b3a5c46657d4b11865661f4ffcabe97f61d7bd9ddfcc7e0fcfba4df0130e33aa9dd9d5499c8d6b2c1c9c8ed8e9e916680

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 305b4d0dbd35c0b70981aad3b0b48cbb
SHA1 fdc0be46e35979c61666c9525d118118537bd62b
SHA256 bbcb3a29f4df206184451b2bf12f6c66771b3d9e91d2d9ad55aeb71ae5dc6330
SHA512 9d9eb83324fa53e1438fd160eb17697a82406012f600a3ac1fb9c41aa347f6008a2d9a01db5e6eb0664bc5878fb2658ec840f40d805899e0983adc074a63593c

/data/user/0/com.estrongs.android.pop/databases/scanner.db

MD5 08a0012f4946a2a63f4aa749e014bba5
SHA1 790afe95901ec6bda1475f5ab33e65078470ee12
SHA256 ae0e2b4a067f031568658b5175e1a91ef715187537e1b4efc4e9097f7f3a74b6
SHA512 ff44a7f74dc0d436f202fe73dcfb67a79d1cabb96665e8b228111e5c33cf84b4079c2a1b114054119694813543e4139b5594d2579051651f3d1b3504f650323a

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 155f5d804b81872438c7de8ae103aefc
SHA1 ee8cf9a00bd119ee6b81b4c8e40db670dbaa9280
SHA256 c853c2b6025ac06d753ed1eb004fd40077857b3243f85ee264841a4d0e444249
SHA512 b3c8fbb3b6085c58f6c883479644e94e4b9fea2ca1fe0fcdd1ca6b16bfedaac533fb433a4dc46ad29ef1954c4ef84b3030835e9253f172e5a9abebdf613f7dcc

/data/user/0/com.estrongs.android.pop/databases/scanner.db

MD5 6f4f6aecfd37c2eee2c610ba6ac55dad
SHA1 55a077d826569ea5ee0b3165eb3878e1d8c8f57a
SHA256 b383882f158b690ba3eead3508b63c0144212c50d3d7ee8d32fc3c87b6108398
SHA512 220bc4852414133c1af978c2805fd2f38d8ceb9c551205510fffbca95e79ec29de16108ee1ae182f89e398ad91fd4a1f474470f50ffc4b699bf5c603d596a672

/data/user/0/com.estrongs.android.pop/databases/scanner.db-journal

MD5 bec1e42c96d6f0c3c004c433c16e51dd
SHA1 777347a5595d2750a2e07db1fa7bd96cac35e223
SHA256 799c9e38b5aa7d2cc3c028d51cefa58052f7fb52faef4e936fc179daa20a6040
SHA512 0c5b1b5ff246859d0c8765724ace74f6bd6caa43f53d70a76c6c01317939d35fcb1b29b5f83aeeded99f1c6b4906ed209dda476b3d5739490729c79babfe31cc