Malware Analysis Report

2025-01-19 08:10

Sample ID 240606-dpby7sfd4t
Target 99dc786a3854b1f2fea66a4835ffd461_JaffaCakes118
SHA256 24ae3c4c672fa3c47ab6c8540e8523e21a8419fae818eeb9e6080a57df7766ce
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

24ae3c4c672fa3c47ab6c8540e8523e21a8419fae818eeb9e6080a57df7766ce

Threat Level: Likely malicious

The file 99dc786a3854b1f2fea66a4835ffd461_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Queries information about active data network

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Requests dangerous framework permissions

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 03:10

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 03:10

Reported

2024-06-06 03:13

Platform

android-x86-arm-20240603-en

Max time kernel

178s

Max time network

135s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 c3088f116d0dda5445f0fac827d726b2
SHA1 e7244f81d71e28b3ad936a2d5ab20f790bb21c86
SHA256 0ab06469c279037a60c6284ab2a64f21c4a315f1d0b26d12feb363dca7d80fae
SHA512 4542c5a26fad62741254a3d4f5d127cf9e99ddacbc67c161c321fef922217f85f624dc733009b85ce9fd1eb015e3128539d44a81c6658033dfc161a12a3ce734

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 8fed4b76e75cc8492755f00df6e31db2
SHA1 fe014c13723408d6949a5be98160c3956c8338e3
SHA256 4463acc8c9f9296822c2cfa216b7ca77652f3505b622cca44afc6fdd9b7cd2e2
SHA512 a92e9e888d8815e92dc0e28ee58fe25dc894164f5d0b948a42a64d497f2a1c832bb227743cec32b40618fc5690461ac3be1f308916011c32e0191c144a7a9ca1

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 d5ac8cc4fa126a87e5c8e187f0858a08
SHA1 38ec7a3c0e73b810cbd3cf1120744a1ef9b0a7d8
SHA256 4618919858e3edcf47a925b120e7b7978c985d902923064c17eaea5a02d22113
SHA512 5805424bf89e55ff8f8a8dcc8f4008327530eda89233d3627d52192ad72dde38c4752fae35643207b1767aa42e1b9dc689dc21639e576260a4f9c16b3c483fe3

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 29c0f564bd971d8ba8d4057a8f8957ef
SHA1 02feaef521f5fbc71271873f4ec2908144080c35
SHA256 f9e9300761b4fed83e5c8f020d695448f195ad80bfd5caf6c76e079d6f9a7a20
SHA512 e2f454af8c656bea6f124ebc720d940af71b6ef29d22f9ceaafc0a051b46ee3a3669b94eefc6e6536c663332d5202d41db72d8610d636f8467d2eaee7d8823d0

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 e983c65459f01b3d43f66e294a79765c
SHA1 594d942f313ba998a15705770839c172b61cb7a9
SHA256 3cdcf568c02bbd07c379c95af16568c18f9f4da7bcdb4fcde2cade1f818a195c
SHA512 633ad97b58efa5098f247aa7addf1bb1b7be98eb66d455c3467ff9774229bad0b487c17f0be25b88d9dac419285c0c6ea52a9e58a95c306365b68fd13da71429

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 5e63da0b70441e9119c339a37742f26c
SHA1 57d67af870d2bb9046e877e08d2c7aff869ddb93
SHA256 c3de04e6c937bab8406ed619ac8a9daba8ed872f797fef13bb200d321813b939
SHA512 89683402f2e723f54b2a257689680fd8686c0beaf902872ed4c7c3e03e059f1fc3d017e09cd5c2815ef0ddc1c5865fa3f47e2ed0680b56f4cc3895e4f5f28881

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 3d36e62c8818060a0ec91bcea2328921
SHA1 ee1997400e68340eff39c47cfed8bab468a49ce9
SHA256 6fef78b7da13058d6f351bf6c3cfd03feb672d6eb142caa19c0685f569444251
SHA512 2b1ffc6265780d36bed564780f7e0bcbaf2f65c0019ab3adfa5cd17b6bbc829670d7cfe4f00ddf0f34e048709ed86c74cd2a6392c34219d2e327c094ba1bda57

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 f9f4c86b98efb33ee78e8791e47133b5
SHA1 d5d69c6284c7605eb7f24520de927bb4e5e4f92b
SHA256 6fa6600dbfab8c6ed12323d1b4fdda38aaa563445807fb270a2eceaa674122a2
SHA512 67e08bbb489d00bbf952610ac7b5d8ce62d82559dffc0884c2b5dba33b20af909f3a3ac0ec0b013b9e7a19fb4f731e5a6451be383cae46c000b01bcc76805169

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 3301610472da2e1f9296b3935f0ca719
SHA1 09b05a4a93c50a5891c7b3e4151f1f459d8a5a6a
SHA256 c1477cb3b09f083dbccf080706abfc88851bd4905673476aac689843b8b140c2
SHA512 224c82d34941788504948e5e82d6f6bbc83c293298747f0f38ff73b1f9a406dbc76fdbfd518e82cfd645393ad30e6591c75f0250db2caa16310aac1e965b29b3

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun

MD5 a11c22813b05325d3d7cbdf8b2899df5
SHA1 8eb09227bea5e158b3445bfb7c21c6033822045c
SHA256 299c4d4143ab3dad37608b06192913940065fcb6f36b8f172d5fabdff9f91f23
SHA512 fd5fa3bb7eef4151f2e996bfa7cdec63f202e2b2322096a9923ee02c06b11b883a6ecd4b3fb2731701c8946919183a641ad27ba477b141dbaa37922faaf67afe

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-shm

MD5 0aa36881f9e9142329284939e604f477
SHA1 f87b4c0e72b36fc9d6531fc1600f609fc8aa3646
SHA256 8696b818f76a29dfcc269de2fdfb54d62c0688cf733b7df129a6261a0e817158
SHA512 da4286cb8741537eea1e3984a55798b734910f129032992f44edf05a39619005b40710794e1b49bc69117dfd812d32da12b49992b911496d5838ba85f5d0721b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-wal

MD5 fc56a86a461c648b8fffc032592979c8
SHA1 1f7efc44a0520d2c172abed123ae5c7c9bd9e306
SHA256 8838e13106be0be058aaa240541239c34e301d8792dca3fb89f753f60d5b0ee6
SHA512 44570dc80b8d2be6477a4b5b7e1796aff9320e830c91954260618f9435a071c7ddbaefe939c853c2267a671cb54927bd91d89d1ab609aa3db36906d63bed4c43

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 6e5fab72819d7f1e59cae265063c673d
SHA1 a8a98b3b8d3aeae0eb007a8c0e0e4ac82ca5625d
SHA256 7da838918df8efef7898c4df48ec58c7b6c75b36dbd9b5f9098e6efa8009e0f0
SHA512 c0261be4f12f7fe6e672eed3e3ca59d968c68c46b79482a1f45e3b885322a5168388d2c76829601f5daef0f44eb771cef66e32b680709cf666333f5013a6a532

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 7075149306425ceb728851594edff5bc
SHA1 4766ccb19a28403a237cd3c69521bff9c49baef4
SHA256 667a7eeaea0e5224f257ebfabe016f14f3f0cf6f890ce7398c128e9297010295
SHA512 22cf18c1430cedc6dcb1d7eedf338adb716f657735ad9d463462b5cde99fead2f874f4d56c255bea1bf3be04fbfe2d43a3f8a5ee5d560ac03100b9f56014b8b5

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 489287fac8dabcfa75cead465a004ea4
SHA1 26914528be6551afbf832617574f99c583213e8d
SHA256 a5e8c790b058db1fd57c18d5bae8a55cb266861c70d4840424f5a0effc23e1ce
SHA512 4525e9db394691690d84690fbfdc1e081d11dbe35b80e301de0cce932ffeec92d0185c77f10caabb83f69a4c22443a56809335d7970f050feda01275a6ebadfd

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 f605f5af319e6227c87394a1343773bf
SHA1 ef09c0786b3cec39d409494f1d75502822e88e57
SHA256 86f064c958b29d4910a0c9e571a94687f21534283379ae61ded4e25c26e6a9b2
SHA512 90eb5dfcead81787b09ae1f7a776185ec870bf67a0f3f6dea00eaf5841fa8d90a0470e04be575c15b9cb3f698d505f3c217ffb9129fc9d28b32b85e37e6661c0

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 03:10

Reported

2024-06-06 03:13

Platform

android-x64-20240603-en

Max time kernel

179s

Max time network

151s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 172.67.161.129:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 172.217.169.46:443 tcp
GB 216.58.201.98:443 tcp

Files

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 470a4fb1571f9c07fb6d60d66b9735d1
SHA1 41299c66f5edf571ab87c929149f8b8f7df9dea5
SHA256 406063e10f1dbfabbe58ea46d66fd540614fda0aabb0bebdd143db84d914213b
SHA512 01ebe1ea8669492f29cbe6583072d35dcebc24a777dfed70682f65850a58bed42805c88a638a8c1bd33ccce9e07135df5e32f9b46f5e74d8cd6f52aab2c9a9b2

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 f8e203e765ff4e3afbbf6cdba2dcdc71
SHA1 9c4b05e695ecf7e9b5b97e483c9e9d68df075543
SHA256 6d25fa1e3b0cc4be8a9ceb8562e0fe42f5712e3d8318f677bd960d9573016ff6
SHA512 3084f9de856824fd6e951e36ae8fe0bf8881abd8db8378fff3dae76514e821ba407b8c73b1bcff88b79f318b9fd91b24ac840c32a4551dd52abf92917823f98d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 f517f8f3524d7870bb6aa479c5dde443
SHA1 a727527a2f2b19d9391f551281e2b97ac4b92b96
SHA256 d9fbb0f45817e88e2e850704c437b99ec0d863ab3b9f5eccb8d3a22e1f0c0b1b
SHA512 948b5f76eb94a732c769fd62a60de1b02d6d4f883ff99017ca66525b38260258d1dc81eecfe1743618c88ea67be115ef338824c33d33f53b6f9f36a35f592a1d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 432f7f11e856f8cebc1918b15614ed83
SHA1 b15e12c44379267d24d81386add252f961a16589
SHA256 fde14dd1705bc5578e7d979d3d645ffef16ea33e8f04afc3b0c3edf0d068bcdb
SHA512 004471b862aed2a266112ba560f9a2708fef75534b5b48ac312d9f98dafebb2ed8dbf27572b151c067d3cb5ab5737092e16d4150fc38c358ff45ad1ccf7f937b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 3ac4b4b817ec190c4e98becec69f5967
SHA1 58690b3dc7afc942aa29e1678d38fbcc37f013d9
SHA256 41674eec0209ad2dece1109a9943c989f05f49101eada9624aac482694c95214
SHA512 2bc079bb2e141cef295126bc4f6ce20d8ed3edf59076d3e170cf86bade86f85c1aac99e0130f5f70aa3337b948b91ecd6039d44753b3a20ca20ba864ca42c98e

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 484df068dc370197c0e37af4f433f772
SHA1 5d071329bf5182e60b2d268adca542901d492001
SHA256 3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0
SHA512 587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 360317ee84ebe39fbc2a3f362fad9eb8
SHA1 92d398b02ab41d2c681542c106aa0ba8dd5d2a00
SHA256 4718f12884b5852543d11b9773266e7a4b34da65b0a0b6d4827b5829a771244a
SHA512 4fde6ca4259f8641e266d0f45377863da93e290aef4311eeaa42e221d81c3f50a3bed898f976c9d29b7a238360249862a04ee24b26b102d685a8bff5d791d26d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 a3605b7ecc1aad01520b80e3a3fa9d1f
SHA1 1d2e2837e037589177da4021a0d1053168496350
SHA256 6e4dfcb4920326169eb73c7c2f07602dda4f2b2b15252f8e3ec3759baa4da719
SHA512 f4f0aa8b0cc61dd86bd219ab34d3a76dc68c5050288047a509655c8c94929a9619932c66cb34250a89abdee09c06daa104bbd401d24f36f627b26e8493db7cc5

/data/data/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log

MD5 ea9c2dc01d788f2ed7ad6a455e32335a
SHA1 3da6ee06226734e9a402c3ef2b542af3b509b6af
SHA256 ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7
SHA512 5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 602a73774b282f970e34ccb391dec071
SHA1 21ef25b815ab57d17e45d68af76570d867ea4d3d
SHA256 7facffd489dd98740e66723e0b436b423dc7ae2d37e78aabd57d4b1313566d5f
SHA512 4b145222f1560caaaaba92e61b1c1b89bc7f395f26580339f672b7023ba5184e8205d4281eb5986094511ccdf4ce948d73e810bed5c73ed80fcd3959f9d4ab73

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal

MD5 40cee74008d95789f31235da5f4cf19f
SHA1 41edb6d90d76fd802d3e3d2823c5bbbf55caf2ba
SHA256 82882b53b03d87f19c86c0d999e2d5462e414e5c297e3a9a9e51294f5210e129
SHA512 d9a814ca14ae87ebe902b0a1e02952194e11a49f0bcc0af4c11f17c61de96252edc90d7c508a2462beec0533f38593e7bfa522260ab1122e7324943a44ae60c3

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 aa8b7c83b90b002791040e464ce0e80d
SHA1 7f9fd73a6f51427a53b05896e0f6e24dc2129370
SHA256 71cbcfbaff67654ba6f1460e939e4ceeddd9e1a817184925ebf0e7bb3e582bae
SHA512 c2485504493a0f9c2686d21cc745d4e31fa11a1a5fa860967d810dd143e67eb739384765d59308d8e69f17d82887c3da0f1029ec9f72f0695be18b3bc06cc0bc

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun

MD5 575694aa0381176e568d0b9dd0200a50
SHA1 ecce4ffb90c2d80ddc2ea42c07b1667a27612075
SHA256 9921d07764ee28b53a6c6017a45b3192fb14bfe8edb25330cf9a9824202db9bf
SHA512 4b8cb47de7ff3411237d8d23e7a4aa3d250dfc19699d056812c5d692ebd2908ad827e7032d362c7d26a6e407a6141b1ee3d164361fead8c061e2cb1baacf5adc

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 12779783d1e1d75227cf98c3863f6a12
SHA1 a3db2c0aeb91da3146503d11b9d3a4833a6f7d80
SHA256 b557d182fa0a90e7b196b4aa1f1930657e98b8250d2a2502820c43a8aa23d203
SHA512 287dacc4da4ec5313160da1f2606ebba90a4abdcbb58bfdc38e2ff6bdc079ab0ab56f936d746359c40e810570757ec54342d1489d0486ca7d36119307b480e76

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 ae8b564a751ca1202b729183e768f06c
SHA1 1bf7f55c62a762a8c511e197f7d16967140b2c51
SHA256 bf1ec7e51893a949a6d01e34f53faa5290b40c3a4e6a8f09d93d08e01b9d7fbc
SHA512 1020f1dd9b522b1c19b79fbe0d7b014ebe2614691bf6c40248510553804f992f0b0b6a0325713a1605c3cf646400735842f83152811513ebd86ec47f77513921

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 ac572b87be596489f4d764fe144b0118
SHA1 2e43d707e7d9b541097d66000d7b6c897b1679f2
SHA256 c5c60836c3f8ce0817808652438aa967d2667c3ce8f6cf31d1e752899abb734e
SHA512 bd647ac363e6aae7ca0bb85e7b91fa51612c61a2464df4d3293dd37451f55864894f67ce6c8a20613af502f4714abafb3f8ec77e6bfa27802848987a08a3927b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 2c7e2a2e7d8fbb355c569128d65f5339
SHA1 18ceb0c378b7ce28e02e15d4b093892d1906923b
SHA256 f9be11d3cd0e2306b7e92bb0122040571527ad21374c8d5a610c4bfffbe9a294
SHA512 6bb6a2514cf3402345330316a6ede9ea432cf3530785e2160e37534c0b62343d93eba53729cf46121681ec45eb0d1b2c368ccadea49113375dd9565577183b79

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 72278a57573f0304c650fa09665ae0fa
SHA1 74c06e8e65a1be05b6a77f44ef5eba4d039a0381
SHA256 aed3deacf41d2ef47e5896d365fd80b7dc519e959664c3436a161c8095e63493
SHA512 cb01f00c9dd5db06e8e4bd7385ca233caea1b709f28abbd44c1079125933dff176dc6e19483528654288dab719bbb9bd02a16aab4dd3943d8a503b54a55d1d01

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 3457d9f50795809182f9db350ba9cb54
SHA1 f4ca9b529df98acce120fa28b7b44b98375bd2fc
SHA256 efd666b7d17f2fb5d11e20bde59a319be1abefe3ca5a593891d2ffa0c24b950e
SHA512 3e0745e25ccea2ad63241d6c5be90c0ae4f29401d67a12b028136626de1b59817ecebb0025b2be249250e7b306e98fd7a7a857adfa3af5258f76b8c79aa1281f

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 3d6839885d8b4e9de1d4f619102c77e4
SHA1 8fd17db156508eb034e93b49b56d949314c84ac0
SHA256 de3d5c4d0087b4432d718a9d4d1426b2843f8579ad916b73534516b4e7d9735f
SHA512 50df03192747a50483f102093829975228a2a39ed101d9131d567f07226a6cacb4778fb5ff31c8c539833a723c1ee43848db160c8e7860d3a5f91c1eb5cf94cc

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 43deae4b9deeb048e34c7ceb1d411b15
SHA1 688b0145d1f075d9297b557bfbdeb43fd4dbc4d5
SHA256 fe5fb15547ea11d0e151064e7118906e20bbcf9d2ea6c91b687e546500e2f1b6
SHA512 895b38e1eb567f776b52a21a67eaf29266018ea732ea5457b341da7816dba3e520315e39598c787200708956c74842597771de6ab78897d952291bd3f7557193

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 598d5f9ecfce31acd2679dd18ce61083
SHA1 d83c9321f256d454699ba3292a915944ce832ad3
SHA256 8c38693c3404f50a9d45feec11fc1d4f164b8260dc79f164e7e00e286c5c0ae0
SHA512 b17c9a680dbdf9d1aa1106df8628ab2e9dc0224db52817985a1b621d80581c03bfeacec1e87c89350c737bf996b9620334708d2b3d64e6e96710fc0bc3b5ad23

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 e163088a399c375321ea62f90c85f627
SHA1 f214d9ed10f12b62df23cd75ae90b7cc04d22846
SHA256 60d5d34ed309353a3821b85a7bf9de46feb65c374fc08517d292635ac949eddc
SHA512 fa345d3cf84e8580977548ccee728d026a8152e43f8ccb454c14ac6acdef52193e599b3f973a5324ba0a7aa976c7f771e82a2a3f2a46cab2a74f9fc5e6a7c80d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 79e0ecc6df78707dd8f925ca535973f8
SHA1 ce1f3d56805d73e8c806aeb75c37e5f5e331a499
SHA256 41d151a6cac3fffd180568038f15f3177bc209ad9a4d3c2f60782eaf0da30450
SHA512 b3c6b107f43f11626bc849939c1c4daa1b26b4034ad8a71bd4016019b0ccf7d2c4bd684f33729824c58a0a0dc500a76334f0df624c578d8eb3d4cc09ce58b28d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 454a7efb396175ae99bf884e3cafb497
SHA1 08cf55b866e344ab3d6e387224258f5125b9afc0
SHA256 3097102283c2c39335fff1f52e4d52b1ff08602e6ea350858696547c0de9f5d7
SHA512 cf7e37d94604b9b862111320c8be09f4fa9fa2a8462a44822d269918942389f188242d1601d5a15b54f29d1014dc09ac658eb15cd94e6f9ea646209efea56608

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 925dc996a48ba1e3546176d36d295e2d
SHA1 fec0b880c0ec0d8e4f42c86b4f6f1fe7877d0ac2
SHA256 ef32cfd096cd57f1cc98d09be21cdcedd9434d57845fc3585611e6c1c7416340
SHA512 6716d39fc470beef28bf893067d5ab016e33abe88700e90e491a88ef53ff610429fb5c24f7e59ce6e1f7790bfd4a2800bdbc34c46d0203d27c350af4b8de481b

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 03:10

Reported

2024-06-06 03:13

Platform

android-x64-arm64-20240603-en

Max time kernel

178s

Max time network

132s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.212.196:443 tcp
GB 216.58.212.196:443 tcp

Files

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 3136a709bd9a4023a4d841d180bc0fbd
SHA1 b370a3ea40580624c71e26d0592b5b37c41ddef1
SHA256 45af34f5bcc510209017da85ad82cf3678b2c5a1be0474d3ec729c500dca3c60
SHA512 ce0c57b4e5c7e589b1ec772f2ac950ed14e8e37aa9916532d690d0580260ffd0eb4f950ba4786e0329af8896d104d32da7ffedc3040954ff7839ea6326bbd21d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 f9a1080f1a75f7162234c36bfc994de0
SHA1 f5b70b6f6c296e2783507810f041edaedd08a9c9
SHA256 79e5f7638db1b39911eff9c74fed7bce62f38993cb69a23ed8c5345dc1d0cc40
SHA512 89a81a56dbc063282c0fe6dcc384eb1b4f6788ea1193d68fc5e7b683e7c794b7099066ba82911c3b8d3e36fc41338fe2eb73c5481b61b7ca5576e7bb97f81632

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 353154e27ae4f566959cacfc437828c3
SHA1 b7a074b5b93a1138ef0fd1bfe4b14e963219ea19
SHA256 adad6a2a60e86f85975321ab727d30e0305e2f20e5b93b200c8b69b10cc1c98b
SHA512 684b201f03f1374ce6d091dab2bccbf71549ccced8d7d06083dd2b59e8d8ebf267c161a7316a44cc02993b87a1bd1afc32c99dffdd2420c7c56bf0e9894fd1f0

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 4eea06435240ebc804b553c9f6157ec3
SHA1 7e717d8e2b4348ba293f93bf4697caff523ee99f
SHA256 b312853be3435392ffb2008c768e06ad3dfbaa763484aaead0bbd9eeb1e1536a
SHA512 b35a69a4de8c6c61cd358413c2ae816ab090363c34e97d6fde8cef82af1e37e07255d0fec4c295a5122c391327f8a87cd7d486414f8e211073092d0880927a5d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 27565ea27831278d1ec28b0cec34ef54
SHA1 3eb1827dc1c794baa28c0c2ff7cc2b12ece5ad2a
SHA256 953a91038135341080bc815057d719174117e5cdbb5f24f25aa20e371fcfef4a
SHA512 c1a4ebcaade89e0437fb1a08f2680e0e304d4ddd79acadfb76258698c31f7c6f7da88f0cbc6af6d265cdc1787137b4746984ba0751db5b1e5647086056ac72d9

/data/user/0/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log

MD5 09ce3caef8f1a5f998e46236e98db417
SHA1 f23b223d74f4f0e47a8fe390b39d45ec490264b8
SHA256 1dcfff30fb245dad8d68ae9a4d278db3a49d58ae9ea35f66fc8b17210d494ffd
SHA512 a267ed452a2a279dd016d867f748613a5db67c88900271a15539a14c2cef280afb046001beaab63c12c308867cb4322e4139f5e87b500afd531612216e4afcf4

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 983bd3ae00ac14cd7fc0f25cc7b7c84c
SHA1 d44b8ad712e86bd0902c17be602fa654dc780f58
SHA256 dad86d89f618662aaeadd4a83dfc65893270e3bf40734d1dd6c4ff67fe04f744
SHA512 60fdd29acf202d959723515a6a334ececdfdf225b4fb834172f37806da63bf9060b23714f247c2a4844b1be885b24ec32733f449a8eb4b7b00447fded2ac907d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 591f969aec55ed4dcc31645f4a756c20
SHA1 7d5e295f0f823f26370e75e27f725ff4f3276dd0
SHA256 f1b3cc96482b0bd16c58358b03a5526b4790f42a0e966e46706cd752b9e6e760
SHA512 cc1b075885f66dcd43d97c8df71436e9556f53f02aada14a56662c5f85c47beba1bda5c96e7f5698d3ef451905187c070adf895d335abec6d9f63cc408e2119d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 4a181163874d8f900431ddbe34dbde89
SHA1 a189c505c27a429612d83d88ebf844ab7a850c6b
SHA256 33f6d9ec84a54091ab7ce9f51db995a91c77067d15a0312e8636d90af0c14d20
SHA512 27ee03159b61c9bfe0f3aecb8379e7a99e0116bf74ccc9959ccbc09f82d1f74a7ede8f1531aae48756d8da0e6205d61c44c5179e47c7b925d7a5757da378c10d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 276277feee51f83df9006ca0b8f96262
SHA1 1c31c2212a268cf44f46acddd9aac37e5208af80
SHA256 09701c09517ae757c23992257b53f109505e99fc6c2294a4442cd6a855147eab
SHA512 fd356dc55f2922df38627e2e45134d1a9eb59cdbc8da9ee150569a9d1a53e8df33f53268556ce8a2dfd17a5151e82006c6650bbca0c16f20ad558bee2b43f054

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 f225c5a3d111ed8ccc06e32327875e9b
SHA1 ce2e438e131594fc049d547838c6bc5d59f8f530
SHA256 ea0fed8f606cbd06da83e9dd6869d9c19af0b89beab7086b2618d919d5bd7535
SHA512 b13450a92a5c44406a541e5f6d72e387ab594f31111c32d6c45ed82ab70a79b0d2eea2b4ebfa15352a8037cee23d6b59988fd4cca5f3cb1a41d24e25f349f9c6

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 8f517fd77cc332b4ccdfd67aebd70407
SHA1 31e914d4ce1a8cf175c06c44d3d9d4c15d3fc152
SHA256 cbe292cd87aacc5d1489f56f7a2bf62f2b4994d5040aacc4241afddb83e28137
SHA512 efedcacd67fb687871db26c9579ae9a364de0460b66df1b8204cd156950f53ab489c3c6f60c4b7a4735f65c6e3e8b64ccf702b3a10341fd1ed3b4cf4523a600b

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun

MD5 c0c5d3e87f9639e1a491abc9422d69f4
SHA1 8ca1f034ba1142c45c32a122f88395efc9cae6e3
SHA256 cea485b59f4285501f837e28f45347c4a67d20a93d5d7f97dd719cd6721ca24f
SHA512 12b2edae2a502d982240bf67ebcc3bbc0bf01f8d2d6f15e4e84c5c0c5e3257a1ce670b9174d8cbf136c3d931ac11456d59a6900fa559aadba4100adbcc303f11

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 d7fc46f7f24bdcdae66731df03f7a500
SHA1 9f325c38534865d2dac153dd498d70609749657f
SHA256 036f3b611a612af0b39114db47125a0c6437d919250c3759bb2c115ab656ca49
SHA512 25541b6d6471e5a03b7dbee0201bb091ae5cf353b410f953731a46a581b3b5e3753fef57f2ab42807375c4ed199020db3de6279a14c6878ca8eef3c89bc78770

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 47451f833533bedab36bc7b889c929e2
SHA1 3642c6cc4c1450dcd63398768ff55f5226e18db9
SHA256 dffee892767eccb093133e62efb7fc168d115d3319b79ce8f0cf2d1fe3bd09ad
SHA512 870d4eafe0d3d60ca380494c167d722232d1d06761b33a39135d7c0bed6ae65a427d2e7e58bdbecaef5a683259016843433dbb508b1af3f786a6c31d6f6bc332

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 44e25bfed1e57102ce6395251b4e96bb
SHA1 ba655a633e7449ac61ffddf6ae04cd734761023b
SHA256 697e77c40cc96a315a9fe8bf095fba95a873a02e97a098aba21073bb0d8936e5
SHA512 2d228c38945c4cfd5f818db104bafb0ee3b725549930264d10c748fa0276e2e6d6e6e1a10b87773944f05e8cd597f7c5f5c0db705ff7c0c5bea55dd5320534c4

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 50c8e83a732cb693a2f99097a565e923
SHA1 cc363407a520d96d483cb62951694eac66c1211a
SHA256 b2b8e281165b8b11a0a345b51efe32d2246f234d3f9981c7e2bbf9ac28c1b93b
SHA512 2e3ab6435ba84e93908e49f69d0d9ea633e8a6a71db44889d0f14453188ae8af5c9d1ef9f60c496e1cc36eef85194f4030677ba2a2edecd28bf641f55fad5114

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 069f5ab10e0b5563f5119a89c369444f
SHA1 afeede826c6c119e484f5d286d60cd341eb9ee10
SHA256 430ba79af0ed5ea9ae5911a574bfdf2507a87e6fb73a1cd77b2c026638253849
SHA512 cb8986ecb354477f608358af263b671953a8ff7e67a8150b9f7bd77a6d7fe5bb41d33e4aff7f6ce8d838dd9683e7c26c7c2c07b8823d0f3c16785f4ccdb7dc56

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 86066970390b0f801e0212cbaf512e17
SHA1 4bfc8a63cf3ed919b4a8b97096df9e540d157739
SHA256 da972f013562027519e058e510e945e525369ad32a4011f856ae474f05143f71
SHA512 41b7e7129a6a66a68e903426249f5d66a41a1640f85ee58ee25d40d18120e4d2fee84f6470540b1c1b17fafd95bb7c31c09454f6745be0b2f7d0ebacaa7e6781

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 bb4eba8a70094e612db2c6232d3a0d11
SHA1 f9393c6938537ea956b57c61ccd0781f8528ad49
SHA256 e0832e38bbe992f16d6e98c4af4a196087612cd3fa73bffce965db5259d184b9
SHA512 b79232d047878172869850dfd893ea8b07571be24a6bad2dc3fd9ca65febff73382aac40a027d9d1fdded6a0ae8fcd377a296cc8989331115b7e2263ad9a0ab5

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 741e451826a91e47681c48baed13fd86
SHA1 7b0f4822f5b4e4ebb3522c646bd29d13c8ffa4d9
SHA256 8b8303c23a41e4a9deb085ff2ea245d9fb3d5c9d5bdf93f04c38e2de65c0d748
SHA512 bca6a7f6fe3a347b3120f2241577cbb8a61d15e83bf96788a11675823ac4130f445763afc7f2f25966f903b0bc18c9811608e33456a608ebd332781355e93af2

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 f9a1807530d2609d1dacdeadde726bed
SHA1 17fabc7ad735b8bf7a4c1bd2cd67ad37bd488500
SHA256 eaa0dc213c27e14f4882c500d528f2380739e9b86966519b4c24861a667df7d5
SHA512 ebc3a9d714f6f7ef8014fc072975c9d88c692517e52de6340f6e5d0af3664f7f1363c2336dda0b096316d297e8614b37288b399342feb202bea0f189e690e58d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 5e01be6af19338232a3592f5bf6a7dda
SHA1 44ac27eb431c702bbf3bd0ecc419112044547811
SHA256 8f978e3ad2c731ef78ed88fef873dd4381e2b82e0f6feba2ba24834896ab853e
SHA512 a7a5941bd2b9e966e0fa357ed536b1b7d5e9ab926db9dc81d194e272e690c9d1caa6dd0ab53339e4d0f23af4f3d1c067c4cd5cfc0f043381e8db623a46f07738

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 eeed76eddcb8d48ee18c1014e6d353ba
SHA1 9d71e66af8995929d090b28cbe99d10d0d992d8d
SHA256 40e6467c50d2f27e3cf283a453b4c1d8bc33f775a6139ff1477628efac219ee8
SHA512 b0ab881a1b62dea78fa3bf242e892400c230c2ba0a8b6902aceb0531bc64d551fac1de8ba8a1e628dd4aa2cd8f561a71c060cfd0af4c5b0d5c86674b8db54b92

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 23e5e6c2ada3f3baf164ad56a96319f3
SHA1 8c328db4299f477a74acaa4b768c895a735cdc94
SHA256 5beedca32f1a0fac1e8c21dc0fc8a6873ecf27e51e602311b32a3e9e16b9dd0d
SHA512 06918122d0d29b198b9c9042d14a369e6ca651a75768418bce818439cefefd21f374d343636976a9e7be1b834421c5e43a604e21128cb6f0e7d11cd7a7634c32

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 e9c690b928e38ec0a66b384e08a7e303
SHA1 d93019a32fb93e5a302c557bcff1e69caf9833f2
SHA256 843220ddbaaad8303609570ca01f9c4c439898fd52ce96b1f26a16ba22a74f91
SHA512 81d7d824c8ae576022827bc43fe4a4e35bdedc1b6aba365c81aae5714df116842529cf96807e3daeb948bc435ce05435d0534738110993ba6a81100d25863dc1