Malware Analysis Report

2024-09-09 16:30

Sample ID 240610-xhax4swhrj
Target 9ba4ec54eafb7c0878da2150e83c4453_JaffaCakes118
SHA256 439d1891c2d41398a97382b3fdd48e820b0e29a259114f030b6c90821302d2a5
Tags
banker discovery evasion impact persistence collection credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

439d1891c2d41398a97382b3fdd48e820b0e29a259114f030b6c90821302d2a5

Threat Level: Likely malicious

The file 9ba4ec54eafb7c0878da2150e83c4453_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence collection credential_access

Checks if the Android device is rooted.

Queries information about running processes on the device

Obtains sensitive information copied to the device clipboard

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Loads dropped Dex/Jar

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Queries information about active data network

Requests dangerous framework permissions

Acquires the wake lock

Queries the mobile country code (MCC)

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-10 18:50

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-10 18:50

Reported

2024-06-10 18:53

Platform

android-x86-arm-20240603-en

Max time kernel

179s

Max time network

130s

Command Line

com.app.gatersound

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.app.gatersound/cache/1582435991586.jar N/A N/A
N/A /data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar N/A N/A
N/A /data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.app.gatersound

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar --output-vdex-fd=107 --oat-fd=144 --oat-location=/data/user/0/com.app.gatersound/files/oat/x86/vcom.app.gatersound.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.box.youday.cn udp
US 1.1.1.1:53 wsback-ad-to-serve.presage.io udp
IE 52.18.86.99:80 wsback-ad-to-serve.presage.io tcp
US 1.1.1.1:53 appx.91.com udp
US 1.1.1.1:53 www.lior-hai-design.com udp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 173.254.30.236:80 www.lior-hai-design.com tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 1.1.1.1:53 wsback-profile.presage.io udp
US 1.1.1.1:53 wsback-check-update.presage.io udp
GB 18.245.162.40:80 wsback-profile.presage.io tcp
US 1.1.1.1:53 wsback-get-config.presage.io udp
GB 18.245.162.40:80 wsback-get-config.presage.io tcp
US 1.1.1.1:53 ai.wa.daoudao.com udp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp

Files

/storage/emulated/0/Android/data/com.app.gatersound/cache/BaiduAppX_Log.txt

MD5 a6f40d8ffe0cf844ee74e2670dd5c2be
SHA1 539b34e3f2b06562f26a2ccbd4b8691e35045abc
SHA256 ae78e51189a99161b9e1e3fb1ebd3671f6a6de5525599c65f062a2365e24e260
SHA512 8b71bf0aecaf93a59e368f336b57fca926f0b71edc9aa88b4c1da0ce9072ab3f209a5ff266f8ef0c7da4ea3e7987f95f7f68ca037b3bdca2cad654cbd80922d2

/data/data/com.app.gatersound/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.app.gatersound/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 8366041a7de2153e1a8ab13f1db77d6f
SHA1 3d0025c63ca96969808a0884fe93c80023ff24b4
SHA256 a9d885e3aed15c28c950dcf9fbdc6f31093891e4bb3c3265249cf8b6d256995d
SHA512 cff3dea00d8c4daae2d78c6f8c4182aaf3ad4852a9a993a971c123d852d479be449dfc6ed1fe54afe570f7a25b211d31a263037012b7b182f8bd3f5fcdc66768

/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 aeb56a47cb92f437ca5277695b1bf97e
SHA1 1aed5628c616601995d82d12702e0021e61292af
SHA256 06f4f002b0fa660ec7e5fe1d9b655f98229947585854f8235fedbe28cdffcf86
SHA512 8ff7403a53044210ac624c3229dddc06aa0bdf35757b2e002c74d297e36c4a6b28068a0948213fa6e5bc30bf288d94b4458c983d577063836ff215189b3e4d08

/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 737e8eb37aa6773488e7332b00672efe
SHA1 e0f21affa9973953dff8fd93e40f13f9e1783376
SHA256 b9837f17f42408406d4ffcee7045627c05327b34b27b67e27e2cc3327a6299f6
SHA512 5f759c43e0dbd6a9a87d7bb2e5bbfcde1cd9cb46d999bde95548aabbb8a43d3156caea677c7ca2087dd231a312de924b434801069722c923e46598e7c1f824da

/data/data/com.app.gatersound/cache/oat/1582435991586.jar.cur.prof

MD5 a3b78d197d786c13687c3f0f89703bd8
SHA1 9967f0726b6b1ed3f198904547b81920f8329621
SHA256 c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97
SHA512 9a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-10 18:50

Reported

2024-06-10 18:53

Platform

android-x64-20240603-en

Max time kernel

179s

Max time network

151s

Command Line

com.app.gatersound

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.app.gatersound/cache/1582435991586.jar N/A N/A
N/A /data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.app.gatersound

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 api.box.youday.cn udp
US 1.1.1.1:53 wsback-ad-to-serve.presage.io udp
IE 34.246.239.140:80 wsback-ad-to-serve.presage.io tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 appx.91.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.lior-hai-design.com udp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.212.194:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 wsback-profile.presage.io udp
GB 18.245.162.40:80 wsback-profile.presage.io tcp
US 1.1.1.1:53 wsback-check-update.presage.io udp
US 1.1.1.1:53 wsback-get-config.presage.io udp
GB 18.245.162.4:80 wsback-get-config.presage.io tcp
US 1.1.1.1:53 ai.wa.daoudao.com udp
GB 216.58.212.194:443 googleads.g.doubleclick.net tcp
GB 216.58.212.194:443 googleads.g.doubleclick.net tcp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 173.194.76.84:443 accounts.google.com tcp
GB 142.250.200.46:443 tcp
GB 172.217.169.66:443 tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp

Files

/storage/emulated/0/Android/data/com.app.gatersound/cache/BaiduAppX_Log.txt

MD5 2d0177d65c0f00e85f2aedb8fed9832d
SHA1 80fb541ccd1b863912871bb3558d7efa46d2c8cf
SHA256 583cdd4754386b0e61f8cf999fcba127087ee37e120ee510600ad058452beb9c
SHA512 313c4629e4011ef0ec616bd7b241f1c3fa2130975a2a66281507dbd7372d2cc43601d9c9071d582fa5d2586dd2b90a4a6a1827b3ee843fd1c7a41ea342d00b42

/data/data/com.app.gatersound/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.app.gatersound/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 8366041a7de2153e1a8ab13f1db77d6f
SHA1 3d0025c63ca96969808a0884fe93c80023ff24b4
SHA256 a9d885e3aed15c28c950dcf9fbdc6f31093891e4bb3c3265249cf8b6d256995d
SHA512 cff3dea00d8c4daae2d78c6f8c4182aaf3ad4852a9a993a971c123d852d479be449dfc6ed1fe54afe570f7a25b211d31a263037012b7b182f8bd3f5fcdc66768

/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 aeb56a47cb92f437ca5277695b1bf97e
SHA1 1aed5628c616601995d82d12702e0021e61292af
SHA256 06f4f002b0fa660ec7e5fe1d9b655f98229947585854f8235fedbe28cdffcf86
SHA512 8ff7403a53044210ac624c3229dddc06aa0bdf35757b2e002c74d297e36c4a6b28068a0948213fa6e5bc30bf288d94b4458c983d577063836ff215189b3e4d08

/data/data/com.app.gatersound/cache/oat/1582435991586.jar.cur.prof

MD5 b643eed79405567551ef19327e049ff3
SHA1 26fb503669fd6f3a6067878d0b59837d63e9ecfb
SHA256 d64cbc9ede041af915b8c9b6d29847f7747acf8ab9f0073fb8df8e28b36ebdf1
SHA512 f289ee8252e32d6ce6bedea401581390953d4b0b050e2b5c911864f6df50dbc5254d09190b1b77f523013a1ef2beb08b92b9916d1bcf0c6bac09747681d0b3d2

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-10 18:50

Reported

2024-06-10 18:53

Platform

android-x64-arm64-20240603-en

Max time kernel

179s

Max time network

168s

Command Line

com.app.gatersound

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.app.gatersound/cache/1582435991586.jar N/A N/A
N/A /data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.app.gatersound

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 api.box.youday.cn udp
US 1.1.1.1:53 wsback-ad-to-serve.presage.io udp
IE 34.246.11.117:80 wsback-ad-to-serve.presage.io tcp
US 1.1.1.1:53 appx.91.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.lior-hai-design.com udp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 wsback-profile.presage.io udp
GB 18.245.162.4:80 wsback-profile.presage.io tcp
US 1.1.1.1:53 wsback-check-update.presage.io udp
US 1.1.1.1:53 wsback-get-config.presage.io udp
US 1.1.1.1:53 ai.wa.daoudao.com udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.71.84:443 accounts.google.com tcp
GB 18.245.162.4:80 wsback-get-config.presage.io tcp
US 173.254.30.236:80 www.lior-hai-design.com tcp
US 173.254.30.236:443 www.lior-hai-design.com tcp
GB 216.58.212.196:443 tcp
GB 216.58.212.196:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.227:443 update.googleapis.com tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.98:443 tcp

Files

/storage/emulated/0/Android/data/com.app.gatersound/cache/BaiduAppX_Log.txt

MD5 542b0cd67309583002384bd17d74b2c5
SHA1 0e9a57c1cc8a118af4fd7ef3252d59dd9fe61d23
SHA256 eec842bbd2c987650116cffb8de57af3fed52247f5bc7a3e7ee655e453ad1720
SHA512 b9eb5aa92bbe76e244712a8044ea1d0b0ffc6541f75209f6d8461e3fee23b6a9deaecbf78e07f65609fe64bb448e05eaa5b772afeb9eb8887aeeb029cc335edc

/data/user/0/com.app.gatersound/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.app.gatersound/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 8366041a7de2153e1a8ab13f1db77d6f
SHA1 3d0025c63ca96969808a0884fe93c80023ff24b4
SHA256 a9d885e3aed15c28c950dcf9fbdc6f31093891e4bb3c3265249cf8b6d256995d
SHA512 cff3dea00d8c4daae2d78c6f8c4182aaf3ad4852a9a993a971c123d852d479be449dfc6ed1fe54afe570f7a25b211d31a263037012b7b182f8bd3f5fcdc66768

/data/user/0/com.app.gatersound/files/vcom.app.gatersound.jar

MD5 aeb56a47cb92f437ca5277695b1bf97e
SHA1 1aed5628c616601995d82d12702e0021e61292af
SHA256 06f4f002b0fa660ec7e5fe1d9b655f98229947585854f8235fedbe28cdffcf86
SHA512 8ff7403a53044210ac624c3229dddc06aa0bdf35757b2e002c74d297e36c4a6b28068a0948213fa6e5bc30bf288d94b4458c983d577063836ff215189b3e4d08

/data/user/0/com.app.gatersound/cache/oat/1582435991586.jar.cur.prof

MD5 57216efd9bed40e4888a3ec86b8a1a53
SHA1 4a43aca78e0523d2cc49fd0bd855f51c1ddfbffb
SHA256 5278f76d77d7c6583e9998bca58f1216bd1edd85cfe40a1783b8982d595bf39f
SHA512 e5d241798c8a570498e1b9b737d78ea9933d6f6e53e8b2076dd69e5742501952aa1d65f20c977cc7992fc455deb64f82c13809be742fae519792dc9153a64614