Malware Analysis Report

2024-09-09 16:19

Sample ID 240611-thl4latakk
Target 9ebd03972444146bcc181f21d74e4b02_JaffaCakes118
SHA256 21efe4f5adbd4d78fca32388e61dc7614b5dbfce6f2581436b50b96e684f29ab
Tags
discovery execution persistence collection credential_access impact
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

21efe4f5adbd4d78fca32388e61dc7614b5dbfce6f2581436b50b96e684f29ab

Threat Level: Shows suspicious behavior

The file 9ebd03972444146bcc181f21d74e4b02_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery execution persistence collection credential_access impact

Queries information about the current nearby Wi-Fi networks

Obtains sensitive information copied to the device clipboard

Looks up external IP address via web service

Queries information about active data network

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Queries the mobile country code (MCC)

Acquires the wake lock

Queries information about the current Wi-Fi connection

Schedules tasks to execute at a specified time

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-11 16:03

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 16:03

Reported

2024-06-11 16:06

Platform

android-x86-arm-20240611-en

Max time kernel

47s

Max time network

130s

Command Line

com.alienmanfc6.wheresmyandroid

Signatures

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A checkip.amazonaws.com N/A N/A
N/A checkip.amazonaws.com N/A N/A
N/A checkip.amazonaws.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.alienmanfc6.wheresmyandroid

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.147.22:443 graph.facebook.com tcp
GB 163.70.147.22:443 graph.facebook.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 y7tfv2x9.com udp
US 103.224.212.213:443 y7tfv2x9.com tcp
US 1.1.1.1:53 ww25.y7tfv2x9.com udp
US 199.59.243.226:80 ww25.y7tfv2x9.com tcp
US 1.1.1.1:53 bin5y4muil.execute-api.us-east-1.amazonaws.com udp
GB 18.244.179.63:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 18.244.179.63:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 checkip.amazonaws.com udp
IE 52.49.28.116:443 checkip.amazonaws.com tcp
IE 52.49.28.116:443 checkip.amazonaws.com tcp
GB 18.244.179.63:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 18.244.179.63:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp

Files

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-journal

MD5 9a8a5590a9b1271496e03f4e95960c99
SHA1 8b4823ada86494771967896221cbf9b60a9ed865
SHA256 34eb4c87e72e8a4eb5b28bd183acb42859b6eae5c9c1c1a0eec70463ceed314b
SHA512 ca5edcc65c9289e2e140d4ade86e2556d0bcc35bbf55580d695045aae8b49f2a058dfa07f0095580585e452aaec799719f31ef7d34292df04ee765c5c474ec4b

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb

MD5 2151476a95e8a880214310248719a3be
SHA1 7907a94642ae3642e235f3599d85887ed3fec061
SHA256 d1212537b701e2f7019acc7ee4466d99318b435d4791f816a44aeefeb4eabf1b
SHA512 8332c3b25d96c42e8788d4a5a0c232e54fbff8926c64db8fd99daef6607d313878b269b14d574caeae34733ada2a11eac69e0034a86a47b07b48306aea30b11a

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 acdd24d5cb60a7620c7761aefb61dace
SHA1 aa4c84caaf46155afb740fe8df6d8f4ae57a4bef
SHA256 1e24ff79d6af6447ab426ce0d0d889e856067800b6a1a095fac653537a235ea0
SHA512 53bfdffcf6353a43f95124968bb954d41d946ad839ee20acac246e27724689be0116eb6e1e144f3f3b91d712789097abf064844c14b76e631c0eea70e2b0ad17

/data/data/com.alienmanfc6.wheresmyandroid/no_backup/com.google.InstanceId.properties

MD5 40cdfb6cb454befb9b484244948db122
SHA1 a575802bb42c5844ac37c23ca3b5cc72a994f5fb
SHA256 74f275876acd8e017f8a2cb137c7d4219cccbc23f9b19e185040e007482bccf0
SHA512 56774613bbdc31ae3dfdb0ad41586da080757a6634e0ec2712fccc67e1645ea035e7bc3876a8bf99222a2a9ab1f2af31d3191f00eb92e9ac3b6fd5999e3f89a9

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 a69f7997cd5f793afbeff526b4699b0d
SHA1 0f390fbcb3a7c85547e369ead9cbb9ea299f1460
SHA256 e8f5c2d48413d51a4158cc57591425fc710d524da5e7b06764657a1f3ad97e2c
SHA512 71621e9a745d7814f6c5a9cb1b423d5774b9cead9df1096d43867ce5867c21cb7024f428fae9444c05ab927c0b4cbb9f82aec26822aaced5d5c86d6f55b4949a

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-wal

MD5 478421c9369c4f3336c0eaf3a4b5dd8a
SHA1 fea90191de76f7c06ed7a711dd18acf22a39173d
SHA256 e12263a5f0802b54408f16f2e03215bdac50adb0e0c59ad2d485f1b17f89476e
SHA512 fbbbfd21c74c0360284e25499738e4d4ae7cd7c101df4cdba1ff428bd01d76c95aecee875de8f8a0aac3f5ce9fb92959aa5ba8d900477ae821c08c003ac1896c

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 3825be78ae4184229235444baa006e67
SHA1 5d4f0f4da97978be51eb090800cc770b967e4612
SHA256 5c1d68ed7cdc13d7d4c631caedccf435880e172ff6d8b8e89cf310ce2858b9d4
SHA512 2f6cae385ff5901846c1dc58bfd03d78163c5dddf003aed9161ef9aaf217d3809252d99a0494101a414b5ed008124a862a6c6c04fa29821d4b2f32aad31f09e9

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 750100573f1b043d5bdd27933c02d38a
SHA1 f38c869c3386d9d4fd881ad66396a09af81cc271
SHA256 59fda31f985e31f4dcf5b9e031de708dc02399fb815d2fdacd2f62dee6fcd592
SHA512 dd76a94ee31524239cc9a0e1e559507b44675ca7298df37db4c40c9d78321b34dd14afa530b2f505fd54b3ebdb7d68e61dacdc596da214ff32fdfea7c5e9f555

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 678ab8ee2e33a3bd68d2b8b24f1db5dc
SHA1 2e47c9529e60c322db0d9d300928884a8fd00321
SHA256 37193e587b99cc5d1015848ad4c2e03d8712e0b9e8c7cf9d057bc9d7ba1da2e5
SHA512 8696532fb6d856ff9fdecc9e6c94205760ba1d63b840e16c873dcb8d44337597f265810eb87ad7bb47c966419b8598efc1aacd51ef209b006f7cac7b5ed1ce6c

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-wal

MD5 92adda10b7a19b19126bafc03c05bc1e
SHA1 69646dd279937221a8e6550672278694f73b168b
SHA256 ec043b1383b5732d5c01c74859d1086cff431f54efaf496a15b9b881c46fbc5a
SHA512 31d3ad0d3df1b438cc229ac220398ba25cf8947db137beb9834f8dc3cc059bc2d5bf3368ba07cfc80b5fd25924d6f2d78e169ab45869782e3e38e79e6932fd5f

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientId

MD5 94c4b907df84b5c143c3bdb24003fb78
SHA1 b9a1c5ca7687c02eb7d677162e8cb721ce3dd895
SHA256 314b2e9db51010a5385dd3f16c1f99b3a7a57d9a65ff68d3a64df7607cac13c9
SHA512 a6ede5bab68ee84f34aca2da5be410725fbd68563980278cfdde3b17e60a58dcc6b807c0423de37864573bd64c6fc6890606292f61d058ed3eb2938504121a64

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 51c420593860bcef442a2ffb6bac045b
SHA1 2d633b50ecd2092524a7d1cca091b490b5149de8
SHA256 edbca654f8079c0f9faa22482640ac680267f2045258fb13d1d81ca9b9971014
SHA512 5305e4b893823f62d975ba1eaac4f52ecade7584d192628952d98b248bbd2ac1050c3cae57c303c7c6e4f911ea208fccfa865420137f1ca9fc54fa68b89ddbd6

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 2b02014bb5b48943d1461a6a23c9d5fb
SHA1 e1f8f5e7e4925559b1bb924f766d45d1d9579e60
SHA256 224a43315c60441297134bcc463c5bc344fb5354c7e785ea6401a6918a6c1386
SHA512 2b108906b8847fc6d4dfcc3de15de56be9fdf98b021923e2b5e287e88c32a6a8f9451b4a6c175bdd49d82f770578b2ea0a0e1ebe2681f484914aaf45dd29f75c

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 d92f0855e3773a8b8595df1ffc84bb1f
SHA1 574a6aa818c476dd67d8cb6fc98bf498fd13b12b
SHA256 f0d7aa77c58e6662597e45716735117ec67ae28decb2aa1338d075b87e0ca6a6
SHA512 2752ee5ebf62f60c24768a3de16ff275112745c64afaa228f2adac821eb836c033e9bfca3cfce3055f11a07b0da8cc54310a17a90370a647828c83d72032052e

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientIdData

MD5 a6ff4ca4d1ee3d05e325ac841ee5c60f
SHA1 ffd8f41c44e195e501b1e925ee0080482fa85afb
SHA256 fb1765f1dff7596c2da4fa94787983af0863e752d5bec556ca4cbd6fac455a36
SHA512 978dc02d02e11fc9294153e9be9bae2722da47a2a95202e8a395deb733445e9484d6947d45c39e2db776db7302d7090fe97dd5706e5970c8953a462703cb89d1

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 b8992ff13d4d215f1c9fd86a621a793b
SHA1 b234c659eb2b9f168b5a31622ce3011b4b9f1fe9
SHA256 0dee3de3aed25abe7f210462bc4211ebff476532dda0b5e5cbb10ca79b2e2e8e
SHA512 f70721c881c35df18059d3cb144b01818269e4be6567d83604dbe8e6a611ed77fef923b5df408427e42b86f178b8ea5942a500a6c630651df4c378f206c220f3

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 0ea367b643f440a4351d69ab82b0b34d
SHA1 24f501bfaf67381621a7db5a3a16d471bda55dda
SHA256 093d67ba0a3415207294687421fdd37cbd47f32882aaf2b08816e3fde114c5d0
SHA512 99de45d6813b81d9c70c81e07ee21bd9acb593bf8047bc4eef2e367fd0ceaf28cf4444a348c5305a07ca2cd61e80b27acb1b6921d8f0ec2e44d28ed8c870e4c9

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-journal

MD5 061fe7934c3ad2127696c8e8dd6d81c7
SHA1 ad2fc803182298a28bd38021303a473891c2d0b4
SHA256 f2ab62f6d81ab3f7efe1b647e25430181ce3dfeb6d7de4aa0ad5a3884a8004cb
SHA512 17d6b50c69c00b3ce90565c96543934afb272caece4d803c4b574ebb723e65a84c172ee52a40f6327de482fb5510e4baef7d3d52f6a6473631545109854c892f

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 aadd4ea3feb092e433ee0d2e8510fbca
SHA1 cb96263cedf7bc81601825c84bef74bfd42f40f8
SHA256 9bca5304421a1ae23e061f1f954301fa3ed1f26a0271504fb53775f540cd88e6
SHA512 fb913b6eee770faafaa30d68dfa2b656fdfacc943fbe84831a1c6ee309735e184d33fd7193408952d6ed1be57fca8515204fe16b0090db671e7d73e12868b8ed

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 6834035421b39eb3a05c104f85bdc0e9
SHA1 53f2de9f1bf0f5a42130d7dfef85bdbbb3fce2e0
SHA256 5108efb0281f7b7293c95f861dfc7ee6f19853ee9c68da8118918864441fb35f
SHA512 550d14f51bc757cab8f479fff8be48dbff3d4d3b7f1e5eb7a4f3fb6d168cbf92dfcd7ab0f18cdd56938c1f4652fa6831c97a0274800539e1961b50ac4775bd8d

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 01d6027d44d7dd49a42c774e66861e94
SHA1 2335702abd6bf4756aa090cfa111ae8ad9544a79
SHA256 b06d853c9731e9d90188c75b46bc15255fed18768670f5657f766530b135b85c
SHA512 0d7d29fd462f5cb327b4a81b4137bffc10cd56339ebd71634b36e9767b97274eb3c46f77157b210e39b6344971164e9d58d4417f0a322ade57ff8b432be33953

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 a0c1b6c51e981a11c98febb8a93b90f1
SHA1 4c92dda3c9824749687bacc092249fd98e38202d
SHA256 9abb3fb817fcadbb45f2524250278b64d44f17021f237e455ed88e482bca1089
SHA512 ced259316accb72807f1b9e5313c1f2f335c840a4cc5f2ff7322a631b55c1f7d383c4247f45ffb29b891e666d61232e9c0b87f6c338f735ddf893a89d3694567

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 2fe47cc30301cb67fb119a11332de534
SHA1 9ae25c152f488ecd3364638218e6f629d555cd10
SHA256 acc687b6b7d974d5850770dda2326a97dc3a6797bd70e0f6f0a90606f1e8a89b
SHA512 66aad38c457b420608ec8b6771c61acf84c136ab28455aa71feeaf897f82c37d2b7bf6db52268788372a2bcc706646259e606124a21ecf5a7ab72c71d7920845

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 6baa18cd8be4c0017096cf634af3bdd4
SHA1 7ec1388c86d04c5643f97fb937dc3b78daaf021d
SHA256 f228110b25ba18996623e89e47ff23f007bbc7eba631da8c1b822d10c29d5c80
SHA512 ce32e9473355ac96b70675b49d8c701ffdbdaae842f58a12e4cc1f94f3e8afb2589e7dd02d3e0a306d38f43763e1ab54a9a1e3074db10a7e6d880abb34632ece

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 68c73bb39c0f8817581d5fa40d345689
SHA1 524730234a006c278b6303439794879b111c13d4
SHA256 523f8c15846ab4bda507b971c489a27335a8f6224f8b7f74445cc173d93ea522
SHA512 51e80846e21e55b434251f92f6fb3a1224b4d42741602aa57f64f8c8c2eec736ab6c25a1073c4756b4c76d5298d04f1e1e669b88986d1b4eb6579d9fa2403d31

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 22442486b9eeda375cdfd08f75a27ea1
SHA1 f76dc0740fd0ccddce1e0624e2cb6b386e4668ef
SHA256 908cb9743a240bc505bfffd93e95a733ca72f35924a0df7085208eb80a9ea45a
SHA512 2947f62d0c974c91e4d9b6c9feef1e58e0e22401ba0997b9b72cce1dd69690b0c0c65c81a179f876dabcfe41558637214e4652ca487b71fa85e10a11db89bee7

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 0dbb17efeea1367a843161a97f59b004
SHA1 654824bd17a4c1e34f757f1df617642c08bfbd10
SHA256 2299a44c2cd0e2e474fb4e00d5cbf4338ac59a989f3b7c38fbd12a5bb66e5f25
SHA512 62b2b49509d19adf0d1c2c241bcc6c671496ea4b80a0c528c3a7af2d081cf8b34c72617e5a0ad35dd1ba87fee5d2ae442ef0c6d4e9fbb0fbc88b6bf41946744a

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 16:03

Reported

2024-06-11 16:06

Platform

android-x64-20240611-en

Max time kernel

87s

Max time network

188s

Command Line

com.alienmanfc6.wheresmyandroid

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A checkip.amazonaws.com N/A N/A
N/A checkip.amazonaws.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.alienmanfc6.wheresmyandroid

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.151.23:443 graph.facebook.com tcp
GB 163.70.151.23:443 graph.facebook.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 y7tfv2x9.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 103.224.212.213:443 y7tfv2x9.com tcp
US 1.1.1.1:53 in.cuebiq.com udp
IE 54.76.142.215:443 in.cuebiq.com tcp
US 1.1.1.1:53 ww25.y7tfv2x9.com udp
US 199.59.243.226:80 ww25.y7tfv2x9.com tcp
US 1.1.1.1:53 bin5y4muil.execute-api.us-east-1.amazonaws.com udp
GB 18.244.179.21:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 18.244.179.21:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
US 1.1.1.1:53 checkip.amazonaws.com udp
IE 54.194.215.63:443 checkip.amazonaws.com tcp
GB 18.244.179.21:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 216.58.213.4:443 tcp
GB 216.58.213.4:443 tcp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.187.226:443 tcp

Files

/data/data/com.alienmanfc6.wheresmyandroid/no_backup/com.google.InstanceId.properties

MD5 f2a7be742fd5389cc49c0de64c9b06ff
SHA1 17e63703e52c8202558b2f9640018e0eaaade72e
SHA256 80f50bd42e4a8bf4cd447b32cf50d14db3787a0d59a1b888a382c69b7d5434ab
SHA512 4945d7d486bdd5edd14e2f61e18901ecd59758e5a2305951f2c368e036e25e1b6f0f38434e7db264f676e1fac4e9e431d82a24629cd486f23397b3030f63e996

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 60f10cec2611503f94879bba9b319ac9
SHA1 2045288b52111dd8ae4b8fb5430132b27383295c
SHA256 209323ae5746dcf62217f0206fcda80b3c2a4efc1d6a46063fd42d63e6e8f0eb
SHA512 852050f77a3fca491126ae7fe4ff10aa23d8b3a0e80e3e1c41af3446b5c3ba0e0b51062af139ca27b7f260a99057ebf273b6903a0fa64b4a9bb3c121f4d2138b

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-journal

MD5 9b1d39f61d65f4cc2a71fa488095c2c9
SHA1 5519685028cf033c61d94fb5c6e2f479cafd8130
SHA256 02c51824b520c08fea08b4ec44012b095f27a8a461e8630f77be6dd4f2a66f2e
SHA512 88ecf737ce8422af51195cb5a5cc9fdf3f6c843ed74cdd9dc774fe33288ff3d2b433c61f825c4ac347ef2ef0e30d98b5d3cac5681a820492778fef4ab6ad9bfd

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB

MD5 bde9e58f756c2243228806d168823bc0
SHA1 804f6a86a67d58cc2f2ed42408aa5fec1af7e30a
SHA256 61dc84f6226e4496023b4f835c714003b2eb449fc3466a083e4c2537dc47ec48
SHA512 3700065557528bdc58ab27707ceb8a3827e0b3848124c26a0abd4389805a91924b54e78571f033d14f28601ab0406a0f63fe7176264ca8613e2198e9231aa575

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 61023347fc3e7494dc0920ad621cec0f
SHA1 a34bfbd9aa3ac359a4bba502d65009bac28b3ef7
SHA256 749bd82bd6c660ae9e92b9d71f103a48ff89a643d5b9f73e1302515a362e3737
SHA512 81ea4e9732e5f106302ba04c816f3925e8316b71151050fffdaa5793a5691e48d94411f2b3d145313b3e24cce816f322bdd8f768f61ccf611094832a1b8dd305

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb

MD5 b41047b9fa1aa84e9765af618efcebb3
SHA1 9fb965eacbf8cf630ed0f80ae7e7d06902a8d6ed
SHA256 415af8bcc4c1c18395fb45256e774ec6b4d6df1d23e1ad24816f825f947b3520
SHA512 b27f5168a8a5122fe436aca968aec5501dbc223ef5cc81636b4df694c9539fcc33cd211276d825dc55a2ab076a69d703196f5057bfbfa1e4c4e284aae09381dc

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 dc3372b9c6398f0d6ce96062b319cee5
SHA1 e868b01ba5078f3e31f372f50476e601452b265b
SHA256 f7b92a627b1e8a2c328a5a3a88196e4ee502f3da0d7310c50e268cec504d315e
SHA512 6e069173afa95f81b6f180234312a6c429df5e6175c83876ebe43cec1b502b75de524361a2a52b2048543c5f9bf4cf0035f1c9484633c6cfb7e18ab9741fb711

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 a9330a53240192156e43ffc5527188f4
SHA1 0312c26b6da3f6cf5800c1ca4d5c7a4c44dba172
SHA256 8632026f1229e84e10c38d52ec7b175e7e3dc80b1aeec071ea65006084b92f48
SHA512 a81471bb542c78035e6b3fe4537a65ce0d05f8de2b8977443c5b748fd53223a9a06cb96384363d603dce7b9de15b55180d044bbef75a741f8c32676519069716

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 cf6dcd8ddd4b55d59780a29bfe82f6d6
SHA1 a56deb3f5188a920649d28eb1fde44dcc0e48ce3
SHA256 b1d1c65a2019940386a88c6c9a66a4cd336850163be5c9d37b74ba8e8269c0cf
SHA512 d55cc73899079b84e60de072a463ac744e911297bb99e115b0d3ca8a83340d2265d05b65e8b7f4b8f0470c6cda6042a4f90bda6acd2b526b51939eecbe78346a

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 810c879fbbc848581e2e5e46e2c5644b
SHA1 66478c72699e59111bbde9e12dee032eead996c2
SHA256 106ba159dec54bafc75a022db838dc0845a84ea1e423c9069cbe46c3c1d2f919
SHA512 1d5ada01a4311a664a441fb85dd5ce8cefd54503dff94bae0e332dd5ff72fd9a3f00a2371948c000e4ea197d329b52862880ab16801e635f6871c623962f416c

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 23c97bf04dcb20f7a57dc0449b7aa709
SHA1 82e7ba99a55e3b00ed1fa2864879f730b71753c2
SHA256 ac783d7cbd5417df2306b719b04a0b2e61cca79f870b70443f56400d8f9df099
SHA512 3100c228c19a67a677e52766ae9169c5d813a2367f427404b730825b3d6b55e04f3e0735e2d724716d3367cde4eacc61e614f65cce55f04b332e3ade6195313b

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 a1672a7ef47ea25c8af95b25c942b7f4
SHA1 14a11768de047466538fc07220278be05dfa7e7f
SHA256 9803180e06fceed1caaf45e331a6d638bba5464f6ca606a53c80075bdadf883b
SHA512 bb49fa78d6abf96544e7b4c417873c31378101f9a5768bebc20305fdea6757f25cacdeb10d2e5d190d2c06e33d12ddce64094ead4ac6b810cee0f21639f0aba5

/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 2322f675611f60fb2b843a6a1aae9573
SHA1 1800b69a9b911610b554962a4edf9ef0d3d94381
SHA256 9a0f1e549eabad474d80b8e340c7a165efb302016415d2aa05b9a41b478680ca
SHA512 fb4eb6ad2fc27048adbaa808ccd5fd4645010baaed8591a6cf77fdbd84ab270ba522c99484c0b167c2f1ca40d3892b3afffdce3720ea27b28a9f45bce1442c40

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 0557f2b6f9107bf26270b72d429c6d01
SHA1 5201d648f79777062d1f3745eacd6a035af336b4
SHA256 029cbc36ea5bba4d3453c3a5c583c10eab5127acdb7aab7542031e1406cff8cc
SHA512 ada6a9586dfa672ee151af3a3b1880f8b4690d8fce3189383afce3d3d13567bcc788ee016f534fd7861dacf4f53200a06e4bd8940b0c5b3c45770c3e922f8bd9

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 0e09df80c4554cc887977ff869359337
SHA1 05b09ec1d648493fed6c531d4ea71ff5e6eae5ed
SHA256 50db13aba36f264e77e2a8730a5087aff9d4c62b93eaf3c6b6f89a9f5aeed08b
SHA512 ec6ec0f1cfd7cd37c90f1e9e8a5ff5366da047ba615c617669d7ea453bcf41d41922f6ddb62406a1c90b380e0bd7d3c7ad94ff24699d2fab644c679b4854ccf5

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db

MD5 d47962bf2b1846409917519dda510275
SHA1 ad84552a4b56ebebcdd50e0458c1909be4b317e7
SHA256 434d9de5850b53e00cae42dfbbd92ecf40cc334fc1926e06a16b30d03ba409fd
SHA512 6ec80396e4eec611c2c2ba12d75ac32410a04c27dc8a24925f62bcc094a28dffc8d7107c7aaefbcf84c4f61a59cecabfc65c134b06d609ebaf69b4a37efc4553

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 51612ed9e43e907486ee9f257362823b
SHA1 beed98cd50102d1ed738c4443ac2b67972e1cd7f
SHA256 3e1bfa30cdcef3f8d8e28bded6b5a132ae2894d0d28880934b5e108b22c48704
SHA512 01fc70c8358faf46a520db2c7a4d829e94fe6b65419d75e9ee2146bc6e712b972a9e6da6d449731294559db63fd571066399993fea09bf3b72bed1c4f733fa85

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 be5c2335dd27db12d61abead4727cd3b
SHA1 1318e0ad30cb78de69d01a325aad4f46bf9c2491
SHA256 cb3b30e8077ab48a47daa738a0d962350d230fa6eee016e6e20ee06e6bac7fbb
SHA512 1777782300dd35c1538066b3c04a92e06ee2a34ea1fd82609698389de53fec868ef9402da9374da836213602786f9efc6aafda7f7113fa54d4311b96b9c5581d

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 1ea13fc5b03fd4774be26bf40df3f902
SHA1 eedc1752b4a80689071fb414da470042ff4844aa
SHA256 588a76bd94a74a1e807546abe59e90e3ae3dac89ad792da8d7c226c5469ad56b
SHA512 c3f1bb76eb2dcf6ebb92d914427d93f1e80f6fc76e103bb447bec9b03684da3ee4a533e6406b2d698b2c21b75c5175b68ba0a249e0cdc4dc9157b2050ff3b524

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 9f3826a43b7525937ea52255d0f89cf1
SHA1 d64dc397d6e7eb64c9d31289b177f45cb9a736ae
SHA256 bdf176036da850b52c58de9993e14f28d4e6002da112788c8afd77cbce064ca1
SHA512 2492a10606820cee1653980df37cbf06f65d1fc7251b774ae98d449f8fbe93d01b93b7a3d46966c25fea040309deaf9b558aed5fb7cd3653c67dc56e1b8ddd88

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 48049c830a7b8434c146051594a9b275
SHA1 0b45cec54f9cca3e28b06caa1c817e288c9e4a0b
SHA256 3f0056c32dd242a4a82255f3aac64a09a013b7640f24dc957da6365265d82462
SHA512 6be58ffb367a8e1c5fc8445d1fdba91537a4e79e47205ad20cadaa358fc1899bfe5982a8e27cc0979d941812799e67089e033799ef1b110845679a7a74a875e2

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 fabcd9fdc66f0b24dbe25129e354d333
SHA1 0bdb7037eabcd1af90ef83317d5ac07ab5c61653
SHA256 3e0a6b952be71021a0276196926193c1fbd129e2cf1d1be14ade5af4cf0888bf
SHA512 f5c2f175fc264b9ee088ceb9d41b1e317ff783b2df1795be7ba1ade5cf9713d02b1231c9dde36fa1e7c1cbfe82f99309c1ae1a1da08b92fdeb86abe851bb0be9

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 fe856b35f89fd83c52d322c2dd241d7b
SHA1 e5c5eb9d45c75f2bafa9c65afa04548883dfa550
SHA256 93fad8f605f026b7b590dd15239c6aebcf5db9e8ee5ef5d2fda2de0b2587f359
SHA512 164fdf098531f2dbeb1d47d274d2a0f8885b3f2f7bd58120573747defc491ebbc2c79b0c5e3e049613cf10ac1e2eae6cc044962b2f35d084c3875072fa61dfcb

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 ae1cebe95074badae4cccea402a6173e
SHA1 5abfdc4668fc3c6024b43d1b9939549085777d1e
SHA256 95f76fc735bed5b208812ea700dee9f84543b2b74bac0885f37a48273d103b15
SHA512 effb4104bca2aa52c7fdfaab806f46406b4181f044817bdb008d49768a05fbf05ecb6911a5c980b60e7f27f481a2ee6db1dbfdb5ca85cc83288d56ca9f25fd68

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 af64431e3b966fa0c02e5b911f381962
SHA1 0c9fcbc5e7e2cf7acf3f4ea1ceb3a3a756a0029a
SHA256 3b15741975eab264194cf2a68ff87d1527ccb334eddffe6cf511c0fe4a245a63
SHA512 1a457a616a17c44c71676aebba0561e7f5ef11caf21c87340a49fe777a692040a26c0a79e28e2b85da57c1179a8ff320fe7c0230dcaaa38ff5bd26569bf1ea6e

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientId

MD5 2658b2f8d249f11c9c1398ec2b0f2191
SHA1 f05228b34b0068a5f143a38ce03435989b1ff0a7
SHA256 b3a88104d94fbbf3913fbb3ef755dbb1b769e578af9607487fba6078c5fde924
SHA512 f8ac2f26bd7c7ac80554c4bfceffff7e5217e7394d42f092b97c5d529246e0bcf16a9970f5e42b0e76af7cee6eee826f3fe26152559bc5b1f90922689bc35e47

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientIdData

MD5 e2f844208e78d556610b8f0bb926d583
SHA1 adb653ffd40cbfe73b4bc9c9875ae3a458e4cd1f
SHA256 9bc23b376f3edd3018ccff76512827b10363fc0831db7e0cf7092035c22f4b1e
SHA512 ce518bd72fc92586190b0d1ad10248f72ccf633e1113da5f0f54450866b84525e278689deae684d25d79feeafd509e7efddb22fb819bcf50e2c418003a605a6e

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 f1b2350832b860fa412a5d755d6f130c
SHA1 b92e8368a6eefa9a0e10dff9517d22891ffff430
SHA256 708580be363dd29b4fced89676c0eacb3ed6199304dc9b60f007832c090868ef
SHA512 1d17431df5fb1f6d9fe10c66ec8e47350299774c244dd19e730eea8e495911930b9dca4854624e052694f312029ae4703c664de2d81c64121bc664065e0f185b

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 f9043092bbcd66c4aac61783825d1629
SHA1 06d57e8a231bdc68b18e50aa516acf726add3491
SHA256 0b01622d7ab404344a62de1e03ccf64a89a63520c85628f5d15bff419c66e308
SHA512 f1ca89573af9580512eef54f4d70a69880e7d85ce3395662eb4e45ad0a47c1d3d5dfd3f489c0c3a9145ec87252329ba08f48abdf638f202c1cb41632d7cc16bd

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 b85feedda18c19dbeb68d8d9ee57b0e1
SHA1 6f13a26477cfccbc9c9ffed1b73fb7eaaa974d94
SHA256 e0e93ac13882d59f1d1a9da82dcc40384665479f020cab9464dd04621c9c2e29
SHA512 192130680b7ef7d5c5c408f12d068c793541b8e9f0ba1786cd3844ed7e4048e5126b8eca0978ec7a9a0d8bd55bd25b26555bcbbad8c5277f695a936d4d976418

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-journal

MD5 8bcf30f62d62ec6d122d217d1964efeb
SHA1 8e77e7e65648e4b51467357985fe31fd665e127a
SHA256 71c50adb7b1454ae5d442495beb3ba906e720fb53f60aa646ade4e07eac07bd4
SHA512 4061168bf520581926be02965e19f642d16a7f5ef5975a2cb2f1bcf1c1e2c726c2d9297a2b72b309c0b965d2525d4e5c897b46ffcd196c7ea6a9ffd205a93168

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 8b01966b1926a4442489860806aef257
SHA1 c868c2f335c0690c22c04500ab38ce7c05aeda07
SHA256 eee66ba1205d7f48d3b0b6e2225c89c9514dffa744b05cca2a629fa421123a9a
SHA512 cd4817926adbea5472e03980adbc1362d82921db711bfe5b4f120eb970ede19813f3b8d883fd334efeec9398f5a042bd60a3bb84842c04a8b15055f4859123ba

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 8590f407d42b786897600a7e90aba4b2
SHA1 0b6d41982337ca30ee0e54a4e2ddbeb0d791ac83
SHA256 96fd32c25f9d1c27e5629f616a83968880de7132db7fd0312cd4190ef2c1dbc0
SHA512 05fb91e163aa593f0b7c50c07b8443b74d853cf4cd5f475e9091e9c80805660b05fc6de5d783cfe536e3a41d8644a60ba68b089f5188867edd6dea860995018b

/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 299f8fe58fcbf535cd2d60505a278221
SHA1 df57af672969e180de236e81b5f7f6ba9c430ff7
SHA256 480445df2d1b72d883bdd00be495bc83960f1737b77b7dd5f4d1cc344c7b388a
SHA512 f71c2dd31319044df2a81f96f0038e0210e41aa06242de2f04c7bea8c8d295c61d3c275bb10361b59ba774ffd03bcf10b9893600e848197ec9eb8880966514d5

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 9a78de50eb916b5ac9347674c7d7bcc5
SHA1 b3d2244b43da4cd43e942227d5ccd1b8c71ac1a3
SHA256 20c81a5dce18fce304e129f5ebe23c11353bc605d985bb15b9f781d74866b0d4
SHA512 4da7fa5cf48841cf5dea56238a3558688f31592987c0fa68ac30dc0e5378d057afc61e9c17bd11d7efaee773e193e4d143e4ef982f6e59bc6e7c99541e52952e

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 7886f662c9e720d3f7211c3b1c839996
SHA1 15d4ba6469b1a09f40b311bd31d8e6063fe3322a
SHA256 f1f851b1e2ecf4d174ce923ad2afaa560100a58131620ece263a93c537750367
SHA512 6a50b88f6886b23a08d93b89af828139fe39a8e5f64b851262939d764da3bef9706abb4a625c5004c23fc16a5dadb598c54108eb42bc6968482da88edfa1f957

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 5263475d6d755fb43fd66159571071f2
SHA1 d171457247fbdb446e4bc02876254e5b1a3e29a6
SHA256 050519ffd94a5f16ca09817e592d54c4512438fbde5e9b9e67517f35fafbd410
SHA512 1cb6877cd20e0a928f682e526e487e5e75ec14ec16c00db656329dca5a00b140eb8a34217a85b8590848a7918026f3c8cefb8c8c1c2829ba72e1a9bb7e5fb547

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-11 16:03

Reported

2024-06-11 16:06

Platform

android-x64-arm64-20240611-en

Max time kernel

47s

Max time network

153s

Command Line

com.alienmanfc6.wheresmyandroid

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A checkip.amazonaws.com N/A N/A
N/A checkip.amazonaws.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.alienmanfc6.wheresmyandroid

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.151.23:443 graph.facebook.com tcp
GB 163.70.151.23:443 graph.facebook.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 y7tfv2x9.com udp
US 103.224.212.213:443 y7tfv2x9.com tcp
US 1.1.1.1:53 ww25.y7tfv2x9.com udp
US 1.1.1.1:53 in.cuebiq.com udp
US 199.59.243.226:80 ww25.y7tfv2x9.com tcp
IE 54.246.73.192:443 in.cuebiq.com tcp
US 1.1.1.1:53 bin5y4muil.execute-api.us-east-1.amazonaws.com udp
GB 18.244.179.14:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 18.244.179.14:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
US 1.1.1.1:53 checkip.amazonaws.com udp
IE 54.194.215.63:443 checkip.amazonaws.com tcp
GB 18.244.179.14:443 bin5y4muil.execute-api.us-east-1.amazonaws.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 142.250.180.3:443 tcp

Files

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/com.google.InstanceId.properties

MD5 dc967acadc6a8173115b97a31f6a2576
SHA1 865c8491865e438d5671abe64428fb9ab1c80238
SHA256 24cefca30ac611942e4f234f92c269446eea71676caae538384aa4d64c230bdc
SHA512 d47ef6dae32877c097163235f53b99a34118c27790080f900965d4ecc21e5a2482c4f4727fbce9bb93c9727b848b8e24d87a4d0ccd52fa9643621afbdc9e81f5

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 f338fd2b4963abe89dff372ee12f969a
SHA1 13229e4d228be52ef262e42dddf758c24ea91155
SHA256 7f9808f1552152caf8258d81a46e9f21b695409955a3fbe1bb4e685b3742bafc
SHA512 cbf4537cc45dca1bacb4448a78349067c0ff8074ba70739da5a0b54712bcab33aaeb06d5975be5d4bd44b7524a89f3c2d8ab9bed5d93da6bf4a76c5d924822fb

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-journal

MD5 fd6a9189bb2c3be41931c4c5385f5221
SHA1 ba3b64b826ccb489e47d5c02a6d75d40092a85b1
SHA256 53d5221e3c4d4ee548a69c5814fac5eeba960be0278cd66800d7ba1f4e69d81f
SHA512 4753cf23b71af69199df2986dbe3dc2618bbe86bcdb0efbd55d186f93444665367edac4d1020aed921645026cdf94bc965f80b72ab2b9770f8b85332aefa48a7

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB

MD5 43f02df258bd001f81fd6b8ce46d4935
SHA1 a47250f3e31ef5395594ef0c083d9f24d12ad3eb
SHA256 8fb8d3a18170f898677e17f7249fe62b34c55f47800b4c6e2b2525f6837ac3ba
SHA512 0837d67c0967de1a3fcde06c4ea93feff253bba7164422de95921b6331811c601a4ca98eddd39590e91f3d8e99cd03506e9f973c8ae60fd1b539c607fac0116b

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb

MD5 dc53de654409a881cf0b89e67eccf6f5
SHA1 f056e35f2c03095791ca2067359034d076ad3795
SHA256 3ed371a913e07c44264b12c0fc18245f023b55b0e26d5d4ed040463838185b23
SHA512 d06f0e35e992dfb6ef157216bb731437f1dd3824935ba670e50b7c8462e803028c25c891c0957a514ae41fef4db787aa84e7cfabc28aa32d6b5bd9f92519175e

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 1858696691b67db4ab39d73161f1791b
SHA1 70ee3d0baa0dea820f61d2992b9f46c2151f05a6
SHA256 41db8a9b30442d1d6e7a1c9a9063040ed28f35665d4eeaaabd5707574500eba7
SHA512 f6ba6773d507f26dda469387102a425b9d92828055f9bc362eb518eed5de6ca64b12b76aa5e6a71d79591df79bda5c9ae3f9525d55d4915245a6c757c37fdc2a

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 3b2b4105229be185f9cf3d1835c28c73
SHA1 2d883d07272f95b658e73ed49275ecd9325e671d
SHA256 683697d7b156e8b4050515346f324dd35b2d4b38bac22f875afa6168a8649a18
SHA512 963cb7d03b185058d2bc798bdf55d3265de6cf3037c8f2a958460cc54a109b415a31fa811a2f1ef0af01b270be27f9569bf7ba012aed0d800eb8d75994d5457a

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 9a97110653e924a00e9e6cd274e9c49b
SHA1 9eabcb7e1865fb7816c74b03b7dde742c743f4bc
SHA256 bb45bb24a7344f54c5dd6962ee3566355a80450aaa803fc948e102ee80c89c6c
SHA512 4d60131199eff73605583ddad1f8ec33832bfce5513a002aeaa82f8d83e6ce2ce5975ee55c1a8f3bde15c148ae59bf6d641eb40e0a17d3b2ebf835837f9b0b35

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 56cbf4831a0eea2b9f8c66900888471b
SHA1 670504fdddbaf37631356c7d2517ab8cd1a7fd3d
SHA256 3712a74ed33a75fdfbc5a004a9d25943e3c41b3623462e0ed6ec76c2557daa42
SHA512 7bc2998c1fed2772179228fe1e151b30a767f1338861ac7601f90068e3314eb27433c6fb3f388e035466d577304af1d41c5417e48dd8ed1863945ce0ebc3a48a

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 24c925df99b261f402be69b8ee44610b
SHA1 48933f83e301b6206bd0e4750b2450bc2ee2547a
SHA256 33f121fca99023529d800c7051829193b7eac91b5e2d88b437d7fd7fc90a0c16
SHA512 875e332558fd4fe03e5c5457030f80e3b27397be02a25ae51d9a5a54f266d88ab0d245307f62f57da406d0700eba0eb437b0f1e229ec8ef93605a451a76f692f

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 5eeec2b5229150323d4fa7da59a6eb2c
SHA1 808d6b3ec7dc5d252206dfd608193b34a1dfb323
SHA256 43e91b71120ed474d45e88bea2d290dc073a97c9403754b06ab88f730420ce21
SHA512 23625810b2cc2d772e132352bb0a4e9d67414dba2eb3c6e7b832a740f0c7159d6f4b737e0b56c04458f7d88cecf27c6a479f4735970d2876355803daaaa2dd81

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal

MD5 9fa515fdce268179b4ac5533ef1f81ae
SHA1 2c458aca1b89b7e2ad2aa86e052e291451c0a0a8
SHA256 c24332500465fa09cc4f55c567fbc32efdea386e461e06b5bc4207f54d105ccc
SHA512 245942d6c150a663acda5ffb028fa8f63cf6e900137a7a19e7ac73a4dd511005e2ad68771cfca8879a8dd4c6037f78e1270ebf975b7bdd832a8fd57017f9abf7

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 d3edd9fd76a0205264f5a0feb8d25cba
SHA1 aedcd766671f3ad41ac25934fb18b5ad9ff850cb
SHA256 08b28c1993840c4130933209cb0d522b16f42bf05b768074164c00de94a7d801
SHA512 a554100c85dea680fedbf7a425a292ae52525a34ac36d7c34c2ae5efeb855358734f8f8928f958d8dafa8ea105b632d0b1eef9b21baad3187a331b13f798effa

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal

MD5 513a68959f85ac9510284a325d8a3802
SHA1 563f48635d44e31a7eddb40dc1a2a1e8c39c7070
SHA256 9407e2655ca038874d295af057327634347d44561e66728c3b386fd67aaa2b13
SHA512 745b34037476c66af147f4b29f9b480d54de87242c5ce071eea5bf11b0f9f5e8277fc15d0eb664d00240b5aa705c71acba93eea6818f705c0eb22a2399750b32

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db

MD5 6b1f97ab680ed35f783010c52c091b1c
SHA1 1f4d7a6c7ca2b79a6366cf70c1d0978f8409229d
SHA256 bcbe9ca551e4c58aaf9c5bbab333e37f59ffb49a6a11f4cbf042c944ab9022a1
SHA512 2a8044354563862b812c99976cb5eb8da245a9e1db75b374fa13f45f976bf43f086e7408c005813c38425e52bd80778710f6ebadb46717b5d7804e67fd3de856

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 53b9e997ebb18a7d34f7bded6d877b2c
SHA1 d812b68fa3e127179bb6a926349a27fa760a6e49
SHA256 38b5110348729458b5df5871f1f06f73cb9da19c54bf166bfd9199c12d2b9b38
SHA512 09e755f58d9fe1f1ff1dc512dfc40c5e8a4b0bc7abe431a63719480660607dcbdb9d5d238406ce42dbf08196f51a303723633a2814aab0ec937ecbc94729a2e2

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 161a4bba230819407a011f7a745eaa31
SHA1 0e33f74adfee80f2a1ee9a5c4f087afd15e500fa
SHA256 ed9885759f2192bd409da8b56ed210d55660cc9e47c526a22fdaf9e099dfe02e
SHA512 023cced9a13cac4c1d0283ed4e72518be88c7d46a4b246618c33140364fbbf27d941f0e277ad98ec4902704e1818d2fa274d62b32eb49a6064670f8563c20cd2

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 07e8f3ff919bd00d39a6ed116c394bf8
SHA1 89d399315d02f4fcf6ce58d686253b8749ea6bf7
SHA256 fe238a842017b78f38d956d1c9fe515188f64e1ab18a3533c4a0aee23e3d168f
SHA512 0bee0f3c3c4bf427fc56269c5c74d939422cdab4ec93347592c784a8707a3a08246e38e1ddc0d7cd60f85aac84e2161e1c4fe353ff11523378906cc2d69d6a01

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 5513798af3cd5cce610f3eab5b5ca752
SHA1 91aff2cbbebc133a52f572da2ada89deffacf98a
SHA256 dd770b85b892f89b890d712747cce9f863a296cd0ce6c9dc75a9e6640ae669e5
SHA512 4f59d550650e8f4eada972250f7c51d743089c21db96964f7b6398f2ba096d0ff97aac143c44cf88b759c97c4b3d4029bbcbf43975ca713aab4bfac182b30192

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 d6c52964313c21ded23912a7f70bbd21
SHA1 9fb4b3615dd0961cd10aa0bbbee4a698f1a79d47
SHA256 a9c9725dbf735c498a431ffe13fb928aa738e138b5045119f13ed4e721f0d679
SHA512 eada4d41ab746997e5d44f49297f9eef1ad6d23cb623862b104a36f409bd40e570ad8a4726e5facf648d8ea7ac44f1444ee00ca3bb5fed3cfbff20f92d667440

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 ea258602127f44a12b6de56463a3f0cf
SHA1 1ced3ab67ebed5b215f5e4002f5a5de7f67834a5
SHA256 4e972f5c2a02d59df1b8883fa9ae9a51bc6d2a635e4ffc276fec4e79058f5e2c
SHA512 94fc6d5e72a2c93dc84cc3a7cc851452b464e00f7b7a324be3e42607bfcc9f7a8d093379f7e22691a0f1af04a9c38b2e6a255e3b0f7b547b169994bb92df6373

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 d507a549adadf12816de2a4a6a48cb5a
SHA1 deb23f302b45eee4212b6eb886786883b657772d
SHA256 d7fe757682c918a724a94c9bee0383930daf502e874999481e9df156c0b233e1
SHA512 f11c4c4f2f9ada10c320be49ce40ef03acfb38b0ab42c8690f4e953c57dd05721a37362291386e554eb69cd06db0d5fba7b28793a9190bd98a1e3bd97567e39d

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 bbe1a7aa0c145f646a074221f55158ab
SHA1 b52c189f07dc1ee62fa4e4f353a4500d894b66e0
SHA256 c397263aab236f07550d5d3bc1a22f34777b63232bbe1370b60c627cc9363a7d
SHA512 db0d5d28d9eba4968f1d0a2358061bb78fdc48bb0b19d05795b4d348d9cc30ec329b69a9ac7e30c7108bda9525356aadb67c1606c10423ded809d9b35a6a980d

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 c25df336a676c89b6fded75698661fcd
SHA1 61338688a916fb2cadb6a0e66c5e4cd73ec79896
SHA256 96fc39f07e28c1bb9d1a499e3ea5c3464d826823a3ddee2b63d30e519f4ea67a
SHA512 40c1c55632e22cfed668f303769aea4420b5d2fd072869d3530e2037e812aa7dbf3be17392da053613034be2844667a9c5aed2c7ecf68d90184c3c7afbe3e424

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 7f0c6c6e40923241d79d8fc5d4f56f33
SHA1 2c1647ff5b17890ae82f936bdc8b19de2dd6ce42
SHA256 8ed35f4fc546b14a3c931ec0e2c4e45128bba87088267bce050ca579bc7408a0
SHA512 45dec6fb4f6f014a07cedeeb7fe49632e0b311e8d946222fdecb5fad3a60de262144d3319219cd98b14ff28bd2b567637c9febea171f81efac1285230de89f93

/data/user/0/com.alienmanfc6.wheresmyandroid/files/gaClientId

MD5 cae529c831c95c70774969c17c41ba8f
SHA1 592ff33247ff83032dff3b046f0f96c214c1e1f0
SHA256 bfa76fe3051c1d9aea619ec0a6b30403b0b12cfe5be1a8efd48ced54a0433273
SHA512 e140f76b70a5c3a6cd0a10fc0166be3381c9542c09ac3f4f95068ad7605fa43dc562b7538784132a61245bf779fd1a8c6bbd8d28f107bd6c4c0970e2d3f4252a

/data/user/0/com.alienmanfc6.wheresmyandroid/files/gaClientIdData

MD5 1bf8f281e12baa530c826b443880c039
SHA1 08c03118a302cbc8427b13b4410f22a7803de564
SHA256 fca09d1f0d150d4f39504ed8c78cd62c5f27ad2a332d553114ebb9d2f89e2521
SHA512 80342d190745e1689e746cd7dd0e0a3800eb9d3504b07271095d59e42047139d32acd58aab9c1b99da75548af0afba574c8af1d9ab5fe35849add01d9df8e986

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 0a36d7287d22fcfc70b4116c9c8c42fd
SHA1 16415a0797f4c3ce790148c1852d46c822f54b07
SHA256 61cc1c238bd7d2c8c717c379bab3229bd3aaebf4d6f21afee15d0b49fc7b5fd1
SHA512 b1c27c06a7eb6e32f58f2edd50410508912536591a1490233b0aa931bf5f41353951b14e7b064f70006508f0246404a1c36902e31703c779bb6304b9ee040d59

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 63f92ec5018c647fb744e7bb8938af72
SHA1 caf694b838fcec93e7f1b5f431b764c5abe21b26
SHA256 d9beb15fc7450bc44f012a956fcb38086e2f2354dc51e702854b359d1a352cfa
SHA512 e58d435f3c58682cc717ab815dc6c4647c4e211d226020d175d40ae08f39edba1bc384d107f139a761074313cc91809d3d3a4ddeb84a0f4a1bb875785369dfa4

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 7dd19dd560a1ec3fd521224901305a05
SHA1 830a19e9faee90ee2dfd87dac69330819ab12459
SHA256 5ec07cc2ed5c5eddb35ae9d3f10165427a1bfb0ce398e55cd85d67026a0cbc22
SHA512 97978b5242403101815a71088793b37c8ffd8e0b11aae116dacceb3195614c0e12deff00a75584acf47f81796f452dcbee4940040ef51e516145f2b6ab86645f

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-journal

MD5 e1b72de936dd50234f6917bd59ca7e4f
SHA1 981f511969cebd0b94b8369d7f8a380bac69ee9b
SHA256 7d7dd0994e5e37e155445db1c930f74f616267e5aeea33b3f7f40b9fb6000314
SHA512 402a3055bbe9aa8da82e36674fbfd8732198b596f0dbd49efcc626cd9fa7a1b0075cf22af77f31486a5af8908039ed55377d8190e4ddd65368c0a6be4eb64e2b

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/basic-x-db

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 a260f74836f01c0bcb4af8830fb8df3c
SHA1 f0e86503d2e96f450a21397b92fd5368f0c7f6d0
SHA256 96c23258b92a9d2d95e642942a72261eeb745d6e7720abbfcc81bfe6efa74989
SHA512 1c1b5ab3925254502d5fd0c76c052a1a679ada0b2c78fdf00e3ea6db087dade1fca1e95d9591a78bbde784826d8effc1e0e48306b50f7e514bd74b9434e8c5bd

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 357529c92113aedaa07205fff0ed8355
SHA1 9e5146c0cabdf80d3775026529f7b36810833757
SHA256 423dc8d824ab3ff34657d8d8ec0f9ba4bc0b6366668dab743f1c7d1a0b077b95
SHA512 c35cd27cc55a509d74b524b97ae9ac9b35ea381c801f0f0286202c2a2451bf25cee60164ef98d51c8908c504c5894d48f29473f63ae7239a475fdd65854cc10d

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal

MD5 647bbfa27b6fe20fab3eb6688973c061
SHA1 6ae501ec4011392f753d39ef50c6eeb426846840
SHA256 f726fd25553af249ae2f5459bb0c69125edac57782439c5cda25b9f9c4ee21ba
SHA512 e7445384248150f328e105df46e99a2c64093bbc0d2b64e06496d16415d73857acfbb09427eb97cd67ec83ba1ad34dd9f6528387abc85faaf2b064e467d6878b

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 651c313fe6b57ea177c03ef4888fd0b5
SHA1 ed3248ff130a41335fc6f494d889b185a806b221
SHA256 49024a4294d7d604c38cd66708e9888579cc1ff8fd0108e08282ae36760fd45a
SHA512 2ce855dff3b10b8758df12df7cd8fe82fd45dafa569fc3c187fcdf081bef4f8ef8c602c39d904ac1ca98e0487065c22ed7efcfc2f5972aeb6fd492b4b66e7dc2

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 aa736f196ec0e77746d07bfccee4e67e
SHA1 57eebefc95efa9333438cad57e197f22070c27af
SHA256 01be84fcd3d0ae809235638bc384bf803d0cd690cb99c46b4498a728f844d641
SHA512 ce9312d3c43d4f932047055a14d4fe94ec53bb692dd5ee07d4f99c19c794a515406906a049ec634192311e180ccf039af31bbe9dda5f804dff0a23cbb80bb189

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 66ae7dc4031c2a2b42bbf32160689cad
SHA1 5e262afe1fa0990e5e2258ad14fdcb955293fcc3
SHA256 892f9dc519e53efdc714249e07de9601af79e7420fafe848cd90420753afa983
SHA512 4524aba2fde2a092fa845ec507b4adb3bee7fee73cf72b7c50202329587fd93036b6edfb662f267057859b64566c0ff5934a4c30153530747816b3e8bd02852e