Analysis Overview
SHA256
cf5bad95a299fb3c3f29ef77cd33ac9b3da0fa0afbb8b13346d55f2f69506ca1
Threat Level: Likely malicious
The file a0f6c199b4919a55123d405290b6a7d9_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Removes its main activity from the application launcher
Queries information about running processes on the device
Obtains sensitive information copied to the device clipboard
Queries the mobile country code (MCC)
Queries information about active data network
Requests dangerous framework permissions
Acquires the wake lock
Reads information about phone network operator.
Schedules tasks to execute at a specified time
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-12 14:16
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 14:16
Reported
2024-06-12 14:19
Platform
android-x86-arm-20240611.1-en
Max time kernel
29s
Max time network
169s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.abtnprojects.ambatana.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | onesignal.com | udp |
| US | 104.16.160.145:443 | onesignal.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | lp.androidapk.world | udp |
Files
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 9bb3f7db4f2c7a3f10863b5fe4ee8edf |
| SHA1 | 34ac47ab8c9d8677c4e7a7e51462ac2b7347b87a |
| SHA256 | 371305d13c44a52e23539fee9d3188339844686c03b06cb2e5c3f50b406affa9 |
| SHA512 | 249c1bdf7c62ea494864eb45898f12db59ec7d7ca5051fea51c3f691df43aad785f7936f2a88f7c60d7b1c5e5e26ef65a8902b03d1d6dec7d36860b3f2a4c9f5 |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-wal
| MD5 | 45289281443bb05f4d9d7d94e1a187ea |
| SHA1 | 5814a727b4b082fe84f01dd999881529b3526306 |
| SHA256 | 2c823f5004bde462f186abd4d01b3a9a92097609d5f3b10a392b6c181dd91153 |
| SHA512 | da02b42bddde4a5cb4f38ee5a929b28563b860feb0fae40d7b5ce78558f9d40e6007707afbab79c2ed3b1cf6db933b5e8bb691dd33ba4c9184320a6890d0f77c |
/data/data/com.abtnprojects.ambatana.hack/no_backup/com.google.InstanceId.properties
| MD5 | fba513f4ff358b2a040e5138bee2f485 |
| SHA1 | ec95774c3df21805df8f4778ca93b32efd54b204 |
| SHA256 | 9ce26bb83607abd62f89b476bda4efae2e3eeb94d34399df6fb6ffde214bf2a0 |
| SHA512 | 4309a28bbf8e09913658ede53f0336b354f7328e94804bd5dbcab370effb8c95a9959a9ff591b688ce08d8c8b0d16a0ade912f092e5718217fcb3730e4b2c90f |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | 18cee840a0f524225a820bbddce22087 |
| SHA1 | 0b5975838eaa60f3dd63e39d02c5586e41a667e1 |
| SHA256 | fe441ed852636de0bfec2d41c5c24a05585ca5bbf15a3fcb80ebf09785a8790a |
| SHA512 | 8258eabc115de3d9091e206ed665e7c39dd2d0e4ced9ea0c4bd0b3462fa0d2770e4cfc92584a0deb75e676c3fab2d78552727fd393185762d69ae2efda390183 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 7237409e0640cfab7bdbd429bf821a3b |
| SHA1 | 4c3da934842f8d4835dfe2a9c275a300e5123309 |
| SHA256 | 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa |
| SHA512 | c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | 8f55bd140c8f835fe6925f7fba17523d |
| SHA1 | 7d0fd3b91afd35ccfec6559a7f70ce25e00563b7 |
| SHA256 | 5ef7eea022b0ba47d0426afd0b20527ea7a5737b465c4fe81e705994f00ac87f |
| SHA512 | 4ef259b116ccb7cf9e08f0ce1fa9b500048f6c591bd9ba2f088b22fd97f6a761204a53d0ed3bf6945e2299edbdd77979136d10e1460f37a63e1dfe02bd0cb879 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | 687c1d897f7e9d30e9a0fd711b81c5cc |
| SHA1 | e0a77720a0772258555962b53c9fe216fe3b0d7c |
| SHA256 | 48ba47d330cd34b1ee63382668de4678f7d4b5b89d9eedb67aa37416c219a6f2 |
| SHA512 | 0e40371b44ba52e16f28245b025c95139c339669e1eb1b05be381496c0e59623a2ea748c6e0486bb87b112a2ef6abd72e3b03bc4b8eb049480eee4e441204b1c |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | ab833a806f3cd164146953533f5716fa |
| SHA1 | 2a224e70be0a8c4e7f6355ce335f45f88d86377b |
| SHA256 | f9da64fc6464ed176c80dd46d883260a8295838a9e76e5444526b50f92cb80ea |
| SHA512 | 060a297d76c5d59d92d7f49ba725c0a48ba72ed827a5152120ca54d41a25d5726df78b8b81f1bed6d3759dd3eff73b96fea02b24bfe134691be27b57a2f46f4d |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | c3acab9d0c76899e3273a1d9abfd1cec |
| SHA1 | adf7afce77321f2eddf9b2bbd920702c2ccc0278 |
| SHA256 | d4106cfb5ee2016023553ac8abab9d48094567a5df9d4f59cc22fed1632ca178 |
| SHA512 | 498262be85510712ea46efc9897d1ed9f793c65ee673d1481364c24f9af44c6bb39ccbe3981ecf1f215938a5274b5068d1239f2f9d73a42130e93f99bdb27f7f |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 580b6f0a3c824397261c463f6f043bb4 |
| SHA1 | b13d579144a8cd041fd99d0c50aecdce1de7d9de |
| SHA256 | b73eaf57a65973edf6cc4dca61c515526fd07e2adbc9c461cf2e7c2aac966441 |
| SHA512 | 62886156f8af58b6614d5bfc011825e85817556884309f1ff1c65fbc586a723e3c71756879c006e208ae9254fa3310eef765d897bf15b5b3549eea2cbebb6ec4 |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | c9602f3ca257eca12f8f8967b1903650 |
| SHA1 | 379db0432ee396b025296f258aa249873390147b |
| SHA256 | fc771f5e8a3dd933030af65bcd757af6d6a4760b1fd7cb4f1eda5e3d588c3ae4 |
| SHA512 | b689479fb052ad91530a38ee1eca57b1e273ba4966b8d620f97968941c72a5a07176a03d8cf96efc34fc0f4aeacb9f07c802108b262264bc512fc15495be6eb4 |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db-wal
| MD5 | 412f659e7b8fd6e9d35ad11abe0d5664 |
| SHA1 | ba4778f5e351fa76fa0715b6435c3a24b2fffda6 |
| SHA256 | 1de8c0a1c72e8a2b7385760532eac29c825dfa64860c3a5078e067b047b415e5 |
| SHA512 | 94eac9e6870933822ad7ca07b93b8eee319c24ca9265b722e8842f2650360e44864ecdd3341e3cb33eeee17a81cd71596f53c28cab83b9fd577c2b6c0bb66f56 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | 17e4347971a47060120383bece4849fe |
| SHA1 | ea5df1a5dee9cc433c81699057a1f2712c04ae83 |
| SHA256 | cd8687eda4a3858efae30b2eda1a4d70d2520791aa9dd45ecf0447b4436ef13f |
| SHA512 | a1b5668e22bc8d7d07bb3d450cbf0848a0a708bad08a9c5162dba145486f241fb09af53a09cb1b537060aa7e769e034bcd4a388817e48ac095c35d3e94331375 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | ac9876a1c840fe2bd60d420667c9557f |
| SHA1 | 4f2f1817bc0c5b722c8036c32fd4cf75d5706ea3 |
| SHA256 | 63cf9063b0f02d9de6cce2f584dee090a8dca03cc41aeac620bf4bdf9000c66a |
| SHA512 | 4f6b297b5e47e64be494b6a55be07d46290f41b76bf9e47fd93889347d0062ad90accc7783e68d4e88a10ad660fbc2112d0d9388aa2a403008dc3ab222f88140 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | 34760c0468e4a01a503c48d20eb327da |
| SHA1 | 1e7a7f5ad519c22acc677109d0cd3013cf95b026 |
| SHA256 | 115b50064d6f06831984d1c45b15a2ab9784aa04b6ee0f0f94c712786d8e4dba |
| SHA512 | 293bf2d54445dd1d98aee48e42de35e0789edde3790aa7551d67753eb9e229c7f3dfc5f40681dbc352e196469b6aaf65d65e83b8aaf551bc0182f52d11635f51 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | b40d29754c603d9a3a247c7b908bb71e |
| SHA1 | bffd69d264e3d8113aac374ca23c5742bac46e44 |
| SHA256 | fc16bcd8bb24d3552774ceb1c1d8d1ce6a2322a26dbe0bba22ac3008b72194de |
| SHA512 | 37082fc48095e48670be3cd0305a101c4c471f4f861c84d047e74b2851f39be80b8a80c3ccfd893d84cdaa1577bb94f9bf80e112c8287d6ae3695ac0452d61c3 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-wal
| MD5 | f54fcc90a93e84d20ad8977f895c1766 |
| SHA1 | 23798c15a336ab43edf62d35629a97e31a4d044c |
| SHA256 | 022d90db916571f5d1e2da0ceeadabfa67554b1618da9b703fd9c7b728c851fa |
| SHA512 | 969b3f15b3a714b73a29af235a6b8d67ed097bda0640c155db5ed56862f1f80b03b4a6e738bc714e8ee0995649f1274f3c214a302607989254588a499a4b42ac |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 44693692da738db6eb133cf0e4cde91b |
| SHA1 | e6bda56494c325d8d37ad89552263ae85d9b0550 |
| SHA256 | 8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4 |
| SHA512 | b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 14:16
Reported
2024-06-12 14:19
Platform
android-x64-20240611.1-en
Max time kernel
43s
Max time network
146s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.abtnprojects.ambatana.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | onesignal.com | udp |
| US | 104.17.111.223:443 | onesignal.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | lp.androidapk.world | udp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.179.226:443 | tcp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.250.110.84:443 | accounts.google.com | tcp |
Files
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | b30e3b0bb9262a2510c1287199c50621 |
| SHA1 | cea6790610f866e95e287d91e96c74cf88d274ae |
| SHA256 | cf6893e230eda1b49b2162a26e2ee9b77e0484d5bc6b51c13eb2b898289c4c7f |
| SHA512 | 34469fe000d440c9dd7324650538d97d8ad015b64499460196f1a135de88a6b71201d2e74eef2d53118ad5267705b2d78cd7441a4f0150bcaadcd1af3e829bf6 |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db
| MD5 | a4ebdd523acab6b3e8095fe131b1903b |
| SHA1 | 0746e2b41b28c13f9ef6c1adb8bf5acdeabc0f08 |
| SHA256 | 4e838211e254a79602b643872f2bcd5881d6a46e9b2cf06b92e3a583085bf9d1 |
| SHA512 | 624f5fc472c777bed807930fde35efb6c0d82439d0fb7da96edb7855b94ce5c3229d15d00ded1d2007ff35a67d968faea1f656ac092a1696cfef82d495fc6c8c |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 1a14668da9ccce5839732d630c1704b6 |
| SHA1 | 86344c30e8b70c3d2d58282b2935389911738565 |
| SHA256 | e7b087e0c76c2bd51ca0bf135395530c95616784acc69c991b2accdf0e30377b |
| SHA512 | bb67e44763882c506d14909fc2148795c867697501af4bd9ade667329712a68c554706ae57fb0f150aecfa68411a4706bda78ea81925f017684d5e21969fb62e |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 4bf5cbfe1289e5da1b913a0c0e65f1a0 |
| SHA1 | 34e3d48c191b7f1137160b202b8335c239627f82 |
| SHA256 | 5378a20b4ab8f555510e50733da4ea4b3f39fa5468e159292e7d440fab960d33 |
| SHA512 | 7840968c605924aad675873f31fa7cb3a6640be1e6523f16c48d6c95e247863a5c7a4ca22acae9292dacfaf04d0bfd0a40d6cb8212591800e6b962dcf5838866 |
/data/data/com.abtnprojects.ambatana.hack/no_backup/com.google.InstanceId.properties
| MD5 | faf7f6470cef2e246b6e61aad03f874c |
| SHA1 | 3379527d05cb65ecae6c1bc0defda6b1a19ec38e |
| SHA256 | c56e1c331bc820b726a02f41786711ebb27d5a88c17828aa0d30ae52dab54c0d |
| SHA512 | a695fac9b22e7f82c9f0d88c1a674329c77cce9545197da40bbfbca76ee6a2a64161c289b46856a2e535a951f297ff1219681fd440ee826caa4434d5e0d3aa23 |
/data/data/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 76cc3897363fa92d52d6a3397deccfce |
| SHA1 | fa6c1917cb76dd54d6721b02c1a5113b8cd26a8e |
| SHA256 | 598d00b53e5a29530b57ecc9569633773937af38f00e551606b3a5b9efd21de8 |
| SHA512 | ecb3def69c3e7ec8f95af966019005510e89cc2a8bca1487a83f52c84d8fd4dc7a5f52829801bff7ad07398ee2096206eb710330fa7a0fe36af06d51effd0c38 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | d04bebd19ec423d784560bb8a693b0cc |
| SHA1 | 5901fb3095c6a276a6d0dc23051700a370af1134 |
| SHA256 | 2c132f1d9862aa8f979d53a0355287beb8ce634fb42adc5d868b802ee10b380f |
| SHA512 | 2503a1e49102f1a709bf7cbbb9c6192cad898a0020bfbdf8c08131b361e57399c6361dbecde5bfd94427223fffd937119be7f6f91dd1b7100dd7ad5e001746e5 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | eb52a90bb70b76e946b62f50b6f7fb85 |
| SHA1 | 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0 |
| SHA256 | 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4 |
| SHA512 | b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | bcd2a056a2d908ffaaa3454d633497e4 |
| SHA1 | 262f6be619528e011dc2cbc85ecd7731782e6bb6 |
| SHA256 | 85cb56370557d255391027add687adb7a5e544c83d892130adc202f37897b334 |
| SHA512 | 48d3a4f799ce9fb032f9f583b2a4fe23cbf10f31846798c142d67874e4a4bc0c688b9c976f3897af81b28813daf106d04e9617fc6ebd3d6ac884e44f17028468 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | c5e98e98cabb47fe4e8c7040c191738d |
| SHA1 | 58eb059cd8b0fa95b02919bfef9c20ae644756e2 |
| SHA256 | 208157d10fa77fd18297f8a54319023810319db9002ffdbfb687775b8e29ae57 |
| SHA512 | fe4955499130220591017c671f72c5283674f27bd47bef64a4b0f995b51a58f5470971bec99fed1445d1577667fa8c863256a3b8aacaeb3e7c1e8219a8502bd6 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | 2afbccb2d79404f06ae5b1f2b852974e |
| SHA1 | f076e72fde9a1ca260c9a1227dc12b3173a84dd3 |
| SHA256 | 0f3dabbbdf447eea1c4433c3819da39099196648808f8a28231e73cda809f0aa |
| SHA512 | 94a5a2724cfd94ef80866385bac445bb7b3d89bc3d19eed8bda09746c8782948bab345a72c6053f88cf467b88638d09258fe631c2903a4e6b03158d142aec483 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | 981ef4d58d3c03791ca715e546e542e0 |
| SHA1 | d0cc0a42ebd9508b7ea534c013fee153a33b4cb5 |
| SHA256 | 92fd779a31b393dbd3a5a105629e368830078671917d630283a99ba9da8413d1 |
| SHA512 | d36785cd27d5d2226c2b58db71138c0a7a6389800286755bcefb4e095d8cb51c2755e2e0f9ceb4a11e093c849f3be6a3d160da08b6b1e1908d1f42aa38a7604a |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | fb359f87094ce2bda0e3425ea4116d63 |
| SHA1 | 18d6612548cfdd33245d908a9ce2932ea512585d |
| SHA256 | b0ec5008d5d0d25c52100507f62b4df150d5ff8eb7fcd02d5853a72e82b130b5 |
| SHA512 | f61a2c5099621224acfc86c1c41cad869d95d867f86858182f9918ccfaeb8d0a1978d28f875f16beb7fb1ac3a6792fc00b6bd2ab64424a035c1814db517b2430 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 0f07d433d15317b38ef33029bd033198 |
| SHA1 | 4fc20e5286357c024c63dad401325d3f32b61620 |
| SHA256 | dcc13f6702cf8d688fd8b61fbee99644196d3f7a25bb9d385a5eefce591497e8 |
| SHA512 | 14812089e3f27a391568d4f9cc12f1f2798dd20be741235106d61fcd7f11d066a643a5d95ffd9edd061a929e4cf9c979a32064b7c56b16e116453fa8c4b8e038 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 57cd6ab3333a7ad49b73b065622594e3 |
| SHA1 | e14d3f8d3fa9eb713fd4f832199a894ca5ecc516 |
| SHA256 | a6ea822b8a7f26bf4c3966a3e96c65dbbc11e65015b6ec7839ceab3f35dc8352 |
| SHA512 | f599fd9ffd2a04480354a188824eb07fc225b6a03f2c176966465f9f6bbd939113287cef254eaf1a7e190166bebde9aa2b225685bbd8ba4aff70bf008ded4f83 |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | 60946541ea94b49cee6d61fffc372670 |
| SHA1 | 1ecb8ae5723536def1e4f660754c9a34d43cac61 |
| SHA256 | 1b3b4a005abb4613a4b8a472a329a449fb61e3fdaae04be13c0c199eb72bc658 |
| SHA512 | f4adb0b4a84564a2cfa6cd0cd2b0da911a406f3512d9bda6f2ea6cb1f5cb3169a5b888e906b51b857ed0c2c1ab50592670d9f1c43d3bc42d9c1e420f408b23ec |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db
| MD5 | 6ea5817dfb71687d648b0e4763152545 |
| SHA1 | b5a1a2a1fb579520ddeb9861c0eba5f7109d0d74 |
| SHA256 | be512b097518bdaba39e6106c143a267f56e98d8f980ed6295773c4082149824 |
| SHA512 | cafff4c86b710428753e528aed212096fef264a36cd6d6ff48af487ce1d5cf90065b4be0ad6460e4e7631040f7a28657f31811be1a5cb417c4b2725c51fb5186 |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | e54f2a6b478be4959d6079cfbcee32f6 |
| SHA1 | 5c176e30e4cfefdc79b49874b9428935d6169f14 |
| SHA256 | ab752402611316c8b30f7fb08c31cbf4c1a0a5b943f2058ba990949e85d9f029 |
| SHA512 | 2eff6ced0879070c2e91da7be54483057f0395aaeaac46ba0fdfff07cb495339cd34b13135b20f72da0f012bed0e2fa327167162cc6dc7a43700c37076825f66 |
/data/data/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | fd28d95ab5b5af3c20240b9761c793e8 |
| SHA1 | 9ca34de39d8b0a856bd74bcda0e0524b7add81b3 |
| SHA256 | 2b4e3aca13ac7b4f66944d48e94ea411393bf2a9f47a288d20be71c6f1233e6b |
| SHA512 | 98fd7293c037068b6b4fe3c68415a9f64ad682b993058b420d22954cf2bfc1a22fb8d00b4221d41c0e11da18b6407f7c5790abec935a32f7b7dc9c2a27e42bed |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | b79603f814cbd2ac8f368fb62e7ec2d1 |
| SHA1 | 01935f35dde108d3ac33e8ec76c755b4a1f7504f |
| SHA256 | 68449b381e46d572d21e3b6ec55b62c73a4f34fb520590a7d9c9b5672a333901 |
| SHA512 | 03fce0b3990a6a87284e1c1e0bc895e708af3a03f587006c8a17b13edd4a3f05ba6c6b8c9f5e3ba424d4db15e746c2d8e6f516da2d3b262f75e81eae25ca4d44 |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | e6e91fdb5dd0d2cd12010270ef9be385 |
| SHA1 | 01b4fad62d4372a57cb631768a03ae4c35ffea43 |
| SHA256 | 27f1fa2b2e05a45cd60315bf85e88537e69692042dee6a0e325b5380969e845d |
| SHA512 | 0f8cf7ba6d0c3e86cff2656579234e910e7e3e8a36cfa88e2c861c3a5c77c9d51d8ee8a3b58a4da6920a85042b0fa9e9a711946366891572a70ac49e27ac398a |
/data/data/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 2f1eeee3602c828b8e9f81f6fbd20d41 |
| SHA1 | d240b568bb6929702815b9a5edd05ad635671caa |
| SHA256 | 458aa953a9e0adbf5b8765ebcf6b51bc5b5a48b7664e85d25c7a8ce9781a2d5c |
| SHA512 | a8642cc12cb9af0cd9d3fdc4bb1fe3b246d02af6b36714d80cdd2809def699b0b93eb585187c17f0a8e19801879e2e9edef7963ee416ae9e8cc35fd9cede2859 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-12 14:16
Reported
2024-06-12 14:19
Platform
android-x64-arm64-20240611.1-en
Max time kernel
44s
Max time network
137s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.abtnprojects.ambatana.hack
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | onesignal.com | udp |
| US | 104.16.160.145:443 | onesignal.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | lp.androidapk.world | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | onesignal.com | udp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | onesignal.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 104.16.160.145:443 | onesignal.com | tcp |
| US | 104.16.160.145:443 | onesignal.com | tcp |
| BE | 173.194.76.84:443 | accounts.google.com | tcp |
| GB | 142.250.180.3:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
Files
/data/user/0/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | cba282caa25906eb9344ce53ec8fade5 |
| SHA1 | 387ce3a1c3ee42350eaa9e69a496b766feca145c |
| SHA256 | 3f7451792278ea2c9740f6ed9eb1840b09337869644aaf7e8005d1cdf41841ee |
| SHA512 | 9dd4c78b18e4a307875bd26b4f8f8bcff922453177a3b7e990e51cb09ae55f0a4785879e1961d0793e514aab61bc14b3fc2dfe696bb816e27a549c60a80d58d2 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db
| MD5 | ae98d97cb1caa99f66e4719f1f11306a |
| SHA1 | 5b09cf4025c674ad332f472449e996304c11116f |
| SHA256 | 0cf6a39f0a1e3de7adfbc3616914a4c24f2bda744524bf36ee05fae6311131a4 |
| SHA512 | dc6c12a95a424f8ae479ada1dcf08bea270dbad97717d67f2b01597b418091328b373ee8149a8f76972d04405b3c40c5827b670c97e980c77cf29af31a809bd7 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 4e6a4bd85133359e0879d72f083347c2 |
| SHA1 | de0053250f416dc1fe0032974df706679cfb2509 |
| SHA256 | 56b1414097a9c7f0faa84343c3588d9abaaba780d33215d3c9cf2b41fe276bc8 |
| SHA512 | 0a5e56bf8704a19e99eff01555ea9b782c542fe12b87f72609240651313bb39b042349e0cf76bf8a40cd0e90f77d5aed911e18737193ad521bb350972a4e2b06 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | 2fd86864b3d4ef15e1d893ddd9e787ad |
| SHA1 | 89e76d1bd8d332ee7baccd37af17d72e3f4198cc |
| SHA256 | 2c03e4335f14afd48fbe1e7d580f79f3d9f5ee746557c4ec143993e42057b643 |
| SHA512 | 8dbad0e5a5cb70d1f8a49058e1b19ee5412d396ca1bea15f1051a7ccff210ead0c073055a663c2ffe02dd798de0412f55157ce0f47271b83245ac3bf7e41d255 |
/data/user/0/com.abtnprojects.ambatana.hack/no_backup/com.google.InstanceId.properties
| MD5 | 505720872f195d868075d8b5d384375c |
| SHA1 | f44e94172c3b8434a0a21e02e14ed0e545cdb6dd |
| SHA256 | aec1433f1d1a4527d6246a6125713e71f2ce45a38ca14ce9c9067ea2b88558ec |
| SHA512 | 0c4184b3cdfd747f4a5ba710822f606d9677017d2090447e597f0bc45ebd05da619ce067d9802f65cee8caee5e116339b6292bc16b0aa93410a51afe2cf94542 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | d7f9f0ab7ace189344d978ac4dcd5505 |
| SHA1 | cd3ab2ef9232390d80e7248e515534a948408d65 |
| SHA256 | 8f95dee9ce1a9e2c98214b9266c0783160a03e49786f619455d5ca1466cf3f72 |
| SHA512 | d0773f57c246e55f5a02b870c6dc564e82d303da6762db7c209ab5bd54f6abc03055f52268996456f87229a898dc8cb37794de75b62a8aeff4cf19a4f1e4578b |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | d9cf75fdd1c2292d986f6c3d5d60f2c8 |
| SHA1 | 07ecb1d3a26d952ae5fecf54f36699ab498510b1 |
| SHA256 | 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a |
| SHA512 | 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | 8a68045aa7ece4be148962dee8223d18 |
| SHA1 | f02b5e93062f8bccfd2077433a703bf9438c4457 |
| SHA256 | 1dad7a2716968094ffd34323b08bafdd98d7e512052ff7c350367574b440d49b |
| SHA512 | 8e00776935e687879e9ffc41bcb5fa9f9296b83622b17d7a043acb3ea7d110c430c77c8f0042d927133c492cfc061ae14c9b63822097e7413e48e984c63e28a0 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/evernote_jobs.db-journal
| MD5 | d43d82848194fef5224769654ed4ccfd |
| SHA1 | 8066af70cfd1fabfe54ce377caa3d13e4c4abcbd |
| SHA256 | a4b809198c4bb4a33135e2dc20e78cfe72d4900dff6b6b11de03b4808e367193 |
| SHA512 | 01c0f05a77cccead5a68d8165afbb32f45a2d3551ce575474759217e56fe844ddc33f658903acf90ad6357651972d38e2f31e9fc55d3182dc9e5422dafab1e3c |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | d46dd426ffd151449fbc1af2d4cf71fe |
| SHA1 | 7b674f8123c45c22956f10943d1ca17b22cf7228 |
| SHA256 | 33c9cfac0820e80a39bfa99c00eec3b68a39fa7953c10b01fcdf5fdf84dc27d5 |
| SHA512 | 6b12e82ac6e0bd091774eb7b617036c91071e9ae4be53dc482938ea3695b638d96d101e2b0ff35ef4b0ce362b0c682bb1b82e7f014aa77e09cb13b9ec12d67a5 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | f401ccfe00c1ddfbe63eb85a594d061b |
| SHA1 | 53d22e058c48ff59f04e8e07dd6943b2dc138485 |
| SHA256 | f30dfa8cecb45df33a2b076de832c1dda537d3d5f59370d14e1030feb3e74d62 |
| SHA512 | 97475e9180e8a28e5a490324f123516462a96a64a8a6086bd8178136f3d5a1ce13e25f179096c845761c3aecc9b8454295c1ec725494cfaa36673aed088648be |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | 11eb22ac1869698e95cbd6e092716e4b |
| SHA1 | eb222e700e0a6b46933e32a70586243d55b93638 |
| SHA256 | f8c060d6ec5e3a1257f19e8ec326ed5de3741fc0ace62caaa85d4168b081e6be |
| SHA512 | 0fd0228aaf4f5eec74ee8939175f73be769849980d4a55efdfc078173cb709cde3935eb4a99635877cb12f121b56be36e69c5f7363f0e65ca927edce1ad513f1 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db-journal
| MD5 | fc26ceb0fac29cabb5494e96d257457e |
| SHA1 | babd45d1024cf81c576f83afc8fedc66afca9999 |
| SHA256 | a3c3d698d1e6545ae2d6ee5560d2dca52eae99b6fe26e40c17de78927bad5ed8 |
| SHA512 | 3152e0635afb4b77860d883c49cb4e1fcbb8f5a6bc78562f3daf9a7898b22544a0b52f3a0ea85cbaa9fe5b913064d119c0a8cf1ce270607d2b52a1a668a37fc6 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 94066f8464ad6757390afb313676f3a1 |
| SHA1 | 0e8b83904c05674f9498c0e2da179adb70a0be20 |
| SHA256 | b9391f3e2d5d3c2d0a8fc32de132424d34eade7cbcd660b38bc04f91889a1ba6 |
| SHA512 | 07c7d6b18e1572979e7d103729822768cf671f13dfe665b2e7c25e9a056447d6ae0eaef3d6878a1437ed9519082be2b3bb0b4d599c2156fb41d99cd2d6f16d75 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 790f102cec1c347f21367407ee13a36b |
| SHA1 | 426cae165c4c943ad884046b68ecd53ee60a5a3a |
| SHA256 | d20dd0f2bce8e8103a1eab9e0c8c1db4d471ba5941a4e35b5db3a256b56db1b8 |
| SHA512 | c3901746b5e0cf375c3b8dc6120bf3ede04af0536d8445d5e05a5070c74639feaac304e00f0c94767ad7878800971e3a708f6c5889d2949b28a4e024ccea4d21 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | d58a6639ab18daafdd9c31588b1981be |
| SHA1 | a2a2bca9a90ba3f26a57fbcea10c4485cb2884d1 |
| SHA256 | a2cea8df025c1d34bbc525ad1afe47bb6f14633ba1b9078e34d82d8ffad0eb69 |
| SHA512 | 534857dc4bce9a0ad768bbc75798db62df7bd0d3d9c09ea8314839360defafe4c4012aefb88e2f63804b99a3d51958ecb6f78d15f746a0caa8fc4dfdb6982580 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/OneSignal.db
| MD5 | 2479ff01e32c1445266304f37e9e7b35 |
| SHA1 | 63a2b50d03eff98a4b5e684f1f95996b78219e6c |
| SHA256 | c276033016c0ae04c4e1a7128d443a01aab24d99c434696ee1b01fef2d3acf15 |
| SHA512 | 14b24f8be6f9a88e31a2d74f3f13cf9e84817bfe445b8b8a873c1678f274714237b3f1a2fc9c5821c300fc72418e3229439107c2a2ff307007409dee6fdf16d3 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | 6adc4472f96adb174623e3438fb89fe8 |
| SHA1 | 571849413a9c98ff2a8c199aed0a87f058dddaf4 |
| SHA256 | 52dfde4e66011b4caf3b9a9432aba42ad4a6b324a8b8466c8ff16326c6486943 |
| SHA512 | 59b65dac23973950624ee5e123729f9040dcd35f189241a328d01af9dcd7be37fd4a66f9311b3e62fbd6bdec8623dad0efd062af99a31ab6c56762bc77fc5173 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/OneSignal.db-journal
| MD5 | 06d2c914a574490f3b1cf731786a9a80 |
| SHA1 | 3767b3875bb6d62cab11aa1ea7a76dddddb80e1f |
| SHA256 | ab0b4a2670c722681af3d2d30f9f8d83aff302783ae1f9e4c4c4e935b04a5d9f |
| SHA512 | a3daf5ab451f92e3e31603a7b4b6123e947e620a4fa1bf477f27e062d09588f6d28838f7956b8fe9959d0522a34f00a62e65d265818c82965deebaf5c1852a79 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | c73b2d473cc391dc18353fd74c88044c |
| SHA1 | 4d70cfea56f0b48fd4ece24d88b7874074504b3b |
| SHA256 | 2e332749d0b1ce31d2c7cb8cde352f9763b60e5be7f6282dcc919e3fc19e5d21 |
| SHA512 | d59f6a6fe98358948638f90fc23a771ec085070c86024df1bd2c53346892ec0d03fb8eb43a18f951e6fb7c18fa3394776b5a22ed6acd5654bab808fe0126ec50 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 3d8f938a73c1499b96f3822ffc0d3777 |
| SHA1 | a1d1a946f82a13f74428d73f3b66a3dad86406a1 |
| SHA256 | 00443b9698dbbec4e64f9f65bf8a066b39486b3c623a8a5dbfc68b24ec61c9b8 |
| SHA512 | 008c0ce64923233c25d5ae5bb35776310e5f90d244892506377be99c23c36e91ca4196675b9cfc8cb987b66e917dae1d4317e739ac668112a9b3773abfe80db3 |
/data/user/0/com.abtnprojects.ambatana.hack/databases/google_app_measurement_local.db
| MD5 | 818548be1885386cc995f564f36a8e8e |
| SHA1 | 008b0c602ed55b1122dadfb3a20db517d55c10b3 |
| SHA256 | b4765a86f69c122307448d0c6e81cebd52ffbc59b0d19da42971e2857f773e6d |
| SHA512 | 47840561a1eded73600b656576a7a9195bd1beddb79b08090b9e6bd9ab610de6cfb0a334310bfefe0b33ef157d420aaa17c6315fa2e689398da3328c4460a02f |