Analysis Overview
SHA256
939ce5a794baa391aabd143ded6fcc5125eeb11bb0b973b5e361becde742014b
Threat Level: Likely malicious
The file kapp-google-kwgt-prod-release.apk was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Obtains sensitive information copied to the device clipboard
Loads dropped Dex/Jar
Queries information about running processes on the device
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Declares services with permission to bind to the system
Queries information about active data network
Reads information about phone network operator.
Acquires the wake lock
Checks the presence of a debugger
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-12 16:48
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. | android.permission.BIND_NOTIFICATION_LISTENER_SERVICE | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access location in the background. | android.permission.ACCESS_BACKGROUND_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Allows an application to read image files from external storage. | android.permission.READ_MEDIA_IMAGES | N/A | N/A |
| Allows an application to read video files from external storage. | android.permission.READ_MEDIA_VIDEO | N/A | N/A |
| Allows an application to read the user's calendar data. | android.permission.READ_CALENDAR | N/A | N/A |
| Required to be able to connect to paired Bluetooth devices. | android.permission.BLUETOOTH_CONNECT | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 16:48
Reported
2024-06-12 16:52
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/org.kustom.widget/cache/1700159444520.jar | N/A | N/A |
| N/A | /data/user/0/org.kustom.widget/cache/1700159444520.jar | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
org.kustom.widget:editor
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/org.kustom.widget/cache/1700159444520.jar --output-vdex-fd=168 --oat-fd=169 --oat-location=/data/user/0/org.kustom.widget/cache/oat/x86/1700159444520.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.com | udp |
| US | 1.1.1.1:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 142.250.180.10:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.180.10:443 | firebaseremoteconfig.googleapis.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | clients3.google.com | udp |
| GB | 142.250.187.238:443 | clients3.google.com | tcp |
| GB | 142.250.187.238:443 | clients3.google.com | tcp |
| GB | 142.250.187.238:443 | clients3.google.com | tcp |
| GB | 142.250.187.238:443 | clients3.google.com | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 1.1.1.1:53 | play-lh.googleusercontent.com | udp |
| GB | 142.250.187.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 1.1.1.1:53 | firebaselogging.googleapis.com | udp |
| GB | 142.250.200.10:443 | firebaselogging.googleapis.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | www.googletagservices.com | udp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.34:443 | www.googletagservices.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | pagead2.googleadservices.com | udp |
| GB | 142.250.178.2:443 | pagead2.googleadservices.com | tcp |
Files
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-journal
| MD5 | aa3a1d9aff708ac05e0d782b78358874 |
| SHA1 | e4fed52faf1e7db3480400c19ada9e43116c0d35 |
| SHA256 | a7bc52d56629006f7258f6cc6cf14eb656f6c98908145fea283b35aae483369c |
| SHA512 | 414c1f37ae1a47d4f1ee996446b5c77331866eb80770d900e111990268f5bfe2b71b0e7c1b83c872467a54607a78b2b0f10277fa6fecbc59f235f66502772fa5 |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-wal
| MD5 | cf17eb249520e492b1428da8ef22b8bc |
| SHA1 | d473e6992c1126da3377a103aea82b4beb8437d3 |
| SHA256 | 475fc8bd8e5a9ae5cfcfdda5621bbd95c23c97272c22e4176a0a12827fb1de92 |
| SHA512 | d1075fd9c5ad10df316ec4cce16165c3e530da6167a4de1b7fb19d820e46cfdaab677fd34fb4c560eec093ffba54df3f0cbea8196be1d371edd0b345d4e16f80 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17A0355000110F549BCB7670DAF/report
| MD5 | a1f92b8efe655df577542cce43801094 |
| SHA1 | 8aa2b0de7fd866ca39b4f1d2a613c5292429f4dc |
| SHA256 | 2b3b0fe55fd4113afb84c2a0b8014b66198f4534da0bbdf94dbdcd0421aac728 |
| SHA512 | 77fc044f888e216e0c51b6cf1984574e54a3f44c0c5b912d1b17f6a5e4cbddb2b945932f1eded325f71635b47b4366c6c3dde3fc0320497273e42f7bb1806852 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17A0355000110F549BCB7670DAF/userlog.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17A0355000110F549BCB7670DAF/userlog
| MD5 | 59cfef1debd440293cfe53a04093d253 |
| SHA1 | d8cac8cdb06501d0d1914f47730ea88190857163 |
| SHA256 | 1d8fe1eea86b32a35e570d3d03e5f4d4b4ee07e4948083aee0fbaf1e0c3b3402 |
| SHA512 | 1d5c9262176c71d3a423bae05d6d94e42bf669ba0ee6979c1038d7fbde445e5f3ec2a9f6f7aacd2167d805595e7334b6b54bc58609a92cdb82585c049daf75e7 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17A0355000110F549BCB7670DAF/internal-keys
| MD5 | 8d7896a5f3f730ba30ebb8672202209a |
| SHA1 | 1ae0575af26498ef300c0d462cc0c8b2285da246 |
| SHA256 | 978ab09288238a8c1ae2fc673823e32f2018e29f256eb654f40c74b6f83f12d8 |
| SHA512 | 4c1e5436e51e6633ee0ea25af1f758cb68e86b9ae0adfec53624d1ced0b07e691b4d278ef9f3043411a696ff4647dad88b4fd3906ae6a97d199e4cc4c593acf8 |
/data/data/org.kustom.widget/files/frc_1:415510900161:android:b9af1b0edbcc3626_firebase_defaults.json
| MD5 | 5582706d2372bf1d3ae6da68956dfbe0 |
| SHA1 | 406501efc7625eb2a157891b4c5b5587adb997fa |
| SHA256 | 15cb04763d7d4595bc3059469bedfe7bd74002633775ae96f6e151e3206fb4f6 |
| SHA512 | ed8cf295bba486d4da97db49ad024345ee095745abdab1223529f5795126bb46cb0960ac2be290e372ffc68be64b4c73d5a35e66c36f92a9880e0c59e42428ec |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/com.crashlytics.settings.json
| MD5 | b96729d10afd0e385a59228aff116957 |
| SHA1 | 3226971233f19401e73c40d96c9151eec30a241b |
| SHA256 | 1daf5f7daa42f4ac39d378ab46d44a93d64e587888f50d7af79827ec5573f03b |
| SHA512 | e066973db4ad644770dcad07f0484ce68595ac5063ac9986698f6cd91f56e777140c36a4cc0344f6cf131cfd33580bc0fc8160a66028a79f5351157ac173b657 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | ff3d9ecdd85b2b681ccf1a2a9d476d8a |
| SHA1 | 2d81890e6b6e20514285fc9dbe64c68e4951c13e |
| SHA256 | c4ff69a2a22dcb12aa92f588394667052b0e38975974219e2d6c0e6754206ba3 |
| SHA512 | fd5fe64469633a3950bcfa0ff1d08e864aebb2c07ab30fa5bbba97801a4bc195d8aee6097c5dce3df49e30e87191f1be2b0840aaf318192f782bd6a7ee78af5d |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 53bad4cf1f3f63386342f0f25689e820 |
| SHA1 | f27aca27710e647c48ba8d8e7bbc1ffb57048d64 |
| SHA256 | 0747e9b16bf1239bd40885618ebe9750bee27cfa6f762edf1e3e380ace1a2ae9 |
| SHA512 | de9ef312f0b392bc1113ace04c09c67ff011ae0997b7020b91e67afff17e4521365f349bd636ff8a184603ae5bb80bbf975dcdb7af6482b7449e7a3fa5e7ed73 |
/data/data/org.kustom.widget/files/PersistedInstallation4337174535513034tmp
| MD5 | f7296b1e693a9eef8e3741ea288bc9c7 |
| SHA1 | a1f71ccfac86ea0b9181e04917e17403cf297e15 |
| SHA256 | 79ae31e1303d211d60ed1cf52f29a642c04bb283f029f726f3dd0addb1175a02 |
| SHA512 | 4cb37ff2fefe5ca7c788bc9e45c4f3ca3107dadebdd9af7ccdfbca11b0aeec58480aef189877f020d8ac8c8ce1e7c82d696922b62057e9a90bca47d9a6dbdab3 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | d4c9ead5188e461c99f8246316714abb |
| SHA1 | fea934903f4577a13e8f03322bbe839946ee4cc5 |
| SHA256 | 108f718ec36646b57bfe3be6863c791e64423b2d17b750def91b33c336c231d0 |
| SHA512 | 48b54faef9b9cce62ab2e3e1e9b7416fbabe1f862d6725824ca0af1c0e383210e906ed622ff6f5658d12f44a12b270e68b7982a03fb3201514e2c863a7cdb700 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 20162aac5f013bca62c8755c154854f7 |
| SHA1 | ac08d2f5c44cc79721d57e82b395f84c79292eee |
| SHA256 | 97c4254ce5b6e07a8ff14f4a9b55bee5ed816a56a846ef7a4f7f603471903bb1 |
| SHA512 | b01fcf2d255a821858037ddd2b2298557bfd0e9d3f8739c20d17a92c25ff5faf351166ec3c9a6fccbcfe62fd165ed98b71dd612b56975c467bcd0a8507696299 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | 272f7385dd5022ed60ba9332e446f32b |
| SHA1 | 3e81278cb9b90677a6e5de06119b36905820e709 |
| SHA256 | 8bf06e148bf62686bcb02df405bc25c93703bef820f928be54cec972123831d6 |
| SHA512 | 8fe3f909d232c69c54508acb49018094f0ae12e65b5e501bcde12b87ba79a6e17b05e856c950acbd6e8ddfd690920f2bfd63ebe73b32b462ec16f939410eb4fc |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 4ad8a9c271826507ce37470e8d254319 |
| SHA1 | 1a7d756a4f47422873a56dcdb0c13c2c341b610f |
| SHA256 | 59d9b8d2955d1e3ab3ff4b15014cbe720d01ff0eaebfa93d2ba04abfc4712e2f |
| SHA512 | 507779dd2ccdb4b313919b0f613b682b6a18f2d493397c8b02ddfdbbe2c5e164443d16bb660ee7555fd9bbb19a3337ce580b2accab1aeda53736237c29c4b121 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | 8ef8cafeb5404889d1e47fa510337c51 |
| SHA1 | 43c33dcb24a321865e08ada2478f29f5f4fc5bf1 |
| SHA256 | 3c0394fa9b97914c4d6cf279294a0c51a50e16c52a5e427b660b8f26b5faf7c3 |
| SHA512 | b794fe7891fcb33d3eedfbb4c3f1e3c0b3a8a948e0fff13b7a25b2a1a585ac7e23770c8274baeb0cfbf3dd19111b60211ce886ab65ad42b716efd561ff18bc3c |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | fb32e208ca214affbeed2dd2a1a1677d |
| SHA1 | 0b58d5945ed2e8192c96c5fc30b715780273eaf9 |
| SHA256 | 96c357877e34334be2e101c1503d416b40e1cb075dd9dcab9558ee2c1b81278d |
| SHA512 | cae63f5a81d5f14c361a39c7166323afcdb59d59c31128ea61d3586818499448b9aba6f85a7acbc600126b3224e6e48aea6d9b8c16089e227e3ad369a2919a61 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | 07604da474939c71bd31b0e881e4b40b |
| SHA1 | 5773dd30386ae4cef71ffedbedd15e16cd163697 |
| SHA256 | ba1ff8f6c2ce3e28d891e0cd81400eac68e1b362e2504d15d077b1f227504b05 |
| SHA512 | 38b6ff60eaf2bd11ae521a2d27dbe6e7d18de97370bcd83e2d3166a99d8bc021ee7595bf15f272f79f7a6312db39e444bbc6eec8aa21fcc22a03eb4e9f08d586 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 3b8a2d1d4e465c4ed357e431ca4dd362 |
| SHA1 | cbbe7c6dd61a17125dc38c11f9702917553e4688 |
| SHA256 | ed8800944b65b0e06b7be878974773fe0100dca2ade3dfd7aef8ce814336da96 |
| SHA512 | c419b1bdebc88a1c4d71a62103cd7a074ae06537315fb0e137b2874362c50ed92b27dd60bd48ad7ac16a8603b7101874436870c97393edf5e582c19fcc0dee76 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-wal
| MD5 | 7146b30f1db0d3c7abb8851f95048dc6 |
| SHA1 | d09008f7015d47c218d095fb0970f2b4acbf90a8 |
| SHA256 | c158a799bf2c4333d82720355d5d306331b1e40720507885e5eeedf01c3eaaae |
| SHA512 | 1c5b467a16efa7438c8087408914d7353f2dc99c22872aa3dc4de7a1bc41bd6e6bab2c9035034b040b951041c0918544a7621ae0b20e169e01e5b35c469d0727 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 1aadd82cda62adfe55f14bf95247f7e1 |
| SHA1 | 4ff1a51bb26d76a156a555968caeea1663094094 |
| SHA256 | 2cb0918a67a8829c4fe5c45adb31883a555735eda9757d2517cd1a3ce5fbae53 |
| SHA512 | 744575efba040a8873efb4f552a9a0d9fa00d3f13126a9992a186cd4a336d861d199d7e4381afbd6c0d87a9c1a5db631dca07c246212ca306735c530b49a2cc9 |
/data/data/org.kustom.widget/files/frc_1:415510900161:android:b9af1b0edbcc3626_firebase_fetch.json
| MD5 | 7a462430169b16208ebe50caceca63e5 |
| SHA1 | 69ebfdd3a36b393cd12de4f997af53e85fd43732 |
| SHA256 | 10a68d38bf1a6c206eac13bbb507f2613e5f5341bed742eefbf8971bb49a7625 |
| SHA512 | 1d9ede5352ef21290896b534c741a31e110ec795380702ae2541df926094aa0efd8a4827bebf04e4fc80c64c61e7b2e46c9dd42271823737230389ef13237419 |
/data/data/org.kustom.widget/no_backup/androidx.work.workdb-wal
| MD5 | be0c684d0e28dab412de7d2cba2541b2 |
| SHA1 | bdcb08688e6fcc384f6afdf42e9aec96f60ac2d4 |
| SHA256 | 0b3b276ab900cc81064175a5859f2578bcdb6dffc50de67ab10cef2a3db5a4ab |
| SHA512 | 35b1ceec42c629d7fe745b9632c9954e260139c74251012118f4605109179e1b0409e86ebb3b0fde1ea2e4ec78615f6b2a553239b7a84330c73b990fc8e3f9d6 |
/data/misc/profiles/cur/0/org.kustom.widget/primary.prof
| MD5 | a0dff4d32336df589823b3e6af5c3579 |
| SHA1 | 6430d6e984084a9965d6f550b2cd4a73cacebb35 |
| SHA256 | bb9b98126276dded62ded6cca4c618165ab1666412b12b6128e0888118bf5c42 |
| SHA512 | dc0c1645a5cbe4982ef9a1a1be69d046fca5d321ed5d9451e0633543340c78b56e59433fd8f45c7b62d68bfe2623e5b0be2f5a34430bca795a0ed575acfd428f |
/data/data/org.kustom.widget/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | 903b5291168aa9f782a413c02dec85b6 |
| SHA1 | 543fa68811e1f2b7c7bd14d318d99481b052e985 |
| SHA256 | 261adbb39037761c21e183d34e88301b1508a168628cde21b5b284cf54bfcc49 |
| SHA512 | fe2ea09d44f225adb3108baddd5c54b5f1c804198705d4b5b8ecaa7e4e8c956ecc30d21ea57c52a50d6c9bc1508a6e2b08ef9858537254997ef72a07c93c5106 |
/data/data/org.kustom.widget/files/profileInstalled
| MD5 | 6bb999fc74a3e4634717614103e9e67d |
| SHA1 | 41a766596ab34a60d500d0818dbd4c4ff2d19035 |
| SHA256 | 60390a99fbc815b4e5ffe4eb3fb95c944321e596f76ba19669c0e3d148c471b6 |
| SHA512 | 42fcd20d9c6f459363d71ddc70b9b23a0d0bc18789f585283dbc8566f2e54c51d54e89cae8e1a58d618e6a2d693b45b0f67e871d0e1c614bb3187cd63affbc12 |
/data/misc/profiles/cur/0/org.kustom.widget/primary.prof
| MD5 | cc3c7c0816f5f1b9f13aa10369528796 |
| SHA1 | d009aed8d095af501ca003a3064187285e567add |
| SHA256 | 9448ae68ad8d85bf8456ad47f061162efcc8e7e2413435567d916901acfc5a47 |
| SHA512 | 492bfb8a4ab5ada9fbd153169efe280675c3b71b1d082f7584710299454499f0fc84cc4caace44e597481ecb8fd0ad1779f7c04fed907da4f891a91c2ac6f03d |
/data/data/org.kustom.widget/files/datastore/loader_preset_settings.preferences_pb.tmp
| MD5 | a5ea4c21a9e63e111874acfc7157cc03 |
| SHA1 | fae5b756bc9ee99646c8cda39e74f53a6e69c41e |
| SHA256 | 4f56410b5c32e6475aa8666ebff9d18fad05c3412375d0079c85b36d5e5fd810 |
| SHA512 | 9b1a7a556262957a1aa3658e576b46349f3976cf0c07be70d3357aa5e04c8791fc9589e195b6f0a40ee8728303fe8a3ccf027d57f05ebcc7549e5b7216026b49 |
/data/data/org.kustom.widget/files/datastore/loader_preset_settings.preferences_pb.tmp
| MD5 | fd8e958b71739c23ab4063b6f57cf9d1 |
| SHA1 | 87cbfc1537fdb2f4c0cd0b9609a45ba60c19c4d9 |
| SHA256 | 68b47f869d7b416f7297860263b3230c6650cdd930313df6a9b8aedc67f9e85e |
| SHA512 | 018a687d2e0b41ba9c54b02f1e6a50ac7584713ea7b194d4c4b183f0bafdad8f5e4f27701ae806d373f95f1d7b5fd5d16a83adc19e1b838a7c8c99a7e459124e |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/journal
| MD5 | fae60fbdd433a879eba84f72d71cb6e0 |
| SHA1 | ebc5545196b6749d7f441828ee045292c1109135 |
| SHA256 | 1443241464dfcce8ec7f5c92e4e8f1ff40b14290f8bb1f2a456754e1d942c602 |
| SHA512 | 16688301c04f48bbc92dddba3658ce49660360b1da13ceec057f5b4efec1dc390b45f80fb361d6e53a0c65cec57d9952596292e859bda22635a2bc7acc1488ce |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/dca02b25a792af9b54a0d094ce3900ee9d90877efbb9023de21759f34c3b7438.0.tmp
| MD5 | 4bba4439e02064f0171c7dbde4a3948f |
| SHA1 | 02505afdedbf4e2106a5ae6e381c14e55631306c |
| SHA256 | 0ee91e78fb8330a933c06188ce9e16c5fcad5d0afd7141c936936d733f245526 |
| SHA512 | 4163e8041fbfe0fb0afcd96c3f8fab00843f4ff9cbebc8608bf9d5a835511c8997a23086ecbe7b4b54faf292ace9cd56e3568c9b7ae9b08b634a63effecb1b1f |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/3c292bbfc8b4ad765bd776cdc0768e1da437f0b5126b2b1fa84a986676621e73.0.tmp
| MD5 | 025b1ddcc3a631fd6edfb40d0f5d70e9 |
| SHA1 | a7d44033c205db11ef905a3de46f489968c723ec |
| SHA256 | 73b22eec3ec1ad5bf3a0233bca59ada649262dd127e2a42c1c459b38b3297eb4 |
| SHA512 | c659f6a91fe47c75ae6a5c56fa93cc1f08e4e75cfd9f632f590c6cbce1beb166f310cea48630dbd7b5aa4bd9b028e3aaaf6b186eee80c4123040754dd6e61bfe |
/data/misc/profiles/cur/0/org.kustom.widget/primary.prof
| MD5 | 137e1db7bd24772c9b18e5a27220da2a |
| SHA1 | d88fe39929e011143a68864b862dfa95bf9049b3 |
| SHA256 | e44e6e0c890dc8d1fbc179062bf73faea476139fef756b86491f6d74d43c8d5d |
| SHA512 | 59fa8ae8dd6be0d12dafcfce796472a8770c0dd5aa7e695a8d992646ceeb1057febef9c517323a2757c0662381f5aa464fdd81525eacdeff28745975f3acb152 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/loader_metadata/journal.tmp
| MD5 | 38c0b976d3e3b0192144e2568280fc85 |
| SHA1 | a8dbd942d66cee6ceabcbd1c268bd5a648f0c6de |
| SHA256 | 98f27da0690481047251c2b43d03c319d9734829c99ca5a3e4429e165f0cfb3a |
| SHA512 | 8a21441e4e76989893b158f8648a4326f61fb7e7fc3d343c9b07c6765310e3ed3513883542c9de0f48a2b3b714dc44496a95b1d7fa591fb3aeff8b179e7caa77 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/loader_metadata/journal
| MD5 | 2d646087999d90471a2efad16fa5377b |
| SHA1 | da8ecd3767ba6f84facfe803b82f3a2dadf099ef |
| SHA256 | 62530da73be5b915bb027b1d89b40cef7b91029715b1359bb8361729f66a4b7d |
| SHA512 | 68e04110632210c642fba8e5dc1643d75860c3ff0f6a3a08f68a5324982eef000afec7550646c1de432a8f2dd93433651b85a33481f1de670f98cf6f2eb30fa0 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/loader_metadata/org_kustom_widget_3020890283_2289452218.0.tmp
| MD5 | fb26bdea110d37369593466ba3412625 |
| SHA1 | a2969b3e73303c8fd58e16e14ec36f41b14c2c73 |
| SHA256 | 3eb300eef1bfce4c9ae96447afb1de41ef744bf6a98e4ef6b9a89d2f226ba4f1 |
| SHA512 | eb64966ba1014651f407ad7173e289ba5ad85bbf453c4961da123c611967e547f7d082a01d63140871d23188809c66d01f8a5a67322791bffff641cc16799a3e |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/464f6365e089c575430ece2d38d836cc661567f6f819c1f42d2c2db1840c1a3f.0.tmp
| MD5 | de6c20639a597d261d3e97204a4acfd3 |
| SHA1 | 2957af45ad8018114561e04407911061b40c3f15 |
| SHA256 | fd1dc3c8e8c8fd1fa2b6b67a7396ae7f2e6366942c5a7ad887a4825f8775e3b0 |
| SHA512 | 7161d5059eea07aa32b63030d367702b6235157fe16ddfb32b59b4600ef5f3d111f202c04cff6c2d38b04f8565fd4130510be04bf166e97bf0a3535a0fdc99f8 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/76ba7ef54068ad0dc2ee7fa646e231da34cc0e6496a51a7b5e334d73527c5624.0.tmp
| MD5 | 944f5b0eca373d9f07e38d6ab45419b8 |
| SHA1 | e9e474fe09460c5d51b2d799a52ca158f709e9a0 |
| SHA256 | 0afa73591b82ca13d14977c69fb766822a573094db9fb95aa149e059d1fff351 |
| SHA512 | 07b0ebdff3f6d7c893079ce31a2ba5c1d178be6d69915abc2a85a2d6ca75f58e252e5de8e31c500a02cfa00d16839d0cd58a7d53f93ffc202537145d6c342c93 |
/storage/emulated/0/Android/data/org.kustom.widget/cache/loader_metadata/org_kustom_widget_0271189870_2893180965.0.tmp
| MD5 | ac624b875253cc3c3df091df0a25deca |
| SHA1 | bc7d7c8161c21b84c79cc9bfe466c597936e6bb8 |
| SHA256 | 0a527161eb3905cdaf0dda077816d7d319fd773c7506126ff5c50183bbe79a08 |
| SHA512 | 7f0d937fcf3fa4aa44afebcbf757bc19148937fd068710d5d27b30f98f6f57be447fcfc11be58d3b5b837dac9683824e4631ea910c54725ba8993690c8afa97d |
/storage/emulated/0/Android/data/org.kustom.widget/cache/image_cache/f8e1b7793f6f52291c69207c5dffddb4646186255f688d713f765a7510c683d7.0.tmp
| MD5 | dfa15ed5b424f292e32c609a42610703 |
| SHA1 | 3c617163d45b801b8d5a3530ea4cc123f5ad5557 |
| SHA256 | ad3374590eafa5d2eed501c65e533cb241e7d9ade36f37e11cd087de837239ae |
| SHA512 | da6f3ce8f7aaaeb87f0e15b618b94accfce484a3213bde7c3f2845b438d6fb423c4c387616e6765c10774eed266d0f9499e42b84f4ebd4a813124becb906523a |
/data/data/org.kustom.widget/cache/1700159444520.jar
| MD5 | 6e7db93194f85158705af7a52b417cee |
| SHA1 | c44713637cc460726faa1a2a415c31a0c94f4ffb |
| SHA256 | e1661b37aba29d5a8c159f7d5006f10023e6bfc9bbade99b09408360ba2185ce |
| SHA512 | 155b61aa80db769ba1f0c637acd5a0e3c96fb152f060a6b73826df0a8aed11e94e4081f5808b805409f9da36aac75e1d98493ce119db7279254e686e0063a93a |
/data/data/org.kustom.widget/files/datastore/loader_preset_settings.preferences_pb.tmp
| MD5 | e751be22891720b18c74f27971b17ae3 |
| SHA1 | 4816190013bd7c17591b31a22f05b570cb5b92ae |
| SHA256 | 1e7d86f525af9fcd14f1ee768297b66720ce3bcf705fedc57c455341cbf22dab |
| SHA512 | a5c781f9c767105b8dc89789898bc06c6252d60c2c98fe14d6a5342a50cfbf91f1ede98413e685565898845f45da1f1efb8983d42e44620dc0ecebd8acc74a65 |
/data/user/0/org.kustom.widget/cache/1700159444520.jar
| MD5 | 1f2e09d0e885bd20ac20b108a09237cf |
| SHA1 | c3a269b2e6da38b08a4c5430acbe3994d89bb330 |
| SHA256 | 315434fcb5fe9d6954e22c7245feaa40b6c28564b4afcbc42141fa73368e6447 |
| SHA512 | cc61205ef0bf38a54f933959893fd85b0fca295e5eab442efcf41e75a8db1a164d83346af5e00c424d29f68759bcea2a617bb0003758e0046681ba1fe854b718 |
/data/user/0/org.kustom.widget/cache/1700159444520.jar
| MD5 | d6123e43ed1e157dc33bfe8b9b788c4c |
| SHA1 | b973ecf547a53feafd6b69fd766816c33c62f010 |
| SHA256 | becd5d4bfee41280450bf94b2b4f6b78f5c78e558962871506c5b8eec9432810 |
| SHA512 | 74544f80af73d8ac2c1561265c9ce37d0ed062c78c58dfa2d0b64248bc23a587ead4fd56d50b21ea7f1e527a0486652425357d59bfe97f36309ad6745e6b97f8 |
/data/data/org.kustom.widget/cache/kfiles/editor/journal.tmp
| MD5 | c05445c797391cbb7ada1ea112c156b0 |
| SHA1 | 4efe77692e4daf2ed39968aa5f4ba2afd337e52f |
| SHA256 | 9235c993681f94bd0a33c69d56a5391ba13660305b819e472aa7aca9c37a1b1a |
| SHA512 | d1c1c904ab2a0ac4188aad286820e3cee923b683e4bd5900beb2a84314f285291c0adac29006593c73434c449c7913e568ca6df2ed23e715b56bd3e79f2f199a |
/data/data/org.kustom.widget/cache/kfiles/editor/journal
| MD5 | ad185d7fa21851ca66fa471ff8cf1f21 |
| SHA1 | 472bc5c58bfa73074da0200f28e17aba0fccff17 |
| SHA256 | b466299f1dfaa445f4c176a6cfc2df335070e97ed329003c06154bea710caf68 |
| SHA512 | 8991a11b60cadb2cce366087b311615c1e0ad7aa8a8b41ea1ed8e93a43f951f92653c8aacaba5b4de55c53ae388e9de265c4bb77db5c6412b1d2189a0681ea0e |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset.json.0.tmp
| MD5 | 99a6c7c1e9b3a6998ff944b6f8630e03 |
| SHA1 | 0256d859461f71a09db8af5c653489ac52a46879 |
| SHA256 | 8fc91bc5f599d30f53f563a86558b570d22e0f94d9399e7b1c3f45a2ec2e8406 |
| SHA512 | 00755f2935c6b11b5ff5929915ba4038ceecc34a9127975aca786520d965499c1d3537eb5fc288f9127625f4aa262dad7f24318e833daf42302d8bd8dd2aa62f |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset.json.1.tmp
| MD5 | 5bee6be41adc222dc37f51e734c92dd9 |
| SHA1 | 3e5de44d5662e4113aa4c5a46042831d4a4d1f72 |
| SHA256 | 7c7844121bbbadd278c80ccbdef8bc3e65d4e9d3b83d60cbd13d4274d1bcdc48 |
| SHA512 | 093b2369d76d3501bde62f7f1e7c1fd17776a3e522b85ef1c01c0d90bc76bc667d2245036069e104b515b6ae6d50dd64bfe3ea3948116af8a2d961133b3896ad |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset.json.3.tmp
| MD5 | d273b077c0c8595bcb8a2c2e30e9b764 |
| SHA1 | 11410ddf12b63359dc982466682254e181b7df00 |
| SHA256 | b217c203c33fd9682533182920bee6d55373556528474b1807c38350d4c525f1 |
| SHA512 | fc61ad12c9ccfa4f590163c69e2c540ae92b211a061b7d115a4e7c3104604508421670a0500dadb671154fb64d3e19dfb7336c4559b3d20ad2ed40aa36571185 |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset.json.4.tmp
| MD5 | 723ad77e7bc51c7498b58b3d150b7526 |
| SHA1 | 7cbe9aecc07a9b84081f9e7c0f76543fcd3e21bd |
| SHA256 | 40e04d0f0836ea4cc25e6602680375cf9f9160b30ed80ba05ed97324287b9348 |
| SHA512 | caa2a5aa03e4735ebd4caa3f9778f21cda4dc3eac3865237461ca4bc9f1153ea8f9ac029ef9f32cd2b1e02302c0f85229a2eb39f422307fc29db8c1c6ec2b28c |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset.json.5.tmp
| MD5 | 3feb64343ca487f90ef4fd7a30d41e00 |
| SHA1 | e10a11433735caaedbd0621f5fd7eda41853ac86 |
| SHA256 | 47bc2a3f925dbcd234bae11bb9830b16ae9b872713195996e5e0053dc46d8fdd |
| SHA512 | c2a1de1b3e27f37acad17c512e8230fbdc52130c29a6f2d2497c0944ff9f799d6f854c1c7ff29957836d9a85ff722b801a04dc4bffef4bec0f00c2b27bc713e6 |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset_thumb_portrait.jpg.0.tmp
| MD5 | a9dc866bdeb4dc31c4717673de5bb3cf |
| SHA1 | 005c28af700f84da525a8d03af7d2517a50ff1e6 |
| SHA256 | 6d87e5de5ba800d4da9fad88a260f562caff2894f24b26864046cad92123eb2d |
| SHA512 | 0a5743f563905a9e73a2a9b2de5a75bac69e3557115e8066ba361e4946cb8261f85302ce853a0843ddbe5657d160b95f05ecc9cccfdccfaefbc9c08ae3f6a9a8 |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset_thumb_portrait.jpg.5.tmp
| MD5 | 267fa89695981caae988dfa974892c89 |
| SHA1 | 35a73cc2d79d284cdf30b76ca01ebc8bd6420922 |
| SHA256 | a4b2b5d09463504fa3ca0791900d60f6b5d272a5582714f475c033ef028764ab |
| SHA512 | 03ed3db9f47213cf8d8fbf905569f295175a32925c3c3b22067079037c8881ef8292b8d1e42220e6058796955ae7cbb7921054fa41c603113d04cf0af66cf352 |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset_thumb_landscape.jpg.0.tmp
| MD5 | 8ee515753419e8f5c5086ddd10912ad9 |
| SHA1 | ad508d4bf3b0c8a52a26af634cfb64a4ced329d6 |
| SHA256 | 2e40dc847a7692ee811a5deacbff90c9469921b34486e98dc948e2c4d2d2b5e7 |
| SHA512 | 7c5125a66d3b24939403a575fa58bf30727f73f0d9050dd2fbdd1e32dea990b77e6084ec933532cdaf87347e9c1b593aa64d5ae5ea269ce6fed3c9a40434cd19 |
/data/data/org.kustom.widget/cache/kfiles/editor/1079410976/widgets/MinimalAnalog.kwgt/preset_thumb_landscape.jpg.5.tmp
| MD5 | dfc69f2baa1ee2ecbd916a769c7c0bdb |
| SHA1 | 8687190e0ccebd6bed544d62249efd1af7e70e96 |
| SHA256 | ec78e51d05548fc617d6e5d233315856eb7184611a3cc097094d24017c9135b1 |
| SHA512 | e9469ad44f8ef77a022ef0b37f80e6cc850b4e5b7dfc6b457553407ff9c50d7c7cb904ce355b9c6ab3be2bd512ec8e6fdc8fc7b32b5a0c5bc32c984af1cf55b3 |
/data/data/org.kustom.widget/app_config/widget_000002.json
| MD5 | 2ebb08499031088d1044428e85ab1f10 |
| SHA1 | bb3dff008102e6c85d227af4849f158c76421719 |
| SHA256 | d91407f368242ab53c65fd57383887dbb61bd55726c5561326f2e94a12cf2914 |
| SHA512 | d7183e1a31758765434c16c89483f60267d0f546d3b75deb12dd45d217ea30ea6ca81e9e422bfa36278ee3e66ea8977c54b27fc4b73511e8fce02656851533ef |
/data/data/org.kustom.widget/no_backup/kwgt_000002/preview.png
| MD5 | daaf8166f1db2ca335e211b49fc8ac48 |
| SHA1 | 920d591214e68c7b0c148f2873f389ef87021c76 |
| SHA256 | f86355211eb803a637de7a03c60fa0b421f674495adff1ee2985f5a05eaf7a34 |
| SHA512 | 1f68d98f5c418aacc21b8787db7a8170439bf17d9979902991b65807de674f7cb227beb3aeb194e9bdca830dd7d68162dab8bceeac60c416856f2eb30bf61fd8 |
/data/misc/profiles/cur/0/org.kustom.widget/primary.prof
| MD5 | ef3a9e5ce680252a4cb1686147cbd2ba |
| SHA1 | d730cd26b016e60fa1af3e049ff5b14662a26129 |
| SHA256 | 0b9ddb47ad3397efbe132e126c0ead592a45b367568be7e6f1175cc7ce41bb86 |
| SHA512 | dacd905a2c8ac40f1ee06f7c9e5fdcef2ae81e5b1e2f9d0bcfff30304f6319a04e265bf1e4ca55265dde5475c709e1d5e8f1125eb7afddddd56024e1bd9445cb |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 16:48
Reported
2024-06-12 16:52
Platform
android-x64-20240611.1-en
Max time kernel
18s
Max time network
160s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
org.kustom.widget:editor
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.com | udp |
| GB | 142.250.179.227:443 | firebase-settings.crashlytics.com | tcp |
| GB | 142.250.179.227:443 | firebase-settings.crashlytics.com | tcp |
| US | 1.1.1.1:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 142.250.200.10:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| GB | 216.58.201.106:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 142.250.200.10:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.187.226:443 | tcp | |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-journal
| MD5 | 090c3106b96aa8c6e2c36de46de224c4 |
| SHA1 | e4d5f5801ad7fc6a6f63291b6629e30eae828f1a |
| SHA256 | 43b92f58eff2b36a17714310597492d9bef8b4107f72a58b5901211f2abff51b |
| SHA512 | 729b9992c4c5ce64bbd0c1cc2fc37175d76ef4931cc61f10fda8d803c95f6883db94374df843b46fd8d47b08f9284c8a24f3b05df25569a41d0814592a365312 |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events
| MD5 | 5b83596dfa32d5457c5d0cfafb385ae6 |
| SHA1 | 2971ad68bd21a8e5e86eb7f77bbf519736ecfb39 |
| SHA256 | d5459f2d55057db4f5dd8249fef40e9bc966de6db55463f50af165f8087147c9 |
| SHA512 | ad6c2ddd6c62220e363c5303f34cbcbe1b2c2b4c9538037ab9d95f4338bcdcad1d3fc7f43e3c05097364865e52835864efe1f32690e57de122f0fb1ad5683213 |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-journal
| MD5 | ea7dad4185d153433f9e5b1bc881e8c6 |
| SHA1 | 069d71057bde85a0641d26af8dfadf7bc9df605f |
| SHA256 | 2e2c9bb9e8a129e62bd5fd03d5504b9b8ba9c278ff50bc1123b518f39085a941 |
| SHA512 | 35f97d41ae84229f1a68c80901afa69ad23e230ab794300985833fd0ba12380c87a4010d6981a368ea09cf85b2c2d088907c1f73bd07f6ac8705da4d655d793e |
/data/data/org.kustom.widget/databases/com.google.android.datatransport.events-journal
| MD5 | 3d22a5ff4bc4a746eda7209200aae906 |
| SHA1 | 2e6076f11db608c7d1f4c23484775892a39b439d |
| SHA256 | f6691ef9d1b3a7f35808aa95230c159fee1f60eed4369902f56a3bb8f1f45793 |
| SHA512 | a8bc9f80802fa59fad5c5f65ea988fad85dd3f68bd36d82271d9116cbdfdde55f9938d2a0a539e0bfcfff6dc7315e1b2f3145fc99b38118be0990012da7fcfbc |
/data/data/org.kustom.widget/files/PersistedInstallation2954021009101837683tmp
| MD5 | 905b4c948a5b75a73638b105d0c89eb6 |
| SHA1 | f7939c46044d39885e066c586d92d7297e8329ab |
| SHA256 | 5324eb7a6ac8a827798f79b831bed284936f7f7bf590f0558f215628801aed83 |
| SHA512 | 752978e05ea4f95c563227d6950fd1bcebdf2a6f24031639a77c6dd21bf874dc6e827a3730ccd0cff8335b4b564a68b658a4d0e05679dbd397cc86489495d904 |
/data/data/org.kustom.widget/files/frc_1:415510900161:android:b9af1b0edbcc3626_firebase_defaults.json
| MD5 | 5582706d2372bf1d3ae6da68956dfbe0 |
| SHA1 | 406501efc7625eb2a157891b4c5b5587adb997fa |
| SHA256 | 15cb04763d7d4595bc3059469bedfe7bd74002633775ae96f6e151e3206fb4f6 |
| SHA512 | ed8cf295bba486d4da97db49ad024345ee095745abdab1223529f5795126bb46cb0960ac2be290e372ffc68be64b4c73d5a35e66c36f92a9880e0c59e42428ec |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17D03D60001145B480FFB0E3353/report
| MD5 | 9572a7fb2407446ce6bf73939467612d |
| SHA1 | fbcb2f2b950372b5f3d4e421ad50c228397728f2 |
| SHA256 | 2f66dbe3f3a3dd6c981bb2d0dc8f58297b452c68c19952bb9cfaa85a8ad711a0 |
| SHA512 | df4851732a58cd727d668b32e5fab9c30d0748ccacd7e4518799e4397607abad1d23deaec31c09630d9c347b16e40f3f536280417e2a4ffee958a8371cebd4d3 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17D03D60001145B480FFB0E3353/userlog.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17D03D60001145B480FFB0E3353/userlog
| MD5 | aad7f8f995b9701f16af2dbe1c4052fc |
| SHA1 | 291062b2b2180588357f9103f96557cce201ab5e |
| SHA256 | dd96f8fe87db14983784e1738c4f56dc00b6d8a42ac3091fde57f52a1ab9db2f |
| SHA512 | 596bf39fa5bef56d3155357018bff487a8c046517d7a1fb39612fcbc3bd3b8060fbbaec9318c363c3f76a3f110fdbc85367f486324d0a9e4d3def45d835ddd55 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/open-sessions/6669D17D03D60001145B480FFB0E3353/internal-keys
| MD5 | 8d7896a5f3f730ba30ebb8672202209a |
| SHA1 | 1ae0575af26498ef300c0d462cc0c8b2285da246 |
| SHA256 | 978ab09288238a8c1ae2fc673823e32f2018e29f256eb654f40c74b6f83f12d8 |
| SHA512 | 4c1e5436e51e6633ee0ea25af1f758cb68e86b9ae0adfec53624d1ced0b07e691b4d278ef9f3043411a696ff4647dad88b4fd3906ae6a97d199e4cc4c593acf8 |
/data/data/org.kustom.widget/files/.com.google.firebase.crashlytics.files.v2:org.kustom.widget_editor/com.crashlytics.settings.json
| MD5 | 84d2a3bf5f9a1e9d12455d02b4d25888 |
| SHA1 | 15c05b142ffadeb2caa071426b1c9847942c2c14 |
| SHA256 | e9f448d9b576c2944621a3eabe752d6f065f7c0f4bbfe9498032536ec546553e |
| SHA512 | fe9129d745f1b087da3c14c5eba4cdac0ae38c0aa66dc5209301138c1abe2a811c6f4ca657c4e3550026cd3ba0d13d3b0a35242890ae73fccde0fc91e98f216e |
/data/data/org.kustom.widget/files/PersistedInstallation56279519342314997tmp
| MD5 | ef77db6aaea191b7965ea78b49a875b8 |
| SHA1 | 2c6a2be3674fc319d8d1b5ba41cc84625872764a |
| SHA256 | ba10404c470ab1f9ff5936f0ed1f53fb4ef5dff23000be549a846820782fbe5e |
| SHA512 | 3f6ad8c8f9311b840df5654ac6ebd99194d11b5281e6985aeb8cbaac1ec5b9604a8f9398fbb150ec85d51dc3aabf34cf33f9cab4200f02236f6355c47b15af40 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | fe57014af8a9c0b83ff4a3e85c3c4fbd |
| SHA1 | e4475c6180790c38dc975ffac597546df4869b83 |
| SHA256 | 84b48301e19abf0d7d73c64b31de7b96041f81dfff974d66066acbcf83ed0ec9 |
| SHA512 | 34f73e89f88328d81fb8c45d84134e3f85f00db570c13e6a926c48fa8c61351f9a750c0f40cdc95ff3e0e722dd181cc80ba0642c461ebf49fc2dc7e2967e40c1 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | c756d29a2a8a2d14f7ab312ce8a7a27e |
| SHA1 | 5ecb5397d7342f5980dec46ba50998c889a8f878 |
| SHA256 | dac179f7170e7760b8b6cafbd24989ceb51b82e1cdce10db321de03bece00674 |
| SHA512 | 248b6b317ad45f3facb97a6b5dd668f9298d3587f6f4a5bfeaa0729fa2d1da8c09d244b95b5db4abb19a7f499fe02699ec39a400718397fbbac73cae1cf50ffa |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | 0ee6b9c54240520f2abcf1e3b9895bd5 |
| SHA1 | d1cc6f587d1247e86f9004cfbb1af8dfc1d9c11b |
| SHA256 | 7521f6af3411298c315af14616dd69476473ff1fc477a3728bd35c2f3386c936 |
| SHA512 | b2ad550001e9b980468bfc032e8ac48e05521295023aaca3f3d98021efa55e4f6b316ff29c36f4bb849e7ffa98cc542ce981404ecb743ef0fd5541ccc265cf1a |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | ccf970215a95f304c9f10f2a0184383c |
| SHA1 | 0899ddd8876fca4cf34b62289cf97b4ba2a8b561 |
| SHA256 | b9e7a32ee7f91ac4912367592edaea908c2f789f78c12b0259196ec69bd995be |
| SHA512 | 7fedd835eb4c10dd380fccbc68d737ab27ebe78e70400233f25a4a25146b10593cef32c9d484e68bda3ec936ad40f58e0f142475dcb47d169496195f16e95ad6 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | b013b70f27f5716b4d9841e2cbc1e5af |
| SHA1 | 40e408740ad0876a500c5e6957de5cb4a2f8c2d6 |
| SHA256 | 146fbf8b4ad2a30e19364e5e00f497fbadefa7274f18e3ee272d11c73b2618d8 |
| SHA512 | 1bb219d119fdfb39300f9f01cb3b2d437d708a2a1ac36670c8ff3d6867d4f812c37f35444112b28003e72cc0a034e56d72954677d5fa5b3c094db8b4988bd610 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 246e7c01a0c1f2b58f031430bb53ab34 |
| SHA1 | d887cd8e5eb462a696119244ff6f8209eea19fc0 |
| SHA256 | f402c9611ef643612ced21ac8170c0d43c58769d914cac3aa8a068bae4620ba4 |
| SHA512 | cb37677281e69b034ee3a16132f26e0db512068813b1928dfef45cdaf9ac4018a8bda635f2200a230bc4eb9c44738ac9bd1aa5d5a798904ef5b522588404399b |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | 58ac57ab1026448afa52eaff90645e1d |
| SHA1 | 8d951b9cd935b0b648fc300ba15444c74420fe76 |
| SHA256 | 56d7b50845e71923c435c1da9cd1d21ff356241ca763094223ebb9585e2df515 |
| SHA512 | f049e4a27c938ae0029309d9a9b35b328f307d55dafa4a5a925b9ce7604967aafec14dfde92534218db25538cb465b9a3382414ca604563c227f2186a3e7c7c0 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 2e0c47ba27c0853a09c6e5483887cb20 |
| SHA1 | 90cfa56f8b3afa72585c4badee1e31ea6544526f |
| SHA256 | 5d7581e399034c57f46234af9d1c6cd9fb41e28914b44790e81bf3d9f2fb07a1 |
| SHA512 | 30cad78debb83bb8cf81a30e5dce20e764ad56385af476cc199e5e8f8df1f3801ff42fbe5d3c8c416fe0ec0c9e137219f6a0f9b28c9af9894b655fd6e64f5192 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | a88687e57c9f4a01f5710b0c9ef95803 |
| SHA1 | 017410869ba1c5acd0d16cfc87e6b906d2b1e7a5 |
| SHA256 | 301b03e6133d67f8c924b6b060b46a05a1ba63bd7378b2fc4ecdcb372079dc6a |
| SHA512 | 79c683799ba6039151fcf73238c0e2b48efc99f68b303d7f84bac58c647ed80d2381b981879c95cd359962da4bf009f1edc273e0b0d35efb5a42551af40fe527 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 4946e21ef4d3b055b45c9a30433b90cf |
| SHA1 | 19a2a74840d95d692693338b0d6c4adfe2e68bbb |
| SHA256 | 6bba5fa0452d42c0672ab35d6412949dbe070c35e859aa3f174d1de4304cbcf6 |
| SHA512 | 423493df098d8ce2e9455258596131aeffae72fec94e2e9cd64c4bbde353d7b30df065b9e1667731daba1a65b26c33fab759681725e0af4cbbee18b040f4b14f |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db-journal
| MD5 | 4e28d165e45e3c21dcefca6684b2c619 |
| SHA1 | cecb1c148cccfc8fd4aab513f86d98604e220081 |
| SHA256 | 342f9b4a80a5ab6e89d415cb63e9630dbce7259dcc8942b6422c8f748d8f69fb |
| SHA512 | 661e97e9905a707d2d73598e06191916f78625ceac176eb605fc6b6607f5914208a29790582f1e4c5d2541e98ed94392a50aa069fd78dc58846befeca3a2e705 |
/data/data/org.kustom.widget/databases/google_app_measurement_local.db
| MD5 | 6f80c720174f59e408694981b8f0a5b9 |
| SHA1 | 6f496d9f74e2dc90cefe1080e8b84ee57736d36b |
| SHA256 | d76f16ff5330a8a1c9fe6d621e5cc349fc0ee4a095acfa1bb4110b6ea365bff8 |
| SHA512 | 24677ce1546e6b62a2a14cc2b3b24e99d326551121bab004af31f5359ae6e6df8aae73679c274700243c35fdaeb97d1670f5693902116b27cefa3db6ca6f76c0 |
/data/data/org.kustom.widget/files/frc_1:415510900161:android:b9af1b0edbcc3626_firebase_fetch.json
| MD5 | dcdd4e31a77fde04ef4c2e7e21ff0ad8 |
| SHA1 | d7c6d3cc0de25c6320e7c26593acdbc6627ac229 |
| SHA256 | 9db55e4111d0ef29066da4ffd5a708082674578ec6595a596940bbe6d43984f8 |
| SHA512 | c7c1d4504bb1ef7a5b57335489c65ed63de247bd59bf02b1eee6df28432ce19e2772d23615e58f4022210b67228b1972ae53d5421aa20316180eba44a7f8785a |
/data/data/org.kustom.widget/no_backup/androidx.work.workdb-wal
| MD5 | ded43501d38be48b8dc216174835dd07 |
| SHA1 | 4206f21e7bc10f67dbc62d7ea001b30beafc826b |
| SHA256 | bf2b784101bccf54a1e267cd4a4432a97885bb3752a8b3d1d2cc45cf33d65296 |
| SHA512 | d4089e230eb7cfbbdb211b1e057ef2f11d5571ff7ba04e99c2726e20cca82483a08f4102e0fb0f57af92c7b152167fbc9fea792fa5d9b659b68e1b4e504174c6 |
/data/misc/profiles/cur/0/org.kustom.widget/primary.prof
| MD5 | a0dff4d32336df589823b3e6af5c3579 |
| SHA1 | 6430d6e984084a9965d6f550b2cd4a73cacebb35 |
| SHA256 | bb9b98126276dded62ded6cca4c618165ab1666412b12b6128e0888118bf5c42 |
| SHA512 | dc0c1645a5cbe4982ef9a1a1be69d046fca5d321ed5d9451e0633543340c78b56e59433fd8f45c7b62d68bfe2623e5b0be2f5a34430bca795a0ed575acfd428f |
/data/data/org.kustom.widget/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
| MD5 | 949ac0d869af344c77a4eeec181fa9dd |
| SHA1 | 08a71e155bec38a7c7aae22d96b5e4393c2f7923 |
| SHA256 | 12d2b1996987643e019b293b1260f314776e607f29a0b4815e5d61bd9e5bffbd |
| SHA512 | 17545fd9c69c1d1a4eb9334363239365c556ea064565ac98fa68244620e88618efccdacb1547a537ae2e6854d6cc840e1eeff7c2b44f35ac55dd981f731bab30 |
/data/data/org.kustom.widget/files/profileInstalled
| MD5 | 19b8ad294c4380333fddb4e91f0f61ba |
| SHA1 | e670fb4bdc8f52032c9c237af07d10cd04684a4d |
| SHA256 | f4cfa5f8fd21239629f9a45edf90e8d1f5af546dd4ee22f77118fa1eb5fe4e52 |
| SHA512 | 849bee7bf4c14d1a1940feae990f5528751c2801ced03134833faba2a7aec0d3b4520bc40908fcacb363258057a34dbfba4e87881e38dea318ab137c0a048cf5 |