Analysis Overview
SHA256
e8ac51735a77c531d122a01263b43a88b89304b6fef1b86bb263e4b6a48779de
Threat Level: Likely malicious
The file a1a9d71f0ec437ed9a5876cf57003440_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Obtains sensitive information copied to the device clipboard
Checks Android system properties for emulator presence.
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries information about active data network
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Queries information about the current Wi-Fi connection
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-12 18:08
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to collect component usage statistics. | android.permission.PACKAGE_USAGE_STATS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 18:08
Reported
2024-06-12 18:11
Platform
android-x64-arm64-20240611.1-en
Max time kernel
167s
Max time network
159s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
| Accessed system property | key: ro.product.name | N/A | N/A |
| Accessed system property | key: ro.serialno | N/A | N/A |
| Accessed system property | key: ro.hardware | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.hpsvse.live/app_libs/ymdex.jar | N/A | N/A |
| N/A | /data/data/com.hpsvse.live/z_ij_d_p/ij.dex | N/A | N/A |
| N/A | /data/data/com.hpsvse.live/z_ij_d_p/ij.dex | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_bwap_1/p.dex | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_bwap_1/p.dex | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.hpsvse.live
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | rs.easemob.com | udp |
| N/A | 233.6.6.6:53 | 1375.backup.ndktxt.ymapp.com | udp |
| US | 1.1.1.1:53 | pay.holaq.com | udp |
| GB | 193.118.32.52:80 | rs.easemob.com | tcp |
| US | 1.1.1.1:53 | a1-v2.easemob.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| CN | 101.201.233.110:80 | a1-v2.easemob.com | tcp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | r.youmi.net | udp |
| HK | 47.244.47.88:8860 | pay.holaq.com | tcp |
| CN | 47.95.246.247:80 | a1-v2.easemob.com | tcp |
| GB | 216.58.212.196:443 | tcp | |
| GB | 216.58.212.196:443 | tcp | |
| CN | 39.97.9.52:80 | tcp | |
| GB | 216.58.201.110:443 | tcp | |
| GB | 216.58.213.2:443 | tcp | |
| CN | 47.95.246.247:80 | a1-v2.easemob.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | rs4.easemob.com | udp |
| GB | 193.118.32.53:443 | rs4.easemob.com | tcp |
Files
/data/user/0/com.hpsvse.live/app_libs/ymdex.jar
| MD5 | ca3cedd0e724099117af8002e24c0b59 |
| SHA1 | 23cbcc7e986ef9b03be813e9da2802bf2f006e09 |
| SHA256 | 47aaca0f5e16c32de4caf0bc9463775ea377835133ae39b15a9c3d848c51b463 |
| SHA512 | b65b76e4b65c1db0a1e44619a2a292b1c4bd2da5e3d0297440fb50fc81701e413553ba33c2c0400d06abc27e0efe8f322dc7645c82d5d6d82a929e8dd44e107a |
/data/user/0/com.hpsvse.live/app_libs/ymdex.jar
| MD5 | ee180f05fab718be7471fb0ac208780a |
| SHA1 | 46cad1cc8f62caa3fa4d0966354826d202d7ec55 |
| SHA256 | 5a158aecba12c27ce03ea8d5fe9f450b4ed2bf3e5fa023a41c749efc484485c5 |
| SHA512 | 2891352d7eab143ae4eba25f638f8320b0309b495a6b6d6b7c588434c772bdc09e483c977d36c3fe34220b8a955dd52affeb06ce6bbfd12023c5527758df064b |
/data/data/com.hpsvse.live/z_ij_d_p/ij.dex
| MD5 | 301ed0b43ca070d52329487c06c52118 |
| SHA1 | 19e262580124c84ce45f3b5d3cbed57f58e08c3d |
| SHA256 | 95243307cea0144754a80a1b69fa6402a1226c771b9fd73271c74458d6719268 |
| SHA512 | a9f08bd3a833f570e10c03bbb3f6aff64ba01afef7e470b7ad1863fcdf353836d7560fc284e9ebc094bc1191580ad0956b901aba343385006e2dfbbd9ad62c83 |
/data/user/0/com.hpsvse.live/databases/wsUL1uCdKvjD-journal
| MD5 | 9890c5ce9e57b6aba13862709431c5e4 |
| SHA1 | 9077b0a6c3b0b9cb2f300903f5679ec2bb6364d4 |
| SHA256 | efe7060f087dbcf355d14f8c052177d3dc215f01c34d126b24d17b6b956d273f |
| SHA512 | 5034b5a63921d445ae8945d4a1508d07a2c426a5d05e36696451f116181db523db5602c9429922745f5390c135c1a5a736e17550b12cba93f30893bd1275aa45 |
/data/user/0/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170-journal
| MD5 | ef7a3a4d338960aaa9d9b88070ca1a08 |
| SHA1 | b6834337bc794cfa1c51e1f02fb074935113b632 |
| SHA256 | 8a0548f9025f30c0b1db8386c120d1d681829285ea588f35f7b02ec2edcd4e17 |
| SHA512 | cc344dd33fcaf903f62b398311a52a78c4593303d3cd38c10915e037e244b4d021048c62ca1f10fc57c9b74d4fa3808f7e445302c79c2ebfb04179d3e8371878 |
/data/user/0/com.hpsvse.live/databases/wsUL1uCdKvjD
| MD5 | ee404ee50b0a8b608431c827eb7412d5 |
| SHA1 | 2fcd5f95d113dc1ec7cef52833d0d86d31a7c183 |
| SHA256 | 0f76a9ccbfd5c1ead7caad5059bc8e019f65d4de05a449bd494c9bcc89e1043b |
| SHA512 | e33289ba9977eef8ff85098786b523cd2e1e7799af8cdbea36961f870ad717b63947c4dd7829b1219616b2ce0858fff2a181d8e4e52213f5ffd6894270741e0a |
/data/user/0/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170
| MD5 | 9e1789511fc6783ed88d6cb2ed11ba7b |
| SHA1 | 1975b064be48e20da6e3758a0c8c5bbb803c6261 |
| SHA256 | 50f079ecebfc9165d98b71b404e904f7a9e2b85cd03aea5544ffd8ebec3a5817 |
| SHA512 | 9e92d0a0cb2fa9b7ceebd3e30c04df491d9e93bdef9ae539ffe42c99b154b552f76a0874ae8abb7f7e0fea33073e7af7ffff8abcfb1cfe56dbf1a11c66f064ef |
/data/user/0/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170-journal
| MD5 | c4ea7719a6df068e2624da7ee7a085e7 |
| SHA1 | c0c21c0909af14b62f54e73314b0ac18f7dc5354 |
| SHA256 | af55a1e9441f1e97792e9c2974325ea2faf5600aa5be6e609329a413c025e818 |
| SHA512 | c44814d665112a474fa9b5b8f683e90deeb4091ea550763260fc8c4b3ddec78e412b42917ef91dad5dd6c4b0133ff2eb6b78ada32af035685a61e1c94b8d9023 |
/data/user/0/com.hpsvse.live/databases/wsUL1uCdKvjD-journal
| MD5 | 00840f131c608024f5302a5d6f41714b |
| SHA1 | d269e184d0898ebdf4844aa33be658cd198e8eed |
| SHA256 | 529d33fcb42d17e70b5e62717c0d99ef2199526a8d45831c03b1d392366a72a4 |
| SHA512 | 642d4fbad8d313578d14c03ecb553cc3e8e8d608fdc480da0150853962d61b9580bc8c694c3fc813de383218f61bde1ca8e567fd177c749e2af99b4a08a4f606 |
/data/user/0/com.hpsvse.live/files/config.json
| MD5 | ee3a1fa6b2f23fd5d4a1b938c732c1b8 |
| SHA1 | 2b30d6e2d398b5c3845f90deb1b6f94c02bd0524 |
| SHA256 | 1ec1322d7b73a423751ba147c9e7d5e47ef842b30a243f902e12ba9a86af389c |
| SHA512 | dd38808c071e9a5d5e2c5cc06a81435cf66a064f4f5cb70f0d7130fd09a77ed4a5f74597c2601127281ac6d9daff5444feca1f8cdd3c4a3735909a6bde1e9745 |
/data/user/0/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170-journal
| MD5 | 3bcf466a24076d9286975cd4793860e2 |
| SHA1 | 30f5d5e723a051c53ab2d1d3eab1e3cbc609c26c |
| SHA256 | 3d6e331996bd7508568ba438ec2505f85c92908b97f6b3ebd505c07ed2b0597e |
| SHA512 | 7e19ebe2ea780ab4e500828e9b9c442fc9f2d8ece30f5c9b70e7fcb2f0d00a3fbc44edb2e9d59b25601494fd41f173b8e37219e51f168285a190353a3531bf3d |
/data/user/0/com.hpsvse.live/databases/wsUL1uCdKvjD-journal
| MD5 | faa29f990e1291899cc3112f3b0925d1 |
| SHA1 | 7f9bd2997995071e23e10e1285ce4c62276c4da6 |
| SHA256 | a7bed02d903df14bc4261a3c0d7493098b5c83deb83bfd4de0f813dfe929ced9 |
| SHA512 | e03555c80c6fe4e43071449927e288c2944f7bf5e4f88a34bc8fa9e402b21e93a824283cfdcca8dd7d130a49b38a3dca458d62c0be8f06b5ee75102b2e324c7b |
/data/user/0/com.hpsvse.live/databases/jqIqJYOT3JpT-journal
| MD5 | f89670fdf0f1c40eac0e6498a82870be |
| SHA1 | 587f021ad8ee8624d2591f461bba9839a48bac07 |
| SHA256 | c9c5fbe8a144d82806193a5c33af83b595e9c2fd7e91f8232f7ae217223731a1 |
| SHA512 | 3bfd35cfaf0c4e32622629549e91652defdf0d13e3a5eeaef5dc0166f4728ad3925ef14250a7e5450f0a65bb71c7b4eaed72055a2e760d559c0c3ed2ee116e87 |
/data/user/0/com.hpsvse.live/databases/jqIqJYOT3JpT
| MD5 | 025e56e140a8ad94151c4a5afd61593c |
| SHA1 | bf9b5c8d9d7d7cf08821fbcf8f8dda5ce7e06eef |
| SHA256 | ae00e644099f56a6cc0d1a91767c2633209a0bd06c7224a0d5abc0a2131816e1 |
| SHA512 | 045a870d4d606dc7bbbd022b013c11c2f6ba2231fadbfa68a8496965ee80d324f737b00173950316eb43f49dfa2b9f4d1d26dfc0dc4f71d0e8459f60a32effb7 |
/data/user/0/com.hpsvse.live/databases/jqIqJYOT3JpT-journal
| MD5 | df2860415ed94fc877b4cf301dc9e2eb |
| SHA1 | d98ce6706714dafe0009ef7eec10812e1f648afe |
| SHA256 | aa1a35830f518dae11f5351d17412f80b25b39eccc29070b3d5e6e62f088c514 |
| SHA512 | 317ff845e88a06c924cb330fd78c0898cd45631016c717867d9ec6c54efc2dd0530d0efb9d6851c779350c2b5c45af7bc259815c8b33b983c04fc911d06c298f |
/data/user/0/com.hpsvse.live/databases/jqIqJYOT3JpT-journal
| MD5 | b61be40001a35b4aa97641662d628316 |
| SHA1 | a7d32b364d51de2daa9bf96c669f8fc7ec7c6b3f |
| SHA256 | aff5f24c222232a14e9b507faf069bf7ebf22a5242c9813728ad8eb69b00bf96 |
| SHA512 | c67d3053277d843326c4ab66b4d2432c4c7cb2e309869e8b7c229f69805b8ab54f12ff3b70b84a85d114b58aca5b64430d43e39150cfe629b17a4f75ed10ea9c |
/data/user/0/com.hpsvse.live/databases/T1oX0rhhuXWt-journal
| MD5 | 1fa5795f5b43744e4f5d320747148b5b |
| SHA1 | 165599a7beb5dbf7fc8d93164776eeeb54c40235 |
| SHA256 | 6ad886e8f0e6ceb20df5985bf19fc04d91cc6262017f6dc634204b7c4f34c3d0 |
| SHA512 | 1dfe688c7cb6646195f44b8c48754b100cc111533843c8f58f9bb1f020aa0ad5bab638cb06bfadf59872ed621608914d0ca845bfed2d453a1a215bacd4cd6c1d |
/data/user/0/com.hpsvse.live/databases/T1oX0rhhuXWt-journal
| MD5 | 7551a1fad0a8361b4b7bb3e38efe5924 |
| SHA1 | d01f6a9cbf8847f2f5618a3feed579aa92df52d7 |
| SHA256 | 924ad5a23c0114a7668c0c9db99368aead77bf98ea21f2b9d6d3d1fe417edd39 |
| SHA512 | 0f880d593422840ce56db689258d597d54dc649ed66215cc7b3e66575145368e254f2bf29f3c322f7e12b5ea3f0a81047a21957090e13cbdfc7d957b9d3b32d5 |
/data/user/0/com.hpsvse.live/databases/T1oX0rhhuXWt-journal
| MD5 | b5a5375a76ede2592da2063daa5874e7 |
| SHA1 | 22d9a9fe12dfdeeb36e4d026c0a7caca5bac273a |
| SHA256 | e372078d689235e351a865e93cdea26a9a1da84d839efee0b8e4910f82a76be3 |
| SHA512 | 5c39746dfbcbddbcaa9432e645eff009e0ac1538806e1e788a2c7346e2ce6002d783e8124b4de5e3fa0942229b531432f24f8db4d674e1c74258a367dd29c6f5 |
/data/user/0/com.hpsvse.live/databases/P15pKIjsm64m-journal
| MD5 | 72678e5397ed01de4145f41a5af7c409 |
| SHA1 | 8c34b9fe0e67c156951a78700d557b736d464330 |
| SHA256 | 5c36d433537e9071e4c63c2e12dcea6617d5e58fae73749bcd191b790a2331b1 |
| SHA512 | 4c461fc86c3f7f2e4b2fb5a08ca1c619339e9dd523891cafa9f43d49f3f30c4f92bdcbe10b9ef6ef87afb14ee91cafc747e3b649b541011024378d3d6b35cf3c |
/data/user/0/com.hpsvse.live/databases/P15pKIjsm64m
| MD5 | e293bd58700e15a3e37051b1e22c05b8 |
| SHA1 | 9ec1b070915b7ead90620e7c148ffad3a40c9ddb |
| SHA256 | 862663fa28a6147d3f73ada313e5471bd4da61592ce3ef63adc149dd5eb3852d |
| SHA512 | ecc35d41e676a1f3b7a7c2577a92f3bb0d521ef371cfef94e0550d4a32a42dc0b0af0ede5cd1dadd378c35f0b9140d2850f7519ffe50f18bb109bad5f88539ec |
/data/user/0/com.hpsvse.live/databases/P15pKIjsm64m-journal
| MD5 | 422cf3dc055035831d15fc44972fadcb |
| SHA1 | 69872c39f985d78e4a27980865ef0c6db249b59b |
| SHA256 | e09284280dd352ce79b07b767f8a35487cce7cc4956e2174e5f8d123e01ee05f |
| SHA512 | 723e71b911ab6d7d0b60e2e8dc3676e9c820091f80ca5a25d96bb80523f8e88adf9961236515576d881a1f0be7ac6e4a6c0f8fadd6a7dc0259bc276b586e5d5e |
/data/user/0/com.hpsvse.live/databases/P15pKIjsm64m-journal
| MD5 | 6bbdc3e18e9bc1d4c002e972e4ba0f17 |
| SHA1 | d1d05f144dff8cc434eb9844319dd9fd50bd27e6 |
| SHA256 | ce8cea135aac7843bf885575208291fbd28eb8337e83545e097e4115edb537b0 |
| SHA512 | 28c5a4c509996631df9156e4c8d0847a2fc63f474adde5d2665419ed0c457dfa81be68ab9a5025981d19ec9dbf00fe7965d5be2e10da7f73488ffba000e03555 |
/data/user/0/com.hpsvse.live/databases/XKwVoK0huy3R-journal
| MD5 | dbe28931bef8c404412b8cd20f1d3b90 |
| SHA1 | 7eaaceea5fc7e268388386b364517f48bbbf1213 |
| SHA256 | 6fd905be6c3fbfd19df5fa66f099d964e0e20b8d3f7be873839876c325af1752 |
| SHA512 | 351800595968da811fcba720f3791db4a4b2949e86dc0f954ebf03a4138eb4f44013c9010653806e61176ff66edeb28e83eb062b256e24c37031c4976900cfb9 |
/data/user/0/com.hpsvse.live/databases/XKwVoK0huy3R-journal
| MD5 | e34c40b1953ea5dd8ec46823b0b8a56e |
| SHA1 | f9dd7864af1c268efd8773d96a00d21ab4730e23 |
| SHA256 | 8f76c9a2231c46cbd7fc8ce6baa7f64feaf9ab07dee1059c54ac367fd2f1611b |
| SHA512 | 8dd30c25544285b80e0071250a4998efc06c541b1ee046be7f0325f65e3bb453c9ad1944bc75970aa7ae3660dd5661962c351e9e348eab4fd7af14c1702b4c5a |
/data/user/0/com.hpsvse.live/databases/XKwVoK0huy3R-journal
| MD5 | 50c0a93f08e3512139fa909cdc6c1c7e |
| SHA1 | b8bd0b023313eabb1c767ce43cd381ed48e5a71b |
| SHA256 | 165e42e46216202c43bf29e5c9d705e101656ed68f5d697a25a250fa97c9095d |
| SHA512 | 6b28c97cbd47a099957ef23bb3d6168fa5a62306c922dcebf474e302be401904c453d8e06934a0e0625e82a836a09c2efde6ed4d48621e92b3a9a0990671bed0 |
/data/user/0/com.hpsvse.live/databases/wIU6pTyUBYWX-journal
| MD5 | 223a248abdf64d63a8aa6c7433d0fca6 |
| SHA1 | 59d7b16247764b151ff4644e150a6a12dbce67ce |
| SHA256 | 2deff1bbda8e46d036ad0023bd34ca775052def363f4c474aa1274aa1544c6e7 |
| SHA512 | f55d4478c9df5f257afabbe7c73e1a85b0105a67f7c09b853f48f4813c3836954ddde3ade8518dfbf553e7cea94bdc633cedb53af4bd28de7f8bfd0e3de46e68 |
/data/user/0/com.hpsvse.live/databases/wIU6pTyUBYWX
| MD5 | 9bc818834bc3f0c969b4cfeb8541c982 |
| SHA1 | b9503bce4e2f77ceef0f1b9d430b750bdbef8647 |
| SHA256 | 51ebdbfb7608ebbcc8a409c55d1bbc82b884480a12666540e8d9c96b368876b2 |
| SHA512 | b98335dc9164b7067956f311a94d2de9911f00de90c48f118c20870014f56df415acbf2b3b2619bd40a7cb33b4011d0ca1c6ca9af1d51519aa5136ecabbe5894 |
/data/user/0/com.hpsvse.live/databases/wIU6pTyUBYWX-journal
| MD5 | 895aa78cea0710adffb33282147790a2 |
| SHA1 | fe655eb500a45e1c05a66aeed24bf3f3ee442b1d |
| SHA256 | d911e92c6dbaaca3403030510495bf8d2474d068a1ffa29326e88771ab554b95 |
| SHA512 | d4d9f9a502b8ae75e163559f7ecf6272e09fde952f7b3b93c940c32b77749438b203bbb029c4361783ba910b868cbd51f62880dc8e4de4b12fdf6823b11b5f09 |
/data/user/0/com.hpsvse.live/databases/wIU6pTyUBYWX-journal
| MD5 | 762acfef817bcb9736dd37313dea3649 |
| SHA1 | f5dc84274baa516a519df667cb5237821738468a |
| SHA256 | 91fe8ad65b0a1e0bf4144325c78c38d4216475d83cd3921adbd3fa1a0f25139e |
| SHA512 | 67cbdb065c615f7bae111de035d1bee9a44d3710d91c5a48ea14ac77cb1c83b57f4b62439ec906f32cc41fc4e2ac83c5d2a6676b9938c7b63fe0eb6d886607a4 |
/data/user/0/com.hpsvse.live/app_bwap_1/p.dex
| MD5 | 91e042317352c44a1d1c50d9800ce932 |
| SHA1 | 419a02bad056d6fd1fbe59bdeda048469b1cab56 |
| SHA256 | 83e52ddcf2f6f6a56459abd4f806a93db56afbc168cf2cf96e10ff5d1bdd2f2b |
| SHA512 | 0e507066844daf1fd106dc082ba30da75d85a6120bbbb0d63b05d710ea19788e03c42725aec8107b10773518ced5575cde210bbcdb2b4ea527837de90da452d5 |
/data/user/0/com.hpsvse.live/app_libs/oat/ymdex.jar.cur.prof
| MD5 | fab1752c57cf03f26ccc26df0c800b04 |
| SHA1 | 22c4d3f0e9d8eae315c3d33c7fbeed8a8640d22f |
| SHA256 | 64ee235d62e3855ff42b07505b81c144dde576781bfe7da176b70a05d655e1db |
| SHA512 | 1a6fab21ed73887ea68f7bda135a021a46cdf1c6d340ccca49e1a3c6a53dabb4a338035c73fea3d2f087045b5d8e3ed35bb6cd0acf2e09ddd548f8bf251e511b |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-12 18:08
Reported
2024-06-12 18:11
Platform
android-x86-arm-20240611.1-en
Max time kernel
167s
Max time network
169s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.bmob.app.sport/zwr_bef/m.dex | N/A | N/A |
| N/A | /data/data/com.bmob.app.sport/zwr_bef/m.dex | N/A | N/A |
| N/A | /data/data/com.bmob.app.sport/zwr_bef/m.dex | N/A | N/A |
| N/A | /data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex | N/A | N/A |
| N/A | /data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex | N/A | N/A |
| N/A | /data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.bmob.app.sport
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.bmob.app.sport/zwr_bef/m.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/data/com.bmob.app.sport/zwr_bef/oat/x86/m.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.bmob.app.sport/app_zwr_dd/oat/x86/m.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | cloud.bmob.cn | udp |
Files
/data/data/com.bmob.app.sport/zwr_bef/m.dex
| MD5 | f80bfd984f7a387e47d42f4747f79f6d |
| SHA1 | 645c00494a53faa8ec03de0027e1771777ec3285 |
| SHA256 | 5da3b561b0134668961e669c4521c6d5b3b256b3bdb2673c7eea606c9357acec |
| SHA512 | fee34865a48af7a744ef391ac8c7eb4c19a7e657d467057f5422e9eb5f21f741b9529b6a7702502314104243bbffc17a890d9601f66b35add4ceff651eac6e4b |
/data/data/com.bmob.app.sport/zwr_bef/m.dex
| MD5 | 9255322f253fd7f58813f5f844e16deb |
| SHA1 | 5e9e747a3e6e76f3239c96cb5060e20c89906c6e |
| SHA256 | 413800090523aa200505b12bfdd0fe1db8c88c8fbeff1b2c4d7819fda3b4bc6c |
| SHA512 | e85b50b44984af19a59ec9d4a0fcb79b807a5b084aad7ce8fce4068de45e02df8f5dd60c9cc9614ccd59835af1b67db6fee5a33c387a0f26ccf7f42c92c20bad |
/data/data/com.bmob.app.sport/app_zwr_ed2/m1718215709862.zde
| MD5 | b47f9e5b628685b26492a85e28f433a1 |
| SHA1 | 2bc51c02403ad5cba9e0809e7fe81e8c799055a5 |
| SHA256 | 476b8f79a578cdbfe8e5237bd0f00e437edd32adc57569f0eea628f8daa4d631 |
| SHA512 | 5e8acb9f56b65d0dcd8aa6c2ae2e67bc729bc727cc6ee3313d189a3ae499aa54eb3eb5e1d9da1138efb4a3806433b112fc559da3f0863ac498f2c6d2144eff24 |
/data/data/com.bmob.app.sport/app_zwr_dd/m.dex
| MD5 | 659b7feaac2c468d0d6d4148c2f844c5 |
| SHA1 | 38d01ebe4b9cc4764837223bec060f9c40c43ad6 |
| SHA256 | 3a7e0f4b537ff39d975e6916adeed77238ca54b4c596190b61bd2e28a9a17b26 |
| SHA512 | 12d5c5af1c6d3437f987e2daf85a20fd4a94a0a303b45821ff146b0d8f99ae22337a411f9f3ddd227750ca87fa6faf69322c6734174323c1c3311c3e382d4d82 |
/data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex
| MD5 | b8cd9331a967b1555cf310413a4fadd5 |
| SHA1 | 9f69f54cf171b1d3dff80afc5305c8d27fa6db9f |
| SHA256 | 8c5051bb6492ec0dfae4630c82427fb311d373303b858b2699b3037045ea3b61 |
| SHA512 | 49d6cb25dcce82ceacdc357aa4d1ae82ac645c7c781210628ec9666913f4672e526e52118ddbe69d5ec32b785b36a837c2ffe29098bfdeb10722dbf7f1edb8eb |
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-12 18:08
Reported
2024-06-12 18:11
Platform
android-33-x64-arm64-20240611.1-en
Max time kernel
164s
Max time network
169s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.bmob.app.sport/zwr_bef/m.dex | N/A | N/A |
| N/A | /data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.bmob.app.sport
Network
| Country | Destination | Domain | Proto |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| GB | 172.217.169.68:443 | udp | |
| GB | 172.217.169.68:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.227:443 | tcp | |
| US | 1.1.1.1:53 | cloud.bmob.cn | udp |
| US | 172.64.41.3:443 | udp | |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| GB | 216.58.204.67:443 | tcp | |
| GB | 216.58.204.67:443 | tcp | |
| GB | 216.58.204.67:443 | udp | |
| GB | 172.217.169.68:443 | udp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/data/com.bmob.app.sport/zwr_bef/m.dex
| MD5 | f80bfd984f7a387e47d42f4747f79f6d |
| SHA1 | 645c00494a53faa8ec03de0027e1771777ec3285 |
| SHA256 | 5da3b561b0134668961e669c4521c6d5b3b256b3bdb2673c7eea606c9357acec |
| SHA512 | fee34865a48af7a744ef391ac8c7eb4c19a7e657d467057f5422e9eb5f21f741b9529b6a7702502314104243bbffc17a890d9601f66b35add4ceff651eac6e4b |
/data/user/0/com.bmob.app.sport/app_zwr_ed2/m1718215711257.zde
| MD5 | b47f9e5b628685b26492a85e28f433a1 |
| SHA1 | 2bc51c02403ad5cba9e0809e7fe81e8c799055a5 |
| SHA256 | 476b8f79a578cdbfe8e5237bd0f00e437edd32adc57569f0eea628f8daa4d631 |
| SHA512 | 5e8acb9f56b65d0dcd8aa6c2ae2e67bc729bc727cc6ee3313d189a3ae499aa54eb3eb5e1d9da1138efb4a3806433b112fc559da3f0863ac498f2c6d2144eff24 |
/data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex
| MD5 | 659b7feaac2c468d0d6d4148c2f844c5 |
| SHA1 | 38d01ebe4b9cc4764837223bec060f9c40c43ad6 |
| SHA256 | 3a7e0f4b537ff39d975e6916adeed77238ca54b4c596190b61bd2e28a9a17b26 |
| SHA512 | 12d5c5af1c6d3437f987e2daf85a20fd4a94a0a303b45821ff146b0d8f99ae22337a411f9f3ddd227750ca87fa6faf69322c6734174323c1c3311c3e382d4d82 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 18:08
Reported
2024-06-12 18:11
Platform
android-x86-arm-20240611.1-en
Max time kernel
168s
Max time network
158s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.hardware | N/A | N/A |
| Accessed system property | key: ro.product.model | N/A | N/A |
| Accessed system property | key: ro.product.name | N/A | N/A |
| Accessed system property | key: ro.serialno | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.hpsvse.live/app_libs/ymdex.jar | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_libs/ymdex.jar | N/A | N/A |
| N/A | /data/data/com.hpsvse.live/z_ij_d_p/ij.dex | N/A | N/A |
| N/A | /data/data/com.hpsvse.live/z_ij_d_p/ij.dex | N/A | N/A |
| N/A | /data/data/com.hpsvse.live/z_ij_d_p/ij.dex | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_bwap_1/p.dex | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_bwap_1/p.dex | N/A | N/A |
| N/A | /data/user/0/com.hpsvse.live/app_bwap_1/p.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.hpsvse.live
/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.hpsvse.live/app_libs/ymdex.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.hpsvse.live/app_libs/oat/x86/ymdex.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.hpsvse.live/z_ij_d_p/ij.dex --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/data/com.hpsvse.live/z_ij_d_p/oat/x86/ij.odex --compiler-filter=quicken --class-loader-context=&
cat /sys/class/net/wlan0/address
cat /sys/class/net/wlan0/address
/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.hpsvse.live/app_bwap_1/p.dex --output-vdex-fd=85 --oat-fd=87 --oat-location=/data/user/0/com.hpsvse.live/app_bwap_1/oat/x86/p.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/cat /sys/devices/system/cpu/kernel_max
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | rs.easemob.com | udp |
| GB | 193.118.32.52:80 | rs.easemob.com | tcp |
| CN | 47.95.246.247:80 | tcp | |
| US | 1.1.1.1:53 | 3986.ndktxt.ymapp.com | udp |
| US | 1.1.1.1:53 | pay.holaq.com | udp |
| HK | 47.244.47.88:8860 | pay.holaq.com | tcp |
| US | 1.1.1.1:53 | s.youmi.net | udp |
| US | 1.1.1.1:53 | stat.gw.youmi.net | udp |
| US | 1.1.1.1:53 | r.youmi.net | udp |
| US | 1.1.1.1:53 | track.dmp.youmi.net | udp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | s.youmi.net | udp |
| US | 1.1.1.1:53 | a1-v2.easemob.com | udp |
| CN | 101.201.233.110:80 | a1-v2.easemob.com | tcp |
| CN | 47.95.246.247:80 | a1-v2.easemob.com | tcp |
| CN | 39.97.9.52:80 | tcp | |
| US | 1.1.1.1:53 | rs3.easemob.com | udp |
| GB | 193.118.32.53:443 | rs3.easemob.com | tcp |
Files
/storage/emulated/0/Android/data/com.hpsvse.live/sjwcl#live/core_log/easemob.log
| MD5 | 75155c1e6a9472a3f4dea618e7259d71 |
| SHA1 | 6e7e814d18f33c08309827c090723f1e6806b733 |
| SHA256 | 63a71c4760bfcb12d52477feb6ae4d525ea3fba78bfcbd2ccdbcfbe2346fb3d9 |
| SHA512 | 32646b087930c591398434d40151d946da27cff7b6f392cc16bd9c74526ee3dfb4ccd65ce9c80eac11f176b7498ea66f38cd77eab5354c167d69ad23830284cd |
/data/data/com.hpsvse.live/app_libs/ymdex.jar
| MD5 | ca3cedd0e724099117af8002e24c0b59 |
| SHA1 | 23cbcc7e986ef9b03be813e9da2802bf2f006e09 |
| SHA256 | 47aaca0f5e16c32de4caf0bc9463775ea377835133ae39b15a9c3d848c51b463 |
| SHA512 | b65b76e4b65c1db0a1e44619a2a292b1c4bd2da5e3d0297440fb50fc81701e413553ba33c2c0400d06abc27e0efe8f322dc7645c82d5d6d82a929e8dd44e107a |
/data/data/com.hpsvse.live/files/config.json
| MD5 | ee3a1fa6b2f23fd5d4a1b938c732c1b8 |
| SHA1 | 2b30d6e2d398b5c3845f90deb1b6f94c02bd0524 |
| SHA256 | 1ec1322d7b73a423751ba147c9e7d5e47ef842b30a243f902e12ba9a86af389c |
| SHA512 | dd38808c071e9a5d5e2c5cc06a81435cf66a064f4f5cb70f0d7130fd09a77ed4a5f74597c2601127281ac6d9daff5444feca1f8cdd3c4a3735909a6bde1e9745 |
/data/user/0/com.hpsvse.live/app_libs/ymdex.jar
| MD5 | ee180f05fab718be7471fb0ac208780a |
| SHA1 | 46cad1cc8f62caa3fa4d0966354826d202d7ec55 |
| SHA256 | 5a158aecba12c27ce03ea8d5fe9f450b4ed2bf3e5fa023a41c749efc484485c5 |
| SHA512 | 2891352d7eab143ae4eba25f638f8320b0309b495a6b6d6b7c588434c772bdc09e483c977d36c3fe34220b8a955dd52affeb06ce6bbfd12023c5527758df064b |
/data/data/com.hpsvse.live/z_ij_d_p/ij.dex
| MD5 | 301ed0b43ca070d52329487c06c52118 |
| SHA1 | 19e262580124c84ce45f3b5d3cbed57f58e08c3d |
| SHA256 | 95243307cea0144754a80a1b69fa6402a1226c771b9fd73271c74458d6719268 |
| SHA512 | a9f08bd3a833f570e10c03bbb3f6aff64ba01afef7e470b7ad1863fcdf353836d7560fc284e9ebc094bc1191580ad0956b901aba343385006e2dfbbd9ad62c83 |
/storage/emulated/0/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI
| MD5 | 3c33e392d0bcb15294b1ad95f8c63ebb |
| SHA1 | c421f448ddb928f9dc78f160cfb642b12cca03dd |
| SHA256 | ec795dcf5ce8a6cbccc2078f0a90725cc74b4aaabca0a9535e99d752235d0e81 |
| SHA512 | 1790a4d4303d805dfa8a6a3a5eaace03abe0cee255fc62b603c283901e46fedb36bc3fe466fb34f0cb181d4221043133a061e498b8c433513f315791e51d121e |
/data/data/com.hpsvse.live/databases/wsUL1uCdKvjD-journal
| MD5 | ba17521c935b2c3a4ce5dfee60faf72c |
| SHA1 | 7335462654c4b54021b34600f2fcb11db8b900fb |
| SHA256 | d6ed7bae2659da2a5240d806eb65d9771c42488ca011598d08f7b8e306fa5c9d |
| SHA512 | a5051a7e9d478feeabc85c7a6a2fbdca917b3d9bb9947e3885cd6ae4e408fd6f9d4ac47948caea864a68b527a5499d9fd35f33c0bc54c4bb2a051deae994e135 |
/data/data/com.hpsvse.live/databases/wsUL1uCdKvjD
| MD5 | 59413190ea19211285b5c0fed44c19c8 |
| SHA1 | ee67b7590047c3c17309f6e6eed48556aabe4c92 |
| SHA256 | 3511c95f09883c65de19c3be645faa921aa3baa92d21b5c284133da349158e2d |
| SHA512 | 6a65fc51ea3e163ed1da558c2f4e911857ab4d3b15bc27135a4639e8fed9022fd6d89b4dd39a39b3bcc69060d7565f68ef23bcde4e622a2dd823e9fd217d314e |
/data/data/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170-journal
| MD5 | bfff67686753c369bcc0c612d6071928 |
| SHA1 | 5ee71fe3fe280274cb5a56f18bd672b3922057de |
| SHA256 | f09160a6e0f7b81d4f5c7d6d6bbd243a0312d760743430886aab76820510a548 |
| SHA512 | d6d5cb0d265190e1b8d534da8ef8dd85c5a5964bbcd0f16d088769fdf1853181cfced45e9d528a46b77318bc8ea9671cbaac64f365a348a417f09c1df60723c5 |
/data/data/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170
| MD5 | 6c217ed0bac8d2f91b30b79d439f229a |
| SHA1 | 9ba63c2aff1bb2c70250a9dec1f4893d2ecf827d |
| SHA256 | 344d6a8d8632f380bc914af9dc9f0296429a0e9fc273e68e57870032bded5720 |
| SHA512 | fa9386f1a267171f8c80095633baa7aaad145986608f9bdf15c6708b2b50ed19359f98f9b9ff395ad26e361a85cc9e26495b23ccbc1befcdb03aacaf167d58f6 |
/storage/emulated/0/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
| MD5 | 95058d3fa3076e4fdbc058e18d566e0d |
| SHA1 | f6082f93a9c0ce4565c1228e61099d1b3b4f1c6b |
| SHA256 | a079ab1b81730bd46de6049424ff404e37db84d47c48c5dae619911c9647f299 |
| SHA512 | 2bee197091f0e83989094b48f1fbcda3d9af8f9f5bdeb2716f3d659f99e97167e3863d1cd2e4b5e1537b866860ba016f4d7f9005e03e3f2d0c1dc3b2a0b264bf |
/data/data/com.hpsvse.live/databases/wsUL1uCdKvjD-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.hpsvse.live/databases/1cc9f39bc77a5f0919651aac95fdc170-wal
| MD5 | f8511d0c5d400aac8fe93d9bddfbea02 |
| SHA1 | 5e293635e93c376dfddea4fd45ab2c7118927cce |
| SHA256 | 3fadc4217ae1730de94ec3e87eab46fc491b2e736d08fafc62eff2c8e7ef6edd |
| SHA512 | d83dfcb880dd9feca5e1ddad5e6491c4bd9e8480a59c0d63455155c21f8df0faa726bef2c1a06466d13d93986339a972ab77c9e8655eab01a0fd985eb847ca31 |
/data/data/com.hpsvse.live/databases/wsUL1uCdKvjD-wal
| MD5 | 00a74e454557c2c50bd576631a4b98c6 |
| SHA1 | c2a7f52c2f37623476545a6daa3d2d7fa2a4b9c0 |
| SHA256 | f8ab9d93ffa6a8936ca2499882071cb8d0f52bc14f15eb8c944d30e80bacafec |
| SHA512 | b68508dbd0d6261e8f4a60d0e62acd7a2029fe8d79cc950a5efd6946d3b685d43aef49a3b6d4dd64507ff97cd9bf9b670fda4a05b0689c2f16bc36bf6999c931 |
/data/data/com.hpsvse.live/databases/jqIqJYOT3JpT-journal
| MD5 | 7852259fd957007e92da7563ba1555ee |
| SHA1 | 50c240d6725c97cbe047f6d4df6644270e953a83 |
| SHA256 | cb1a4f5129e0f813cfc7de7250a05efdc7f286dd794d4321a969828b86a10c5c |
| SHA512 | f17b1db670ad132e71d0597031d7cffece118fee72614a526b99b46033f2a6fdfe1c5dd2f4e80a21b5e9cd092f0e19945aafc7ffc4f2821a9abce301061f7dd6 |
/data/data/com.hpsvse.live/databases/jqIqJYOT3JpT
| MD5 | 9c37108c041a67252d4fb5059436eb9f |
| SHA1 | f65bdd652f9b2a098993d2aca0be2578e8eed20a |
| SHA256 | f4a3fc85419d0e98a0312af88fdeadf75bd9969460820043559d6ee45e7ace55 |
| SHA512 | d7b92b0b4900439a28552339cf7e80e2937887c7de796e10df0bec393d136bdcdeae47991133a5c144547ac2ffe484b9c99e60280246858f6ae9b8529c5d8548 |
/data/data/com.hpsvse.live/databases/jqIqJYOT3JpT-wal
| MD5 | 8674716875d958cbc60c7a242bb9aa43 |
| SHA1 | a6a05263b8be366f529b856607eba79a5d52ffec |
| SHA256 | 709992d38a739be6cf7d8a9afa3b17dc0af8d2d1cb9cf61079ed54ecdefbe8ae |
| SHA512 | 3b5283b25cba1f8d7aa1d250e71df85d744c3a81d31cf301194c1b9bbb6818f3758708d0887bdf7db3bba3acc5a77d17e4485d8fb293fb10e0aabffa8e6200c5 |
/data/data/com.hpsvse.live/databases/T1oX0rhhuXWt-journal
| MD5 | 33a90d7cf4d4e83f46bed50ec4e7ef02 |
| SHA1 | d5941523fd671e6f4daaa6e968f21b92b85e8112 |
| SHA256 | 3ff51385d88f26ab9d65aa4fa0f4a4a15f3ea4612275db48c7e7ff1baa381d35 |
| SHA512 | d7fde887fab5a1a2b7e14d4271e8fa328ab99c34e4ca80cc2ed93db546a8a4a071b152479e914eac1d830fa8464742d04f4abf13fda9cd8ee550fde93f6ff65f |
/data/data/com.hpsvse.live/databases/T1oX0rhhuXWt-wal
| MD5 | 4c9bbedde691be81dbdef2be12bf6af5 |
| SHA1 | 3e378a5a393b1fc3f8865adce64ef9c60d44975f |
| SHA256 | f767a132449e405698affcca5e3d3855f4eef8c98d63934231fc878c814b353f |
| SHA512 | 629718eef6d2bafa6b3d2886a7003efdf9d418dbcca2c9d62002d88f6848f6cff9d30dc1aed4b4b576b5aa2c05d44a107d8627311527466087b34ce3aa6c0dfe |
/data/data/com.hpsvse.live/databases/P15pKIjsm64m-journal
| MD5 | 885bc2f8f39ff119c395b051d6f0181e |
| SHA1 | e5c13475c212fa9321e6fd6d12d19dbc63fe6044 |
| SHA256 | 1935eba3f8d3faab78a75a3f9cdaaa15728ca976a76df6b4f713c4683117b257 |
| SHA512 | b2f81aaee69d5b4e30c7f5ac68b18f7a51a211d14d8c3674155a444b588cdaddc1f284c009e67a1e45ac438f5752738303bd17ab378fbebd7773f9c13713fb37 |
/data/data/com.hpsvse.live/databases/P15pKIjsm64m
| MD5 | 032abd6bc70ad7c9484f10a7daf57bc7 |
| SHA1 | 12e3c03375192814883d5fd1671e2b0c64b0ae43 |
| SHA256 | 9cc41eaf3228c605583528005cadbf69eb145da3943e09e3732677423dcbe976 |
| SHA512 | aa28b2d8e87dd6364e15b1c99c52758f937585c126cda7db38cd2b4e5fb3c3e5775a92cd1d5ae68b03a6c59e7473766d670f03e3ee30e8ee53c2bba1b73f243f |
/data/data/com.hpsvse.live/databases/P15pKIjsm64m-wal
| MD5 | 460a962a88e1c8007d8800a94a22fd1d |
| SHA1 | 56d5fa7c9ee01013888137229d73c5f77dee851d |
| SHA256 | fce621c58eeaed55f6be058c00da0faed7fde5aa72ae72b77baf16e39a6bdbc9 |
| SHA512 | daf417182b794764fb793d8145fc8f2eeb10eace5489fdd2aad5e417aefc06fff54aaab7a928dcdfe6ce27641c2a0a25fbe0a6fe7f65d4ffb12139483a786005 |
/data/data/com.hpsvse.live/databases/XKwVoK0huy3R-journal
| MD5 | 4eb5631ac668947504128e55eeef82da |
| SHA1 | 442856c79c5cca3916f16d58dbb51fc135a03f75 |
| SHA256 | f9f13a3e1bc25bb11e9240641849a7edbae4e300c56fd1bbf1c074db5d4fc3d4 |
| SHA512 | 4f048967e3b203be2737025beb40acbacfdf4b87c8f0157c96de11cbe438c2fba5944a2f5c959f9f1272d24678d51feae4ad4629b25a8c33c52262db455a40a2 |
/data/data/com.hpsvse.live/databases/XKwVoK0huy3R-wal
| MD5 | 20fa1b941fffd5f65fb5cfc9c6f27ce0 |
| SHA1 | df2a86e917ebb1d9eb506faf693f6fac934abe4b |
| SHA256 | b43569d3dd294ab83ded7377d2c1039b86d482dfd19b4691e4481c58a449ddb2 |
| SHA512 | 11d32fc2856b02b4466033319c2af57ba1260c9af58b68b2b808549086fd0062c2b591056fd60bcea443bd61af990560c5bd123aac2202a4a4ef21890d7f6aa2 |
/data/data/com.hpsvse.live/databases/wIU6pTyUBYWX-journal
| MD5 | 0a6dbc6aefcb69c6ece51d519a913165 |
| SHA1 | 07c46c55fef3e4786d2e9fe8fb72fc897922f327 |
| SHA256 | 6fddaebfa0d6c249dae7f62610792b09291b67d75f734fd096f4f8bd98697765 |
| SHA512 | cdfcc40047dcbe81d8ec318899e807d0ef816eaf870cd3176a6f1f753d6eefdc1afaa3623d6ac344363ff287cbafa820e7c20564fe78b287dcb125cbd5b50e10 |
/data/data/com.hpsvse.live/databases/wIU6pTyUBYWX
| MD5 | 3f46387c5a9161a06c35918e4715e9e4 |
| SHA1 | f03b4527b29495a3f50be85d6afba301e9e3f1c1 |
| SHA256 | 687a930724a6054924254f945ae475e34ae87ebdc2054881c34317cd91d46ca9 |
| SHA512 | 614fa11f57f1ddc2750185eb908a580f1ae1ea53d4f4ff6881610942a36554b918138af7103859821d90cef12ea68bcab1ca0e4548cc5a78ee7a3c658b37f3ef |
/data/data/com.hpsvse.live/databases/wIU6pTyUBYWX-wal
| MD5 | 37c84f056fa26c7dbb35318a766901e4 |
| SHA1 | 8397060633bd210863e6cac9761afce472bf1a9f |
| SHA256 | 8ccbf9f2e476fa1991ae58071f7b3cf99a1458f504676f65289fa9f834fc13ac |
| SHA512 | f5d2fc59558e48afc880f7944288d8a0b43d98604f98f4016b2c5fba2c2cbc725ba666eb4ab0e46bf6fb8a9bbc73b348702496977345d7fa514b67decb18337d |
/data/data/com.hpsvse.live/databases/jqIqJYOT3JpT-wal
| MD5 | 0ab5805165529cfb80f30e2a3dbcc18c |
| SHA1 | 2a882172401b3a33106370398505cf7d6e9ff021 |
| SHA256 | aba6f03b64f2ab11a0ea48877f3dc12ba59a0f15227664337e93b3887b42b752 |
| SHA512 | 81d395b5711ff2d4e2cdd58b6bf075750a047a92da1bcf3d621161d3344a2c77e11a93bf634fae744051eafcd54d0c23e71bc6e4b95b458adb281eca2ab04f8a |
/data/data/com.hpsvse.live/databases/jqIqJYOT3JpT
| MD5 | f812b2f5d1ff2851bb46f46c40a6b42a |
| SHA1 | 7638100321d2015b67b8b611e4072487bf4ae906 |
| SHA256 | 69a23baa4dfefe6c1bd03fda7bf911511302892125adedbef650338e96492406 |
| SHA512 | 37a7f2143e8551b052c77c2e4b6fa9dc40d16e599b233b77371fa40815f4aa6fda883aca0024b901584e0aff93cf0a8c7dcc68d0794a3753db74c16f9c59036e |
/data/data/com.hpsvse.live/databases/40c98882a81ad0df88076da2f023d82e-journal
| MD5 | fcd0483f49f8b36bc9b91c38bca19d4a |
| SHA1 | dbf7003f89218a24f0fbab3222e60ab865b2cfb5 |
| SHA256 | c239aeef46450c8db16b4224cdb6e0be807e3ce17c8fe0b005c7c155345c18e3 |
| SHA512 | ee34e6b20f3926b81bef8b9898e0f04ec9cb2c55710615e94cfeb35c378e4a64a55a6bbfb8d9fdcc89acfe9a6efe4bbadca73c8fe81d5f0120fae0338b48f2c0 |
/data/data/com.hpsvse.live/databases/40c98882a81ad0df88076da2f023d82e
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.hpsvse.live/databases/40c98882a81ad0df88076da2f023d82e-wal
| MD5 | 9fcf47672adf0319ba60bf30cc387331 |
| SHA1 | 35ec23d92d54a4c093314f247f3040812eee6247 |
| SHA256 | 3242cd856313bd520c265c7bc67a1a6783567d9eb0e006c14419143b1a8f949d |
| SHA512 | 956806638545a727fc83ca7635a54c1a898534a5cfbe715d43c4b0799f3a2afb7c6e1d2066469c46a8d1541967c11131b4a87c66f9650e16a30037111a05730a |
/data/data/com.hpsvse.live/databases/ec6b66bea7c552ad6c4599b7ab8e54ab-journal
| MD5 | 82172fed98b0b048e1d19b44424a53d2 |
| SHA1 | 8e83e50d88fa959068c2a10ca61cd5583bd7d1ef |
| SHA256 | 8b598e41771d5b7f206045798ff7af38cfa3fc2f672087db0d4b024827eee5d2 |
| SHA512 | 7d783fee677d3488a01806bd2e030150c164bc1eecc687c1ebd00bddf23c79824cd57226f0ceaff282e6314153e8f279f48952c121a7a04bb737405361a4b7a8 |
/data/data/com.hpsvse.live/databases/ec6b66bea7c552ad6c4599b7ab8e54ab
| MD5 | b1c1eea2cb20040b9fbf7770f9167780 |
| SHA1 | 78b67070ae1f91e43005bf56f878d3570d190891 |
| SHA256 | a23810b4bd43fab48ff0e03f71a73462ad04b8ca7779ed8a5601cde528c13cff |
| SHA512 | f31f9356c69147f140e41412e386f0457932848342e36c80f232ac1653bd8ceeb3b8bec132c25ceff4cdab73ad5c9449060699fe93b55ad43f254de4563ba98f |
/data/data/com.hpsvse.live/databases/ec6b66bea7c552ad6c4599b7ab8e54ab-wal
| MD5 | 833593b0c0d211e40c9c70c1b7ec8f79 |
| SHA1 | 7842600264869b358225cd5c6a5c9ec811cacd7f |
| SHA256 | 013fa4c9bc0c7ac30be7dd505cadbe61b27b01d39aa56a00ac161ff14952d095 |
| SHA512 | a478703f4c0df868ffb433483f09f128dedb11fb264494110c60e9ed591e33f971fbd1d705d2c4454636c320ccb5ed1884255061ce0a73a714d3bfa0bcc97cb3 |
/data/data/com.hpsvse.live/app_bwap_1/p.dex
| MD5 | 91e042317352c44a1d1c50d9800ce932 |
| SHA1 | 419a02bad056d6fd1fbe59bdeda048469b1cab56 |
| SHA256 | 83e52ddcf2f6f6a56459abd4f806a93db56afbc168cf2cf96e10ff5d1bdd2f2b |
| SHA512 | 0e507066844daf1fd106dc082ba30da75d85a6120bbbb0d63b05d710ea19788e03c42725aec8107b10773518ced5575cde210bbcdb2b4ea527837de90da452d5 |
/data/data/com.hpsvse.live/app_libs/oat/ymdex.jar.cur.prof
| MD5 | f7f6370d208cdc1f5382eb2d762539b1 |
| SHA1 | e52d68b60a38e2f61233a36eb921837272d1dfb5 |
| SHA256 | c7f8b4e8b92539031d201f28a433994a61ba48396283647c06d2be50d8cb5c2d |
| SHA512 | 25df69b12f0db295f6c5f65d6c9882c048d9806ac00ccd2a60999a82fb581554ca8f9b561572eabb977f815732f141866269f3c68e2354c09d6eb32cf907178a |