Malware Analysis Report

2024-09-09 17:10

Sample ID 240613-3qcpkazbqk
Target Shopee PH_ Shop this 6.6-7.7_3.27.09_APKPure.apk
SHA256 7031ff31e01ff7edce3f830ef6bd2e83606b4c1898264d4e16261c663042bc2c
Tags
banker discovery evasion
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

7031ff31e01ff7edce3f830ef6bd2e83606b4c1898264d4e16261c663042bc2c

Threat Level: Likely malicious

The file Shopee PH_ Shop this 6.6-7.7_3.27.09_APKPure.apk was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion

Checks if the Android device is rooted.

Checks Android system properties for emulator presence.

Checks known Qemu pipes.

Queries information about running processes on the device

Loads dropped Dex/Jar

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries the phone number (MSISDN for GSM devices)

Checks known Qemu files.

Acquires the wake lock

Queries the mobile country code (MCC)

Queries information about active data network

Requests dangerous framework permissions

Checks the presence of a debugger

Checks memory information

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 23:44

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows applications to use exact alarm APIs. android.permission.SCHEDULE_EXACT_ALARM N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES N/A N/A
Allows an application to read audio files from external storage. android.permission.READ_MEDIA_AUDIO N/A N/A
Allows an application to read video files from external storage. android.permission.READ_MEDIA_VIDEO N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Required to be able to connect to paired Bluetooth devices. android.permission.BLUETOOTH_CONNECT N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR N/A N/A
Allows an application to read the user's calendar data. android.permission.READ_CALENDAR N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 23:42

Reported

2024-06-14 14:31

Platform

android-33-x64-arm64-20240611.1-en

Max time kernel

10s

Max time network

1627s

Command Line

com.shopee.ph

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A
Accessed system property key: ro.serialno N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /sys/qemu_trace N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/socket/qemud N/A N/A
N/A /dev/qemu_pipe N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /system_ext/framework/androidx.window.extensions.jar N/A N/A
N/A /system_ext/framework/androidx.window.extensions.jar N/A N/A
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A
N/A /data/user/0/com.shopee.ph/code_cache/1718373652311.dex N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Checks the presence of a debugger

evasion

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.shopee.ph

Network

Country Destination Domain Proto
BE 142.251.168.188:5228 tcp
GB 142.250.179.228:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.68:443 udp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 216.58.204.74:80 play.googleapis.com tcp
GB 142.250.180.10:443 udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 alt4-mtalk.google.com udp
GB 142.250.180.10:443 tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
US 1.1.1.1:53 mall.shopee.ph udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 content.garena.com udp
US 1.1.1.1:53 alt2-mtalk.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 oc2vjq-cdn-settings.appsflyersdk.com udp
US 1.1.1.1:53 livetech.live.shopee.co.id udp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 sg.pool.ntp.org udp
US 1.1.1.1:53 id.pool.ntp.org udp
US 1.1.1.1:53 cn.pool.ntp.org udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 update.googleapis.com udp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 alt3-mtalk.google.com udp
GB 172.217.169.68:443 udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 alt3-mtalk.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 172.217.169.68:443 tcp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 alt5-mtalk.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.104:443 tcp
GB 142.250.200.34:443 tcp
GB 142.250.200.34:443 tcp
GB 142.250.200.6:80 tcp
GB 142.250.200.6:443 tcp
GB 142.250.178.2:443 tcp
GB 142.250.187.238:443 tcp
GB 172.217.169.78:443 tcp
US 216.239.32.36:443 tcp
GB 172.217.169.42:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 alt3-mtalk.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 172.217.169.42:443 tcp
GB 172.217.169.78:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 alt5-mtalk.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 alt1-mtalk.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp

Files

/system_ext/framework/androidx.window.extensions.jar

MD5 3056e1bdb7d4e19789d0319eff484bd0
SHA1 6791ae47aa9466fe0bca27ad6643f846853bbee4
SHA256 8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0
SHA512 c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

/system_ext/framework/androidx.window.sidecar.jar

MD5 29469324e59dfcc052f24b5af4e7b2c4
SHA1 10c1e17ac6f598037bb51baa07945663645de4eb
SHA256 9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a
SHA512 5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

/data/data/com.shopee.ph/files/mmkv/alpha_launch_config

MD5 620f0b67a91f7f74151bc5be745b7110
SHA1 1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d
SHA256 ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7
SHA512 2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

/data/data/com.shopee.ph/app_lib/libreflect.so

MD5 630f6b46ea5963da0395a96b56b7367b
SHA1 dc9083c07cf5dd1a66b4ce74ff6c486242528ec3
SHA256 490cb17ee12b34564a2095364bb7ebdb646327b4f17f6ec0c89ade4ddaf537a7
SHA512 ec7a18cd4556094bdc28e28ec61620f67bf13962ff5d9e30d0584e57f6a88d83af1626566e158b7b215de06baa015cbe2f4cc3414ae31048ad23c9ce84a6b7ee

/data/data/com.shopee.ph/app_lib/liblogger.so

MD5 f94477401e38f147bfcdc6f4b0f033e5
SHA1 97649c4993b15b8ee625c38f168cdf1232cf4d96
SHA256 072c76895bc5a47411339f837e46222e50753df173097bf82527bd43c1d5135b
SHA512 3c4389fd91d1a2924ad75c980d2d687162c0404b0c26546d9cb7e044e6df732f37743fd310427a433d8c4d8e66593925c62ce05632965447a9092c286b5f2b80

/data/data/com.shopee.ph/code_cache/1718373652311.dex

MD5 fa5e92b1f73ce6e1facb5332bf8c1987
SHA1 34875178c9fa31fc1c08cf9bdc98ef176e48150f
SHA256 3a4e3fe970ca8edf51ecf101145c32e8c5d21f75b10e28406fc016835f86421b
SHA512 25f13ff1a648d98ee8183f73398afa888b1b9ad8956e5555df6ccd8b808dc7d42cf788db1e43494ab71d61d260dbf26aecb7b403f94dff1232c7620c4d19a119

/data/data/com.shopee.ph/app_lib/libnative-crash.so

MD5 b93387dfa188e576b03ed005011ec2f2
SHA1 15cbdb3b9b297592a74c01d81dc00df2cb75955f
SHA256 f4d78a2b9d075fcaeebf71c95d1c3168ecb016ff187e284ac9b5225bb7397e41
SHA512 2e1185af6f3e742acb03e7a444445f68b3c63235bd5c1e8bf68fded05f89b1e580cf2af98ea048c575f16f9c52d58491287bff4b9e072ed480f7a28d0e3e5310

/data/data/com.shopee.ph/app_lib/libanr.so

MD5 03f0f12cbbad7a0e9219e61b1b34cc9f
SHA1 e5d432d96266a8e7af4d7ed95099bfe016e12888
SHA256 582d541baa36451d0dfcb3a07a251932af89e5666ceb0a0be0cfbfd32408b865
SHA512 b8f92ca8f9f40025ce8ebb43e713a401a8a707126b5e6705484f630863b8fb2f080354750c249e7be4132c265447aec81ae4fe322885c171986816e6b6b16d67

/data/data/com.shopee.ph/files/PersistedInstallation1341181200261542371tmp

MD5 7f1d1219ef30e5cd5d508d0db30f623f
SHA1 6b2f21b10ee45d7c7a715f0ca19a4e1452fd6d3f
SHA256 784842426d1d5803c1955a0344ef26aa9d2cd8e3103b7188cdef1129ced2e785
SHA512 83d498fb890637c69a65a67a3207c1ad28a4a43e4adb2f358b0c10874a0d81674a6f60fe0d7fcf5a475851e87aaae8830fd75ae0fc18a8cc85ee15537fe437e2

/data/data/com.shopee.ph/databases/com.google.android.datatransport.events-journal

MD5 19760ee24d7827a6874fc334e6c859bc
SHA1 25c32c4889e9f51cefb4494dc2fa833996bf0ccd
SHA256 318aae6fb288e549035eb1399322819f6517c4f0d266404e149a50e63e69fbd9
SHA512 8d154f53b839ce4f8c083c9ebbc2eb03e5987d0a5f87784c571fa9e634c9ad9925e6039a1e1362443e71f39ac37800c84dc9f1d4d46b285e500e61c03376ead0

/data/data/com.shopee.ph/databases/com.google.android.datatransport.events

MD5 9c562886cd8fb4eae4d38d716a1c7ff2
SHA1 e6cb048f36841f6a80c5fcf7cc24dab483c796df
SHA256 7408ab164ae5ef445c0ba9172bff01d0c2115609a32fdbf3e7214f16d7083585
SHA512 38a4339bb497eff6685a17d4dbe949cc0605fe1cc38dc9234ef5b8abd359ee3c7687f22b50d15837c2acc6e5f0e9f6737253f6832ce55e4f07288e5471c0f42e

/data/data/com.shopee.ph/databases/com.google.android.datatransport.events-journal

MD5 53bcc86ddd7d2635af534640f2950240
SHA1 dd48a26ca4e9ce678e6e988746f82c4e898b60fb
SHA256 fbfa13cc915b3cbaeaa5a7f0cda09bc13f98036749edd783876953326f38202f
SHA512 581f41eeb040242097c1584a48afa365df6ca82eb1affd57e1e39be32debbad4120000637b8fae5b396c38a38cfcb0c38c672fade14646fda5e34a08e5699fed

/data/data/com.shopee.ph/files/.com.google.firebase.crashlytics.files.v2:com.shopee.ph/open-sessions/666C4D1402F0000110E31274A1A52B2F/report

MD5 d346a254f11473d9994cda2630881178
SHA1 a75bed4ff479e9d6e6dba72af8cb4b7e6343bdcd
SHA256 5989e9212ed806791e03811e9ed5e82d908cf313f31161862cc02f50237b4bc7
SHA512 8d9e616c6a42a0def893b33bdd5b4c47cb96df6aa95223ff7d1dead05163f4c8c4f3989a322236c353181a483cb7ccf88446e67a1aa9e88ef909f016f79c2e8f

/data/data/com.shopee.ph/databases/com.google.android.datatransport.events-journal

MD5 e45f72c29137fdd3f6310ad703c53aa6
SHA1 3192d6b103edf612f0b7f68c325e0827dad8e77d
SHA256 ea024e9bea22d1a9c419a1b2122145512c0183f13b404f637f23e9d6ad05de14
SHA512 78a4b2ecefd12d26eac7faa5871121b1a1e6c3f966c1be36a4dedfb8fc407c9cfbb7d9274c2ca50119e7f7b95830680b3c1816803b271adaed0fcf49bee97673

/data/data/com.shopee.ph/app_lib/liblinker.so

MD5 f24b6640d8bd2ffe4df2640fdb51fc1c
SHA1 24c227a29a3f8f8f0aa5c32ec3a04e2f0599f6c0
SHA256 3aa0d85b973388020679dad367346516bf700b4cfc049442001d7d6620b43523
SHA512 15530285ed5e85c7c419e47677504f34f3dc4dfa70fd508ddf76407c1f50feee76241e5bebbca36474f780d454b4a5e609e9c9b5212b3bcc8018c3b0d65e50a1

/data/data/com.shopee.ph/no_backup/androidx.work.workdb-journal

MD5 4944e119f9cec76dd41cabddc385f0ec
SHA1 cf0eab7d8e1ac21cc72e15ca3cc6c7dbd6fb7587
SHA256 d90609b2260eeeae83e4c3ecd3b4d2a03ac22e5e026947fd23f69bf83987288e
SHA512 3c1a69513825cfcf059afb25e30093cdfb9f2b6d9d708cf8525b2db2bfde2bc0cd6b76d5c713e5cf56df29a3452f319c7fad0ebb7cb2815a72635772904b5b30

/data/data/com.shopee.ph/no_backup/androidx.work.workdb

MD5 0eb157e1a86d4d00aa601dd2f6ff3ee3
SHA1 fee434f784e73cc7916322e949f727caf8363102
SHA256 b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4
SHA512 b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

/data/data/com.shopee.ph/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.shopee.ph/no_backup/androidx.work.workdb-wal

MD5 e27ab94bae8c1cb5d1fae1c9f060b738
SHA1 91658ad151a1a02e985e89d151437c5b44b5a82c
SHA256 6304893c3e69475673bf2fff85a2725877bc32df9b8b17e8167b02b8bdb897d9
SHA512 8ba948b533145101b2991890e90c859ff69768185900ec07d78e117574ac608a36f09208954564dc0635929f7e401600c5b788b3367d4f53df3f80e6434abe47

/data/data/com.shopee.ph/files/.com.google.firebase.crashlytics.files.v2:com.shopee.ph/open-sessions/666C4D1402F0000110E31274A1A52B2F/keys

MD5 823ba33345e62ae0e141d3fb50f75e93
SHA1 54b7531f7dd8d6cc4fd0e1e1747597dd3e799451
SHA256 96057ae10356636c0a20a5241898bbd96d73b8c42cd42dd2ee00e6d2ca658768
SHA512 d20b50b62018516127bf6d0771339d1a33c4dcbc7d0d8e927a3119687574fbfeeb6840da31f8e9e476d150c6df6e6b98e22470d475b408efa40eed31e83ff440

/data/data/com.shopee.ph/files/.com.google.firebase.crashlytics.files.v2:com.shopee.ph/open-sessions/666C4D1402F0000110E31274A1A52B2F/keys

MD5 a0d08201fe2004342f4d9cb97b7d3057
SHA1 dcc071c75789885d02748923b6b387747ee6733e
SHA256 9b4acf3c2d12d4c5009392c2cf9ad6a61861b5eea42b5e879ff4ee7fd2137d78
SHA512 2e779792201036e0de0ea11742049b286c6b8d50c8a1211f046baf0b241832e2c6e6ad6c4aa2539dc0e5b3a1bb5916136b351f9dc1b88562a5be39410c46bb1a

/data/data/com.shopee.ph/files/.com.google.firebase.crashlytics.files.v2:com.shopee.ph/open-sessions/666C4D1402F0000110E31274A1A52B2F/keys

MD5 d38ed390f64d18e2d5721dda5e1a643f
SHA1 f875a3363f3d424ab5f3b0037ba8b389c3a74a25
SHA256 26bd2c28ba6589344e784e8b89490b002f22daf8ecd89df7f534c71e1dcd1976
SHA512 ba83b0785cd6f49fc5e9c735ab56d401f99be7ddb3e8877042c1958401fe9b08500d68c5261aac268b98e0e3cf8d32148b39af82f272bb8e687e6cf5d11caa8b

/data/data/com.shopee.ph/no_backup/androidx.work.workdb-wal

MD5 63bb2d318c3e35b2930fb8f69a51823c
SHA1 d5474a5206a0aac53cbc29fc9579dea99352b245
SHA256 0b577cb65c37dd8aeaa94b82c969e23ce0e237fe578defbb7e69ddae586e130f
SHA512 61e9bfd7d302182e76a599724797b2bbfd4ef8920e49df3777f986a03ac4e1cf71269c5336d2bbb9da1b1aeed3bd2c8109b1a4dee638aad5b8d071c82b581079

/data/data/com.shopee.ph/files/.com.google.firebase.crashlytics.files.v2:com.shopee.ph/open-sessions/666C4D1402F0000110E31274A1A52B2F/keys

MD5 df2f2825c14521aa6ece6bf226c2c5ff
SHA1 67e863b4183a0b12c07cfa85547173729c631b16
SHA256 1954aaab193d238a0b575df78047df4e1853aeeb88c8408f95c5be5575d44bad
SHA512 5763d48ccb58dd9accb44b38b0c1b1c0d146c7661f16d13394d360df8cdd756f58ee8757deaf578134614b8e527c1eecc0081bbaa4c9788d564ebbac360bdf60

/storage/emulated/0/Android/data/com.shopee.ph/files/web/dfdata (deleted)

MD5 9555ee2b42932b5807dadacda8366962
SHA1 b1f3538a4d0f926dd995ca8769d6a571dfb81f87
SHA256 4a43dbac79664dad23294f35ffd539d6624442d3a0f45241c58a6fe17043f215
SHA512 65ffac7d4dbf8e3ef6404b0a160a855017710d622577c8558bac9c3f0009514e54b337e185925274d63e7759b2bee64cc33a891db24d7d026d9c69114e3a7d79

/storage/emulated/0/Android/data/com.shopee.ph/files/web/cache/journal.tmp (deleted)

MD5 d6ac8c8db0504502d7f0e057a78c5ce3
SHA1 8f4cf91a262b24ec9c1a6e7c41fd6d16b6623bb4
SHA256 8f22a32cd8de58916041d1097976f2b9c80f7e9a18593d5a6b058bcaed17e22a
SHA512 100e74f0c65b51a17de6eeff96d5c38bd6d40e3c8ee00094fd906ba5794088fe1ad6f3a15be196480384cf01399ea26665a05471404f1eeebb0c82ae6fb104bb

/storage/emulated/0/Android/data/com.shopee.ph/files/anr/portal_info_stub.txt

MD5 eeaa56182935e51410e334e5d988d213
SHA1 33d2e29b0a793cbf2f88631f0c3da3ed8b0c8915
SHA256 83e478c226a72e5756f4a8c968ac70bc0ed21f438da128ff1d21315c766557ac
SHA512 707e1383d9a3ad59ce13bcbfa099916ee2cb8d7a2662e36fbf8f28e6808fd1b94cbaf90d960ebd2f17f8de2917f0841728eab1c934b282cdccabbee8bf03b60c

/storage/emulated/0/Android/data/com.shopee.ph/files/szlog/logs_sz_20240614.csv (deleted)

MD5 488699ee1d4ed966efa75e34f0be53ac
SHA1 6386034c6306fc31bfc66f51405beda6c1526d52
SHA256 2720be3f8d5b3715e70cdf27db2d3bc69ba40173001a9c6f10a26dde1670aee9
SHA512 7b34315123e26b0f5fd720d09a2051a3332a8eb06458bce779195af4b95409388bfc593a484bb2af008bd795d087e4f5e9e53aa3fb073ae211e6592639b5d05f

/data/data/com.shopee.ph/files/shopeePH/com.shopee.app.application.ShopeeApplication/sp_xlogs-cache/shopee.mmap3

MD5 06ae8a01d80da962c7987c264af64cec
SHA1 63a497994321f254b535a846ce89f076d4e378ee
SHA256 0c5cc90b079d0d9c1ded1376357d23a9782a704a83e01731f50ccd162e246492
SHA512 8720928fbe7cf8351c9dc45cb1a9c8243939c7e3c9c6957d24dbe18c0819d05ea7475e3953018f0365461fb2987ad68d8ec9f59b03aef3adbd3e4ae8ebbd0427

/data/data/com.shopee.ph/databases/DBFriends0.db-journal

MD5 972ae1dcd1a46313f730441c8d224b4e
SHA1 cd98c2e6dc2a886655986cc6cc3f559e8dfb7177
SHA256 daa3d33611e0a0435cf7c2f59442c3db1425af06216a57080837f2cbd3c85e3b
SHA512 ea30f9579f15b82b37edeb5ddc3dd6df8cebb7477dfabdbd21c9a5c2c8c522a138876943d64d52e3381857d8654a856a5d9b23d663424b1db48c525ea3786ffa

/data/data/com.shopee.ph/databases/DBFriends0.db

MD5 d89acee9fbf356695093f2724f643ac8
SHA1 22d2f857dfd38f9df961569715333e53fe64ee36
SHA256 4e1313b40c676cdc9653aecd74da0f6212f5d84ef960e1e8bc249811bdeb5783
SHA512 66448f754e7932dfeb98d20cddef9fe318b3a3aff17c2c47d065db78c5f830208febed67faf30a41977bc62cbd5c7a6e8205da054ff296843a75ca1b463f420d