Malware Analysis Report

2024-09-09 17:53

Sample ID 240613-cpv7eavbln
Target 5246c3b5d4ce006bb4295eebf3f836693623ef7769c3f0aab219b2c0902a9d1a
SHA256 5246c3b5d4ce006bb4295eebf3f836693623ef7769c3f0aab219b2c0902a9d1a
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

5246c3b5d4ce006bb4295eebf3f836693623ef7769c3f0aab219b2c0902a9d1a

Threat Level: Likely malicious

The file 5246c3b5d4ce006bb4295eebf3f836693623ef7769c3f0aab219b2c0902a9d1a was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about active data network

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Acquires the wake lock

Listens for changes in the sensor environment (might be used to detect emulation)

Checks the presence of a debugger

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 02:15

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to recognize physical activity. android.permission.ACTIVITY_RECOGNITION N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 02:15

Reported

2024-06-13 02:19

Platform

android-x86-arm-20240611.1-en

Max time kernel

147s

Max time network

146s

Command Line

com.alienmanfc6.wheresmyandroid

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.alienmanfc6.wheresmyandroid/files/audience_network.dex N/A N/A
N/A /data/user/0/com.alienmanfc6.wheresmyandroid/files/audience_network.dex N/A N/A
N/A /data/user/0/com.alienmanfc6.wheresmyandroid/files/audience_network.dex N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.alienmanfc6.wheresmyandroid

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.alienmanfc6.wheresmyandroid/files/audience_network.dex --output-vdex-fd=106 --oat-fd=108 --oat-location=/data/user/0/com.alienmanfc6.wheresmyandroid/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 graph.facebook.com udp
GB 157.240.221.18:443 graph.facebook.com tcp
GB 157.240.221.18:443 graph.facebook.com tcp
GB 157.240.221.18:443 graph.facebook.com tcp
GB 157.240.221.18:443 graph.facebook.com tcp
US 1.1.1.1:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.18:443 graph.facebook.com tcp
US 1.1.1.1:53 in.cuebiq.com udp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 in.cuebiq.com udp
US 1.1.1.1:53 in.cuebiq.com udp
US 1.1.1.1:53 in.cuebiq.com udp
IE 52.214.60.40:443 in.cuebiq.com tcp
IE 52.214.60.40:443 in.cuebiq.com tcp
IE 52.214.60.40:443 in.cuebiq.com tcp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
GB 163.70.151.35:443 www.facebook.com tcp

Files

/data/data/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-journal

MD5 e085d9ac90fc802f96f57a1cc0d42c38
SHA1 c32bade6e7b227f457012f8e901b1e46ef8beb21
SHA256 c3fd65c73a7911877edc328cd08dd20fc4f4459e1b6461bf9b6a54d27a35671e
SHA512 89e9a7e3d77a040f31593b6238efc5134b8df2f9342d75f3dde7fb72c73126485e316a7a8558a16a90cff6888b3e765e75f480129b59058df25486dc368c6cca

/data/data/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-journal

MD5 1c09e342110f8f0ab9822375a798ce16
SHA1 c2bb2a1e9d2bfc5160b43e2d729a9db03ad19986
SHA256 ce6a797fb7b4a64acb87067d4d04f3df4e75743abfb6b126d11e149fa15f3411
SHA512 f94f8cd711e132c786b2142a61899e62596ba534ba9af9accef1844118d206793536aebd987d760665272035adcf9e0a2596ce988d1810b89353f320ef65a2b7

/data/data/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-wal

MD5 6fb1787396779520b49cd70f926d78ea
SHA1 108dab973bdcc76a6f5471f0ba6df4329f635ba6
SHA256 fab2210d2dc8d4f15bc651d21118b661082c1cb92edc86d9b970f070f326986b
SHA512 4a41f5f4cdde5f68865312ac90b75cf2a4951ae4b626d89f1c34ac0fc9f81adb77a0f984beac1aadf9bf70d7913b094880893616c023b9e419bf204584b14361

/data/data/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-wal

MD5 0df96fff97dcdade7e78419ce2970e01
SHA1 d0a2ca93d51a43e00e5a740c1509b1dc2d00aac9
SHA256 d01278d45a2aa5496c6ab019f0b48cf0cc6bbfebc42e0aac1c83596c2488a514
SHA512 0807598a9c2c63c6e68fe48384048df61d8858876a27b8243020ef6cdd3ab2794e20120c4fe7d9b71a1f3c0f918723e516dedc092786cedebb8db4140e57f3b8

/data/data/com.alienmanfc6.wheresmyandroid/files/PersistedInstallation993226295545540778tmp

MD5 037b7ca79271301c56817c0504c47ccf
SHA1 585223c82022c8be7afc4622b16e9ff2fc23f1a1
SHA256 4354a3e818a9bc3cf974d904d0cb27879b2398b687e5b7d79a1da316fa7053d1
SHA512 33419eb83a15d8e631f88381b9d79f171782fa68b86a2ac9bff7e483148ebe4653a21b6d5efa2aecc478bf7f5bdc1baf54692896babe125df5b857a24aa85ed4

/data/data/com.alienmanfc6.wheresmyandroid/files/audience_network.dex

MD5 e8267ce8fc81e9d1c7099d480486d960
SHA1 0aef0c04cd5ebe6f4fde6e2526937b7c64f7d109
SHA256 6233ba1598115f3646b60b99e1556ce1ff0b66458c67620cd2a94fd9a59140bc
SHA512 a1da017e8f0316a7f391b49c10cc94c877c425bc0f5320ddacb6f076ecb7dfe3c6132a74d74d025e25c038dd4f220811517c4e9eabbf542836080b83e182ba2f

/data/data/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-wal

MD5 072cd4cb28605a73f9cbca531c27d260
SHA1 83e1076da1e38296c275e0d1c73ad8421ad54eb0
SHA256 7f41057f1ed156bc21b0fa0b23c9aad45df71784028793133a6a69776929ae5c
SHA512 9181d7465bb0251e3682b0c68da3bbb3046b9f33afe431cbc2ea78627bc47d3dd417d60afe56ece39c6a68c63cd6cb7e35a6657be027aed0e178a33d5bcfed7e

/data/data/com.alienmanfc6.wheresmyandroid/files/settings

MD5 9e329ba70726df63aa018bcfc9ab0be9
SHA1 9cca7ad4974f60f0e4652d4262e249d2aaf69954
SHA256 de1ef3bf255414323689a019375f9c4c04b8c1c523bbfec739630cb600d88f08
SHA512 8bfed8d7c84d975a794402ead9f39bdf7e9053db9f9f7aa557d6f0c73981eca3a81dab097c0723df2d0f789faa1eb6ccb184715c7850594f05d31c772de482ce

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 6ee20f3f684bf04d54c9ec5f0e331183
SHA1 12c8c553c0a558ec9a833e4fabf9c18067a58104
SHA256 acb1575d202b8ddfa79a9508f915515ca03aa46ca7ef3ce2b3b4b9680db14d8b
SHA512 10dc1ff261211a8232dd33b712d0c2864508ba0ca4077212da6ceabdaa1f9ed4d64cc658632d7ad2a773427d794902220300b27a13ac23414bd73a155e74c5ef

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-wal

MD5 45b3be5804404bd8eb0e93d71f49fa5f
SHA1 5f878bcfccba71758c0d3786f918d1c05351cc37
SHA256 3ba677f18930a52c506566a8e0c0b3261180f6548b7556b151aade15acd831f0
SHA512 0f0ae3d1e184e95351a0f34ed4fbdeeb8f885c5be8dcc9b0d45690dba534e7723e1bfdbd35640fcb02eb33aa6d9ed76bfcd8e3e45fe54b02de7d757284d5841c

/data/data/com.alienmanfc6.wheresmyandroid/files/gaid

MD5 9936efb3fe6f9746f9384d99d7bfc3a9
SHA1 6a73de55872bc19374f06badceb0ea6e914a806d
SHA256 ad2cab207602e04b0987f2da6f3e1bd050e1608ac22558b078c5a15a7f615a77
SHA512 801d54264fd5b4d6bcb1e14e3381b8c02203f1ff2990fff880dfc240e3fd597a2dcb4924c91e785e9d1c5cc1bfef933206479b5cab681b9d0fbbb7acf6441d92

/data/data/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 b234f1b1b44be765682ff7d7448e101c
SHA1 7542e023b9af9dcbfbcd3188e8accf62e5bbe37e
SHA256 f91c4758326194d12adaa31e40111eed67827c442d7118e37aa5e6e828946c02
SHA512 2fa93fe54f216405b1db4f150905affbdf8cdb47f0f1c188481ffbeb8b211df1fbf9ad6d756eff91f0ce58ce85cae80c786d97aa5a6c7e1e7a751fcf09ba5721

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientId

MD5 e99862b15573ce1080ea384cdcb9aa2f
SHA1 cdfd7070f1d337155c277804e29d5c5b48a78eda
SHA256 fefc48e6d78a98227c9260c96f82e2495baddc9d9b4fd9807cdf64cc3deba70f
SHA512 573c731fd31f521b4ce0e1f56a6d6716fd3d3257eb5b0456f2f70d4a5bd1ad2149ebc0007641bb4c6885f9050fa2849cd006899df1998f7d4bc9e02fbe823875

/data/data/com.alienmanfc6.wheresmyandroid/files/coverage

MD5 48b4b37ff6616e4e8a687ad8f1584c61
SHA1 a1af6212040406dacd4fcfc5822fe7f94e24ed4e
SHA256 c9379beba2f30d279d2f722e4e2a78dbf96282aea35bdcfacb3dbcfd99e129dc
SHA512 767ff4479f57fd3ba6ae52b42b9d9c01498083dd9402f9cef4d1837896560c19ebeaa4c23eb811204bf1ae27b8efee9a59dbccb1695f053b09284dc93a39229f

/data/data/com.alienmanfc6.wheresmyandroid/files/settings

MD5 27c87dcd63719c4fb0ffb621bf576f32
SHA1 336fdfb577b4dac1f4cdb7f574d6894bc5fa6dea
SHA256 94dee8c991212dc903a43f1364af25a0d875e7c0c3df67bffab053870b57c00f
SHA512 bff80550e760ed049081fa0fb18462f4a6adb44785e60c54ba7e93b0ace91d71d904efa35f51282b712667aa194166457f6875de795c593d1261d3f575fdd4b6

/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientIdData

MD5 7f288c0afb65fb346d14fc58df05f100
SHA1 6138eadf6312cd89812a0ec285c38c6e50764e13
SHA256 65a17d15f81fdb6c7ae41a00b4129be8b3068bca2972f5a5087c23dcdd26b204
SHA512 a5ce71334138321a03620fcffc9a5731b42e201bb1001a160efddb2f79f191fef71d656421c6fce32697a486d129caaac9117b2d0e6b1ba757a71461bb4eaf5d

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 fed3d237872274ff6bf52b4afa0bfa16
SHA1 bf5ade543b76158b929f67e1f0df2d8a44d1098f
SHA256 26f69d69a407e4809e83e5b8ff31edd1929c1a2d78b4b5c72dd4931b5056f2ba
SHA512 5c96801fed4a323b8813e655fe7a43dc49546b6b4f16dc9ff6ce84e06d4092bee5f2fe5666b9a74d5e0efa2bca56d2fc4b6c8d322b536e80f608473d0055973a

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 32425e472c511251fb2b4a2581f15527
SHA1 ee3a548e3edb9ce84926de1e9da6fb1ace219a42
SHA256 0ea614a39497db7d9c1dedefb3de531bc58112087f32d90a7555d8292e5a5a63
SHA512 a6d4f01add4c30f172f79e8274d53f9ac360d656cb16ef241ceff65f4dd0c0538844a1418d3a3838392855ee11b078438466aa219fa9d76191fd01ff8d9eeff0

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 f58a92a47ec872194be56d610e74183d
SHA1 abde9d677a15b5120838f0380804809f8d30311f
SHA256 f7e4d37e3be1144dae5d89142b11f3f0c3ce1afa2f1e6b30da3e7fdbca3ca621
SHA512 2df43451bba705b069a898872d19f1deda51790a5d1b9bf032885f7e0c11d851a35257a8ea509b4b43aacd3d71dbcb37afb1db23ff9d6f28465f0f081061af9c

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 3071b4386d1d8e0e3ac0436978d8b36e
SHA1 e545361226077713e0cfa12a491ec35cb7d7a321
SHA256 bd9d7d9280bbe774a2fb6e76a9223d35f6bb7c6f89aa6af540c298b0f2570a1b
SHA512 8a04790c194182fe7e0cb99733695b9a36390d27159a5d835a3dcbdcc03313f489e6707faf1ef2472b754ef3adcb9ff286f10eb068a6eb03a7574747fbc726a0

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 38a01caea17b7a00eabfd66b1765446a
SHA1 8eefa85d8e047c5abc0fad1468357a781c2911ea
SHA256 67e5d63a686037fab29da47fbe90a19a3a40f4cfe980a1f90ffc7e9bb3b578fe
SHA512 de77e4b0721c3dd9d62e6ae50c95f85be98dfd6d2c522204471c687b6c6e98450ffad359efb4a4f4744f3e3b0553666638dc316ca8ae30b24378830973d8e9ca

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 2be5e0fd79f031cee827e229370c0f6d
SHA1 ab97888cb5512a6382470bd654d2e2b040a2bf58
SHA256 deac0df88986c3653fdfced373aa83766dbcac4a5c4493e1b58fac49a2cc65f1
SHA512 163ccff4ff29e9dcd1f427ddaa83221f62c623d3a22c431a2cd8070ba72a72f5a692fb579e5931530b0224e039639fab33e6164029054d1d31190540e5fda4c7

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 90fe2e3a153e73734a182e89fe2c73cc
SHA1 4fd81aa7e6cac9646d01cccc7601a210e337b31a
SHA256 ca5af3b8bd4bd454226e12220d5484c986eed73087ace3651d79c84869ff39a5
SHA512 4b8ac5cd44badac1c2ae85fa54ce2f21348e4f756376a21e703847f02ce8dc564623a32145e4f68888cae515289300bf14f3d5304d4dd7372296149830702e48

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 0e4b99c666d1529f45a106a6372ce0ae
SHA1 862bb1951a1bacc4908635bdcd7b254e15cd2340
SHA256 4e372f80380aae4b303d55d0ba59efbbfb1061c8c424a69c144345d49aaf8d10
SHA512 0a542d75974b5decc5cf461d7a30a94a4de762708adeedb2c9983d874f96c3330c02453faa2a1b8db6ccdd66ca9fa5807ead202a1c7ce56a7778876161de3a82

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 fec2748d8ea13ce0eeac302218ddedf1
SHA1 b6b3ae60d30f9528c844f3c6faf11a0f819346d1
SHA256 4ed4eeb23dbc5791d9431948957f49abd5a0f1e1775b08b6d620c53abc774474
SHA512 82e436ffeb82ca3bc5f30fef3e6d71f07bf7d4d780b68a2ab38f225430beaf9d1e1cde119e8925ce04dd9e72608e4bc3540e6d00f64cea772d364aac975cc4e9

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 b0ae66542a70368c3fc83305c45f9128
SHA1 505980446541486bd3cd831f2d30e08f8e65f3dd
SHA256 0d94063e53c8d53f8dd4f84a19b58496091a08cd1b9ce24d119ab74d5b8e21a7
SHA512 6d244ba8da1207d512e57ef964e737c4753b19e6022cbd5a12e9c6a85f91e3b5a47dac62687f1186abf6d2f42b1cedfe33169873989b540e7baed40ddccd9b35

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal

MD5 a73a420cbd09633c0556b483c635196f
SHA1 56ce7a487ea69460c6cc55f133f59f75377312a7
SHA256 53c58fc8895e9c2b827242a3cb47c0f2757648b55ad52a50ff842646377769f5
SHA512 db4035863975b5b7a5c263f6b2da8edf80657a810f0a1ce084dd5c419764b52b823fd8c0b4ba9076460691043ef1c7e138bc60b25f41afc45ff149c4f7dcd98f

/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 a1a24b47ce4a58a49c982a81ff846289
SHA1 69faac036ef0f29b0c4c0e89f1bfcb8357b60cb4
SHA256 2f0a99ba8d927ef83d9e653ad169cee72ae639b0e002394a8e45119206f2f4d2
SHA512 708a5abcb4d908d2842a028b76aa1eabf66a6114ccd580667198fec6c07444c7665ed257ceda7937f124e1c8f81325d89647783398e9ce3655f01018ae75f3ec

/data/user/0/com.alienmanfc6.wheresmyandroid/files/audience_network.dex

MD5 b97301854f16eae75f5afbb0e8e877ab
SHA1 10e1c5eb0beea7e3239684554edb37e70d1b610f
SHA256 6caa4acdd8e8c5122e984101e68ed24529e0f377efc162cf8e1f5dea4fac49d4
SHA512 828aff6cfad833877656baebef511b935c1e6d23baed69246070e12a491a0ea3ab11417a58bd31df55c8ce6948a88b68ce26ab1ce4a608acfc0361f3f990ad39

/data/data/com.alienmanfc6.wheresmyandroid/files/facebook_ml/DATA_DETECTION_ADDRESS_1

MD5 26e37998b089275a4e2ed9c1be930879
SHA1 c48a03938a072a835e403c4f3ae5ca41835d9eb3
SHA256 b20563ed7cf7284fde09065b8fbfc3c215efc8679e82bfdbfcee39842a9f3f2e
SHA512 e9b888557deced806b6e4e91f229a643e5c50e6a9ab5744c7c30c1cab9b5582e858fc00024cb6e1a8bf90562b8c6cf48dac255668a15f72a5b8d7b43166cbd38

/data/data/com.alienmanfc6.wheresmyandroid/files/PersistedInstallation7690115324035282186tmp

MD5 d84adc7a5f9364bdde5885431e3c21a4
SHA1 9c1ab7b6fe6a79dd0ae0c8e118343cd7c167bb91
SHA256 d818a9d4100351a42d28385da984b8bf148bbe6b402d8a4b01c687a963257ae8
SHA512 3e96022065749af63d250ff9b6f4aed0c5be667a8bcf7134ab769af73328878de7e55ee913b7b0920642a5501b481175600a59349c491580904b4df6ded265d8

/data/data/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 a42582dd04b8af0ee34e2d5ecea49454
SHA1 39fc8c6126b6a18010e8dad19d27f02746ce10f7
SHA256 6d507386cefba47e11c85d05b2451c67109e592ce44e69e81361a89079ea19cf
SHA512 35743b0afecb2ad6c204fba3c1d96e51d16d06a2557ad94c692b90dedbcfeeb75e6c39ddcb635502c4d57b0739732740b3b0d6d02e4b4f89b64507d4e1736dbc

/data/data/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 298f2c15d62ea61a584b4500fd2143df
SHA1 d937151b7eec131502385041791ed1635c701f89
SHA256 94363d4079068c5b103f3d7fd19942f69d783974e7b97c50feffd75aa8621c9f
SHA512 4bd5743651ff79d82680fbc74912c30c07813575476757dcbcfd1c5191e2b21ec50e0b0df3430f98ea82d7af8741b87cfbf3acf0fedc7e4b7562e0c16bf93425

/data/data/com.alienmanfc6.wheresmyandroid/files/coverage

MD5 9e48aba6f4f0734d4613d40e081c06ca
SHA1 2ea298430e7230ea979624e50c9594a4110a5a8c
SHA256 b2c3de313ddbe97841fa2256287f0b03a7b86ceffe6056c4402eb6a114efe24b
SHA512 120ea561a6cfd4bb9a6abe3cfae5af109cb7cb066341bb61ce33ec6bbc6d770802c6753a3dfb5faf97d5be19ef79fb9678d917bf4f1701aaa864b1454f875841

/data/data/com.alienmanfc6.wheresmyandroid/files/settings

MD5 d90120e3bec1889483f905eb258871cb
SHA1 e7b0714d93010a3b6b3ba1c968055384cabee0a6
SHA256 0f956dfe7d0a8a58a742155ffeedc4f290ad6d90625ed64e0bac5f855d108d1a
SHA512 831025f3c4d6dba9b25b7147292f3ddca06edc04ecfda919124a07859504ca742a500d1df447e24d79f9682f47ff8af9f254008f08a2ebd586e9d963d8e229f5

/data/data/com.alienmanfc6.wheresmyandroid/files/should_attach_if_allowed

MD5 f0d3e2c136373efc547c9839dae404db
SHA1 6be3693b277815ccdc975fdca921cc46fb901417
SHA256 53ade896a4b756ca5058942117acbe4b3d069c77c64b75662da74d2fcc558e3c
SHA512 6a77842ed9d7b3d5f701ddd2f34f3c7d4264936d8ba98a3f8d4893bf44424480c36fd32416caa794a06ed81d4781f8b35fa9205fc92e428bae1df4e536dba03f

/data/data/com.alienmanfc6.wheresmyandroid/files/regulation_consent

MD5 cd1c17f95c21d558d1e4bf178c29cc20
SHA1 678c907b22a5ee7432ae54dfbfcebc798f8787ea
SHA256 9bdc35ab9d513c6bf68d30184d1029f90d5ded2fe8acb714ab0b30bcd9ca510d
SHA512 f0a1ddf1657289c3395de7f8ecd323de6fc71283e39ccdf2a701e5d7f1992b2614b7dfa1b16987b04b26ca165b280772e063faa8bdd7f2eaf9b742deb1c088f5

/data/data/com.alienmanfc6.wheresmyandroid/files/info_list

MD5 618032a0caad4ff190c7c043cba72bf4
SHA1 3465392139bf177a03715b6b8c56cda0f4376a27
SHA256 a7a67e2625ecbba1599d777231c57a1015fad2a68130e69c550c40ca04aab114
SHA512 b9d519cb7e4bc1c1edf482e120c0a11896e2ddfbf61c0855d9bbe9a8ebea685fa4221f25a17d133118cd2545be2524fd127b48c8563dea78b0aa9ca18ffc6199

/data/data/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 d3b2653da0d3d60e8254bd8d12eefd2b
SHA1 a3bfdbc3f549d92989e3743ba9db2da594f218e7
SHA256 3f62a8a9fe29d97943bf7e594b7ecf730eca2931c602c206ad4c1ee7a9a9c1ed
SHA512 c15f8f4a64d91a503015751b25aefaebdb7c9272fce430f38251622aed73a759d7cf45ce6fdd802fabadd15f80dba4a7b1ae569f03b1741bd70cb019b1b1dbaa

/data/data/com.alienmanfc6.wheresmyandroid/files/info_list

MD5 c993dcf3b330a747e2004ba6df1162c2
SHA1 0b93446bd494d188546f4cf5ead8c545169e3572
SHA256 4586c16be6870a11c455638bc44e5ee6e0a5fc9b67d4a970bb98373c4ce12a41
SHA512 c4296cb23ad741efcce2d92f6b16907ad40eda443987649f35db503d7ce15ef1f59581c05a98d0fe11094bcae22de5ec6232ca11543c2c0f4c1464cd8babcf81

/data/data/com.alienmanfc6.wheresmyandroid/files/oat/audience_network.dex.cur.prof

MD5 f47f22fb6d4a102ad6acb5e6fcab5803
SHA1 05e462c5957bf637404a9052138e8603bad67e55
SHA256 bece3c23958579fb919691fbfec00db4e8e416167299cdb50ada4486f255f2be
SHA512 21493d0a9202b95e93f75667d40cc08e677eae5be701a92541b79b69aae8a89c1d2033605d11ad39274dba9dcdff69741680eeb5116235226eccecbdd0e7a326

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 02:15

Reported

2024-06-13 02:19

Platform

android-x64-arm64-20240611.1-en

Max time kernel

148s

Max time network

147s

Command Line

com.alienmanfc6.wheresmyandroid

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.alienmanfc6.wheresmyandroid/[email protected] N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.alienmanfc6.wheresmyandroid

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 in.cuebiq.com udp
US 1.1.1.1:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
IE 54.246.73.192:443 in.cuebiq.com tcp
IE 54.246.73.192:443 in.cuebiq.com tcp
IE 54.246.73.192:443 in.cuebiq.com tcp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 graph.facebook.com udp
US 1.1.1.1:53 graph.facebook.com udp
GB 157.240.214.1:443 graph.facebook.com tcp
GB 157.240.214.1:443 graph.facebook.com tcp
GB 157.240.221.18:443 graph.facebook.com tcp
GB 157.240.214.1:443 graph.facebook.com tcp
GB 157.240.214.1:443 graph.facebook.com tcp
US 1.1.1.1:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp

Files

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-journal

MD5 cb7884783330cafe9203158b1180a73a
SHA1 1840d0797afe5f37600ed1b5d903f987bceab317
SHA256 ba651175fb15a2fff2d230ab7769a85624c6f881a658359a144436ac9410d335
SHA512 aabc730d9792706fa9c040bb2f50169f84c82158957ef0173bf494c7beca88733b46bc3c8f92ba8e1c08b95658a5202f91b0772a60ad52c404e1cda4fdd4fcfe

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events

MD5 9ae14ee47a7b9dc4ff1750c149083ce6
SHA1 3a1582feb279a00b42f82e9bbed07d05572a0eb6
SHA256 1b7d7ff8b1d6f479fb57415022324637b7e08c57dd198247b7ca45ac33dfca3b
SHA512 c08c1bbc2e642e9c1a086bf46cad6481da0acb95fda3dc8ae61c36203908f01b058ec345bb51ad17f5dabcc1c087d44eccdbd52837b99ff99c5da5e90899c59b

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-journal

MD5 8d579fdb44302e62b311109d5f82cd97
SHA1 e5380750c605426b64646bfadbb2ac9199e6a242
SHA256 e2903ba972e8ffab11d091e1d5190b638bd5fc73c4c496138508931c022917fb
SHA512 80f535534576b40d2ecee5206b356ebdd4881daa1e90886512c473fcc0a0f55fec3e5d16abee189c0ae026e527d9fc3aa61e59e1ebc7244f3b21219f7341e37f

/data/user/0/com.alienmanfc6.wheresmyandroid/[email protected]

MD5 e8267ce8fc81e9d1c7099d480486d960
SHA1 0aef0c04cd5ebe6f4fde6e2526937b7c64f7d109
SHA256 6233ba1598115f3646b60b99e1556ce1ff0b66458c67620cd2a94fd9a59140bc
SHA512 a1da017e8f0316a7f391b49c10cc94c877c425bc0f5320ddacb6f076ecb7dfe3c6132a74d74d025e25c038dd4f220811517c4e9eabbf542836080b83e182ba2f

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/com.google.android.datatransport.events-journal

MD5 bfdfccc51ccb5cc1813924f947c82526
SHA1 f8d0de4eb04077cf5c27ac49f799bd15e847d5a8
SHA256 d4fb5998405fdc2146c71884f5ac6a8dd9240d3f9e75fcdf150627e467e4a909
SHA512 c157f2f25df5ea5e47750dc546ddb979a33e8161e118ca80be5a73f26291bfe12d88cc5eaead1a95ec9c929fd230dea707b17f38a0391cbf7aa04ef7ef294ad2

/data/user/0/com.alienmanfc6.wheresmyandroid/files/PersistedInstallation6345454890974143851tmp

MD5 3c2c06537730ae69c97d265ec754f46f
SHA1 cd7efd3c2f004c6ae8aa4ea5e7b8bb82b48f99e7
SHA256 1ef0cc80d68c3881c2d2fc713611340b06bb641dabdb8634097095bac62f2c0b
SHA512 011eeb82c4b059568b20fc3c70ba787cbe559561d638f687a840c95a39bf81f0de7f3282cc14aa09b70067ee7edd82dbf1bfc8a50c733a70d443c1c8b3fa2a5e

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-journal

MD5 a3915803d349c684a76ca6b00c70ce97
SHA1 a1ee609805c892603550d49b554db9d880750f5c
SHA256 2acb7f0c5b4ac5e5e2e2095a292ca8d8e24c56a9b356216f2374660d90b17b25
SHA512 29df62824769d26d4efea49c60f33db77a5d5f2ce096eee528049d09191ba36c067f2b11b17045eed26941775d69266386008cc0ab50b7df87f0464f85b38a4d

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-wal

MD5 9e96cb1d9d07ab617971b90e0a77a702
SHA1 40e9a5211285772d96e3e00fd48cf684e852623a
SHA256 82676ff19e9dbda233d5a40cb092b7b090dbe09d2990c436c612af8c2ec7f922
SHA512 58b4492eafd98d50ca42c80b603b0b8fa71ea5bcbc88b8ec2f687b233fd6ebf1fe4865faf081dc7f13356b9058565e27b874a0430e4b812b3b123cb3093e4052

/data/user/0/com.alienmanfc6.wheresmyandroid/files/settings

MD5 9e329ba70726df63aa018bcfc9ab0be9
SHA1 9cca7ad4974f60f0e4652d4262e249d2aaf69954
SHA256 de1ef3bf255414323689a019375f9c4c04b8c1c523bbfec739630cb600d88f08
SHA512 8bfed8d7c84d975a794402ead9f39bdf7e9053db9f9f7aa557d6f0c73981eca3a81dab097c0723df2d0f789faa1eb6ccb184715c7850594f05d31c772de482ce

/data/user/0/com.alienmanfc6.wheresmyandroid/no_backup/androidx.work.workdb-wal

MD5 4f648fbd90f8dd3d54c043932e935c24
SHA1 db7c50c76c98e410b20098cc7342a11b7b68a589
SHA256 2f9e99a7310fcd576d1224eb69e03db6dc5199840075c21c0a4d02b378e4a7a4
SHA512 602f0ce61297b6b4c92e0f092c3411cc5e5a21ee31e31d6c6703d1e146afa5c458e2cd2383716bcd6f1b551cdce0d4ad42ced9f66edb22181a0d34ffd22ff97a

/data/user/0/com.alienmanfc6.wheresmyandroid/files/gaid

MD5 edbd526367159b702c3757093e2e1496
SHA1 1af23aa90958df878224ebded2368e6d7a7d1e8b
SHA256 313f40fc13694ebeea962400a4bc7218446e511fce7f686355c46b3aa4cb7fe1
SHA512 28e514e6f552432059c50bd4324db8e730d97a0d37c7cd88475886ed239b56fd7754ddf2aed6143919430f6b6ea8ec562110b24ec8b2ef370777e59623ccd091

/data/user/0/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 b234f1b1b44be765682ff7d7448e101c
SHA1 7542e023b9af9dcbfbcd3188e8accf62e5bbe37e
SHA256 f91c4758326194d12adaa31e40111eed67827c442d7118e37aa5e6e828946c02
SHA512 2fa93fe54f216405b1db4f150905affbdf8cdb47f0f1c188481ffbeb8b211df1fbf9ad6d756eff91f0ce58ce85cae80c786d97aa5a6c7e1e7a751fcf09ba5721

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 f94550be1b8914b5c7551420c8fd6a8e
SHA1 f0e4994fa9d9080666060bce7e6d578a7f029319
SHA256 7ca1c152e262a3499fa70b0f17b739d97f5de65ca6b3e79d19e3cfe0a2c297e9
SHA512 6e5c6737d539ab1118d6c8b2688f8d4056e6e6f69377d3cd118fc96dd40a235f7e23b2f2db42019885d9b329c0425509d30c1bbc8e6c34e402ae93282b7eb20a

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db

MD5 ab7e14447245b16a148ffac7f303b38f
SHA1 a7122dc320a514128537e5cfa795d3ee7e366cf0
SHA256 8366da796d5e2774c8b9637e6c562751aa7516a59a61ea1ab7469d9573d5c966
SHA512 a219fc71eec0494bcdae6c30a80eef5d353fc98ef3c6031799481053cf370f12f872686a43995d23f2cfb0419747a7d5e8c8856ff306b7ee46aade5b598d68ec

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 65267c0214cc8f5fba56ca87dbe858ff
SHA1 8550a090e71bf5a9664d63134a8aba861929e9be
SHA256 e464f3763ed48f72fe54288a55463ee6b420ff9db53f965ff1a4fcc6d9070942
SHA512 ec36582fd85ec0bf7b91281921170f8605c874ad057d016a6bdca54b5e493ba0d46d53077bbcf753296940669ea72f1859424137e49615675cab30001f90840d

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 77b9a45a1c4ae5f200e011a211e0b9cb
SHA1 bf3668a56a3daff6b13f75ef3cd0163a73b110d2
SHA256 c66f6e511cbd8623c90b4b65a1fdfb031458364d90550a12c7a138b9a6171898
SHA512 fbaf238fb61f1b242dbfaa71733d3913cce4850d50ab5d5f1bcb687f8d25827950ee2f68daa63925c068cb2749c39d5bf7ecadbaeb016ab81f0731ff63a7f5db

/data/user/0/com.alienmanfc6.wheresmyandroid/files/coverage

MD5 d71b6ed7a12f444bcb67e5859571630e
SHA1 15107b3196dcbe492dc2efd3c4ef21f797176f71
SHA256 7f715727fe1b157f076242462406dddff0398ce24952d00d3dfa81b2120a6260
SHA512 d4e0869a0755baac3c51d802b5d4475792ab975949dd5a0264448ecd84b3a0ed80e806013fdc61e4045db5fb41d983db5cecd3bd018a1da50c4782dcd829e12b

/data/user/0/com.alienmanfc6.wheresmyandroid/files/settings

MD5 27c87dcd63719c4fb0ffb621bf576f32
SHA1 336fdfb577b4dac1f4cdb7f574d6894bc5fa6dea
SHA256 94dee8c991212dc903a43f1364af25a0d875e7c0c3df67bffab053870b57c00f
SHA512 bff80550e760ed049081fa0fb18462f4a6adb44785e60c54ba7e93b0ace91d71d904efa35f51282b712667aa194166457f6875de795c593d1261d3f575fdd4b6

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 fbf9a2b2acbce3f6935eec72539a75b3
SHA1 2cd18ce32ead6136c905ac7e3eb6941569700b27
SHA256 86286dd48b73cafa507cf6601b37435c9db5491db648d455d075235b5ee45433
SHA512 6a1cec72cf3d6e2e4727aae934b2ec47dd2c0b3bbdde26246e360a6dfcc53b8e9cd5166b7df2945b7b8000c7d95d62958d9b27b5a85dab5dde9b83a569cb9751

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 087b020de84f0587720be1bc6de9bcf3
SHA1 938955d626224bf4bc4dd4e817c1a69e10261325
SHA256 f2dd2cac6305f0f44ac9ef005181028e341918bec627538e982ebcf5045c3795
SHA512 0b1b755d2f75e68f901e25900768ff5a9260c656741920c8b28a7003e74a0f2785fff090525da32c588d3e83e072e14efc6bd074574c59713b6eb1ff3a1cd076

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 6d50b3d1131afc1fc993a31e27c45abc
SHA1 5b14d8fdb29d6f1a0f3835b90b00a6a4bde8a81d
SHA256 8355be93282f0719698cb9025b263e70e1591da820ee8d07ef23e6c4944f09c0
SHA512 c353d26f61b5788508f32e0d45d1590b5020b7299f5915d0dc63eee53b7ef4c3387e290a0ae6257323e39cac22857e19f310f11c4c420618fe5679833e42d794

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 4ebb4fc7af294dd609fbd33751166da7
SHA1 a20a518addcc422ebbcc729c871e441700a00910
SHA256 ed3978895ce9fd29c43b2072e7134e80356d739c88c07233023c3a6c57315110
SHA512 3dad7bbbabba78fb16cf91bbb80ff2710e701406fc6add29fdb9c96ae990cb86833efdbdf0633bde92435d691af968830f5ea307d138e116b83b71321af1baa5

/data/user/0/com.alienmanfc6.wheresmyandroid/files/gaClientId

MD5 4693b5392bba9ff90b33296d018b2390
SHA1 02a8aba0a40d3e72a7d71f98a747d8b7ecfb2704
SHA256 54fad57afefb100344ebe51ff0981084e5dd38b882d837513a1fcafdcdeec405
SHA512 c1c3d48dd2ab26d5c05d800f48fb92a3dc714d1095aaa161a05072887a2908eb0a7ab8e154f7753244809589429577863a01774fdd441bd3197908f8cbdc70ee

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 25f2dda8b422baf4784c3d821a99b20c
SHA1 98d87814cdda2ccf3f884d36197dc8f2763ac133
SHA256 8d8772435097d08cddb407bf2ce1f3b9764ba2d27f742a32356f8ee622a299a9
SHA512 250b70d376715d56096f5475fea9571a9ac3180381750104cce57bd8e7642c203b521fca03d600c5f29557f6cf0508ea30d915934a925c9b0dba5af289789b1b

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 4cd9c91fd38f3a0c1fb5f1eedb48f1e0
SHA1 e09915a95d63784437cbb7d860249ab1d29cc3f2
SHA256 91e876dab50827df369b6785d3802cf69d0ee09b4a5dd8c1bde13e2bc91ed0b8
SHA512 1272cbad7777515dca94db9c92f89986ab660ab82113e9811c89543651dc1576113bc69a916b73f34ffe484baa8013a1355a7db4e7cd17426f158e60e4990f60

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 0496fba45276adbaa64a5ca166c3b652
SHA1 7f9d63d98a223bf0fab29d7d89292ee567a88eaa
SHA256 d149e9177f574919b6eff0c493f038589b300a0a23caf177f6f0948120b5b232
SHA512 70c03c1015e34c38b7b769139c05b3af09c74c29ac2a09113b6879f459534b8c6fde34d0206c7ecf9b6a839f5793d6ea297cd776fc395dcbcbf48b9005196763

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal

MD5 e2b878c4e301e696aa27f795b9ab3c3e
SHA1 f7fadb0e7e4006e049fb00e0b748acb9c72a38e6
SHA256 fd425e2bfa2de75d830dcb801b4a931d9d49e3f28230783831d45f12c2bf8645
SHA512 082f2bb5b2fc7e4c8dac00fda2b6e6c8d6639a2eb78671cc18ce9af8ff864e3252d5783779241b8efca4c39ec62f650d530ec08e216adbca5f6802ff504e7864

/data/user/0/com.alienmanfc6.wheresmyandroid/files/gaClientIdData

MD5 8bc66da57c3a7644cc5b657608d55146
SHA1 b48720f462cb9f6c1cb5c3093b159679bb2c3c54
SHA256 1e55d3a359877766681004c51d6c5bb3bbeecf1efcbf314d6a7ed7fcd1fcec51
SHA512 db199c20134cfd1ceb6958238c10fe2ce1c80f72b8a0964b4517ab43cc7ff77d95ec42ed65bb3987c823d05e071797d875557a340c206e34b7090b617def6b09

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 1f9f0fe152fc982aafb594d6960f5594
SHA1 c6222fe9d9fd3543b79e450398394b83646ee075
SHA256 2a786d4234e45106aeb0f5664d5ddb1624a827f726597b1d347611dfefa0ef60
SHA512 7b78da5f4d6efa4d410349e1cb35a77a5ebd406d8e42cabee4da2b8e2ed2cfef4378f7cead8d8fbaf0da5027717feb8072e77dc2a821877e8d5c6d490c037c08

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal

MD5 98ad2d9962a0855aa3429691f7daf16b
SHA1 7ad926fc81f15bead5fa4c9df4c8fcc8a6cb948c
SHA256 e24ef85cb6607b9d00c2ba1ad7cce643e30e8b87b6e21163b042a5b75150911c
SHA512 63af4efbaa26089fc3b578c187ce7d856d9412d27ae0c9c466186e60f67d9db90321f5d9ef3cc2ae94bdd02021b94254873da63bc178cba47f129a18df0b48c3

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 04b0e7992f891358214c8fd1a6c29172
SHA1 0d905ea6b6b7ae4ebd0d4adfb255d068236a937c
SHA256 085ef113fa389ad4f3adf418091c1df80ac10b9192e0bc4261fd667d600ac6cc
SHA512 fcdb166bc4650f1cf6c2189939951342c056b6ab97988de5292f3d2b262d17ce9ebcd28c40d82af0d20cdfecf3d65972ba4e7f1e8e0cccb78280f1d9d38cdafc

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 0e0b06ee91d6256594471f79738c5074
SHA1 545aa6d14b2064b3ab027f1c46f2f99ae24b56a5
SHA256 87590912a17ea27d754306f5e838e49deb675c2a377617053bccc819b5d530f7
SHA512 93f0bab84b4b0920086ea24b9b07ae68733d1d9cdf8d8d14654d683c1cb10e4e6458b5603d2755bee1059f8b5f3cbe5d03c282982e3ce9b505b25fc877c5be9d

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 8f8b335221edcfa80dcaade177c8290f
SHA1 9e1cce760c83f7fa85ab606fe5e523eac0ea7481
SHA256 973a636386d3e4e76ba6825e53337087d984af95d93bebddd9c4f94c8e2432c9
SHA512 25f5347c00cc655a742fec3273720f927de2b40e18aa8b0d97ada82487c234089deda23f9ef811f15d32826c8dc27dac8418a92db987cd0a4ae121ef5856ebaa

/data/user/0/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db

MD5 7e6b0bc382bc83bee2531f18a58243af
SHA1 0d50744da8d3a5d5f818dfc694d1a86e397bd425
SHA256 b0b63a87432b7a3e63f22203c036adb36c4801f6de19638226107cc4bc94c68d
SHA512 955b9ea2ee1ace0917b1358cce620edce7d0e5fe0086eb98cf573fd4e261cf9938b7fd925230dd6013930892b70ad64e7930afd9c4e95481dcf5e65292b5e350

/data/user/0/com.alienmanfc6.wheresmyandroid/files/PersistedInstallation8014683662223256962tmp

MD5 d2a46b32f810a7d61c04a9d9d841a8d4
SHA1 192ccc5c8537cf72656819bcf74c18b6907b986c
SHA256 fa0ac5d4767df208ed1bd3c1e2c94858ebb1014e25e67baa981dae09103acbe3
SHA512 5a14f9acc1ef88b334d72976c9a08a9b2d13bb167a528a009b2d5de1364a9651a1ba00c7c3793a8eee364cceaae1a96543bc0cf257742054717bc84923ac7178

/data/user/0/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 298f2c15d62ea61a584b4500fd2143df
SHA1 d937151b7eec131502385041791ed1635c701f89
SHA256 94363d4079068c5b103f3d7fd19942f69d783974e7b97c50feffd75aa8621c9f
SHA512 4bd5743651ff79d82680fbc74912c30c07813575476757dcbcfd1c5191e2b21ec50e0b0df3430f98ea82d7af8741b87cfbf3acf0fedc7e4b7562e0c16bf93425

/data/user/0/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 ea4e4ead84589588ebbbea2a832429d5
SHA1 92e07d583cc436a8427a732c375f7e94bf828536
SHA256 54dc7360e4f3c0045ce8ab87e75120b1015dbc38611437bd0c11b4f3971bcc16
SHA512 e04d5494cb67536f05a26487090e7c7a24190e6dcd85af22197fbaba856db0e2002430b3746fc5ccd0c762c89fd9a91f952a19b8ba6532b3de211e440601677f

/data/user/0/com.alienmanfc6.wheresmyandroid/files/coverage

MD5 9e48aba6f4f0734d4613d40e081c06ca
SHA1 2ea298430e7230ea979624e50c9594a4110a5a8c
SHA256 b2c3de313ddbe97841fa2256287f0b03a7b86ceffe6056c4402eb6a114efe24b
SHA512 120ea561a6cfd4bb9a6abe3cfae5af109cb7cb066341bb61ce33ec6bbc6d770802c6753a3dfb5faf97d5be19ef79fb9678d917bf4f1701aaa864b1454f875841

/data/user/0/com.alienmanfc6.wheresmyandroid/files/settings

MD5 84569e3b2ae215cc272c216ae29bb372
SHA1 e75eb6e0fd4c52f4b1fe97954ba1a237ab231d31
SHA256 9d989c17b4d3067a69437faefe750724b17321ce522484768d8a9d215367101c
SHA512 515ce115c327d2a1fc69620faa999e1b3b82f5d7c7366f76c6323ebc9c56f6557b6fc1fbd8a6344148cc3510178941176d61da6afbc939b9fd3aa2b87bf5d3f5

/data/user/0/com.alienmanfc6.wheresmyandroid/files/should_attach_if_allowed

MD5 f0d3e2c136373efc547c9839dae404db
SHA1 6be3693b277815ccdc975fdca921cc46fb901417
SHA256 53ade896a4b756ca5058942117acbe4b3d069c77c64b75662da74d2fcc558e3c
SHA512 6a77842ed9d7b3d5f701ddd2f34f3c7d4264936d8ba98a3f8d4893bf44424480c36fd32416caa794a06ed81d4781f8b35fa9205fc92e428bae1df4e536dba03f

/data/user/0/com.alienmanfc6.wheresmyandroid/files/regulation_consent

MD5 fc6e54753d4f53992e5705984d7de62c
SHA1 5ede111b51cf9dd3f05a1cd743c0a8d7660233b8
SHA256 a8e2a40f55593015d1ca37f8b90e69934fb541a7fdf9c4700137444a409c4c8c
SHA512 aa3b4eb0a2389905d4fac4b813b5e3b50a9ea2f7632b88b204586c1b948edc84a4641a24dbf1e4550ede41200d0573624740e074471088ab58b66949b66a6fed

/data/user/0/com.alienmanfc6.wheresmyandroid/files/server_synchronization_status

MD5 100854ff712935ad119aa4e68b592a09
SHA1 d474226cac594276f970a4a488aee3d0d63dfa55
SHA256 75285ea6e5a478c9f496911781f9b443a88c468ff26e75cea50fcf42f31c98e3
SHA512 66c7ae0acb7e783b140228c115a386dda96912cd22446efb3d5a58acc8f0360170498ac8738a163e7d55c9cd363f824f49bf0b4ac12d79aa6e16965a765ca43f

/data/user/0/com.alienmanfc6.wheresmyandroid/files/facebook_ml/DATA_DETECTION_ADDRESS_1

MD5 26e37998b089275a4e2ed9c1be930879
SHA1 c48a03938a072a835e403c4f3ae5ca41835d9eb3
SHA256 b20563ed7cf7284fde09065b8fbfc3c215efc8679e82bfdbfcee39842a9f3f2e
SHA512 e9b888557deced806b6e4e91f229a643e5c50e6a9ab5744c7c30c1cab9b5582e858fc00024cb6e1a8bf90562b8c6cf48dac255668a15f72a5b8d7b43166cbd38