Malware Analysis Report

2024-09-09 17:52

Sample ID 240613-g1bz5a1dml
Target Mega GO_1.4.7_APKPure.apk
SHA256 711759fc4628278d6468148ea65b701fb4cdc0c40e9b73b38591f801b1da3b60
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

711759fc4628278d6468148ea65b701fb4cdc0c40e9b73b38591f801b1da3b60

Threat Level: Likely malicious

The file Mega GO_1.4.7_APKPure.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Loads dropped Dex/Jar

Queries information about active data network

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Checks the presence of a debugger

Uses Crypto APIs (Might try to encrypt user data)

Schedules tasks to execute at a specified time

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 06:15

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 06:15

Reported

2024-06-13 06:19

Platform

android-x86-arm-20240611.1-en

Max time kernel

47s

Max time network

178s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 142.250.187.202:443 firebaselogging-pa.googleapis.com tcp

Files

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 7b4f452f6e7778ed65ccf2a3ef1a2e39
SHA1 c5d4e2610f3631aeffa0f1526ec47f41fdfc816c
SHA256 e582aa56b304b4cf00e2104d8501418a1d91f5e65be7177679d833d07ce50456
SHA512 b20607ee8885abda007e9a13a93f3bbc3ea791a418806368d3694b9c6de5bee1c6e83bd408fb40bde2a3d10d3315a15d7b32cfff254cf2cefcd31ffb34337b56

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-wal

MD5 55dc56e8b00f8ff0c7c6db1934388566
SHA1 0b069f68b9b937b62a383e2bc5ab7d6c95ffa6f5
SHA256 3a94cc43af25260f6575f61970886d221960db656a7c1399b7eb9d0ad63eaf09
SHA512 06b5dfc1135bc99a2fa741f9d1d2a21f2820244ba90ef92c43964656addfd564ed5e9abffeb69fe1faa34dd4520eda5963428a6f04d3ea5a6ac2abf34e779430

/data/data/cl.megamedia.megago/files/PersistedInstallation3716665156036811010tmp

MD5 edccab66039d2161957e324b3f1dd0c5
SHA1 72af6d461487847d1425db316e3673216cf43f0a
SHA256 047acc80447054e2685359f6b72b8ceb900a17d462ab673bee550bca809e8692
SHA512 c3d03174c8658000ea503b47dfaf96b6aa9640df1419b0b96f4b6710beda636b4ef270f44e526b0ac521ee5bd2eff4b7d99ded6d9e8095f448ec4005be9aed3d

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBF0097000110C8D3A8C22373E8/report

MD5 aa6f24d56fe34387d8c87bb9bb2ac756
SHA1 bb4d8edcc3593bcd15559e88ed5a3c39c718c0fa
SHA256 8d145ebcbadc5cd2bbeb58dc5564501f730ca5a7d02f1ca8fe57f407635c443e
SHA512 799122ddb701c1b5742084194ff437b060a7825b4f4cbf2f554f5bf36f49dd94524d360ab69d19f4c6bcf16a021d2a1087fa724802cde3e74ba9996500770160

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 975f4643f50301864fd0b8b1e1d94c9d
SHA1 745e3a98daacbe8a7960224c9ef63175ca4ee559
SHA256 a53f5721eaabfdad0192e43baadd9aa35ed095289e269481708ebf4ffd8d6160
SHA512 d6e2ba44db8d7f3db831c516afb483bdf5b79a838095f5b240e1e205ed2dc7c7f9e0863aa7e37c948879bd02fe7dc1ea490b67711ba1a6382cb6d6cb951a46ee

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 65c80bcaab9ed5f33f516c91dffdd6f1
SHA1 ae8bbc5edf11a5a1f739a7153fb1f4837f9876f0
SHA256 1cad16b0730549b9bd9e3357f0bfcdf488639a80f61e66d9ad77ff0485c033e7
SHA512 332a066ce197030fc3ecbc214bfa19c129347ad2fc2e5bec33f5b876e3007875ac5b6c270129a70e0f3b606c55bb55c76a343d7e454b556707b2d0c6de6839fa

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 9344cba8ba631513855122235d7fea8d
SHA1 12bcc2c54d32c5a640db00bb7cf0b162d5a837cb
SHA256 0e57516ca1dc6ba12f1bd9352a0b1b59bd1a833c8a72c8c0095faadc7d7e8388
SHA512 ab7ede861633ec7527c1b1be57ce7b0eae3fe55028b81fd7c0c8667049cb10eadb5eebaf86745763ede48286eb8303d48845365dac3c4934993d3312c62b5ac9

/data/data/cl.megamedia.megago/files/PersistedInstallation285409363711608955tmp

MD5 b86d4efe52356343349eea74f6abe28f
SHA1 7bd996c1b8c263b8303bf06203c93eb1bfd3c191
SHA256 be2a426e993d9f22bdbf42cf9117e936631b489a359db5f364e342b5413c22cc
SHA512 7595730a71b00c9edf4b441346f8c4ad022f4aad6da94afc53894808a96fd300fb9fce5a4d28c7c4d8248c6e67d41a3efd2fdfd176acff15182ab929d01ab280

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 1a5ee1e350ade93c7f4c768a845dde72
SHA1 ab05b9069f8ea220a7b433022be5a0c3d9d2c4f6
SHA256 07fe6271d841d78b9e97f72e46a846698c46a2fbc4cbda602a7c2de75bb40c1f
SHA512 1aa94dd7af0015c9dbbed4df19b7c629190644b51c224e50e32a622e01a0b7148d62c0e2e4706c760ab8fdde361ab39c67a8591e787e3cee421f291d1a6f706a

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 bc1b0766bf92cbfbc8f28ba9c8c608fe
SHA1 8a91cbfe86911a07b94111b82196df3c84c57377
SHA256 3ac12866c08f5a8aad2bbbdcd76019e7267ced9826661bc7ac2221c59e1748d5
SHA512 31ddf43552abc6fdebb86b6505ceaea4ba75b5fa0064d56b517a6e39699a8295551a3bf97705a529c5ff3c6628ef09a609c02322dd31be53514e6ee1670c24e0

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 512b8cd237a9ce509c5d072daf92895b
SHA1 57474aacf2aa6b0ed7719f52b88d20ed170830de
SHA256 cec49757f2f38154049cac58c7fad8794bf8b5d5a05e2b14d0ba545780075df4
SHA512 c4a406c16a136b2568daf13fe8e17211ab82ab0d9eefb896b78624ff24656e526697c9c9d89b4a13ea76056341175251f0f21316992eb41989ee0467be9ff68b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 5d85804fa2156f2110598fd663931a5e
SHA1 16cd76e56402ec8be0bfa85378bead40ba6d0327
SHA256 c4c9b8bd266a6867ecf85f2bdddd28992b9743cc449abff4c9c2c1a9669fe122
SHA512 19df766af5ada88021332cc8790bd543b2c0bbf9d0a7fa118c167b26dcedd1639ce2c653caf8794028231a76e7ab9b626ee5def6a6dc85c1321026314bccff69

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 cf76cb95a8caa3bbe2b0a10c443bd995
SHA1 a5f4157d6af17940d88a44ba63c7ac5a461a4041
SHA256 0fde23d0036070e01c9b7ccb9b58ea9397617a88d250716e7d7c4a0614aec6ff
SHA512 5abd6a155db5b329584ee65896fed2454d42c8673cdf2928b2b33bf5d2e940dbcb2906f23eee5bc41c5703c054f3c262f7fdd10bbd1b81aca8f72ce9b3b5ec37

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 db2dab53c0b1d47f45a1bfe1aecf5dcc
SHA1 ea3accbcb5292fd8763c24103e9f931dbbcad271
SHA256 e58238954003f9343f273478e2b89c844707cd25d378621236fa2197dbd5ee59
SHA512 f860333dbe6e04e1c466f2019bb1ba916f3f64e387bd5b20b8893f15703e2da5656872d976510db0dc18e370aa9c55f09888e91a7051798afb202fb65fc2a434

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 64ea5a77901c8e68ef65d3f2a8897d9a
SHA1 7a412fb56f2abd054bdcad5c1c6b1bd5e77e999d
SHA256 446035539042e5354db44f100019c01ab8dfc494e9c0680cf87354c775ac2735
SHA512 4b930891c3b8d48bf72370948ed8dbb39efa6ff0eb1d5af198d26479356ade010678fde1663d082624d11126041977bc09b09cc4115d364428db157bcd68906e

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 6cd30e95883d4102494580701b8e22e6
SHA1 03e2c26143d679bbdd36cfbd49c89b452205738e
SHA256 aaf6e6736e1da14de863e48d1a61df36a44711e5aee0b785a6ee62e0c7cc7294
SHA512 46b30ea59f2cab5a8627928f06b8a3055a6080c811e3318a80d443a741853470418b515d5d76740541b286b23f1b003686d68c5411a52e46019380c5cc1c5e6d

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBF0097000110C8D3A8C22373E8/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBF0097000110C8D3A8C22373E8/userlog

MD5 7a5d891f71152e9b448b5a85cce3bab6
SHA1 d532cd1973c450f0aa77368651a98f08eea54c52
SHA256 5b4ab23b685b4527dcb10ddc4318a06e3bf348b8a0ed7fd301baf103b81604cf
SHA512 b8efed2887746f6682ade9877035a680d7056b340d70de4f7e2cff1d736e54ab97bef63ceb9bc17e40ce363eeb6d14e2eabfe6e1d71b21fc3dc18acb0ec6ba10

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 7eb1ce4589357fe1499e2b8e10d3d2d2
SHA1 0b296dda9f2fb23e0e6ce6ebeebcd1b922aef0df
SHA256 ab67ec1ed2484bc6e94b5a32a3499960b5907b1cba1dfaed985ad0b9c2e40036
SHA512 d0792955b9d13059dd810d4da1937146c23e20d1fb52a5878f26f58dd989e1be5ac8701703e37f6af5a262089d6c9e5852478a3c2916802be8667c32080e9e0f

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 4b26d4f79c6a5a8fa55d2c655eadd460
SHA1 8e5578dc26a10a55af8e0bb5f6c1dc41ed5a9fbb
SHA256 b953361cedd9643f2c00c90448643e164428275877e509a5d33e5ee5a838ff27
SHA512 2de4f23d5faaa7eb7c6e4591bd5ac25979e8ee27d92436ed7b518764ffaf500e845525a9121e5b9f1cb636c9ece83cbf1a09fea26f65ec2493f9ab2529d3b085

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 825987662bb99b446d630a1c47161acc
SHA1 e56e295395cc85ff9259914fb6c7c9c9f86d270b
SHA256 2c01624fbd25502b206ac9254dd58e3058fe087a13e7c6a9425fd4e031e03789
SHA512 dca5fa71f2a0d152c181eda2ed39dbf4699f99e4e410f8efbeb66bc86316c28949e89d8dfd5a7404d1fb3672187f4495a9d6f78e17f078938905899fe35ea66b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 ee2afde424e5906f2a78aea5244a8975
SHA1 01d967a38757c57964c4fbfc44a4f5bc0ab60671
SHA256 c963d94822eaa561b3ae19dc0466446ae6eaf80dc780bdaa10d8dea496878f0b
SHA512 3d80f9a1b50eccef1f7ffb800ecc2d9843c99c83fc9ab65e049797a4fda2abe28b67127cf0b0e4a180049728d9ba03a39856356a857c2e8bef693fe3a9c48e7e

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 1087aad8ed521d22836271154076e7d9
SHA1 56d2faa7267762a6c19059e0d9dbec593726b9dd
SHA256 e2122d627ee4d8aab5ef2cd4bc2cb3176f698a9e93360e2a9fc5a6ade6bb638b
SHA512 bf103a20523ae0d8499570aade5c492c23141c63fb341375768075cfc36c8b60433390efc6b4e93d4f20dcc576d334464a2b23c7cf10fb86abb5de7e79e8ebc4

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 ef3d9136d52eb2589bc34e05f46766b6
SHA1 e7d6a04e5ef61b95272bb8f70783bffc0751443f
SHA256 284fd54c6202985455e1276ee6b62c649717d8fdd1102f8ac9c838cfacd53bcd
SHA512 4dceb3b2c84f929849655e38770b41fa6e3056e0d6a86c420313b70a86bbc64ce7c47a05cdaa2b60cf258f9f61c2bb7443431cc70c05206d23121450c78c8a8e

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 5fbdd243431a734f0f062841d8267ba9
SHA1 4f4432cae25802003652801f68ac9c9ca75272e2
SHA256 3360361e195c3c53f42ed2a1b3e4bf2c3b419b3828557db1ec204d2a0e45b345
SHA512 8085291190709473c004b4ecaec7f512298bfea291bf194470d6412ba590d38eebabf8b6b34d955c3a301dfa048d9729f7123d07899a442f8a70b88ce0ec3a65

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 06:15

Reported

2024-06-13 06:19

Platform

android-x64-20240611.1-en

Max time kernel

48s

Max time network

161s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
GB 172.217.169.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 216.58.201.106:443 firebaselogging-pa.googleapis.com tcp
GB 172.217.169.78:443 tcp
GB 142.250.179.226:443 tcp
GB 172.217.169.42:443 firebaselogging-pa.googleapis.com tcp

Files

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 dfec53b1ec627d708356fd6c16d2849d
SHA1 58490dc88aedf4208c45b3dc73b1b9eeb1ee33a6
SHA256 cf61397a0d76ab7a5fff314d1a309af9cc3b8c8537497665f9d9b474b5c87a3d
SHA512 45a7153cba5531aff1b9b463c190dd75a02b15ccad6a3c48bb27d1a74a3e137242c7236adb302c9c95c1bf4d81ab1fc2ef1a5303d3b1d7a884ee791f4bbfd590

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 1046fc10d7539906ca7f8a845e2c25c1
SHA1 6b143b6fdd17e69fe6cc9fa5f0e873b62c8960d4
SHA256 2e72296e1607a91d15081d952e6f61bf4f10720688f422790bcbb1c727d508d9
SHA512 a6089f2b12181f5a1e446390e4f371026257f8c4c603ed1137fccf0ac51a0abec0cca741666b16b77b16fd25baabd0f7b22afefdf6856e211211d063cd193051

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 7e253ba5adb194baeba31ca31a94b401
SHA1 bc7359be26dccade189b371a07ea3d8bbd93fc6f
SHA256 b06b9aa780db04a54b2116157500c5417b17706c6134bb0883238f1c6821129f
SHA512 fe1a5e7e187bbd79e12e3bfedfda44175d459f0c9c00dd6351d3bce83d467f4bda47136f820a5609797602c7daba43b2f40888409f2796d0fba7008b583a50aa

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 67ca79719914423f6fb326ca3a69a014
SHA1 e14811d6118f97a6c82a629ed83fdda637251a6b
SHA256 4222510d16071d7264ef6cf16a5d9bf8f02c87ed6ca7cf62762dabbf9cda7e65
SHA512 ff08fb831d5d47a385af737b59cef49fd8629ce2237fcebdd62bc43e9ec8601eeeec640a97109987ae8bcf925f7719dc06414c1b2625ce7e415f8192b40edca3

/data/data/cl.megamedia.megago/files/PersistedInstallation8967619483023858402tmp

MD5 74649b89289df7c5c631fb3479f48911
SHA1 93c93ed03722674eaa882d548fcb2d94623ed714
SHA256 d514119748e246b3bc7259130b62a6c347009f015287f817db87c2ffc7d91196
SHA512 56e9c852c4b102e556f5a6c69a1d518a0de81336cb6553b7fe15822cf2fe30ee357663417e634e32ecb3cc9376c0d6fc85c4e9d0a622d4a28e138ee7661f6c77

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EC700AF00011428AA09000C04CD/report

MD5 1b9778177a75d7bc30de2eca86f1e519
SHA1 74e6d6a48193ebc74e825a9b8cc6c088b67ce745
SHA256 c65f606c1bf832f220a19d88705c04cc83f8053f9c9c3c342fd3d3487226d2a9
SHA512 00fe14bd71572cabd214fb616cfda9d4fd7b767a949629d53f7853f99fcf034daa4de1ebb0d72fa8ab8a28dd87038021c086e777edbce2f3e76f463946055a2e

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 e5203c81ffd9db01f73b0860c1f3f4d7
SHA1 0cb89e5b5c996add7ef3660450d8a1f2d10fe611
SHA256 80d357111da58b550c9bd6aa57f461aa48e345d51fc7a01f2587faa95be9f1c4
SHA512 1ea5c6a3c88ebfd11a05e720f17dca82fb5cce7666bff8d7daec909860a889d1a89d1d6f451b36dd2a2f0f6dfcffd6c306a3949be5548eaca78e8e1925678642

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 1bdf0c4d75d03fabee7104b29c51b665
SHA1 895813b84b19bdef7ff89a7b3996f0062c58f803
SHA256 25f35864af792135fbfffc56e81ebe1281cb1d99812b359ea5f3e44f8d794698
SHA512 e1a8130c426e0619f8448a9f431e1f36638589508aa0bea1f08f519259a8ec0c147b0ededbbdc47a3ec6e5129eaaa739a3fb7a0a0ed5e732d458c62960fe016c

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 4b9c95180b451467f231bb255eb5fdad
SHA1 1f5952ee6bddb10c83de4941d719ae4cb069d0d4
SHA256 2122299c584a60ac2a5b675b9f7c65134d63425313f182846d658c0226d57e43
SHA512 a961be60ffa8f203b48505990bc89b8cdd9480332883f11528fabf33daa57fc687621cd6b0dbe9291937f39cb936ed6767b414107c278d1da55d0f0f88714018

/data/data/cl.megamedia.megago/files/PersistedInstallation3933933745721233612tmp

MD5 7f91e41dc796aaad3711f78c9225664d
SHA1 c459f25ae225fcf6bb69f81e4ede60f49795b3f4
SHA256 c5a1e0f693c75caaffc8b7f891fa71c26dc588edd031f448613f9175b7a74a97
SHA512 6b913990a5918f9346eb0d9ca12ab0b5cdd43be991d64a40230bb52657870caa6c85a63e1d8cc550206a5ee0822d52c9803b0a6d5140dca4b73ec325faae1b94

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 566de71adda95fdb7344caf9b22e1966
SHA1 085131c42d911c6cd33f9d1e6893d263c2ca785b
SHA256 1d54f8d42cfb1909aac97627b56674c7c3bd9af4fe59fe8c6e868f0348a58a58
SHA512 23f6cb2b2334613dab5f6259d412cbdef8edccbd84b6086060300c825d32f9047bb799dd930d08cb019c2868358e118c77a95bf4d4b87e1f5fc96272cb257eb9

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 29691d78623bda57317a7a70b407624c
SHA1 651da812b03783c334bc5e525469361f93cbc79f
SHA256 172e1067a7b95599be599b8a07e36607d657d1342e8469bd5ee8541afc4d5263
SHA512 4726499cf172a80561d4241cc97b1248cef1b55901dc5ea182850cc490f25c344e9fd41a74c8e8ebefcfc8dc07a8ad5aa186d2a2ccbb3c4c8bb36bc6b48f1413

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 53fb0b7b1758e32f7d99fdfbe9585bd3
SHA1 eda5d75a27c2d64b2a1d6d966c359cf8fe321154
SHA256 3a71ddf7204570980b9c3971a2b54184916d71bbffbed5f00f3948f259c87528
SHA512 686bea3a5cf2d4d083269e608d73e6cd06ff955192085263cff5aee3d1e38b2cf249b56c38ff355894d0a4dd505354fe2e6e5585390f3e875aa7cfd549347118

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 77a1db8c34c7085c97a89a14d6d188b0
SHA1 936ce1b6d90d87a59b9fbaf4f57e3a42c07f717c
SHA256 5c4adabd1da9802e0b3645f3d1b016d5e2557a1558f0f7fd130d53b83b037cf3
SHA512 548db984df97f76a8e03276ad5d1cf4914dd1efd677a341d7f0e936973c44fce6924b1704867e749726bafe30b8607787be7ca1dbdae3ac34ee4c6831727e5e4

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 9abcb64cbbafe34ef05e39012578b12f
SHA1 7ca42d0a7f111d1d664e12b5f94fd99751a2ec57
SHA256 384de29d298ec8131fd9362f5dc7b58b2dcce62ba04aaf24a01a00bb2b7fe136
SHA512 2509e0860569ae3c4805b9ba3e5e15e7f995077aeb75f3472e6f81bf34349a8e0f5d4e58de36c430c2abdea9a75b4c8ce0655344e466b77b63aeeb1695a99f19

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 09b7bca5fc04f322e6e7bc247658e92f
SHA1 12113062cdd7d35c66b85f8c8d94ea6d0c11f5c4
SHA256 3a91676cdbff24544457134552a17eacf5e3872770031bf4e81b5b785bb5299d
SHA512 7b5e48c518af600ab89dce8e8ab8cc01e939c62d92181e46bfc3ac6e1d03bbcd2c202eccccacdba5eeaa5baf818f4089a4571b2f7794d716aa99d7a1961479cc

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 c109c3b833f345dd28976b207ae06c7d
SHA1 30025c8fb988c101df5e98e13e6fcc2691352885
SHA256 15c4f223a3c1ecafb8c7b0af7036895c951eef5eafc797b2f14d78f97617130e
SHA512 1a6e11f75248194239568afbe21aa29ac66e63ffc1c2ed971e9e6daefe33e98fb79f1ba057b9efdd1fdac510f8df42fef67a533f1e460100e5fc70d5d56027f3

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 de8c4794767524182a827f651f7736ed
SHA1 10c5b17cd26969bd2d82a32f85be83003e0814ff
SHA256 924a296dcc5daa5f484d63daacfb1443d1fa05c2dbf8f7395c0f1fc3648a1e56
SHA512 e9f6cf44ceeac315d6601b206dfb343b303989a18af15a93f119255c1ff6823046c08ee65ae91d66c691cfd9304db42e8a352bcc6beb470584c4d28d8e555572

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 897e2dcc8d2e29b0727b797f05e74629
SHA1 f9817d6a449e3653d3e69e5f6a21e16d0476d2fd
SHA256 6e4a38087f2885e686979fdcf87da0cef7a58bd578fbe797df5d17a0ccdfc124
SHA512 486d5a2aaf58c9401f34e7a0978c989e4dd2573bc0b58b2c926fb17cbf5f9cd611cec00d352d964af01ff8d4d036fdf2a00750d66b3806f568a055b3aaf33f9b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 dd480664b762f0cb890d85c7f612d05b
SHA1 aafb5b7589c5e74986ad15a8deca2ae8a4ae95c4
SHA256 4ba90e5fd415a64ccbe0737a800e876209a6cffb9dfda7b98036a5cc67699f05
SHA512 3fab3ccc140efd02f5eaa241eff4927da155f6781820bb22f09e5a461ec564dd79d36a61aa959d90873432e635488aa840753758b02e8889edcd19b75d53829d

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 8b6e3afd0cfc58cf78e5ff4e028db329
SHA1 ac361267ac8c064439a49e57e264defacc89f10b
SHA256 57e691251199614728082195a041816152dfec9846e294e4ab0f9a9e19e8d717
SHA512 535d86c632394caeddcf2c37306d580d7b56c5f062774e85a3894781090b7744254530f69feaa79463b6880b3ed3e0fb1ef2ce9eaff4b7f9abd80fb9e4433ddd

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EC700AF00011428AA09000C04CD/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EC700AF00011428AA09000C04CD/userlog

MD5 78a2fcd0bf3620788531b8893ce0fc1e
SHA1 34e14aebc8e297e460ef30c204926e099e9a0ca8
SHA256 f718c92a7d95f6e5b98937c8dc72bdbd2836b6839fea744220ba76d15852f198
SHA512 4042947ffc2475eabbc2fdab2a2cff26811f8f2ca554d1f7ca3a76052303cf375e2d6da6a0b4f2180752922c2f20d0ac1004be1cfa3ab1dada1e1bc0f045d51a

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 5139c8a5758c43c4300454c287a843e6
SHA1 35387e01ac57f2815f786599bb839ef023c9f2d1
SHA256 531a86ec61bdf3c1d721506b294ec093e6ffa76215af06b19af7f9702bd91641
SHA512 f310b53b786002d496bd084ffb669907455874bb13eb5bcd1738b4f36bcc81b2bad25f0c7c4c8d9e1b782677cf09c0f1270d4a7828591d193228763c07acd284

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 58928523a39e669bf388ad96b7de2e31
SHA1 907f0324b174a07f079bcff3027ed41cdd2551ba
SHA256 d536a3ef38b7845837ce572be77241d648f2d6e05102e682e1e650774bf1caf7
SHA512 7f14d5304d770808dcfd677bbd453cdf6f3be48a21ae7c40e28060b44fb704e97e7b3fd58d4e88815f64ed00bb13b053cfc1985f9067bd48b3f6e0f185168d7b

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 b23314c13ea65f41e908abf8e66393ae
SHA1 4e4df9b2db37d96cbf1b50c22df2858fd42759d7
SHA256 acf508ead58ae65839912e1840283a8ee2b68ca20bbb7085b6d069f55f679015
SHA512 d482fbec05f53cd7d6f15e3f5c45b3ca3d295b628cc96f39ce614856c09d4661c4f5f5c8da9c751c48a92bbd005ffcf7b0a3011d8f9469799892c17f93282628

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 c1561958b5d9683711354c6bf9c57eba
SHA1 6ea139646692dba4583fd41d55e45218110b5dba
SHA256 b097c33e2a6a288b443b2c6aea05303918ce5ca35cea0663bd4d74791c33967b
SHA512 ec964895fb74cf60e6eb83ba433aaeb33897380965379e2147580d131cbd825951d05ab455c6643062094fe59bd9fa9267ed9d647c34607e2a261a13f86fe93e

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 6dfc361570c347a0b1fd483af83de73d
SHA1 49cf14102229a1f59a96e51cd06f18f9ba27affb
SHA256 a5336d0e244d54b3f82c6b09288cdcda19e9db52b413e05796fb49430bb75ab4
SHA512 18511d7ef3390f28e48beb10d7c7ff484fd4f3901f928997bb5c0c156fd5393be33d4607288a2fa91d895acd0b7e15529bd07a9789ba6f4be21dc5720fbba8d4

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 573738a6383edf493239a89ab3999b69
SHA1 a2d064d6e1de82738bc24993463300ef165a36f7
SHA256 2f4f40a2f537643e46496fbdb09fccb2752d96248915e1319771fcab5b83c702
SHA512 72c869b28b69a93880c940de929d0db16c39059004bd3b8966413f97ca59e00335ed4b221992f6bf9af63b7bce4d565d7252e8529ce7d787b3ffa931c44a5729

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-13 06:15

Reported

2024-06-13 06:19

Platform

android-x64-arm64-20240611.1-en

Max time kernel

42s

Max time network

132s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 216.58.201.99:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp

Files

/system_ext/framework/androidx.window.sidecar.jar

MD5 bdf3529e80318eb14e53a5bf3720c10d
SHA1 25c9ace4b1af6e80ebb2572345972c56505969ba
SHA256 bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA512 48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 a89e7b22908d6c1d28e2723aafb8a98e
SHA1 550ad27cbebb69f4cc61d8240281031e7cb6ef83
SHA256 9d7d39e36452cf43742d96dfc69eb98ebb209108de784a5b52f4ef8d2e1acb5b
SHA512 2eb0a47435b309857f3af4984e0f890f03cc043210f81137bd333630e44e7962b7f7131637677b0717111487fe2bb56b2c43175eef29a08f2202beffb4aa2069

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 291a6fc162498591985ca27055b54574
SHA1 11370cdac70d3d1f53c0bd1aecb3f0fdab267ae8
SHA256 49141adccc3fc6f5db3377ebb329b1ad2eeae36e005e589aa23631d2e9e23c89
SHA512 b52ec30c360216276c03d1f7ef0df75620915f4d2a61c2dbbd06502b49145026e7fc513540b2b3df1bd575053d7f84110df47f76f39b567f189a471278d5944f

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 67cfcd1a13ef66892208e4dd7b9109f6
SHA1 390931969dd514b88ffe7f83d82db6155e630c22
SHA256 dd3416d0cb2a3c6fcdf4076eb3581057059c8f9aac8b6e4ca7c9ac59102538e0
SHA512 3dd678e28b62bf12bc8ea0fb24719f0eb2992ad211eecaf85e6f48efcb673ce01e9ae62d2ebc5e45bc873391f6c6448d64aab21ccfb5b63d21e656bd558323b5

/data/data/cl.megamedia.megago/files/PersistedInstallation8848601838001032151tmp

MD5 d1f6e219084d9ea7a469622dfbd8269d
SHA1 15382b6ab2e0cad554b7d2a92ca301fe7544b1b4
SHA256 c73d905f77168b96a9f9f8703bee29a348b62306fe00514c8a502480a69d2d9b
SHA512 2ba420ce26af780a9177fe8a4f1c874ae80b8170ec3bc149e52ab30a760d165ba0044c551522c1f18e7350aa59c12b16408cb70074afd4ff9ee4f78bc84a703f

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 7773ba4812875fc94223cfc32f4e5b3c
SHA1 e60d34b8b9d69a18e52035033db0b6f134168558
SHA256 66af23c5990aec755c4b3e80fc7ce796f96edd6fbade5edeadb648b039c6e64f
SHA512 2980b24cf521d320b5fec2555db09cad47181eab68aa64d165b0e62954fa3c3eab76dd6edf2fc5016154ab5639eebc037c7eed856379e913d15850c0e5c82b3f

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBB012D0001116887976005D6B4/report

MD5 2fa184aaa0ac654eec62ca6fb17d8781
SHA1 e35abec89bab1ef7e8d885d9f54fb4505ed468d9
SHA256 bf92098e2d84453cda2993749a69c27cea093b746ee7e9997332794f0ef3ed14
SHA512 6b6ffbbe041cff00246330fb2b547fd37515eddde0e26c621bdf184633b8e6be710112dad78528fe3f7293718e664603dd7e2d87acb0a6c030a424380c5ba7b1

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 e1c8f09a313613761ab9f3e78efc75e5
SHA1 c5e53061f1cd50abb9999204e7e4320d4e9f9b0c
SHA256 9bd88891e4301b432d9952183ea44862d03cf98f9692ea34f4c9ff9976027428
SHA512 82b175a9bd7446f1d58c3f8fa14a7c1df14b7bd03ad5dc159b45777d6e8f7fca7570be6d36dc3e8f555e91f7993970cc21d5d7fa459efd74ac5ce40cb68064b0

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 625c3f88c2e83b0f8d55a2099c8f2532
SHA1 7c09161639b9a353eb60b076c4325dc7705e83ea
SHA256 752ce6109c59b08c7cd8a18e8c7480232f03ccb56d2fba1b6a31ef86e7a2f494
SHA512 b5ef3250bceb37dea967644d8e1499b7929d1730025619332f7d3e32c209d27eb1c8961c222a4ccbdb6599a40ca233942058004ed41197b2ebdee41f3c54ce27

/data/data/cl.megamedia.megago/files/PersistedInstallation3616261800752987355tmp

MD5 8a6537ba5358900de2e6367f7140c37a
SHA1 c3bd8fbd663cd84bf328616321ec369b77e22435
SHA256 76688c4a8031da1e51788bf595eecf576fd4281494050fdd2e89daa34084188e
SHA512 cd86f997983da711c76d00d5991ee26d538f3ec41c6a3a4082d2002080675a5a934ef62901e9c15bdf3ac35c765b25bf75e2959c860f4562f3a48efbf93ee38d

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 d8b4ab0e84edfc439a9e103eaa5abe2c
SHA1 abc20102f220e155df69b278ea1bc6557b19d566
SHA256 46b411a049116f8ca9abc327de29544500c9e9c0dc75ae094e74dfed45543191
SHA512 0f1813d524eca275e6f05c1e63cac49b7b91aa4ca13debe57592e0092105bcb70689a7c498ea8fbd728f7ba8973d2d2f7b49bfddf1d0c83af2c2b2386d66cc45

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 3142ce33453ef7217063aae2b24af780
SHA1 e9c0686bc05dd2bf4965b7e43e9343e0378ff789
SHA256 ec198511f19dc5bb1f127c4915f346c3ababc97113cb23a00f65669f6daa5207
SHA512 5a5423fcf57be250c41c3d6300ff0a860760d7a24355dbccc8c6613bbf0bc4af33ce308792b675759f32bd64485474e4a7598dcc1ddf6c612d3a9c48992a573a

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 d13664a3378b2d831128aa12ffce8789
SHA1 a0376a16686746841d3a893f0f6b385f6617ad14
SHA256 eae0eaf95cdaf4790cbfe7b6fb189bd12e12e9ec38fda77e25add980f9c2cbf1
SHA512 32370052d9a05828bbe6ea5ed473c03986489442c3f357b205eb4b2613c0ec55b532adad593f8c26eeb3c218ba748a1a5e8102ce190aaa1c3b13857c201faa56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 61aadaa870758890ce344727e14110c0
SHA1 2b11e58909103b0741678a3b71598ebbe3842998
SHA256 a5c9e32314df53a835efad5baddf1e475f77391cf27b057eb9914c36a99f272c
SHA512 068fd052a2a42c5cc8c0aafd0036317f8f65fc29372960fdf4a52a3faca5848838bccff0298bdda059bef09e216254cc71bca4873f7a9f2951d73cb96fe187b9

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 adf8c3fa9d4425f91a75585dd0432c5d
SHA1 026350d19cdfe8129b626511dac7ebf28f80562c
SHA256 a9ff79e552eda94fc83fea182870aff872a1fe4f0eea48e311067049e60adbc6
SHA512 e79cdf7cf5c1ec5d038cc7f03e82cca37a2bec09e3e4a9bd0cb6a5943c5e74de4ef7767aff78cc2562e5cdbd13753da47c807a0cf5441961f8c3f74027516eef

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 b3e359b88423710e120383f64463a846
SHA1 f3bc2bd36038a4433fe40e946f1b0bf5f4162de6
SHA256 882386ce85a99e33b209211871588cce0a21e640fd30e36a090c99620e75b087
SHA512 23fd840212b7ae429def1aa35e94207fcb967be5b4206286eb88a337c69a17b883d1be9a7c949afa1d5ca865be8543eb486ff3f2935081dd999cf541f57c49b8

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 526bc42b0bda1b423b27dbc50d5576f4
SHA1 2090b31b3a70b07cb5b0a8b36449c8bd29049352
SHA256 e920675e19c7afeb140dc7fb0de82c9384debd5411f5f40d6c0f1fec46c94330
SHA512 2f2e7667194250e7a499c6e9e77921fd4d422e5078abf2cec5a1c16de2b818701c83776e50e72e0c7ece44dac2488855ca7a722f9fc3a516cdc30d278abe46a3

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 873fd1ec9c748d63bda5f6a912ff5341
SHA1 d2d6ab433b837135d56a629fa98b90d37830a301
SHA256 a3f9f1570f73ba46cd705865479a72fb514ffe39bb016280e7a7e66b5263c019
SHA512 4bb1395aac083689c0a9a449f7f83c6d22b959ddf61c3dfd2800c6b730178c916b7651b4101d4875d21700d9543e64cf72925e5234b06bd7bf74ebabf6b6d53d

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 a5d7ddcedbb443eb3947f6c8eb88c427
SHA1 89cc1b37b4f79233da0ebd7e56c982205b0cfd77
SHA256 5a15a7241e5d55056c8dffbf9b7d7bb9f6d1c2cfb2b0ee414046bd46d8dc16b7
SHA512 561189b9a5d8c1fce8f8f720db86d8ef49a75705a923bf7f323ad4f07e531ba6d14f000b7ceb9a88f759e7de3c6d093b18d8d97bba438309eae84a58b5d36740

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 186ea147c0f5c0bda14412d14ba054e1
SHA1 efa4fe1ce3343e3adef56accc4bd0672afda8a63
SHA256 cbe39d4020bee889fac5aaf9bce5b7c6e49b2959103f901c89081afb361ac5a3
SHA512 a44e3e5d22a48770a171590f9719be4f379861435daa02cbbec7aa23cbe2cc3a10dbebfc7abdaf5929d333db06e8b5ef26e9f54331651935932322bb35535d78

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 487dfad67c1c94ce7a56d55d632744ac
SHA1 c7f4b93d3417cd0b672d8a7b886a235f06fa6d08
SHA256 7e4470b750bd271219cf42161291ba25bc4cd62e1531e38c2d2ed833ffe466c4
SHA512 9c18b96201865b6814b18527df60f2fc68d47d5ddb8b70abdab464347190df0da2a42c449ee8120a4cf5f96653d8251bc655f98ac1108f74de196c4004d0ee78

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBB012D0001116887976005D6B4/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A8EBB012D0001116887976005D6B4/userlog

MD5 6e0803e47706dbab6c931ecbae7d48a9
SHA1 c4ab16f96ed579bd1ad3d615d8c352de41d69200
SHA256 12e36a1fba079107d6f2fafc3d400ea17a369637d17fa021e98b606d3d5e8d29
SHA512 a7e2307f42ea449236867707f3208c26fefd1bd5902481349e38bd2d10f8f320b57d59c8a669e9579b35ef47d028525417546c3cac7a67d223133edbf4d3b348

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 c428c8d92380e316f36ca21aeb068eaf
SHA1 6e8ec7d27d9d3c2afce6ba5574569509fd14cf4b
SHA256 d2b92e0a988b7b13b56bc341b87189ed957a974ec740f372962cfa62a18b986d
SHA512 7da4c2faa10c3634e807bd40893aa776e883dc76b3b9cbb1b5283774ce2358b40a183d99342676629a638cdfae1b98365016cfce0cd2e198175b604f53e94229

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 8e9e9b0f5f1e5be5bcdfe60b77f85c36
SHA1 5d30092116365f29cfd6798c5d3e3274a6a9bca2
SHA256 8930a241ab527c03113a3df537ef21fbe2dcb2cf7f949ddb8f2a294e1757033d
SHA512 ff1007d68bb1a150b0ad3b8e15da5e5b51a108710ed3ece74d8188d025be97cbed30639840933674518718c82f40f2387d175b64fa64942e39650b9c0ebec7cd

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 c680ac3fb15a3645104fdbf1cf135657
SHA1 65d383adcf685b958bdcf1762e5b38d97b183883
SHA256 d20c5389567b66ef2e8eed6ebf0c4eeef72dfe348be88bd220761e8dadbd62c2
SHA512 4993749de287f4964828692370560b6370305c0ef6948e15eb3f6d99247a1df74c7ec54d0f752124dc0f508af0ab66bfe2627416a4d39e475d6ac5f1bfdd6572

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 96c97542c6cd8ffa7d6e17cb7ac302d6
SHA1 bdcf08fe94ebd04e447c69d6f7db6cf4cdd20e7d
SHA256 25af9fd7be8c86d65406720be06afdebf793499c561d913f7c8a9ae5869877a7
SHA512 5030805f0b022da45e6bb2ef792bfd3f2bc2a18ef2e6ef57f540a6c1a20647c3d4da6e5f344962c34407fea063a398a31bd304e4c4de4f8a2e874b0dd41baba6

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 3a53d0e19ba80458e31dc31a0f003d68
SHA1 fb8ec4a9300d57025bdf037e3160e8c1fc92215f
SHA256 69fd7c654cecd69013e0a4c442676997836ca136ebf6022dd66dff072ed997f9
SHA512 29f6f9f7f3f57e4d5b20c8760a3495c2e28b291a646054737cc455a2ce3211e1615d4ad9d5249db454b7ff4c74e9524f1a761e09681c43831197cdef2feb164f

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 63d8eddb3a48e89991dcc666d3da9f3a
SHA1 e5a5f900b07998214d8836769174c8cc9ba8d146
SHA256 87bc228c131505bbffe1396535d0b2a7310d750944a237f6ef2ff8e4731631a5
SHA512 612487fd71ed6227b904e5f5a73772db847401dca9657cbf75b81a1572f3c336a421e3409a9ffb7fc479d11b6b2c96bdce106d68ed476e7d0ac39eb1586e324c