Malware Analysis Report

2024-09-09 17:50

Sample ID 240613-g4zwcs1epq
Target Mega GO_1.4.7_APKPure.apk
SHA256 711759fc4628278d6468148ea65b701fb4cdc0c40e9b73b38591f801b1da3b60
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

711759fc4628278d6468148ea65b701fb4cdc0c40e9b73b38591f801b1da3b60

Threat Level: Likely malicious

The file Mega GO_1.4.7_APKPure.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about active data network

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Checks the presence of a debugger

Uses Crypto APIs (Might try to encrypt user data)

Schedules tasks to execute at a specified time

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 06:22

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 06:22

Reported

2024-06-13 06:30

Platform

android-x86-arm-20240611.1-en

Max time kernel

136s

Max time network

191s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 142.250.180.10:443 digitalassetlinks.googleapis.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 216.58.212.202:443 firebaselogging-pa.googleapis.com tcp
US 1.1.1.1:53 sso.mega.cl udp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
GB 142.250.178.10:443 firebaseremoteconfig.googleapis.com tcp
US 1.1.1.1:53 sso.mega.cl udp
CL 186.10.64.246:443 sso.mega.cl tcp
CL 186.10.64.246:443 sso.mega.cl tcp
CL 186.10.64.246:443 sso.mega.cl tcp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.200.46:443 clients1.google.com tcp
US 1.1.1.1:53 sso.mega.cl udp

Files

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 e6a9ceaa1184d673cf6ac22a76be66b7
SHA1 9854559d3968b45f679984a709600b4c05b7e678
SHA256 9e613e4d005e986be554fb0d94905827af192a09dd2d38a905bb30bb1f2f0159
SHA512 65f1e4fbf30cf93e100cd1c79103fffff4e9b07cf070b878b046d1d2dbd15c60d9f1145ee6c35c833eded9fe92391d14154a11ab7a2c33be7e1e7054189716c0

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-wal

MD5 9edacebef703713a20a4734ab8d1d21b
SHA1 0016bd40b70e7f4e146076edd56e1e3d425370ba
SHA256 7fae74c90c8f05f5d911a8d71818b75a3d20a9eac28d4c3fc2ca7025280ddcf7
SHA512 8d3099bf58c41d052de334134501e17bf00ca8335ea04d20853d65083aa1c4566b253913504fe862e3a86cc313fd8acb936cbfc63d037ecdcb4be5e0db85db79

/data/data/cl.megamedia.megago/files/PersistedInstallation8161237552034752083tmp

MD5 1ccc67bbc254f446439d72ce52d667f1
SHA1 dbf8d4f5a1458bd9d7e579f31e41acd344532741
SHA256 ae6487b6eab485d173ff242bbdd4b11b7da4ddc574eea561d6bb0bb81be906ad
SHA512 82c9453834e4570e4d76a43b399a3678e25a4b731fb2f97cc6fe88007c3917ef009a9bc323ba314cc7345a9bbea4bbe68da261dc9bf58037dec66dba70e0e5de

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913201B5000110C34A646152E820/report

MD5 407c13c633428e09786dd292536f8c9d
SHA1 d9f9d4f0d318a2e9d0a17d138e2ff5518049e791
SHA256 35bb4cb29e911ea10b35b4c34152e5017ff4b44edff9589019608f40e1562f6d
SHA512 9a62bcd7efca4a7a2cfe195c8acf27eed44b38c8ae2b7860a912aadf2d054ea539fe1f599da87fda2d5c386eeeec94a75ecbe4b71851fe86a3597cab0202077f

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 ca8c6abb32e423588166289c3eb555f0
SHA1 a608428760ed9de001654c8a90a993830428e880
SHA256 31cb998e910ebaf807ebefab3c9b2c8919d39bfa8056f7caf2f9a18c4d3bb937
SHA512 89c8e6017c6a57fa1f3111bc98bcf5d90579e314cac648255d2cc9f15023029168845f74b5335363a200344a3701fae0a455bea104e6831b2c56b2f915847c98

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 845a7f607abf64f06e9e8e00032f4052
SHA1 6a478b434003e5db138db646da8b69c2665861b3
SHA256 a71c74af1c7deded9987ba946e3fc360e2fe32dc398d51826fc81157a5bc8aa8
SHA512 422f38655a729382b56cc750bf6df69efd7423de5b0206f6972357ffa0532030ad561233ea595c86e9b4dbca9dfe575235191323e151e11d948abb5cc931e4f4

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 29ceb0cc98f13e94256a368f0af99cd7
SHA1 b65791dee2c9fc47c948da772b81707656563686
SHA256 2fb15f1a44b3023776c19c88abcae1a741c23c0213f618892eb38dea92c1a6bd
SHA512 b506ca089fc514e0c1f5ad047b3c995434ed1a1381fdccca31a5756e2924f489a01bf1ad8690a657def93afc25e834d8e35689d149a21c814e8cd40aa5c2e3a8

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 6d64568ed63f17b71bbd7bc7c50813c5
SHA1 e1c9ed12fa6b627b7f9433a74305e1a2fb0e08a5
SHA256 fbe0fa59d416aca878c49b51329191bcea5f075dff16033b7c0cab0679a6a044
SHA512 cdba9fe4887926895b8d5f27cc9b3ec73cb1d36cf96e0a6125c5587e59eff6dab8d51ba77b9894131d446ba31b7fe1f94b3bf11b643a03e8738d781311622446

/data/data/cl.megamedia.megago/files/PersistedInstallation287464841727903810tmp

MD5 d8ad0813210ffba98fafb59d3cc2c74f
SHA1 37ae772d2542c9807c9e14a5bf1795848b37de28
SHA256 49bcb0c62f67786538cbdf862dbc4c55dbc0aa6e98225bfd211ae92c63ec489b
SHA512 67e2c4cf5d388ee6555022b2716e448bc395352c3b73460e3698d8f648af498cb79a30a53a5298cad8a7f15aaa3a1c0c9559c7ad3de341ecbe892386a4976a8e

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 586a2106fe5476009505fc33bb055984
SHA1 9dffbf68df35c229b223fe62db51c0faab424596
SHA256 251030d4c2f825c3576f4ae11ee17820470107287733c47dd9c384e11b273b77
SHA512 1c2f6d412a235c825faf7650a4a383958cf49ffb1d16498a11a120b4a0428355e43e08a4c5629ec8124f47e42363030e85723960357955487d989c5d3d9385cf

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 6cb87209e72e1b38478da204d36052a7
SHA1 d97ef8b728934c031cf3a183b747e32199cc9c94
SHA256 906cec1d85dea8eae7718f4c7c16323a876c561b27253b5ca3fe2163f05bb31d
SHA512 ad7fa43c1b08a42f8bb56b0325936b02417ca03b6d0d8f9c385cb453a37b30f3e170c0bf3ae993fbfc4f9e79ab5176720375d0905a3c06716d6023b1ff2c8a4f

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 2ec8fde97911ec0bf01fc92e05a538c9
SHA1 95e13d101807c4f25cb8c6e9cb537effcfe0bc57
SHA256 09b603014f8c20e9bc64b93f7e62683eb4ee274fd558fd4702523dc21426784d
SHA512 0391f6f9622ed555ee86c98781eed2c769d3f7191cacb89312d43a6509a1413a532e6f18a9548aee3018c79bdb8515c9e5b7b5f326e9b32fbe8ff668b9baeb77

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 9bd3563fd43dd6a909ee52f7ad6029e7
SHA1 561fcf6528ef50ffc51b61be7f49c782a8a702c0
SHA256 36283299c98d55f0e4ff86b87a0a4e4c25cc10939ceff611bcb1cbdea9a97ad0
SHA512 4cc1eb876243ef05f23686366d0e5016b9caec4e310b43a5096a175546d3be60cb1ac2bdfff49da9fcf9ad641e36ff2dc6fa2a68f1d05ae425a79a9cea49723b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 cd5acd7687963b579c74ff424a54c0c0
SHA1 1c9fe32d1caa47e3188ae1cf0a44036436160289
SHA256 51c2057844b49f615af62213e63b697800d656bf19292e1859b7e4d06d278fab
SHA512 29c9ee5b421100bc1a60af2e2ceb31837d79dd4533f1e41c9c984db73c2f3a71b68467b718b36839080d688d607e0a4078b83ae0489b41e8d6d9bc0b9a373184

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 85e895fce99845ed4b8261545a56dad2
SHA1 33620fa186e3870c3be3512f309b925e1494602a
SHA256 d3dcf741d4304fa00a31397a04a3d8fcc7d69d200ed08b653a91659e0f7f2315
SHA512 9f6dd10ec0b97940a17f04731f0f9b6666d0c2449d233cbe8c05306bec0d8a559c3bd0a2473f31c75cbcb3a02555223aee9c980f1d9d21850370d6d6f2a22bd0

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 d2e81f97f0d4fadcaab8bb671b8f6be4
SHA1 97a294f3a9f551892c9ff0c09c1d5faae675cf52
SHA256 30cff61e99e6c5e61df9dbd5f7a5ca49bbb7f0fe08f8e47667e15156af911da0
SHA512 4afc4c3d63de488a94b30ea37b9e198d461769386a17f8447bf279b48e5d02529f8fc48e721f121bd1df63ac003989e1c30b1c496d19d8691be153259b34971a

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913201B5000110C34A646152E820/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913201B5000110C34A646152E820/userlog

MD5 366917ef0b72278d776bad0e8bed0065
SHA1 b9a9c1e474d274f4f24f8b8548c98bc840d151c1
SHA256 839a1e0f09ccdfcb53dbd9acf06d69e2a6fa84844e8ba1a028e3c350f9ed0033
SHA512 eb9e7f6538fc7a0375fcc7ebe0a0d7041de41311caa1dbe9c5a8350bb24b8f96b389b27ca8874965a0be72fcf2968e3a1970162e87d19669f4a4070cae2bb04e

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 9f8e7775edcc93381080e15f64fa159f
SHA1 7b5bff45874274c9913757d02aeffc1ce5b79d3c
SHA256 04b222986254580a2ac25ff4da3f4c0e44f358afb0c8bcdfe0f0600b55073d4b
SHA512 0ace702f8ad3a88ec18f03a3fae98623885934f4a1dbfd8adfc40086e340b2cb7b80655e5c0e37227fc9feea72cd41fcadb583d7eaf7e8b9a086c72eeb5c5c42

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 4b5818f41f2dc27799870389456a7b2f
SHA1 250ae84736e761399294bcf8e02446fe6d3bf41c
SHA256 da99b7ed8dfc6b0a8ce943651ecaeaf4dd68b54d74a8befbe1ad7b8e652972d3
SHA512 85b155ff04f9ee6cfd757483c245f470483ffcea0bc8934f7f1597efa37355ee1bceb407f944f67e5c09aaecdd52e69b2d14951597620e16b733379bcbd3b0f2

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 195867705e64a7f0a5831fe406d4fc57
SHA1 25d15dbe0291a00ba8de4c64618e905e9acac6d8
SHA256 06ef468118140e392633d07abff98bef51904a0ddaac68c8894751ad25113640
SHA512 2795ed9211776dfc8c27d7228c147f9f61ac02875ad0ba9e7556b4d0a2e0729e56d0fa5628bfc7dbb132271446725eaae8c96951817fc82d5552c12dbef511d4

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 762fae9778065a85584c542a23c7fed8
SHA1 b45870783f9cfc177c604697bb4d5e2e292a1f8d
SHA256 eee35b770a156f19c521764d94c6b5d32a373f905f235d8c1f631651806b7611
SHA512 4fb2accceaca9b762d3a6c6ae2d90902e2010794b6d6ecfb15ce88380297ce438c2ee42e6a58aeccc44e7e882d440aad2c9d032c5b2345955defef924a164bfb

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-wal

MD5 8d730afb339e43b2b63a6e61ea18ec3f
SHA1 9fa9cc4ee9d426ba8bb4d0ffcc91210663b65ba8
SHA256 01e14956fbe74dedf052e08601150cd0108fea68ed68767dcc281ba6ed45c8b2
SHA512 4d81c172074f480f7a5be35e28893b3ce074faf20566fa27cd642c7c2aaf5447f808270b655682c23261bfaebe61e4e7d1a73132b5329d4f2b8d6266ac5ca40d

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 4bdb2775bc94f427211cf9403021f934
SHA1 92a4ff8842327dbe7af3d4bd47256119b6b84f2f
SHA256 458dee6c12bdf2aef753155f024031554fb9a2a9ebc085a60281854702ec422d
SHA512 88a57af04bc37cba11b05ca91dd3b642b5015ea0da8a4c5dfd38fd28c8ec92e71e3645876ffbfd55864deac4cf6705e48c53122e0fc0cc1dd137db5fd9888ec6

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 58928523a39e669bf388ad96b7de2e31
SHA1 907f0324b174a07f079bcff3027ed41cdd2551ba
SHA256 d536a3ef38b7845837ce572be77241d648f2d6e05102e682e1e650774bf1caf7
SHA512 7f14d5304d770808dcfd677bbd453cdf6f3be48a21ae7c40e28060b44fb704e97e7b3fd58d4e88815f64ed00bb13b053cfc1985f9067bd48b3f6e0f185168d7b

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/files/frc_1:425690476403:android:4b09586a191bcc316b5f06_fireperf_fetch.json

MD5 43cb158421b6dd370ac5c003cdee77ad
SHA1 b8f8c3c52a2cc414ebd63f0fa5b9f511a88dac0a
SHA256 5bdcee0ba24283a15acae66c5fe6d583db3e3971c376ab2bc89da39c5516b75d
SHA512 83cef274f8d22d442bb2fabc6dc45a95b0adae7f86dc476605c2b5b7f106c9bad4fadcb09cf5738f2e45dc2bdbe17c836764c1caa65d872837de6b8410aa5a93

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 06:22

Reported

2024-06-13 06:30

Platform

android-x64-20240611.1-en

Max time kernel

42s

Max time network

138s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.232:443 ssl.google-analytics.com tcp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.180.3:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
US 1.1.1.1:53 sso.mega.cl udp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 142.251.168.84:443 accounts.google.com tcp
US 1.1.1.1:53 sso.mega.cl udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.133.84:443 accounts.google.com tcp
CL 186.10.64.246:443 sso.mega.cl tcp
CL 186.10.64.246:443 sso.mega.cl tcp
CL 186.10.64.246:443 sso.mega.cl tcp
GB 142.250.179.234:443 firebaseremoteconfig.googleapis.com tcp
US 1.1.1.1:53 clients1.google.com udp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.178.10:443 firebaseremoteconfig.googleapis.com tcp
GB 216.58.213.14:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 142.250.178.14:443 tcp
GB 216.58.201.98:443 tcp
GB 142.250.178.10:443 firebaselogging-pa.googleapis.com tcp
GB 142.250.178.10:443 firebaselogging-pa.googleapis.com tcp
US 1.1.1.1:53 g.tenor.com udp
GB 216.58.212.202:443 g.tenor.com tcp

Files

/data/data/cl.megamedia.megago/files/PersistedInstallation6315080143305440328tmp

MD5 1de8255442b99ce2b1a65a9d5d958d77
SHA1 47528b22a2ffee57a13f3e1394b9bb1e98c5f164
SHA256 4a22d09bc59388642031c89920e87cb0ca49d88f58012d0d1b26630933d3423c
SHA512 035336118c4f8f8b2cab32e6a25d0e9e008d43e989807011a56858dd7bb1bc1a707fdabc64908a8cd903be9b14fedad0303b3ef6804dcd2a5bc141cbdaf4ae69

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 dc9d2f48233ef7aaf7f8601db2a38c42
SHA1 24dd4d327ca81abfa1ce48ec350bfdb7a9e8e599
SHA256 3c7037903866bd35cae29234bbbec08f01142f4432c2c76e8ae0b27e244166c4
SHA512 ec814d3c6ca3df87548f38d04f2874ebceddcd1e46c0ccb7cb08a664833855d5c795752010643a3e14fb6390692790ac11d94c9a5ee9551d4cfebc7deedac1e9

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 c8a73d5fa40976a6a19ebd2183a5eafd
SHA1 ed23d2c8efc3931639efceeba7249f458b5ffd2f
SHA256 118e7fe1e74cb1f924ee4202df681aba6f5a667951e360099169d7c93a380eba
SHA512 bc6898b1ce1af7cd63b3d3104761b70bced9714d3791db729927d61762fc2ace4a5021f48a5e691fc99e4a21e4cb63731255891f81d2252fd03ce37d7f53c75f

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 e1bbd2877623ed312189337654c022bd
SHA1 0f30674dafd4758bea93435304d1e321e695bf07
SHA256 5e7c90b73207314980e751c93b7de5eb045bfa7662a6dc2acfad743067b9a371
SHA512 7c06dbdda357772154782eab24ac5c50ae03c425793b53f9bef9422ed338c897080924367a91b862ef9ed276447c97be86e2269d60dbbc4a9268ca00ecb1c32c

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913E027C000113E1D8BC69D0041A/report

MD5 1613609f666d55baa3a1df5459c7b961
SHA1 a0a08115ea7fcfca4c76702caebbfb9fe5c5f851
SHA256 00288d001047576f3e8aaf62cd778751b671c6d018bb6d07599b1e1a88183869
SHA512 acfaa81a62b7ae5694a2e3d8be81c76d29f28060334a3b4502769d51f3967ad7f30d209084e71df27a3f11b2cae8ef1daebd5e740c79eda978341d25254ea26e

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 ecab3c14bdfdba6b4f02481e5573da1b
SHA1 77f7625a788fbd4dc9e8ad824df8eec579c87807
SHA256 faf47df24382ca6614d366ac78b61b3ee1630af60665d2a94b4483ee7513051b
SHA512 74fdcfaa1e0f8ea80d216f43650fc279e64f2c03a26ead40773149592b34098bf8e3314bc3de362497dc99d8fda10895ea88d2ed22356e1137604040afe178aa

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 86a2cfe449c58b516ebf01771deda2dd
SHA1 166338319ad0474993a1a2a2fbd27a8e325de086
SHA256 8178a186a47fc4ca2f74b21b717d5d4ef07bfd6b272c0d65d95b77c61bbd51ca
SHA512 a146ee923a002a00c77b523cd95e60d7d5fb0b6a1ed0b19bb3596a4df1400a942eda74b9bdbbed624d288e2361da2f65b539695dff74f66fa003a4502844d534

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 15ac1711ecd6622f3088f840b2d6b89c
SHA1 f81fe0cc9573ade891fbd84de23ca939a9ddfd00
SHA256 a2406d8bdd5095bd5c758774f86b5db312adc729e56746f287c73c5e67263a51
SHA512 75fdacc24211856085d9146f5c685b6b45bd20d09941dc56ab319c35680bb0a4238d1a1a8f0c3d74ffa27c78559859a1497c2dcd57956ad63497bb24cd37b866

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 5f20152dbe86ca12224b3c1701775e3b
SHA1 7a4dcbeea028d294d8ccc540e2ad752e927f17b0
SHA256 ce2d7da9eceab4d5e11e2ac4615e3898352fc7842356f98998a1c99c2b4e85d2
SHA512 96354c0ee5396273ff518ef419e549c7d8b773b314535d9e25381947712495d655397fa48f7f8d1a94dda14a8d24d268848daf2d74d684a1ddd55df75b825919

/data/data/cl.megamedia.megago/files/PersistedInstallation6175613077355707536tmp

MD5 147050b15b17a2d2acc1d737d6acf496
SHA1 63a7c1b3a359a7eba977706c74d54187b5cf7275
SHA256 7183ae424df7c1ddf907fd914e4d3c845c5ea82256e9e3703b6ad8fc0d6b2fe6
SHA512 83a27a491ca02f66a432fa843de1fbf5c1ae924e3dc85ff5321acd31055f0e16e12264784a9df54b9f2ba451d54aebe987ed40a58797df7f6e4b60ce7f43f7f7

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 0cf0d7f590bd767926849063c0469abb
SHA1 5654c233e55d12ce5659c97ced57c11127aad881
SHA256 d70be5c17ef9f1139687943d5e4ab7c381b1671debfb0b2b4ddc8991f564c566
SHA512 c5613de0e8fe4eeb279465e6b465a8d4e5eaf6ddbc66ccbffe903be2ffffdb9f4e4d3c203b386a09dba60eadb58f730c2e604f52d162f7830f5a7093394ec0bc

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 1977a7dfc090b489f6f9aef54a2e35b4
SHA1 301fe9c8cc25bd5e781598ced38b7179fb8f8774
SHA256 003b559f84ee5a2416012f4288a6b47234b68018fb1c97ff62c0dd7fdd2c4ed9
SHA512 d14012153d7de9310bd1c0c7b232872049623caa510f0dd0995b45576d024193b89320c41d4b29ca4c1df1b491256c4d9cc673adbab650cd5cfcfa01971c6e52

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 dd27f743ab55267fe10d68dd50e7cd1f
SHA1 5f372a4a8a3d13aaf14d78bb62f7f7763d7bb704
SHA256 2544fee1dc41cbfe0cbfc9da38a90a14c844261c1712ca115c2ea1241d24fd3c
SHA512 a432dca75214e0e1441bbf9fdddbdb4e18c8b5d22a3713dd09b69a01cade00184aa347dd4711a63e381ff3719a6ad85e246f5e896bebe9c972fcbb110e057cb2

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 c550abe612261640f230f25abff2ba87
SHA1 a3fc01c19cb7f420d4738022572ecc1a18c747ea
SHA256 13221740b3094b2e8e997fa7543bac5d58b15a08e1a946321720b4cd1400033b
SHA512 1624dc3f69c9d5a8beec4f808a372415f9cf298ebad12ca5f3a469f14d9aaa6d1522a7ac6fb8f4b4407193eeec75ea8e5d2d98e72ce4e83be22154dd63ffc823

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 d341edc48a49ba052320481708edd4f2
SHA1 1b878db53eda0653e5f3d51ed308d52a030cb9f1
SHA256 17b6043e54d2b1f9b0d6135cbe385cc0fcf6eade1c38328e83522d23aebc9358
SHA512 bdc61631c8b854e1746b148b398e35dc4adc470372afd4d31b4b51e4ae2e14bfb4a12e0f9bd2c744df016284fa0a53e5016525f0ff94f8622cb6a588e188ef56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 b9696303cbaf7e51d144fcce7c043b6c
SHA1 61fbcfd6bc443fd63d06134f76dfb8bdf4356db1
SHA256 fe3397c91c4d0c6cccbe299a3e8c197697fa116bd9c4399d0bbf230702bbb558
SHA512 a57141e750aa970773373ad7314ec0726e557a01755f8f4dbb00fb15fca48d096772c741f1927e3ba6d72eda8bca6a218067c68b2c27d99bd7f2c8c6aa39b0f1

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 56126f4776b485c3c8e64c71704da150
SHA1 41a25325a890c39c056ca64a2b1e6fe699510525
SHA256 de1864fb360801c47054759e21421b960bece98b6e761aa11215a86b22164db8
SHA512 f5410d1f804cec455d6a3d0fd5040070bdba5a877c9c1a045c4f4671daff81634060b73fcc6641371c9e71dd47df7d0d24ef4a796eed4432f7417bbea07fa051

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 d308a9027489b84e6d65d3352eaa1706
SHA1 db7f37af60f3de2f9006ec82e1091dedeb768251
SHA256 13ca6197366e0094886cb71b26b16b0d5b6953aed8eb11cefcc7b7d575d1f466
SHA512 89c6807c62625324f19f66f2f1dbabbd0c04d3182d35f7ab40aa127f26697fdd50d95b575802b6313dcc4a66345022adeb2ed4b1185c983b25546b11169f4eb1

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 d131f535a4d2eaa8f19facd9a486db39
SHA1 24c240115f6961a1a8a20036a34f1add7836b00f
SHA256 7cbe1bd9b0e316c50cd9adab9564c560110c5dfaa98b2257b89a24861f6b147e
SHA512 fee71e01ebd6a299f07cce7ead2786dd103bfcf622bed45f66e2b0ff857e42b80d4367b0adc4b883668c026e5e4a492c6f49aa904f842126f6e9f45ae9132fe3

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 d80c94f64b68313a56993645e7b9a8c8
SHA1 c6396eeb1e6c8b5becc9d157983af71ca79eb832
SHA256 1bffb53236a30737206c5c50e17117e3f8d98daa01473aaf86d6ecdf77b3b723
SHA512 bd1edb1e3c64687c3a199cc4528c2eacdb26cf9543e5d080e070b4da25adb65908f62cb63838f13fbc42067a43013702d13e80abe22b2e7e3a34f0b63280def6

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 78ab7c8e05077f365f4733b656bd9132
SHA1 5a5cecf58385dc2d956305464cf8df4255c5544a
SHA256 b22e5575eceb55f5e7a95804a733a956e041cee003a17a604893d8fb44156873
SHA512 eed4f341f9c2aac81cb2a61d161bc4ea01808e68c143d4ed0a781bdb2a1d4a3118e17d298d14c88ef50b5fc2cd3ddf10dd677efacf5129c767f53c597e7f50ed

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913E027C000113E1D8BC69D0041A/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913E027C000113E1D8BC69D0041A/userlog

MD5 f1d956b93db340e59749151670e542ab
SHA1 af435a2965a4e720802a0867d17f7f217e90183e
SHA256 38e0749a0ecf183063e1aa855da82ed8f040c1ff6a630fb4a49b68ad7c0cc3d8
SHA512 2b413980bf0f914e36123e61927feb5dea9d00f66c877bcb1ab85b66d0fcaf1dffaa501a5db88df73d214b2c0b5e2a78a94d3801211b97722ae55e6ff0cd41c8

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 2e9a0e089ede37c9d664513234e823ac
SHA1 654001266b06a500bd6edd6c320615c906b0731c
SHA256 a02fa31182f15d272dcf8da38b1d83da9608f841c4db02f25770f73026d0669e
SHA512 0412b7e66cd64e85455c7bf399aee9f85d6334e29a784dc6380636ed35ae01fc53077cef2ec3667e1f4bf644c0f6edfe9569624bdaaa7b1ffca41f883b5486bc

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 f27219103e537ee4a0dbb1292815aa44
SHA1 3638ba530ad735a64ffc0ea0ae0236b0af7cbb83
SHA256 8932cc7ca3c904067edafb6024e3549ded3f034c805442e3faca19c14ecb0a77
SHA512 806b2b7601f3ef6412bc9fc05a01332a6d288cb9e94374b530aa52a2e39a187c2827f44785320aeedbb797c5d35a32343c4d88063c1d6c4c9007b7df003fd1c7

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 563abe2293b0fedb54c27d46e08690cd
SHA1 2e14434df9c939790a9f1add9bca0d32b92ee4e5
SHA256 3dbb942de2cdad433d94ef8855a2f376e2fcf2f385ca8762e342d6df67f27619
SHA512 08abd2d4f0cd5700452baf72bd14911a9e39acd1f237ef6829de0e7938159fabcbc1dba05627e20e1738acd4a6215c46301c80e236ae80a8c78535c0dfb964f4

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 a076cdab27af748235b0236907bbcf95
SHA1 76a7f549139bd1950031380e75978d90953b127d
SHA256 d13633ec6b2e1a4a94f764f45490279d577d5e012e155ae75e8652c43c8f2085
SHA512 51490500edaab49a1f96defcf10db537ba8bc283bf56d7473020eda8c4f4e2178dd3b586b6b9d43800ff7a98944fcec0641d913584089268af5fc46f2d7155f3

/data/data/cl.megamedia.megago/files/frc_1:425690476403:android:4b09586a191bcc316b5f06_fireperf_fetch.json

MD5 b7c1b8c9d045866458cef763ba966784
SHA1 4d62f52ae6f7941fc3a6ea1f6546fa67a4a679af
SHA256 c9dfa4c6519ed97d48758f752a0fb1bae9537b41dc66fb93db10a0fa7b4e7d53
SHA512 c163b3385969107543abe73eb87c74358439a07431529a685ba71f2ed148ba6083a1fa7dc853eb9e9185f198db3c4fb98a312d23ff554903a445a48bad1bf7dd

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 1483b23edac585cf2959604745878909
SHA1 4eb844fe7284eeb9cc5fefbdfcedcebe7fa516a8
SHA256 99e47b1a0af678cd7538098f131151e005c0f03835d2edc11757c4048934bcac
SHA512 d716874056a38e184a5fa839ea017068f6355705c826bfd85ec1754d22b0e64da23536f9ae856d7d49a588e1dd1dc7a8ad67ccddcd6464c6244a1695014a232e

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 36100a0ed68d8df7b7f475b0c44efc4c
SHA1 fd9f284d9092f8ff0051b0b94b70999df7b9f13e
SHA256 67d58467ad90e6a82b5e1cb76b3f57f8d5b76dc0b9ae645b79bfdc62330bb35e
SHA512 fe2805877df48165e9015706657957709da9c7798807764f84d54f853886967ee2cad10f9fd2f506829900522e38c81061bbacc8073ca26f3c84de9dd29bab60

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-13 06:22

Reported

2024-06-13 06:30

Platform

android-x64-arm64-20240611.1-en

Max time kernel

39s

Max time network

132s

Command Line

cl.megamedia.megago

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

cl.megamedia.megago

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 172.217.169.3:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 images2-mega.cdn.mdstrm.com udp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
CL 138.255.97.131:443 images2-mega.cdn.mdstrm.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp

Files

/system_ext/framework/androidx.window.sidecar.jar

MD5 bdf3529e80318eb14e53a5bf3720c10d
SHA1 25c9ace4b1af6e80ebb2572345972c56505969ba
SHA256 bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA512 48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 2e3f7aac621c84d1ae9f553531fcd54b
SHA1 3ecf4a8292d1ace190a2ed9a5d3cbd3b4a641551
SHA256 822b496b0108d42b8170634d1be5b956e018722612adfeafa01050fd3aab6051
SHA512 59cdf8865f287e09bf7f6eda9892a386fdf260a2570dcab40cf36235d23374b5d159e8a522ef7135ea38345d7523c86608113a9d4695df7d0e3f8952366fbb56

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events

MD5 359c5fdb292f3a2164fd2c87b84122f5
SHA1 b8126dd908e5225ffa46bfca9e5d9dd8f17434b3
SHA256 e7a0f34175eb67b67d17e450af88fcdbd8e1582c38be2781430be01fb3a236fa
SHA512 fa1010db278a3f4860a91a6940d184554baf027f535d4371886eefde654a7144e16e8913635df88b89ac7566ef658ef4537b65ab64a7f35c8f561e71328fd17e

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 bb73a7cc331be4db7905acb1d3157d83
SHA1 70cfafe39c538ae3b357f72fa4a36e12f6adfb8b
SHA256 cf4f78da201b98dd0ca0d73cf8f30608f6871aa7aa0b731c276aa80a176ffc6d
SHA512 0fa19879c160d6e41e10accff9dafaeaba7c49109d35e67cbfebb2e5c7915a16ef45d6054586441d03408d7f2f09df398101970a1aefe37d46e0a53fd7fa8fae

/data/data/cl.megamedia.megago/files/PersistedInstallation3728865273559203985tmp

MD5 79e5811b28c3e62444006c5e09d53700
SHA1 17a8db97cf17d3206da6d49d349b83ece23d8915
SHA256 3b31c845385d6ef5a3a261874bd35ce75b271459ff8bfcafec4de01eccb994a2
SHA512 6c73c16a31d5e4005310049163a94d6399664de29cc5b81bd51872d8953935707ddfdb34639620f6a593506a55810a8fc1a25f075a7469d7bc30b34302f19186

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 203d7cd37d34b86471155a2ddffd15e0
SHA1 f1e38758a85a0f0755aa0015860769febcfcc114
SHA256 ad24c7f0c7372a00a7ee13e583de3b9f73e2482c847bc3fec83bcb76f11148ef
SHA512 e8f72192da121052b8f4abbd6fededb6fa156861f91d083de2448be49b15f7f8645e489b55d490fbc9f1e89a439bb893fa84b19edfb39446bd5b4e95eae84660

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913200DB000111524BF7E2B4955F/report

MD5 127a64cb696cee0ae1c819da5efe72ae
SHA1 5bba3c92f001cd779b392f7ff99f1ffd60698b4f
SHA256 cf96fc2aea5799ba32ad7880381b578855a7274be9b17f5ca1e4a89729b2496b
SHA512 dc267e2b400f99e7c4568327bb38d8ed384133e727a104c2550e576e0dc487ba6e822e3d6d5467e9b8c214128f4538dcd9275129617ee8d38480652be9c3da47

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-journal

MD5 d53362704a3ba2ddf5c15f20bc511863
SHA1 c0f75844720aae5f66b49be1b9f9dd8185d5eb13
SHA256 a80f4a039fb84cb900d9d76d5e42cf5a0309e9873af58fd837762eec7dcfac93
SHA512 431a956df6495a0298fa39f65a5ba4936b2dce53cbddb53b29c806408bd3613365ef05f3ab466906648c128c05048222a0a51b0a32cf6a9ab79a3b5fc0888574

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 4287d4cb2f920e64d30dd982c17d9510
SHA1 a93901a0332a34d5e673656bee543e535137f030
SHA256 8f8a7992c09316a3ca8ac3a602ba54ea6b3be12ad5645e5dd60a14db08c84fec
SHA512 72a296935ca46777df01bbe7900f38f684f776c92f0a43c66bdd1d13e7270a038e62838b0e827e00e3e34d57a6e94d4701fc5da1c36e678f782b5a78dee25876

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/com.crashlytics.settings.json

MD5 31f2d0b7fa454c9588b0a9aa6ef36fd9
SHA1 48970cb2d9129891e1dab9e8196a71eb2ee247b3
SHA256 375651e5661281733c86f805dd6a84f8b463d5cf475eb8e6083f3af0521b7e54
SHA512 675710e96e79abc377263660c9819cdb7b72d1a183c8f4b8e4b1679d6ae34dd0b9fc194a6a8269560a03fb9622eae621aa47cb5b767c9cf967d707b3dbab1d48

/data/data/cl.megamedia.megago/files/PersistedInstallation8431346868021890103tmp

MD5 50f14711456bd859ce17ee906f3f2e8d
SHA1 0c868450ff1df3bbfb8558e9ecd95f410568bf1c
SHA256 f19ceeb71f990acffb205934190d8d1994e29db94f393fb590efee0a48c9cd37
SHA512 9362f1e49da9a66c0af911d810b26546da80b49bd965c6b547d67106776e2cdf52ba470fe368dc8860ea0c5d846edd2843ec780d1b4eaa2901358a07aeb50279

/data/data/cl.megamedia.megago/no_backup/androidx.work.workdb-wal

MD5 ca8e284fc3d6cef6968672f98c6113aa
SHA1 ed46452609574bd7842fe697be7f513eacb06bec
SHA256 c883c142446715799a4ff4138149385dc8e9c81f0d3ea3856c3e84982dbaa559
SHA512 96e186003907b5004a7e7b96dfdf2aeb891edea2c0f0fc96544180bcee7200074f41938dff6c3015da2a18f6f1e5580f841efc3964c274828603bf88674272fb

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 19e10f41f34eb5055be983c751218c02
SHA1 d4a258fc960766b368571eddaacc5f4bab860bf0
SHA256 18096959fc57ab7497387a78c588cb9000125f1238df400419567122083faca3
SHA512 078d2400d7d6b23ea0974e8491532214a759c23acfd26e4ddb0f4e1761dbd4c612854fba60191cb0533addfffe8b072ec5c20dc72556363499104806f6cb5d29

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 806e19def8f7359ee582d99bd5de116f
SHA1 5e29e0fdb6b3dc567f739cae2b08756a55db590b
SHA256 b36f4f44d03f6fae0414611b2acd955d17acd1b342746646c21da9bf925aa0d4
SHA512 4a73644d5161d242d1aa35240a559faa5306902e4e71f3c72d1ad825fbc696d9e56ef496e78385a002639d02e5e2de316b58c80c640d6838e369df509be46c31

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 7f5cb72bc5b42d800dcdf995c831fdc5
SHA1 5ee4e48b4dafcf7c7e344156ac19ca4412ca2e93
SHA256 32d9b59f8c979fb4c27ac7094d6fa9e73860d33c78f23c227b7fa701965ba98b
SHA512 45eb674471f9d1abde7a0b3f70c3e98a85b710f86786aec22228f77e2a78cc744f9ef65ccc48dc288e1560163ee5eccab7b873f919213a54249ddff7cee79239

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 59de7b5eca6a436ee77ecab3d76e7dd7
SHA1 0bd643c39dabed8cd543b84824952a7b6e53170b
SHA256 c3108c824cc33eb2d779d63f88b7128a1bf7ef313ca21a12261014eb591ad191
SHA512 d8453700ef0b1eeaf231400e3e413b49a25b6efd307679e3bb1664f30c7d825f68970dbfa7083deef150ea1032033d9faab4681e8e22ff927c1cd6de0b9de185

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 3771394939b9437f8e6d7e482155fd58
SHA1 828356ec5d90184883133c1a1684727a7d9117c7
SHA256 53350defb026d0c1f434a070ab4f15c331c6f9c4632c5a392382647672abb078
SHA512 d895029557f5b65d5c7dd0081219c2d04671bd272aadbbb7cce317e4e9c65cf7a666eebef40591e22cb99f9b6a3bf3b421e661a4421a8c5d5dc4f4be6dad7755

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 2fef70cca61fe2b9a1ec4c172d658f11
SHA1 e55ffb30b74e7728d6fea0a3226e386b3ac0a4a5
SHA256 64c1c81022acb6eacae1d82303b40521a64584f6534de24447f1c38a62c57240
SHA512 e35765eb01e889f5e40ea89399a258ad85546482b792ed630850f6cb8caa392a28a03e6165ad374960401c46dd51d912c75eed4f3a4d25666ff973129fbe9949

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db-journal

MD5 b2d0810cf4052e7e0901bd65aa74c20d
SHA1 3c9fa03a3674221cfc90e2f93d6aee1ad778c356
SHA256 012d5127e4122053ac7ba8ddf322a1d0aaa88871c600f43590a09732709dca54
SHA512 872cc1f552009c692c2e169725f7c6272a3f0de3fe6707c726ff07018edcaf9f0f8ab1d732324ea98ac1b13180e29cb813aaa87fb89672a3268c52d829b6ee54

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 4cd4d21cfbb58e3c094b8c62ec4ac11e
SHA1 c3fd472b834957cdd026ff09ea334fcec63f302d
SHA256 d9eeef5e31ac6fa2f491947505dd1c27e29cf97ee3281ce3e497b12e8ce06dde
SHA512 374be28c8a9033c44a5617f906c68b6aa70d6250e534b08f18c84333b365debaeba42d6507ce3971626173a7885bd581d7bbb99c5bddbde23936ec3d6cfe4f70

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 92f4d0b5e2eccb9651e44e724c0eb002
SHA1 7634a8ea3e308aac648be1e8139434636f83afdd
SHA256 b303aab2094d15cf5d4222a513d2a8a0c492e213653f79454642789731cf5fd0
SHA512 dd65907bb4a442fba116cfb9b9f3caa65cb982d564eda2ec16ea7d3d2301f09fbf0f83b31d636f26c80eea1b98d5c853d2884ea0376c14202289e77c6a932597

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913200DB000111524BF7E2B4955F/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/cl.megamedia.megago/files/.com.google.firebase.crashlytics.files.v2:cl.megamedia.megago/open-sessions/666A913200DB000111524BF7E2B4955F/userlog

MD5 bc8a065113c53df59e39bda63791f9c3
SHA1 880ed16d6881ebf556767b5eab53d217f972af72
SHA256 aa18fc8327eb53b91f303dc8dbc0de34026a495db467e486097ed5434e766cef
SHA512 2dc2c846e9c0ab99976aa4c5e10b43b9ec391aaeebdf9b3b8ab9e26210cce89ecfbf9ccdd0520fb6db5a608418b6885f7dc3be50b741544289a2e6ceebbf2bd0

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 0da78cf27e3faa9c21cb2412cc9550d8
SHA1 5458ddb6c8386a54ddebe0638a7605e3e8b2bb3c
SHA256 7549b7bda9f0640ee96a62d98fbe144d020bb9b5807d274fc0deb8ec64b2af58
SHA512 21f93c7c5abad35114ce1c064d384ca4755afe76bfcc336d1eaaf1271b09da5792d304474271fdb5c506581f3d369f8de7b0b2e05e968b8143892fb0937f3edf

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 222246805d2e02e1b18dac79024da21e
SHA1 11e2b003d8720ddd154b42a7143885622ecc9c55
SHA256 eef2361199b02735e721cfb831748921d73bc17aa640f6dd016d3d62ed5e2d93
SHA512 a5d7040b43c29d395250849793ab02548a11f1fb85a0a621078ef5344a3e88f6318985bb129ec25e4999e91f3c9ca00dcce0a5f7ef3a37703cab19ef3d50232a

/data/data/cl.megamedia.megago/databases/google_app_measurement_local.db

MD5 96c97542c6cd8ffa7d6e17cb7ac302d6
SHA1 bdcf08fe94ebd04e447c69d6f7db6cf4cdd20e7d
SHA256 25af9fd7be8c86d65406720be06afdebf793499c561d913f7c8a9ae5869877a7
SHA512 5030805f0b022da45e6bb2ef792bfd3f2bc2a18ef2e6ef57f540a6c1a20647c3d4da6e5f344962c34407fea063a398a31bd304e4c4de4f8a2e874b0dd41baba6

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/journal

MD5 563abe2293b0fedb54c27d46e08690cd
SHA1 2e14434df9c939790a9f1add9bca0d32b92ee4e5
SHA256 3dbb942de2cdad433d94ef8855a2f376e2fcf2f385ca8762e342d6df67f27619
SHA512 08abd2d4f0cd5700452baf72bd14911a9e39acd1f237ef6829de0e7938159fabcbc1dba05627e20e1738acd4a6215c46301c80e236ae80a8c78535c0dfb964f4

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/bb3e4479426474e9a778b21d7ac05f6754da8ea83e33e2fb010bfa740390bbd6.0.tmp

MD5 4c5f85b4e1609f71bd974a3196570a4c
SHA1 203e562d931a467cc1b0984d32f91d73354203e4
SHA256 eef743e9724b4879828051abe0816a02ac43e70b3622ef9d0162d63bb576090f
SHA512 e71ca4e3c2cd65f7af568e2e608fb10e90abad0f2569d5393c21aef73e40c98dac8ef6c1f68ce455839966d7157bf7ba69fadfbb251af3e3f23bfdbf3fe58454

/data/data/cl.megamedia.megago/cache/image_manager_disk_cache/cde05719c1d78615c9ec390c2fb5230d0540fb5e7b54e11c0ecf25d2d09fde91.0.tmp

MD5 fa5af761be6df6e5bd949bd6cf8428fb
SHA1 03ab06b51f207045f974e22e8905b083c2f7d58d
SHA256 c680df0658747a539f46509872d4b7c7ae596f0e70b8beb80d0c13257d7a726e
SHA512 80a69e62fc8db6fc2be86a92dbeb119b3d5b8d0d18654dbab9556ac5f7a3a7bd9185e08cb327cb513409c5c8b70e8fd409a95c8d410ddb89f012a23262fb947b

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 5d31a549ab849e5ad480f5d2e00b4a03
SHA1 694b835d130f86d9e2993bc9b3222aa5cdb48733
SHA256 f963819408fe35091452e360665af56e752929ed73a7587be717265d59ca9655
SHA512 1ed230babf242dea18509df1602a95c2a4998affb48c8d0e7a7b319bdfcf74b3962681ace3a31c3d1acf30a57b148842069c0ec3709551c7f23e1791af95a84a

/data/data/cl.megamedia.megago/databases/com.google.android.datatransport.events-journal

MD5 5b4bd9b3c1051c0a122f6cf1821eae92
SHA1 5fa49e16f3c4d7ae937659817390f0f0062ad457
SHA256 991650cf978e5d78be52263a5b97031c111d3013acb927d810df308bb736cc58
SHA512 4e7c07a71b527cdda9d4f970c2297b21f57df0a5899c179573fa7f380fd48d7a069981759c9fb1352059277ac56037be122b3b3e501f4671c31e3b6c0afd85c2