Malware Analysis Report

2024-09-09 15:59

Sample ID 240614-2pmbyashlk
Target abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118
SHA256 d81b4b850953be52510e319e641cd1655ed667caa76f62842b1b06a323bc3dab
Tags
collection credential_access discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

d81b4b850953be52510e319e641cd1655ed667caa76f62842b1b06a323bc3dab

Threat Level: Likely malicious

The file abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection credential_access discovery evasion impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Queries information about active data network

Queries the unique device ID (IMEI, MEID, IMSI)

Queries the mobile country code (MCC)

Requests dangerous framework permissions

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation)

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 22:45

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 22:45

Reported

2024-06-14 22:49

Platform

android-x64-20240611.1-en

Max time kernel

16s

Max time network

152s

Command Line

com.redantz.game.zombie

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 N/A N/A
N/A /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex N/A N/A
N/A /data/user/0/com.redantz.game.zombie/cache/1582435991586.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.redantz.game.zombie

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
GB 172.217.169.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 pool.ntp.org udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 config.unityads.unity3d.com udp
US 34.110.229.214:443 config.unityads.unity3d.com tcp
US 1.1.1.1:53 connect.tapjoy.com udp
US 44.221.143.75:443 connect.tapjoy.com tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.78:443 webview.unityads.unity3d.com tcp
US 1.1.1.1:53 rpc.tapjoy.com udp
US 54.157.113.44:443 rpc.tapjoy.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 api.jetrohe.pw udp
IE 34.246.200.160:443 api.jetrohe.pw tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.212.202:443 semanticlocation-pa.googleapis.com tcp
GB 172.217.169.78:443 tcp
GB 142.250.179.226:443 tcp
GB 172.217.169.42:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp
GB 172.217.169.14:443 tcp

Files

/data/data/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

MD5 881ec613b4a7aee9fc4ccab0fac3500c
SHA1 98612188919b3a3778834264e0cf98c8f041d1d5
SHA256 0a397b5d0f04474cbdc02cd8993778706fcffcdf91a9a7cba8dd6e71e2852b1b
SHA512 1154aac87ac8555a48d0d22cbe09ba7a56ec4d3a835ad38c9ad1da52b9e388c04bffeef3dadd3b3b89f684d7ed892d66d6e8adabbe292311b88718bdda2079c5

/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

MD5 09090675f907af2982ab884d5a2d5fc5
SHA1 a61963a69f1f8b3eb4f4732a411c53161dc5bc44
SHA256 9057dca92fb1b7ddd6c7559bb737912099947609005aed33d1f64b1568de518a
SHA512 9b179480d352705080271d3a85546e8a6a6fd30a8914e5affe082d859ba0cab49290b8fc5cc63a69bfd421537fed5229e76c4d0a092b1f66e0854b4c329ad28f

/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex

MD5 bf9e9553b1aaf327bd903e68fa73a327
SHA1 5deccb0f474cb1f72d3a221f2fd501ea00f70dfc
SHA256 c98adff68ea25b3ac46c0a4f04a1cfcf84106114f52409bbba09f1821640ab8c
SHA512 991cd548529f9ae3604c019af31235699802762270212a7239622e6678592e6751bcf506630f81cf214c0d87a8f6f220d304c628e19988f2fb3a4122d81fb26c

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 1dc25e62e1a3973d08f25db5770e0ab1
SHA1 3289d7ace8fbab4e70a33c9687a6548c90216cbd
SHA256 0657f746970ee55c6ece706c71e48d28a0032e7a362568f93a23b95e31088ca3
SHA512 cd452c83197f9792559bca6e1de2997de1fff2358f2da1e39314d4c0542260253d44e171de674b48d6adce41f94dc4a3098962910e82ecd4a354da56de8183e5

/data/data/com.redantz.game.zombie/app_fiverocks/events2

MD5 c3a6858d1713458984bf59483e3424e5
SHA1 1c40cc4abb480ac3fe9c3230d37c7389f171f7da
SHA256 9eec21f60677840c4cb8a1d2364d06064ce16c4c604183ffcad7cdda97ed5bd9
SHA512 26357a6cb98cc95a211f0d78eae8604ef266b8e080f24f956bb5b7e3ba1277ff08e622c81f36c4dd86d8940bef6d0fb70c8b2dfdb6584338a349b4be59694033

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 aefccc60e77c715f8a0d5a45bf48dd4f
SHA1 5ce0c76dc1e6f6cbd71084b5c3bcbba8696c8e1d
SHA256 deb6f75f9008e89ad2f23bc06a40d1829801c62ea507e6b71cb033d835ae911b
SHA512 37ac0a984e26df575a9dd3bce6595dee92c9fa32dcb4689673706f689ca1e4a18ee1ee7b7d5ad87db729c61dd20064db9eb794e4d0d575c91c2400a69e95c94b

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 38cf150c96b3e544238eedfe046d6c80
SHA1 0b799208023e251b83c122e20c2db217880ddd56
SHA256 e1acc3e2211418bcd1e648a9f258a7b5717eab4ccb46c873afeaebd71ad6ef98
SHA512 9356a912cf824ed1fe2cad5ca8d7e7d2bc1fa8e233cb381f3bbbcc898f53f90692064f63b406a9b55b66fd4a8d424740eba6977980e6f50dd7167ace755af8f8

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 ba636a6307176d30091c8216c55c1062
SHA1 6a1f41aa3925c3b08215f23b517c0c7989e80a52
SHA256 9248b9467a5c5e66ff504d8c2212cdff9f807b289b91779d5df169e1ec8928d9
SHA512 13d1da7216e5b543763b5bfa5171afc7f95e9aa92d92d84286383b3e69fad63a9dd0e12c27cb204a9a78165cca599946d1b0e956efcb52546a7aaff957de5bed

/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.redantz.game.zombie/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/com.redantz.game.zombie/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.redantz.game.zombie/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/com.redantz.game.zombie/app_fiverocks/install

MD5 6953baeb3f8f8524772bbad5d8c15684
SHA1 2fcf60422acc4cfa4f73659b525b52c843fadfda
SHA256 8b766649c924b51938de9930e2c446e74bbd41b7e78ecc42d2135fabdb892586
SHA512 9b0eab0c07e6a25b7f12a6d021e229c02dba9e56c9106770e23aac42b12e698c1f6179f34502c53217089d3828932ae36d0551d0208c671c2bac1c95702076b5

/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsWebApp.html

MD5 e9ade451abd22e54d9e775cada5d9dda
SHA1 2b2f315e8aa60587efb51a3b52e86e57763312fe
SHA256 531bbd57154753e5e1b3af8c3aa77b62aaa99aa4ae760dddf2a9940c702494d4
SHA512 0ded12cf4852bfea9e60337182bc7037c63b4a6d9b35d1aa6ae7667606b882d43208ac14f519ee2149a1760ee1b2f8effa12dd0be39facc0807cd2237c077ea7

/storage/emulated/0/Google/google.id

MD5 73f39b3a612463fa98884d58c24cb2cc
SHA1 3096eea6c8e8158ff3c6f9339b9c0680b726f16a
SHA256 9cc4d4b625c1a4ac2d03c1da9f1a88d552ade34eb16c7e093457d6524df7e911
SHA512 c014fdc5bf3d0d2330a9eaa644176df28339c77388c300fa5de5df5940862c1d428892202d24fc666b6b40625219fd0f0578c1e0feb1260d2ae44e2ef99bba94

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 44c4e227f41cc9ff4b60c2c092b39ae1
SHA1 f10ccca8f7f4f6ce7356d2cffc833caeedfcdf7d
SHA256 c6e880ee30e6dd98719072fd1139bfee65919f703ce383d02751f487c3fde6cd
SHA512 9a487168c2db868b8ddda06396f2a7234794a6b2d74d05a2d54b722c6a3c6848ca67e2f62fdbf4281e4ff8f7bbd3cf9d7cd38fc3890d6d074ca2b24a079e4888

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 22:45

Reported

2024-06-14 22:48

Platform

android-x64-arm64-20240611.1-en

Max time network

190s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
GB 142.250.179.234:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
BE 108.177.15.188:5228 tcp
GB 142.250.180.4:443 tcp
GB 216.58.213.14:443 tcp
GB 142.250.187.194:443 tcp
GB 142.250.180.3:443 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 22:45

Reported

2024-06-14 22:48

Platform

android-x86-arm-20240611.1-en

Max time kernel

177s

Max time network

137s

Command Line

com.redantz.game.zombie

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 N/A N/A
N/A /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex N/A N/A
N/A /data/user/0/com.redantz.game.zombie/cache/1582435991586.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.redantz.game.zombie

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 pool.ntp.org udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 1.1.1.1:53 config.unityads.unity3d.com udp
US 34.110.229.214:443 config.unityads.unity3d.com tcp
US 1.1.1.1:53 connect.tapjoy.com udp
US 54.160.71.94:443 connect.tapjoy.com tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.128:443 webview.unityads.unity3d.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 rpc.tapjoy.com udp
US 52.70.132.250:443 rpc.tapjoy.com tcp
US 1.1.1.1:53 api.jetrohe.pw udp
IE 34.246.200.160:443 api.jetrohe.pw tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 ws.tapjoyads.com udp
GB 18.244.155.17:443 ws.tapjoyads.com tcp
US 1.1.1.1:53 placements.tapjoy.com udp
US 52.54.175.95:443 placements.tapjoy.com tcp
US 52.54.175.95:443 placements.tapjoy.com tcp
US 52.54.175.95:443 placements.tapjoy.com tcp
GB 18.244.155.17:443 ws.tapjoyads.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 157.240.221.18:443 graph.facebook.com tcp
US 1.1.1.1:53 content.offerwall.unity3d.com udp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 18.165.227.127:443 content.offerwall.unity3d.com tcp
GB 157.240.221.18:443 graph.facebook.com tcp
US 1.1.1.1:53 o92387.ingest.sentry.io udp
US 34.120.195.249:443 o92387.ingest.sentry.io tcp
US 52.54.175.95:443 placements.tapjoy.com tcp
US 1.1.1.1:53 divmob.com udp
US 152.44.46.164:80 divmob.com tcp

Files

/data/data/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

MD5 881ec613b4a7aee9fc4ccab0fac3500c
SHA1 98612188919b3a3778834264e0cf98c8f041d1d5
SHA256 0a397b5d0f04474cbdc02cd8993778706fcffcdf91a9a7cba8dd6e71e2852b1b
SHA512 1154aac87ac8555a48d0d22cbe09ba7a56ec4d3a835ad38c9ad1da52b9e388c04bffeef3dadd3b3b89f684d7ed892d66d6e8adabbe292311b88718bdda2079c5

/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

MD5 09090675f907af2982ab884d5a2d5fc5
SHA1 a61963a69f1f8b3eb4f4732a411c53161dc5bc44
SHA256 9057dca92fb1b7ddd6c7559bb737912099947609005aed33d1f64b1568de518a
SHA512 9b179480d352705080271d3a85546e8a6a6fd30a8914e5affe082d859ba0cab49290b8fc5cc63a69bfd421537fed5229e76c4d0a092b1f66e0854b4c329ad28f

/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex

MD5 bf9e9553b1aaf327bd903e68fa73a327
SHA1 5deccb0f474cb1f72d3a221f2fd501ea00f70dfc
SHA256 c98adff68ea25b3ac46c0a4f04a1cfcf84106114f52409bbba09f1821640ab8c
SHA512 991cd548529f9ae3604c019af31235699802762270212a7239622e6678592e6751bcf506630f81cf214c0d87a8f6f220d304c628e19988f2fb3a4122d81fb26c

/data/data/com.redantz.game.zombie/app_fiverocks/events2-journal

MD5 c33aab2f12f7a5a46957ec4c671410b8
SHA1 14a58d2af7cbf6a52b35304b10bdf765ff021e3d
SHA256 7921e3df35b83304f73ff65d915d36cb0b53d4792440f8f3815d91b078f13767
SHA512 19ee674a0bab86765fce265ef6439e9b048d95be5412379233beb4fa311302e390d0ae47d7dbc5f7ec40c22822ef90be0b193798f03eadf57ae9f292487ce657

/data/data/com.redantz.game.zombie/app_fiverocks/events2

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.redantz.game.zombie/app_fiverocks/events2-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.redantz.game.zombie/app_fiverocks/events2-wal

MD5 6b0e3ccb4ab8bffb461476c05c535799
SHA1 822e0c3e2402e29730354cabf0730dc954c3a8aa
SHA256 f839b7ce838ea368b143e958ae880f888567cb32f2fa7711b73b6142f1dbb2cb
SHA512 d4984670fa130d82bd4533e38611eef43f1afccda3658016a2e27856d2629818d4f101276feb09d8593bca6cc9d69eeed2ab46e6455b0a6f52a52482363c5937

/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.redantz.game.zombie/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/com.redantz.game.zombie/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/com.redantz.game.zombie/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/storage/emulated/0/Google/google.id

MD5 8e94f7b283b3e5657d8ea4f4fd400705
SHA1 c20cebd057620c7b5defefd1ba943ac43719418f
SHA256 1d77951ce164e0232460b95b1978e73e92bc35e2bf17c9464a7eb0425d1ef699
SHA512 83f0c9d595b3008718b3732dcaf4d323d5b4bec77f2219c82edf6f1f77c983eaa1548146e8984a27406ce13d7852bc82391679a41a4d991096f6172c5e55e419

/data/data/com.redantz.game.zombie/app_fiverocks/install

MD5 df473cddd4d6d68fd69f435b5a7d472a
SHA1 c6bf68b42c1a84e1ed5be74e48948c445258903f
SHA256 3a93a73f983bf1803e0eed17889ac50ce5e3c82752b8d824dcb8967c7c4595d0
SHA512 83c17769e62e59217dcc8cb7cff4a765bbdc93aa58b34c2837572f5998358cf53a19d1bd89113515c98d5d5ec1739b63bac046ecc3ed65ce001238335bee7ae1

/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsWebApp.html

MD5 e9ade451abd22e54d9e775cada5d9dda
SHA1 2b2f315e8aa60587efb51a3b52e86e57763312fe
SHA256 531bbd57154753e5e1b3af8c3aa77b62aaa99aa4ae760dddf2a9940c702494d4
SHA512 0ded12cf4852bfea9e60337182bc7037c63b4a6d9b35d1aa6ae7667606b882d43208ac14f519ee2149a1760ee1b2f8effa12dd0be39facc0807cd2237c077ea7

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72e3484d76ffd0256ab079e173aa17b6bc094528c1656c98e57a4578c449656e

MD5 5937982a5c3eb5dbeee289f28b2ce0dd
SHA1 8352eb673463331cc673f61a116bdec8e6c5da6f
SHA256 b280da88ae423243813a609a714cf1afd38cb2926f81ee8c34b69353441f3412
SHA512 4d5de0252a4266e94ada5d54a0b1f21106e6ced6b1c3556d2e775e060fb064b0aa4f788da73d42ab5dcff369e7120ce59e2b8c5c051c9e09c2974ab3ec636fcf

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/b7836f6048295e919fffb37194701696dbf248def687a7c4dc2852918a7c030a

MD5 5049f59d60199d15103da59a225a7432
SHA1 025eb33c46c3617e652e59d89e0fbc751cba0375
SHA256 1505943aa24e94fb01c2d09b2d5863b74be3392ca987a65fbcc951b9bdac7454
SHA512 04025ce55f9408074d8d19af1e005385ffd52e3538ebf4f6e1b46b781014ba1c7cbd5199131e6823e51d0503ff20b633fddadfb94e7d8adf3c5269dd8af76495

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/e1f9674f49d43c68038e13a9448588c07c8150956636e79427eaa80449f002f3

MD5 c46a4afc01c72523d169a8d41372fb70
SHA1 ed24b99e499811bad855182f5e363288ccadcdc2
SHA256 29742ad431270e06b41ac4bc321b7603ac6aaa32aecf2196effba14aa07e2976
SHA512 9b1165308e4afed0058963a53fb52099e9c235e44f64979bdd741a0d55fa956a33763cbdb2a38432edd6f4c372c7a4cdb915515fd81bc7bb01257b1ac232eaba

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/6bce43f65203077f42b45d0b80f9e1168cb2b4c8d1c563e4c9d69ae8473b83c9

MD5 7395d5aed853676551ada33de073ab7f
SHA1 bf7fc45e83a981bc9514df725145ac1245cc4ed2
SHA256 4fb565c9d0bb9379c355f356a907ddddb352b953a35fd345d7e7996d00d2c141
SHA512 b49d528472e4d9b16dfe5458e99128a2544714c77c0badd232e981da05d7825914b2ac92b5d9b360ba8191c4e0e1ade0af2a0d2f0346ee9828a18c29967cac6f

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/ffb52b85291780d3d22d25da0d2f96427b82b4497fe944ba2902da1e779b1007

MD5 2b205b382cf3df60ede9f9d4532b923e
SHA1 6ecdc72f90b066f51278e36d5adcd17524e0340a
SHA256 bded4e27c96cf731831a123e8cc96ace17cf2ff608a85407b1cba6971bc78dbf
SHA512 33ba92c30e779ef1fb4d746c90b642bd6b7d802f485a44580735af03434d334c37d76116d63c9294d3059ebd535603baa068c3db19df25f7b1b4e740d9afcea8

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/305e92b552f0b149f572e401c5e9b4fb1d1c5bbf57888f31b39e47b04b42e92b

MD5 5de4c723cd74e72aab3768c822b59f6e
SHA1 6bcf0e7641be9d5f6a9a360239ea17180c5c24c4
SHA256 634117884ad6e001da18755836bfb8a3ab8140a00d8e8e8a5ff401fb8fe31a4d
SHA512 f3d074e6fba27f33522f58efbdcc07ab5b01ef3c7f86ad62ed4fb15a25441e8b915f9a5160713c01ed4fba74dafbaf0523f2a172a54e5fd8e8008f3799b426cf

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/a27f8ccdc8168cd94c7600ec4ab3b6d1b78512555a57b9c5b879ee964d89b1f4

MD5 67393e47821fd53c8b37ec482bedef3c
SHA1 6f6196b5f79ed21578f01a097abcc3716d013668
SHA256 5c9092ec37f7c56a545af4e1b63c313bac2384970d4226fc89dfb908d3b6ddfe
SHA512 81a69f3c69b1d9fe4e4942634951670677a5f7d6268cef201587629775e29b62e152b1e1e0433575605398f18f9300f494882db912a4e30d6ec364569f00b763

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281df

MD5 cebd2eac9e5d22dde187020b1456ba55
SHA1 080d9bf7be8dcd1d0be2db35b9f377313e2ca64b
SHA256 d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091
SHA512 3b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432

/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bf

MD5 ef998efc9d10eef6fcd3d5dd8149c84c
SHA1 1c5089ba85c24230fea9b646e7c860354f71a03d
SHA256 a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4
SHA512 d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4

/data/data/com.redantz.game.zombie/cache/oat/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709.cur.prof

MD5 12b4c27e38097b1f8c4c39379a2d022a
SHA1 e0f7481555273657136338e81dfb5b22a4b3be24
SHA256 7e5c70bf57be92e9a6d1d8ddc5f525776c05537e54c10fbea7c9c1e82897fe30
SHA512 5a5418202b5bff200233659a60e9a54780b9057ea930730e3c6ad048dc0049f305906e74624ec722555f9182c414b721c37b6744cde713b0aa3cbac16b74ffde