Malware Analysis Report

2024-09-09 17:39

Sample ID 240614-d6npbsxflq
Target a7dfa923e8eea21b425571287bfdb194_JaffaCakes118
SHA256 35a6d1ed2ae94daef05c47e5643a2b2d465addc7ea7537c2427ec84090385082
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

35a6d1ed2ae94daef05c47e5643a2b2d465addc7ea7537c2427ec84090385082

Threat Level: Likely malicious

The file a7dfa923e8eea21b425571287bfdb194_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Requests dangerous framework permissions

Queries the unique device ID (IMEI, MEID, IMSI)

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 03:37

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 03:37

Reported

2024-06-14 03:40

Platform

android-x64-arm64-20240611.1-en

Max time kernel

177s

Max time network

138s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp
GB 216.58.212.234:443 tcp
GB 216.58.212.234:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.212.196:443 tcp
GB 216.58.212.196:443 tcp

Files

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 512b39bdf70ebf3db98a55d269560a6e
SHA1 135663b7fe49837d737857ba92e1b66d3c149ad4
SHA256 d811ffd4655355b3b794ca28c59d405bd860d10f6dc81dfad1b7111f0387b27a
SHA512 45cd1aa99e35f56c9a9a477b5c8e23d7978fe9db7388dbe3d6b61a964aed8185ea9a4c7942f6b0a37cdf9c72081aa6deb530c6a0fea07017db6f24e229744b73

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 476ea8920261ceffc5bf63f84257ec28
SHA1 b1120ca624b59b7142c50b581891a8c0b9fc612f
SHA256 3da561e6a29a9e878d2f5125bddbb588aa1f216f7f148efec176673d1f266990
SHA512 40b10804e376ee3627d35a0f367a082f66565d26c80a95a9ddf5d9aca9347d3bd4ca6dba285aecf93b45b6a03a6e5bdeee0ca2c769eb62264c9bf48c6bcc52a8

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 0f24d398a412f6e970f30d99075a4fcd
SHA1 0464647ca063a24498c399c8cafb43248988cb17
SHA256 0ab7896aaf75b73a7e451df095fe5ffeb11f8c045d73cb1ed07421bd85d1dd6e
SHA512 186e3072af866dc8946cbb47bf35cd4f60f3845725e50ae47172a6c300cd7eece9b15b7201ca653baffd6bfd19636e4ab4b6e4ff48f02b1e2550e001c28d7f3b

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 b11d3dcbda70dd28b920e05797541951
SHA1 d9aced011c779dfea07dc428545d442b0cbd6c04
SHA256 e3cae772cc4f057167026909a47426bfb72acdf818f391454b80734fb2c61658
SHA512 60756aa8517fd0a5e1515ea41c869c04d3075c95411c660ab15e80bbbfdc0cd72c73d3b3d2dfef229b28567bd1188291a212df4c14f413561e04be7cb7445632

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 08ed4fcc1f2e746c2f1fdfa6b0be966b
SHA1 82f614dc5586db020610958b508ecf3a43570936
SHA256 0e8b787e5a79febaccb27e7bbb09dfcaaf0481635993a703cba1a02247faa9d1
SHA512 3d223ae04f9fac04b11252c12a0ad740b74ad854f15035c6dac02da798a85b09d7cc58f1d53d38324c0617df496b1a5acb11a61c8ae8b6692401e58cc2ca4b7a

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 5d148c2b562a4dece21607f01d38f91d
SHA1 de898254739ca536e872f74fc512e3056a1c6b6e
SHA256 3297ab11d74d2d8766980d82c8cefcd7b388b988d057bb66e99822f2c8d26abd
SHA512 f8d9350a8b6ea817c3a309432647b53034538dcfb2f70a9ea35a37924c6278b2ee224ab15ab3a68a43b182c305f7ce59a365d1b2eae088ed0a7b2a86311fc5fd

/data/user/0/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log

MD5 9f41d186278a9e8b9e36b263c60f39b8
SHA1 4fad8f85af046dbaf1bd412daaaac0a56043a386
SHA256 9af5f320e4f02eed00993a51b5d6c9062a77ba5164d0b7b72336672da1e028e5
SHA512 b3c79212be37d3a165589c18a046fdf4baf9b53b67e15730fb210393f9b48e5f166c015469e7c32ec3f9f684f7d8cf63dab4aa54e5aaef3122ad4ac59e50912b

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 1d9676278844e9cd6ee7505ca70a2e32
SHA1 e6e4d6288a9981e727576b3dac5c8dec05f86d09
SHA256 d51e82939eaf7254c135f10484812d034d442fff051d73325ab1fc98f62d5cc3
SHA512 e5adcb3541efc27e29b3f9912a589798bcfcaaa41cae45cbe6e3d89d9f2780b6b833b848d7fa3c715fedc1669c03fd9174aa5e74580682a738c50e7f9a6eb848

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 33a83a67096d81adfc9eeebdb9b8ab4c
SHA1 941ec71df4b4196b68d2e01969dac7802f216935
SHA256 56541dc54972b652f976f07e82fda2298c29a6de454806a2a943223e5ffd3f82
SHA512 5bd6023ea069144bb0cceb1bb60bf845c81baacc8322545f76d67c06791add70c2a9948623539472ae862e2c43a6e34c29bc818f8616d664fbe13348b8f529f0

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal

MD5 f64acafd428cc756641a4c0819ffca27
SHA1 ab9b6fcbcfcd340ba94716c4abc0f6e7cd6d4c2a
SHA256 0e0defa97fa27b3f97b614e3e9c31b7085ca74ef00f51cfa4e7647f82333a8db
SHA512 eff45daeef12ce0763d50ca4245ace93937b9fd80e0ee9c461726a3cdfa6826f1f4640b00c03a9752844d1a3c1512601d1c77e7dadd8324efac6a1e533b0e0bc

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 a69b5bb6c6a47c2e643c09a61ccda82c
SHA1 d7d20dde94cba2e96afffe41dd805e13a32f6fde
SHA256 c3d8322d5c97634f8778f6f0b2be9b4c397bfa354a320a88ca455de7adce0086
SHA512 3cf1257ad12daad99423f754ea5460222d1ce4f68c012f4e17d128330b9024e4cc741c372ba54116ab9e5e89b2251b733b0ead9becc760fe16c70286ed664fb6

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 02e853a50fd2b49b821e6104ee322436
SHA1 c708e29153472c0719a8cc685da0343a02076b00
SHA256 279d3a43569a9c5ede0985d4f19f3049e3f773d1d7ecb78cea2cc972b018b4b0
SHA512 0756a25e71e7d1bda68b58374d9434fe5710707edd29bb9a391089d4cefae02081fdaa4c6f6c0623d7f746dbfb55936c9ddb41e8a4ac7c60e6ddc655448e7c8e

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun

MD5 76ec20d5fed5607f9d7d3aa69d007c20
SHA1 b7dad06c385714efceaf3676eff6963b93bbe30e
SHA256 6f9a5a54f9c1007fab0aca37b9b29f913fa884fba5f404891be6550b32c296aa
SHA512 5a12fe266af9b49c28fd2b8dc06983983d8dc19a3f7aa90ac682b135ccb7a37db332809f236cebd282a9d35ade622e472c65e90bdc2a183f6c7e8ed6cff95782

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 d3ab5ccef6cccf5795b3251f23f9564e
SHA1 3e215b36a1e70f03b15d1e61ac07f222d890aabc
SHA256 b229de85a00d8952bbde9516f06bf54f8f10bbc881797637c619f2a206483f53
SHA512 b25eb9e936764c3736f93b6e14061dca6f26e4080152a92ed982a182bda24a54f2b3e1f5032b225cd33fc7b641404f0bc08dbeae4f4b1bde1c3c8c3446205b50

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 9f60a6a183289ee8393aee3e31ae5ac0
SHA1 9919c55ddc8e784ee649afba8bedd04d27350523
SHA256 6cfe84629d7f8c9d7cdb223613084d26ce8298222a63c7eeda0cfdc47b05fd97
SHA512 83a345a5658b45bcb5f4b2a8e3c52cb61f332d9b1b38bbcc4625adc6ab9dfdd392a3d12516e66caf273b89ba6c44f777769809cd85cdcc39eb397dde51db2459

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 02eac2135cc5fda59cf0b883bc06beb2
SHA1 f41901918de801ed0299ff6b7fd793daa816aa4c
SHA256 4a3efdd99f05f5fd40e73aacda3c4a3966a48de4977e219bf2ee947bc310799c
SHA512 0dae549302435daa576669c31562b64717f93c8ee698e7bae22476ff895d3cd8a4f70a5a637950e5ce921531a05def91f1e69f16cfb3bbb5b80b00f6f26ab57c

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 32fc8dd8f823ed37df18adb4293b7b0f
SHA1 4489ee91b6d7a35ce944437f50634377308d7ac5
SHA256 ee19e26086444892df1b85cb22d72b74a450415572d2ca5b7b41ef06670875b3
SHA512 753e33674e1879cbe0d1fce239b128b0d22e0ed1cc4531726e71bafe527ff7b78120ce54224760ebfa8ace794e36acf57f5be9d47a54df44b05ea8036204c5a9

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 3dc3bcb60aa0f7d2ec3a37bb72064223
SHA1 b81c8d76b46d319f64daceb8dec087b56930b9d2
SHA256 3394d0601ec7ef08b4f12a70c5b3182c61315f51a129087721f6a59aa25f9275
SHA512 5784070463b516afeccf43cab1bf452118ed783abed7772b3789f51b10fe83d839f54ef00dd918e99647048ea6f2112316a37c38b501afbb6a914bc11db33f8d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 b23def1393624533396d50de2874b974
SHA1 ecc84ded4b081ce425727ec5bb9127e4bf8dd832
SHA256 c616274e0a8096008a73c7def30dacededccb17b868201a0b9151ce334614147
SHA512 e274381d16cbbf79b89c01dec396eb530a81281ca57c26b87ca3f21187b75e84dc452b47da08adc4dd08bdaba4471ac742eba022f8390d2512ae205931c7c45d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 45f60c48ea83726c8dd03551bcbe9479
SHA1 3a6dd4cf5051b5deb171e6d74f3b6de537399e19
SHA256 62be5128bc4d9e8f9568c22aeb9aecdda05d386ba39890a20acae29b58a997a3
SHA512 c67ce32caea2ac5130399adf0994f2f2dcd0261e0d143deefcf5d57cac5afa9415dc376d1b0687e5a5d345b8f0825e19e6d913d9a220f2e8117231f094b1fa51

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 a3f33f4c3ea5eb520c5b7f83adc42036
SHA1 69eca20beb248f102efda4d02fa7e2481ad95a1c
SHA256 68c832856338478a75be77d11afe00ae3c1ea7f804a7a2c5b9e00225ecabe9d1
SHA512 992a26feea8d088914bff1e560ef8f707268552cd36018457d7fb666b06f6e7ff2f01d6538e4dee1b6d9c76dcaf7af7651c6b794c1a4cacf8e57ded70755af3c

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 fad7d87137fa3d71fbe7a7ba14193b40
SHA1 ddc613b9fdd16e233bc48090d7ce5eb3e4ec4909
SHA256 4018e71e4915b1516b77ad68a60179258de59c3a78b1ecfc08dbc288d17ccc5a
SHA512 cd78d260e6157340f5a6f8a255afe586ad049ca7a10eb7e1becfc5236e0af0b2ef88a7403ac1fdc2f8c38101ab1a7b467f653d02ccdca2f73baafadbd006dbc2

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 215eddb48356141f5a2a17ed68e4568c
SHA1 2fb4a10fb04bd466fbe004fb09ec44fa60995387
SHA256 0c6fac3bbea8403171fb207f39b64200d3a35a5721de4cc7e80c3642ce6aaa78
SHA512 e1409db4173533d263a1fd06fafa2ade7915e79bb5f7cf12ec842845e7804c590019029c962574d5ae6e327c4d8786882f31f69be1f8c993fdac5a33649b60c5

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 2fab6b4d165a831ea3ca100085da2b22
SHA1 9f33ec5525070bdc21d39e93bde9dd18dcd776b2
SHA256 a54a46e31ca071f471950058333b666ea2f643d77acff0c901a9dc593b8fe2e2
SHA512 5e624321bd69dfaba6c61da69bd3b02a7676848a42dead31c2e2c4fd3a73d367c74ae648bc9b229591e6040f741e43954b92a4984e38c20c8da136633a625f4d

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 46e2dcbb31501d329dce713eed0a0743
SHA1 cdad956f8906e2d2be0198bdc22b5e091c49e321
SHA256 d6f77b06a200f395b53c1c740afe78e11ea05a0a9cb540f5751922d58d7f33da
SHA512 a7cb8b57d2a22fa5a22af041b57b4bea3c67d4065c258cebf0bcef0994c5d6e70bc0c288f255f7969dca34aa9ec1eb305fee444b647a20d8b1bdbc7e42660614

/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 db8652f387a87ea9557ba45af6da4bf6
SHA1 dbe9f1c1dc2834bd33444719b923bb00a844f694
SHA256 3b9777ffb884bdcfe011fa641b8ad6245682ce6dfe153071011e5f720a330f67
SHA512 c0aaec32212f0dab4d9005e1637bfa6901db99185924c77cdb0fd473e8f7871a8b248ab855660cf1379574509606bb78f05d657eb1438ea3338c5b9807f52c30

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 03:37

Reported

2024-06-14 03:40

Platform

android-x86-arm-20240611.1-en

Max time kernel

178s

Max time network

140s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.74:443 tcp
GB 172.217.169.74:443 tcp

Files

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 d220162c76dd20881ce1a12fd6ffddaa
SHA1 431ed8ff15d2b18ae2ebe010168f585c41622819
SHA256 e80d59eb1b68570202d405c99630cbd96aa241e04bfe30b9b4753f2eac6626be
SHA512 eacef2158a82ac512e867cca07f9ec48f087ab8a83608006593408efdc1ebb9b5af3bd78e2639981eb83bf1d0c3565238dd79f8fca33df77bd5f6a00f77fc544

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 ec23d1a0fe06b47fe1d099dfb9f3d71e
SHA1 683534a38a607b513e0928c7efd273e8245e4cce
SHA256 5b0dbe00070c428734e5ce9824fc7bcaf8463d41b158b3555f61c1c972aab677
SHA512 8cddb92912d1ae15845f3269c065ad001ed8f57b7440cd4be451b5b7db673b2a42c5f8b0aab4947f4bc45e62ddb836c9d8768a9078d1d5786e587d141b486719

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 74c56dabac34141fa0527badd958c114
SHA1 6db89798773f60c66a64419c7ffa0d685aa832c6
SHA256 f1ab245c4c2facd2b25e8c824a71ec1d415a038244678bf5f5ed903d7cc755e0
SHA512 4686188d813a17be7051f898cb4ef39e40d7a56c528523249643b6c60abe01bce94a9bb42659edcde78d508fa4c01a5a95440b63297623f78aeeb438f8a7aad4

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 f9cfdc52e8141f4a3de2ff39ae9ac6f4
SHA1 dbe8afc2255f34e2027c58e12dcf6dae6c104883
SHA256 40834d69594bcceebee21f332f75f7a4b7fdf9358d2318735236643fc3aad351
SHA512 bd3d54886c9e99cfd8e8b43bc973dae07332fd22abcc9254be7dd08ed8c64d5df1a7855f662929263f8e8133f7df15a4f6e226f484a5e647a4373f1caa26e07b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 85096e867ffa556583a87762983866f9
SHA1 8c097f63f6f841d44add4ce57501dce3f9f7fecd
SHA256 9a87a0a5ae3e8c40c91e09ba7588e0fe259d74a4e972d7eab8b534dd5626478b
SHA512 7385717626e960427d77fa589f83e1d77943764f81c2309b6ae4bd7707096ca788ca245411509f374ff42b4e22d5a71014d7a8b15eb81539cc3e13159898c90b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 73f2a1eeb181349ee06ce327b66c0ce5
SHA1 d3dbec48e2a83d62fdd659f5f342a9594576363f
SHA256 42301c1ac74c46ce99a3a8ddb8dd7bb3cf80da9b00e593f4faaca1735ade9348
SHA512 be4dcbed252db672aa658a11e207841316423f40cf596282809b83a6d6bbe84e6b8bdbbe2cab65878618939ae9711124467f32ee6eb74437408e3a008140476f

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-wal

MD5 ea98f41d2d8298e8e6457562f3ce90d2
SHA1 fbee1a400931bb0d9f64e6895a18c26507853629
SHA256 e2cabc35d43890bed44f548eb86948fd8f3cb6a518cc3c734d8b3f4797b4109c
SHA512 341c3a227dacf1e817e4d79ab7a94960dc663e118db047443d24446ca5c5f161d2e6bf47c1994bdddf289d8c86a8b2885d48f5adae1f08fc5e0c77a1d19ce75f

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 aa35d65233f91079f88dbc7ac531fa89
SHA1 f9ac280f06eafc40a0ed0cd1e71dfb109a904e91
SHA256 3a1a62c8e5de8d61d223184ab16249de2226b0db4d81732b2deb17ca60db9609
SHA512 156d561ec0a9fab1edaa42d756b3a846a3cbdea903bb5d26bc8d1d49a6488c0d16dbcc88fb8d8a3381a37c40e55fbdb93020fd86f33b19216e6824a3a17b4790

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 aefc9bfa8e928dec159bd65b2d6c3af6
SHA1 bef2ae955fe976e26e7ce5db8001d0de8495980b
SHA256 2ace823ebb03cbf7e2f89bbbff50d9249befea2348adb9f804f6ebd9ef478517
SHA512 cd46640655d755858865663cfaec0b8c0464c414f5fdc4f6941dc0732979201db022a40207b7999d3b834406c03516f811cc4472acb4015f327ff36396a0562e

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 3ee4809f8dd4ac85d9b53c44150e579e
SHA1 d583ebc5034762e7e6547bbdd80dfef2fcef960f
SHA256 4f6e70b1fe136f5620be9df85d6aacb1c7124db7fff6b37aeaf5896545a75c76
SHA512 bc76fed1ffe258d338207903e33d067c99d27fa8ad28f403bea32d248c6a3417896e6a5302064dbb4a9cad77d2a15c11f0f5398cf158ab38f6def8bb7e647f3b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-shm

MD5 f4ab7464f3521baa1b5c3c69e1def99a
SHA1 c7e8d6fd35caf0e43ccbd0b310312dea98717d95
SHA256 9d4465073fb3ceef38c52a0def720fe80d482b7129d5cbf581d9952930070105
SHA512 6ba8d6d13da164e28bec7d831ab53f23d1f1f4ed6e72101570c12dab6e847cc8be5ebf611a4b7c8199badef9efcaf109eff7caa13893253948dfd0eff0ea1f74

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-wal

MD5 6346366662ec2fb1e473c2ecde0b6280
SHA1 01843364c66726a3e726d3f1b87ec02e91fe878b
SHA256 60743d37a880813f7a13d876d5983571d25abdbbb5eae9973d3c1f36d6f07390
SHA512 b78a1ae876f7bd532a1455b05746839506fc49457b18551dc1c70ebb5f786e5e038756f08d0edf70cf45af13602d0bef7f7d85e59dad2ddbfe911307abe7cd81

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 a61e4dbf7e85dc07b3a6aacf6e9b7b6f
SHA1 af6c3ae7344b8cf45b29d218b72ab2f711d6069a
SHA256 e50f06bd221c9e369459964bb6cf6a864e7b810bd9e1b9d0a1c6af1e4feee518
SHA512 9bcdd6d31154b70e6cc5157861ff5d4aa8605a352affd18fe634c65cd6376b06ed1edfd0da1c6b3ffec987ec1608d306caad86404c160cefa8dac10e4e8c5e32

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 fc17b64e6ad9757d8e59a42ad9c6ac0b
SHA1 faaf11277141f1b19d320d8a9052439c18e68d87
SHA256 5499408792870d45efe435ad3efef13dadd1327bb95861c5939644691fccb60a
SHA512 9ced85970e0b19e1469f66e8f8cac2ef541ef3831e9e15d2620a205551c9b4c2588a5619ebdc15824e34b20a3cdd4a21ed26be8c9a72083d4251c27245b91edc

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 4bc9bdb445489da0f3c905773f6fc7a7
SHA1 b5162e6dfab7a95b4ce84dc10d197aebb9c96871
SHA256 1caa2ef9aedef6863e258c0f2bf32157e612c397a4146d3b7d1ef99a6458b7fb
SHA512 a3f2fda3611a56626bf764cf146c2048383c721b046a3c6113dced5a0f8065973729007eff73675235896ec871104488713903c65cd7743b991a85cc791f2c9b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 a20471f087a84db48e09694e8e0342e5
SHA1 ff5d9ae49379acf7ed4685b6eb52cb4dc86ef2e7
SHA256 189344534423d260f5331a5302f66695dbe81c6478fbfe4115a93aaf7ed882d8
SHA512 b8053bb0ad28486e1b89dbad8481a0d7c6f05f300c435e906c57ff87e63aa62b1552bb872ad03f02b0928ee56383297201da412b8a422926d964d95b5b0df784

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 03:37

Reported

2024-06-14 03:40

Platform

android-x64-20240611.1-en

Max time kernel

178s

Max time network

149s

Command Line

ua.FoodSoul.DonetskSushiTaun

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
US 1.1.1.1:53 arb.grattomania.space udp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
GB 142.250.200.46:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.46:443 tcp

Files

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 08e5a206989a9123443493d1aa2c4046
SHA1 5dc3e112027b62da3b68908cb95b5fa90314084c
SHA256 04d3e03517507cfb8157ca4bf981d743ca020e66925ba8e4d678a75fd1e692a0
SHA512 bcaab38c7b8bb4dc0bafc1353f3f2b53b2b52b0dcdf57dad63a9c2022339ea543736aa8f0ba6098a07c9c18ab1410c7319829b54351530e445282256334c0770

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 61cabcde57aceed0af6314ccb4a6ced0
SHA1 bc5d8203afcdb79f7466c12487fb54933f05ac27
SHA256 416ef82ed0001511941df8f6b25b102d21ae7a097fbb9eb3d67daba7982a6c9a
SHA512 a9e8bb18e9ea567bd07c39bdfbc954f5db11fe6c194c9a2f4f5994339b98118cc0f9180b80d225a13aef3a957fe628321e9754c1f296bed2b87343532bac1b94

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 0677cf0c19ff5feb102106131fc79097
SHA1 8f6c08bc48f4d1fa930cdc656190bee3c6cb2fc8
SHA256 354a4bf28431d17e868ef6f59caee09bf2356c23e6925d8272b8a0f9a47c3427
SHA512 37915d940d612b3d1a21f0a6a75a8b6c228c145b305d8060997151e6f766f7f5344e35e9af33fe2e41a5c90888a3f72d9e8ed9072042838771e96ab267b31d96

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 8f2c5b813ecd9bf1c59e9a5fa80a00a0
SHA1 ce11b3ad5349b560b957c37c928dc00ee1299926
SHA256 ba4cbf23fb6c1d160ea229042a06735c84722543088fc5f6f5250d258c63780f
SHA512 8b81c6061b9a3616a0e4c8d26b3f6a1edb2ed32cb55c9007fa3f4f2383bdd6abcc11f020e2e1b9057bf35f7f0138e85469747e2786b89f4662d1fa6311321c44

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 6c546b5caa55e5e64979c8377d25af17
SHA1 8c117f12874ad8c415f1e28f2c529b4631c46909
SHA256 1c398d1e1e247e0c08f9d7a3f3720ac58c38d869b1a0a48bea00c909d6f7214e
SHA512 14524ca5c5a41bd0ea02271e456085054b69d823b547562987dc14bc180ae7642ea0bec5309d01fbe79014ae95bf5d821e8577a5672a601f9b16c5c57fba47c7

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 845e0b734c03b67898748455d25443fe
SHA1 07b8a28f3a5d51dfa379cf0db6e310e5ffce7e89
SHA256 473b1ecfde1f813a429768654228312036d95e8fd6d01efcc4716f91b12337ee
SHA512 87be2b418953e2e659669f76ea6b8385d7e9873d4dd3d343b2166bbb175028b985c893f0d3c8baaa9b41ec0f135ee669a5a27288f26af485c516effebd33120b

/data/data/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log

MD5 bf6c90708083dce86961d53c6cd19548
SHA1 fb09f4fd228547ab2687316c38d7c1bbb9479498
SHA256 6443d1178ad8459154605a619e207ab12cac614bc75e32e159e6935bf0c98e65
SHA512 66f048d58166a6b60a1312ac326cf5f91c01472bf38fa95be63efc429f482707407764fac403818009dd393ac8918e12cd724f98cf1c69f580f66c1793f19ed5

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal

MD5 eee9c745231d6601ec530e79ab02fb85
SHA1 5d3e58b2311a3c4ce979cb304274911cecc25931
SHA256 a2c8bbf4ff5324e1d1d74cde2a4b041d80f3f43e6596497e64cabbbe977c0312
SHA512 85adc7927f18809f69769117597c9478ab506e534ba7d38648a9970b4ef27c1824986b7c38a9445c4c2440aece2c129d4a282e964d0f714d0ddf3dfccd0a9b30

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db

MD5 19b310cdb20e3bd89352cc66816264d0
SHA1 1514e235ff8b09737189182cd8fccf9a1f31aa92
SHA256 dae7b67a530b3455cbd1d61976ad208cf460f1536fa7acca09f808fdb37e6352
SHA512 b9af2e2dac6acdaebc3fd3dddfcd87a967f2b95de1f1e45688ee49687ba79af28e30276abc6d27dd023e32628015bd1e6cc42096735dbcada2e4d47a44eb69fc

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db

MD5 26412fb317a36303d5eb97f582cd6d55
SHA1 6b00efa81962c90e3c700fc5b27b825333af1a9c
SHA256 603dbb46d9b198bcd63de4b910016a5b42514ad4fdb7a38b85e1db25fa2bb7af
SHA512 fc899835f1bd116834863adcbfa50023e5e73c076f3ec764b2f9c890de458bc65b469748aa713c05743eee006b1d607097d122b41876298125977dd9fb64cdeb

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal

MD5 6e5ab6c6edadc98d2eb83e56aecfdd7d
SHA1 a317f144b653e60bccf03334fb95e80b00d6daa5
SHA256 867942114d3341037928e1912c166f75a4c43ec2b3c4efdbeddaeee9ce111fb6
SHA512 424ac8ff4ce1d55fa5540c88c03b9109ca4c52264383537b3d6996084a44561b4ffb7b85333d6ef5464c375ae18e384142807c306c614be7952153ddb830eddd

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 290e1795d3e4ce93a65cb7a579f5f5bc
SHA1 fd42908795beb7534d1c6aa86d41d9b4922ca46e
SHA256 214ef6101bdf73088cd305faf40d179df7a1becde490dc9b6598c7b9f36e2ee9
SHA512 18e0e37a086665774362255ba4473319fa7a5096d800146cbefbaa5a50fa4f445198fcc0678d7588ab430196df10a7475ecaf31fa6b877dc22d231d45646fc2d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun

MD5 0655f5bbb1139184c5022ef154fa8521
SHA1 b9a793edb5fd7861148342d14abcba9ba1a6e5d8
SHA256 cee949e80114acb0f10a997456c877648917592e9fa687c9df849583ef34c5c1
SHA512 27a0c1f7a13656e0139540b34341839ca2f9ef32a22ee933bf3b7c1d8ab032138f8e9f54b206b6a251b23b86655bbd7fc87081a5ba13743e416e8cdf963fb68d

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 ef7095f62e12d223a0565cdcc1ea3715
SHA1 664f5bd326d2eef974f3a2397bd61ddfdddd2e9b
SHA256 ead1dff11ec954373ff487ce3eb93a4e9e6bc9b2e3e14ae4a7488fc49d575126
SHA512 119d67b4e311c366440f758fd2c082be979f2ad3381223347e82cdd7c86213fa6a97d4f1bd4263f2ba510b5ea9ea0b100079d450d0931e2089a1ce70e9c73526

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 e92035bc522749dc6248bff30ec9aa19
SHA1 f2fc610592b202214f3ad3a7aaf675fd6d7a6bf1
SHA256 8b8e0e6a302aa5dd8e89aefe9f9d9f4c1f24cf816ba61aeeff2986aa9a1f4e08
SHA512 15d4b70b6f81f1b791aae3f93160578efda1df58d559bbeb743569bc0b13d6054b4827246241ee7afd32eccc153bac89fed12b7e10b314a636fc617e3b063153

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 dcd9293ab11b6d13058c81ac43a8778b
SHA1 d55168fef254ca33d5ba95055c0bb051677d9c85
SHA256 32a78d4e4be2decbaab733a47f68cfa9970edc3114c3bd813e3659473971dddb
SHA512 f4e367871fd4c1e5d6df38100569e9c116e40f251175384643210f1c24640769c7c25b1ff37b363871f7236ec419b5a1202a21e70a82ee873d4806db4bf481fe

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 daa78f598498114c160ed4bf25f4f4a7
SHA1 9309eda423268232ccc83d2990a2d356719a5ce9
SHA256 fa22fc89d1d3f63022c926d7a5fd2368766dea249c7837305f2d9388965ce207
SHA512 a54d9c39194739c003d784920c2ca261fa0da0771386483aca947f6b1a7c71fe67b65db15cfa6cf213d6025f8ef1ac2985c8d3fb8dbb1f9f433683fd736976d8

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal

MD5 3a02d6056f4ffc2cee1e05b0b46c4090
SHA1 5637db072d52a3e3afa358f2d07f3b0d2a2217df
SHA256 4a3f0e11ab6821b95e8653dba78b8668e73fe327d28e17a95381f34e899dd26b
SHA512 5304d9b01dd89bfb9a5664aa12e35356d33e7affd5439b0ef448ca20ea7db7e65f2f9ad2faa1e8631b509bb75bf9610eb3ef9020f709b3340c4c34eaa9c240eb

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 8eda402e16670fa31403850da5236274
SHA1 a3dd9595546e17ff29c9ab0ae2cb85e4578d95fa
SHA256 ff91c4db1ebf7831948047665e5e878b1df4e88f0a5e8e3eb70a3fcefa53edad
SHA512 0e40a4399b26358740e2efdeab7b0b6f8cda7da12725ece1d100dd8399b08ff4c8cb4febc72c73bedef0e1ebced70cb875f1ab76fdc1bf61a616f918928bdcc7

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 6f0ed4b53cf9846db4b688466b0dc16c
SHA1 fcfd398a18dc45d90b8af86c391603fe253390b7
SHA256 bfc811a2dfd04d6568d2bb2e5f62328b69f660335287328bb74aa61128b2e525
SHA512 a3bd613c186a478188741cf12e0412f6c3cd1d86ffe684ae8335fa694fa032215819cff23ba2e39bc9e852e648c100e96e5d16151a928a11fd100fcea50cd8a5

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 0c91ea15bf802dd6f5126991cb8df938
SHA1 aa0bf98b1f056b4dfbf6b529cf22b9b4fe2f3c2a
SHA256 135682d2b1b8a29172d250a839d95eb31b501a6c9879d7aad37f5ac46fa28a69
SHA512 bfa93248c1f2ec52d643417b0164f359f7358a54beaafea4cacd92c892fe96dc88553176a810082fea717e650da85b80b4a6b938eba1e882e47e80cf82daae1a

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 6c18f897cc0cbadf21245d45759b768d
SHA1 89fd4d9c6ff1ba42a99f589d5a36d3d0c758ec16
SHA256 88a3702d09ac4c95052695c294d3bcc2d8af0e7071f3e007a840a5534ccdec00
SHA512 1bac9398d962d6db68cdfbfe8faf16674c0f5a68d15332181ad890f45b419d7316084a4e0e70f5e0fd757ea91ff032faffe81f13461b6300298810d3c964d62f

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat

MD5 aa7bd764927ced44d50be4eca81d3d45
SHA1 21a907748c4e1760a182f370ca33521103cefeeb
SHA256 c7b9bf96eea4b03ecf825a3c429484883a025f5faea4ba730d61de8509b9e974
SHA512 ae862321e715f761795b806a290bbb479431f1836bde5c93cb6af7996e0603842fefcb3ae8936a5f31cf38f1f7a68fbaa782e843ed68467b6bdec5c679b44294

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 8d99c53467ee365b0ff359cccfc23c1a
SHA1 194897cb9e7c3e155a63d5a85ba4d4986b30b3ec
SHA256 425748d52093ed213699b60749994fac5db0f838b6a0f4f598bee1d622d3c9dd
SHA512 edb80e7d683f63f1d63cd7382658eeab2604615a4d9e4e299b24d8c8e0da89379362d985cebf05b2375526bf9e3779cc4d0364c912287c793c36a82818ebf662

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 993860a7cb6b3414ab67f6e3e7ebbe92
SHA1 f56d7ecfaec840d6b3d11016e54b01764d3dbaee
SHA256 bd3a4b097315054c5dc2a32bc7987948f3dfe6a219bfc8a3c412f707e2d51015
SHA512 a8da514a491db320cc691450fe9007edadabc6bcf304d03c7335b55ec2d693d42fd26559efc3866431c38d4c6705a12cc2c833281fa08017e5c798b9fe2f540b

/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 4ba7676781dd9f68d0e5ef52205ef41f
SHA1 271615e5d055a8572f45c0fef3b7bb8d0e78b594
SHA256 a9947c8fb55e15e2e1ba05a2095569f9f2b1943502c17c01244fe48e1affd60d
SHA512 d0a17d002f8661dd838aadfebafcc19eef8c30831a09fdfae1e53f99c6142477117936c193f85b63946cfbbbe3d0c777769804c3fb7bf4beb929dcd6590840f1