Malware Analysis Report

2024-09-09 17:38

Sample ID 240614-jxyqts1fnh
Target a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118
SHA256 6fb05ee43a3fd51223722d847854ed9219593cf9c1490e90a733ce48ad0d29ee
Tags
discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

6fb05ee43a3fd51223722d847854ed9219593cf9c1490e90a733ce48ad0d29ee

Threat Level: Likely malicious

The file a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Requests dangerous framework permissions

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Queries information about active data network

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 08:03

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 08:03

Reported

2024-06-14 08:06

Platform

android-x64-arm64-20240611.1-en

Max time kernel

178s

Max time network

132s

Command Line

sistemavitto.viplanches

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

sistemavitto.viplanches

sistemavitto.viplanches:Metrica

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.16.234:443 tcp
GB 172.217.16.234:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.213.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 172.67.140.65:443 api.oradaph.pw tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp

Files

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 6fc1b3e2b4c802aa51efe698b198c429
SHA1 9f400beaaea535ddda2edd9d6a938455f26fb4b0
SHA256 585e60131f4ed853c6e75ef832bef150961b12c32525a5822f5813607dcf90ed
SHA512 ded87f23ef838ad98c6af1676bbe3b68e9a0a53018b041671b31f19c166bcaba569680a8e0fe712a4ffe6f7d4eb8d7a17fd9abe26b4deec57589c19a02c061bc

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 09932e97a92832a7fc9714deefa59214
SHA1 5518505e61a100ecf22a6e545d5ee1095a74fe52
SHA256 13385f97680fe65eb4f3393c7b4ede8be07e0bdf51e5f0b3ce0cfb7bb55ce4b7
SHA512 756ce2aa8f0d60d36ac85cd6dd1651d812490d3a3c103c7afba33ef760207c45e7b479c3ed50c7b13e90623aa4e5aea221e299ab9e3b68aaf2fe1facb91281fd

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 3ac603af63f49f430570371bfb0f6a32
SHA1 e38076c8858a55fd6dfbdf526d5427aa78e7fbc9
SHA256 38588b9fcc1858ea0dfd37723c235370b3d886d1ded071c1cd16b8e9181dedab
SHA512 1508fa2cfedeaf53410e7bf0ae15319cbe8e3053a848834929f9b4d412f73129783dfe097cc72aded28d61ad772907277ac2f92878dc25895819bed078886277

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 72e39a7e43956b232109036682fe7f81
SHA1 0fb92a285b65a3a2c23b3501346fc4bfa4436f7c
SHA256 c3a89628f7a1c41f65c2027897c930a9f9bfbbee7016cb3da13741cf39a232c7
SHA512 2b47f21d995e993192c933b5249af2363a2bd3ad18b1dd69650efc077874ab22804eabc831771c77ae051da7f59944122d325258939b97c14cf0b4341f9f8782

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 b908e461636f394492fc141013219a0e
SHA1 1f349fb66838190a716397a45f1c7bd5940ceca5
SHA256 7127a0dee97b2ba1d1897097b6fc6dc9b2d7157406ba05c97b660c1d59e38fa6
SHA512 762b5167395e76bc7cee3b714f1cc8e3cf2c1e3ca87c1dde19e8a5b080706c492b717a89c777cae6e6655c016c9e93e1ecaaadad69fe396522e9eb25101fdf66

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 e5639b469346d3d19c79ae3bdc2f4a9a
SHA1 b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256 cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512 273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 be2949790846c35e179ec0fd26377f3a
SHA1 ef0a6aee559f1a650e8ac3eaf6e26a5f367d8bb5
SHA256 980cdf610490196c96cc47ff2cb7d50209b8a2c4060b13d46fb78fafba444120
SHA512 05251aa90f5c59f3b645fe317d3db1ed2ddf6a27ecddb8eadae447eefa74695876f813256c1accaec0c6d8f57887a70af44216baea446eac82cc5db37e76171d

/data/user/0/sistemavitto.viplanches/files/ZPkFS.log

MD5 d01115ab3b3ab6cd76adfbc07994cd9a
SHA1 2e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256 477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512 bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 042a8e94dd75df6defeee5abc02a6d21
SHA1 1b323538aec88049fb712c4f4211d9a3237413d1
SHA256 66d251a0500925c7f105da4d2c7c416a8d568f8a82fd047087b56f02ea529bc4
SHA512 4a5585ceb6407b9aa4e04a14625965fe5474e0ff454665d6c7d519cc3da851891e065d8c3d384b4734b4979e4841c9f7be6cab8bbbedde8d2153c651f615ad97

/data/user/0/sistemavitto.viplanches/no_backup/metrica_data.db

MD5 a8dd01f66f16769ccb88e8aa25811ebb
SHA1 5ae8f51d6c1e500c0226faf7e5830770acee5a9d
SHA256 cae7b7b6462b1c90abe4f064d4ed7125df737801ef17c60fc1bbb0d72b075d21
SHA512 704f812ff264f287ec2b26975b616cd86f02bf8b9a8412cc99d9178b86f4a24c85ba1469f1335629a68528bb998ba7b4568b1211c3d5047a4a5ee87691958577

/data/user/0/sistemavitto.viplanches/no_backup/metrica_data.db-journal

MD5 ddab54d4d715177cc7c874d2b4b75a61
SHA1 c266ac9ce8a66d60c821fb04663999076bf272ff
SHA256 f47a8f8361c1cddd055d4167f3e94a1a7b045589f0018e6fb3110495c6b77759
SHA512 32637caa47a24236980fe9578ce471da28ed221825aa08b1d757ffd89653a45f6308455a0cddcfc71af3de80587b49c91457b02c6a2683ca6057434739f928fc

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 07b2410b5217f01d537c5bbeb4708b67
SHA1 56860c9ab5b5994f1b77ee107d6b40769f8cbac9
SHA256 f26c997de5a03097391478486b1414232192bb83570559931795c9e39be8ec94
SHA512 f4fdefff16af3388981f4618cc11522b9fba3cc1961893d912947af74b38901627c7186c71a32af4c99be12d359c318dad479b085a1c08b485057a039399969a

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches

MD5 1083e021f6e25f1a3f56ab4240fc4c75
SHA1 20866d53dd3841aae2515bc67c4fe83b1159212d
SHA256 d1f2db52902dbad128d8cded866ca6b38b9f16a659bb697628be50a563e0f2dd
SHA512 dcaf3fd5c678ebc24912d40edb847e0249f346329c838e678c2e7281094b5dd6e8c62b4ccecac1bbeecc1d51b51ee12d3c229c22608252bea465da28d5f34a8b

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 405041672fadbfe8b70e77637de54f5f
SHA1 5b70569ec2db2fa474ac05f1b83b60a9a6a0701a
SHA256 a9f0889491fe7b9ed7bf55c2ee2e334c04b43f24240610b977d6baa4bf8bf43c
SHA512 8a825def0b9fcb60128b203fd2a6c60bf33aae5113240aed742c496463e43482ce5332bed45b6355000b52abf360fa66f1e2b7a3d871e8f31b470495793c1742

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 d832731849c8414867b237d778c8e2c6
SHA1 48bacc697842214696a0108bc8e1958e4cbcab1e
SHA256 6426aa66c980ad4229d37b8ba992d37733812bf7b8180ada966763bf6809967f
SHA512 af2fb52c4b53d2e235f6d9ab79dade70277e581f75ef75736f5825ae509d00b8c75b6797bc5e5adbe620b4bf59e9a98f1a6d8f81e57f570de23a075cc8e7fab4

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 61efd66ceec60064fda01f780193c101
SHA1 3e7afe0ccc5d46a02c9e1d2878ba30c577d8706a
SHA256 de2077d4417f8b81644011882013f8fa3a30d26f948146d385e633bdf8c07ffc
SHA512 75b60e1a41d9046594c54d7331cd09360687ee7ceb8ae315b2298a0b706c1944067ee8b4fb3657da5bbbbfd3e919f8c5fc011d20e06b1f071222d91e2c18762d

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 0dfa88868a2c5b6b939cae924767ad3c
SHA1 89eb7b7887dd2e1c644b509e9970e455b7e2192a
SHA256 bcb9f91c460c0c24ca341f011f88aad4e2c0f3712da5d1edb73646bde44803ea
SHA512 cd9de412101da02ef55afc0e0ded270775a8e0cc35fd76285b103d116580ffa92cab69a4f4d928407e94afd9def13fcdc755f922fe59f13b9bf4ef3eaaed70de

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 b77383fc7b893dd62e3a341ba56ca018
SHA1 cccb0c33c68e98b4afb566ad64bc7b3455f07db4
SHA256 8be63bf2097a224156bfff7dd871cdd8a78b96cec26f762c5bc0d9faa00a43e7
SHA512 2456928f5882dcbf3cb1381dc90a71f02ae75b0c9284975bc94a71e2c498216845636d90b5e804085161d2bbb8c1fd55841d9e581e88b5a84ad24d7e460d5dca

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 f25a55d334b53b60c74abbe2358ad616
SHA1 1b4fddc4c0727f93c89bafa2817082b5df975ecf
SHA256 0ec12f73a6cd8756408d2abf033652c6e4b87511c5ee97471153810b3eb394a5
SHA512 aa8c8c4d100934d4011e04d94e5aba9abb2ad930deb58ff1c5a48ae506aa12150e8a9002218b95f317f6a92720c710bd531014bbdb628c9fec6b623d732449bd

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 0a6d13eebd1d2e97e483a0cf79ae82c3
SHA1 b6091a9b40314d9b7ee4e129b6c59affa335d58c
SHA256 dfe5bf428d0b948a7eff101909e2800d998cfb884cbeea823e2ea4a77753dfe6
SHA512 589e9866faa645d8fe810d7c621649aa1115b72286f471e6b470c3d4686be4861adf8909af2dd67c0dd01d646f75473999da5c4fbc7a9b14ea002360a732680d

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 32f9eab580d2ab7b6234db880514bc31
SHA1 bf70010563db51451ee7aff76232a5c31fe80e06
SHA256 738ea2b73230029fde85bb8e2d8a6cf024be8be5b8ac87ff1f97ccf6f8e052e7
SHA512 cb9fe7bfc8aa391a09429728bb6ec3907667cd98d1fab961feb68d3049bc713c5f2203f6c722abbc40457b65a15b6c75d02204b662797326bbbf815d881e54bb

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 c07d96e76a64b67376a3b01df692e9fd
SHA1 24652f4f32d0456ca3583190a650e1bddf319b20
SHA256 2eedc02e33db768751fd886861255640da7ed314302cafc9780937416c37cbe6
SHA512 0bfcc591f0a91ad338b6ec51d0d15c1c86b2081684569a5482375bdde3643b67f7f0bd808210f8eb8b566592fc709a91606abd1af5e64534dc97c3a16dab82db

/data/user/0/sistemavitto.viplanches/no_backup/credentials.dat

MD5 41d4045b97e5ece2c50618ed49f14ccf
SHA1 7ea3145c76eb53c6fd97debdf9825f526bbc98e1
SHA256 29fab544a47d44c8f9899ae46a298bcd9b096ef50dc1bc50cafa5e6bb106d876
SHA512 edcbd2fc1d0aa64d9807d517b7ab8a1482ab0823b3a4e168269c2d0b93dd195d7c17961b192c27e993ca3ffff19e957a21b790072ef196080687343cb77985a8

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 f126a81ed1687320f38c9f0bd81d8b57
SHA1 ddaf5cc3a85ef7c4b91f8ed40311015a2a19cdc3
SHA256 4bcf257644ff605382459d514a86d86747d98187e788e3a32a6015e132696ec6
SHA512 59788cc9f4364152d60bb517bb45c0e679c973405e87995e1f0932b55786206c36fc7621796dd4cf356a05268fab05ba13e7932e8ad9f7d1dd6fe2ca751d37fe

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 534edda538e4e6d3337ea08e8615363f
SHA1 dbf4e12cc680b44b832c45072fc2984733f6eb7d
SHA256 62ee13f82c1b02b875bbbe176155798cab2f5c68334f41372c29853df5b65c43
SHA512 7196f38257b26a9d68565d23589c896c1297454e4f0372932a7b7d951297c3216b2651f3106b7b9b9bc081d8855ec0bcc61ed04507e898a687f3ccce6a93c3da

/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 4553b02201a91373ba2cfebb3fb289de
SHA1 1489db324b0a067f558d3b7d19d46a65a51a4593
SHA256 1c3f02a3cc4b93f84b78034f56fb31d1ff0c05e586b5264d15b8ec67ad6074b6
SHA512 77d80b30f7209ed94ff8653c6ae87f398cb5181a8ea4a3116cf4061da341ccf99d11fe560b2404b86c52077d5454f153c5bd64058cc98a05296c9c81b085cf0c

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 08:03

Reported

2024-06-14 08:06

Platform

android-x86-arm-20240611.1-en

Max time kernel

178s

Max time network

138s

Command Line

sistemavitto.viplanches

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

sistemavitto.viplanches

sistemavitto.viplanches:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.birbira.xyz udp
US 104.21.17.160:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp

Files

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 e5bc68a16130af7cc875c8a1ecb191bb
SHA1 83f94e6e818d782cbf38f0e0e9d19e10e29ffcf6
SHA256 7165156dbcea792680c11d20c8515b8ab164711da4933da31d6b3c005295fbd8
SHA512 81d33fc45fa178b42a0918cdabfc43f4471fa1f1b78bd92f051f7c3eed6cafd195853cb1da622740140c6825acb22705b4990a04833ca7a1ae4b3d072396cc22

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 e584629e56fc04269b233ebab62f08b2
SHA1 600df18408f5fc7026c3b6c6e0f89f6953182adb
SHA256 7ca02700afa5b6e396a4f425f983758422e6b681c2ed08612f2ee7558058d393
SHA512 1c414ca76ded9084c8f2089b2fad89019a78a7c9edbd5689a5555e1c5d25ea4dff208f284e9e864b7c00ecbbea8c06cf262d27018c9189ea66b6aa2bf5662fad

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal

MD5 b7a027716808e9da02ab74f263e4b00a
SHA1 26814d70b660953bbacaf70ce2657747aabfe57a
SHA256 998190ef115ffa9d432dbc25838f5edc901c2f1ef8c33d11198c97f64474bbb2
SHA512 28e2194fbb9d6debe5ca48085295d2c6d29bddf4b227833645a828d1c28b132ce11ced596e737a91076b7899071fb5fd2d5ab030eb1136cca947c74344ec2f32

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal

MD5 c62ab25d6c7277bea2bf52e8e7a4ea68
SHA1 86ffbab146464e0a7d153d3c313a6dc13c314bdb
SHA256 3cceb666ee1c34a2e77a63f65c5c37224a36ef80fb77f037c6f8306691e4edc5
SHA512 1c1fbb80b8d312d0da4267054774e7fccc6c46d399dcdf5d70dbd368543142460fe064b5db151a83f43cc84ac06708d1eac19adedb6e4c5a848a1b2667ba6783

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 44def4f6e42c3ec63f229d23af8c804a
SHA1 f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256 882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512 a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal

MD5 2a0c4a280b2918d1779c2b49568c0bb4
SHA1 0c030e8b858fc648416c8c0cb8087ce8ee34c406
SHA256 25799f893c1ed79eecaa43411a0c3dc1ffb8b0672f24ce3abe02946fc68c640a
SHA512 d38bce06c3c1b2826db1265caac16998967cb2e4a324212a946a4015346c207db61595d50e90ad8f4c4e30db14063a4a549fed523946d76f9f13760c372c27ae

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 5501ae956d55c8c6625a0960a6a0932e
SHA1 6a38125a3cabf043abe4d5ff39105a3d7adb164e
SHA256 e2c99c552eea77cf8b6cb9d11fcfd2361d6acdb4905f1dac9e91a9a141643553
SHA512 6f3d063e182b69346641de96bbabe0b29b3b267c70a0685bd7f902d40bf642770b3e4d533a7f518a16e1cc76bcdb42066383276a4f841642369fe9a26db06a95

/data/data/sistemavitto.viplanches/no_backup/metrica_data.db

MD5 162d40cd37e1e20339f1f6ce04f9488a
SHA1 e450a1dd470a59031e25aae650ebab54e93ae820
SHA256 71c003451d92e6360ce376781722867b5274050ac0a6a87e5257a366e3cf13e4
SHA512 6355f923bd28839b664dd9be7f1e7b5c5cbe94a5cd9a0cc92ba8b63c1942be6ce58505a31f81f289a9773c58b5e3ad33d093afc126a25273b79f6b1eb843a602

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 6b4d5dfd8646ad6e9518328e0ba88a7b
SHA1 33998f92ee7cf525c424e7a8cfe4bea0eaeb5024
SHA256 708c692c9e539f3d276d54a6000950a16b10bf20e12b556f2d731369fb17bceb
SHA512 d903713bdcd978f022c8220b13690849230c141ee611126858a232b30d433b9dcbcdcd046bdc990e66046c84b5f2b8f3fe852118c6c0e6b7f0f133ad19fcc948

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 ce8b5f3e23fc6ff3936ed597629cbf23
SHA1 1eabe526cd799335b13efd4c479e1c89096b058e
SHA256 93fd932d02733c430bda3afd711ef9ab180f187af6a3d4a2344151a6e0c1041f
SHA512 c53116ec45534adea60f25d53189d1fe3e1f292cd1e6cbeaf263c08eaa95083bf3faa27a109c39d7929e06e07c917195d8cbb9adeccb6fdb235d3ecded8a9f60

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches

MD5 b26b0f94b3d5a76f521ab4c299332e93
SHA1 275ed2c56f682db97d9d159e81d6b8ab87607dd1
SHA256 7aa14233d18fb4b5c3c731d6a219256e0634c4d615d565c7ebaa1714f035563f
SHA512 906735b13c753e6cc24cfd7f45cc54dc91fafc1551882fb8da8c8b99c76f0af6239946c8e56d8d19af6072762f3c0ea627c12b14f132ec44b35aa0ce4f288a6a

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-shm

MD5 180d0d08ee93ff0bb6ee0023cde79b88
SHA1 30dffa52f5c00e370ddd22af6e3a73119b94de4c
SHA256 8cf87ef1a597813a56afe10103e65a0089082c488fd39b74c9fad6a689bc05c0
SHA512 f2fdaa993b76178bb429c7f05ff21de03856033eff1cdd5266e4f69322f4cf8631fc7c25001ea72cca5e231ced2d01387c0b38fde57296876d1846dea887588a

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-wal

MD5 211d1b171a759e4e2ca91164d960c844
SHA1 ff24b78cb18addd3c42a8efe63a5f91324fc330f
SHA256 6dd3d33c8316bcefe7da084b36e2da7d28644920b5bc1ec8b7f6f7f73967cb21
SHA512 81b88f5da140c940090605f73a9ee2909d857bad89e1838d399592c94c33d3829cbe975e7c72651778f5dd29cc4dd1741cfe4fc89efdf33d439af7564ae63d59

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 da35494e7528ef18714adfae644686d1
SHA1 58e2f43752848314c1450158caf46d44e473497e
SHA256 331989f810a8cf8efb19d92042b604fffd968aee17d5635f4db56bcfadf276a7
SHA512 37f9b962f4af67dd94e5dce9a0210be0917e822bdce76ffcb893e423aed939667542e0eba2c19c15e9b8e99645301ad381739d02dd305f232668a4f043de14f2

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 00b4b8716d5656ca2a1ad7fe3eee98b8
SHA1 3dbb913fb318eb4fe6a3d8e58c7a095671badf6c
SHA256 1b20c436af3fc7a8a0258fed953949ec91214ba45024812fcf76e51d8dd215b1
SHA512 c9442fb4b70fd181cb75989a3e6983a0c3f4e7f5698f5be07dcb72f6ef08eec7c58df7034544a502d8f2854062c413718d8347eac90680fb399ccf0a02239dc2

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-wal

MD5 55ec8a0d4526527019319885404217bd
SHA1 f9ec65539535c960fe67dd080f18efc11f4287a1
SHA256 8147c1934224b5ce271c5a3d3260a6448fc95e49ac024fe21d24f51dfa981da8
SHA512 39dabfe97f2e8e9f4871d8e234d16b70699a06ae18641f02b2ba95eb66b335191237063c2bf8e3d3af6100d168a4fc17573ac37541c3eb6b23c50facb569d68e

/data/data/sistemavitto.viplanches/no_backup/credentials.dat

MD5 af62031d868e74bc15c8b78adb57f0dd
SHA1 5cc34bd675b75e70f5ae87200e740857f64d9e16
SHA256 50415cc63dfb624501bdf3f236953fd1b77ee48bae9ac8110ace607aaa3452ae
SHA512 89355e7a698c6cdea71c574353b917b6335e087e3ef140d3e6390d862f8cfc8b39b69b63088d4ffceacc30e79d3b53150c1362a3bb16f0b11c6a90f27b23214a

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 08:03

Reported

2024-06-14 08:06

Platform

android-x64-20240611.1-en

Max time kernel

178s

Max time network

147s

Command Line

sistemavitto.viplanches

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

sistemavitto.viplanches

sistemavitto.viplanches:Metrica

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 api.birbira.xyz udp
US 172.67.177.167:443 api.birbira.xyz tcp
US 1.1.1.1:53 startup.mobile.yandex.net udp
RU 213.180.204.244:443 startup.mobile.yandex.net tcp
US 1.1.1.1:53 api.tridrongo.info udp
US 104.21.66.157:443 api.tridrongo.info tcp
US 1.1.1.1:53 api.oradaph.pw udp
US 104.21.8.212:443 api.oradaph.pw tcp
US 1.1.1.1:53 report.appmetrica.yandex.net udp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
RU 213.180.193.226:443 report.appmetrica.yandex.net tcp
US 1.1.1.1:53 arb.grattomania.space udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.200.14:443 tcp
GB 172.217.169.66:443 tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 216.58.204.78:443 tcp

Files

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 27eb2b9873915ae10d83a4f09605768f
SHA1 d7b87e21f50c43b7dc7a739e9ec8ce3dcad9de60
SHA256 edf21b527b160f456ec482ee1fac9652ae098390fb820279fb380cf79056e114
SHA512 4670ba10ad19d286bf184f245318038af7ae75c7cc28b5ab0ce0380228c394a889e10cad6ac1a73c554875c7e551362e24c6a0ed5fbaef9e7da757f641e65440

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 4938be400000da887e1210b475d0cb70
SHA1 4feca1cf26235584febbe144ec8cb5c318b98cda
SHA256 253c1fbbd3708cf40173123e5b67308eccb54b2a175f45bfd3cb60dfbb3dc14a
SHA512 f406e19d407af245f57cf094c6c230a5c9e6bd96d10144d69ea6aa2d1249c20cad4b54b29b9e50e48e561281d684856c9afe5151f69dd4b386dbd98bfe6d35c9

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 6ec280f8db4e33212c727c2e98790d9a
SHA1 8abd31f0778c52fefdc2f015fc99c10cb6338f15
SHA256 b2232155b62c54c7317cca304e3c1862a4e9293d563796737489be1f0ee54722
SHA512 d739e448c96bffcebad8160919b30db3f94abf4cdc1521286c4c268f3095c94ddb3fa4852992bc6d43419425947886e31955a45c83ce0e225cb764b9bff72ce9

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 6665332833cb70035a05e251366b749f
SHA1 09685cc008383e92256998b91a33e596e43f4135
SHA256 c0e3236ef13336ecb305a49277ec02ed68e492c603d947f87e6535e3f05453a5
SHA512 696c41683d7e6aea453c31c8aa6e62b05d35d741c9c3a2ace2ab87fefb52e3bde8f912ab06604754d9dd3827f66665501789e1462ded5a38656581cd7746a7f7

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 7f6d3684ca33ec41e8651f8adb15d86f
SHA1 444f8bd18ba88fd050fee5cf8ae29a66ef4a1eba
SHA256 c848c92a93d50a952d084ace37d3cb261d4f45fd8d413b8482f9b30f215f420d
SHA512 b959ca400523e181744cc15b336264d2891faad60da6815ed34c610071636b9add4fec29af2b510e9f44b1d05faaaf88090d3cb27d3f02a48c0122f2f7de68e4

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 484df068dc370197c0e37af4f433f772
SHA1 5d071329bf5182e60b2d268adca542901d492001
SHA256 3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0
SHA512 587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal

MD5 abae94ac1954e63b5c94f175ca713477
SHA1 f12e87feb74d47be34fec8f4ca513a04c4d3ea3e
SHA256 df3fbbbf3659636233474ab1edd840c6dce2bae33ec7d399534fe6c0d04c56a4
SHA512 e0106be69f404945316b57c395145b43d5b2fb57d94d8b8f6cae0f3ff35fd5a92563d89dd1c27c4c643a83db29f26084f091cb6fa75b9904af01f0ef1bf13984

/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db

MD5 ea9c2dc01d788f2ed7ad6a455e32335a
SHA1 3da6ee06226734e9a402c3ef2b542af3b509b6af
SHA256 ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7
SHA512 5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

/data/data/sistemavitto.viplanches/files/ZPkFS.log

MD5 70ecafa49f7c45bc2b18a6fdcd4d152d
SHA1 9a6ec9b1889145ebdb08d35797c755e001e6edac
SHA256 a833448fa2a55a054c6a09ad591760a543ae65671d69fa50cd95ea9093ee1d3e
SHA512 b314eac4bcaa32ea2e54bc2c295a24dc9f980223aa5e56e5224ef53e500322339de1db2bf46ebba1c56c3d365d12c472fed9fd8c8d0440ffa5febdc6a06571c8

/data/data/sistemavitto.viplanches/no_backup/metrica_data.db

MD5 a8a9f9d3c516875ad9ac4f7c13ec8283
SHA1 704fd7ac4f535b7929a1f43da1e30f99a0f9413a
SHA256 a33ce07fa8c5bbd0ab0618f5f5d89d32745ed02f6f36374f9bb8e8ce11bfea61
SHA512 810df6c0339c374b1a1acf459aa559d29a18f3db448667ed5ff5b78244d75819b8d6bc0955e075dea9770c484a2198f70bff62b4acc0675f692863d43f14bef5

/data/data/sistemavitto.viplanches/no_backup/metrica_data.db-journal

MD5 bd3ae77762bcd9f6a036a8c343a293f1
SHA1 f41200cc2cb8e35aeadede96fe875cf6a381f3c2
SHA256 eb54cbe5c4d3af50160e55a7ed3d131a3884c06b9cf9f454790b5f9f92c384b4
SHA512 15d4fc1ec1b226d198c6d4f40764d604826d606502b65c9bfb9960c414e30ff437f2b6020e994035ecf7d26cab8c6fad98048170bc3ac7b7d1b197ad5b34bb83

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 79a9293795a6f04e8486e1cd8b2e6d65
SHA1 e0327ff46b9f5538d6e1d89bd54aaf8c5e1dbc23
SHA256 e93184f9ffd6d5580d41322e5247a0212db241ac5f3daf4fe74353dad681f534
SHA512 200af2ab98c4f66c052f722577b5b82dd933778a60fe086521d70b54003cdeae8a7630e870059c9e151b2dc2f2beabb3d6707a7c8ed83778c22ac27424d497c9

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches

MD5 db7923b72ebb238dcbcf64cc90ef2aa3
SHA1 731ab9e8d8197f9ae7c5fbc2ac1980b98f35bb7e
SHA256 0e1846e583241abd4502b328acd07bf4ded6af8804a22ba0c12bc7fec0bc6ce6
SHA512 b58a266921bfd558fa6ccd702f3c2e612eb10ce1bdf2939b53b389a430d3aeaa83dbe91241b8c15b707264febf54e392bdf6bca80db0f640586b82e225e51b34

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 d7c20cd09f4bd60c13dd7dadb379d85b
SHA1 42306266801ed4c74045f0b2ba1a7ad36aca1a59
SHA256 8f8fd1445a3b62a88981c10932172862dc5241073d4e0229758abfb7b98fdcc7
SHA512 8f94000b495134dcc41313179e4a2bb6e84cf5adbc1f28e3ba3a09d81276b6ea0dab6f8d1414647091cc7718449a1ea70c09aa7a83e57e18619919f900dbc76a

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 5550adccc61ef9a5df78f4013a5de546
SHA1 88b65dd06d54b635e446c253716f165d48ee6874
SHA256 bba7415972e62c7ff348e311bc9cafae27f37b34d4e1d44a7fa3118f8d2a26b1
SHA512 9889171bc84b54fbeddfeae11082b3b6568f169ceea8d475b03cd267fa44941ede78be843fdd759a4a972e69b7d3c512ac07b0aff6b5626446241a6ed8cc7f8c

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 72702ee14711a09c8bdb7a94528ad7ff
SHA1 1ce524953ec5242d48c6585928f4095a4f027f89
SHA256 4ddf86f13aaa107c2444d980310beb2d73e0e3ae22c0c59903c4e582fb32d422
SHA512 7a1be8fb57f606359caf03a8907c58477e33e37b1892a29782d5ac5b06dc4b1f1f0963b76def435565b5bca916bb5e51357be3d70769cabbdd4442ce1de7ebc4

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 30734cbddb8f2ea9508662d0f9599d8b
SHA1 a0020f6f85cddf0dad7fe23b809d794c07facb62
SHA256 711efe3c8b061bba30ba4849df15c25da2cbd3519388d18e1023c9a2c712a5c7
SHA512 920b313750d4419e3903e63c9629d4aa7ebdddaa579be4ebdea81c487c05a747cef3b157cbc3746c7f13e51189f058d543cb34fce286358a614528940ad3a622

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal

MD5 c054b140c4823dcd271a5edd7dd32cc1
SHA1 851ec2d072126469eef2202704d26c9c59d06c4e
SHA256 a56265586441fdddc84ccafceab9da5df7d137498cdb870a9b6c11e070ae8dfb
SHA512 9ed482d6693745211d4a29af025da61f6b8be51f3260081347b1cd82c9def4df2649be5291d6045f7ff76c24237b86811ab1ddc18d9f82a85ccf97eeb61f803c

/data/data/sistemavitto.viplanches/no_backup/credentials.dat

MD5 c8bfacef82f7b91dd2b92bbff4a824a1
SHA1 4cda0df8e663bd63b86dc7d3b5af8c505d73bfa7
SHA256 83121700e174192c3d90130e2fe1eb00a0c47213354e0461673e16bc593c62ba
SHA512 6e17a210cf176976f6387bb4c96709ed2e84e0420e3e30f648334b7159bde1b092b68645d655820002d20579f7d7498f27f8dafcdd48d84cc990f3250208100e

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 002a5896eeabf5e5dbf322834450411a
SHA1 4cbd114ac607e17256f7092c861424c68f443b1e
SHA256 adc71b70c96182f10d294f3270b6b58a249a1b947d635c01d4d8aeb7a7c07009
SHA512 40213b78e6579ee2b3adfd56d2f4da3e8e549b571abfde23fba5f8d51e406e58591c73f9a2ddf2153bd20ada55e09d9926390c236031ab8b5b8f824bf320e2f5

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180

MD5 442544dc484187747a4e9e6669ce9eec
SHA1 4064ff1d6612d12d31921fccb84822b923bb93e3
SHA256 0983505092e072e962febff54fe71771d250d20c118dd7de3fedee8168377a09
SHA512 95af72ee487e1c0e2a5dfcfeda36a2d7ffa5db1f41724d62bae3742e978fb77dcde4641dcd36f9f8986bb5ac37ad025640bb0be5ee94bd50e0cef75b1cd81460

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 3edcb5edf01cf148730b85a4afb57a2f
SHA1 69cfbb250b0a8f5561cc92b149f6dfa6534c702e
SHA256 be5ee38e793036d85ac8b10611ba9ed010b96a67e923b11c7f742ed648497235
SHA512 8a36aea8b8b8bcb6db8f4e65a550e00101dad648a1285912897a2e06e4717fbd201ba6bd5727db8f3752698143ff22f0841e979d8d44a92439cd71e41215d6dd

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 0c71271e2c5ea34ed231d060cb1b2edc
SHA1 5acdd119448ef99676d324464a963c9fd583941a
SHA256 55d1d56df7078000f2224291a159534eec6c1b6f3d972eae2d163117cec853a5
SHA512 5728d23fb420c2e2f46a8b4f1653b7f122abccfa6027bdc51c8f5a32a2e2bd9adb5619659832522ca0508b96e91f81c7da173ee1a53a688699a0cecef6cc7c4b

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 fd83517f5ba873c9f84b2ee2f14552ce
SHA1 a2305b1d03f9f3774fd9637f64cd9afe5535ab1a
SHA256 cb67d7856e6936d9e3992813827df230cb131338ad1a25c91692a914dbeddf84
SHA512 c8aeae8a915128dafc849844bfd98acd2e7c687bae0e9c02420cddbe9a903671613931bead3557efb5bed933474059e6e2515270ff354762e30dc3bd16c33cc0

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 73b640734af0a2787fe2c6c8aa14dbe0
SHA1 332958dd74b95874489054162a47401712814d46
SHA256 d9aeb475fa65d5ad85c700b2638f318173bfe7508364cfe64bde26cbb9e3171f
SHA512 b0d3ea3b849162f73d872b804b1601451ee7de43c0bc49d2f0ce1416c49bea3af129c0cb0e7ab085e35b93c54766f474b2e3b8bf18086ef10717ac6300df0c05

/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal

MD5 c8e662d6f6d43a140b886d7c99a99b6c
SHA1 63b715d91b1285e1d626d3481ca82360672249b0
SHA256 c1956169479242be669ba39c95bb8c18532cfe04202c365474cc6fc9bc5b6a95
SHA512 03bcd090e80ea1811f3052f9afe46c04df9a7d898efbfd71b8666a230bc79fe6addd896b0c4398b2b7a980ea0623e0a16afdabb6e323ac709d2cd90e6759db1d