Analysis Overview
SHA256
4a11667afdf142e63017f129c4d59bb0ffd886c869ce2b26f66a41bf7a06fdc0
Threat Level: Likely malicious
The file a964b933f4327a904094676093672f2b_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Obtains sensitive information copied to the device clipboard
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Loads dropped Dex/Jar
Requests dangerous framework permissions
Acquires the wake lock
Queries information about active data network
Queries the mobile country code (MCC)
Reads information about phone network operator.
Checks the presence of a debugger
Uses Crypto APIs (Might try to encrypt user data)
Schedules tasks to execute at a specified time
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 11:19
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to collect component usage statistics. | android.permission.PACKAGE_USAGE_STATS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 11:19
Reported
2024-06-14 11:22
Platform
android-x86-arm-20240611.1-en
Max time kernel
29s
Max time network
140s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cpu82.roottoolcase
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sdk-b.apptornado.com | udp |
| US | 104.26.5.94:443 | sdk-b.apptornado.com | tcp |
Files
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | eedc4f5fd14a60ecd4e898d1649472b2 |
| SHA1 | e044e015a2b368dc28f8ed903878b431dfb35261 |
| SHA256 | 5c6b84370a60a77ec3b896a4be465c49b049b4c4522fe9147bbdcb59406b206a |
| SHA512 | 95fb45bdec304bf0b9574382eee2832667b7c48efe90054d2adb9df309fc37c4ba70a5bc83bcd2b25b462af7bd33316340525b2293927019edab09bb808f2128 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-wal
| MD5 | 47421dc5b5a625cc46284a2afab24512 |
| SHA1 | 27e8bfe8813d984c39aedaea807f857dcfe4bbc1 |
| SHA256 | f64911a5ab0a0fe275a46cafcdd187254b1d3a3e079d67eaa5a6e6225fae8f60 |
| SHA512 | 7ec094fae1bf452a1e974061098274334ae366a1241e00d385eea453fdeabdd50d64bca3adc15075e894a503f9b27ec007b9fafd6d8d6175333baffc72ae72c4 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | f3aa55dd1adb3f74a52753516002d0f9 |
| SHA1 | e8cbf655972bb80918f2493e1d4a0f8c881701e1 |
| SHA256 | 7343abae207c69403c712c1602430aaaa2110ad728672a6322750666cc87c7d9 |
| SHA512 | d7c14045817b3b97ea1f2d8b237447e4609a14af99269df74c70b5876709469d6b5c9db089aa445875ddc91cbf707d55f7698486780148a0c6637bf165237cae |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 92eac488d65d7c209869fef97b8accfe |
| SHA1 | 424e0d745cc2ea3f91b57495eca86e7571d67662 |
| SHA256 | 8070994b9274ef02e02064d1be98b739a914ad21a40adcd3b4cbe4f22d6b9f08 |
| SHA512 | 5c895eda0268a22cdcf21b92681c3fc5522fd7baff51a6e79508021685962b126bc07d0fea15f8604aa824a194ddea8fe51ffa84a4b13a75f6ae00d7ef421bd6 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-wal
| MD5 | 21614c3cc1aeb9366b18dbc9c8db35d8 |
| SHA1 | 9b2d1761bcfebfd11e4f1db27f4db72b01cf56c6 |
| SHA256 | a3e0c0158eeb6960389d7706fffa4b5c20270cd694bf27e40d468e64b56f33c4 |
| SHA512 | 2261fbc581f6ee7ac6f7a75596ac59d4d4d7f5a31523ab99d01214a8e73af974f51ac356d228f9bfe25c5a23dad32dfcf17b92254afc81135abf32c1066aa46c |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90BeginSession.cls_temp
| MD5 | 94c8abc68becd2d942cde7e1c0bb44e0 |
| SHA1 | 7f1451e8a1f6cb7f2632a66b229778826e346075 |
| SHA256 | 39b5c5390939b1d027c6ec6b1dfc0a58b03f41db65c86815ceca6fcc640b6056 |
| SHA512 | f8caae7fb12ea7e2d37117fd3ba6f54154d4d8e5bdf4b9b448d2d0eaf1dac97722ba0c05114223e9bef93a27f29e2913cef45104f4e1d431c70728ca49b8b6f8 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90BeginSession.json
| MD5 | 4c0f9b0279c5bc27a90cc0af1ac618b7 |
| SHA1 | f14dde60638dcd1a75564a3195e1f54df6f12383 |
| SHA256 | d012a702dfa67a0b3bac3adb12653bfd8f4522711392599073e92a0525016c17 |
| SHA512 | 9eb2b4969ce9e7652a3e5d677ef15a01986b5ac7d696980a6c5a8a81d6f724ccf135db9674818dfee4a40ed8eada0df76d08853ca1904f70c0bb97d730eaa12b |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionApp.cls_temp
| MD5 | 3189dbc01f9e6869d4f1ab4f7a23d5b4 |
| SHA1 | eeaa4c00228ebe03a5a92780957029a53a13e4ed |
| SHA256 | a0076ac60cc3ea6631e4f580969e4c4638e8bd9cd6fe7b37e0f81274ce3a3fcd |
| SHA512 | 84f2c49d671d413cf03cc0a69f60a3e8b662c9ca4e0b352edf24d37110ca662b91585bbf76e8cbee1183b70c7a576673fff82a3206ed9a5081774a8d02e99c7c |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionApp.json
| MD5 | ff97c6a1a4fa53cc5a5f8790fd00cac4 |
| SHA1 | b23a3099ac81ae1a45e91fa8a6bca7466332255c |
| SHA256 | 549d4a6609f824b935f298c64b9a531c044ae92be92f6525996dafd4e4fcf8f8 |
| SHA512 | 74e625ad0c1d2f604137b7b5e14da3ce336612bba24136ded5890f52cd3a1b5b9574ba859aed7bfe95ed8af4df79bd2eaacda5e6645fe09736868e9e008a128f |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionOS.cls_temp
| MD5 | 9b3d4522944ce6396563812bfdb92fa9 |
| SHA1 | 6d2a6133c8f01938a48ccc77ef86ad8ca335c020 |
| SHA256 | d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9 |
| SHA512 | 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionOS.json
| MD5 | 93023624eb8dff5c20050da136aaae0a |
| SHA1 | acfd1ffed752c28fb135ba83c0c6345ddf2f6995 |
| SHA256 | 968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c |
| SHA512 | bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | d30361be28e48e84dca492a6048c4ccc |
| SHA1 | 72b9bdcedb0163dbd79b102722aaf75c099f5a80 |
| SHA256 | 6b7514954f9c81eeb3fcd6faa117856c288eee76152bcd52abbd86948cb32a1b |
| SHA512 | 66401e581c086e4817ad447f15e687690d005e8a9b757a705db861e08954b9ade4b21501b67c53d0125d9ccc9e940bf800b4df72bbd68c6b2dd23de82ed50c45 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c379666c-d6ab-422f-90c7-9b41766b6434_1718363969256.tap
| MD5 | 8a6023fa1407db3f1b347864d20e9a6d |
| SHA1 | d128c140737e0ac0c265312002adc8cee5f7c586 |
| SHA256 | e2f754e57dbb0c47c88710ead7e4f22031c1071d43056e1ff5666869b3077e43 |
| SHA512 | f79a7c2d5896a5a05e1d61533cdef547f35f4eab3df95b2abdd11383b3ef92f9300cb0a7db8ae740acf8c737193281fe7e3df2de3a27eb52b9128e2c08a68378 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 0452a311779b48265a784323b420aaab |
| SHA1 | a147565dca050d204e6a117e0a72b38c5712a0ad |
| SHA256 | de075e3e22b32eb48cb4a267dc6491200fcaf7ccfd3e7f21ef3784651f188348 |
| SHA512 | ff30c208b0272b420091c51d807cf4c1993883b8b763b1ab9fe000241e3985f34cf627feb7e09dbaea1eecafa6c569794a7619a21d79014b874dd593d9d4db3e |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionDevice.cls_temp
| MD5 | cf9cb0612d588a1f71b63084cea67316 |
| SHA1 | 3d035bb92fd3f8997160cf8025c40239af74d3ca |
| SHA256 | 0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9 |
| SHA512 | 70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C038C-0001-10D9-C9E2C7B2CE90SessionDevice.json
| MD5 | 75db92d50c80a89e068550028c62acec |
| SHA1 | d78ea55f5dc682e4da456d26383249f608fe894f |
| SHA256 | 1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2 |
| SHA512 | dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13 |
/data/data/com.cpu82.roottoolcase/files/com.appbrain.ping
| MD5 | df4b078e642930c40eedf0c1d2a43fa1 |
| SHA1 | 673518886991ef47df823826adf94c97576121bc |
| SHA256 | e9619023f7ad0507ccc2f44d1ff58550018171c87f6d6f95c393cb2ca9eab3ba |
| SHA512 | fe8f57f35ded27242a0464a6bc8ca97e7ef476c1be13c118d872a35ad1861727a6e0008f951389834d6a8e989bb1397cfa688b2386d55af5825592d653ba6844 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-wal
| MD5 | 40914529725d994f99649a0e54f44141 |
| SHA1 | 9020594e87aaefc92c472ac8e9c2508cc98e1329 |
| SHA256 | 9b22c262416f23f67d267ef5adde0435b5b33a103c0dbd1e3111ca2c4cfd93ce |
| SHA512 | eb650af7a9297273287d0dd7340974ebe3f9b7939a5b55c442ebe37e5734d6a25639c3913ce0856f6f14a50759505f8908346a529154f58bfab308e1aad85f2c |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 41172d46ff8888be4cfc7da9dc7d75bd |
| SHA1 | 83758a810bc86c52f60c838acebb9bd0c541be19 |
| SHA256 | 7c27b82cb8af372763b0699274222450a8311bcf96cd8e876b717d4ead2a4c9c |
| SHA512 | 6d2556fbd104bc18366276346a8fa3d36992b5a7e98b2dc43683912ab4322dfda0ddf76c43b20710f8b5a8018655e731e5a52b2e573fd62f0ba0767b868c3972 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-wal
| MD5 | 0c3bd8ef0a2636fa334406f612f00b28 |
| SHA1 | 09b205e7658e923fcfe5f13ec0298c8564074ea7 |
| SHA256 | 46889b5c45316670813f6ed6bc4f59b8b75045ff9cf23577e876b4c694d90e1d |
| SHA512 | da17d5e3becc3f7e022fae079c5b79711065d66161363745536a84f3e1a710389d988253b900a6973ad2443f13fe40e03339b9f67d5e33e519f84ba5d9fa630d |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 64fa01ba6930321c1345efafce70ffd1 |
| SHA1 | 850e931ca52896a81fb3e0badbf530532954eb91 |
| SHA256 | b41a8a70d59d12f198b7e09f750a652d968077eced81f4908a12fe74b97605c3 |
| SHA512 | e424b9c5a1212f823ec402bdd629586074298ee46bd4222a3a60c9fd872e27bfec71a268861181e5fbc1625fd516d480e43b5583b66d03a795842361ebfa2011 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-wal
| MD5 | d96c849c3d25e382b8e13cfef2f4ca2a |
| SHA1 | 13ca035c67c96a5f1d7261d685ffeec936a48c64 |
| SHA256 | c314ed2986ab50bb3fe5eff52da115b63ed5413f870dc85bfa353a4c2bf15471 |
| SHA512 | 69a687b2c532f7fd349d4b07811de47d227733ab169251f3879080359473ef9621ef5301399f1807a877dc94c62a8a669c40d4ba2719f68acf423ab1ab2bf9ee |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 11:19
Reported
2024-06-14 11:22
Platform
android-x64-20240611.1-en
Max time kernel
29s
Max time network
148s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.cpu82.roottoolcase/cache/1582435991586.jar | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cpu82.roottoolcase
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.35:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | roottoolcase.cpu82.com | udp |
| AT | 81.19.159.69:80 | roottoolcase.cpu82.com | tcp |
| US | 1.1.1.1:53 | sdk-b.apptornado.com | udp |
| US | 172.67.73.242:443 | sdk-b.apptornado.com | tcp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | f3baf20b5672187dfe459975605a76de |
| SHA1 | e1a051de2095dfb7cdc7fd76d02c5700c12d692d |
| SHA256 | a75b940d78cd94c7cf0ceb6417c039ba188e8fcfdff3145f56aab698b9df7610 |
| SHA512 | 4b216a360a938bcb98514974ef763ba32227bae9c9718c909230da2429283e30741e30d6caf08680fded1bebd82ba66406d321b266e375083480cb8acf6c29f2 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports
| MD5 | ff2406ca38753bcd14ce5a4f8771860b |
| SHA1 | c7ce0a8281de154df9f21064ca694f264b825871 |
| SHA256 | a866cc4d5f6db90e69076bb9e31efbef009e5de76947cdf436b832c114d64763 |
| SHA512 | 5234e53c037fb33c724b59399223c0af35fc9dea0eb45035310b3a1ea6de3b538144313bb540d341671e24e127d14a13e9589d89afe3cee034b8cf57e3709cb4 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | ebc585dce5f4bb58bef08e9597ece7d5 |
| SHA1 | e9327317a1477c7b0f9e0ba9f44b57e06e7ebebb |
| SHA256 | a5254bab8109a5ba1c3c772e703701ca24fda732892968615a83d00d82c393d8 |
| SHA512 | 035c753f9976ecea9241611297a39d5c6149cee8b8d11560321d6c3e322b9b40eae21cfcfb210e64d0f7dc40765736877b815e4f2e993eebf20ca258d53642ed |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 1e66d274a66baaad52d55b35a9595d82 |
| SHA1 | df67e9436c46f5c00dacc3b05ec310fcd9412acf |
| SHA256 | 838e9b27a94fca7fd038177ebbe5d5ad1f176f0a156274813c9f6f099c295cff |
| SHA512 | 8cbb733d0a0f354f8a1b3ea77211067881d9f33a4b3157b3acb96d64d44535e32b1769fa57f6e71cf6393b397e85c0dbf8f47d4bc3e3b434aa83723c8a563777 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 5d0a85b39e26a8e474ed03e61cf69201 |
| SHA1 | ed98b38f917dc37a8b9ad7fd7464e07b883b85fe |
| SHA256 | d2897ec89d5a9fd367aaff7220eb8ffce4051d7373b7de511587b32be5f5810d |
| SHA512 | deea0dea694ae3b4ed50134696c1164c2886cd8ee922a743c4a9a75b1ec50962601be722b825c579197f4498d4ab0c7ba5cc789b2e750766b9c2b598acb3a986 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 6825d418442c5a491b6c2e8c3ce07a8d |
| SHA1 | 61553eda6bac374d726a92cdb03ecd6d0e3a51a5 |
| SHA256 | 55536c52c3ca4397f7ac55cff90b1a0cf7c54edd2af03513c45eb6ecc4a5cdfc |
| SHA512 | f22514d02e28053df6e73683a7ecad85f6b13600662b368557fd0219541dbf6537fc3736a7b3af66ad587691a80b72622a5c0e326de979e9f57f93b32abd67cf |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 27c505e7e1b03b860fd9cb792fc73239 |
| SHA1 | 0d4346f3e717055251d2173b156a95727fbc5b78 |
| SHA256 | ee90763069f7188b323ac20400936883156b447ce81dd1787d879b91913b9b46 |
| SHA512 | bdd340f73fb2797ae3e71a6d0bd452d01be647e80defe2edf1497472ffed50cd422122be14127ef06d89f1be51e00f91bfc7ba0203234256a75188d18c8683ea |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 910d22035efe44289fe1ac89a9d560aa |
| SHA1 | b5cb66e118efb730053a1d491383b041a472887e |
| SHA256 | 06e0fd6ff082e7cab3d91e47205749e7e36b4a98a3821afef0c52b5a25efb3be |
| SHA512 | c4c62275bf19b693163d31c42b85413a6160bd2e4564f8c07d939f4f874f3b5b7c6db8aa802b981c82b122c8d31b35779eabbc711c4418becc680aa6bb717ce7 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | c8902f3d91d6ae7977e2f92d1e1280e6 |
| SHA1 | 751f83e1a29601d5e08f9332a7611fe48dca48bb |
| SHA256 | 58c40cddbc05be4860752e7577e79eeb1afee2a1a878ec8a0bc29067511574a5 |
| SHA512 | a127506fa09bb16accc76fb58ac913d3417161244abae0e99d997a56190efff683e2b859c8f531820e458f2a18be1f31ea675275e1349a34c1ce9b534bc82b23 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 0a5a8b9aaaa56ba139e0110e7af458df |
| SHA1 | b67be322a21ec8c7f34384b4615041e143099732 |
| SHA256 | f255f78057bdc40407d092b2a055a75c031a5a671b956401101fe3d8f8e86dc7 |
| SHA512 | 3694822868dde47a093f68f825c4f406601dc88ea1b9c585ef979cb81726889c34dc9078b32411e7e3df183cca05eeaaa485e166d574f43e17f19f3e49233f94 |
/data/data/com.cpu82.roottoolcase/files/com.appbrain.ping
| MD5 | df4b078e642930c40eedf0c1d2a43fa1 |
| SHA1 | 673518886991ef47df823826adf94c97576121bc |
| SHA256 | e9619023f7ad0507ccc2f44d1ff58550018171c87f6d6f95c393cb2ca9eab3ba |
| SHA512 | fe8f57f35ded27242a0464a6bc8ca97e7ef476c1be13c118d872a35ad1861727a6e0008f951389834d6a8e989bb1397cfa688b2386d55af5825592d653ba6844 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58BeginSession.cls_temp
| MD5 | 601da18a91a41d83094d92ac022d78a6 |
| SHA1 | 65054ee1473b8d5b033e593e22808f13e2c20876 |
| SHA256 | a29d0601d8222b977902b8164adcfff6bbe911b5adb7929f0d9ceae914149d9f |
| SHA512 | fb0a84e4518e17f1c1c7b9aa1d7e28e97315a91987981cf6861e420ef1159f0b966688f58cb39f2f264c9a9f4a176bde23574203ee907dacb575573ab5807697 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58BeginSession.json
| MD5 | 069a0f9b212470ffe92b1fece4bc7a5b |
| SHA1 | 145ffbcbd81214d9653d439fc1108434b4e66f97 |
| SHA256 | 3c26e593dd35406fbda823a990ae00673e5db7c3ac685fffd6337ae544b8cecb |
| SHA512 | 35713d52d8e75396fc851a8bb8ff1c8053458786b7ce00d0ee4b495e554af8e9e30f0a281c0445c58db6528b223cf9bc628b276e2074646701f8ea6c58dc3cf8 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 24e6145b9f9033642c715204dbca6608 |
| SHA1 | 9c50cf938b73e02d9ec8d9bd903d1d01833a55d1 |
| SHA256 | a5874ddb82412a5d5bb92e4c0c1e711822294e7651e6bf8711e02788ef11b467 |
| SHA512 | e3b01e08d47898321347a676a85bfb418872a75ccc42e87b33d979a965fdd04adb5d583abf53784f4118a43779b5ae0b0800ced4964b9204030a3f84045d4ba9 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | befe5555e734ef0347137fbf5c20af47 |
| SHA1 | e741c494e6fa298a7dc4ab2622184ba47976ac8a |
| SHA256 | 7fc3b82836a4b141671160e12c96c104ec44dcc1cd3ce9cfa944fd8bf52581ed |
| SHA512 | d7f857897880b0d38cc7f69f887dd2b09045cde8d975f0ab8877066339b0004813a49388b5951bd7ad82feb1e4842e6a505abb037c906e0fdbb1158dd45c1098 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_1d9fb4bd-7b00-40df-8792-7ef69dd3a262_1718363970833.tap
| MD5 | a737c4fd874554c3b260a61928e6585c |
| SHA1 | ca3ed1f459c80550556706171d458b9fd1a2b503 |
| SHA256 | 77cefc67504a712f73743fadef92c19885b7cbaff00be07210229f8301771d24 |
| SHA512 | c779f75ba46749762869f960183d8a918ffd2ede851bd5f5947b5ef089e258d041d9c78e240d1bcfa7237b1acbe5be13ada66e19b435f7b92581dda2f31b5bab |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 7637fa900d29d6e7df8beb3551adab1b |
| SHA1 | 06317a0ff889e0f60e499fd27d4f2d3d5b1580e3 |
| SHA256 | a7f53e525d896c4820b925abd89f674fd5dd09de5b32c77a69aaf19dd6efaa38 |
| SHA512 | 8bb374aeb0ff99d53fe4ab8a346daf6e9d92f9385f34e7dd7a63dc446a199f43dd317f9b25d8b2217408678fd7eef5babac51b5adbe06c234e3ca75019b72f78 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | d808ae6349b1c0495f708c3accdc428f |
| SHA1 | 0d50ce166db23c5e500b70e089213c8526aa93b5 |
| SHA256 | 061440246d99862679f73f7e0c54a569e24e31cbaeeeb7c43ff484c2d08fb90b |
| SHA512 | a2e899dcaacaa38d50bcda124de20d099f44575e456887a08aa3e13713fa56c581c2a9f4acd4aa2bcfc465e0cc03a2793cee726d04e49db205ba5d718b0df6e5 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionApp.cls_temp
| MD5 | 4efcf97f86f42fc2e08d5cbbb8d730b8 |
| SHA1 | a166d557d0a906be684e30cdf8c5ed1d9d09a62b |
| SHA256 | 0c525f648617964def6452179f042907f10444d154b1a69798e6e9a0268f2bbc |
| SHA512 | c99daf63f8f9496d24d211c260fd84fa918fc1e19dbbdcb75fe947224baf1f081521cff582cdc0df2c336d7740f674e99079946d8904917ab67b05688b7c6fff |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionApp.json
| MD5 | 2405973a42096bffb8898aa649f13537 |
| SHA1 | c13f0670b295f61b3b05fbc2915f7638b6a99fb8 |
| SHA256 | bd2d835eca6e57c006131077c3107f3082be89c10e13d1f8f13ff253b58e4892 |
| SHA512 | 954ed371bf7a9249b958c6100a9e6f6b20d9f06fd730090c89e8ab0f86259d636880dd52e2f24a79a1fcbe8b13c021e849513dd57a74f80045a1b5e76eae71d8 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionOS.cls_temp
| MD5 | 2566d27ce8c28d8961f082c375d7535e |
| SHA1 | 92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf |
| SHA256 | 5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a |
| SHA512 | 1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionOS.json
| MD5 | 5caea4b68c57072f7f52a5a41720566c |
| SHA1 | 4d9712f1702c7238949da43f7d8ae6efb233a666 |
| SHA256 | 3223857b618b924c2b0fbc7bfb373a1aacf300a7b5ab585e18fffcf19039f363 |
| SHA512 | fe1455d21c521aeae3292bdcc386f6d2005dc253930c03e44dbcb972f96b849670d2aba039ea59e1a5ebc0350e6315151d17bcda55c161a62987d4bb01e91f9f |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionDevice.cls_temp
| MD5 | 2390c1f21db00b20c07107e3ec7275fe |
| SHA1 | e663a646460acc071aebee942cc1776c23d77655 |
| SHA256 | d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699 |
| SHA512 | 43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63 |
/data/data/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273D01FD-0001-1447-385E62218C58SessionDevice.json
| MD5 | afa07370d07ed0a8ac9554ee7001bb72 |
| SHA1 | d1e9de22fda1295087525ff3a377f7d7dd410ac7 |
| SHA256 | 8d4b99fc4968c9cdff4626ff6c1467cdb427f7a597b153f03b4bfb62dde6c07d |
| SHA512 | a7a974b1c4ca3d7ca92e1449dc9718d5ea2af7f8e4c605d25c731fb4bbe891fdf340835e2a4e3a363558744e5ee30aec22542f377eb5bffc0097c70d24f241d1 |
/data/data/com.cpu82.roottoolcase/7za
| MD5 | 628a1f1fc9510339010bdafe3d754512 |
| SHA1 | adf392bd352fa1641e04d9414bbce3cc03204fb0 |
| SHA256 | 8d54ff96163ada7775627d687eaf666c33b45f876226304a301c5910a0ee1577 |
| SHA512 | 9131bd6a404caad91e10e0c911167802edccf9c93b53a197c2e44696aa7ea2e7b75851f27a2fc967126201ddcd0627eebc6b1efb7fdc98d9a310391e3e1e621d |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | d18020c8b6749a813f1c986f40df1019 |
| SHA1 | 74ee964dcb1adbac8ee865e941e148b143c36330 |
| SHA256 | f8c6e243275ca80607b5e6ddedbb4ab06f0975baf092a9e433309a0ae1aaf56c |
| SHA512 | 860c428563ae9fbcc0f3c1ea9aa950fc9d8dab82f47e443f1574b51edcd0cb131fec18c27e50fce93d1338b3e81545b802f32629c956571d7be18138bd258de0 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | a0ff4dd177f83551ec655d8102d0c639 |
| SHA1 | 66414ea5a163790f5d2cbfa5bf03739d672d9ede |
| SHA256 | 437abdf60557593e5da3f1b59b95b35f44fdd86aa31c49d8e7802a9210d8d61f |
| SHA512 | d09f260fbe59504052d911ac907efc5e9ea023c361e38007bef5bfbcbce8cde562f579f74348d6922354f4fc4b56e700db65866f006411ebe3467f799b7832cd |
/data/data/com.cpu82.roottoolcase/files/roottoolcase.properties
| MD5 | b03b586a657ea8a0f521e6f26ec2176c |
| SHA1 | 7f9dce7394474e9ea6a09fcd333006380e7dd99d |
| SHA256 | 94db39c3b35f3f60ecd2c53599023aa4255182a356f9b29fa819ec2b4090130b |
| SHA512 | a2e49b8121b6fbb9f64f6ba0975389e01293a6a412dbaf06a7a6b9bf91044edfeb15f863012383e8c31d36c0e072da3908df34d2f12947b0bb328f97d7e0ab17 |
/data/data/com.cpu82.roottoolcase/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.cpu82.roottoolcase/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | a30b945ea45802de3a3c33a561f000b9 |
| SHA1 | 382d66565836a86a39f79d45b3906ca7a9a2e9bd |
| SHA256 | 131504884256c06e69f8cf378e7b64c1295e8b9e09b216d79ab2afdf0c5dc200 |
| SHA512 | 6a49955a6f4261aa0db170035da2385818943db4b343e57765ca5986986b3539d9a752abd70e1f5bd73cea3b249b1dc0b306bccc9c6375d78caa35d1b12d5f17 |
/data/data/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 23af4450769d0f8d7726869445d30549 |
| SHA1 | 97621196a602051d36b3626611f60926d3c2bcc6 |
| SHA256 | 14d34b24913f6aebdebad580fff3dfd5180c3b9e0864421d89eea987b725539f |
| SHA512 | 4c29cc4cd18d0f85626fac38d9612d9330ba5456ae95dd4e107c7e3d73ca9a911305018c9d69392e157cff0fb8b2d6662a1d7c80708037589f5b3d498db0436d |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | bc6aa0e74d6c3abe9053a812de107c5f |
| SHA1 | b5838fb0b89e948c5f1de01494d8057a08d07870 |
| SHA256 | a7da84c7905241f0c1b1a1855895b6c434be8ecc1b0529d954580bc5f8e17067 |
| SHA512 | a4581a0336e72bdad5317ecd9af6a5777c4b872531922329663e8677abe999537eb5890f720646622c3ce40f24ddf077670cb1519c8b5259fd1ba76766cf0ddd |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | a4561f79e6cb2eedb28c619cdfeae74b |
| SHA1 | 5a5d2d182caa336e67eeb7a0525515c1b8cfffb4 |
| SHA256 | c09c7538700d17e538c19b60e44f6cc30b576d68ad661aeefbc4bf94697ce20a |
| SHA512 | 0f1834c090961e0a15e6eb7eba00819da8deb50e9a5c5fbf4861dd1244e16acaeb1604e6f5a88f78a002fe5b8ac5439f8464bdca8017edde7f61d6faff1fb22c |
/data/data/com.cpu82.roottoolcase/files/bloatware.json
| MD5 | cb450afe999be2a49edc05f344ea23fe |
| SHA1 | 26f91fade1350aa1062bb6ee3aeb0864949eff32 |
| SHA256 | 319ecc0e33efdc5e9f77bbfb5f96ef81cd23b67492e12754cdbe0ef8fbefc690 |
| SHA512 | f508f643e75734e134fc310195d20d30b71d6a0ee371c5dd2b26769f6e5558005e81f368fed47e04810602c48311e44d1ad59963122e402bf1d9b2da8f044630 |
/data/data/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | eccd5e255c0b46adaeb602e6556a93c1 |
| SHA1 | 91b64651dc7b54f27608859778fbcb157215b75b |
| SHA256 | 2b523660f9493a3cfbe4083ac7a553871fccb985e13de9b59bb8b17cd05d14d1 |
| SHA512 | 279b9237af85ec9408201b3efa67ce67a9f899b1cab568b5cf8075857a35943fa00d776e0a629b7a90a14f523a9614e50d17a5fe30882ea645301e8329fc0f81 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 11:19
Reported
2024-06-14 11:22
Platform
android-x64-arm64-20240611.1-en
Max time kernel
30s
Max time network
133s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.cpu82.roottoolcase/cache/1582435991586.jar | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cpu82.roottoolcase
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | roottoolcase.cpu82.com | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| AT | 81.19.159.69:80 | roottoolcase.cpu82.com | tcp |
| US | 1.1.1.1:53 | sdk-b.apptornado.com | udp |
| US | 104.26.5.94:443 | sdk-b.apptornado.com | tcp |
| GB | 216.58.212.196:443 | tcp | |
| GB | 216.58.212.196:443 | tcp |
Files
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 15102b134bf06c573d25f86b3ae52f3b |
| SHA1 | 5c0db9b81cbec542ab3597e4b86accfc7ffae2bf |
| SHA256 | f2873e2289abe61952b81a60ca16ce3ae384373880c5a9c62559b0df1d71163e |
| SHA512 | 2e785582acfca8b33f62a54893bbe50864458dfa0729ec34468a9b3ca6785469a918fade8336219c79a77d3fbfcfc6575a28751ed2cd2f68216ae7f66d4e1b24 |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports
| MD5 | e6b57636d2b10cd1eef2d0c41f4b3882 |
| SHA1 | bd056c39717bb217ad6a0e93692f61d8f55ac395 |
| SHA256 | 0239522b89a54b25b7b6fb07e78f7ccf1cbde30df760662b34204a57fba31353 |
| SHA512 | bcd9e5cfb2103b79299c56d2624b808efe632ff833b708cb4c636505a583f579c42523d9f76feb7926bd6002e55931fa3e3be2472595fd3455d2372772dd88aa |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 21df46703bcb971805ef85f89fa0cae0 |
| SHA1 | af7298d1f45fa41ab38f092c99c34aaecd17835c |
| SHA256 | 2e025e180521b601953bb73cbefa85f69a3a10a68fb82461743fd0db9674dbcb |
| SHA512 | 1985cc45ab1130f977e445d019150af1e6f5f5434cad0fd113f1a62618140ec6527b8b1648f55f73b20bf9a9a9460268c930441f5181d0e23092d8988aadd61b |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | a0c1c9ec8b9eeed1cf091b17e87beb57 |
| SHA1 | ce4826f616abf324c94a061fa1ec1329c79cecd5 |
| SHA256 | 152ba9f99ffff9f41f05a3ea0aab80c03bd63463a86e56dc5818ee722423b29b |
| SHA512 | d2debd61142b918e964c4b5bc63dc032b842f51a528d736f9db441ff6c80dc6da0fe7eecb4483f9d5896d2f58bc05f6a8575a5fb9257a4629c75c3a7d23940b1 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 2e220bc6f0bf417aa732cf0d48869b57 |
| SHA1 | a6882e7cfdf6f03829b435545b21c28640536fd3 |
| SHA256 | 81e2e2e870af95a3849e62516363421478bfb8ab85bbeb20fbd81164713fe380 |
| SHA512 | b9bcbb09cf18de562032812bc5702ed011b1c8894c3ec4e76199d3c715f9c34c39c3af1d9c0f9d6961120ba24a9590d7ad639ca2b2ef5201f7c47b291e93a192 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 3f3a4452e517b95c121b74a5db1fc719 |
| SHA1 | 664b3f049d699e5ec1c5054b4c755c45b8e742ec |
| SHA256 | 34a0888480a36ea055dda2488cf258327e47ebbaf527db741a4a58ce0e70e1bf |
| SHA512 | e847b5985e5b3d0467f14a2222fc4e08af1f1ee4bf1ae8355c0fac2f708a7855020fffc20f6e4abd3ed30575bd3efff08a188bdbc7c45b2f3aab1e83f81fc86c |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 92f65875d98edd08bc35160e2be72895 |
| SHA1 | 9f2479a2f824f3ab1fcabd7be1dce6fa900a7aa0 |
| SHA256 | 4906ccf6c9f69bfda662d59485e8729877b07b46d6dee8717e58859fb75feb56 |
| SHA512 | 2f068f9cdeb9486254434907879d33fdd4f0d91a5d2ef3d83b9eebc14f322e6accd95e39a039bdb9d19d19b5cd60818039fbbd2dc492b8b5fe9166789a11db63 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | b286962751a3b39060b19e878babf5c9 |
| SHA1 | 38bb3a3f6984dcc241af16e690d0d8e0097d0512 |
| SHA256 | cb7989fa1d8c59c4253a5d3c80eb56c68a269c187a7dc11397a4fa6779768091 |
| SHA512 | 09b92f84f78f4ea892efa70977b15985d9ce03a4a25ee625d55a94ec3e62dad55ebdf0bdbdcf7ea7e3230a753ba3a1639f2cb27c1d4607c243aab62ec3375b82 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 654fee78c02ab646dc4d2c748786e036 |
| SHA1 | 293df3bdc1f98e5efaecfbf900ecffffe16ff555 |
| SHA256 | 5055a17f55d96dbbee9d1268b371e60ff284c4b656c50a1b18892bda79d94d00 |
| SHA512 | 9dbd5491e7ddb57acf3c186231e72dd3b3cd3899ee9c9e4db208c0964432811d1bbfc5057f2429810531d1d1630ea62d5fd38254ab4a3a7665b1926cff1eeee1 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 23f3dea40235a2abd4af1f5acd280def |
| SHA1 | 149e6d670a663e7759bf8b8f30b75aaccbe1c413 |
| SHA256 | 5b493a75164aaa844eed7ba47e2a15c2fbe463a38f55f0b5d95499ab0c0c7e75 |
| SHA512 | 7d5acc142408031e74815e452806fe42f4c5474ff1a51ce29a12d5a5025537af6720f717230d847750a64bbb3125753209b9946645bdf4fcd225725431679f93 |
/data/user/0/com.cpu82.roottoolcase/files/com.appbrain.ping
| MD5 | df4b078e642930c40eedf0c1d2a43fa1 |
| SHA1 | 673518886991ef47df823826adf94c97576121bc |
| SHA256 | e9619023f7ad0507ccc2f44d1ff58550018171c87f6d6f95c393cb2ca9eab3ba |
| SHA512 | fe8f57f35ded27242a0464a6bc8ca97e7ef476c1be13c118d872a35ad1861727a6e0008f951389834d6a8e989bb1397cfa688b2386d55af5825592d653ba6844 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFBeginSession.cls_temp
| MD5 | 7c21399f143cbd2974eea9b31bb25819 |
| SHA1 | e5c8f4337865aaaf8dcab2e59db789c8c22e4234 |
| SHA256 | 762c601e122bdf0bde5f28d5b725a434630ebed90c9e9640a7abceeea4a6ad6b |
| SHA512 | e8688aa13e36c86f7eb64727690a41c710ec0765a84c1f85b6a464a155f6a267a507b58496c362e18fff2725a79d1f78dacc27823727dba11519734678a86c62 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFBeginSession.json
| MD5 | 736938dd0628d79c8cdc8b7dbdaae8fc |
| SHA1 | 4921d8970f9b65d2b33d3e73f0c20dd3ef1c122c |
| SHA256 | c7c7c90b386bdcd3727c7cd49aa1ce1b3a6d75f89ebe438f4bba75834f49e265 |
| SHA512 | 7472993c52dd4d66cb6d477959d91e6d17ec397fd12b4954d3dd166f5cee20938ec6b39361bfa4c9432ffd55e944ead6290b1adfba6bdbec8c0e5647b917b180 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionApp.cls_temp
| MD5 | 0dcbaa303f5810f067114090ad9b4761 |
| SHA1 | 0cc1cfa896808151371cacf47e07a4cca32f2e06 |
| SHA256 | d0e3e2a82d362042a41b9314ac8b436dff5da684d621fd31bdf481cf3edde476 |
| SHA512 | 82bb75253416f1ee57587950d46670ca5c7a4c094fc022029197af89f66897d188417c4ea457076dcf985b5ef32a21f4ca951c91f2776bede73930c80793a7aa |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 66b62dfa3bc5f0ed479b2e25696852eb |
| SHA1 | 87aa7e5a92ed96f7b43b27fce06cc778daffbd04 |
| SHA256 | 14d222502f8de28fb2565c60b1954981ee958c3d40339b97640e084c9b267128 |
| SHA512 | bf3176c0969dc1be352e5063a122c2c731a0ba80ea610caa82a176bb27b1be11c58299060c8158c689067d2728c499533192fadd3a506a496c75c68e2d269939 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionApp.json
| MD5 | 048a95e220a0bfb5d325ef8ffe52115f |
| SHA1 | 84d87db0eafd6345d4c953fc23630bdc4ff554c7 |
| SHA256 | fb83e835bb943b60efa499d144e502bfa1fab2e244e44c2274d96bedb5a57d44 |
| SHA512 | 81addc1cc315395d6ea788b6dd3b4774213bd96b9047cd904ff1479770300ece920098e30d5f28f8102c3f7093698ec955f502ca3ec9dcadb00e98180514ec00 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionOS.cls_temp
| MD5 | b3d9541cc92a9153d14e5160f8d8c008 |
| SHA1 | 2e1ac80eb381dd82a03795b682f92020348c0113 |
| SHA256 | 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d |
| SHA512 | 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionOS.json
| MD5 | fc1dcee4e422d77e7fab7c08c8a41344 |
| SHA1 | d5340127e9d5f735b9d33b9dc61c772fb0e2dc15 |
| SHA256 | b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7 |
| SHA512 | 3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db-journal
| MD5 | 5770870ffd836e49506867f06e255eb1 |
| SHA1 | 801fe62d0e615cf3cbeebf4d4418f19743d89ae9 |
| SHA256 | 2a21c9698049e9c557aa36f28eec6b16f52cc4dca93126709f2c8928ea4515f0 |
| SHA512 | 0d874b78feb13b7952bc17065172584fcb10365e8eb7c370592d301d101baacd9230f0f43618624ee2b2b4bc296cdc1eab47ab9c2a5878b4e031ea8b1fd84d5b |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_4424e109-a4d4-4c7c-b252-f0a942f2a0c1_1718363970847.tap
| MD5 | 3671a64d16228bb2dff7ac3e2eb7e0dd |
| SHA1 | 3dca1157ba896f30349277e8fd76b13101e105b6 |
| SHA256 | d646b449dc701e3e30ea64c34609c46bd8e1114624fe0458149a80b2ef2a8939 |
| SHA512 | 45ec652c83f6e7710e175699bcf646574cba4129677726019070dbcc8d118f8616af37bb29cfc06d15080c7a48de8df5a9d0a18b4c92f03a707c824f9a5ea6a8 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionDevice.cls_temp
| MD5 | fd6372364a5c5c9cf8945ac3ea7a5d94 |
| SHA1 | 3c798cab71f6ae7a81e71e58712368231230588a |
| SHA256 | 7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641 |
| SHA512 | a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666C273C03B7-0001-1161-9E0BC73A74FFSessionDevice.json
| MD5 | eeeb942571fa704cf8ae49731fbe9789 |
| SHA1 | b5989c4cb932ffc779ee25bb3f7bfb79cf720427 |
| SHA256 | 78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71 |
| SHA512 | 71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565 |
/data/user/0/com.cpu82.roottoolcase/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 58314f24a791844f9bcf9bcbb9bb1f35 |
| SHA1 | be724e5c66e6803edabd4e5edbd769544f4ffd34 |
| SHA256 | a16ac7e85efeb31fdf5990dccf6f3c2d2091fcd58ac719feb55d94fd75326654 |
| SHA512 | 6f6ffbba0c7612c9e7479585cc56f3fceb07e6d51510c2716cb4438cbaabf7fb774ba7de47e0c6e06dfeacb45c691a0707d3ab897d297cc392902d205345845f |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | d58a21dd780cee548cbdef81d20d793b |
| SHA1 | fb37e340ad370858604de5cafb0d7885aa9d691f |
| SHA256 | 9ddd6448554e05f109bcab74eb63c20ebd9612a1b88f701563419c914cee2298 |
| SHA512 | 8fcdbca20211f084c65214eea093bd8e5ffa24577193c030468f27064df1b035312fb79b36e344b3592ff845ab3f343b080e5fbec27e46f553fc368ba4091baa |
/data/data/com.cpu82.roottoolcase/7za
| MD5 | 628a1f1fc9510339010bdafe3d754512 |
| SHA1 | adf392bd352fa1641e04d9414bbce3cc03204fb0 |
| SHA256 | 8d54ff96163ada7775627d687eaf666c33b45f876226304a301c5910a0ee1577 |
| SHA512 | 9131bd6a404caad91e10e0c911167802edccf9c93b53a197c2e44696aa7ea2e7b75851f27a2fc967126201ddcd0627eebc6b1efb7fdc98d9a310391e3e1e621d |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | fa06fa068cc0cd93134a19f90f9f2228 |
| SHA1 | 3946cc645cc212b6147db04b14b2054ca32bb17d |
| SHA256 | 9c9acad7b82cbd40762496ebe930c9d9bafe20974ca6a8b643494f1d5af3e2f8 |
| SHA512 | e84afd043ebc1a5d0796fa35d7b712910128f59e17b8a925420776d2d5fc61cf05a518b3dd7e95b083d6d0e9da9da99e4e9a7ef5fc668dd2bcbc40bb54bac429 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | f481668c493326f04c986c1cfab248ff |
| SHA1 | f5c9c802971bb1b900e3319b2a329448ae4722dd |
| SHA256 | 8219abc6866a8b5e0718c308a91c6629ca5d534b5daba02ee5eda393b3594ee2 |
| SHA512 | 7cea8dfd923f4b0d993d859e4e525001e7b3364f3d1d4aed32228c7aa6ed8436066fc6ea3f350dcc2cc0ab4311d89ed0d81e1275d7f36f00d6c0c6456ee2207d |
/data/user/0/com.cpu82.roottoolcase/files/roottoolcase.properties
| MD5 | b03b586a657ea8a0f521e6f26ec2176c |
| SHA1 | 7f9dce7394474e9ea6a09fcd333006380e7dd99d |
| SHA256 | 94db39c3b35f3f60ecd2c53599023aa4255182a356f9b29fa819ec2b4090130b |
| SHA512 | a2e49b8121b6fbb9f64f6ba0975389e01293a6a412dbaf06a7a6b9bf91044edfeb15f863012383e8c31d36c0e072da3908df34d2f12947b0bb328f97d7e0ab17 |
/data/user/0/com.cpu82.roottoolcase/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.cpu82.roottoolcase/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | 04b7dec587e01d94d44bd038631a9117 |
| SHA1 | 856f59fab4e6d2fe5314d5066677d72d8d19b5b4 |
| SHA256 | 6666765ab4722ea2ff2044bde136c8f900f6bd34cfb0ed858440ee68f43f351a |
| SHA512 | 906c76655c31aa023e6cbe8d601dc92d8a0014d62f1a09c7680b0aacfe272db76b4176fd8069596669d6f1b8b5613f51876af167485785443c00da64aee7d47d |
/data/user/0/com.cpu82.roottoolcase/databases/google_app_measurement_local.db
| MD5 | d13165fd56f6448cf3098a07af8a268d |
| SHA1 | fe159558a22b70f1e7a33bd897fcf205edc1ecbe |
| SHA256 | ae9f7408b34bd18b0137618d8b959eeed8b7adf92e3700d4640dc658590da7ef |
| SHA512 | 667e0dec9cbc6d2a5a3a7bb7d3a8ca50ec6634cd376d08171bcab923be80194898669c9a87a68be74fd0d016212f4ba35586934f11b120e71c4ead8a5ac4d556 |
/data/user/0/com.cpu82.roottoolcase/files/bloatware.json
| MD5 | cb450afe999be2a49edc05f344ea23fe |
| SHA1 | 26f91fade1350aa1062bb6ee3aeb0864949eff32 |
| SHA256 | 319ecc0e33efdc5e9f77bbfb5f96ef81cd23b67492e12754cdbe0ef8fbefc690 |
| SHA512 | f508f643e75734e134fc310195d20d30b71d6a0ee371c5dd2b26769f6e5558005e81f368fed47e04810602c48311e44d1ad59963122e402bf1d9b2da8f044630 |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 567444b9de7b401781cc220bc7a706b4 |
| SHA1 | cd8290fc7e4cb0281ea6dfb425259ed8682c9267 |
| SHA256 | 94a728de8de8046860e610a0a6b43166c64a41b3952b180e64b6cf937e4c52c5 |
| SHA512 | bf68e40a89226380d7ce82378fb9e164d3e5c672c99c43c047fee6716ae089d3657a33961fbfd3cfec9b03a45eb820f213f7a89fc3c278b7f4ba235f4832666c |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 879af9975b8e124b3860dc71402d8dc3 |
| SHA1 | 6183789dd2aeff50b55bf3d31c75e33f2b457c65 |
| SHA256 | e91896281f896c14b5cff3fd4358665da75ad5ef52976450a0ccc32b1ea7f091 |
| SHA512 | 444631ca454d2b8a905235d8205b8bbd6c9a481283d2b4e540419c913515689153ec20c059a0d164b43cb6d4708854ce5c5de046d89a0bfa6efcd36c28367c49 |
/data/user/0/com.cpu82.roottoolcase/databases/crash_reports-journal
| MD5 | 6faa88d4d7279881fdeafbef725bd4c1 |
| SHA1 | 916fd8d0b31f971e3e665718a34980414ddeeb0d |
| SHA256 | 155e9879573a0c0ee821f48c9e2b10aa8d8fda668e02761360ad8fa6b6fd777e |
| SHA512 | c36f3e82dbac88909a7d2ad931fa14a468b3bf112e2bdd0ce8ed02df6ef56742ac400c26e7c0ef891a1671ab31b9c22dd97ebdf4c50cfb632205f24a46ae30ba |