Malware Analysis Report

2024-09-09 16:09

Sample ID 240614-tvx2mayakb
Target eblagh.apk
SHA256 0dfb898292c16c395943a38ac8c5eb7b4e9f7d72781cb901df295ccc279717f9
Tags
irata discovery persistence collection credential_access impact
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

0dfb898292c16c395943a38ac8c5eb7b4e9f7d72781cb901df295ccc279717f9

Threat Level: Known bad

The file eblagh.apk was found to be: Known bad.

Malicious Activity Summary

irata discovery persistence collection credential_access impact

Irata payload

Irata family

Obtains sensitive information copied to the device clipboard

Acquires the wake lock

Queries information about active data network

Queries the mobile country code (MCC)

Requests dangerous framework permissions

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 16:23

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 16:23

Reported

2024-06-14 16:26

Platform

android-x86-arm-20240611.1-en

Max time kernel

5s

Max time network

131s

Command Line

com.general

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.general

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 meashti.org udp
NL 185.11.145.254:443 meashti.org tcp
NL 185.11.145.254:443 meashti.org tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.169.74:443 semanticlocation-pa.googleapis.com tcp
GB 172.217.169.74:443 semanticlocation-pa.googleapis.com tcp

Files

/data/data/com.general/files/PersistedInstallation359774148897556296tmp

MD5 52d850519dcb0afbb270a695328c72e3
SHA1 02176dd7b93a46c911ae9cc3f9b63d4b961e8c12
SHA256 030d68a38571cac14b0693dff1531d4502329ee0413cef1b1c4c189d4a53519b
SHA512 39e555021f4d593b7e2e6c38519b74e9cea76423e8d0342814bd8d03ea79ef90ebf2e4acfcc5ef856080cdaf7545dddaf59b9a0fce49305eaf3205df13bf4e82

/data/data/com.general/files/PersistedInstallation936996682067516974tmp

MD5 936d40acd9f420eb3132fee21411efc7
SHA1 6457530c61f5a9b0f9ce56522b05da4473abd82b
SHA256 7c14d29712f7aeac72c420c96ed7e0cfbe13f86a77e60e8207eb64f0ffb7034d
SHA512 0fcc3a47d538ccd3c9c6c771d5a33ab6c1f3d299c44f5631671e10a6640176fb7e7bb071825fd7215707ad51ea453fb2aba87e2444ff61cddb6c56b7f1e3c762

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 91aba17665ed322ad11485aa01e34cf3
SHA1 0e24e0b3581c1f10c9a53577a57e1f12d6e5feaa
SHA256 af64668f6e51eea6d7c1c71094b4d7d2a8be27586901e7cc8d2fc04d5c53b773
SHA512 67088f2116a59ae35dbba220eb8cb6ce104570e727e4e3cd6caa9fdd87c8ddd9c892e145894dd3662ad9f16fbe5be1bb600642f416f8087954bd3df269ed8f40

/data/data/com.general/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.general/databases/google_app_measurement_local.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.general/databases/google_app_measurement_local.db-wal

MD5 0ffccbf5ab6571f735ef08760d673c75
SHA1 ac2f0f20c82226f8b78b27e9e883b20374f5a1ed
SHA256 94a2d66c1f5268c6120d8b6d079483ff1a2bc54f6004c7b4f682cfbea68d2889
SHA512 afa94075417978cc025c1635cecc70e7947da4bc06f88baf01306e540affae506cbe8746f9fede364e37487bcb85bcc7b6df89eaa03b7874911d34dcbc2b0f0c

/data/data/com.general/databases/google_app_measurement_local.db-wal

MD5 4285a358f153e0a83c8c147343e7ba31
SHA1 5398ec1ecf150a5ad41f8d76b1d78e97e6e3f8c3
SHA256 f982105a09cedb0e50983b56e9737fae9cf47a8b4370b09f11037d99b6a6a4d6
SHA512 6ff0270dfdeda3df4b19c585b6b3af16760c44b057b506faf0e05e3914030e78211beb6d3c6cc274297056ebeab8a39d946db706755d760d945c234982c1ebc5

/data/data/com.general/databases/google_app_measurement_local.db

MD5 2816b1806e57de5cd7accaf6983c3c58
SHA1 cf848aea462e671d5000c6f80adbc500df8ef719
SHA256 4f0218edaa12264780cae9fdb537fc5764a3330b4990d36274cc9d727be0863f
SHA512 1c0de2b12615ea29f0da2b28b89d552bbf18f2b4b7b9d5b5de93bc2c7803a8704d705370a8cd7343dee4ad0e7758f6e626e57f375f8c0ca6e70d9b0e8f0f8351

/data/data/com.general/databases/google_app_measurement_local.db-wal

MD5 ed60388a4234890c3679d4941956a5ef
SHA1 a4e603cd6ded85bdaaf5b2aa4114b5aa21cb05d3
SHA256 0b005a74a61d0c22687f685303ce804c280258a9c13f857fd2908d692e2a66e2
SHA512 53bfbe91156daf0689276218e3820aefab78f07357c4c20b85efda025a7a0adc0ec9550d65b3ab2a64896ffcb08906d29be048c82795c2bf43a937c026983afb

/data/data/com.general/databases/google_app_measurement_local.db

MD5 8db1cd6c2ea0974f13c4cc8556add39f
SHA1 fdc23eec353b60e40e3c93ccc05397f8333fa149
SHA256 423292de8d660cd112145dc65b5c10ee1245df3a623d58861e8e4c8beb5df32d
SHA512 d89acef4650aa2cc3bb1433906a6538c862b3878e4120e0fde22f74238bf54961442597682ecd1c954607c1a022e6161af42cd45a57f07970dca2b0ae52ba07a

/data/data/com.general/databases/google_app_measurement_local.db-wal

MD5 1586223913aa56d5a57ec32a1cadad45
SHA1 625af0de6c860e055240f2c812cab4d2abd5ca7a
SHA256 a7fd8de6000db091982ea7e2a1d1cf06e3454d34f230784b147e69e5fed615c9
SHA512 ebf68ea50ac77982827d61fa8c17306b559ca31e210841603428fc752916609c75b43c12ca52e78afe9243e689d14ac20f0a6d7c37bff1eca766c44822d4120d

/data/data/com.general/databases/google_app_measurement_local.db

MD5 b58459941bcfdb7dfad5a7e18f3a9878
SHA1 aba68e044718aa8e1e2e6809f095ad46c9cd30d9
SHA256 f3f2d838619726af640b0e3d78530348cdfaef0578949fd4cafd4715ac7793cf
SHA512 1dfd7a3ccb8ecf7f28df76f661b7aa78a1e13f22d8b27b6a5b87cbbf9bd0af28b6279027d76c7ef89baacd4a940b2370d79735cd7e09f0a79e0de2ed903dffc5

/data/data/com.general/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.general/databases/google_app_measurement_local.db-wal

MD5 26f6798e2cf99a77cc7de354434d212a
SHA1 9188f51b5800ae32e13c39471d305b19880ba819
SHA256 c6b7f3b67c0b5e22a6bf6924c9392e73275ee735d08cb9df9c63296374363dce
SHA512 e7600e57c39db8ac2e7cc983aab6c2ab6f7506a3036589efadb32e02fee6f3b252db8cf12e0ead8b6165e5bec466dae77a9c5628fd6f3d4bf3f11c26fd5c519b

/data/data/com.general/databases/google_app_measurement_local.db

MD5 c9fd7ff08d697789ff21e43355d0c9f5
SHA1 dffa841ee32f1329882154847e60022647b4aab1
SHA256 75c178ce99acdda8313cb4a6f9de68ac2a909bb3396e7f816b9e2a6bfdefa966
SHA512 5877b5347e78013b004b628aed276f03db9daa76d4b3efcd0fc0ff2020d87c9607f4d947320b86132304a112bd4d7c3710eb1937af4a841ad37b6b4ec80a5093

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 16:23

Reported

2024-06-14 16:26

Platform

android-x64-20240611.1-en

Max time kernel

11s

Max time network

130s

Command Line

com.general

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.general

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
US 1.1.1.1:53 meashti.org udp
NL 185.11.145.254:443 meashti.org tcp
NL 185.11.145.254:443 meashti.org tcp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 172.217.169.46:443 tcp
GB 172.217.16.226:443 tcp
GB 142.250.178.14:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

/data/data/com.general/files/PersistedInstallation3116117365507459340tmp

MD5 06883446aaea41838ab7a7224531329d
SHA1 76c2593c9e13191e426289cb232aa719a784c4cc
SHA256 c043d538a1185a9342d90cf55c4485cba392e892e2d62d4e67b4e6d9a11c153e
SHA512 c325c53d20f5ded82e1748114721238ecc3afe50fa82af39607c95d5d9cfd55d1de07c61665a838f14e4a249d3f538896f2da117c38da7a122cd33ccd2519221

/data/data/com.general/files/PersistedInstallation4625367994783963977tmp

MD5 0762745ed18a02efaef51d5d19af5eab
SHA1 9dcacdb4537b98e4ccb163c2f36ef168ca96f8de
SHA256 798dc40c9aeca80344eddf213b2a77440244f7129252bec47642930c71538da5
SHA512 95054f5536fd12d8d6f740e46c7211585367f1d5f5bff98bae5f475bf0f023023cfb2f22e0c1c1dd1bc237f667b789c96bea33a0a68b735de03b5f4380146ddf

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 99e040db414ac8de9c21ed111a9b091f
SHA1 76800107b6aef48ea01d0ec09649fb6dc04d5cc9
SHA256 8460660497447becaba8dc2827a252e2203fba1bba75b96df5b75d4040345105
SHA512 a4ec4ed35091da38b267c2859256b13a6a272b2e525479404eb1019f2c034a723a5bca174d7f6182ac7a6a16a771c2005002dc202ef2fcabeba2cf49c9368107

/data/data/com.general/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 f7f82bf9991e68c01962862b551a4d6e
SHA1 93c09ffe7e4210ba848fb4e69a2f905270eac146
SHA256 e7b9af7469c13e425a7074f7108935c0db624f310452da3cadd086c60cf39712
SHA512 37c1037929eb1e2acba07f927332b0878c2cf76f6f6e59e08bc53b30831c0d94ec8905aa14b3509ac1243bcb2e45e3992ac0ef8bb07aa2d08c7928566cd4c30c

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 79ec1c66ef6d7dfde30f73ce038fc94c
SHA1 1662abe173dacfa3e40f2e0f1561e2bc0c731703
SHA256 5b1b0bad46aaa6e214c0dd6af43beebeb876f736fcc69e79379ae017e6648402
SHA512 45dba83befd352be9a59025f61985d73a69ce4721f2e609f8156417ada76028fc75a67c3f3bcc8b215ddba19d990cc29fa62f53e5a3d4e9bb07c4eb714da7840

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 b7e9174467c4a0e577e4f829eb031d30
SHA1 7f9322b69f91bc3844c745dec6373b8e950f2357
SHA256 4c4c5c9964e518ce5cbe57f50fdcb359471085d25a102b0e052cc4f47289506a
SHA512 1cc1f38d6e773f47e0aea67f25d120c2fd08dc06e56cb17c376f21a6894886533a2dae41c6a3f8f82dd0eb32e61c7187a9620e36714347a8673e3f4924c4264f

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 4ec8e48e5c7b8641787040884eb52102
SHA1 5a60fc570d9863ea31cd66274aefde802cd32dcd
SHA256 d20a1b6f1629383e0287ef41734db0a6a320eafee822f4128b831c9ea438349c
SHA512 c5cf6ff51efa182de384760e364677fdf2c79b9ec2f5321ee2cd287df97bb1d994025638022f632236c856a20c4bb190cea8d44109579282ec9024f6b6fa468a

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 8f4dfbd1b679bbcdc82d99ac9ff1d31e
SHA1 5df0a12502b0b093e45feb8f32b05c010b7a14db
SHA256 012a70535940baa04599686efcc737f3e502054f57c033a94796124d512457e2
SHA512 2abfa59a3b3481598eff61a81796dfba9907cb369c6dc3bd81094e8edf943cde02e8632706dc33ee745f4233ba24a43e3f7abd0374f4f8eb5a0beaafe1f4ad6a

/data/data/com.general/databases/google_app_measurement_local.db

MD5 314deede4a8e6e0e1a3252a18350fce4
SHA1 9cfef1eab5e147acf789818a044584a46f35fea0
SHA256 55643b709541c3d5be46e3894a246e1ea8527f737b622a774ae60d890e29733a
SHA512 5d0be738f9deff7b7dd35c2300bec460679dabfcf256dcb1c3acfb4ad305a1f04d97a164264f0c709fee5628aa1ce66abc2c1df5bd7ba73dad0fcf73a288bb62

/data/data/com.general/databases/google_app_measurement_local.db

MD5 2459c1d9c2735dc02aaa0527a899c249
SHA1 4cf2259bf7af77f41f582a8c6a64e0942e26f11c
SHA256 62cebbc10d074372ef90edcb13b8373653527b1cbd1825f3e8452b0cd1c7878a
SHA512 2474287a7d4faaea164aa9c0e321388940a820af4f1aeb622604c616ab250b84805aff6427fcd7af530ebd375f73e412cb27fe3a8ec6aecf48d0160de80dc3c2

/data/data/com.general/databases/google_app_measurement_local.db

MD5 1ddbb30bb4dcf133958cfc705bd7654d
SHA1 5483f1320b06f2f11bc403327190ee060e632039
SHA256 f10ce95d12f79789f0111c1e0c71bad5a3aa994c5c9e98bbb2cc7c9a56217ad1
SHA512 4ec6a4020704ae64edf074545c19b43f0ebf05201a161199e847fd42951815c0f9efd55f94656903eb43b43807eff43500ac8b944f660f171d53764037864a31

/data/data/com.general/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.general/databases/google_app_measurement_local.db

MD5 9effda0747511c1a0e291c62dbc3df47
SHA1 f74e2e8eda75210231dc186a6ae06486bbaad732
SHA256 0ad26ad0454d9c4adf0ed72bc82b1d808942c3aff9aea35015c0fa1bbd81274f
SHA512 402a498617b7bf144b2b50120c30184dd71701337bc12085685da49de3fc59e900cbbe06b39fed927996436e7430dd96532ac681dfe8abb9a079a7611c383229

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 16:23

Reported

2024-06-14 16:26

Platform

android-x64-arm64-20240611.1-en

Max time kernel

10s

Max time network

132s

Command Line

com.general

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.general

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.234:443 tcp
GB 172.217.16.234:443 tcp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 meashti.org udp
NL 185.11.145.254:443 meashti.org tcp
NL 185.11.145.254:443 meashti.org tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

/data/data/com.general/files/PersistedInstallation405325915434644075tmp

MD5 a16b5ef8205fbbcde88f0f3ba6d697eb
SHA1 85c345b9cb32caf361067d71b199e2172b0205ec
SHA256 30d816f361c5b23f67e02c958ab2fe011679662864c336590115bcd8857625b8
SHA512 488b8de4a264441b28ff6994b3e7d2a950e83c30a7656d09e5c685bf5f608d24a2dc26da8c1937ad66f381daf65b9e14c29685bec6133d70fd908707a99abe6f

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 cbcc4643288ace1ea76d465cf85b3c39
SHA1 1ab455eafa186dc12610b8d7c730aa7c03ccd89f
SHA256 3ff4789386cfe7b5524041b46cb7522a4a892639383baaaa7ab46be481a1806c
SHA512 e376915da6a248fe3de8bae76be50c269c9f6ab021672f966899eb530f8ddacf85a53a8b4e9261ffd8b6d3319ba947de2a953c4711780f67c90aad71f34e1431

/data/data/com.general/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 8e5362178eb5d9f9f0dcbd8dc3be2ce3
SHA1 41e081ed215c072eefbcfc8961f317f460e7781d
SHA256 b88b06ab4768e1f50c0eaaf855fa1d4c773aa007166579e6572fadbcda4a22d5
SHA512 a499b6215b51081c8cb0b4fcf07cb997c6c7679b9651bfdc30e8e31b07648d50e69c267c480190ec4cbd6ec2b7435e74e4dff804e6d8cd07b4b06a009cf6ddfd

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 90329ec93e5c35567faf20a79cd3b2c6
SHA1 6d08d18182d464751ceae9009fd6c218076840b7
SHA256 4913c7d8c3b6e2b77780f9b0648da8bc8d45b0d6bc061b24071412a1f38097e0
SHA512 1f4398ed52c63053c12d0e76e8c2305f58e7eed75d346bfb1372e121dd83f7afff68e9a16a3592377d3a8d0f5b67a86e815ed53cb774e264bf560a0d8ec57043

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 d73ea2f8e304ae366cf98cd45a422801
SHA1 5c51a8065cdc863df307697255809e3001f34894
SHA256 79e6923e5980a7dfeb9904a3f6def192693417a45e60968885e9463c74127366
SHA512 6258060e9193555a0909f48bbf119f47511792b4731cfac397eba43d1106909b3f5e5b40231de3286e193d86d20899d555bb4b44ac4952475ff38d7eaa4bdad1

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 3b1ef0e5ca13fce34fba23c1f268eadf
SHA1 c75376807c2fad45b779326ab8413a154b7c6a9d
SHA256 380856868d3bd59ef2b7020c7b1a62098495eb5065edeb6758ec2871d296a008
SHA512 15dacea61ac966fcfb995113dd766ffe380ea1721b01935c5504c1af5b328e07c51efaab1a4f0c622b2506f8195c1585e3584d7132a8bc0d027990a016730d53

/data/data/com.general/files/PersistedInstallation8303798736132369170tmp

MD5 b5ff32cee75e2bc2290d2aa62ff76b55
SHA1 a191c43248b765b605767c3e5d2634f8a3bf8683
SHA256 385add086ddeee86de67c82a4f46817c849e8a98bca536af323218656c0d81e0
SHA512 e6e64504b0aaef7ade937af4e12ed2d287b537efb2a1fc254a144259164258f9e331da65b3ccb951228f4138b86890b23e3dfd95decc4084e47871d0982aaa01

/data/data/com.general/databases/google_app_measurement_local.db-journal

MD5 368eff8ee8e42d227b9a361f6d389d46
SHA1 7fe5ebb3c3cc38ce2eec12ed04bbb0de44553a30
SHA256 b9582eee17768a346469380219beb882b3cd32e9ef138e2cb9510ce5cb53ae02
SHA512 1884f88b677631d21afba61da4fed69628059ccaf53f0c73f0d94d52cb699d06eca602ca6ed56f44ea85d8950315ea2693de89833d7fb205cb965f4797c22f5f

/data/data/com.general/databases/google_app_measurement_local.db

MD5 04dd0378aad30b37d6b873533b328b6f
SHA1 62f0b9b7dd13da00b3613226e6efa019e4456197
SHA256 2b33ff8ac7d683c89b2c4f1ce76abee442c021f7f95f0619d28f8812848ff50e
SHA512 0ddb578537d5ca819eabef0123f48f000d59295dc63c437b356663fd5cb2a29a76445c4ece4d6f93239d5fe663cc7d9ae526d229232991f35fb3b533cb25e5c2

/data/data/com.general/databases/google_app_measurement_local.db

MD5 e9435053865ebeb34ae2fd64db97b359
SHA1 ef4819897f5bc9ee0fc1947d49645c69f38eef74
SHA256 5ef5c42b1ce38567349dd1266fa57a4cfbf204b6d6b8f6fb2c27c5056f3ccade
SHA512 2f51e215fdb607c4fdbfcb04a02346ca7024bab171d6eb0bb0511c10b30d00671eb151c87de024da254d5bd7b5cf2e5e9c3ad55266c5a128e6d681303b55c937

/data/data/com.general/databases/google_app_measurement_local.db

MD5 aa4695e4e007b8e942f7dd878123deb3
SHA1 4bfd4c7def4859ba240dc6f143979d7fa6f57f4b
SHA256 3b15011d748ebe430ab16bfe447ed9bf1ba46ab8e15282f5c0f750a05f1602db
SHA512 e2051f51320d5fd54003d43646bd9544279b2322010e20c68350859a080665d58e87d34d9d6cab4acba3c9dd6ac1ff8365c5b3e05293d85c379a2a7fe442294b

/data/data/com.general/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.general/databases/google_app_measurement_local.db

MD5 b052c1c6176410f68abe98be5bf92263
SHA1 41ad7c39bdeeaf1f47856a6b78b5be89c43886b0
SHA256 0fa31f918be3ed5d4b1d33067f4820775f01c9edac96a5b72f392d38be25d700
SHA512 dcb82fdbbb75f71a883bcdadedb0453ed3dbf28a0aecb82e8289b0c3b160ac5f357fdb2296aa5530141e83c7fc07b5061499bda78d7f5deb738ef2c295da9d7f

/data/data/com.general/databases/google_app_measurement_local.db

MD5 de82e2c94d2718988804b035a46d17b1
SHA1 705f5ff19093ad209f2a666085d6ccaed3bf58a4
SHA256 29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39
SHA512 68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e