Analysis Overview
SHA256
4653b95a14ed2cbbb030c4d7ac221385f29563c6fcfd8b44c04335a4414d3dc2
Threat Level: Likely malicious
The file acbdad42bbdd08324d97dd9e074b8f35_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Removes its main activity from the application launcher
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Requests dangerous framework permissions
Queries information about active data network
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Queries the unique device ID (IMEI, MEID, IMSI)
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-15 03:28
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 03:28
Reported
2024-06-15 03:31
Platform
android-x86-arm-20240611.1-en
Max time kernel
177s
Max time network
131s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.wigomobile.textviewerxd
com.wigomobile.textviewerxd:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.jetrohe.pw | udp |
| IE | 34.246.200.160:443 | api.jetrohe.pw | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| GB | 172.217.169.10:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | f981459e2752c8747260735c3cec15db |
| SHA1 | f8bf90ec7bed5880f3842271a78ff9c7875203fa |
| SHA256 | 204c777794eac6617d6f8aa2e739481139bfe10ee64a6d7954ecd7bb8f30246f |
| SHA512 | 7256adfe79491758f0d361373445aff9cb69f0c92a53b7417176433525065fd088076d86adfa174131b2c8a34530fe7eb70bfff680c1e4e2b5882f86f4fec27b |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | 2df0cfcfe600983219e7e475618d7d87 |
| SHA1 | c33a4ee9ab3e2a7c34168799d4dce10dca03d78b |
| SHA256 | 6d1d94229af9e0ca7254b9e3adf13f766f18064f9b97191f0993988f23b70617 |
| SHA512 | 06eaf1b0aa5d15fb73baa0d842fb119a2883b52ee5b90d172427741f3fae8401629ec5fd0cc186b650f3c481fb1d7ed382cc716385ef07c1b86470bd9a5c8f50 |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex
| MD5 | dbe44c9e5de2831350e20b03fe482d1c |
| SHA1 | 7ffec994f997775af861d34286b6f384dce14f0e |
| SHA256 | eb19d7083a246fd8e4406915c9238a6bbf3e30d7a2d84970a619414e6c10ef04 |
| SHA512 | ae2aa213389da761646e47debebc467e73656ee68d57773fde8c31cef697f4bd98c728ad9e9528abd4ef12caa44550714b1db6274fadbf43cc6745685b718d1f |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-journal
| MD5 | fe317ac169098ea0be971661b104dc85 |
| SHA1 | 08927d2722617a0c1b66d2efcac77f7f799df6c8 |
| SHA256 | 6fb59472ef828fc6d6b8883586ac6839986ac8c8f606697b0324e20828bec4ba |
| SHA512 | ba425bee79409f9c6678b50fd6021b4d610204504e685860c7b8fc5f500fa9e4cfbc435914c528b4150e822eca9118699f6f08f837db19203570cbbb9159252b |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb
| MD5 | bc43a1887984cab03c99bf6cf9cbbe47 |
| SHA1 | 896d0d5e4a0acf794701c77a999e5ffcaff17025 |
| SHA256 | e13ceef34aeb8fc0f545871d9afe59074d3711b74d0d21d3a43943d644feda0b |
| SHA512 | 7cf10ca959efb20267f6601494830ca5a90ace58adfdfcfdd57a972067a5cfa33c84a19d0587e389405b4f9e668d9cb6eac21f6285d35e0543a3637d9f10eafc |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | e2652595552fbb9288c8707c55000776 |
| SHA1 | c87c10b6205f9e669cbd6814be9099301ca73579 |
| SHA256 | 2ef3a8106bcaf1299e36da51ad85c4b3a0be4960b1c32caf750e266b3b99e097 |
| SHA512 | 94ae1308da252aa57c35c75838508ac970a036f032eef7ae5a4dc460ed87f6e7d122e1112a812276a53f40c74cad71d3d416528b7e6cb32b20323f5320ad69f3 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | f6da06a909e6ffb83e57a799fadce944 |
| SHA1 | 1b40c3001410d7a7946e5f4020a7fca29b453bc5 |
| SHA256 | 20c158de7fac2b31b613711bd66e7cd43793715366ca0243a910c1d115b302dd |
| SHA512 | 58c8dd2a9dbeec56aa1c21d8f02d4f461ee0f54a91d1d1b549f02422b45abed8c2c556a6314aa1b96dd0747d3e37afa5ad04f41616f5d2ae228906163b5322b4 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 97adbde6bd616586644cf285091506fe |
| SHA1 | eb5d818319df5b95300430b0548ce62aeddd9a37 |
| SHA256 | d14f6cad4caafa437cf2912b5302e3b263f2220c38317f5c845ef7126725056e |
| SHA512 | fc966af9291f03d5d944993e3a321d6effb2b69363e7281275d3ab5b50c52ce461d18cfc7073e34c2bcce62763c6fa4d3b288d227164fdaff8f4e539dbe60018 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-shm
| MD5 | 23be7f849a6931996c4c9a2955957b54 |
| SHA1 | a7b495884ac270367c94a3f29104e88e228cf580 |
| SHA256 | 4e3603d64ccebbe1f558e8c50182cb7437dd4ee5222d8b544ecb4c4a2b40308d |
| SHA512 | be8a6d1a6a4b9b0ee575b318f3dd34db6a617cecc15afeb6b037a42ae03fcaddca91497bcb57c47bb5f3834111ac03c467bfa69948039b3cc0aeccd6016e749f |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-wal
| MD5 | 78f5b7c4d4c8d54d6498fd23ce18c334 |
| SHA1 | 41f9f013b9cb2ee9c11f6da062a16a47e79419bd |
| SHA256 | c4b0578d9b66005e12819783cb6dca4a1966d0d81c8094c005bc6a7430091ec7 |
| SHA512 | b611d9d9369b03ad7ec45a93f22df72297399108da9d907e0bf01190f9e8b991bd8e5b17ea7ab705e80c657d085c6d634cf387b1d702d7a6b59fb1b0c6d9b2cb |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 13a56de40b4531b0c0672fc329f99b27 |
| SHA1 | d9ac3ff695acd47ad27afecd86043a0849d65175 |
| SHA256 | 4e02514f7d790c58f30f59bb14f807d63c13e1800de850321aec3a23c375bcbf |
| SHA512 | 98de1aa87c9c11a8972887f2b890ab3da36f1c300d0cd681b9a676aa6cb1843c5ff9c9e2be67b507460d585492be5889d0725240f1d15889fb48a552966b1944 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-wal
| MD5 | f4e1127845a99e04ffd8cb0333c72f3f |
| SHA1 | 5363aebde76b4ce2da854f51c07fde0688abde02 |
| SHA256 | 7a4277836130e765784e06129c0b9983a88e5e66b6d5586d10f23ecde30592d5 |
| SHA512 | b3291bb6231b37192f5f76f500dceccfb6aa9f1a87c65999456b676e1028f90b60e0435dc3f48c09786bfd07639ade47f0278c0f41d845dfeffeb75d03a57acb |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | d9786c6160596ce5fd06747ed2168dd9 |
| SHA1 | 637baab16282d9a5359ac7d9b31e5691ca2c0953 |
| SHA256 | 13669786183ce382d076ceb89d07d6703fc1d118b0e5788c9686736254df5601 |
| SHA512 | d833d6bbcfa21837685d54487797ffbc91f4621f02240ad6fe06077673cb032906eb901fc0fbffaa1e5b9b5766be1c4632302e5bc5bc872b04a0de5f2bc7dd35 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-wal
| MD5 | 6c78879aac51664b8267a1342d4ccc94 |
| SHA1 | 5986e2c87f0b4814cf615748572d70be7d1507ad |
| SHA256 | 3ff7255e479e66bd3959412e9eeb1fdb11b601156537b2a701cdba69c7515de1 |
| SHA512 | c6e29cb7f8a05fed8663620d01a785a2a0c8b9842fa6f3ea079e45a37166cf94bb28bb61bd24ed6b89070d0c74643a6d8069a363e5cff5f372825843edd6a081 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | bf834c93d7cf05b15136f8bffa938a76 |
| SHA1 | 62cfb0bb5d18d81e221f846a7c5da8e48d06c340 |
| SHA256 | 49471e4ed0908994f04d92f430cfcc6b3e99f03f0b98cd6ab09e070ece27a7bd |
| SHA512 | 44868f8f833efb0be7fab664dc558d3f2f2b9172624b3dc8d706c26557f2b51e471272afb0c14dae891ef8f9e46dfb7fc3c52a232236d932bc2a1e62316d3ce3 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 08c717c1209488f41d766dd17660b5eb |
| SHA1 | 4297409e7d06e5473f7c195562ea2800bd5358a6 |
| SHA256 | cbbeb77635d370e515dabc7021434e68999dcab9d93d16d74246235913247d51 |
| SHA512 | baca43c58b3506900e2b72558401eab35438b1ebcc0af8eb08842b3d256daa8577d4c6d9d591e54e62759c9e0047a374ccc775f6d27a6e9f92cbffd8cc932350 |
/storage/emulated/0/Google/google.id
| MD5 | 6d31d7ca852a557a6e99e5b3306e9c8d |
| SHA1 | 1548a4ac3775e9f995fb3df8030878c96170511f |
| SHA256 | 866f988867f4aad63dfba311b38c7906804ec3b4a4416e6d24998777ccb9d5f0 |
| SHA512 | 608d5a668323400d0e2328b1a016ee52298f707985c13d4f923735c53d4408c42659b7912498699b10b93aedbc8ebc1f7de6cd5b9056d89a10a86878505c5cc4 |
/data/data/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | 2ccd93eaf0f025553b6315c23eb6029f |
| SHA1 | db5a28b41bde642985832db4ab98c8c536ed7abb |
| SHA256 | f168cb40221779958069c8fad56795e33060cbe69879f316f9e6404956bd16c6 |
| SHA512 | 955e9c3f6e2d6f041ad7a6780766cc094352d29d311508367780dd11175eba1ee182e1d80be08bacac97de21d75e46bd80d49933f41860e875a11c1375efab51 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-shm
| MD5 | c867e156881c9846a4fdc460875dad19 |
| SHA1 | 32acf2534017d0c8232b503bece938d7a117f549 |
| SHA256 | a07a8f97b595cb931b0a9edd651387fe1050da69844769c9f2e974f4aa042f85 |
| SHA512 | ec4345270e5fb2f072671dd3b2a739de10933c0e4cef030dc265b8dc322f43234168e7a6f11c50a4b4764f6a7d0797397a68cd2203f34e1a3585894bfcdb106a |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-wal
| MD5 | c07e334804a08748a3057eda91161813 |
| SHA1 | 7984f9777b64e98772bbbf41f47a40bbeb09aed8 |
| SHA256 | 8116db5c433ded12812b0f828809bc789c47d95aa56f67b25276e23f9161ef22 |
| SHA512 | 0671e104327f59e6626dba3ec4c2203b42b5ebd5bf492ae95a843e294c6ca4168f9429d56f1ca83ce9716c0476e4f13e4e5a3ef1c91f862b0f71d42e89674ddd |
/data/data/com.wigomobile.textviewerxd/no_backup/credentials.dat
| MD5 | 06d8e67861338348ee1740fc8c5a2255 |
| SHA1 | f5814c834bf474e7fbfeba1792bb25a558e83d4c |
| SHA256 | 12baa4bf41d22473f99c5ee1f764e8e48d33e1e438d0e0f26a869548b9534301 |
| SHA512 | cb12130fb09755da5a73e56d407f16a7df6011083d2b624eb3379a15c04d13ef7fcd953e5c2d6e9cbe982c2f1b19362d11a053ca7853bb618f8916cf124fa0c8 |
/data/data/com.wigomobile.textviewerxd/files/credentials.dat
| MD5 | 85bef9a5dcf10b2f910b8eda5390075a |
| SHA1 | 0cf1c4d0743bd51052c3d0a7bbf9119bdda14764 |
| SHA256 | 63652098c9e5d76559706378aa9e0f074a1a47986ba71699e62c358d46d886f2 |
| SHA512 | 167343e03551c85dae3a3bde8857622d59c1a3b94697b9de55dc7691a3f3129924aa76197b948daf9ab724ead4630c954c521c6ed96e43a633d8e69a23167409 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-wal
| MD5 | 2c3b0c9662140a415aee5afa0b98e292 |
| SHA1 | dbce48f6b51045d7c2bd6120992ec630d7d458b7 |
| SHA256 | 2df0e82a0114788f51a786aa235aee6c932137711725d83f21af54765b8bcebe |
| SHA512 | eeb7f10b5c201747154a22b46273abaf1a83747a4acec640ac4f3a6533b4c4f36b70f02a850a69593e1c1b3c2ca7018f16e8fb22d687d16b01c5b8c9195075e7 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 4116c7931ceff89745e387a7bfd38757 |
| SHA1 | eef569d9488f12b7dcd00aba6545a7ef992dfd4f |
| SHA256 | 2b19bbd612a8c18650ab22065b279e324e9185840bb1a77ccfef5b72b2768350 |
| SHA512 | 6e02c4d8c7780dec5e456bd350b9b078d8c5a747c5e49ef4701ea61c3dc8def2916e51f7bd3c762e24003f325ddfacbddf0da8416272caffc42cba8bbc633d27 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-wal
| MD5 | 370ab657c70247efa62030a12e12cd64 |
| SHA1 | 6e764a0ea93fc1394ef4e1dc639d20849153f041 |
| SHA256 | 80d33f00e3c3fdf6f8318b3c9740e334ee422d9e413dcd8639426c28f654c24a |
| SHA512 | f1d9083fe79ea967c10056efb49e48aa4feeb2302b5d5fb210bc4891d46d6b61e6581411d32773cca8b5cce16ba6d1d6654aca35f67d78ba3ab4d7652dd16781 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 8eafb6aee555187b6dc47b35802e5db0 |
| SHA1 | b720d887f3dd757bf9205c8bb2e067d11a96c015 |
| SHA256 | 227d1d926fe9a25a45d098790eae90a8840a17d874474d6b08226312e7531df4 |
| SHA512 | 6b54424ee811d36e4a2a17649c9b7ad8093690f9c4db8eb1dabefc123d36842814c18e07f477ab7b6fc9d4d67ecef3f4ced1dfbdf60b7899b350a1959593392f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-15 03:28
Reported
2024-06-15 03:31
Platform
android-x64-20240611.1-en
Max time kernel
178s
Max time network
152s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.wigomobile.textviewerxd
com.wigomobile.textviewerxd:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | api.jetrohe.pw | udp |
| IE | 34.246.200.160:443 | api.jetrohe.pw | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| GB | 216.58.204.78:443 | tcp |
Files
/data/data/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | f981459e2752c8747260735c3cec15db |
| SHA1 | f8bf90ec7bed5880f3842271a78ff9c7875203fa |
| SHA256 | 204c777794eac6617d6f8aa2e739481139bfe10ee64a6d7954ecd7bb8f30246f |
| SHA512 | 7256adfe79491758f0d361373445aff9cb69f0c92a53b7417176433525065fd088076d86adfa174131b2c8a34530fe7eb70bfff680c1e4e2b5882f86f4fec27b |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | 2df0cfcfe600983219e7e475618d7d87 |
| SHA1 | c33a4ee9ab3e2a7c34168799d4dce10dca03d78b |
| SHA256 | 6d1d94229af9e0ca7254b9e3adf13f766f18064f9b97191f0993988f23b70617 |
| SHA512 | 06eaf1b0aa5d15fb73baa0d842fb119a2883b52ee5b90d172427741f3fae8401629ec5fd0cc186b650f3c481fb1d7ed382cc716385ef07c1b86470bd9a5c8f50 |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex
| MD5 | dbe44c9e5de2831350e20b03fe482d1c |
| SHA1 | 7ffec994f997775af861d34286b6f384dce14f0e |
| SHA256 | eb19d7083a246fd8e4406915c9238a6bbf3e30d7a2d84970a619414e6c10ef04 |
| SHA512 | ae2aa213389da761646e47debebc467e73656ee68d57773fde8c31cef697f4bd98c728ad9e9528abd4ef12caa44550714b1db6274fadbf43cc6745685b718d1f |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-journal
| MD5 | 4ac92e8bd3a85931bd4c2d29ff7e8391 |
| SHA1 | d70be72f6a566bcc35674d5a04ecdd63932f2005 |
| SHA256 | eb58ae3dd94038c726cb9ff6c1a671b8fc00d82d27b7a2f1999a6e8ef6621306 |
| SHA512 | 4c924b5ae0bc431a79ba88ff0c6cafe8bf9187631470b1704352d89436e7ac3842a14ab00cfa3b659473c7c47b14b3d53b141c63aacb17a9f4826628462b6145 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb
| MD5 | edd117e1f8106881d248e1ab073be011 |
| SHA1 | 8cdac3fdde3b5a22aa6f61a07cdfb4aab0659762 |
| SHA256 | c03034ba07eaaf8079a406c90c0e707b82abd311560ccdaa0039594f06736233 |
| SHA512 | 6ef04e2758ab7692dac1656f43929cf5111cdaf009224e5d401fe825efea9a12d72cf976757423944715da7dd504ebb73d061a3000b3adeea1a7110c58c3ac91 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-shm
| MD5 | e3ed8d9d0350bae9509f28f5131b8c3d |
| SHA1 | 601c7914e622502e5dd57212564591eb7a736ef7 |
| SHA256 | 1be91f5b714e43dbd0cc8f510aeca61a138c50c9aa78a0f6bc80e1d132443b46 |
| SHA512 | b6696305a764b862cad712a833052eb6fa98e1e41695ec46be7e8645e1bf1cb9e89817587f5a563b8633403634faa003bf82803ea9c7dbceee3c24b97fbed16f |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | d6bbcf4273a1883ba997e9c1692d9571 |
| SHA1 | a82da62ac6dc961c4e75ebfd0e8340d8873441ff |
| SHA256 | 5d24b4cf5a992ac12d3af7afa99e50c36ef59cbfefe67322624428cc211c12ff |
| SHA512 | 072c4a060d25caab5f0e03b3ff0fe3c9d385fb340a026b0c664d31fe443f5d9078bf6dc55515f7bf8941502d2a1767a22e93c000451d08407e2dfe8db7d965fe |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 4ce13deb5722a0779a59cad6178d1b00 |
| SHA1 | b90324c9e35373354b34ce8118f0f3fa547927b4 |
| SHA256 | 9b730abafc592472814b0984975f0161b689c0c42045883c1a479c6786ef0cf7 |
| SHA512 | 980b672f1572c0913dc3b4277d2ebcda78aa3c8253e9e45062f0f82ead7e55caf6ad2922c531aa56526fd139c52a611050d41e5318ca88d27ef6b37d7616bf2f |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 6da2d5a3ab1cd1bd6a1b7867aae524b5 |
| SHA1 | adbaf70d20bcda94e10c82709cd523344ae74d1d |
| SHA256 | 3aef42a07528315df7f418e4a834fc41587b8cd03b91b71ac2217a8b77685dd3 |
| SHA512 | eca17043f5dc768192abd241db4a05cfef592bdd48e6dff02c94ef5943d3eee1e4206be4e299d85c7729ba0f3f7b6147666364101887e5324c89861c2a4cace4 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 5c3816d37b7eb3bb526a252e72d9a83e |
| SHA1 | fdda639533f773e0be14ce7cc4efa6644e95b685 |
| SHA256 | 01bfc3a9f96ccd3e4ac93d219907cf76504ad3785158653617cf74ed5bafde01 |
| SHA512 | 0bc4cbc2ed372b2f31d808a91b39fb17713e969a9e24b637e2a67e8bc4865ba7c29cbdabd175448099b4cfe261717280d678117a480983d6ac0ce46d4b28f90e |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 04b10d86cfdbe51036b17ff640790213 |
| SHA1 | 369057d71a0c4a6caca7c2e0ceb740d286e97db1 |
| SHA256 | 47b405ac43bb40754add2c6079141d0d0b42dfffa5859322428b7b00bdff5b7d |
| SHA512 | 96b6ad0a8e93391683494ef07c098cc9aa87bf7879f304ba71c28c6f6273698bee6b4ca70fe5688a3736c48930ab798fe9532406a0121d956e5a195798e9e8e4 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | d5bb6490dca66667e55f2f47544ca390 |
| SHA1 | 5f0715ac459e3ad6652259ffc31b7879f8e1dbe3 |
| SHA256 | 2cee7538512848f76523ee5ebf3d67a61a563e39a08a6a2e39a60c455b6aaaba |
| SHA512 | 4ad362394dde57fff0ef480e9c5d29eaebf24bc91ba2ef3cbb6850b351a9a6ee511ebe323f0b30f4509c0d16b8dc28203713e75670c00f396f840300748aee3a |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | e5ba11cc18870be39f5d0ea87920d4c6 |
| SHA1 | 69995f80effe475ff9040ba690089673430d9fbf |
| SHA256 | 1e5b6758a137aea437e287fcc7106137e2126b1064e6e477e9b7ddc216b733f2 |
| SHA512 | ed4f578294f4f3fbb146efb6ac6c3bc173f5586958a970a8aada1cfaca15b90c8de5798944941cd789eef76173dd45040824846f438fee02e0941cdf631c475c |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 83594e4e3236ef846b004a35487ef7fc |
| SHA1 | 597f4cbefa086492669c6ae08975a52f8e435e6d |
| SHA256 | e0faeb2ac2d28688e4469dc593385e28333c3477c04728c13e506d112d8be894 |
| SHA512 | 108970ccb1d24ac88931b11ac92f9b3ec5777795408a30bce0d322bc8b10c33f39f70aade8c293c5299ead2f2c50cf0c2fb666956691db1db25aa28f5f27165b |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | ef0eb58be37eecb148ea3be92fe47670 |
| SHA1 | 3366b4bc11da6ca85b3c95e4754bf4fa2d23377d |
| SHA256 | 1e4975ae533fd8e0a686d721b1e6e11aa2bfe37c779101fe34ee87dd6c5877ea |
| SHA512 | c2cdad7e25278ddd7eebd8588ac145b8051c3cb46b78598db79ab2dbe173eb13964f71a6b208a920a97eac969ef1da63711dff9e1855b2dd57c5f7bb787c82e8 |
/data/data/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | e216acfd8d8c80be62689f2ddc5892ff |
| SHA1 | 7f7442f8165242f01a2b4b748e0c43c5002ad298 |
| SHA256 | 5f775434bc6d19893f1c04200bd9dd0ebc47b7664198ba737e16b69b2e1498bc |
| SHA512 | d7064a76848018309a90a8d08fa174bb488397cb36a30ee2e9663ece4aa968f38e3437242e65a733f17991769fbfd900e408b10801fbf1e4f604f4aa1ce2d1d6 |
/data/data/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 971096e0f91bcc5bb3de09d74ab42ec3 |
| SHA1 | 18958cbe39916b0c7ba342cd32bbded229129adc |
| SHA256 | 97f512e2c80c38de21b67405bb9c991556030b75e9d6c3da7ce4db5ca395d6c0 |
| SHA512 | d71d6729e28dd7d255fc3e626f680285be1719e0e87345c965b9cbff3cdcbb7c441204d4872eee3ec265ba1ab2e3fab9b41bb08452b08aeb10dd4b405af3f4fa |
/storage/emulated/0/Google/google.id
| MD5 | fb8aeec0967a1335ca7fe5f52290c71c |
| SHA1 | f7e8ddecfced9096613b43200cdc1e10b6fd894d |
| SHA256 | b742d9163407f950d79f3cd230db162c817f36830311f5005c06424ff06d22aa |
| SHA512 | 705a300c6815c3ce4bfede3e2568a8e33302a9b184875369368773f2e59c1a1f3a67991400ba9dd02bbe7039ef27378421e6176401343591b3625b9b4f658a44 |
/data/data/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | 8b56cae064278a2a7ad4a39f886845a0 |
| SHA1 | a7c41c7553154419da82dc8aee4458a55a150f62 |
| SHA256 | 5ef742f4a66b951e0d21cad6720afad47e96e8648a84fcb4c82cc1ca01421542 |
| SHA512 | d4169a30e8ee93aaaa6dcc9fc0f8e0d7b30927c8ed55e43c3e89a7737c90df729c52430d904158272bb80f24a6bdbdbfa775accdbed2d47fa3809d151338faa1 |
/data/data/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | a27cc6dff2dc4f3d147641626e9fe1f5 |
| SHA1 | df6611fe0ac79568de200839e368be57b901de63 |
| SHA256 | efab2d9792f589253c5b90a7df49aa5f562b732886650a83a312f580e0812c13 |
| SHA512 | 0a7e763d7c01f1e33f45a291f27a05b4d6857569549140ec646a95458d633c280f6f65cef390e58b8a5bb3c9e69ce5a364d2732f82983b951a7e442c393050f3 |
/data/data/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | f7ae0807a6bb889ce0c26e027f1dc12b |
| SHA1 | 412c816dd9123393abb92adb2725a181236f21f1 |
| SHA256 | baba35f8344bdc28ce00bd3e32e01752211c7edb410826c9a681e6a05742d6ff |
| SHA512 | 7703e7e19f49d8b72ac424c98dfc9d61a2dde624fb280a642ff760b03710bdc4841750ecb332ae0e9d1a65a42ae7c479a968630c12d7adceb47c2319aea5c1a3 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd-journal
| MD5 | e74ae11f61597dff59124e2bb28989d4 |
| SHA1 | 57e296cfcecd19c97494ec8d8ad0da562f426f4f |
| SHA256 | 5c97367348ed88efca88f998bbb811a5bfa4ed1e7e7f35df145146b9f5517474 |
| SHA512 | 483e3fb3ae4f57d2765883469c4d65a8f5d3bc0c0dcc6ff8985289b082a7b9ac983c3dc3c997bb7310b131f8c38485150a168d37e8cdd66b291ccd163cd3b8fb |
/data/data/com.wigomobile.textviewerxd/no_backup/credentials.dat
| MD5 | 80b1d166dc9ba52e744c432643507b17 |
| SHA1 | 25b7f9b0e49cdf28fd9c4d13742e6355372fdc72 |
| SHA256 | 196e51fe1501df561054d44e3eea3cd39deeed10eb3920b0f9bc1904a6bfe7a6 |
| SHA512 | 9b23555af59efee14bc9b8887a4506b558525f71b0550b08021133ee3be802496f67e361a89416992b31651b0237827477834665ad263ef378c10fdf5344167d |
/data/data/com.wigomobile.textviewerxd/files/credentials.dat
| MD5 | 9116bc222c29dd6d2cae554f6f1d0ab0 |
| SHA1 | d3833e624162c20edf980cc1ee1389b2183dd641 |
| SHA256 | 938d709b39c27302f0a047f165240f54ea062347315477d576e56645a7ea7b52 |
| SHA512 | 2899a48e4a138128300d7f92db2ed405df5de4063c4f56743bc8491479b9473f00889784747fc49e9a5c30cf4ebe041d7ea3d5c22e088dde0505a8da1d89282c |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | c31420b927041bc87cf07e94618395ad |
| SHA1 | bad669f720fc98560ddcc3215d9f81fc8809a395 |
| SHA256 | f4e959ba8345f1f700c043402f978841cd95b9737184fe3d04520038d56d4ee6 |
| SHA512 | 80ec7f0be2c79f41c03d9c2356cba1a73f321faacbd7c5c322c1ab04a68838c1f1e945c04503cf68936a73fba61ec8ea4a45d472d8a69177ff429901be0432df |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 52f00966c246be8f2419cc61a4191331 |
| SHA1 | 252239fb6fbc1d72a7ee41837af2585c4b46b70e |
| SHA256 | 80fe5654ac8cacd76c71117f2ff1843e5acc5137de92d4840a044141f4a7fbe8 |
| SHA512 | 6eda84ca14574b0c7f9b2485d251a30b6da18be6c5daca496a7bb531648910051995b03c4f61ba888262da9279f1a05a61ca5b800d287e72c505454d246a5400 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | e405c655ae3ae30c4300423b50048c50 |
| SHA1 | 8ed34116588331ed48b4f9bc24c6b197341e808f |
| SHA256 | 274732a732121ff497e66c571178ee424bb92db2f21061bc745fac0f31703ebd |
| SHA512 | 4b8b2eeb41e6d3ae90123fc95593cd8ebe79d6f46b89939f864692fbbde6bca8e7a0a887dc6130abfdf4c6b36ec90ad00b11828799c1fa6e343b284710426d14 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 977ef4a7d805c0dfec2dae51427052c8 |
| SHA1 | 191b1346949d03637428505e939dd7060d055a56 |
| SHA256 | b9fa7e5bd283bd437d608602f594bc77101c1c607477db446e0a18aba18b9675 |
| SHA512 | 2d7ff6d5ea250e04db835be1d3e4dff20ed96f1e32f1d7c7af199b956f365495d6f101a78603496e2ddb6b17fb7d59604f51d454dd45bc7590e1b7d145e37b90 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 60ffac50603b38a6b06c8d513db63995 |
| SHA1 | 0e36b7bee9d1a674bb7938481c9ede1c5f5122ec |
| SHA256 | 7be845c7613ec8436554dd2419c0eb2f0d2616b0a18582d748465da6ae6105b6 |
| SHA512 | f099684a3f62cb597f32614ebd2f922d5c70673cfb047b6ce2f0a9b6c2479d215d7f9c45eb28379a345da078eff83cd6de742484f996bd0bf68d9eb9cc0bad28 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | c43ae354b99b23c3defa95901ba534df |
| SHA1 | b96580548a68529d36331de07ea2394946dbe170 |
| SHA256 | 9d842d004d414358b310a3804426a7653f3c0b09d3bc51d72b982708ccf0ef56 |
| SHA512 | 32518a796319a1f9a05cf82d61bac29ad61b9b6cfc88dd75654a95183fbfe9314911b46b0ccceec520f0522d7bcb2bebf026bede2d7e00d7fc47b10bf09227e2 |
/data/data/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 9ae0460d6d8320b8e8cddf0aa4c9538c |
| SHA1 | 5b217676c7330d81aa349a5f3366bc5d41f2f145 |
| SHA256 | f6c50865aa5af11bbebc89862600c4a4877f26b9a7d46d8b3b450b29f2ca9100 |
| SHA512 | 2da0a0d31c0bc1251db5ba6e10fb8eb83af8a84fb5dd4ade5c3a490d77979814695f96a841bc8d60cc8a28505d9efe6e558dae3d8f378decffdc3272d60b5680 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-15 03:28
Reported
2024-06-15 03:31
Platform
android-x64-arm64-20240611.1-en
Max time kernel
176s
Max time network
147s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 | N/A | N/A |
| N/A | /data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.wigomobile.textviewerxd
com.wigomobile.textviewerxd:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | api.jetrohe.pw | udp |
| IE | 34.246.200.160:443 | api.jetrohe.pw | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
Files
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | f981459e2752c8747260735c3cec15db |
| SHA1 | f8bf90ec7bed5880f3842271a78ff9c7875203fa |
| SHA256 | 204c777794eac6617d6f8aa2e739481139bfe10ee64a6d7954ecd7bb8f30246f |
| SHA512 | 7256adfe79491758f0d361373445aff9cb69f0c92a53b7417176433525065fd088076d86adfa174131b2c8a34530fe7eb70bfff680c1e4e2b5882f86f4fec27b |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
| MD5 | 2df0cfcfe600983219e7e475618d7d87 |
| SHA1 | c33a4ee9ab3e2a7c34168799d4dce10dca03d78b |
| SHA256 | 6d1d94229af9e0ca7254b9e3adf13f766f18064f9b97191f0993988f23b70617 |
| SHA512 | 06eaf1b0aa5d15fb73baa0d842fb119a2883b52ee5b90d172427741f3fae8401629ec5fd0cc186b650f3c481fb1d7ed382cc716385ef07c1b86470bd9a5c8f50 |
/data/user/0/com.wigomobile.textviewerxd/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex
| MD5 | dbe44c9e5de2831350e20b03fe482d1c |
| SHA1 | 7ffec994f997775af861d34286b6f384dce14f0e |
| SHA256 | eb19d7083a246fd8e4406915c9238a6bbf3e30d7a2d84970a619414e6c10ef04 |
| SHA512 | ae2aa213389da761646e47debebc467e73656ee68d57773fde8c31cef697f4bd98c728ad9e9528abd4ef12caa44550714b1db6274fadbf43cc6745685b718d1f |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb-journal
| MD5 | 7cb91a3d17524f0b2a7b238ea04f0bd2 |
| SHA1 | 1fc61a68a59584b66b900c1620bd022bdd3077af |
| SHA256 | c4cc6901540b1daf50d6a0f11331e41981e082f1c1ed7ced4f1ea8c21a4853eb |
| SHA512 | 9e9af90536a7c6c001e5a882ea5450d2c9ec46a48648170a909fb6ca00e0336bee1e55185f8709e5120c2c15e95ccfddca2524fe6fa915ae7862825ac3dca507 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | b8fd19d0f068fed1a8f69b86c1016cc3 |
| SHA1 | 0f4e6591674c9dd26b479cb2308b3c7b2597b83a |
| SHA256 | 7950c89a52d0827009651b7ce9f7604291edf5d67a6bfccbec5c5ab2ef126bb8 |
| SHA512 | 3ceebfe69a6d77a7ca8ea4336092e933ebd8820e195433dfd8ff29498c24415d0f4925c4bcf8981b588aeb1bb99dc87ef5a90b791d1b8403d2bafbc982828fa0 |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb
| MD5 | 8602b6b6265df20c1e70d83b7f3b5606 |
| SHA1 | 7374ea672d5da03741063a6109fdcbf002f12cfd |
| SHA256 | a43f3d78f0d91fa8b6fbe28f8c9c379ef654c30adf67f19f171274677af7f03a |
| SHA512 | d6b80703426932aabff863c5b9c916c55952f154d2cbe8f13387ae362a002f39d84f0ded660b0af371ae7e4c42cb0405e410ab8ec434110caaff5bb49ca1bc7c |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | c555707011903d687d33a0dab0982519 |
| SHA1 | e7daf2952ffe476f0b432fdd8dd3b6a6491cfb8b |
| SHA256 | 468f643cd897672e2f0a7e0619adcd362089ac8859ec389f64305034da26dcac |
| SHA512 | c4f5d5d7e639cf251e4e6f4a77fbbebe9d183b5bb1fb72d66022cdb176f292995ce928a4392e2d644ae8d0057bc7eb8543d5ef1d68a6ed5b34c8bea15b750be0 |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb-shm
| MD5 | 2b3bf7bb0ee6b27bda2ea3feca6a244b |
| SHA1 | c20f52d3142f879c66ab293e1f8999a5173221ff |
| SHA256 | 59ca85a3e7109a6bc2fd34de9f885984bb7c245476bddbc099d29f47ff137f35 |
| SHA512 | ce5023e44f8febc3baf680a5a4aab88606694e9e8b6411ad97d8b8edda08d62405cb402a4f38d525f05af4940a894e9a36e573fa351c1b18544f54221592dd71 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 529d8872e0e5c66fe9c9c3b2c69dacf5 |
| SHA1 | db986be3500398527779dbbc0ecb04c09283afd6 |
| SHA256 | f6790d63d3fe4d92b553e83b1f92fcec59cca35e483c50d0b04a3b7bdd089a19 |
| SHA512 | 6dac061a4bf4c76cefbfe0731c75e0c2ca71175b4df4208ca86083081f8f6a84419061c48b5b1db16e38b97be35ba6a1684ca663dd4b5d0d4a1744b28569bcbc |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 09fed27203f99537a285aaf726b7b372 |
| SHA1 | a72c85fd5f2826c71421354ba2bdbfb9e8bacaed |
| SHA256 | 216a63b8d48f471d90cb57a0182e25cd5029bfc315984457b7979e553e5a428b |
| SHA512 | 326dd335273337076a941d896209d1fc33136b23a1b66b660bc39a905679b098e269cdf59abb607a591636d971904fa570759d02e24ac455c93a05fae12ef524 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | a90dcd0a15dde3ba26087c63991f0cfd |
| SHA1 | 31ac44d2ec07f0d58b2dccb1b577c376e1ac2c94 |
| SHA256 | dbec3bc7c35394c0deb870ef7fc31b65e25aaf39fb7e4473a0fceb527213aba2 |
| SHA512 | 9400b847b50f781f38a63f2612af19755a3b862d11b963b0d0d8600e5b6a464b3095557bab2eebdb8704437614263eb4a119d5e3a21bba4a97f02b280c00c0da |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | e708ff665288b9e06f6c15193e4c149c |
| SHA1 | a5e153b8a572d491c0bbbe8f8c66208cf60b1eac |
| SHA256 | 54f433ae72b6ad1f302cfba45f720727d07bf53fdb2d3170335b85ac72fbcdb5 |
| SHA512 | b0e2ed758c253b9b2885a042653156dbc3112a5a561e100efeae2d072b13c2df45ae0635544b34a0962492df2f5208d13baa962edc5cdfa3e2cb044a71de3936 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | a89fc2ac5d0d3070f726ff1240cc5d99 |
| SHA1 | b343e47710ffae36de6d5f80819a3541ef9ff7b6 |
| SHA256 | fd4467fc57c1742e14fd25d5a98396731c1eb65e7da9789b3edfc7bb3f748e4d |
| SHA512 | 9b1639f34ce81a1e8a48c1706775646a86865b8dd4fa08ecd461da2dd3a207557d3627cd1ca8f15d2724b314117e2e57e3d4e00d2422d423c7ff560b09e0191c |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 73faa834408905988d951cae528794e3 |
| SHA1 | 6f01ca40f09286546b46edbd4d0b7952bbf1e85e |
| SHA256 | c4edd90eacba346b6a7b0f4de73f24909e3e7bc5d217f178edd713b36cc5b21e |
| SHA512 | 14968de71f438a2d2df7f08f0faa0081b48b80b3cbe179490be694476c74737d9dc037ad759cac81e402b5f00def4dd005659ad1b289410c327a30239bc42a5a |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 53885b8b4aebab0f52a5e8f0a8f4c9e5 |
| SHA1 | d78e13ca1fb04ae70c96e28a9836cf9482466c56 |
| SHA256 | c4eb3c049ec59f330c20155becf291c0a98f4109f54d039a10747bba13ec7b62 |
| SHA512 | 9e15063ada76ebf78c82c921d49928aacbba31077ba561f570eca59ecab09e89f13b33f0b4bcc9f67f4d3f5b4ab3c0787c500889ee6100432ae7a82f6c9cca9e |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 0f1558a9accffec71d661c83f5a42b59 |
| SHA1 | aafd1e9655c7ae98a84d469860000b5b5015e537 |
| SHA256 | 2da8c2f44659d753642d5e2e51b6a8d5a9fdacb5dd5850c865570e8826c19948 |
| SHA512 | 64d69e3b473bd5d1d30876ce0c2c4a98ec5414f0c834f61e9d0b3dbd327efa930221054deb3dc8dca00e0ad80c712d4b32adf6c2f01d71c61f28155c716cc5a6 |
/data/user/0/com.wigomobile.textviewerxd/databases/androidx.work.workdb-wal
| MD5 | 3d9793bdcce7f82022d5889fcebdf7a1 |
| SHA1 | e2142b441c79919fb940217d9ac538d67049232d |
| SHA256 | 4e7edb7d94024c312d0c307706161a9a64211ba1c289119f0337e097e1cf37ba |
| SHA512 | dee1cb6c6abfe8d95fdcad79e6d22a2017ecd0cac252be819ae9ab745bfda81138a9155690c5af5812fb1ff72445a3c5aa75df96169a6a792a1083b5eb45a341 |
/storage/emulated/0/Google/google.id
| MD5 | fe48b9c2296e0f93af9e5bb5a4100fc3 |
| SHA1 | f4be4bf974321d0d5681ec4ad880ea8c3a785adf |
| SHA256 | ecce6a036276a50136318b7fb95fbf7ce3cc5c6bd0b7f7233682f3a3a31f18d9 |
| SHA512 | 70115ce8b1886afc5b353fe5a4635497bb1281aaaef9f481f81bfdb7642580d875ca0393f4424c17540243cd0dc7fcb9a0806750c010775bc6ae1894e2fb2f99 |
/data/user/0/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | d6287ad4e1f71b27cb7ee6879167f611 |
| SHA1 | 9d983469e54c04f49ccca10bd048e9807de2f563 |
| SHA256 | a2e32ae5f27deb5e4f3f7957f7b3cbe63ed732c6d49d75a9a2bb3557d77e776a |
| SHA512 | 825528e5caa111bb4037ccd3905afa84d06ebf68b8a59f008b3240560716c8c5efc5dd1a5fde2384856c2ad5749410caec46e5288ebbfbe0bddb1292f54a07e1 |
/data/user/0/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | 77380b15a7c7cf3a02097776a37e0b11 |
| SHA1 | 7785838e2729331aa69f2be6c2c19ff52db696ec |
| SHA256 | de71a70460c770bdf6a2724513d541248026459bcc673ae15ca46a1f8ea614b9 |
| SHA512 | c99f3fecb83223dbd7863e6a7a361cacf1c74ff90737c9d6fce32ba4d3d807ca7a6951bf8b92ab057d7e57be5c4f11b57750b421fb499ef152e140fe15de2542 |
/data/user/0/com.wigomobile.textviewerxd/files/ZPkFS.log
| MD5 | 5385bd2fe8e850550e377993be70cc04 |
| SHA1 | ab7bbb431b1fec32f7f842a0ea82a5106b8dabb4 |
| SHA256 | 8152ceaa5c7b49427895a91a376c4ea0ff99dfda5db032f80e7d249c2b422958 |
| SHA512 | 2bfe2fe250a58e8988333277b7fb1aaa35d4d2f25675742d0a03be47e4e3acbc4c2f502e09f5edf1257523e5eabaf086d8e76f156abb9704c2b13718212a3bf8 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd-journal
| MD5 | 58a1aab89059b660bb5fc1f963944c15 |
| SHA1 | e6adfe2bfd73d07b838f30015c859896dbacb351 |
| SHA256 | 80b48ecfc48de261ae1f2a233db1cd0ff267a8b2cb896015624b8c5973a6dfc3 |
| SHA512 | 898a56aa2fb794e286a559473e1ad8758c72bc728b5a95c4a827a169cea6c1f2f538337ed492f42bd9305dfcb0d4a5187cf4bd2dd025f6107b97fa9de5f1e69d |
/data/user/0/com.wigomobile.textviewerxd/no_backup/credentials.dat
| MD5 | 9ea14fafb9e2845d52ff9a0fc8a30f7e |
| SHA1 | 232c101d383e6497e8898390d748ec75120a8139 |
| SHA256 | 83c23f14f72db688a689cf12a535dcc8e3950a2709e21b732b2e1c960ef15cac |
| SHA512 | a94edbfc0f68a89f0c81a99270308b188a4203c7a5703b98cf318d23a878180624fd84286c8de90ef793228a1c1d80e396a9d383ca7930397d66a06da36c3921 |
/data/user/0/com.wigomobile.textviewerxd/files/credentials.dat
| MD5 | 194e5ad001532345054b7aee49f020a0 |
| SHA1 | 813c0e9e285ede9c838d82458d9173db38d2b8d6 |
| SHA256 | 0437b02b72cdfa16a13da90053a441fc23b741563a6107960f4c7c491531e3f6 |
| SHA512 | e6721a9f7e94d1912a21733f478e8cc5d9ad5134ba296bc579da4d512345aa18ae1189062ffb4ac912fea55fe096383ac3a5daddb5a7ac505d7f8d1d6d73c0f1 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 3bf0a8c78875bd653d68ab3abf4aadba |
| SHA1 | 90aa2eecc8ede79f4de3c803cac16e5ec8b2bbc7 |
| SHA256 | 7626011f3a4a24ae490512eb0eb8e18146d7077ee1d2c27de198e6d07de8f8d9 |
| SHA512 | 7dc2c695e374e66378e03269c8afbb601b6c0686746256a5299f4ea044163d48bd1794a55a89c14cb205dc71be42bf58c5472e08db64ea8e59a49dbdb0a887cb |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 8a42d2575e71d00276792be3f25a00c2 |
| SHA1 | c57a4149a10f6672b85c3389b624fae9f7662403 |
| SHA256 | 1b4efea96a8d3520ed3b45917acc2613aceeb921f2c816b6b2491a2dd109a6fc |
| SHA512 | c5b5e173f20c0a707e98891aa0e006e43b04119f8778c89275e94e0a90025b13ca9f30709647271b5a95faae6d0858ebddc8fa0eb69e4d2dd19007462869c6cf |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 9708ea5da9727be5bfc77f59b2fd74dd |
| SHA1 | cc86410e49545e86e945a3e4ead7ec869bcbee4d |
| SHA256 | 442cd6fa02f8c91001854ef204e1cd73d5ffca30b35948ca4284b1744e68ee74 |
| SHA512 | 6cb4117abbf119182f4ce00e09e666c587b15270e1becdcf41e9284289991e28880f806544791c108a60b4f500e70bc8c33cfcac644da198d82f928b30d01b49 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | b138c0de530e6e34bdf5d01a0e0ec753 |
| SHA1 | 42d1c1392ac7f69f7771275263ea560167673a45 |
| SHA256 | dca4971adf0b0603bf7da9b9d1dc1cf8f68427b8162c56ad6bbc9d136f24ce63 |
| SHA512 | 100c601d4f0940addc61e514f360d6c1768225e704c93ebf2f3f3bbd10bf8f4a476b12a9226c9eee9734652c79b6a885f0a745ddaf882365719913084210e911 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | cf7b1483e975885024be2596bd31d425 |
| SHA1 | ec20b487dc16ff4efa573de1e92fa1f68637f2a6 |
| SHA256 | 04d4d9ef41075bc1863e315e373d838b7fdb15365694442cdfe3a103895d2a2d |
| SHA512 | d1644f5e26554b0aba89a8ce9e9c20f0cf53ece6f238f02344e4a28747465d2a198195ec03b5fb1222991a2fb7bb6b54561973b3036c678468af5ba7a8bd5576 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 3d5dd782e42bfef7c617350f23b2b49b |
| SHA1 | a2508e886bba5afcbc9b9999c657887d0b3609e3 |
| SHA256 | e72f4de575126b8f8edcd1374be488a77dc626d257c852b24cdcc7fc6083ec63 |
| SHA512 | 8a20986f483b8dc1eed5ac2cc20227aab2d311c8e2bc8533315a450cf6b4bbf6811e2ab36f7ffbe7180a4f80e9ea11073d1c3ea80f7d21ad80a760a1aaf8acda |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 0ace05332e9250d7eee00e040d34d695 |
| SHA1 | fe44c48c9685fd9efe37952db6a4334a5f4f3b44 |
| SHA256 | b69fb8a72bda152118c4d4861513e352d4f2928aa307bf35ef2c589985b19556 |
| SHA512 | e4d1e89509f660221f2f8962927a4ff93d15e713aed4e0bbc0d908ad1057664928f830e5142326cc61e6b62f6d9ad1d578544a840d7d615f2242cde954143696 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | e6f03c100b5305d49b7c5999dd6e90de |
| SHA1 | 06a575e7d05bb4ac12f41805b17379dca228c868 |
| SHA256 | a682e398949ccc0cd7abb2279b40d9e14c1df398d9e8cdeb41853038d60b0acf |
| SHA512 | df531c6cbb8513b8c5e828f296dcef7bfe9a69c6e6f870dcd8219ac22233cd7925c9f99189420298d690314d02026af0f2754eb21aad46b59e9bdb9f7c7477e8 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/db_metrica_com.wigomobile.textviewerxd_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 97a738651b7f3fef78618c9dbe21831f |
| SHA1 | e7d53f1f4c277ab90747066af742860a5502033d |
| SHA256 | 1cd7510246e54577f29193db291e2922001de00e1aaaf7628ad8b9dfe06145b4 |
| SHA512 | d5d86d58f282f2b18d75113354c8351a1ea77b45c99bec30390e50b3d9a0395756f620b5eda2ac008c854a9c9d87945675fa57ae382c51300193053af7cfb223 |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db-journal
| MD5 | 3dab6f03057eb7dafd892c7cc3a030f2 |
| SHA1 | 91d0200f756ddb40a1d240a714914f47780fe7eb |
| SHA256 | 4688d605a2c6852360d6011b4349dda30ddbbd95f6efa25ae0e4e5b575da1f60 |
| SHA512 | a367022917c049d2e5ae028fddd754045f30766e0acd2b1bbdef6eacd3adcc51ad006c9406c5b09f7c75a02bb6c67d3a5daeac588115f29a41d26fcd258a971e |
/data/user/0/com.wigomobile.textviewerxd/no_backup/metrica_client_data.db
| MD5 | 5583f91265ce97f05bb71f40c6c0eeba |
| SHA1 | d3c6c296c5a2ddafb236567b0831e1243842c40f |
| SHA256 | 01763b1e9295f3334f9aac77de53e0a28a8249cf20d0c75eb1976fe4130e78b0 |
| SHA512 | fdf364e4613ca1e29c11209b76228b662986b68a71d213149a217590cf54377e60f9227488caea04a95ec0f2394b54b2919dfa76eda76755a96404269e1a37fb |