Analysis Overview
SHA256
abf975472d394aea8f569aa644a400d4d0f8d325c851c0eaef870aaffb882572
Threat Level: Likely malicious
The file com-mod-minion-rush-despicable-me-official-game-v4-5-0h-mod.apk was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Queries information about active data network
Queries information about the current Wi-Fi connection
Declares services with permission to bind to the system
Reads information about phone network operator.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 16:24
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by accessibility services to bind with the system. Allows apps to access accessibility features. | android.permission.BIND_ACCESSIBILITY_SERVICE | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 16:24
Reported
2024-06-16 16:28
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
188s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.gameloft.android.ANMP.GloftDMHM
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | z.moatads.com | udp |
| GB | 2.23.161.123:443 | z.moatads.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 163.70.151.23:443 | graph.facebook.com | tcp |
| GB | 163.70.151.23:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | 201205igp.gameloft.com | udp |
| CA | 208.71.185.246:443 | 201205igp.gameloft.com | tcp |
| US | 1.1.1.1:53 | eve.gameloft.com | udp |
| CA | 208.71.185.246:443 | eve.gameloft.com | tcp |
| CA | 208.71.185.246:443 | eve.gameloft.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | vgold.gameloft.com | udp |
| CA | 208.71.185.242:20000 | vgold.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | vgold.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | vgold.gameloft.com | tcp |
| US | 1.1.1.1:53 | bob-iris.gameloft.com | udp |
| CA | 208.71.185.242:443 | bob-iris.gameloft.com | tcp |
| US | 1.1.1.1:53 | gdid.datalake.gameloft.com | udp |
| US | 52.54.189.240:80 | gdid.datalake.gameloft.com | tcp |
| US | 1.1.1.1:53 | bob-janus.gameloft.com | udp |
| CA | 208.71.185.242:443 | bob-janus.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-janus.gameloft.com | tcp |
| US | 1.1.1.1:53 | iris06-gold-ssl.gameloft.com | udp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | bob-janus.gameloft.com | tcp |
| US | 1.1.1.1:53 | a314.gameloft.com | udp |
| CA | 208.71.185.246:80 | a314.gameloft.com | tcp |
| CA | 208.71.185.246:80 | a314.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-janus.gameloft.com | tcp |
| US | 1.1.1.1:53 | iap-gen.gameloft.com | udp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-janus.gameloft.com | tcp |
| US | 1.1.1.1:53 | bob-seshat.gameloft.com | udp |
| CA | 208.71.185.242:443 | bob-seshat.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| CA | 208.71.185.242:20000 | bob-seshat.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-seshat.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| GB | 163.70.151.23:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | oct.tools.gameloft.com | udp |
| CA | 208.71.185.242:443 | bob-seshat.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-seshat.gameloft.com | tcp |
| US | 1.1.1.1:53 | bob-hestia.gameloft.com | udp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.246:80 | a314.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.246:80 | a314.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | bob-hestia.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| CA | 208.71.185.127:443 | iap-gen.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | bob-hestia.gameloft.com | tcp |
| US | 1.1.1.1:53 | etsv2.datalake.gameloft.com | udp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 216.58.212.202:443 | tcp | |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:20000 | bob-hestia.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.90:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 1.1.1.1:53 | iris06-gold-ssl.gameloft.com | udp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 1.1.1.1:53 | oct.tools.gameloft.com | udp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.40:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 1.1.1.1:53 | iris06-gold-ssl.gameloft.com | udp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 1.1.1.1:53 | oct.tools.gameloft.com | udp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.54.189.240:80 | etsv2.datalake.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 1.1.1.1:53 | oct.tools.gameloft.com | udp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| US | 52.4.192.216:443 | oct.tools.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
| GB | 13.224.245.128:443 | iris06-gold-ssl.gameloft.com | tcp |
| CA | 208.71.185.242:443 | bob-hestia.gameloft.com | tcp |
Files
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-journal
| MD5 | bb0db7de94d1eef873159eb2dd2e8e1c |
| SHA1 | 8fb169e35d75647c9e3a1470300e81b723e5faf5 |
| SHA256 | 022b044d0dff2d6cc15b9156436feb0ed76f430a5e9e1692c89e994704f0742f |
| SHA512 | 5ae45a655caab011480403d59d7ab89f38e771b1975fc095dc35e03a250d1336ff57dde3fa1f7875cfbb2491eb1f893e08b742381cb46986f156f2e0228d9c20 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-wal
| MD5 | 20ca5290d78dcfc959137975f7c77295 |
| SHA1 | 60e4b0186cc19e5d7450c86e92331460d1982567 |
| SHA256 | 3ad6d8b2a9bec066e96e1555d9569649abb22e318ae5220f36509bc49b27f814 |
| SHA512 | db66fda7bab94b896d7155eb8dc9f8135f9c66f9751277bf5d218a3cb830105eb2be3952a6e95417d4e04a395adc546dc3c3d6d4e83204eaaea7a5e08d8c1e02 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/PN.db-journal
| MD5 | 494a90d7d681630954cce12346b621d6 |
| SHA1 | 94eb4fd359d626e0866aacd06840384f7ae3d6f2 |
| SHA256 | 5e528754d2348045c8b084b5fa75b72ce57afe94ed7b9ff53122468904876bf9 |
| SHA512 | 1ffab73a4822cb74dd7f2517af441d9123bd6b878ba1e51fea459f236d0e151bab01da0a4e369971e8f6c3f66f0a44b31c916329e44e67006be31c79929c733b |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/PN.db-wal
| MD5 | 8adab7e2f6b21300eda9546c8a08e9bc |
| SHA1 | 1edad3776dea703732fcd8cefa2efd1b00f54203 |
| SHA256 | efbc1640b021be9ed237cbb676cf2796c29e8a5f895f627fb88c5513c3f395c4 |
| SHA512 | 1b6836ac46f8b86f997c26813e6b0d5d67f9f4fe4471f40e2af32c4cfdd663804d4cba7f90675399c04e72a6f5481f916cf4f5faa96b7a4c7923734059b3ce8c |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/gameloft_sharing-journal
| MD5 | 9b004a047d8bc735cedcf978486f92c1 |
| SHA1 | 083d8472b6b0846d1c2b8806d5cc10f2974848f2 |
| SHA256 | de6cb295eadfaf2034819e05eef33587700feaafaa1bbbf9fa6f85bfccb015a7 |
| SHA512 | 3333c63c852b5a65a68f33f69a501019d67f1b51db97411e1826d022bcf1a2172059b76b96a9c583a214fafb8f04f3969140d9bd7b711b71132e7a82755d1aca |
/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/gameloft_sharing-wal
| MD5 | 90fcd690881d1b1cdf3977667e39aa78 |
| SHA1 | daef2c3f94f74b8e03960c6d3f335a1f2136a394 |
| SHA256 | 1e602b709aa448bc0027b055ebf268b343888c8ec0f16f19c9f6a2fb5e2b07f3 |
| SHA512 | 1f33102fc12e40c5323fd9241d028bbc68e61f0f0db612df19195b78a39fb5bee224e67730a8987470424178f4a8f39d0f94c6d6ac8eab1ec046d4d7cfc100c7 |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/GameOptions.json
| MD5 | 16405c047dfc4d01f0a3b9e99030b8c4 |
| SHA1 | ae3e7b5f49ef1fe5c4254f9a096225c81772d50a |
| SHA256 | 49ea334a74b99b322cdb4fc1a29fb233ee3e8dcd9d5afe7a8fb14e60e99dd138 |
| SHA512 | 70426ee988662034ad7491937ed7697a778ee7306a951a8ef564c1e4d88be4175b0e8acbc60e60a52cbe2b5b7232395b53be427fe4ce30135a0424eca15d6a08 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gaClientId
| MD5 | ac966b2c6fc278e22d9ceb02bcad3ef8 |
| SHA1 | 17c1ab89c36d25d6613e0ba65d43390c51d54138 |
| SHA256 | c1fbc7c671b28095f67dd6f13685dd9c56694509e590b1ccc5fedb669f9d9ae3 |
| SHA512 | 2874912f6f44bdf67526ef8890f8a4e130ce816333dd2e0a14ca3ab3363ce9e7333fd39d293a14896c4949d3cd489fd86db928371907066ae8fd097c20ede607 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/InstallInfo.bin
| MD5 | d260d9c48092dda516e3a41bc93b984f |
| SHA1 | eef49f1a283ea27a2d045f791f95144c252316a8 |
| SHA256 | 842dcca2e35178bc70f6b0ba2b219d0d22629fa84d2dd2135f93bb552542d0a2 |
| SHA512 | 6659b033fb7f8b6d3d991a96f3e3415133ab15a544688729b540dfa87d316954b3f65080f493ee7d818872dbd9b9e43711df13bb406daa3b22580d23dcdce7f6 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | d43fbec244cb4d4fa8e29840a662bb38 |
| SHA1 | 95bab56606a2587097dc14e8bf78aff4fa836cae |
| SHA256 | 4bba77af876775db5a35d33f6875c2330fa85dc04f3ba3b539287bfb7c79dea6 |
| SHA512 | 69e9790097520e016ba02298483f40e2c63ae6155c9752a2a418d7d412309f0c500c3a46863a067ec54dc9d98e8b7b0df439aa3f2d9006718400aac638749200 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Sessions.bin
| MD5 | 4840d116dfe4f0dc2f9f1774e0da16d2 |
| SHA1 | 67e69345a4afaf19002ab71bb417ac022736d69a |
| SHA256 | 7b3ca0f68b7dbbc0c0b54de6c97240b0009b103757d8604e090857728cbc0cca |
| SHA512 | 3126f2186fc8ca42475420caaaab17aae144a1a4295efb131a02362e54a04b0df9dfc66bda50b6db1c4885f47fc05d2a7bd7f9521fc97315a959278248bd7217 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Device.bin
| MD5 | 3bb31df88365870810c321c42e7ca3c0 |
| SHA1 | 0b464e1fe34b3bc0e9bbe5d04932ce88d6d15b62 |
| SHA256 | eeb0cf3b7250983e468495477b3f1956e5529e3c5fd94ea45adbf1008375deb0 |
| SHA512 | 2321e7d861381ee00e9684869a42d8ce0e81703f4d94621c0c1ed9207e34f33bcec7185b0a88ad33d8e473f8397198803bda9697147c8063ee7ba79c9bcc872b |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | 902687f6fb17f8711d115df91fea7bd4 |
| SHA1 | e6f01590bd48e17e077f4cc920d8b452dabb6cd8 |
| SHA256 | 506c8bdf1b433885635fbc1be0a9f2dcf87e3511c1117d327bc7622cedb8577b |
| SHA512 | 9527410a8413a98a2aeadf095d9ebe96556e1173228320dbb8690233d1882267f521daf241fa3a29d3d09eaff18d6699391220f68150bed61dcc17c713066e44 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | 1ec81e25e80b82734c1b113bb5bfb79d |
| SHA1 | 13106ef4dd623d11f95c5c24e3311b670219a60e |
| SHA256 | ec57f22e4650893c2bde7a9648a73a69dbc9362f353dde89d7f3398ff23bb3e6 |
| SHA512 | 1093c275f3cae098f19bf894a6e0493f62a9c5745c28a298a92ba4581a9c97694088b39fc65e77d0cc251f4c8a24b91ce7fe9292af01e8b687d0c951d2c8ceee |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/TFAT.bin
| MD5 | 22b83e89d57aa7ed60941102a8a7dbaf |
| SHA1 | 2fd5ec170a71b3f73dd2051564f112710fcb87ec |
| SHA256 | df70987c91ed1ba8361b83afa4a9827507c469ca71388f6f1c09c2a659fcd6ea |
| SHA512 | 293ccd8e7152bdff85e6d42224aa57f050ecd7e2aaecb6dba948fc53e36d4eb0b2f1d46040b760189ea5dae8be781ebf69af9e189ed0ceab5d35b757e8f2a47b |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Priority.bin
| MD5 | 9e0b3fe89f0b430b2f52f0550863f35d |
| SHA1 | aeaff1d75b5840424bbcafcccee563917e3756a2 |
| SHA256 | 7d00ca2f45aa1487402d6c3e39553527d6171347ce075dcf7e15d55662032744 |
| SHA512 | 0a2a9de6fda038b5beaeac90e8b207d0c3a7564f8f75871bd6eb094cb7d038d046c3a6d9a65d1420e0148916f7ec0f411c62aeb64f77d82a3c40561e74c00d44 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/filessessions_tmp
| MD5 | 329322db0ef69f90c20e91f8d9bd543d |
| SHA1 | 9c1571fea70470f59d62fcc8971eab35154a2619 |
| SHA256 | 786c1d48eebe1f1a1f2888d66fc3b48158fbdb97d2bffad6ef8ec96bf128f2fc |
| SHA512 | f01a8b9200111940e0cc7b2743ae4663006d9e41ad54e709ba0cf1ba6ced87ed72ec23a297481daff2a4a85af68ee7c95fc9a6fd35c95d8fb4fc6f606e8691de |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp
| MD5 | af53fa59a7f42d479e33b7f4f2b76f8c |
| SHA1 | a01a2eea3e4a609c716a3c326005d8b2a72b552c |
| SHA256 | 2ddcce762bda2fb1d3d9bda5bed658ed003bc5aaf2ea849a1bdc2b318666c457 |
| SHA512 | 4881add46af7c9385cf665468926f770793c03c376783f78c3d594f1c6f13443ae2a34f7ef04133d45a212c868346aa3899cc84f0b358fd0de555e8582af3549 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp
| MD5 | 25d9554de5cceae5afa038a898230241 |
| SHA1 | d0e27b2db9e26d3232bdf4edffaf1f73f2c13607 |
| SHA256 | 9f02130bd754df3108b5316bb987070063c895e3ed9276390d6a7439cdad33c7 |
| SHA512 | be529cfd3807dcf59a365371548c8372dc4a316b81168fcb753f122e0c3de31fd78ddc111e88239be397bf69a0ecb8f68294e7965145895fc8e5802f48cf8b69 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | dd279c3807bb59eb5e18eea3154981a6 |
| SHA1 | ca42789c790b0065dc662f700aa1ab14b3f4a5f1 |
| SHA256 | 0e0615e71d5eda361e5943665b01605c9973cff31aff7e1ce1a3a5a5fee3eed5 |
| SHA512 | 2422eec127a9edece9abfaf7fe4346281d13c265365e525781db83f73d013c447147e855fc1259a6c3ed06eb72ce89e8f8470a40a1b02fa0cffb72beb9afe151 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | 5e3ecdfa742c8a65f30666125b3dfa4a |
| SHA1 | 705fa681294051ad9c89e99debc689edc616c868 |
| SHA256 | 3d391bf763c6235435a07c851da08ed9b5b9bbb15473a5b79be9d6ef03e473d0 |
| SHA512 | d8f7b5203d314f14f41b6ee36e22e16d6d386b3ecc7ea9a6dbb842c01e565988ea1c5d4a21bdd6746d846a5ef5524cccda703c3e3a798fe23262d43cb7b2a34d |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | 9ba2f7400a1ef44be4b9fa6d11cd6020 |
| SHA1 | 3e11766d014d85e4d55b1c1d55348601b5ec56b0 |
| SHA256 | f786037805071dc2494c748e79341a917a7ba13eb9df2ccb1c2f48b7a74dcec5 |
| SHA512 | 1b3fde2fab6ba2d00d14060ebed4433d9e2961bec68fb6d790c8dd10847b20dd18b1246763c69c233d3b7ccc337f06d2ce3c0b5e9f175c916b92500ec014b919 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | 99138ba410bcc0bbb170ed27a51822a6 |
| SHA1 | 5d8414d3f34f88aa07ca8d53fd7af5a86a891df9 |
| SHA256 | 290b83e34dc319e5e6d03b96cf1bd45bf2ec5816d3a27b73ca46db6bb59201f9 |
| SHA512 | eb5b839e7307f5525c3678b31e778f39e4235f40738f5cec95f3ebcbff268b5084750a75742e5a0ddc0696a2c3a9fd9ba1631ac6de91fe2246452353878c6584 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | 52092be682497d8c29187e2ab9f2c80f |
| SHA1 | 9519a23435cb7d82eda66290f35cce8e255c618f |
| SHA256 | 82d35376cffb1b3387df7c8ea5d2fd3943257076f7b1b8189fade77343de8cf9 |
| SHA512 | 88e6e6a362618bfb6acb9e4b4af1edd0cba2a3e7f654dc5a9edd4cc4b4741e16e984a671fb8bfbce740e53eba400054bd413cd36717810d3183121e3cd121c34 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | c5981c6221c3a4093f0537afbd957e8c |
| SHA1 | 21d3572594f6123281d40cf2082a9a850ed64d1c |
| SHA256 | c86eea84e451c73c16d2fa58193a7fe2e5bd9aeb79abb66cc8833762c77e971c |
| SHA512 | a4bbd217682d2bd835229e2d656d7ee2afba22ea63b25270409380a58718f60257a9fe333acb64e069befca166264d2831c7e4541d0b8cdfe63f44e1c0a281b4 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Stream.bin
| MD5 | 35b3dbcfd0f22465bf76206b67356743 |
| SHA1 | c5f9290e92de6b850a00a2f8c52268a3d0736598 |
| SHA256 | 785acd219911c1450d5cd736616f45b18286b99483454518ba08e65840e5aff5 |
| SHA512 | 8a11e7ea91cdeda52f6c3857122d418cb2f66f1b89c1f0c604272c6f6a679caf7396345c4fdb9955dd584431010e9348389b6f6cdcd66234a75501dfd0adc69c |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/temp/connectivity_trackers
| MD5 | 0f894b810500657d6d8aac18f0878745 |
| SHA1 | 12e494e8bc6e05bcae18d589bdb86fffe4e5eff8 |
| SHA256 | 91543aba5c61b5cb86adb8c2bd8b3db53a0080cdd60da8a2e8840ba140fa9378 |
| SHA512 | 8980f50275b8823b8fe8e2e3fec9663993ebdbbcb7cdcd22e0d3c1387983b3262af4db99ebb92c23f5ee05d9cf5176fadb774250906bc9a13da6502792a659bc |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/temp/connectivity_trackers
| MD5 | b4a6c957fcf7ee072710576ad1cd6fc0 |
| SHA1 | 165efd29c6a4ef3a3c55ef88fb48d22aad8d4ce6 |
| SHA256 | c289902e88824c57a4896217290b5167bbade0a319d3ecd574a70c02c291bfa6 |
| SHA512 | 09f86a04c3af975c34d03a2e23cb1eb54ee66630981ccb30742b17334e6c0f3463d4f8344666c2fde02cbe90e8aa2045d8aa4ab28c89c0556e4629f1b1d452e2 |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/OLU_NOTIFICATION_STATUS.txt
| MD5 | f421758f95ac0e3242d4bcdaa9f5c314 |
| SHA1 | a53db36697b261f8903f440e88cc6e116079d373 |
| SHA256 | 984119b27e4e6542e1a7293994a00476b860463f6d7a25013a9799d3c5aae293 |
| SHA512 | c4623743be94a2b63a460bfebe88827870cdd55baa92906dabd7770b315f62aaa877d49a154a6f83fa40fcfd0786e31e1e1a46d811a36602fc4a94ca342307b3 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin
| MD5 | 295edb49c3be05796d0a627a8b02281d |
| SHA1 | 31587d097ee5317555bd7d7cc8610361879bc85c |
| SHA256 | eaa58148a5acfba1e8e4ffdda71a84c55e4899ce9a8c8682022d731839dbe86f |
| SHA512 | 607bba9ba58ed636e322f2734a1f12500feed9c13ce2ffc340289beffdd65ae4df3140e26319f2ef818d358667b3a6e730bef69a325079a02446731dd3e0608a |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | 241ae14898d12349b35a9fbc0314ef38 |
| SHA1 | be42530c01b0f67a5a5c6c2de33a750e2400bbb5 |
| SHA256 | d25b4da55bffc11b683c91083e5c4136665b277611281bfc51693aabe3eacf83 |
| SHA512 | a0e78d8e775553f00d71825e6666f063b1cea2e5ad50093a7a85cd945b8d205c9412ec70b2af91ae80090d39330cec10e6d0d443107f91748f1efa55b2f9e202 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp
| MD5 | 8a7748069d8ef577a35f1bf589fdfff7 |
| SHA1 | 93ceac8f704fdc41bb5c160fd06d6ad24caccf08 |
| SHA256 | b893ac0c4eff5003e5314dc8d5ac1eb908c85c15aeb5c94a3f36bfd6176f5246 |
| SHA512 | d39a0c8c275a5a99137b254578ee7e1e86beb4d8570c97177de67e65faa0f736c43b09101e494bd540b3daf150a93b2095d5e9b53ea3ed2ffc5cbf28cee32448 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Batched.bin
| MD5 | b05ffdf53acfb78a3a3f1a554e50faea |
| SHA1 | 7a81dbe4c31f4046e132086be4cc154bab16548c |
| SHA256 | 78c4f6d3534aa6c214047194519c346fd81ade60616d7e834cd3c7b572464d2e |
| SHA512 | 467b01a970f4591beeea8ec7800d1825f9252a1aa0ee12ecb41935a40e5bf2050b3971f2bf0910d90bf678524df650e29f1c20895339f1501144a832a116998d |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin
| MD5 | a33a2480f5587444b59e133bdce6a50d |
| SHA1 | 42692ab248aa529e0fb9020a4c6c75f3cd138b5e |
| SHA256 | ab63775604e5782efd9c3ca5ef8010b7eb7115d739894aec87b380a41469b962 |
| SHA512 | abe78b090c638a5ae3fb930c77e7f53e790ff9c0c08f4bef1e061889850d0d7461b3313506114e7a49e5b059c8cfbc9643b0ff29051e0fb9fab4e67ceb017774 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/FAT.bin
| MD5 | 5305423df8b1510f03aad092ea27351f |
| SHA1 | cb00879502e29ec84c4d7dc4a3cd95e208446313 |
| SHA256 | 69dd9a838e0c65bbe334ea87a00abe333fbdf5834852feb4a6ec89542e61461c |
| SHA512 | 2c27ce65380e3f025c6fc3efe53e91155b068ce827ce9b03c0d95d3ce9ef80b64cd724b17117c19505da808a9a0a64b506e887d282fc99348a51b93b4f7e4cde |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Linked.bin
| MD5 | 8a14af9010512d5afbebe3532b2db20e |
| SHA1 | 1e2049c22386f1710aebc0b6689784e5dd53c680 |
| SHA256 | 85058e15a25acaa394c8dc76b17253030db0df9f348ae8f9da7541621b2b91ee |
| SHA512 | 5acef8fb93cbcf8949a33b8a3f639a2f87d5088a852a08a8ca11caf36db73ec9f104b59f3b0ce885275100c4352a6f5b1ac91938c54174be7576333debbe8f80 |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/filesConfig.dat
| MD5 | 4e84168e873104faf804812dc312f6cc |
| SHA1 | 8556de1d9603458a3d223ce451655d962d7442d5 |
| SHA256 | 275c4a9ec0768a2ba0243f7f4079af360da6cf83870e2a687e21ebe3af9cccf4 |
| SHA512 | 93608fd5dcd001a40d7d8905b46494f280b5e2c948f531f5ced3328c287f37883b07d512e7ea4534fa4bdd39494b7e1955ed7ba1761efa849b9f53c40394094c |
/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/config2145938400
| MD5 | 7581368a7e32bc4a524fc3c80ae9e79c |
| SHA1 | 6f8b38c52511cc9618f635d2c52457052245979a |
| SHA256 | 89d8089439a995d0c48dd177538725fd4ff5c11ad56495266233baef0dd7ea87 |
| SHA512 | 96922cad41c3262addc198043a362d6cad99b39a9e393926f4b4d4b0a52d64c59902e0e9a183ce2f7b214be6dde0de4364b6def8e2d310aaf9d79f6ce0d8868c |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Tracking.bin
| MD5 | 1b2d3ec7973d57c12308a1b2343edc65 |
| SHA1 | f4bdc43b57f79dbf85f067a8922b82fb8adbb638 |
| SHA256 | 1ec7198253960031993bd7dfb36612e166d10a41f276a40a1d634b3b302e7516 |
| SHA512 | 1af02ac5a5a551523953090a79a07aa2d343d9e0c0c87b432584c608f053d7395d870fee34efa96e31b0a76fe5a6977c09c5ab824725711b8b68c84d4b88db74 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/AppEventsLogger.persistedsessioninfo
| MD5 | 892030c431e6e424729749f9c7ba605e |
| SHA1 | cb04c7730a1cb1bf4c89b99898349e0ec0900fe8 |
| SHA256 | 0ca53730852b43af28bbc9b87c35448bc7662ad45c990861461d270bd6690082 |
| SHA512 | 2c18160825107533e4077d9264a58445f8acacaf5d01abdae10764db834c3bd1c139f82fb82d7997b84a42afd77e0cf2da68a2723787ab821ba58d2c60dc5ea1 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/sf_cache/downloadables/store_config
| MD5 | 08c740015709c0acd6ba8f64d77207f6 |
| SHA1 | 5d60af1c69d629ead854a32d0b3738e7a9e1551b |
| SHA256 | e3ad60c6ea4f9cb8a90835a631709141f5c97b9b74ddac4e1fb55df8c8378a2d |
| SHA512 | 136635a6736588fa4ac22cca5fc50d1616e2621eac56456db3bcab54df7947f86a2a47f9cbbaf521abd81952cb94f6e91ee88c1933cb5b34631f13268349d497 |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/sf_cache/downloadables/store_config.metadata
| MD5 | 712f6243f606d2c7b2ab87bdd19f6e55 |
| SHA1 | 22fb7d5fbdad01cd940154208ba2474ea6d338bf |
| SHA256 | 6c26f65a0131c384a055486e063e3bd9c4fb1c935d0d1b054a5365afd98c2ac9 |
| SHA512 | e17ebdfa26ec3fe8b51b20f5b3fda9a39eb3a73d6cfc9e2395ab7bbaddf0dbc74734dda416aff87726e067bcabc6ca2ae52d5ac78a5029e4ade276188f4cc2ac |
/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Batched.bin
| MD5 | 62355fd81eda9833ab89692be41fbee9 |
| SHA1 | 16295d65c28608a992628495cbe404d7b2e9157c |
| SHA256 | b63b9f6443db65d3b3cc47b146b05cd9a4836b2a282cc61b23d74de93f64c23b |
| SHA512 | a211805a1b57448b34c23cc989a80accd1bf845684be700e77c2a83feb480c35e89bd2b33f341cda485a76c75e35b3b0b065dbd8fac850ea85f3896e2e6d8c17 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 16:24
Reported
2024-06-16 16:28
Platform
android-x86-arm-20240611.1-en
Max time kernel
170s
Max time network
183s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.rtk.app
com.rtk.app:pushservice
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.android.ruansky.com | udp |
| CN | 116.255.145.165:80 | api.android.ruansky.com | tcp |
| CN | 116.255.145.165:80 | api.android.ruansky.com | tcp |
| CN | 116.255.145.165:80 | api.android.ruansky.com | tcp |
| CN | 116.255.145.165:80 | api.android.ruansky.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 116.255.145.165:80 | api.android.ruansky.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
Files
/data/data/com.rtk.app/databases/xUtils.db-journal
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.rtk.app/databases/xUtils.db
| MD5 | 836df2ad0602558f4465e21b200d2323 |
| SHA1 | a1ca1f41badd3106fec46ef4e4b8429be482caac |
| SHA256 | 75d7d72f84ed379292981e4f9664ad714d26b2be64b33c907bae39916d52713f |
| SHA512 | 8c3e5ee8011e0cb5b09d1e939be3c31cb3e5e5b64b2ab9a274b5a0b2311af5b13b2f68611c3923ee1906847dafbf5c95d43d92fabca6ccfcaedfbb43a03fc2da |
/data/data/com.rtk.app/databases/xUtils.db-shm
| MD5 | 8a92b6ded5ff2d572064443bbad23607 |
| SHA1 | 715ae1971d19c7e21feb2985a097a3d0457fde57 |
| SHA256 | ad761e3f5abdf46b3abb61adc432ac601f7dcac2a1c2156bdef8039223414fd9 |
| SHA512 | c1febe42a0bc6585ad224b106665b93c9ae05498ca49977a63ff5c9b4cff1d257c6e7b90a027f482d1b3edca5dba3a6571ef997f867a20427bffe3d214a0f975 |
/data/data/com.rtk.app/databases/xUtils.db-wal
| MD5 | 37985d5cbed1a82d80eefaa11fed79ee |
| SHA1 | 2700e3844901ed0b1ed38782ac6dd7def3817783 |
| SHA256 | 59a679183b88c7e1a6d3faba5d9317b5e9f4399019e9841a2de6c29edcac86b2 |
| SHA512 | 1fd5177a8bae1418f2f544494239b38f6cf2e398b977c758e076a2b7afd65c17b125e5f4bf893e7a01c2bb468730da21a1d14329914cb61aca9d3313311f69ed |
/data/data/com.rtk.app/databases/cc/cc.db-journal
| MD5 | 5c5cce85e8abbf0980f4220870adb4d7 |
| SHA1 | e8f1f5d6e548216c25da6f0685745b13a6dcbdbc |
| SHA256 | 95f0ef76505d44915b1280f1aae340a2f8124f86547f09d0be6a40fcb6a2468b |
| SHA512 | e99280bdbf704804251871c82d0aa6040b4696f9cc210c03bbf722427519df3b17f6f0eb06323b27317bfdc5782a32d0c3252d94eab6fd4889409beab3c28519 |
/data/data/com.rtk.app/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.rtk.app/databases/cc/cc.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.rtk.app/databases/cc/cc.db-wal
| MD5 | dd7f903b8f0c6d197cfa390acfb1ba0b |
| SHA1 | 3ee3375f8924832a4481710ac7683ba9cf6f36c1 |
| SHA256 | 5fa9e16ce5abb20b3e0d987c8b7c3ae59acd9393cbf3fd87d47f150bd5c65969 |
| SHA512 | bbc71c950c4312fb9b9475b60d192d982bb9d40a55754adcddc3fac4a5a1e0c107390deac834b885421d23749f4a49fcabd45fb30fadba36074cc3cfd2a52c08 |
/data/data/com.rtk.app/files/umeng_it.cache
| MD5 | 036427c6aa9d197b0d4d93196737930a |
| SHA1 | c407dc25e4d8fe55e3a7f7c764173e5bae899091 |
| SHA256 | 82e51726b867126de5a9f5351165c54c62cd89eb09db3e20a7b0ad1aafd2579f |
| SHA512 | a98a81f0c5215edc4faecaae5b3ed8822ec93c2c3f771dbe60c163668889ea88cfa92c73f6ffa42b74d0979b556fcb1038edadc4651d0f97af4f4eb457994126 |
/data/data/com.rtk.app/files/.umeng/exchangeIdentity.json
| MD5 | 6f10c048326009b55c8580bd3ef4261e |
| SHA1 | 8f28ad4f3606dfe7f54e70fed0981a1ccf31a49e |
| SHA256 | 9892e0682597a6dc24c5c024837c2da8e9b2e8d965907f2211e0558948111ec5 |
| SHA512 | 504d3e9370d2efdbd3a641c8599e08f84eba130a66817e3dc41585b93aa250437c3e005a2260130a2398aaaec82e917b474047da2fbd58741b0cc05cf0c04644 |
/data/data/com.rtk.app/files/exid.dat
| MD5 | 82495018a5ba1bf49824864238e526fb |
| SHA1 | b64fa53f8992a759c6d650a8aad6d9a1a4f0a4de |
| SHA256 | 2779a08816074014397af9101f2a9b1ac828307b83d8ef67dc0edf2ef2394b6f |
| SHA512 | c09d161837c185563f71a9cf16aee6e8c0e9d993e5d386e37c9285ae26a4c031623fe371c155ffdec5d6e3a15df88b5d221d7fa53a4b95a2fb35741b29738a0d |
/data/data/com.rtk.app/databases/cc/cc.db-wal
| MD5 | cc5684cf9fde78d220fdcf6a4b5b35e7 |
| SHA1 | 35bde9959439501989f8aec81b46ae72cae203a0 |
| SHA256 | 85014152890b2918a1305ecc9c2102f84be042a113005a26189480d072abf605 |
| SHA512 | e8b931c07d8e3f61df0b4b059e337264b7891d91fd989ef9c013770d7f1ae89e1c929d9002380fca9151b25fb2bc15a03f7bf5d606a675ce0ad4530043e925ea |
/data/data/com.rtk.app/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.rtk.app/files/.um/um_cache_1718555245980.env
| MD5 | 5ae7bb7ce11cb9483395a3fbbdbfc58e |
| SHA1 | f3fb95ddad6d5320c00fe45412287b83d86ce472 |
| SHA256 | 33c75fa94add1f11a4a270128bf678d734e5a77616f8e9ff5bb01515d8355a2b |
| SHA512 | 065794dd3ed31de499d1e6ee1e1c74a1fe1f61e098d91dd11212b85a9ba218a9e06dd84e9d7115879778ad9172dd1a9a08345acc043e40957884ce0dcf51da3d |