Malware Analysis Report

2025-01-19 08:01

Sample ID 240616-twmbhstfnq
Target com-mod-minion-rush-despicable-me-official-game-v4-5-0h-mod.apk
SHA256 abf975472d394aea8f569aa644a400d4d0f8d325c851c0eaef870aaffb882572
Tags
banker discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

abf975472d394aea8f569aa644a400d4d0f8d325c851c0eaef870aaffb882572

Threat Level: Likely malicious

The file com-mod-minion-rush-despicable-me-official-game-v4-5-0h-mod.apk was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries the mobile country code (MCC)

Requests dangerous framework permissions

Queries information about active data network

Queries information about the current Wi-Fi connection

Declares services with permission to bind to the system

Reads information about phone network operator.

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-16 16:24

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-16 16:24

Reported

2024-06-16 16:28

Platform

android-x86-arm-20240611.1-en

Max time kernel

179s

Max time network

188s

Command Line

com.gameloft.android.ANMP.GloftDMHM

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.gameloft.android.ANMP.GloftDMHM

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 z.moatads.com udp
GB 2.23.161.123:443 z.moatads.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.151.23:443 graph.facebook.com tcp
GB 163.70.151.23:443 graph.facebook.com tcp
US 1.1.1.1:53 201205igp.gameloft.com udp
CA 208.71.185.246:443 201205igp.gameloft.com tcp
US 1.1.1.1:53 eve.gameloft.com udp
CA 208.71.185.246:443 eve.gameloft.com tcp
CA 208.71.185.246:443 eve.gameloft.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 vgold.gameloft.com udp
CA 208.71.185.242:20000 vgold.gameloft.com tcp
CA 208.71.185.242:20000 vgold.gameloft.com tcp
CA 208.71.185.242:20000 vgold.gameloft.com tcp
US 1.1.1.1:53 bob-iris.gameloft.com udp
CA 208.71.185.242:443 bob-iris.gameloft.com tcp
US 1.1.1.1:53 gdid.datalake.gameloft.com udp
US 52.54.189.240:80 gdid.datalake.gameloft.com tcp
US 1.1.1.1:53 bob-janus.gameloft.com udp
CA 208.71.185.242:443 bob-janus.gameloft.com tcp
CA 208.71.185.242:443 bob-janus.gameloft.com tcp
US 1.1.1.1:53 iris06-gold-ssl.gameloft.com udp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:20000 bob-janus.gameloft.com tcp
US 1.1.1.1:53 a314.gameloft.com udp
CA 208.71.185.246:80 a314.gameloft.com tcp
CA 208.71.185.246:80 a314.gameloft.com tcp
CA 208.71.185.242:443 bob-janus.gameloft.com tcp
US 1.1.1.1:53 iap-gen.gameloft.com udp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
CA 208.71.185.242:443 bob-janus.gameloft.com tcp
US 1.1.1.1:53 bob-seshat.gameloft.com udp
CA 208.71.185.242:443 bob-seshat.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
CA 208.71.185.242:20000 bob-seshat.gameloft.com tcp
CA 208.71.185.242:443 bob-seshat.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
GB 163.70.151.23:443 graph.facebook.com tcp
US 1.1.1.1:53 oct.tools.gameloft.com udp
CA 208.71.185.242:443 bob-seshat.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-seshat.gameloft.com tcp
US 1.1.1.1:53 bob-hestia.gameloft.com udp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.246:80 a314.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.246:80 a314.gameloft.com tcp
CA 208.71.185.242:20000 bob-hestia.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
CA 208.71.185.127:443 iap-gen.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:20000 bob-hestia.gameloft.com tcp
US 1.1.1.1:53 etsv2.datalake.gameloft.com udp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 216.58.212.202:443 tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:20000 bob-hestia.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.90:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 1.1.1.1:53 iris06-gold-ssl.gameloft.com udp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 1.1.1.1:53 oct.tools.gameloft.com udp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.40:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 1.1.1.1:53 iris06-gold-ssl.gameloft.com udp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 1.1.1.1:53 oct.tools.gameloft.com udp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 52.54.189.240:80 etsv2.datalake.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 1.1.1.1:53 oct.tools.gameloft.com udp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
US 52.4.192.216:443 oct.tools.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp
GB 13.224.245.128:443 iris06-gold-ssl.gameloft.com tcp
CA 208.71.185.242:443 bob-hestia.gameloft.com tcp

Files

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-journal

MD5 bb0db7de94d1eef873159eb2dd2e8e1c
SHA1 8fb169e35d75647c9e3a1470300e81b723e5faf5
SHA256 022b044d0dff2d6cc15b9156436feb0ed76f430a5e9e1692c89e994704f0742f
SHA512 5ae45a655caab011480403d59d7ab89f38e771b1975fc095dc35e03a250d1336ff57dde3fa1f7875cfbb2491eb1f893e08b742381cb46986f156f2e0228d9c20

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/google_analytics_v4.db-wal

MD5 20ca5290d78dcfc959137975f7c77295
SHA1 60e4b0186cc19e5d7450c86e92331460d1982567
SHA256 3ad6d8b2a9bec066e96e1555d9569649abb22e318ae5220f36509bc49b27f814
SHA512 db66fda7bab94b896d7155eb8dc9f8135f9c66f9751277bf5d218a3cb830105eb2be3952a6e95417d4e04a395adc546dc3c3d6d4e83204eaaea7a5e08d8c1e02

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/PN.db-journal

MD5 494a90d7d681630954cce12346b621d6
SHA1 94eb4fd359d626e0866aacd06840384f7ae3d6f2
SHA256 5e528754d2348045c8b084b5fa75b72ce57afe94ed7b9ff53122468904876bf9
SHA512 1ffab73a4822cb74dd7f2517af441d9123bd6b878ba1e51fea459f236d0e151bab01da0a4e369971e8f6c3f66f0a44b31c916329e44e67006be31c79929c733b

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/PN.db-wal

MD5 8adab7e2f6b21300eda9546c8a08e9bc
SHA1 1edad3776dea703732fcd8cefa2efd1b00f54203
SHA256 efbc1640b021be9ed237cbb676cf2796c29e8a5f895f627fb88c5513c3f395c4
SHA512 1b6836ac46f8b86f997c26813e6b0d5d67f9f4fe4471f40e2af32c4cfdd663804d4cba7f90675399c04e72a6f5481f916cf4f5faa96b7a4c7923734059b3ce8c

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/gameloft_sharing-journal

MD5 9b004a047d8bc735cedcf978486f92c1
SHA1 083d8472b6b0846d1c2b8806d5cc10f2974848f2
SHA256 de6cb295eadfaf2034819e05eef33587700feaafaa1bbbf9fa6f85bfccb015a7
SHA512 3333c63c852b5a65a68f33f69a501019d67f1b51db97411e1826d022bcf1a2172059b76b96a9c583a214fafb8f04f3969140d9bd7b711b71132e7a82755d1aca

/data/data/com.gameloft.android.ANMP.GloftDMHM/databases/gameloft_sharing-wal

MD5 90fcd690881d1b1cdf3977667e39aa78
SHA1 daef2c3f94f74b8e03960c6d3f335a1f2136a394
SHA256 1e602b709aa448bc0027b055ebf268b343888c8ec0f16f19c9f6a2fb5e2b07f3
SHA512 1f33102fc12e40c5323fd9241d028bbc68e61f0f0db612df19195b78a39fb5bee224e67730a8987470424178f4a8f39d0f94c6d6ac8eab1ec046d4d7cfc100c7

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/GameOptions.json

MD5 16405c047dfc4d01f0a3b9e99030b8c4
SHA1 ae3e7b5f49ef1fe5c4254f9a096225c81772d50a
SHA256 49ea334a74b99b322cdb4fc1a29fb233ee3e8dcd9d5afe7a8fb14e60e99dd138
SHA512 70426ee988662034ad7491937ed7697a778ee7306a951a8ef564c1e4d88be4175b0e8acbc60e60a52cbe2b5b7232395b53be427fe4ce30135a0424eca15d6a08

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gaClientId

MD5 ac966b2c6fc278e22d9ceb02bcad3ef8
SHA1 17c1ab89c36d25d6613e0ba65d43390c51d54138
SHA256 c1fbc7c671b28095f67dd6f13685dd9c56694509e590b1ccc5fedb669f9d9ae3
SHA512 2874912f6f44bdf67526ef8890f8a4e130ce816333dd2e0a14ca3ab3363ce9e7333fd39d293a14896c4949d3cd489fd86db928371907066ae8fd097c20ede607

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/InstallInfo.bin

MD5 d260d9c48092dda516e3a41bc93b984f
SHA1 eef49f1a283ea27a2d045f791f95144c252316a8
SHA256 842dcca2e35178bc70f6b0ba2b219d0d22629fa84d2dd2135f93bb552542d0a2
SHA512 6659b033fb7f8b6d3d991a96f3e3415133ab15a544688729b540dfa87d316954b3f65080f493ee7d818872dbd9b9e43711df13bb406daa3b22580d23dcdce7f6

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 d43fbec244cb4d4fa8e29840a662bb38
SHA1 95bab56606a2587097dc14e8bf78aff4fa836cae
SHA256 4bba77af876775db5a35d33f6875c2330fa85dc04f3ba3b539287bfb7c79dea6
SHA512 69e9790097520e016ba02298483f40e2c63ae6155c9752a2a418d7d412309f0c500c3a46863a067ec54dc9d98e8b7b0df439aa3f2d9006718400aac638749200

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Sessions.bin

MD5 4840d116dfe4f0dc2f9f1774e0da16d2
SHA1 67e69345a4afaf19002ab71bb417ac022736d69a
SHA256 7b3ca0f68b7dbbc0c0b54de6c97240b0009b103757d8604e090857728cbc0cca
SHA512 3126f2186fc8ca42475420caaaab17aae144a1a4295efb131a02362e54a04b0df9dfc66bda50b6db1c4885f47fc05d2a7bd7f9521fc97315a959278248bd7217

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Device.bin

MD5 3bb31df88365870810c321c42e7ca3c0
SHA1 0b464e1fe34b3bc0e9bbe5d04932ce88d6d15b62
SHA256 eeb0cf3b7250983e468495477b3f1956e5529e3c5fd94ea45adbf1008375deb0
SHA512 2321e7d861381ee00e9684869a42d8ce0e81703f4d94621c0c1ed9207e34f33bcec7185b0a88ad33d8e473f8397198803bda9697147c8063ee7ba79c9bcc872b

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 902687f6fb17f8711d115df91fea7bd4
SHA1 e6f01590bd48e17e077f4cc920d8b452dabb6cd8
SHA256 506c8bdf1b433885635fbc1be0a9f2dcf87e3511c1117d327bc7622cedb8577b
SHA512 9527410a8413a98a2aeadf095d9ebe96556e1173228320dbb8690233d1882267f521daf241fa3a29d3d09eaff18d6699391220f68150bed61dcc17c713066e44

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 1ec81e25e80b82734c1b113bb5bfb79d
SHA1 13106ef4dd623d11f95c5c24e3311b670219a60e
SHA256 ec57f22e4650893c2bde7a9648a73a69dbc9362f353dde89d7f3398ff23bb3e6
SHA512 1093c275f3cae098f19bf894a6e0493f62a9c5745c28a298a92ba4581a9c97694088b39fc65e77d0cc251f4c8a24b91ce7fe9292af01e8b687d0c951d2c8ceee

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/TFAT.bin

MD5 22b83e89d57aa7ed60941102a8a7dbaf
SHA1 2fd5ec170a71b3f73dd2051564f112710fcb87ec
SHA256 df70987c91ed1ba8361b83afa4a9827507c469ca71388f6f1c09c2a659fcd6ea
SHA512 293ccd8e7152bdff85e6d42224aa57f050ecd7e2aaecb6dba948fc53e36d4eb0b2f1d46040b760189ea5dae8be781ebf69af9e189ed0ceab5d35b757e8f2a47b

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Priority.bin

MD5 9e0b3fe89f0b430b2f52f0550863f35d
SHA1 aeaff1d75b5840424bbcafcccee563917e3756a2
SHA256 7d00ca2f45aa1487402d6c3e39553527d6171347ce075dcf7e15d55662032744
SHA512 0a2a9de6fda038b5beaeac90e8b207d0c3a7564f8f75871bd6eb094cb7d038d046c3a6d9a65d1420e0148916f7ec0f411c62aeb64f77d82a3c40561e74c00d44

/data/data/com.gameloft.android.ANMP.GloftDMHM/filessessions_tmp

MD5 329322db0ef69f90c20e91f8d9bd543d
SHA1 9c1571fea70470f59d62fcc8971eab35154a2619
SHA256 786c1d48eebe1f1a1f2888d66fc3b48158fbdb97d2bffad6ef8ec96bf128f2fc
SHA512 f01a8b9200111940e0cc7b2743ae4663006d9e41ad54e709ba0cf1ba6ced87ed72ec23a297481daff2a4a85af68ee7c95fc9a6fd35c95d8fb4fc6f606e8691de

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp

MD5 af53fa59a7f42d479e33b7f4f2b76f8c
SHA1 a01a2eea3e4a609c716a3c326005d8b2a72b552c
SHA256 2ddcce762bda2fb1d3d9bda5bed658ed003bc5aaf2ea849a1bdc2b318666c457
SHA512 4881add46af7c9385cf665468926f770793c03c376783f78c3d594f1c6f13443ae2a34f7ef04133d45a212c868346aa3899cc84f0b358fd0de555e8582af3549

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp

MD5 25d9554de5cceae5afa038a898230241
SHA1 d0e27b2db9e26d3232bdf4edffaf1f73f2c13607
SHA256 9f02130bd754df3108b5316bb987070063c895e3ed9276390d6a7439cdad33c7
SHA512 be529cfd3807dcf59a365371548c8372dc4a316b81168fcb753f122e0c3de31fd78ddc111e88239be397bf69a0ecb8f68294e7965145895fc8e5802f48cf8b69

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 dd279c3807bb59eb5e18eea3154981a6
SHA1 ca42789c790b0065dc662f700aa1ab14b3f4a5f1
SHA256 0e0615e71d5eda361e5943665b01605c9973cff31aff7e1ce1a3a5a5fee3eed5
SHA512 2422eec127a9edece9abfaf7fe4346281d13c265365e525781db83f73d013c447147e855fc1259a6c3ed06eb72ce89e8f8470a40a1b02fa0cffb72beb9afe151

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 5e3ecdfa742c8a65f30666125b3dfa4a
SHA1 705fa681294051ad9c89e99debc689edc616c868
SHA256 3d391bf763c6235435a07c851da08ed9b5b9bbb15473a5b79be9d6ef03e473d0
SHA512 d8f7b5203d314f14f41b6ee36e22e16d6d386b3ecc7ea9a6dbb842c01e565988ea1c5d4a21bdd6746d846a5ef5524cccda703c3e3a798fe23262d43cb7b2a34d

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 9ba2f7400a1ef44be4b9fa6d11cd6020
SHA1 3e11766d014d85e4d55b1c1d55348601b5ec56b0
SHA256 f786037805071dc2494c748e79341a917a7ba13eb9df2ccb1c2f48b7a74dcec5
SHA512 1b3fde2fab6ba2d00d14060ebed4433d9e2961bec68fb6d790c8dd10847b20dd18b1246763c69c233d3b7ccc337f06d2ce3c0b5e9f175c916b92500ec014b919

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 99138ba410bcc0bbb170ed27a51822a6
SHA1 5d8414d3f34f88aa07ca8d53fd7af5a86a891df9
SHA256 290b83e34dc319e5e6d03b96cf1bd45bf2ec5816d3a27b73ca46db6bb59201f9
SHA512 eb5b839e7307f5525c3678b31e778f39e4235f40738f5cec95f3ebcbff268b5084750a75742e5a0ddc0696a2c3a9fd9ba1631ac6de91fe2246452353878c6584

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 52092be682497d8c29187e2ab9f2c80f
SHA1 9519a23435cb7d82eda66290f35cce8e255c618f
SHA256 82d35376cffb1b3387df7c8ea5d2fd3943257076f7b1b8189fade77343de8cf9
SHA512 88e6e6a362618bfb6acb9e4b4af1edd0cba2a3e7f654dc5a9edd4cc4b4741e16e984a671fb8bfbce740e53eba400054bd413cd36717810d3183121e3cd121c34

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 c5981c6221c3a4093f0537afbd957e8c
SHA1 21d3572594f6123281d40cf2082a9a850ed64d1c
SHA256 c86eea84e451c73c16d2fa58193a7fe2e5bd9aeb79abb66cc8833762c77e971c
SHA512 a4bbd217682d2bd835229e2d656d7ee2afba22ea63b25270409380a58718f60257a9fe333acb64e069befca166264d2831c7e4541d0b8cdfe63f44e1c0a281b4

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Stream.bin

MD5 35b3dbcfd0f22465bf76206b67356743
SHA1 c5f9290e92de6b850a00a2f8c52268a3d0736598
SHA256 785acd219911c1450d5cd736616f45b18286b99483454518ba08e65840e5aff5
SHA512 8a11e7ea91cdeda52f6c3857122d418cb2f66f1b89c1f0c604272c6f6a679caf7396345c4fdb9955dd584431010e9348389b6f6cdcd66234a75501dfd0adc69c

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/temp/connectivity_trackers

MD5 0f894b810500657d6d8aac18f0878745
SHA1 12e494e8bc6e05bcae18d589bdb86fffe4e5eff8
SHA256 91543aba5c61b5cb86adb8c2bd8b3db53a0080cdd60da8a2e8840ba140fa9378
SHA512 8980f50275b8823b8fe8e2e3fec9663993ebdbbcb7cdcd22e0d3c1387983b3262af4db99ebb92c23f5ee05d9cf5176fadb774250906bc9a13da6502792a659bc

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/temp/connectivity_trackers

MD5 b4a6c957fcf7ee072710576ad1cd6fc0
SHA1 165efd29c6a4ef3a3c55ef88fb48d22aad8d4ce6
SHA256 c289902e88824c57a4896217290b5167bbade0a319d3ecd574a70c02c291bfa6
SHA512 09f86a04c3af975c34d03a2e23cb1eb54ee66630981ccb30742b17334e6c0f3463d4f8344666c2fde02cbe90e8aa2045d8aa4ab28c89c0556e4629f1b1d452e2

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/OLU_NOTIFICATION_STATUS.txt

MD5 f421758f95ac0e3242d4bcdaa9f5c314
SHA1 a53db36697b261f8903f440e88cc6e116079d373
SHA256 984119b27e4e6542e1a7293994a00476b860463f6d7a25013a9799d3c5aae293
SHA512 c4623743be94a2b63a460bfebe88827870cdd55baa92906dabd7770b315f62aaa877d49a154a6f83fa40fcfd0786e31e1e1a46d811a36602fc4a94ca342307b3

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Timer.bin

MD5 295edb49c3be05796d0a627a8b02281d
SHA1 31587d097ee5317555bd7d7cc8610361879bc85c
SHA256 eaa58148a5acfba1e8e4ffdda71a84c55e4899ce9a8c8682022d731839dbe86f
SHA512 607bba9ba58ed636e322f2734a1f12500feed9c13ce2ffc340289beffdd65ae4df3140e26319f2ef818d358667b3a6e730bef69a325079a02446731dd3e0608a

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 241ae14898d12349b35a9fbc0314ef38
SHA1 be42530c01b0f67a5a5c6c2de33a750e2400bbb5
SHA256 d25b4da55bffc11b683c91083e5c4136665b277611281bfc51693aabe3eacf83
SHA512 a0e78d8e775553f00d71825e6666f063b1cea2e5ad50093a7a85cd945b8d205c9412ec70b2af91ae80090d39330cec10e6d0d443107f91748f1efa55b2f9e202

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/settings_tmp

MD5 8a7748069d8ef577a35f1bf589fdfff7
SHA1 93ceac8f704fdc41bb5c160fd06d6ad24caccf08
SHA256 b893ac0c4eff5003e5314dc8d5ac1eb908c85c15aeb5c94a3f36bfd6176f5246
SHA512 d39a0c8c275a5a99137b254578ee7e1e86beb4d8570c97177de67e65faa0f736c43b09101e494bd540b3daf150a93b2095d5e9b53ea3ed2ffc5cbf28cee32448

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Batched.bin

MD5 b05ffdf53acfb78a3a3f1a554e50faea
SHA1 7a81dbe4c31f4046e132086be4cc154bab16548c
SHA256 78c4f6d3534aa6c214047194519c346fd81ade60616d7e834cd3c7b572464d2e
SHA512 467b01a970f4591beeea8ec7800d1825f9252a1aa0ee12ecb41935a40e5bf2050b3971f2bf0910d90bf678524df650e29f1c20895339f1501144a832a116998d

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Token.bin

MD5 a33a2480f5587444b59e133bdce6a50d
SHA1 42692ab248aa529e0fb9020a4c6c75f3cd138b5e
SHA256 ab63775604e5782efd9c3ca5ef8010b7eb7115d739894aec87b380a41469b962
SHA512 abe78b090c638a5ae3fb930c77e7f53e790ff9c0c08f4bef1e061889850d0d7461b3313506114e7a49e5b059c8cfbc9643b0ff29051e0fb9fab4e67ceb017774

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/FAT.bin

MD5 5305423df8b1510f03aad092ea27351f
SHA1 cb00879502e29ec84c4d7dc4a3cd95e208446313
SHA256 69dd9a838e0c65bbe334ea87a00abe333fbdf5834852feb4a6ec89542e61461c
SHA512 2c27ce65380e3f025c6fc3efe53e91155b068ce827ce9b03c0d95d3ce9ef80b64cd724b17117c19505da808a9a0a64b506e887d282fc99348a51b93b4f7e4cde

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Linked.bin

MD5 8a14af9010512d5afbebe3532b2db20e
SHA1 1e2049c22386f1710aebc0b6689784e5dd53c680
SHA256 85058e15a25acaa394c8dc76b17253030db0df9f348ae8f9da7541621b2b91ee
SHA512 5acef8fb93cbcf8949a33b8a3f639a2f87d5088a852a08a8ca11caf36db73ec9f104b59f3b0ce885275100c4352a6f5b1ac91938c54174be7576333debbe8f80

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/filesConfig.dat

MD5 4e84168e873104faf804812dc312f6cc
SHA1 8556de1d9603458a3d223ce451655d962d7442d5
SHA256 275c4a9ec0768a2ba0243f7f4079af360da6cf83870e2a687e21ebe3af9cccf4
SHA512 93608fd5dcd001a40d7d8905b46494f280b5e2c948f531f5ced3328c287f37883b07d512e7ea4534fa4bdd39494b7e1955ed7ba1761efa849b9f53c40394094c

/storage/emulated/0/Android/data/com.gameloft.android.ANMP.GloftDMHM/files/config2145938400

MD5 7581368a7e32bc4a524fc3c80ae9e79c
SHA1 6f8b38c52511cc9618f635d2c52457052245979a
SHA256 89d8089439a995d0c48dd177538725fd4ff5c11ad56495266233baef0dd7ea87
SHA512 96922cad41c3262addc198043a362d6cad99b39a9e393926f4b4d4b0a52d64c59902e0e9a183ce2f7b214be6dde0de4364b6def8e2d310aaf9d79f6ce0d8868c

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Tracking.bin

MD5 1b2d3ec7973d57c12308a1b2343edc65
SHA1 f4bdc43b57f79dbf85f067a8922b82fb8adbb638
SHA256 1ec7198253960031993bd7dfb36612e166d10a41f276a40a1d634b3b302e7516
SHA512 1af02ac5a5a551523953090a79a07aa2d343d9e0c0c87b432584c608f053d7395d870fee34efa96e31b0a76fe5a6977c09c5ab824725711b8b68c84d4b88db74

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/AppEventsLogger.persistedsessioninfo

MD5 892030c431e6e424729749f9c7ba605e
SHA1 cb04c7730a1cb1bf4c89b99898349e0ec0900fe8
SHA256 0ca53730852b43af28bbc9b87c35448bc7662ad45c990861461d270bd6690082
SHA512 2c18160825107533e4077d9264a58445f8acacaf5d01abdae10764db834c3bd1c139f82fb82d7997b84a42afd77e0cf2da68a2723787ab821ba58d2c60dc5ea1

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/sf_cache/downloadables/store_config

MD5 08c740015709c0acd6ba8f64d77207f6
SHA1 5d60af1c69d629ead854a32d0b3738e7a9e1551b
SHA256 e3ad60c6ea4f9cb8a90835a631709141f5c97b9b74ddac4e1fb55df8c8378a2d
SHA512 136635a6736588fa4ac22cca5fc50d1616e2621eac56456db3bcab54df7947f86a2a47f9cbbaf521abd81952cb94f6e91ee88c1933cb5b34631f13268349d497

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/sf_cache/downloadables/store_config.metadata

MD5 712f6243f606d2c7b2ab87bdd19f6e55
SHA1 22fb7d5fbdad01cd940154208ba2474ea6d338bf
SHA256 6c26f65a0131c384a055486e063e3bd9c4fb1c935d0d1b054a5365afd98c2ac9
SHA512 e17ebdfa26ec3fe8b51b20f5b3fda9a39eb3a73d6cfc9e2395ab7bbaddf0dbc74734dda416aff87726e067bcabc6ca2ae52d5ac78a5029e4ade276188f4cc2ac

/data/data/com.gameloft.android.ANMP.GloftDMHM/files/gv3/Batched.bin

MD5 62355fd81eda9833ab89692be41fbee9
SHA1 16295d65c28608a992628495cbe404d7b2e9157c
SHA256 b63b9f6443db65d3b3cc47b146b05cd9a4836b2a282cc61b23d74de93f64c23b
SHA512 a211805a1b57448b34c23cc989a80accd1bf845684be700e77c2a83feb480c35e89bd2b33f341cda485a76c75e35b3b0b065dbd8fac850ea85f3896e2e6d8c17

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-16 16:24

Reported

2024-06-16 16:28

Platform

android-x86-arm-20240611.1-en

Max time kernel

170s

Max time network

183s

Command Line

com.rtk.app

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.rtk.app

com.rtk.app:pushservice

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 api.android.ruansky.com udp
CN 116.255.145.165:80 api.android.ruansky.com tcp
CN 116.255.145.165:80 api.android.ruansky.com tcp
CN 116.255.145.165:80 api.android.ruansky.com tcp
CN 116.255.145.165:80 api.android.ruansky.com tcp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp
CN 116.255.145.165:80 api.android.ruansky.com tcp
CN 183.134.98.112:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.76:5224 sdk.open.talk.getui.net tcp

Files

/data/data/com.rtk.app/databases/xUtils.db-journal

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.rtk.app/databases/xUtils.db

MD5 836df2ad0602558f4465e21b200d2323
SHA1 a1ca1f41badd3106fec46ef4e4b8429be482caac
SHA256 75d7d72f84ed379292981e4f9664ad714d26b2be64b33c907bae39916d52713f
SHA512 8c3e5ee8011e0cb5b09d1e939be3c31cb3e5e5b64b2ab9a274b5a0b2311af5b13b2f68611c3923ee1906847dafbf5c95d43d92fabca6ccfcaedfbb43a03fc2da

/data/data/com.rtk.app/databases/xUtils.db-shm

MD5 8a92b6ded5ff2d572064443bbad23607
SHA1 715ae1971d19c7e21feb2985a097a3d0457fde57
SHA256 ad761e3f5abdf46b3abb61adc432ac601f7dcac2a1c2156bdef8039223414fd9
SHA512 c1febe42a0bc6585ad224b106665b93c9ae05498ca49977a63ff5c9b4cff1d257c6e7b90a027f482d1b3edca5dba3a6571ef997f867a20427bffe3d214a0f975

/data/data/com.rtk.app/databases/xUtils.db-wal

MD5 37985d5cbed1a82d80eefaa11fed79ee
SHA1 2700e3844901ed0b1ed38782ac6dd7def3817783
SHA256 59a679183b88c7e1a6d3faba5d9317b5e9f4399019e9841a2de6c29edcac86b2
SHA512 1fd5177a8bae1418f2f544494239b38f6cf2e398b977c758e076a2b7afd65c17b125e5f4bf893e7a01c2bb468730da21a1d14329914cb61aca9d3313311f69ed

/data/data/com.rtk.app/databases/cc/cc.db-journal

MD5 5c5cce85e8abbf0980f4220870adb4d7
SHA1 e8f1f5d6e548216c25da6f0685745b13a6dcbdbc
SHA256 95f0ef76505d44915b1280f1aae340a2f8124f86547f09d0be6a40fcb6a2468b
SHA512 e99280bdbf704804251871c82d0aa6040b4696f9cc210c03bbf722427519df3b17f6f0eb06323b27317bfdc5782a32d0c3252d94eab6fd4889409beab3c28519

/data/data/com.rtk.app/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.rtk.app/databases/cc/cc.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.rtk.app/databases/cc/cc.db-wal

MD5 dd7f903b8f0c6d197cfa390acfb1ba0b
SHA1 3ee3375f8924832a4481710ac7683ba9cf6f36c1
SHA256 5fa9e16ce5abb20b3e0d987c8b7c3ae59acd9393cbf3fd87d47f150bd5c65969
SHA512 bbc71c950c4312fb9b9475b60d192d982bb9d40a55754adcddc3fac4a5a1e0c107390deac834b885421d23749f4a49fcabd45fb30fadba36074cc3cfd2a52c08

/data/data/com.rtk.app/files/umeng_it.cache

MD5 036427c6aa9d197b0d4d93196737930a
SHA1 c407dc25e4d8fe55e3a7f7c764173e5bae899091
SHA256 82e51726b867126de5a9f5351165c54c62cd89eb09db3e20a7b0ad1aafd2579f
SHA512 a98a81f0c5215edc4faecaae5b3ed8822ec93c2c3f771dbe60c163668889ea88cfa92c73f6ffa42b74d0979b556fcb1038edadc4651d0f97af4f4eb457994126

/data/data/com.rtk.app/files/.umeng/exchangeIdentity.json

MD5 6f10c048326009b55c8580bd3ef4261e
SHA1 8f28ad4f3606dfe7f54e70fed0981a1ccf31a49e
SHA256 9892e0682597a6dc24c5c024837c2da8e9b2e8d965907f2211e0558948111ec5
SHA512 504d3e9370d2efdbd3a641c8599e08f84eba130a66817e3dc41585b93aa250437c3e005a2260130a2398aaaec82e917b474047da2fbd58741b0cc05cf0c04644

/data/data/com.rtk.app/files/exid.dat

MD5 82495018a5ba1bf49824864238e526fb
SHA1 b64fa53f8992a759c6d650a8aad6d9a1a4f0a4de
SHA256 2779a08816074014397af9101f2a9b1ac828307b83d8ef67dc0edf2ef2394b6f
SHA512 c09d161837c185563f71a9cf16aee6e8c0e9d993e5d386e37c9285ae26a4c031623fe371c155ffdec5d6e3a15df88b5d221d7fa53a4b95a2fb35741b29738a0d

/data/data/com.rtk.app/databases/cc/cc.db-wal

MD5 cc5684cf9fde78d220fdcf6a4b5b35e7
SHA1 35bde9959439501989f8aec81b46ae72cae203a0
SHA256 85014152890b2918a1305ecc9c2102f84be042a113005a26189480d072abf605
SHA512 e8b931c07d8e3f61df0b4b059e337264b7891d91fd989ef9c013770d7f1ae89e1c929d9002380fca9151b25fb2bc15a03f7bf5d606a675ce0ad4530043e925ea

/data/data/com.rtk.app/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.rtk.app/files/.um/um_cache_1718555245980.env

MD5 5ae7bb7ce11cb9483395a3fbbdbfc58e
SHA1 f3fb95ddad6d5320c00fe45412287b83d86ce472
SHA256 33c75fa94add1f11a4a270128bf678d734e5a77616f8e9ff5bb01515d8355a2b
SHA512 065794dd3ed31de499d1e6ee1e1c74a1fe1f61e098d91dd11212b85a9ba218a9e06dd84e9d7115879778ad9172dd1a9a08345acc043e40957884ce0dcf51da3d