Analysis Overview
SHA256
ee35f832a4df294a1aedd08360f110312bd63ff013d9ed541f7ecfdc05802b65
Threat Level: Likely malicious
The file b5238516dafa2c9547216184a2ea50ae_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Queries information about active data network
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Requests dangerous framework permissions
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 20:50
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 20:50
Reported
2024-06-16 20:54
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
140s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ru.dvfx.vilfoods
ru.dvfx.vilfoods:Metrica
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.3:443 | tcp | |
| GB | 142.250.187.234:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.birbira.xyz | udp |
| US | 104.21.17.160:443 | api.birbira.xyz | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | api.tridrongo.info | udp |
| US | 172.67.161.129:443 | api.tridrongo.info | tcp |
| US | 1.1.1.1:53 | api.oradaph.pw | udp |
| US | 104.21.8.212:443 | api.oradaph.pw | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | arb.grattomania.space | udp |
Files
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | c682dccce48c291fb80439384fd321aa |
| SHA1 | ae76eb9f562c282a07713753860ec8cead1fb833 |
| SHA256 | bf06dc04e40eba07d69dc4e8d2fb2af6a8a2a66d6636cdae7619f6601e1b8b8d |
| SHA512 | b4babad56389f453ddeaf52af2dc42c187e36292b4cafa6684ec89b759fc30608bebdecf3ef8243537f0c7d965a531e211ea976ecb48e68876f15a65724801db |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | dc7b46977e3b2669c18854a2d7bfbfa8 |
| SHA1 | 71c72905289ed3301b3615ed6249ad1ea467f45b |
| SHA256 | 4ea00aba9cf56fde6ad018ed12802171483f91e099f7b8235c761dd215b5ed1d |
| SHA512 | f8baf6f041a3350355556d36c6f081eb0f287d8a69b10bcd59068c7b1884935e8ff319643fb5078eed0f0d8009119471063210ccbbf4a00a7eb36d8fc1e57434 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-wal
| MD5 | d041e1188739e9be4589f0892968e404 |
| SHA1 | a24c42ec5bbc67eacfba7c722251a58ccfbaca59 |
| SHA256 | 187c432aff516222307bf350c54dd566aa7a4931760b5c30d1c036c3b8281fc6 |
| SHA512 | 7acdd66a3b7b2d63aded946f1b49ee5604c4df2b2a4256e7f6ff1ef525dfc2662fd2487438157369db44eae14d8bcc5f8bed83629bf73b05c85a5ae934392877 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-wal
| MD5 | 20f461bf62f867b88e5745b3f518f575 |
| SHA1 | 9b9c88d9c865cf54dc73e6d2ff2bb2019ce8eaa5 |
| SHA256 | b1b485b932a22a12a91d1af74c4357c484d3d1d46ce8ab409a7f787cef408f55 |
| SHA512 | 6883061f5e960001bf8740e746e0131e5131624b3aad78a8d9649ab292f302653ccde246934e1cbdc478d03d8192afaf4f6d665bfd6b5d4d4a187e19e754a698 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | 141aa328784d3e7b287dc5281c5be519 |
| SHA1 | 9e450006570e2c2b573c0704256ec7fa8ba1764f |
| SHA256 | d0e8bcd0e44c9edeb41df9169e58dcb2100b4c364d8bb0d562e4dcdb88e9c4c6 |
| SHA512 | b307f5ab57bae9d9c2a99faea811685e80dae5d5eb0a5c955ed0e30d265f04e9849646c6119b597923bf8b37157180c4ba21d6e9c00691449b4dee542d5a277d |
/data/data/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | 060477c6088e9cacca7000ad99e0520f |
| SHA1 | 0df075b686b170664b7337839746e6fc68904f3c |
| SHA256 | dd896644778233463796ad9e803b5bf2e90cea65f7c001ae46eb9b9d0ab5403a |
| SHA512 | 1444272fe3024c6a613e55f9e989262f775a246df8c1560ac101f2223f7ea9dc3ae2b5f452555195bbbe3ec92a1e7f13d4c295e5e1ac17bb676129dcd6d95153 |
/data/data/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | 8505581679df59a804a6d67db47c2e31 |
| SHA1 | 5165ec210f0feddedb4cefea81b62360c1debbc6 |
| SHA256 | 78b1711930509a61fd0031334704c8dec4b8557409b0fce854d05ca8b330e07e |
| SHA512 | 7217319637dcb4e159b17a03f5b6d8202cecb60e9c240d10200ea0b1a1489825b16c8c22010e13f7e3e0080ea9c49ad9ddc47d7d79fbbf50b24c8608d5409f48 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-wal
| MD5 | 990f26bb7d5adb3eae67e2725668ae6d |
| SHA1 | f776a8a2ed4539d25b71c8bebeef1fb153e8d9d3 |
| SHA256 | 5678f2c16cf9b0ba1408dd24a7c8db261da703841b72ea51ebdefa8f602f69cb |
| SHA512 | ef5faba77ddc8c91723e4a1fcffbb71917d7b456ff286906d173e62cee1ddb6dfd9bb6f2ae4c3b972710d967d0cebc904a47edb473e2e4b0facfaa52334db326 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | 413134f4672ee805d3294d5b8f068141 |
| SHA1 | d7ead140fb59d7d43f6a410c132c20ff9b63c75d |
| SHA256 | ea0792be76282b43c8422d8ec25cf10d0c2a990dec1ba5f8b1691237a91bab45 |
| SHA512 | 2e4e2512dc55f494268a13147634c426e881036f1a6093e4d7eb399ece41a55523ecc45821e8cf8ae6a8faaa996e764c8c66d2e448c251f4e1ffcf14bda8b6bf |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_data.db-journal
| MD5 | e3979fe35b34b8cc9aecea59e9c8572d |
| SHA1 | 6b7b9fd591821da764cc9d1345871b2040801928 |
| SHA256 | 7dd14406337d1a777a8e573b628030805f479943369c5bc4883312bab89d0267 |
| SHA512 | 9f7f05ab9d4eeaadf291958b00811453308670484720b081673b1474fac7254094ecab47c3a2daf05b9b2690d6f44a4f8990c8bddff6df7339e9a16ac9ec9665 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_data.db
| MD5 | 8a81e2c05c4ef397e68c54ba09a267fd |
| SHA1 | 232fcaef13a21963a55876a24d55002f56c6d914 |
| SHA256 | 8ba63284bfef4f00d23baf9f353537ce3e88137c690e4dab97049cd20a18a7f3 |
| SHA512 | 8636c7d343e46ab73f10c3e51bc1419b298550b6d4f0a2fa8704fe02f5dff5993e9b70e00941d7c2dac65be63beba017ebd084597264db07cfeed702e48f6814 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-shm
| MD5 | 29bcbcd4568db392c833ff032132cd20 |
| SHA1 | 5681f9f51f987e2761ec98b62bd37645e3c4c22c |
| SHA256 | f1f6bbdabcb2460c3e3ab57f0f038c66c52651f9ef6e106c5fdcefe11f13a6d8 |
| SHA512 | 711d59ed44b1986acce00560a96d044a7175aef04c0586f36ebad4ad8f92297953c2f8eb13ea92d5c2f7ed016621253ec2c5aadb5e44c76d83318f32d1c32f00 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-wal
| MD5 | e1d462246b308177e6a22638888eec24 |
| SHA1 | 16f3b0c370cf3f5f8a5cd80924518fe623110ed5 |
| SHA256 | 940f0bb433d40901acffa6aa2f23beced780fd23ec5429e091d42293a6c48a99 |
| SHA512 | f7adeeb9f4b8ec5b9227d5d525a199aa137cfc7fe64feef50a19f898bf7bb48f74f1feb39857e3ba3eb14915d92110f507661c35e1e44e224108d8e80c43bbdf |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 9b72a70011dd06127b1b3b92e9ca933e |
| SHA1 | b6adb9987242c8d3bd07afb0cf1f5e9405c8cec8 |
| SHA256 | 3fd8043ea33e8db17514a5c5e017593a1fb82540956cf75c1b7140355c2aa4de |
| SHA512 | 5123759e9b8eb9ca45c56b179b635f667865a68551286c49a854910a267ec4c54c529552ef64a4d7e43ef784300cfaa1c01cbc64648a706e2fa83324139d261a |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | e63510aa0ed2d40cb115295ef1094ea5 |
| SHA1 | 5e29e9daca644dbc23a63c87b09e672d695822d4 |
| SHA256 | 67eb5b106e316313bec2317824a248a962028e33b16b84963613b7ab0c0b3043 |
| SHA512 | 79073a870395907e4f8a4bd05d4a483a39b04cfd559310abe8c3316a011e3b9784d6cf68799eec8e2e23007f22b5bd44bf451c192866fd4e342fd369afefd690 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-shm
| MD5 | 0c8134ad90630ec35d5ca28710d86fc3 |
| SHA1 | 19778abdef2acc730e548dbdbc64ebcc29a99437 |
| SHA256 | 27ec17cc1f0f364982e3a528c2029ed9c104ec8f7221aaabaa397774362cd2a8 |
| SHA512 | 7ab85cdb89b89fc6c7cde0a4f0a053e02b35c6c7a788d9d9bb1a590cdadc6c172b9a3fae9929460279e3cb9aa307d796c1b10d0abf5e038226b4afafd45d4c14 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-wal
| MD5 | 483be161f2bae4c32687676383cb67ea |
| SHA1 | 06d7b105b7d4978264ffd97e34c739639ade2240 |
| SHA256 | 3f073c3cb2034fa5f27cb6c65ccfc47b7acbfc1e6ed8fb6af53805c55e8ae432 |
| SHA512 | 408bc977c261ec044625b47878d88001f91fd8922c6088f511fea276b988e0869cd9dfd876ab366866403e7367457854b9293e59017d67c0816d2a62ad710e52 |
/data/data/ru.dvfx.vilfoods/no_backup/credentials.dat
| MD5 | 7e0971fbb5c7efc0ad8badfb7a21a722 |
| SHA1 | a74e782f2401d6c43aebabe3768c79e575b40cf4 |
| SHA256 | 039d68649dc3e043a8cf9b883571566b6787f6c182d6c251c2bcc74c28b684e7 |
| SHA512 | 9def5607bb8e501fd748bed8419f40b5a8e51f0e1d3ced6e7df7e7fec4e56610c6d2967d8ce7101448ab5c84e20ca92fd5e3881b4828f50428c08b15d45e6173 |
/data/data/ru.dvfx.vilfoods/files/credentials.dat
| MD5 | de071ea7144febe59a3578adec3f2f0b |
| SHA1 | be26b1a41d5e196a084f488a43d536cc399c21a0 |
| SHA256 | 788230c35f1175b37732da9d516641775d31651082d405d8b6c5fbcbe0a81d98 |
| SHA512 | ee23cb82304224ca444030ba2f26f0a07c305bcf320ad199a47688d8587dc0d4beb3fa650c032497457e9f2c383a0a4a70beed678babcac79be544b75b6b5c55 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 20:50
Reported
2024-06-16 20:54
Platform
android-x64-20240611.1-en
Max time kernel
179s
Max time network
149s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ru.dvfx.vilfoods
ru.dvfx.vilfoods:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | api.birbira.xyz | udp |
| US | 104.21.17.160:443 | api.birbira.xyz | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| US | 1.1.1.1:53 | api.tridrongo.info | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 104.21.66.157:443 | api.tridrongo.info | tcp |
| US | 1.1.1.1:53 | api.oradaph.pw | udp |
| US | 104.21.8.212:443 | api.oradaph.pw | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | arb.grattomania.space | udp |
| GB | 172.217.16.226:443 | tcp | |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.46:443 | tcp |
Files
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | c3a2c31f8b3db0da09c7b4d0dc4e0299 |
| SHA1 | 6e44816eabf0554fbd23cddd01a41ec0903c08b7 |
| SHA256 | f1ed53469a6b5b58f677dc5dbaaa47fe5502a2d440958d0f6e65a1fec16e59cc |
| SHA512 | 7655a61bd96d2ca5682f32ec0cbce23fe1bffc4a50d8d45b118ac75d83d2a1156cb6f3d82d0eda640e149e2b27261d43b493b1ce7a0c2b1039a755302e45a5d3 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | af7ac1e9574b0cee4471baa246353738 |
| SHA1 | bbbde2679fcf4a08ef3cbcd97af5628fa92c108f |
| SHA256 | dc5758d98cc97062cec5dd17336204e197c60b4ca10bea96e4b4b5ec4908781e |
| SHA512 | 4ca15ec574bc5a9cfd54dbe001c38452458f8e90889e2671cfd09ef14149c7099f58488c3510bd0652eb497130954968ea09ad5a18620b13a8257e2061244639 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 602a424babc7139c802eedcb399fe8ba |
| SHA1 | cbd8bcae34af557b3763930a943113af852e771c |
| SHA256 | ab42a544dcbb494aed3bfb5a469f54c53c13041aaa24d129a9ba8ac63f4ffe8e |
| SHA512 | 541fb54c2fa19498ef7dc0958a8fbe30f3bae8c6041a9529cc168dca57ecff8887d556e229c41bb3e17ac546d238071fe1354cd069f68f0225cbe1965c429fd5 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 49d530c08d2283344751e5665743079a |
| SHA1 | 22bd00518fa3f8c47bb08ac075deb3bb6fd1aeca |
| SHA256 | de24b5720175e37719bafe5eb6338b669a492d7a0f993ed69b86050d31063778 |
| SHA512 | 04d238d9754250ea1018de7c67b35ad5d661218f5ee34f82ac19e1fc76d9287ee03dbe4a047b35d085be51a6980fa345ad05c93fef6d51b7f5c8619cceebf085 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 26b407c883fdb34389fb0193dc14e10e |
| SHA1 | cf58f273c2254e488bead541649fe788d445eb26 |
| SHA256 | d8f01236e50dae8376484932d988da7ee042e6382a8750bf4e98de52db764ac3 |
| SHA512 | 547e5bb305f0a0037e5c89219461a13665824f6903f280884450b4765de5cf805cf117acdb04cf92c2520a460dd294c2d789a12fbb4cc3c9135c52567854cd25 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | c96753e510ea537e86ece0572eb5dc0f |
| SHA1 | 445185ecadbd88419c29488879ba1f400708c0a3 |
| SHA256 | 9eb02353b25a2858dfb2a461b97006c25e1665ff54af8c8f7188902a074e0c89 |
| SHA512 | 6b7a9f869bcb1d38399eb9c34108dcad087bf562e5cba6b8d0de4a1e2f4c6abdf0c1b27ee8e1ab57078b520b332d3849dd29bbb8a9760956e84c9078dee8f62d |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 2fd6066a86ad8adf644b89e6894863f5 |
| SHA1 | 9934a07322f59ab4eb0a49b669e2f99ad420b334 |
| SHA256 | ab6b102de2f8b0dbd18666ad163db717d7902e498a26ed862ec2c6b6d28e0005 |
| SHA512 | bb9bfec40b6abdff855fb0a57db284221511ad6986b2f2c2b94f536d0dde870e22375815c0fe74e4ec87058498ae6a5bd7827c63755ef92775b0af1a443bcebe |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | fa209629c40403fd1b9474fbf619d0c2 |
| SHA1 | 516530e0c6a2f3b3b62f35de7457f965a069b632 |
| SHA256 | 4d910053968d850e9e217c9876a607cd6d8673f313a17c7d45ecae5316ef725b |
| SHA512 | bdcee42bdf95fb7fd6aba30d4f3095e133569a47ec27b0b4edc00c56d9814e36011d38028c2f3e2622a2f008b8b20562164e81c5d546d060c4d813bfeb047fb0 |
/data/data/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | 170eb151a5c7cda91d7a643ae20d55cc |
| SHA1 | 324dd1502ddbb08aef3327582fcd70941b77704c |
| SHA256 | 033c3df8deed1c92bddbf3e97c42915f0ad3057e7852a25e822d8225e210857c |
| SHA512 | 89e2a5823006b81b16ad58be8006b6a336afeec2c765cacf98c77d35f1afadc15c73f1d8b6f565740acf66c5984e66e3b7ff4c04f6ee2d19ae07b47212258f0e |
/data/data/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | f9c75a0f1ec6da7a34ca24e85cf4acba |
| SHA1 | f091dd7e08883391fe67bf03b67cc4bc4573de6f |
| SHA256 | 4fe1fcb15f43874876dbe213d213b9ac97b06525f7cd99288a08add2a418b86b |
| SHA512 | 8bbac74be4d50264dc4cb725fb0572176223432b1014ddb766f956c9e853564ca490f9c5f0911c0628b9eff79b7ab6d209b0fe2e96d4a9f7cc0d0b9cc7a3710e |
/data/data/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | 814863a94ca47fffa9f020aefdddfa97 |
| SHA1 | f49617414210459a055217197d0afaf392054f6c |
| SHA256 | 1cade3f6e9b5e74884dcf4b49f517b47fb02060f73e8e442f8bd5e8587e7b586 |
| SHA512 | 76049af7bb2863c6db8f41f6d813082be5360f3f223f226514d71223830cc9abce008c6d1c0ee64c6d52c01f65b59ae1135a3bf465a6155f925a1d58475c6e8a |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_data.db-journal
| MD5 | 4b823f4fb1f033bea3bdf69116cb6d7b |
| SHA1 | 7477c5ccbe008c4138802a408fcd70984b0c9262 |
| SHA256 | 0c5f6838cd370f95c82a3030d3cb5959b2650ae1df3c85146f8d6b04e3457125 |
| SHA512 | b31af930e920f590bfead99c3c1c19923fe938e28eed95490e24d6b61c1d3f2b06d804190bb4257840dc654143c50798f4ab03e0685027d20791f9ca738326c2 |
/data/data/ru.dvfx.vilfoods/no_backup/metrica_data.db
| MD5 | 5c927c0c5f1014dc9000703851e064ce |
| SHA1 | d41b11508c0c7a5c157a7164760734ec6ef2ed0d |
| SHA256 | 8fad42eb92d28382ca2077935d52badf7ada6590b45cad80e86b211f7b8d44c0 |
| SHA512 | 7c5562d15b4e72c81954e282766412d712a2fbd21396ff76d1dea24244a915e0d7730bf043c08afa4400b23d8ab8441ca4433a6ba2272fd9c984c90a80725ce0 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | dfad7adf264b4558f575f23e00e0f916 |
| SHA1 | a4ba91e7fc13f307e8ab4e377dfce9843f802276 |
| SHA256 | 0e51c34c68150e7cd56c1dff37c028453c849eec6397cb4945a829e85a747492 |
| SHA512 | 6c2a0fc8c26630f305806e038b94460759c4055c096fd6a2267aa9b21e5ee7db03221f088febf1ac561dc182cc44d15c30d2694c37d21ea5c0a4c793eb3d0256 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 545267920d3b897be2f66c29dc1b673b |
| SHA1 | 6995ed5e807794ec6899425cc4fca96d6632fc60 |
| SHA256 | 5350cd60158acd4def15efa303f1c94518478fbdfb4d44940cd3ba866731e4cd |
| SHA512 | ef9af810db8bc7a47364706388a18183307bcf429d27e556c1db0c3c4fd051c8a014ec6eb794594dc22cf37629211619da06bbb3d4c1064252f2b1cdd325d616 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 0484d37503c8b241b8714fc5f1c4e485 |
| SHA1 | c4ffc5232967d127beea4dab47e1e1bf6524c146 |
| SHA256 | 1a90dfcd7c1068c307332041f40fea602e3578d02ec1474cba08f434b65533d7 |
| SHA512 | 9500aea25490c5bb04940b03a273e53025a6627323d536669158bba24a05ae85d9de6c06c68420f2e0209e6dd279cfe1a192095056fddfe21745985868ae7b8e |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 54d69e497283444b847f925651ddf737 |
| SHA1 | 798ec9430cfb4b8a67c4fc134cfa4d9482a8c48e |
| SHA256 | 3f432c2ba0085d5232f3efa6102c5136fcd521b276cbf76afcb8c0c42df44973 |
| SHA512 | ed6e702b3b8e902d810932e2cb7dc2d9dc0b42e9bdb9bb367aee2b467b80b4b8bc441033d3aef8bf3971ff747bfe5b7acbca41c5eafa3f818e0b982bbdb5de1e |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 0f91b0d15afd7216e3fd6aa858f5a9ca |
| SHA1 | a8cc65e93b3eaab697c9b465c6d082b9afd64b7b |
| SHA256 | e2b87f88d077697c5c4852732d7a210db13d8774e0526acb747609021a999fed |
| SHA512 | 47569d77e8274261579bcd0e839c5e2d38d614677ac58b8aa98d148a03695f97cc1c31e7de62d82050980a3cdaa75926f1f28871167643aa6c5c340ed7f23238 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 9e4a992519df14857823e330f962350e |
| SHA1 | fad376e39aafb48ec525138272a87307106381e4 |
| SHA256 | 721fe17ebf2e6e48fb7d491f25bc398dac40284e14ed972ef0046f4720d10293 |
| SHA512 | cda1e54cef1849d13727c91e7d72cf01bb0ab12928106119db981c107356f416f81c197775563e7aa568c3ab48beeae8bb7c89dbf1971423086838a230c91ed5 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 853f388e4ebf2cc8b4bb444f5a4f2c69 |
| SHA1 | eea7941d9afbd97d8dc858ff7548382d6e6c2646 |
| SHA256 | b4bcb27bc5e3644deb4739bf9b6b8c145720e3d125049b63ba2079114ac05475 |
| SHA512 | e4e96c07c2e6d121bb895fc9701a03ef8ef80e1a0c96921bbd10b781f3ba597a10a499b0de1a46a32386df6faf5c88ca1184c0114e751f850acebd65c454bdc9 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2c112d552fb9ac178af26305c9970e44 |
| SHA1 | 44e100d35e6688f62ca70551458d14ddbb74790c |
| SHA256 | 8617f4e20c64277905240c6f23abe288b67198d4fa01da59f96cffba94c93140 |
| SHA512 | d9a585429d97bf4a1b53aca63891918532ae40dafc27f781dae9520fc3e8475ccebccc82f1efb184785d75a0e781262b58dde992235239550f39069ae464fe8e |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 3e58a0be1b531ec6770412c5a7f61341 |
| SHA1 | 9053e74e78d70a950f6fc8ccdc4c70b2713f9493 |
| SHA256 | 40c1cfe16bc69ed96b5dabc86a21ce25a628c38cb4233ef08ae3f1756817dbea |
| SHA512 | 9c7e9bf073550d07aef42a162260601737a587080c7043468b3ac8154e9f4bee0b37fa383ae45226e7638ca47f4b0a9bb14f6706b35f553dd1cb56ab1bec91f8 |
/data/data/ru.dvfx.vilfoods/no_backup/credentials.dat
| MD5 | 238370dcb5435d24335f5e93d2603290 |
| SHA1 | ca9b437e1faf44d332ab967bfc2037580416be03 |
| SHA256 | a6982213418d531ad6f12bc0a943370e5539c5624f217504501936976c184aad |
| SHA512 | 4a9f715a68713567cd55f044abad0d5c0993faf4d567293be57b9623d27e92244894a80404525189707cc42ecf5571244ccb59c5f81dace8cd4cdd0a3f923afd |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | dadc69490a1973fa79945884f8a0979b |
| SHA1 | f3dc6aa1843c8a76edb3b85bc2badd11ab36892f |
| SHA256 | 1da0c78e3be38e2ad223a25b26146e37895b5c4c8104faee184bc5d32aabda86 |
| SHA512 | 757e5b0ae377829b058c5f7a19b23ccb7e8add6a579a0532c851b53479695e698c3e54a1b3c7e632680924b5d13b0fe8f503b87b8a64a26066f344e3dff92c5a |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | a077e16d85dcf40c9f7b7b3fafeacda2 |
| SHA1 | cb3dd6ee6720f67f4d281c5cff7144ce80de4c60 |
| SHA256 | 844e84b61692fc83f1456cb1e9cf618079cd75b90486eb279a4b40d5374bba2c |
| SHA512 | 7b961220427a82e062bfa2b30d7811b49ef216ec88f03de0d158a3bd585e81447f13b1f834938fdcd298abd672424e0dbfa843a1caf17378a30a2fea0a337791 |
/data/data/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 9fe7f65716887d88a6c834e9ca19ee58 |
| SHA1 | 0705ec96633633c90bdf1878dcdf180d22b2c0f4 |
| SHA256 | 820c0d3912a173168b87b14e7b4ad186ec9450abc6f2b97387e75048229d2457 |
| SHA512 | 9619663ac0cc77b832ca2b248b006143155f40fde43ea04e5b9a1b51ce604dc04bec1f5c9ac6304245e87b94dffb3b9ee734a8687585df084033512a7553e165 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-16 20:50
Reported
2024-06-16 20:54
Platform
android-x64-arm64-20240611.1-en
Max time kernel
178s
Max time network
132s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
ru.dvfx.vilfoods
ru.dvfx.vilfoods:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | api.birbira.xyz | udp |
| US | 172.67.177.167:443 | api.birbira.xyz | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | api.tridrongo.info | udp |
| US | 104.21.66.157:443 | api.tridrongo.info | tcp |
| US | 1.1.1.1:53 | api.oradaph.pw | udp |
| US | 172.67.140.65:443 | api.oradaph.pw | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | arb.grattomania.space | udp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | dd475d9470237e1f03326bb9e3b34167 |
| SHA1 | f1f784261994ab4650d2fac2c5048720b6b63348 |
| SHA256 | a61a169a2b470e616eb8f37164d69a39d40de425509194395a090fa8b076f484 |
| SHA512 | fcc48728e34011049ead9608ed48b36b5d7fbe4702f0bf6e716a496bea0fb3a5f808f60593a1f8d7f7969e09253f72c68a505425e737bc462cf5f1b01c75708c |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | 1fee06fa4e63cd173bd55781e53b2946 |
| SHA1 | 596efdd97793de6c8b73a54f6b4d571496b34aa5 |
| SHA256 | b45772d27709e506445cbc8b46da35148886c31da1d195ff04a327bab54ddd19 |
| SHA512 | bc641d9ac8ae5860168197f394bb8d41eacd3b84b0b1f6fbe1b9608a160b2fe18e8dced47053a768034e242e8f2bd41b95a9a16a7e1fa8f8cfcd6db9b7cf6e90 |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 5c51c484814a30070cbc795731027089 |
| SHA1 | 0f004b5e11eb2cba7a048242234d5be8e690eddc |
| SHA256 | 166c2463351aabd944c4c5c66f15ca38b9097732df8e7101769efb182fb985d0 |
| SHA512 | e46759bda5ff7aa8b0c539f520f0457402da508d0f3060592bd3ebc8ea635d9488685cb85fcf2f58860ff704042116391cca782d7fa181382322927a0da63fc3 |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | b21c1c63275474c6378c2b215b7725a8 |
| SHA1 | e0106a9cd9e445f8d58fc95eaa4785c7b93a6f42 |
| SHA256 | 98d0658b82597db9bf50cab055a52624203924b99963285ce7cb629cc5126888 |
| SHA512 | c1ead5c82cf88c1e1bf703cc9740f780e86f2a662a00d3cdd08377f45283f7bf7b79a8f5b091b40d3b1355b8b2e05338f9657f9d433c5e5e159f45a0dd29df7e |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | 4ee1ae5b2f1df68c73e3714b0a0b5f07 |
| SHA1 | cf1d205c9107b127b640fbde2610ac955e85c6f9 |
| SHA256 | 187fc702ea6dd097e27dae834edbbe43f9098f1753eec069ac8e135d0f9d4d29 |
| SHA512 | de6ca1f76f2ef3b4b84ebb3bdfa9b8bd416fc603d2666ad65d02b2ef09c9a74240cae8f902156860850dd3bb4b107486135a01bd712d79948fc0af1190f1ac8b |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | 6070680668288aa9d818a036746a7c46 |
| SHA1 | 1d7e9c7ddc7042e33e13522ba41c5af396c2f3ff |
| SHA256 | 9c864c223407c2162c85f7ab8804ff3c260aecf9c59d74962d9a506fea0832bb |
| SHA512 | be7ecbfabf482eebca5aab99af3f4bb828304739189ac1d610902223c26f2957e8f951d7c9623f2ee53712c94d9414f3884af1f016d7c8f0f79da03c8409a57b |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db-journal
| MD5 | f41cbf764f6878077e65468480198ec5 |
| SHA1 | 5a179d0435ad0f216e8ea43cebf143458615b374 |
| SHA256 | 7328e48b635e8e8fa5cfe7ad15214f5be7b6779e7819466e99a0b0ea393a03ba |
| SHA512 | ed7c291837951371a91ab382b6e67d43620fedcdbfb57094cf0e1a434b8b5ccb351f9ddfaf899baf981da5eba3f55184554cac98b22acdf05cd0ea348194ead5 |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_client_data.db
| MD5 | d0c6216468a004011fddf11d7cfd8777 |
| SHA1 | f59d660f0c7848925c77ca041725d00d3c43dd6d |
| SHA256 | 168982d1fc28361b0a4438fdb040fda0af95c6517189034b29827a6d26088f62 |
| SHA512 | c4836a64404e1eeb9544aeedce3d8a2b70b5375d2885d0ea86c86c60f89edf098962e2e4aa2e5f2627b74a1e65d3d34869408ab5def402883db130467d75e94f |
/data/user/0/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | 8c12f6f1dba6519b251ab7afee43a4d0 |
| SHA1 | a693f280aed5e3bba41b47f02fb7ca645a8ce2c6 |
| SHA256 | ae4b85455a4efe75981e5fe2cb2b14cbb887df9018f134c80a8f6794e962287e |
| SHA512 | d8a4abc803815ea8dfa3684309451662b347f5b0f8c7b11e7528a3a0c0a59d1cdef039224c07a3549628d71b18e333002ddd072638fc761d67a50c853486953c |
/data/user/0/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | bfd317067e4b211532e8e399c4a73aac |
| SHA1 | 80fb47013d05eb5568ecc15b45e559aaed4da4e1 |
| SHA256 | f703861a977834229547ed48e1e32f841537f8e625e571f56b934446074119ca |
| SHA512 | 9bf738e1d03563e0f2a600cb5c3a8724a7b3d15d28175f71c7660edffe30f39d50893f08edb5f87e6e1ec139c5195c8492ad0c55ae18ab575f8e757324764958 |
/data/user/0/ru.dvfx.vilfoods/files/ZPkFS.log
| MD5 | de12d01887eb43d377b00d43b014558a |
| SHA1 | 8b4e5dc2f550d7185a797ff11944842e05b24e93 |
| SHA256 | ec18dcd43c7e9fafe33755fa6c231955e701beeab5100352de88f33899c1af4d |
| SHA512 | 540a2681f3e8e11e4fa9d037cc8eec84a3a4be40426dec62dba290daf6af684f30d4819e8b07bc5a3b32df9456d00bdf86580bf48ed39806ded279c707d402fd |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_data.db-journal
| MD5 | 87f40715d48a38f7890f25a3b64dee0e |
| SHA1 | 3447368a93323fe4cb0dd7f23b9f7daeaefeb466 |
| SHA256 | d9b95e3cdaf0159ca9703b9f51a8938317efa1e8d4b0b548dddc47637dc7d49a |
| SHA512 | 40637f2dc52191af0ecf193724b815c628d1ba75ffcfa6d91987e36ab01bf500a01f55aa93cee8183a97398fd5510213b0127d39fe0737859305588c5c71c0fd |
/data/user/0/ru.dvfx.vilfoods/no_backup/metrica_data.db
| MD5 | 91222596c868a61b3264566a0f6dca8a |
| SHA1 | 713be0b03d13854025d670cfefe5d3582a959baa |
| SHA256 | 472642636c8596069c5ceaf0f581f7991dacee9a93eaf209e90becf7c626d7cf |
| SHA512 | 9cef5eaac698e021073589a9d92c4eb115a9e2954cdd71a83f6c404cb522d3c3ace84de58d5b6c31332912b4a292eed71dd1ce2178fb22ef5dcb6281f4428927 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 336c3feae57ae927c37d298936e2d655 |
| SHA1 | 1f5e9f4a5835c6914410a64a406d09beb6ec0ff5 |
| SHA256 | d1d24a52656d05209516203759fb46eb0386511b89d8dd1c09091007ea248514 |
| SHA512 | 1f58f8d4e0644902578cf978a6bbf8d63f5350d5da5777e53b6e5fd658a38b30c70766e4b86dbbd393c94509e56b6ed76ac36854cf2ff4c1688d56d168eb0944 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 111abc0370cbc1dd6ce3b92d2ba992ad |
| SHA1 | 6d87c590072dfdf7b173904dc8179d7ae845a66f |
| SHA256 | f1536a17ff59a2dfa1eec5585847eed8a8e7cc79c9e7ccb1e1e12784f1f88d39 |
| SHA512 | b16873f6a798d32cd0c663032417f235ee37d6d41363d0e35dd71e26193e5fd9c749e56daac012eb38170302d24c58b74d13eb372015f66ea07284d081eec5a7 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 0dd6062112728f6f6cb6cb0a938e00c0 |
| SHA1 | f02238a6d4ce92cf8338bb950bc11586d537d1c3 |
| SHA256 | 47bda62b21e4a7f22ccee8247ca1c11d11d53313719c344e98e0714db3de35da |
| SHA512 | 6e907ee833a7fbe84a116d99dce9a1cf34db47436e11bc071d18cc045e1ad54b49faab152ad287c657b154bd97611ad6bb96fc040254f0aa986e29b6aa6933e2 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | e21809f9aca2537aa4875246e7a2b84c |
| SHA1 | 1be6fc149ce687481e102aa63e6a8db8d021b48a |
| SHA256 | ceb9458c27a071ebc82d57d8948d6d7adb892206f161553e4eca360b1e530d9d |
| SHA512 | bf88f0b156e886b2bd463edcd9fdd5e4a8a6059fcbd93545d21e997fdb6e24b6128e6872e2c9103513ed702a8013467cdf46bbe902db8b3ca3cdb983061d3ad9 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods-journal
| MD5 | 32791558e6ee251761b71a35b443dbef |
| SHA1 | a2cb4bc247bdcddd46e1639a52739ac0242bf51a |
| SHA256 | 55252583e99b387789c9d4fdce64ab98a93310918544095de763383225db0100 |
| SHA512 | 5092f83d57b7c1b1df16440ce7eaa565aa5a6fc899e7ba0a98fc2e9e3fcef7360be57585aeb86254291a27d1d2b85c11e5d1379dc0647b97e7ebbf8e2904a4c8 |
/data/user/0/ru.dvfx.vilfoods/no_backup/credentials.dat
| MD5 | d54b77b4b1b6a4a1ab564a72c3a11e61 |
| SHA1 | b4ed05fab808862702dbe76d691bb6863009503a |
| SHA256 | 8b30c2064a5c9460cf8962dc7c12c3503ad9012b17d071065a59b83bd7d53ac4 |
| SHA512 | 17af86ece64caa3b39009f7aede866cbeb759411580769ee3274bb4e876244047df874935de59d7aa26f0151bb6d2317b4f04d84d7443df99ca77ae03c13beac |
/data/user/0/ru.dvfx.vilfoods/files/credentials.dat
| MD5 | 0df69117372444c072b1af0b51ea3c94 |
| SHA1 | 1abab8d11a1926b3a3001faedd98d7f8f57ae85f |
| SHA256 | 89b737c6fade95157ae3d5c619eaa0bf5fa4b18af972b5df3e9196da21c25a25 |
| SHA512 | b5e1a01e8f5b3f45f366a6d453caf2ad5370bc8637c74794f23fae9483c77d3924366cbe9ca8503ddc15b75f331c3346171a05837d7ac29a24d338d175103180 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 85f2f7c54a35be1e70d68ae134c87369 |
| SHA1 | 88b38e41afa32cccd395cba0f4fc1cb522cf7c3d |
| SHA256 | 96b0de03f14eccdbb1aea6d1faa4acd66fcda9ac0c82902c7ffdb1019828fef3 |
| SHA512 | 524ff6cb7fcd8deeeb4960059e421b9734325cca47ab74bdbc501d7674b69cdf64426060b8918b7e82d7cda9e569c446a755dcaad564982c9844dfed2e720ad0 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 3a97006c6685272a63b6966450452753 |
| SHA1 | 25b0d8596a374c7b595d9c3c8d804aa9c88f1c2d |
| SHA256 | 3bd4bd708dd70137d52368458d410289e58dcaf38adf360fe7e578f745e28485 |
| SHA512 | 8a693bca4b154883e5be1694f4913b63e1900f3abd1782c7017443b7b4decf53d785a3204354efd715cc21bb343377994946d3cad49f3cdf657aac5d5470d7ba |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | df35cf02a78b777464fdeec3a2777c26 |
| SHA1 | 241f190924531b1e6d7a5ff96f863dae8e6049de |
| SHA256 | 42680786968556219d8c5dfd5caf46bc4c9b01f155688a2bc5a9912dabc1d876 |
| SHA512 | 785a64fbaa04f5485bc61637b97259c50f9479161db199a2aec71a8f552453f27e7cf5c6ff395ef5b5e27b806e6705a25ac021dc7a19f61aed4b3bc77c9c5386 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 00eea60e916871af79ecbded365c6df4 |
| SHA1 | 466287a6b2ebe1b7d6032e0002565141d21cc7da |
| SHA256 | 26523dd615c453d250c4d4f4051d06956c20038305fe4319d51a63db853919b3 |
| SHA512 | 9662c4147e1e923d301af8f11900a006bb415ecd82fe42f3c9cfe862c4890e1f4eaf5ab98c8b1b68738673cbc2f9d35c6662ecb1d14e8f132bac0b354eab4e0e |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | f62bb2a5e93fcfb106f9071399a5c3d8 |
| SHA1 | b0afd0e387918ca842a6cd444af38496d7e6dd25 |
| SHA256 | 6a1170ac0320e82418970bd44fb166e32d9e04e728473237f1a4ae36f64b38ca |
| SHA512 | 28a52139bc369a0b5a9e47d40bc5b08759945b034f27bc0697f9177b9e09c32ec47fa57bfc8c04114e8577fb5f88bd9f826a37d6434a622fc48bb3f398fe8479 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2a80a2ec2da7984af02fa8c0d51f6a0c |
| SHA1 | 954f5e37a08adf14d8d85af7bbe7010b8a799ce4 |
| SHA256 | 67ac43b2b03655054fdfddccfb6d6e4f373be94356d082627b6bbcf1963cff6f |
| SHA512 | 68f9ce39d83cac37abe2c8d8b7e3cbbe9dd43546c22fca9f1c9326bbcaa4760340d3a8e44632eb43e91193af5fb5c22a9aba812aa737f8556df99f82090485f8 |
/data/user/0/ru.dvfx.vilfoods/no_backup/db_metrica_ru.dvfx.vilfoods_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 115e97f4f84dd9dd9cf0ef1d614dc333 |
| SHA1 | 60ae5ac65d8e0252d091f26b0ad359eb42597bd2 |
| SHA256 | 34491c24968ff33062ed34e10a806842bd2db4a3103b993c0935b93d8b169662 |
| SHA512 | a3b526398dcaefb531250ceaa8c94a6c635805f08108482f0b40979c805eb7d5abefa3608737e0dc92a20397bb39278e5196bac1ae9cadb47b192a9de340481f |