Analysis Overview
SHA256
25bc19747c8bf50ae06a694e473b3db5d58e9047f9c41e4b54b18e4bb99f0ca3
Threat Level: Known bad
The file b9108eafff97b9d290fe0eea39139ad7_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests cell location
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current nearby Wi-Fi networks
Requests cell location
Acquires the wake lock
Reads information about phone network operator.
Requests dangerous framework permissions
Queries the mobile country code (MCC)
Queries information about active data network
Schedules tasks to execute at a specified time
Registers a broadcast receiver at runtime (usually for listening for system events)
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-17 17:13
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 17:13
Reported
2024-06-17 17:16
Platform
android-x86-arm-20240611.1-en
Max time kernel
41s
Max time network
131s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
ir.amir.sandevich
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| BE | 74.125.133.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
Files
/data/data/ir.amir.sandevich/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 1638f9830ec45b4ad37343c46bc66883 |
| SHA1 | b75420949ae6bd469b992879c190de6e91812397 |
| SHA256 | 4c8988363b1268e3bdf271b7eae7daa7a3c4bf707e4fa762485e7d6f0169d99c |
| SHA512 | 21c15634bec53e115fd2c7cf119babbfc8265df5326828e4ac69eb823f1f8cc2f7271e02c0b1143b9b0e6f9d0bbacc5fe0f3520e3c19f95719f7ace67e52e060 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 978fdf85b8448e3a7c9015e51477eb49 |
| SHA1 | 793bb88398dc9457935a4416638d5ed3974baf19 |
| SHA256 | 8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92 |
| SHA512 | 852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | 40ae9375d994b11070f796ce932017d4 |
| SHA1 | f98e5b31ea814738bfbc5aca8605eab7f9e7367c |
| SHA256 | ff00e19ffa4d58249fd7e543202466dafef959868dc19d415604cabb4fb2818b |
| SHA512 | 879b3a58cc5ff35d2715ecda18473c3990e47deef049c9930cf7f5ec4d37232c12d260ec08bfa09279a42170943df7b4a2c49aa97146c8fe900438d40936672c |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | 30325a4abee44afa00ff1e505f6f652b |
| SHA1 | 885ae70b0f3bfb78e2b1569dc95ddab0d6ccfa8f |
| SHA256 | 07dbe84522f7627907d7657b48b364f86e394d34e0ff50c2a3f1c11436bda08c |
| SHA512 | 44ed6d6f53186f0fde4619a14ecd8765f57728d4b2191c6f70dfd2c7156b8f6aa7159ba92909856787af3e0c6dc0a169b9d66f73dfb90929352864451a4c8cb4 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 63c89b33f9c9edccec2a03931d70f396 |
| SHA1 | f06810ab1bd77ada9273daef5d64452020e20282 |
| SHA256 | f3341b96c5dba5a57f4f21a199007baef6555790ed05929ecddf748d2fcabae1 |
| SHA512 | 2e35f7dd36f272f803e9f6a4945a3a8fcede69e3c9eebde9ecee9d80ae99921f8c0bab2612bb73265b7479406d1e1ca6f6a8ac45a13f58b274960e0802ab0dde |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 9261fabbddd293571e828e3390e03fde |
| SHA1 | 16badea2aecea40756733a5962caa519386b6d79 |
| SHA256 | 63a32b4ebf2b63cc172c83d303fbb8232627b624736f6ec714a88a80d8f91811 |
| SHA512 | de051244f0095f2e47030be89030b4021db8f2ede7e1a47ee50a36f00c75250bf2df4b527af8e75522e42e18e74376d3088e3b9e53c28299c78ce1bc60cd35e9 |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-wal
| MD5 | 5d0b46f89d5f89604b4ecad5c4b3d332 |
| SHA1 | 38bc3d8568fd45d938f2a172f03d0b099539a29b |
| SHA256 | c502717c68bd431a71d154b6ad88fa9441c01992431580e8d9d427f4f886143d |
| SHA512 | 72eff2c0e961af1fb1749e84877f5cd095bc5d679e8da077a21b408c88a766efa1a712ee22feaa8f9dfc28668c795d1d1b65496402bde1cabe9f01bec30d0c79 |
/data/data/ir.amir.sandevich/files/ashpazi.db
| MD5 | aecfe638d8b736fa6e00e7bd1be431a7 |
| SHA1 | 9267ad7543515bcdd6a34e163faf094aa09ad646 |
| SHA256 | e3e85aab3d739a112898ed37f501e3f16e7346343b0324e5f97ea6acd78dee34 |
| SHA512 | f64c4538de25c712712aa9432c5cae82fbfef477332700289f350b6c64c252a92c9a340cb64cb1e8e9914f25f298e46efadab5910954c66460a998c73e50120d |
/data/data/ir.amir.sandevich/files/ashpazi.db-journal
| MD5 | 21d2789f032426f888bf001753766433 |
| SHA1 | b7e4f724793772cdbc7019c2799edc787ec300c4 |
| SHA256 | d7b2bd49318be2effb783ddd199c65c8350086a96a9eddbf4f8a1f3b23f338c4 |
| SHA512 | 4d52c5ab00012df859ba4175247b2fe030df786c24872eb350b575bda13ce4af4f88987271ba382dcdd2b912eaa2cbc76dd5e26b4005de3fcf52147948bfa9f3 |
/data/data/ir.amir.sandevich/files/ashpazi.db
| MD5 | 955b937bcc21cc5645f5e3de65ccecb6 |
| SHA1 | efaac4fe5b687a4970bd6f2990a1364f0ef368bc |
| SHA256 | 62efb63e63838192197a7f254887ebac382dd55e76293a1f59c75f86989e1b41 |
| SHA512 | 37880c0f8a11405631c7255241936a5fd5e4cb5758c9cff61decd39ddd9610cc306e94c363e6c9fb28b947d7487e42132dc327262a8e77bf98d68eafeef55af7 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | c10cc877d64853473204694b4271d7f0 |
| SHA1 | 703ec7bbba4d188fa2424373dac64579763e55d5 |
| SHA256 | 156ee9e4fa1ae2b34c356ddfca6d8d42e1028ae374fc273c19f97d8237945a3e |
| SHA512 | 47b036b4408a25baf93875ee05092bb1d8ed296ffff85d734475c5f364556d0e3a19cc6c3274f930d900775485d5e9622e595c6c2612c37c90c81f8626c2f955 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | a90b181e610f2de0b63d63263237631c |
| SHA1 | def4a6b12b39196f6a52cc03be1eece781c69baa |
| SHA256 | bb12a0e4f670dc7eb011ac966ecf97fdefd9b674af187d10e45b9f5f6d89fa83 |
| SHA512 | 0b7ea884565436126f3fdabaf352983f38b39a523050c2cd8d0780fbf0aa656aa02957460408193f5ff106a0cbecd45f1027ff908183cf9a79e8556e12b23c21 |
/storage/emulated/0/Android/data/ir.amir.sandevich/files/Magnet/magnetLogo
| MD5 | e0aa021e21dddbd6d8cecec71e9cf564 |
| SHA1 | 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 |
| SHA256 | 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 |
| SHA512 | 900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | bf0badfa40ec4bdb76510e9a4299e604 |
| SHA1 | 892c2d39bbc47462ae41e33ddfcce478d2151f4a |
| SHA256 | ac58c040d4b7419f7fc81e225478a75947e7572f20491dbd06f82461c575f7aa |
| SHA512 | 83119b33422209297e4ce6c11c5785daf146cec6d6ffb357cadf60406def9db7fe08dac5400adb6b4477fd55e9949b287ca1beb52fd282e05b949cf59c0a7d07 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 4ff822ef77d832b643e1a818d08f4a84 |
| SHA1 | 2ed2aa38f1065c2bdbe69882371f98affd21e986 |
| SHA256 | 9e9b3b326d758d1e227e84f16c51cafc556b37630535dedbc80c820bfd26afe9 |
| SHA512 | 5d52a07703ee9ae9d02ff85f3df4c77de413f3b035c6228a054e1a8dea61248fcb0db6aa2818636e19eb0b0528239e4e7398295918f3b4fe5870dac9d271c9ab |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | 96033d0a7f744641f17555cbf73bc931 |
| SHA1 | 890b17f34f8af586708256f7387a4c0524d55c49 |
| SHA256 | 25c642c837cd7d8cfe3f32eca9999ebdf658deeffd9e159b1d08e8f674c361ea |
| SHA512 | f6a4458174fe5f8e1d732bf9822f45eaaad79477a10d019c80270b5274d8a068bba1042032faa4361b5157f1ccc2e05e65871f40678cbd644ca3e56e00566c57 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 9ed52d5eb0c896af1e63a93606f99bd9 |
| SHA1 | 7c07f497a56535ae501bca889f35faf3966aefc2 |
| SHA256 | d0f45c29674093710f0f98d9d0c84335caa35e22cdd0c255b84d260a18d2379d |
| SHA512 | 01ea6ebace39623f178ed66478a83a02620f2922cb8651ab718fb45f2a8b6b51b2178d1794bf1146221594aa8a640f964b8c8e9cc45d088bd599d86592287406 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-wal
| MD5 | c62ff847e2c1951748ed2ec8711bf26e |
| SHA1 | 94364e63e3f818f979c75636b7ee749a10bcc33b |
| SHA256 | 40c75650981774e680b51b3e51fc4c39d835278638f286fa6eef0e221393a12a |
| SHA512 | 2f14484c89b5f2e7b9699970d6ad480e79ee2d1b0bcb0c178d643bd89b91b2dbef5d9f4ae8e7af92662c9f087c9c4f167720883268862db4affcba2db3eadca8 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 77002ca4f7270a7348addcc886e0b88f |
| SHA1 | 8d6a89db9009bbfd5ea35c4d7a2f63d0e6113c64 |
| SHA256 | aed5d323223e149768531477ba1c542dea01659fc429edb4718250c44766717e |
| SHA512 | d297c9d2419ab3100b62272c5abde351109ca0ac91ee442b3e21f028eabaf75b71822fcbce244f36a7866ee10e17cd79393babb190324d55f863acf68b0689af |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-17 17:13
Reported
2024-06-17 17:16
Platform
android-x64-20240611.1-en
Max time kernel
47s
Max time network
169s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
ir.amir.sandevich
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| BE | 74.125.71.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/ir.amir.sandevich/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 3246fdcb681c3894cfc4a7c646e1c0f6 |
| SHA1 | 13b13e53d89f153b991fc4cf5fb356f8f5976f53 |
| SHA256 | f56088822db8db83136feeb15979f0a124e532a6e0e824e92b287cd0cbb832b0 |
| SHA512 | 7b1ddd499969915dfdda5031e80d389891d1ba8fed56ffeaa91b1d371bf607e319eb86103088efb81007bdea3b33db65fd2e9fb8fa9346c86de180ab012b01e1 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 00e829076f54c72b50b63fd6de296a03 |
| SHA1 | fbeb1b8be863931f98a7c29224a03b89f9616ab2 |
| SHA256 | c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df |
| SHA512 | 1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 282622811eb1de8694c7ea0c1202e022 |
| SHA1 | d199c708cbec90da76f712cc1c6a566f4f1ebfd7 |
| SHA256 | dcff8d5ba81208b38796b2a643dd454aa57c1ee6cf5438af299d60ec48daba96 |
| SHA512 | 2c27bcab286b21e2a5ccf6f15d69bc23e6fb72928d593141e8ed83ad835671dd0243270b1345c0c9008e697d0f6e9be739fb0dbf1faff222bb5f30fd5d27321f |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 9af95beda667e3740f8c9327c12143db |
| SHA1 | 9bfbcc43fbf4058fa1d0b2bf735eab43ca58d3ce |
| SHA256 | d515d620800fc71ae5a1c5af0302ff3b2bdb7472b30fb0ab5f8e4bc1a1e4d630 |
| SHA512 | f586774f0b9a6090c83e46e0ca2d4c94dfc84fcc2b11ca1399073c67b5c64a16250ecd1b1c90c9f2e0b38665648dabc99ed3ac9f328b1d0c7c10c5095dc9a190 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 64ffbe2ec76d8d9619f9db644b315873 |
| SHA1 | 48b403c5fc6eb3fe67fab52d0c689399058dc5d2 |
| SHA256 | dfb5d99a27185ea4f85e813d791196a994266d09f5283fe2626edaa372df9b58 |
| SHA512 | d4565ebea92ab8aaf113ba8a31d5b5bcd0a4cbb24c06083c00864563b5dc200ddc0065e25dd3abee0ee075a17a627d4a7af01ebb902fa5897139fc4a6bd810b3 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 28970ea9dc7002600686782acfe28154 |
| SHA1 | 27d8260356de42178c21e025dc4148e1b2aeaa6a |
| SHA256 | 4452287aaa3d13b769636cbd2ef44f174c01b62777ef9a7dea3c47dc3560eecc |
| SHA512 | bff78d0ea2929d6bc63324590b3eef6786c9a326608d34fea54d1a803978e97bf3c3a979dd097dbf2f69287e9d92d7e403523c9ed28a4f8c7d91d8f794d26b21 |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 6885cb498a8e0bcfdfa3d6adc6e6d673 |
| SHA1 | bfa1d38d86322e036f77141469a5082ecc46e224 |
| SHA256 | 67608740d6014bc86ef208e4ce81b95124960be9a257579c2363c4bce8b17d04 |
| SHA512 | ff349fd64d550a7a0ad618af1aeede9418960c6e39683c62408bcebfc3b3de0228e876777d12b49a56d5c390596f9cdb3682cfcd817946610fd05d93697e6f4b |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db
| MD5 | 8c5307f2224c816bdbf5bb938ef4dec1 |
| SHA1 | d448585350ac25025de0e2145c9acbb4176db89e |
| SHA256 | b202ab0c2c00affe3e289e2be126bd4fff19a32b4bfe81c7ae22e02160684f49 |
| SHA512 | f8eafbf657e3a479534979633729e77774e2c1119f70019fd6cee7b9a035f411f405f6ee68ce6fdf3b34a40401ad469873f19d2956237f82dc1f79939e0c39bc |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 669a3a33669f7c365950a7cdcaa757ac |
| SHA1 | fe2535905c586d851f22c918af1132e4d30ef9b2 |
| SHA256 | 4a08efddd7ba3ee6ac611d80cddf8890c6e045d742c96b81490d9b5f4e829cc0 |
| SHA512 | 1190098030edfb7928e31e17b3a839f90e93f35af5aaf35647791264ee1f0a7060d8c64261bc37ef492c4d1970f69467b5bb766781a202e8f3d814048d9fa9ab |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 13ec27458ec7b4ff45b1ed331554458c |
| SHA1 | 446b0c0c3f87797800b4e3d6829032ff2cc91471 |
| SHA256 | 10050a8be963d66383e9741de4908b0791f9a20b987e5a94bcdea830ead5345f |
| SHA512 | 3c520a7c38c4be2cacdff56e6dcb373f03d5b47354d2b4f778b15fbfe5ffaf77bea156d9b93da77038d05f09c9ecb4d26dcfd5078d849bf78a3c9ba52583475a |
/data/data/ir.amir.sandevich/files/ashpazi.db
| MD5 | aecfe638d8b736fa6e00e7bd1be431a7 |
| SHA1 | 9267ad7543515bcdd6a34e163faf094aa09ad646 |
| SHA256 | e3e85aab3d739a112898ed37f501e3f16e7346343b0324e5f97ea6acd78dee34 |
| SHA512 | f64c4538de25c712712aa9432c5cae82fbfef477332700289f350b6c64c252a92c9a340cb64cb1e8e9914f25f298e46efadab5910954c66460a998c73e50120d |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 5acf42056f301be6699457a6ca6ff2c3 |
| SHA1 | 5090a5f144d709cf3efaee0cbeba71751722927e |
| SHA256 | fb40c2c6abe420406d1396a7c605b9e46649bbac118470af636e439af7b9c2c4 |
| SHA512 | ce59620deaaee02929af26315a1bca76ff2e5c4d706e355305dc5979b2d04a0e870bf8fffb6d2f63a01ce096d12a413348caa2b78a39c01ba7e5dd254663918d |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 9c92a857a856d8d8e47fc78114f41fcb |
| SHA1 | 3c480966d777b1a35b096e6d48dd7c5381b3890b |
| SHA256 | 8d3f941c1c63b0aafa716a658a23ff3c75de3d4284898c51645dae0a64345769 |
| SHA512 | 6a3f7877995f83a4068d2250282c3eded695e1f58204e8f9e1c1e5f34edcb05b892ef9411f56272b7e58e96f28c626de644927e16fa4e97399c1b91329071480 |
/storage/emulated/0/Android/data/ir.amir.sandevich/files/Magnet/magnetLogo
| MD5 | e0aa021e21dddbd6d8cecec71e9cf564 |
| SHA1 | 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 |
| SHA256 | 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 |
| SHA512 | 900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 2191e9d531840561b12cd40aa464ed28 |
| SHA1 | 9911a9f348baa039288133eae4fc84bc3fef8a43 |
| SHA256 | 9c80b43d80de49a1376b70380390e995d50fb6bc889387d4338500175fa4f2c8 |
| SHA512 | 86edb5bc0f92f05bddcc75d7df61e4da65a16ffb625113b1f71ae29bbd1cfd7e05c5717cdda78061afc3e1430f77f396c97120eac999b2d31f641d08ad5306c0 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | fd8f545fe2714dbcd233ab8acd8d24c5 |
| SHA1 | ed50230e76e445e04075266afa515b62aac11c9f |
| SHA256 | ae80efb3921034f36de23694aa05581b6c4819c40c05f2dcedfef6f05e26f91d |
| SHA512 | d03ac863c5cd809bd9b6505e0c9c37604479dd3fe714fe50cd3f52c5b31136b538dee02e4f7384cde2c49137b8bdf5a3cb3581ad4c5cbe4403f66b228bb88c69 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | c42dc6f6088d07857912122fa26a31a2 |
| SHA1 | d75026ccf9a8d4c14b33d19493e430177ea21760 |
| SHA256 | b99db3dd0ad82386a265661a870eeaf06742d941494d0e69ba5b0c2d06dc9acd |
| SHA512 | f11d846b824d749ee1c237cf84c15c21b2de0071e46986127951a759471101280069bc2bf5dc6ff076ec657abadcef90b544849d15ea8fdb438b7c2f09291d84 |
/data/data/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 78e46f5b851b2c0d298317ffa8818580 |
| SHA1 | e0c8c8dc71ac508c54b284694b688501a9ac2781 |
| SHA256 | 500e46bc6c07fec1c894b83cb732ce74d79e49aa2634a14ecfd2de4063225d51 |
| SHA512 | a9a818ff34c8db5be00fc960c3291325fe0b4d44ce078e21d17a03fb492d76ec610a342c28afaf2150838690c1eb4319c4e312dd515728275eead746a6560e1f |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 261a969e393f4f1cbb611fd60a1bf453 |
| SHA1 | 6a955f441b7c7fc99778500a9acc0bde81cee9ff |
| SHA256 | cf9759b955259170c0e065dcb2f9f48c270fde04f375a284dabcce19b4b1193d |
| SHA512 | 6d6e231a4e995312ea54aa1ae13093bf1ba7e76cb718ec08e6ee529ab7feaa0e1927761fd06c7518b4771e0994c095415f851ac8373951e40e03726940c98f63 |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | c9a3e626410cc61053131bfb628a3fb4 |
| SHA1 | 0f7618b33e3a3c781bbdcad00d750713cf579025 |
| SHA256 | 6d36a2c58a6192dafae6bef6dfc505f179733972794393e301bf8417ce34251b |
| SHA512 | 59648b1f82cb6f901b5abdcef0914298cbbbfcb83c2aacbdda28e82fdf9c2931e9b4958dafd8a63f4ff8c4d2f551481d55d8147e3e025ea2f0ab8936a3091ced |
/data/data/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 8868bf3804d01527b294df27e7fb663f |
| SHA1 | f1b40d726350ae1e2bcb6578c65a1f56b1ae1ef4 |
| SHA256 | c85f2d82efef612a2bba0d2a2e8b74bb61a2df8d91b93ed75baaf7aa7dd6d6f6 |
| SHA512 | d0ea2f58bf5a757b8138fb2da1cebc1cb515f7ed1c7823f10a11d23409ee8aaea7e9676c8e3ca89430c0af91247bb64b3c62e7b0e8742060f8fc4b649773adbd |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-17 17:13
Reported
2024-06-17 17:16
Platform
android-x64-arm64-20240611.1-en
Max time kernel
37s
Max time network
132s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Processes
ir.amir.sandevich
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | srv.magnetadservices.com | udp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| IR | 185.49.87.170:80 | srv.magnetadservices.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| BE | 74.125.133.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ip.pushe.co | udp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| US | 162.243.147.245:80 | ip.pushe.co | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/user/0/ir.amir.sandevich/files/unsent_requests
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | b8c48cab829a38bd55adbace07c1345d |
| SHA1 | fd36dd3ee02ed464cab938b43983bdbda96d4996 |
| SHA256 | 241430cfe92ee3e641deeafc09d4e0d6f4c79cb84a495c1b7bc9b6cced75a1fe |
| SHA512 | f141a43315e67bb6d7f62ec8b2efc6fde9ba88926e541ba233a3fac7a29151820183379bc290b0e26b2f275418588383cb76dd75782c62de0175508f9c86ce66 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 47080e3bfcf2db9b8620f2faf6c5857a |
| SHA1 | 6f63c1851255e0fa99567f047382074b086d38bc |
| SHA256 | dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb |
| SHA512 | e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 0d7f1dd853c2463b18188c017c140c84 |
| SHA1 | e61aea9aa634463cad16b57cfddeb32ba4231dd9 |
| SHA256 | 809762d435c92365a830601d4a346e4a04f5b6030f52ed50025a3582e99885cd |
| SHA512 | 7ba203b59dd31379d9639ef51c1be64c3f18d03d004acb74a876ac81e077243eb6197392f1a4eb4ebba883d38fd4b8aebbf5d535e0cb2b6d6bfd33f28cc75f25 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | e9cf8c0e0de3e35dae55ef1113ad70e2 |
| SHA1 | bad47b96f3ad5ff9ab9459f8e729484b2b061c2f |
| SHA256 | 749265123006bdd7881e810c9bebf51d22284a9856541bce3b770453c9ff683e |
| SHA512 | 61aef0e4248c6fc3ba2ac1ffbdedce5d71ad536c70a433c1a63cceb7ce5f90b9d58993ed2c7984ca67cc57b1d8c2e8e950b13d59ad12c2eadfe2539251953e88 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | 20f16c19a35888b016b3d5377748ce47 |
| SHA1 | 9b0c53050f6f1aae402304b2cf0fbe48e1138de7 |
| SHA256 | 2f9f1656c648069e55ca02cc73a0027b3da01e00198848ed55654907db640a98 |
| SHA512 | 9a9387c1abbbb0cdae86f68738967b8e629f8c55852ba1f7aab40f89defea8bab7c8044cf7cbfaf072831d1343f137805764a041036d0873316894bbeedadf17 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 9724f46196c7bbecd35b8b2a8a4cd198 |
| SHA1 | 9bbc16373cb30ad7c5cc20b03efa5ff4ea532807 |
| SHA256 | 68a4e7eedb95872746ab7acb6ae3d9c738bb6a0c5eed73525fad5366d6da52c2 |
| SHA512 | f24766aa54e42eff94f04060310398c471a7de9300aacf3e8e0880a8bb6ad8d9cdb51ea1ba32c318e051270c857f8b242a3e6bf8a28a65d9aacfedcf5ccbfd97 |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 8a7c445a12f9632dfd3c932fa3aa873f |
| SHA1 | d1d6bfe1537581f3128c7ffb5d1808d7c766009e |
| SHA256 | acf5c3b8542354dbc1da70f999fa7a5a3d2fe004b15738cd011d136494847583 |
| SHA512 | 4dcdc18a2bbf22b572cd95179c9b234003acba59377b3100298f65912c96416f156eba52eb3e111910374ec838bf68ae81ac061707c9935d0f097db976214e7f |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db
| MD5 | 0cacc868d0f799eb4d993b322cb846e8 |
| SHA1 | e4213ca4559b065460ff43046ad7df68fd2b52af |
| SHA256 | 0d7614e74fc3fa4a46da56cd65030245ed1cb39fc3e1abace5b56aee18d6388b |
| SHA512 | aa0a782bc8b4ad373f134dfdc37d7f563c99bb82a1b4a6aad3eeff3d8571ec8c55d9afa9107ab5d8c477bea137efea41f57c052616e24883517bbb760ec57f5f |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | ed686b7d7d21f734b5ed2889d9e251a0 |
| SHA1 | f4bde276b3314e594bd99f3896ba7214ff906f1b |
| SHA256 | 1842875323e6b62de79b5612805f4a7950cdf3fecf19fa5aa525fc728eeb3704 |
| SHA512 | a824d9d24a2aa0490aacedae4a60bae96800035273eafed639550a753c71e3bfc69b17edf3d74b04325a9cefab40a0cacc6ccb031daa8de48513432eea7043b0 |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | b51f586cd29d29a124e47a9de306b0fa |
| SHA1 | 35d615b8131cd74b86adc64a3de1f2346e781997 |
| SHA256 | b8d6352ee3eb7d247a621f95b53183296950f1d4f2ba095cc9be0e2fead4c022 |
| SHA512 | 6cb18a567ad75dcb615684b87aec67b76bbd5fd1cceb1da9c88ca11a2adf48eb4db2c7ac99a9014910a92e04565a0262ebaa4712cdb6b2cd7f951da498268d9f |
/data/user/0/ir.amir.sandevich/files/ashpazi.db
| MD5 | aecfe638d8b736fa6e00e7bd1be431a7 |
| SHA1 | 9267ad7543515bcdd6a34e163faf094aa09ad646 |
| SHA256 | e3e85aab3d739a112898ed37f501e3f16e7346343b0324e5f97ea6acd78dee34 |
| SHA512 | f64c4538de25c712712aa9432c5cae82fbfef477332700289f350b6c64c252a92c9a340cb64cb1e8e9914f25f298e46efadab5910954c66460a998c73e50120d |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | df9143a34f91c3373ecf15a87be2475b |
| SHA1 | e1c2bf19ed8a3ea0533b7cd42ff4864cbe35851e |
| SHA256 | 176a210c123d7eb3d4a6aa944a92fd969cd2c1a925a8fd3904e7eb78ecd463db |
| SHA512 | 4b71c74e9d1003fb9486be7f8d26e72b6f249902516e4a66708fdb15709612d3960c78c101f9681f9e9c09a3ebff571405351a79460d54424ccc6e5ae7ef62bb |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 16b3d9eb3a15c6e7ba10e05fe9d0a335 |
| SHA1 | 12d785c446c6234250bb78fb49cb65b84e4588c5 |
| SHA256 | 11639cb343d8c1c11ac79e13db9c6ebf7010065cdde4da1e2f0e0e5f6fb5df31 |
| SHA512 | d438d06a828395e0bc0135c5dde30ae12941a2c16a418e8c45679affbb8e5a23823f55cbea8de69aeae41e568ac09d54a18cc0da80e58dc7ec2179fc0277533f |
/storage/emulated/0/Android/data/ir.amir.sandevich/files/Magnet/magnetLogo
| MD5 | e0aa021e21dddbd6d8cecec71e9cf564 |
| SHA1 | 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 |
| SHA256 | 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 |
| SHA512 | 900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db-journal
| MD5 | e1bcb70a01287569c0c7c98503118881 |
| SHA1 | 59ed7a5740392cd9a6c8b6b74192a64d7c3edda6 |
| SHA256 | b448d80a944b785c8ce71c314645149d6439645b9e46b1df731ef7dc579d29a5 |
| SHA512 | 82f86a9bddfac2d8b6fb6d32919c256607adf3ca9be2d1bde78fc0628b937146b658e9715684d88ad7c45eb1261d216de9ab7869a432d63c4b2d15d46046fa0a |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 957fa04eeb2663c116c4dcf8ffa88f6d |
| SHA1 | a64797f7f1f9f52030d25c88e5edc2860f197709 |
| SHA256 | 484edc8a50ca63db7d38991bfc342227a4e8c7d42ff315834ae3df8b1e555e5f |
| SHA512 | 2fc6b20f7c91ef4df603858015897de0a7ce5e94ee2f60093c92e383f6d238b84d5aa06d697fe0c15a14f4f45e5589eee87fdad6bd32a1220f4a1ec84e806a41 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 594c920195f0863589e513b8045026c4 |
| SHA1 | 0f7f0687c44b618f22501a91d250d67726751260 |
| SHA256 | f4b2873c0052fb2260ad1a5c3969c1d26ccbb631795ae178b7710d6078045a7f |
| SHA512 | fe63b0d69a62b28cbb82922a1833140a754753ca547e54cb73f0d4d377b0f324e21c47df4c3577b194302fd14c8ae6de2092d35709171ea57342b6af3252c289 |
/data/user/0/ir.amir.sandevich/databases/evernote_jobs.db
| MD5 | 78b387106aa43a3291fe7a5b8c6bcc96 |
| SHA1 | 1d7b5a4fbf637b9673c38f5d6cd2c692736b6a09 |
| SHA256 | 8999afc995c7a13b6b94b9a35b7ae37ad4567dd884502a7100acb4ae7cef4d37 |
| SHA512 | 04cb91e1e4d1db8848f3ce7b176a284bb01160c9b2f939324790820b393e4d728ddc4811bcf6d1eaa8c9e7ba56bd33cd21deb30527f92aa30c1a362878dec10a |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 97d58bcaea194b3f3dc5fb1885546cf8 |
| SHA1 | 0bdff0339ea031f9ce91a5a3aef77f7d239ddf90 |
| SHA256 | 2ea1df0b8c0b494b6282dc5a2145e02e6db0e918aa13fa3010158149a8d64427 |
| SHA512 | 765a51209451cf925d6afed55392c99ff01f9cdb2a5137072d6e2903493054242fd7cd3fd537ad1a96a6feaa5920475234aca31a9c9af478c8be532336276a4f |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 39cc8b25849eb20d5dbb2fdb28436bd1 |
| SHA1 | f8b70519f56025948a3809a9c9d5b08d7c202505 |
| SHA256 | 8cee114361a374fad6f5fac1da3579561890e56d633d93aebddc8f524fab981e |
| SHA512 | 1ea9b5bd063a3b23481ce3376011196c4ed61220bbf2a0c3a646f01955369d5b50c1b812020d33edf59c4c73ef70cc662f5a5c8220762ca24795024819dcaf0b |
/data/user/0/ir.amir.sandevich/databases/__pushe_base_lib_db-journal
| MD5 | 97c6e1ce1e677e8b987cac5c8f953f71 |
| SHA1 | 02df9f88cbd7a3beafab4f062518d55fcbd53f72 |
| SHA256 | 6a2a00f6dff4e0d6eaf4bc0481dd234593fcc9f08a405b86394eac293f840491 |
| SHA512 | bdc1f3e65db6f96a372b144305c4a349b6d5a212b7832f4da0c43c47baa86b67d91be233cd43e2fb977ea3940eabe364e548f40890a15780b14034721f971879 |