Malware Analysis Report

2025-01-19 04:51

Sample ID 240618-krcf3swcqg
Target bad8ff787a9b045af8f1b077cdc780de_JaffaCakes118
SHA256 7fbea9dfecb8b9838d72c7fb94af516954884966db08b5d518a411e6be0f6508
Tags
discovery collection evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

7fbea9dfecb8b9838d72c7fb94af516954884966db08b5d518a411e6be0f6508

Threat Level: Likely malicious

The file bad8ff787a9b045af8f1b077cdc780de_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery collection evasion impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Requests cell location

Declares services with permission to bind to the system

Queries information about active data network

Queries information about the current Wi-Fi connection

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-18 08:49

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by VPN services to bind with the system. Allows apps to provision VPN services. android.permission.BIND_VPN_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-18 08:49

Reported

2024-06-18 08:53

Platform

android-x64-20240611.1-en

Max time kernel

23s

Max time network

190s

Command Line

com.mobiletool.appstore

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Processes

com.mobiletool.appstore

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 awpping.mse.sogou.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.46:443 tcp

Files

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

MD5 11df9de4c8738f092435ef51b1d7064f
SHA1 eb61db7ce2c76bf7331666c76f1c094c0e658274
SHA256 8771a0ef52a35117b35eace63bda8b06d4f5d8260f23671ea5004c046b63cf94
SHA512 d56856a6092cb88296fa992cfbae2851a85dec5adaf4737fe565ec6ee122e5797b511a630ff38b4a98393e78da62da61733ffc43871bff8caac750100c803305

/data/data/com.mobiletool.appstore/databases/downloads_classic.db

MD5 d5f18b8f59c9b48a641be38549075a6e
SHA1 f79fcac2ea7f580a58ed95eea3cdbe9569133085
SHA256 1cb9e0b83c09803d54755f425182eff61db67c83e409c86fbccdeed30c0594d6
SHA512 34a30d6d0cfa2043d3702a0092570f10863050d88e6b18313bd35846e47b9be1207379f005004b75eb430dbd4baabe5d02af41747961610ea4765c02bcd2643a

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

MD5 da02767fe6038c7b33ab62d2e0c8dfcc
SHA1 27755ef6d474f1574a0c84bd407c8a4dfc43360c
SHA256 589b598bf3678fab8ddf0d171ecda8e911e38ff170e63e99a62325d7719bc724
SHA512 f87054edb0eeaddba7e4bf329aa28c5d98a65e8e5e928c45bc9f8ca21510b4968fdf194303142869805f4cf62d945d8903ba98ef520b117d76e4cdd674a91e29

/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

MD5 377f11c20089cc9b7573ef844de391ba
SHA1 305818e7036cd383e92693a6466436624fd14af8
SHA256 51ab5fe3a919b53a4aa5ef4af32656415bced5a8419fe9b220af79ae18129758
SHA512 013e4fc553e99c12502c1252cbd1cc41d5e914a7a153c2276608f9531aa4a9dafe4fea333a274c5688217ca93e540aa6b0c05e80e1cfc6b6bb152d5bcb3012e3

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

MD5 99de1b4d701a4a81d103ffd63d952028
SHA1 1f45f27c99a5b9b4b36b142eba9f474a3f7bd24a
SHA256 8f09a66b07e91f779ef8f6ce0e6de6c687afe6b3c107e1390383965aa257b7b1
SHA512 79d58f8537eef8d5b0700f988e2861ecc6530872808dc15675f373bea4980178398cb5a48b3f18a5d432abe6a4f34c0fb0189582da17c29b2296b23f0ef0b1ca

/data/data/com.mobiletool.appstore/databases/MessageStore.db

MD5 15669eb47bb19111cb64fa7508b227d7
SHA1 c7585424afeb0fc7051697b771eb3d81e0e3aae3
SHA256 ecb0e8c93a782292a1dfe20a90e204d1c1c804e2773f1831c9ca34826aa62071
SHA512 13c2cb45912090ba0b670b36050eab5954e22d57b79e141d2236035dc1ea2000960d93ebc544fc4dee48765335a3d52baeb5d31c8a40407224c624fffebbc11b

/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

MD5 da03ced2b569bc7286f5ac87af14e529
SHA1 3c6188b01fdba80a9d98edfad82ea81e09dbbb70
SHA256 d0168d1f05aca3e182ef8cc9e6ad863cf4fe523bee525faa1ca940b9872049d5
SHA512 d0cdb98d672fcfdd10a6caa1270a17a9be96baee44a0d0e4f74713b04f3837f164422146c2145d5ec4e32639c71c8f05d4d776789b870b4c9436276b2d94a280

/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

MD5 a395ea5f20b179a180ecc5e9f8953eab
SHA1 ab1390445d9499b147e1531fa5931673591a746d
SHA256 eb585f62e915cb22ba00f4d5613169de4a4db89f105272ba4bda8743e96a7174
SHA512 ff379daa5e5fc3be6fa0b12ee899c103c34b82aa343700dae88c73139516aff7e188f4eb9713afa081f4f4e0db47539ad06777f26f45db73ae1a563efe5f02c1

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-journal

MD5 86fb9b1bc467016b02c4ef61a0648bea
SHA1 ce946ff9ee4981a7a16e98d366c077160830c182
SHA256 3fcb9ff1405fce2094731b7a725940b0793d1d92e7ebbd3419cc05528c8ca199
SHA512 6cbf67efa9bf7d9af260f8220fc5a27d91b64961233301ef4c241b3c1206b8c666f65703c739b99d3efb93d9c875dd353b2fde1355debe64cc943925f2fa0b5c

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db

MD5 9cec591e3ef91ae568f4cb6e7c2a8745
SHA1 ccf756b6b465ad9ad7ff6bfbeb4e8345ba3f6ff7
SHA256 05be88f05e9bfd4d6496caab584a704e7956fb87036529a0c8028f1e2bda309c
SHA512 f824b3268338787275c184bb740d152d53c1d8e57a044f587530735ef04d021a2671cc2aebb17ae3b497a0ad171060da484a565bfa62d32ed334ae5ffb538f51

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-journal

MD5 de8a6f68c6531e74663f92c95b2e93cd
SHA1 4ec70cbc788d4076b1f14e089d8599350ba8a262
SHA256 96ced69a7f04493da0447087df49ba5f6b590061dce6ba833707f5f196cc9012
SHA512 534343d137417d2936ff145aaf09f88777073aad0a6e9cda9b5c09d2aebce51dff31c93b42afe5d7b73647aeedd3e32f7b9b89491e1f2ccfeba491c93f78edb2

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-journal

MD5 97f2787036586c444f36f3bda4187372
SHA1 a96f33a983bb5eeacbdbdaaea5fd378ae6e00fc6
SHA256 a5a3e5b997f8d7f4733287c361387801da8364264da75233f9f8a0e5544a5267
SHA512 86cac3edef72aef603e889f44be05a38a125874a8b4782712252a7c9f9f6989dc6d94ca2c80ea21baba23d6a4fc2ea352bd37b94dcedaa0a9e39ec9797dc2514

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-18 08:49

Reported

2024-06-18 08:53

Platform

android-x86-arm-20240611.1-en

Max time kernel

170s

Max time network

189s

Command Line

com.mobiletool.appstore

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.mobiletool.appstore

chmod 777 /data/user/0/com.mobiletool.appstore/cache

chmod 777 /data/user/0/com.mobiletool.appstore/cache

com.mobiletool.appstore:remote_proxy

com.mobiletool.appstore:push_service

chmod 777 /data/user/0/com.mobiletool.appstore/cache

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

/system/bin/sh -c type su

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

/system/bin/sh -c type su

com.mobiletool.appstore:channel

chmod 777 /data/user/0/com.mobiletool.appstore/cache

com.mobiletool.appstore:channel

chmod 777 /data/user/0/com.mobiletool.appstore/cache

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 awpping.mse.sogou.com udp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 defake.pingback.zhushou.sogou.com udp
US 1.1.1.1:53 mobile.zhushou.sogou.com udp
CN 203.107.1.97:443 tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
US 1.1.1.1:53 get.sogou.com udp
US 1.1.1.1:53 ulogs.umeng.com udp
US 1.1.1.1:53 plbslog.umeng.com udp
CN 223.109.148.179:443 ulogs.umeng.com tcp
CN 36.156.202.73:443 plbslog.umeng.com tcp
CN 203.107.1.97:443 tcp
CN 203.107.1.97:443 tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
HK 129.226.103.145:80 get.sogou.com tcp
HK 129.226.103.145:80 get.sogou.com tcp
HK 129.226.103.145:80 get.sogou.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 config.push.sogou.com udp
CN 203.107.1.97:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 tcp
CN 203.107.1.100:443 tcp
CN 203.107.1.97:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 httpdns-sc.aliyuncs.com udp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 223.109.148.177:443 ulogs.umeng.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 223.109.148.130:443 ulogs.umeng.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 223.109.148.141:443 ulogs.umeng.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 223.109.148.178:443 ulogs.umeng.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 223.109.148.176:443 ulogs.umeng.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp

Files

/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

MD5 20f899c611404e18497df26c35a9df1b
SHA1 e272316aa50c3d6d20499c38763e5af9f1a71541
SHA256 45c7b880c48a96aa0c42ecb59809d760e260d716deb9ef8a058d53e1a0e36fe3
SHA512 0d33d4c7eceaaf923e39ef4d5f4e9fa04c44b4709fd03b008d3653669d02a71734ce888eefdb793572bd7498cba86e55f27f3735d9a39559ae9578a90805e1de

/data/data/com.mobiletool.appstore/databases/MessageStore.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.mobiletool.appstore/databases/MessageStore.db-shm

MD5 8e507783223e7bcac311ed120cffb9af
SHA1 67a2f17439b61432941a605dc896654e220914c0
SHA256 ee5b8aae35ef96a8f28e64cfd02d67b7a47f5e567d91f52ad51a8e67cd08e241
SHA512 580a6653aeeea1b917a08e65b8bbb47e94ec35508de739234551c9f7d3af5533ec3ce3c8ad13a655d96b990c83ea0acb8d60e9397716987cd11d815a5f87cdd7

/data/data/com.mobiletool.appstore/databases/MessageStore.db-wal

MD5 b2aa91e8c79550399f27bc4649166fb7
SHA1 8bee8cdee9df682df7a15a1b7760286a6aac3e77
SHA256 93eac2856f7de2667a1b9a7f49b8306db1fd4fe78b6d6a2eb1c4650c030a5ea3
SHA512 e946dcf13edd2ad88abc7f18b45cba3d97d226fa68aeae1b28e2ed5c65e83961bae9ac795365bd672cb513d0badac9d978c2b4d54f844ffa703c569cf2aa28ab

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-journal

MD5 f42debc12bf808ef83d10c6efa6b4389
SHA1 6cbf7c4bc36c994447b33bf7189ce1cb0b3a9866
SHA256 19864903a7a069a40229dc9971ff142996f3fcbfa2508d4dcd4766605c965e36
SHA512 bfaf3f80799f74b69183366bd57c3c0f5c4d907bf365a51da8c4c4d0373bde2d1ded402f6418763406148adc695ceb7229afbe2fb127c48538dd770e9bc11c4f

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db

MD5 c290bb5bcb294f4e866f2989065a351e
SHA1 3d4b4e88ca90f0acd94ba05770d76c71ab388970
SHA256 a81397601e6adf81d3739ce02d6c25deef56af2c2a42bd5f3615dd925742e05b
SHA512 3558aea13b7134c4fcfa42641e67a8f48e51b5c4ac9f5cd11338e531a11d58df339377347d5b8b65f35c334c265397026264ddd8347f51e100540455ebfad61f

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.mobiletool.appstore/databases/MsgLogStore.db-wal

MD5 f44443f2194e0de7dd0354e427de4e6c
SHA1 2fa28af9fd23a6cc93ad30e581703f766d71534c
SHA256 a851071e1ddbffde64ca4e873189b59597bc540d34cf779f373e3ac8b1279814
SHA512 8a5977c45e2859dbfa9240e6766d06616c685bbccd2f4763d6a504e8854396feba5e46646006689c7a4c8cef57710e4a1d503e9b7fcb8acdf50f78f72b87ca9a

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

MD5 420b9e66f808d66ad2c3125c9e9e4595
SHA1 4a1b46d0dd12433c5992c11c61cc7333a255d578
SHA256 5b32b41cd2ac7592fd0669b84add1d6fa68b11a07d1a711edbf2cea2d4689523
SHA512 9fe8e0a23d8f840193c942e2a7c75b7d64571155770266c7be77470ec30960f00d10662feb15cab1dc7c6f4c198ec6e0b750cf8a55bb28b306c28d4f350b0733

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-shm

MD5 ac0f031be91b366d61c14f7ad8fd0598
SHA1 327f69ba933dfa6f1e6a8851e8fc16f93a6b754f
SHA256 027dfe0d6d316e13cb6a350bebad2d1a783d169e74765d94e2e5eb1f1ee35db2
SHA512 fc7147265075fb1c5445644a5f5a1bc7fb11af9670e59b22a53c30c956a0398818551c323a34b0da8f8c3176bb60e0e0da41d02766d0c3b0d00f5a34c04033ca

/data/data/com.mobiletool.appstore/databases/downloads_classic.db-wal

MD5 92743f198ece8b18c33f5d75379c1dda
SHA1 f11b9779c9a4c025defabd4482b1502937086196
SHA256 9f0a120ee8c29342c4a591cd70cd65155ea4fd6f22a02e537cd0a2a3828e7416
SHA512 1647c427c7b11f63700ff158edaa1d0e5fbcc4d53e795d3a58e8d41b7407cedb9f3bf6c868d0237dadd79bace5e6399a43bfe8068c3839b768eb7e2c8bd3d9e2

/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

MD5 cd17b6240adbacc706b6103ca4ee54b3
SHA1 645846945f2e5fcc2b6a821b1ff417f30048fe16
SHA256 a9425f90e559f20b5445773e6bd2a7271ec07211b86fb3c48502584b39339771
SHA512 2f616177fbd6df217b56da49f411cead9e58f65e74a3d9a29fc038ed1d79c05fdc683a51a73d3d146e620423d8fcc521f9f66bbed81cf9083c4359c5abccefa0

/data/data/com.mobiletool.appstore/databases/bugly_db_

MD5 7016fe8e052ebe53f565badec5ea448c
SHA1 ed821c8262056a6b3e5edee41efb89b8d0b10b5f
SHA256 5d53f1964068bbf066dea4b547ae0eec775535505d859d85fa487d02fdfa33a6
SHA512 24852e37d79d59dbb55279562f5230a8f3b9193bacd404f41a2f9c4acd9035c5a16246a71ecd3464695c2e679113a45f01c462b43983dc9a185682a5651cd3a4

/data/data/com.mobiletool.appstore/databases/bugly_db_-wal

MD5 6bee664cb73924d59c35692e6b8cbf2a
SHA1 ca278ce990285ce035075e948141be816ce0d6cc
SHA256 f6e2aeea40502c93fe081d5db34d212fcdb8c541e64ab334d8b1a8b1911972ba
SHA512 4d10ff737be6a1e7cc36a62e5c1ded43e3076174498d5cc1d9e0849d93fc2a0a9db074ab9b5497de0fe4e6cbe7b108f08cc404eca7016391483cb16fe056c3ec