Malware Analysis Report

2024-10-19 13:10

Sample ID 240618-lvssxaybkf
Target AnotherHunt.apk
SHA256 8f0d59ad0bfaaa237e60a5b9be1da0f69f314ba15d0ef41338987ca575cd4944
Tags
discovery evasion execution persistence collection credential_access impact
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

8f0d59ad0bfaaa237e60a5b9be1da0f69f314ba15d0ef41338987ca575cd4944

Threat Level: Likely malicious

The file AnotherHunt.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution persistence collection credential_access impact

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Queries information about active data network

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Queries the mobile country code (MCC)

Schedules tasks to execute at a specified time

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-18 09:51

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-18 09:51

Reported

2024-06-18 09:54

Platform

android-x86-arm-20240611.1-en

Max time kernel

43s

Max time network

159s

Command Line

com.cyq.jvf

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.cyq.jvf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 api.onesignal.com udp
US 104.16.160.145:443 api.onesignal.com tcp
US 1.1.1.1:53 onesignal5.modobomco.com udp
SG 139.162.35.31:80 onesignal5.modobomco.com tcp
US 1.1.1.1:53 betonamuryori.com udp
US 104.21.22.182:443 betonamuryori.com tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 code.jquery.com udp
US 151.101.194.137:443 code.jquery.com tcp
US 1.1.1.1:53 secure.gravatar.com udp
US 192.0.73.2:443 secure.gravatar.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
GB 172.217.16.227:443 www.google.co.uk tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp

Files

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-journal

MD5 501aca9efba9cb7568d99e0a21ab1228
SHA1 7d2a1d6ee96100b9f0b3be345804c721dffd5fe4
SHA256 760e51599398a25c258042f3b2ff2bed9bcf1e805af34f1a78941aee2f082561
SHA512 abe09a6eaf0826e40a1087ccb80f4d5319eff10bf68768cc1ccd7979934bb76ecb5e9935c401985ffabfe367c6758cf64a46399b7ee9b3d345703cbc2149f648

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 cba88009dd7400126c35a300ad400e44
SHA1 457215e85b64935ccf06311e5a3c9af293c7191d
SHA256 c37bbe7c9a561c2c6143d8ce6138e18331966ffadd095c858fd13d82bca3ac0d
SHA512 88924d97f43a1b7002057f0592e03dabbd6e90dca2df22bd52f0249a2efbb2e5d31609eb520f5523a9abc329856efeed3b66556ef2c8b5faf247b7d6d7daeea6

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 6ab49018eff729381bb295bbd09c27be
SHA1 a7e58db806c73576c2574338e46652885f58322a
SHA256 9440f96ff421d0cacc3349bb3c02443ad8e490f3b20df469f976fa8f0fbfbb8c
SHA512 ca8ace17d2cb431f3f11bc7ac328b915437ab506c29bd77508713a2226f11102f72bcf9f8a32e4bebaf537d0ee58fc106fb077ea9c0982f0c9798ecd8ba08399

/data/data/com.cyq.jvf/databases/OneSignal.db-wal

MD5 be6b35c24686ea4787f8304caaca1149
SHA1 4e981eabd8df4376c001ff6f2789d05cb3068722
SHA256 adaff37155ffe90c037ccb452a60bf4fe97851e6534c8a7c70cc4df21d98bcea
SHA512 3b06cf49943d471208794a2f7b5ea8a19a55a5b2d2860969e7ada0934a4bdce241e76c08d5c8b7ef94993576ca2fcd648454ec280e132436dcf0bd50d08be1c6

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 3d6e35b1f6109e8ad9b4c5762fdd15ea
SHA1 723ba0eaec6dd273fe90541170c890047373effc
SHA256 7ce338a60811ced616057be503f4a03f826f34086ba1aee8f86589e82f51f522
SHA512 8453ad3b06991df497425444dec8704189ff876ac75b3b1aa432e30533a7732b08e3175c6bf09a3d2fd7848013da40e4720a6516842d4ef973cfcd033702239e

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 afbb63ec77d8f4da4ca1fcf2d720eb4a
SHA1 d8ebec002c78f72c634d7d07a8087e688d7b0561
SHA256 2a5ec248d5f4d8c0e6086e9e7c333e02cbc541ceaad8aa9b7659c36da0bd3d5c
SHA512 f3e31bcb5d47b3dfc3fa90983f268f410bdfa95f5a968cb881d047a09b1271ec83b1f2418a9b81af8e4920c91f564a1d8e5d029fcb3fe778a4e12daedc5c1204

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-wal

MD5 3bf1109cb6013d5a3fb756359c90600c
SHA1 a6704ed9532b666277ba3ad673569584bd4f40a7
SHA256 da7f41de04c9bd1a0e2b258e79b667c9b3e419ce58d8914f9fe4ced9a84c334c
SHA512 657261b50342e1c1a5b2f231611eacfefbbe8c4b8766fa8b002aa0f6bfd96383627e14f4baf775179f1e056b0bef281b1f085b07515c308d2b6effb2729a160c

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 b23a123d6226d901b6ed11fbef5e1dfa
SHA1 e4a3bb85896d97f4961385b3cc6602fce9a3b8a7
SHA256 8750be6159def1ad039c5912287eb852bdb216d5503f67b14ff04c0dc5847a3b
SHA512 3c72502597ad720dac32aab4b6d48ff678ba967ae6b5551ea09adcf44788313dcc5a2baa899b915a24e2caaff785b6dd5e3fa8d37d12c393bff4399c43869155

/data/data/com.cyq.jvf/files/PersistedInstallation2762808691199984313tmp

MD5 15543e30ea837cf4f1b159f77e02a93b
SHA1 4ed534d892e765ba0f763b95d09e854a3189fc16
SHA256 96efe55274d26ecb850e5bca6a96d9754125c59e175813abc0d6091b7be6064b
SHA512 8792d68b5b93474e8d5ea0ba6b6024708edc79f4e9a8cabf84e18ed8a3f5883dc1a2fb7462bc3a5cb14405d7c9bb2e4006e187283941724eb5e86437f87d3d5b

/data/data/com.cyq.jvf/files/PersistedInstallation685677003470963192tmp

MD5 d3a9920c387a4dabdf3041018256d0cb
SHA1 0532e124a3b3ad941f14c00e2d2b660adfdf1a07
SHA256 e6d72d750418994da46d5c08137ed73654bfae960096917030cc64a499ee5177
SHA512 c6caadda96f3b6a0d46edc85cfc49cb9473fe378497a50ed7bca85c5ac43e4dcf3a1fbb370db0e4112706b202cd95d6a69f41aea563eea38f4fc86deaaaf3521

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-18 09:51

Reported

2024-06-18 09:54

Platform

android-x64-20240611.1-en

Max time kernel

41s

Max time network

147s

Command Line

com.cyq.jvf

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.cyq.jvf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 api.onesignal.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 104.16.160.145:443 api.onesignal.com tcp
US 1.1.1.1:53 onesignal5.modobomco.com udp
SG 139.162.35.31:80 onesignal5.modobomco.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.228:443 www.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 apkafe.com udp
US 172.67.212.14:443 apkafe.com tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 www.google.co.uk udp
GB 142.250.200.14:443 tcp
GB 172.217.169.66:443 tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 216.58.204.78:443 tcp

Files

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-journal

MD5 5cd5521255882eb997e6335f9feae383
SHA1 9ad9849e3ab00ced98da99f9c4da5425ed6abb48
SHA256 6ec15ab979791aea2b4710c4591f67d9905bc4df46712cb91c2184c297387b56
SHA512 7c2348e390787486b0e9cbd5dd79e43d9722f48f6b0ce899bccc67ec0389921ed03fa25c2940eabbb0807e0b9baf25ce709d91420ad65442872419062f148cd2

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 977f2ff574bc4a076fb16c400b26ac53
SHA1 ad95c12b76c9577f8755d7dafc87d161fde4d02f
SHA256 cc153f7b269ca6e357e7e5dd607da78844a943349bd4042e51c967d170fd5149
SHA512 19bbc2950975503d857e7f6e74c01035afacc88a0bce1d38c363fe34837bd0dc9baa49f60a7cf1402756f95d8f510c9cf97525c550686d15d786f72efef37a09

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 8d7d717aafd688e3c07e389b405a6eba
SHA1 70536d20c3b38464ff5fd20468db10f8e81d1a4f
SHA256 afe0807ec23f3b75abec7b57edb4207d670666663cc811965c1eb3e834c86f36
SHA512 5b2a423e85e6ba1921e4ff12f5822dd6a05a8039d1fd71a1124abe41f56840d60461668287dac530f9fbe9eab802b36de199c4c90c3e9bd45349db0ae598e23c

/data/data/com.cyq.jvf/databases/OneSignal.db

MD5 e1941e84ac2269c7b1b8bb7041b14001
SHA1 aed569ddb068a94e893702c297683c233d841f6f
SHA256 ab03de5564295f5ec34e2fccba9811cff818911b07798e9e456a58309deeb3a7
SHA512 99124fc5347f6a7e19e0e30330c4e2f0f2d9074a0fc6a0ab7be25c5bd90d8dfdc66e8abeb1852be871dadb7a5945d7046d2e72ffb4f179c385ed7ffded33c2b7

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 bbfaa4cc106b51e71a6061d8f946d33d
SHA1 afb0a529042a90d286bbd990930ed9815b7c2b93
SHA256 d095d839a728e39723a38f5fd67e89d1fd20309c14a5a6d4aaafd03ff6b748cf
SHA512 255102128afd21c2344709f586eadabae99fa49c297d166deb2ab76519ce091980e4c42bf5e78c9efee3ba4d5a51e0fc376827d330ffaab06e223b3f2e2ec7dd

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 df7b6878ba50c79293f9f870d23cf6ae
SHA1 31bf851da5a9c8842b8522d32a800fe6eb9579bf
SHA256 8b74a597d1cd3698c7ccfe434cb44e18737a0646c83c2bd7076648dbbb90be0a
SHA512 e3314f372250135cfb613ccbaf0fa46f8a3a10b841fafefc9ad5051d805c8c37a956eeb18cc19a936196bd53e7bc56396d53e59f191eab01f7ecde7b9eef3dbc

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 7485111f773c1500dd766c597b8447c7
SHA1 1bc5a159db2ca4f93487dc823a8de76c67e1e305
SHA256 a09e60ac24834ebe9c98e558deb3ae258e3fce797afc07d85e15191ac03d0e04
SHA512 c0c731c8067332107ecbc262776aed69e2f612a9a620ba458ea23fea2f000871cef3b5d690c30915b74533876f82e892a737db031cef2e92761f38f5d5196351

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 dc168d91a0e7dc6229c6929e3704bcef
SHA1 208de37739e53e6caffa352a67820625bac9a6a6
SHA256 a4d590f4d6b1087a8757a753c5343928fe97e4f307e87b20b1d3c29e0c6c616c
SHA512 fd81d997ade5e9038dee2fefb474e90cdcaf063df9f75cf72291663f2db52ddeadc3fbf4567d17663e0a629c14bd22f4b64d490fc26806802e4907e5d6fa52a5

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events

MD5 12d2be07c734440c3699b58a4f75ce17
SHA1 a6fe24496c443f7eb94be6b51c199e29137af405
SHA256 cc2bdf6c0b544e8fdff6bf97d4bf187b85ccb8cf0358cd2582058eb4c6cdcab4
SHA512 f58115fe2c37367e6469dc59edc8d3be1d0faf421a309155d426e9336b59c2774206514d5564eff993408ae00c5f5592adcee69ac6b8489ddfbd114905784c77

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 ec7f9bf0e29421c65c67f658eb459dc9
SHA1 c0aa15239dca8638cf2886e1fe50bb26f9ce45d7
SHA256 cfbb7545231ca3840ba88e5323728594427b927fe241e7e197fab2e742276f5b
SHA512 0776f6b883973d4caa242975cfb2a733b9dc848d1ab99e15d470e8dccb98c8d22db07faa60e6965ef72cba5d055f2c7b07b54562df7951444aff8939b8568fe6

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 ef7defa049adb2f2761d60ab6f672ed8
SHA1 f3db6bc78ac05ca3ba2bf8ae957b021ee50c14f1
SHA256 5205f958900e532c3ae226250807414dcac39a5a50f3d19cc35e124077fc0055
SHA512 b1fdddd1292c067d6cc6be8ad8da6228a229b7f228fea04c9a22a12d70741e313642f417d237b27138a8fece4b61e6e739ada90a6c91c939beadf636f90374cd

/data/data/com.cyq.jvf/files/PersistedInstallation710712554983442908tmp

MD5 2c0a45234c9d2bae0529bde97b15b81c
SHA1 3e359c505288a93c263f8b751f39bafa0d4cf2cc
SHA256 babef5e19f5151306445b19a0906cada64174ed7d526a84bca2f15057014ee66
SHA512 3b08cd35449944e66abe7024f3375ffa7ffc3e3ffaa4bd0dd9ca75a13c7b66aa7867142d64a0c6adff96a1239df83c0a17d553a0cce119d184195315b8ca4f06

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 7c0b15e6680cadcb59c9ca6a71f6778e
SHA1 14a5cbf8930ec30079dcf45992787b4315d2601c
SHA256 a25ff4929982f8dbf4b38de6598bb05af0141231d515f457c26cf0e6870b8214
SHA512 d88bf7bf0ca65a597b58abf8b4f7f3f19b901bf4b5a06f6ef888d7293aa7f2227251ba52d29f509e65d6546c235fa07ebfafb57bc57d52e552092e3c257df162

/data/data/com.cyq.jvf/files/PersistedInstallation6366900179375814579tmp

MD5 8d3855ac5072f47acdcdd1aab5bd0a4f
SHA1 f89bfc79dbf1db0d77cca3eafb2db42df3bb539c
SHA256 f1f488acd4a8e598b8c452c7954c439cae672bac8cc681a3dc6be49e4349afbb
SHA512 6757059853ba7376f9df2953c9ebe20a44c23e41cd1505f642e9a6a121a984813d4f5ba3eb021299d28f30ae71abb1d1687567fb97238bb5d1b2ebb99fd49c51

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-18 09:51

Reported

2024-06-18 09:54

Platform

android-x64-arm64-20240611.1-en

Max time kernel

47s

Max time network

132s

Command Line

com.cyq.jvf

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.cyq.jvf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
GB 142.250.179.234:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 api.onesignal.com udp
US 104.16.160.145:443 api.onesignal.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 onesignal5.modobomco.com udp
SG 139.162.35.31:80 onesignal5.modobomco.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 betonamuryori.com udp
US 172.67.206.96:443 betonamuryori.com tcp
US 1.1.1.1:53 code.jquery.com udp
US 151.101.130.137:443 code.jquery.com tcp
US 1.1.1.1:53 secure.gravatar.com udp
US 192.0.73.2:443 secure.gravatar.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 142.250.178.3:443 www.google.co.uk tcp
BE 142.251.173.157:443 stats.g.doubleclick.net tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
GB 172.217.169.14:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 172.217.169.14:443 fundingchoicesmessages.google.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp

Files

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 782abd9954e94a831c383ee0bdfe8ce8
SHA1 c05d6534e5c7b2c1e19aacfb032c8136cf0c0e8a
SHA256 2e425f25efe2c8293978eac80c02018039959bb2ca434412956cff1d963aefc9
SHA512 cfef8d95cf1194906465ba7e8b30afadba669a156e0fddb9eb46c0848d6a204372ea516dc61732bc4b23b202ae3aeb42941a0fdacbbc78d783d1c1188827a144

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-journal

MD5 c9320266421592bd0cbb810a0c0a7fa9
SHA1 cf1fb6183ef2a5f13b3186e783a5b8aaad0c9390
SHA256 b721996166a268f4d80b476f78203f76560964168db2cd81b737e292aec15d24
SHA512 b5801893eadef4edf52c268d14116d672bbdda754230c95233416225a2a7dc4665a02fa8d40052234880bc807f68bd0d039dc03d7f9770eaf5d7893e9c4eadfa

/data/data/com.cyq.jvf/databases/OneSignal.db

MD5 f1427539ecc4cedfa892efc1776ba3ed
SHA1 814607670e99768ae6212224860b0a1fb93733db
SHA256 491c9687657ca71661a5cf42a763249f88fa222edaef20eaf552c4599458f99e
SHA512 c3ebbf63c4e876e471848f810e7ad7c0cb56a946230073b5196f7b3ce5d1f144c800ec5787992ff2ee057f712d7c7f1b92b47761294aede13183c796e5ab043d

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 8b917bb7d3225f151018bf7a42909dcd
SHA1 0655e36a50bcaf1af586fcd865f3ad789d69c99f
SHA256 f68c2045f8ff33204b30cad9756e724c81bf7083b22f6c2871f764cc8a4bc1b3
SHA512 eef128345365b509fce40426cd5f51c62c17ba31b943ceaca5eaa3569c95576725b417fd9cb3a8ca186ef1a7b84596990a75e068efa50edaab1c9e07b924adf1

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 1abb7e20a3cdb14f40dad49d3a85c1e7
SHA1 346996e6397948f941afc61ec4ab2f000a331b73
SHA256 d80385b101b91ddfc99e041e6b55bf20d20d721209869d08435c7d416079ae7f
SHA512 ce63dc0d46c9311f7bded2d010803618ddeaa2e18eb74d84aa222778a82e55a13cacac5d658f6c30e55a8064e41a763fb3929195d5a5997510656a829383be4d

/data/data/com.cyq.jvf/databases/OneSignal.db-journal

MD5 2a13d360a945e2854bc06f1d7096fd9e
SHA1 efa57fecc22107f4f4b082c69fc91cfe139b88ae
SHA256 08b12c59ebad9a3880f38415febe5d076d871d8f83692e132c618bd74687bda8
SHA512 86f0fcf8f4ea2c1bd977a3f72b037949ee1246db0ed62da3a432d2c95be3a91eb72351b8154cdd88fc38b0f91adf02c480c8dec327422d1f5355e1d5f6b8370f

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 852e96920ca106423e292840ddf5c1d8
SHA1 75e1718f174b8f14cbad0bf0783a4b554fcf2815
SHA256 e811babb44eaa1bf5016ddf8facc515e362e173ba54e99ca4c34e2974b156845
SHA512 54726f4e60ea73a68a0ab7bec9eee08a266036b921b27b7815998cee8bf3daaf05bdfd6386996e32c01b8870e2f345db568b21b846b368ebd5b6c0829835200b

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 e5f336a31032675bc72358a0293a2744
SHA1 1946f2893f5efcb122d4677b6e0bcedecd5fe507
SHA256 18dbccec29592fb8f9100fff0b660fa31346862a141bd43985fa195f97072dcb
SHA512 16991bf01d518a0cccf70a9db81f4de23929ba746bd57d698baee74f2ad075032e2c9d372ae97c9baa67a7577583581d42026d553d9334a4a708ba5c333a51f3

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events

MD5 1632d94967f4266990841fd8c1ce8b4a
SHA1 3f1bbece52342460d9114570847cc638537d7136
SHA256 a262c319787a2674787d9ccb024ff78cb812cc465616196668862682cac73c4f
SHA512 f16be16026ea01e0362aafb1bdf5c5e1ddbf7d0a06cb995c0d0cbdaabbd9b742c8d260f945de65033cbbc8d0286ce27553f5b0af90454ec7cc32388f1e16d22c

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 b31e0fa5414b4ef954a1e50d970790d1
SHA1 1547e6b0622e2e469f3f70269720e9c77f9cf5db
SHA256 765b8b4193c3ce04d19cc27c8eae35b5f65100a2a2e35e05942637e890e440f6
SHA512 f6e646f7d7cb4548f4c05223c6862089bcb788638f2e9a05cae50981b5019479f26d4f50806e725916b367c334df023ea2093b43686c0f2a6a1f1e4f97082467

/data/data/com.cyq.jvf/databases/com.google.android.datatransport.events-journal

MD5 edec410a2f780196b3f51257a5bedbb0
SHA1 374c15449eb355cbc9c55e5cf7d873f25009a845
SHA256 775b4e71a4d282af193ade777f6cc41df33cacc7461597f3dde1a8e6cd22aeda
SHA512 c62ef58ecd2bfd98e2026b811b12665b93dc5101a3f2d0cee958c41fca2b5d565d348ffb3666a3bbebafbc1d82debede039f9e29ed75e4d03a56fbf88cc52e16

/data/data/com.cyq.jvf/files/PersistedInstallation1718727759542392501tmp

MD5 45449330b8b371dd652afa60f10157d8
SHA1 f38016dfab54cf791b836193dc9558adc7f271cf
SHA256 aec350b0013b7f02fab79ea9ca7e4a1fb23c8cc39d2445d4ffed59e2c3cb1b51
SHA512 4e51010a5f973b77c0093293a4be96e38cc39b8ceaf1290f42b4233ca423f7cfb400e6daf7a432542dc36044db956593ef2b6ff1c07acacee260a0eb550669b9

/data/data/com.cyq.jvf/no_backup/androidx.work.workdb-wal

MD5 d58f0314b548c94923d566d0bceaaa72
SHA1 86221f3041e26a72a9f8a79b3861edc8c20fed87
SHA256 a5e429d3e20093a6178d0cb05a31be1fddf2e38c394fae95605d4d7ea0b6314c
SHA512 0bee1b7efda64dc698b1d43a8ddd430d6a2440344f6a6ce3a22e389aa1edb010a4275d63745bb4f300729ee48f331a0897aa1fc6b647a085c1acb1f41f145b46

/data/data/com.cyq.jvf/files/PersistedInstallation4293810259677478919tmp

MD5 0a061889ced4b5c7260f2e0628340703
SHA1 25037a89b9e2cbd366426e7bbf160eac2ade30cf
SHA256 5faf80e1015e05efb083d5370ed00ba752060ff1aab64c56a87c893bb57bd88f
SHA512 96584de50b1d51423ea65ffb9f5a95b296f6e3b0e357be4d08e0947005ecb8cc1cfced9f69c2dfc21e38922e0191d04fce83b016b5a669d40b567ce8ee0713ca