Malware Analysis Report

2024-09-09 16:20

Sample ID 240702-wjxmtsycmr
Target com.pret.android_2024-06-07.apk
SHA256 f62b22c9ba1494c43b4b223dd11e01ba91636f1b8adb7a903acd96c5ae288350
Tags
discovery evasion execution persistence antidot
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

f62b22c9ba1494c43b4b223dd11e01ba91636f1b8adb7a903acd96c5ae288350

Threat Level: Known bad

The file com.pret.android_2024-06-07.apk was found to be: Known bad.

Malicious Activity Summary

discovery evasion execution persistence antidot

Antidot payload

Antidot family

Checks if the Android device is rooted.

Queries information about running processes on the device

Checks Qemu related system properties.

Checks Android system properties for emulator presence.

Requests dangerous framework permissions

Acquires the wake lock

Reads information about phone network operator.

Queries information about active data network

Listens for changes in the sensor environment (might be used to detect emulation)

Checks the presence of a debugger

Schedules tasks to execute at a specified time

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-02 17:57

Signatures

Antidot family

antidot

Antidot payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-02 17:57

Reported

2024-07-02 18:01

Platform

android-33-x64-arm64-20240624-en

Max time kernel

149s

Max time network

142s

Command Line

com.pret.android

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.bootmode N/A N/A
Accessed system property key: ro.bootloader N/A N/A
Accessed system property key: ro.product.model N/A N/A
Accessed system property key: ro.product.device N/A N/A
Accessed system property key: ro.product.name N/A N/A
Accessed system property key: ro.hardware N/A N/A

Checks Qemu related system properties.

evasion
Description Indicator Process Target
Accessed system property key: qemu.hw.mainkeys N/A N/A
Accessed system property key: ro.kernel.android.qemud N/A N/A
Accessed system property key: ro.kernel.qemu.gles N/A N/A
Accessed system property key: ro.kernel.qemu N/A N/A
Accessed system property key: init.svc.qemud N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.pret.android

Network

Country Destination Domain Proto
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 o1042630.ingest.sentry.io udp
US 34.120.195.249:443 o1042630.ingest.sentry.io tcp
US 1.1.1.1:53 mobile.launchdarkly.com udp
US 1.1.1.1:53 clientstream.launchdarkly.com udp
US 34.194.37.158:443 mobile.launchdarkly.com tcp
US 15.197.213.252:443 clientstream.launchdarkly.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 15.197.213.252:443 clientstream.launchdarkly.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 216.58.201.99:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 sdk.fra-01.braze.eu udp
US 104.18.35.7:443 sdk.fra-01.braze.eu tcp
US 104.18.35.7:443 sdk.fra-01.braze.eu tcp
US 104.18.35.7:443 sdk.fra-01.braze.eu tcp
US 1.1.1.1:53 app.adjust.com udp
DE 185.151.204.9:443 app.adjust.com tcp
US 34.120.195.249:443 o1042630.ingest.sentry.io tcp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
GB 216.58.204.78:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
GB 142.250.180.3:443 tcp
US 172.64.41.3:443 udp
GB 142.250.180.3:443 udp
GB 142.250.200.36:443 udp
GB 216.58.204.68:443 udp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp
US 34.194.37.158:443 mobile.launchdarkly.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
US 1.1.1.1:53 auth.pret.com udp
US 162.159.61.3:443 tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 104.19.153.19:443 auth.pret.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
US 104.19.153.19:443 auth.pret.com tcp
GB 74.125.71.84:443 tcp
US 104.19.153.19:443 auth.pret.com udp
GB 216.58.201.123:443 tcp
GB 216.58.201.123:443 tcp
GB 2.16.170.115:443 tcp
GB 2.16.170.51:443 tcp
GB 172.217.169.42:443 firebaselogging-pa.googleapis.com tcp
US 34.120.195.249:443 o1042630.ingest.sentry.io tcp
GB 216.58.201.123:443 udp
US 34.98.120.131:443 tcp
US 34.98.120.131:443 tcp
US 34.98.120.131:443 tcp
US 34.107.200.31:443 tcp
US 34.98.120.131:443 udp
US 1.1.1.1:53 update.googleapis.com udp
GB 172.217.16.227:443 update.googleapis.com tcp
US 1.1.1.1:53 mobile.launchdarkly.com udp
US 34.198.76.125:443 mobile.launchdarkly.com tcp
US 1.1.1.1:53 sdk.fra-01.braze.eu udp
US 172.64.152.249:443 sdk.fra-01.braze.eu tcp
US 1.1.1.1:53 clientstream.launchdarkly.com udp
US 13.248.151.210:443 clientstream.launchdarkly.com tcp
US 1.1.1.1:53 mobile.launchdarkly.com udp
US 54.175.249.243:443 mobile.launchdarkly.com tcp

Files

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 44c83fac1292d94537d5e7dfd3b896e0
SHA1 ed5b75498d157c256a7e3ca1cec6d7bb33a6a494
SHA256 fa5795a12c480c09d0e9d24faadefe7a2b585db5dbf32b4f2d98e2c9961279a4
SHA512 a2b0c58ff157a5687d4f0e8cc38e6bda593ea72cae6626da7714f5a19591bee853a32e44080864bebc3d36e0880ab457dfc752ab0e45fe5a50ea11dfdaa22596

/data/data/com.pret.android/databases/com.google.android.datatransport.events

MD5 bc0aff0e753a640f5866e6d0c35e6f00
SHA1 056a8cedbc8236981edebf9714a7f985e1f39123
SHA256 5d31159cb85997fc6085b3875585176ad5161ed2dd6403ce7d09795691b164ca
SHA512 c357877655b7ba2e3d35683ef5b81ec35cc44397a593af135b7e9365fb3373e98d2bd7a30e4743a97168c29a16a9216d940165d1e5a10f3348db38029a5d1ce9

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 677a5fde8003a63baff62d28cb6fbb7d
SHA1 f3b7925e28477102ba1fbabf244fef44533f9c3f
SHA256 04aadeac0ed2713b143eff36dabd048f08485b696de29521c714616417dae516
SHA512 b2415180fed9a0c5110b7dfbf98f84712761d08508a7a5cb83316d9c3a568953e8f99da344b87fbe3436bf6648683851b27e8fc6f300db3c692e40638e1c05ac

/data/data/com.pret.android/files/PersistedInstallation8517442612878288756tmp

MD5 05815647eacdd8a9eed47a2012f11d2a
SHA1 58ce6de4eeccd7a54cb2f068d52c3209985a364b
SHA256 e82a46596b8472a87922531ff6f5976a0dcffbf7171fb21aefc45579c58412bc
SHA512 074e734e207366548f0bcb02576fdbb0ed0a6f0ea01180eab61f159d590e4efb3b26482e4806e99dce42878fa0b71b3721e97814a4a56cee01a9c56a34f0b5fe

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 1ef896d8dfad89a3c80f23318d56d91f
SHA1 3405348e25c06bd473dc93f6318242f6a0376b42
SHA256 e7f581b8943b2093858a2bcd9cf0a67f3e590fb427ce2928e2bfca9c3fd10dab
SHA512 a70d3beb6f12916762665f65d858345f21dd629fc083e90efc3a0e2ad0e19f0c0a51cc8a39a3eb8810826203198191ba1975c4094fc85b278b2343592d436dc8

/data/data/com.pret.android/no_backup/androidx.work.workdb-journal

MD5 f46d9dcb0845fefb0daa6d14af6685de
SHA1 6ddda3ad26694019ea3f91ab68181d301ce527d5
SHA256 170d3c5d7892e0fdae1e38495babd77a078d5766f1f1b0e098e760f5be3af0df
SHA512 8954557ef7551349fbba5cdc89a0e5e09975bdf956c535dc8563af2875a26504cee81da062308825032b109fb49aa747621d2c1aabf16b8b40e0391cf1cc10f8

/data/data/com.pret.android/no_backup/androidx.work.workdb

MD5 0eb157e1a86d4d00aa601dd2f6ff3ee3
SHA1 fee434f784e73cc7916322e949f727caf8363102
SHA256 b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4
SHA512 b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

/data/data/com.pret.android/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.pret.android/no_backup/androidx.work.workdb-wal

MD5 adc5542609caf10452c8c366d24fbcb2
SHA1 2eb1ada199746da7258d72a7cd98a19ea184d544
SHA256 315a2036eb6d08fa1a015559ff90bc9f68ef7aef28210fe7b86a6cb44a0e5465
SHA512 16b4d4a44143af0298f9dc2a93796f451625f561c3e58bba979d938c4186db2a490a78dde58165e28846c2b90c4def41d1e0e6f5b252d97f87a0d4e670951181

/data/data/com.pret.android/files/INSTALLATION

MD5 46699e8d1d762c9e064127a8d86d9dcb
SHA1 9c234c777493a58e8316f3cbd1be6d27b7480638
SHA256 390eca24454473268bd26f473e288ca5560f762f704f20569f38706693b66b01
SHA512 621edf2037fe681fbf53cf45a3ee940d30829e49d482d52ee2b5572afee0cec71c1b7fd5e82574d37ac7e6d7ac4e473b32c9acf7898dea65e8a04c895e8c4bf1

/data/data/com.pret.android/files/PersistedInstallation2463408120833303309tmp

MD5 5feafe050b2e865f3af2dfa5e2b85478
SHA1 44bca2b2ad015f2a9551692e86c88372ccdcb1fb
SHA256 ebcb9b1875e0107fc36ed49d33c864763fdf93450c7b2aa4bea2e9920cd65326
SHA512 c97e3c57a5e6ba30004a2181597b181b708c128aee3a6f7ac5427e80ddde0a08341b1fd76c1b6166671088036113da6c1e1d1eb7033f06280bc6734cdc616346

/data/data/com.pret.android/files/.com.google.firebase.crashlytics/report-persistence/sessions/66843FC901B7000110E80E4C23F2FCAA/report

MD5 740fa829c6f584f4a55497c3db973266
SHA1 de0ceaadc2e1cb61c65497cb5025be228e9e3d9c
SHA256 91988e5f2e764f2298c3bed95e897f2d131acf784cc6066ade384e5bd2cf62f3
SHA512 bcd4d7f8a4b29f6b910f68a6862423e01e3b12feba177bad07eb9fe0c4ef66624344f6be8f4cb731bd38fc7d2823e99fbedd57c8e7392f21a94aec3b9f58f279

/data/data/com.pret.android/no_backup/androidx.work.workdb-wal

MD5 f75f3cf259d55f56dd9c57fa4cc38562
SHA1 400d13280835fc73c95b079355dab578de21b4bd
SHA256 e4d047fc56930f4144e38cff31eac7a8536f87e0b243c51aedd410dd42104aa5
SHA512 b4f4c92a5a16281654a2c24053f45230c41d810afee14d2d0a5fd41eb58369eecf4468720303bf707e0b0862ac78e30e36ce5b56f55ffba2cf80225525de45bc

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/session.json

MD5 2b1135e035645e6dcf0325d8840646ef
SHA1 91fbae89d97272ec7734b88746c8371fa0320c8b
SHA256 ca3178a6ff482b3376473ab5990020335421f6e1e4acdb109b241b3a3d679a9e
SHA512 98105936e84dd637ebc7458f9d369c5220414095a6d95817559181f652cb169e1554865206e7ff3e8ca2143a7d4ce263f264e0065169ebdee1476b3043e5ecaf

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/f9f80f44-1b28-4216-96f5-aca28546d04f.envelope

MD5 b85bcc8a86fd340cc421a01db943752d
SHA1 b8a37473c8d1d64fd138c26d5234b1f5c5f0956c
SHA256 f65c9882d2a34d740ca8cd79cc6c498bcc4136bbc7213c7c85ad32e85dbbbeeb
SHA512 c3c1fa89d0a3bf74782ceb83a1c1f4d1462c1fa57a69bd9d3ff436ade15c1b24303b57dcfb753f16360617292b70634939a0565035dd2b091e4e0d5becabb9b2

/data/data/com.pret.android/cache/appboy.imageloader.lru.cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.pret.android/files/datastore/pret_data_store.preferences_pb.tmp

MD5 09e51d3f3cfed0df5f046b0d236abb8d
SHA1 dffbe5dacb2fa4f599d190d1b81aa5fb40ee607f
SHA256 865160becb3bb8dfb7da2aee5d587c12dd283854d6e2268a28f585141f8ae5c3
SHA512 ca55f4493fa18963198fadf91d1e868472fdfe9dd79505800517ed3ccaffb2cd7352f85a5c1a84770df547da6848df87724e5e0e4775da78bf7407748c69ce39

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 1b7ff677004aada39b9135af1453e665
SHA1 f29efca274cc3e13ee276f5cd55c3c0f3ef96417
SHA256 386669c31d3bf2faeeae731fd26b8b395c0c531d49ea4820a9ac0a887150c959
SHA512 38b5d96b57037b80c84879c546c0bb048d849120b4b8324b8ce9c0cc278c33325a2d24c04e493a666ac6454b77aaed65d8bd50dd669aa4896c8798add60313c3

/data/data/com.pret.android/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 afeca4eaabdc8534d54e88f86ae3d9f9
SHA1 8571a4a6d2ce21e963c66a3862f544c3f0cfdcc6
SHA256 96bb8bf4edcc5f78a12359c893c65701b69d449af251ced842c8e19cd3482a00
SHA512 b33f8f4e3d9f1b02c8392acbe6b03f9c87f3aa055bc521bfab25148f6d3edd72aef4a5771ae500b1f0d05497f904de6a9f3bf5059b3431f251af887bcb5f6efb

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 a5749e623c9501a2233cef44f0b122bb
SHA1 c202500b098f8f3bac55d976d8e0a0e3baed883c
SHA256 fd063182b9cd7329b469db969b60e87c33ae4b15dabb2e8cceb17e3c04e931d3
SHA512 f4e21a0907be4b908247722216220f4915c9370d460a68161e0650c7eb8903c7e1064d665f365192b93e35ae63712e17914653b2919f05865903904848dcaba2

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 62ad4a05cbdca7f47b3206b7dbda487f
SHA1 4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3
SHA256 18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6
SHA512 0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 0591dd1db67c1a7d2d595259466c4906
SHA1 73b3f7420bcd9b6b37962653eebbb4a14c3c8e01
SHA256 f4100f238667c35c1d0ac069f4be7cad141ee49c37ee045402c8119714dad141
SHA512 32627386a9d5ea952091aab3a80e051cbc2ec0e0a074f7b3ff2c082e618515475b436781b9674c626bbc5fecda77dd612e4b6179e67c911f131a043836f7cada

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 03d98542e72f40ff8f2a1114d1e2222b
SHA1 c26229d8ac73c9939a219459b275f8394c78619b
SHA256 3fb612f20bde73eda60b381201af36a4f0912976297647a2e5c91a5e90c017fa
SHA512 92087af0a3aacc7953e57ca6830a253625dfb8aa8b76a3399570591e88478c1580da5e9aef73814614bf5491d1fe07d01b4cd813b8f5e6900526041a563a2dea

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 334993904d947b4d49d12771d37c1bb5
SHA1 ef1308025b5aaa163e35a905d7e84dce6c93f9a4
SHA256 0ba3984a82b019319afaee58667b07d84d3707d7e82e3dab8e239240a4fb0080
SHA512 4bede342390bffb73946e74b052a99deb415e4521811b0240784fd1a421e14696e70d59102a49edf7f9482d72a2ec1784b427d91f39e233e126e74bc53c0d727

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 7f1801d88d9d8e823a7c53166a14b77e
SHA1 37e682986cafe39935358e29a32b68dd1c9b4f42
SHA256 05a98f8fbb375ac5492ac952305613946a149adee17932cd7a572d9949353024
SHA512 b4259382410c59df8e88ed6733738554e0c78bd910ca7d9d492950bafbf8b093061cf3b854befddcea7f50f266aef32d7b5fda968820b99111ad31959f30c847

/data/data/com.pret.android/databases/google_app_measurement_local.db-journal

MD5 247e06f23efaabc030ee08ca8a5e489a
SHA1 1897a5c7c3478f41cb053a0d8f367fcbc2c6e48b
SHA256 3a9005ab24faf9963676e5cd3792322fd09134625f886b3f7330b07ff5c1760f
SHA512 763a778ac8b3bbea27bf12336196bd50f99a6f6692df2489c5cf492b32bdf622f53f9212ece0f0737e0c79c556a66e5c79b5625d6e85b349417b28bbb2077369

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 4084bb24a5a8c4edcd730b4d5578e8c4
SHA1 931c2dbc5e481064d1983405b12798a23146f20e
SHA256 f1dbd377d6019df5c17c051e54a2e96b0ea946b126ebeef61e875fe7bb2bf97c
SHA512 e8e575bb2621f5c0e8d4f07e9f180a25e852693e5442bdf52ff702c863fd8cc59e4014ebe04110b68c05e914bc3c27d6cf8ccf09c599a3e48795d2c49b4e6475

/data/data/com.pret.android/files/.com.google.firebase.crashlytics/66843FC901B7000110E80E4C23F2FCAAuser.meta

MD5 5ccdc309fb531b8dbd976f27be362d95
SHA1 51fd9a8ca79ab68d11dff6a6582e7cbb7771c14a
SHA256 718bf1aa55b13315471e60d362327b973a71b0de31922d9f0f1e9b54f422dfb7
SHA512 a22ffa190c8fab023e88bb19e261d2cd1dc5b0c6a8cd8573e4b475ae006e843f523e79a5fb99a98cfecbdee774e92424564c4caa24e575caefb020d143eb34a1

/data/data/com.pret.android/files/datastore/pret_data_store.preferences_pb.tmp

MD5 2edf6203b6e3a91f0ba4b6b44ce6bd80
SHA1 ee76c7ae90d75147b88e5d69b959cfcd10c77234
SHA256 f8b2af2072a6d370304f32a678746900ac605c20712b9a48da6f597f2f52c8e8
SHA512 4c786680de203423261b06ce399946a831ff19fb873e6019716956b984fa872a8e18711cb4dbe2647b217520006e7776be4e5bef5ecd34682bd1cb5f60fe53db

/data/data/com.pret.android/files/datastore/pret_data_store.preferences_pb.tmp

MD5 66f2a9ad4d6422b0a1c87c0776c0b7c4
SHA1 c971a946df760ff38c087b74bb7cb24784f9ffd2
SHA256 b449160f55b0180ad9e4848f18b843c333ddf46698b9b936f90ace5663253c8d
SHA512 61c0f62ea951ca2d3236719cf580e0ebbeee74c88212375bf64e716dd49cc60bbef478f5a81aea21f174be1773cfab87e86c90443e81cc6d500365184f72b255

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 9f9cf0b304a1cf20d566b594f0b45f0c
SHA1 00ef9a8ad5dfa08de5d6187881d3d38c0300a416
SHA256 2ef4103b31acac1961afad80599fe10235dd082573456f35c84978a52a5f8cfd
SHA512 c1c19324ec1709e5c0467d3aeaa09b55836d1cf7d8b3ae27702dea6c16a08d1ab664ef90c407691207a4d8e7ba1e89a04c8348bb086be55f5997c7abe678d099

/data/data/com.pret.android/files/AdjustIoPackageQueue

MD5 5c55cc8fa981049c890f8ecf472b17ba
SHA1 a992f1a1196d75cc1feb9aaa1a97752025540096
SHA256 72ee4f0a07bfd63b7a54a782bbc576e16e543829e8b881c6b78eb6baaa93f3b3
SHA512 acb4726205e112341a14392a0e57a3acca04ba54d758b38ab12c52c343c87faf5f523068f872593917a0833b3da37a8985bfcb5e37c46572e4221615fb46b8f3

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 23eebaf3c2a080e4e7520cc2a52ae69f
SHA1 a6a676e376fc171bdba9f037ef4d32802c7da8ad
SHA256 80ded59bcae2fc47e631321cb336a602943d15ee737f68d7ef1e46443ab44c6e
SHA512 a238edb323c96acf96c0500603871b0e521810509c5caf3ee47cc1cdce52f011a35070675e3782a4c15de7a91f1be0d5fafb9f15cd26adbfc7d83a14eccc9b49

/data/data/com.pret.android/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66843FC901B7000110E80E4C23F2FCAA.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.pret.android/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66843FC901B7000110E80E4C23F2FCAA.temp

MD5 48f0758190f2d55039e7a62aece68cd1
SHA1 0bb9311bcecf3e10ae2400ac9e024b1781dfa8e0
SHA256 73c0394317539fb47f0b677f72354ccbb7816bc0be851c384e9148f3cb6c50c2
SHA512 0c9e9026ad1d734fdbefa6538b283758d92ab1c530355187f9b8e0ba0ac1111b6d1abc28dd6ccd68b74a94b890682607ed2a202be50dad614f34d2f8fc978745

/data/data/com.pret.android/files/datastore/pret_data_store.preferences_pb.tmp

MD5 44fb30476d551cc5eaa711ec0d7cabd0
SHA1 0370ac5efb29e1c803f09860a097c12737b73205
SHA256 6948583e0dbe113f0eaa8d1b3e47cd506d91dfa44f41be3324278b8ef63a6f3a
SHA512 31c5c186b0da1f7da70b63f160b1cb20a34b36180629a8281701fc41b6c96cefde4c14882e4627740e4a12b4457d7381bddf09126a85086147f8a1b9f45f2312

/data/data/com.pret.android/files/AdjustIoPackageQueue

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 ddb8d7e3ae8a21e45649de456a069dee
SHA1 01c733b8a54e99f294f9199b5bb20786cf16299a
SHA256 9a7188fdb106f76bd126fea0163bf880eadf9abcceb95d3cca1ac8ea8fb3c9fe
SHA512 2abb48a64e0c67a8c9c167b25b0ae2858b8c5e3561107105f3eaa38805dc2c53eb6cfb34be0de6251ff4be1f900a88139d53dd07e24e200adb765027b6153f77

/data/misc/profiles/cur/0/com.pret.android/primary.prof

MD5 67a80269bf0989c5373eca40864c1985
SHA1 b23bbe284d087fcad0dfc8e5010ec1b847b5fc36
SHA256 cec151b88572c446aa09b968a7b2071d8a28db2b46f7a17a9e0deb41183c45fa
SHA512 f58b03cbea3ad1388a58c4ff03f37aa88b70ff53f8b2f239f9ec451fa8f5f4d648fe74f8837aac0cea9818dbf8244941bb2b4da10de93e85bbba4be3d1003ab7

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 a8fe75b0a1b6d6351939ffc40e30287f
SHA1 b4f2e55824168e3bb42b2c1aaf497e5d58bef79c
SHA256 2ceb5d81c306c8a797e9f960afb78576b64e746c6c260f84349ad600a10ef85e
SHA512 bab7274899fe0ec759a25fcdc193d533e3db42ac2aeaf9302a573cccc6cb49afcf8757aaefd6867d0a3f75a92c71d81882e3a631871d0b1000aab5e3d10a3be8

/data/data/com.pret.android/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 c126ba72f34e6fece9b1179765bbfd41
SHA1 3dd96a272270c7f890182e09cefc744da6b74b64
SHA256 13bdc1d10ebe69319f8cdfa8bedfe63f4aa9018422b345a1563e43d32c5f01ae
SHA512 53fa551e6a5a9ea06577d60a7d70ac863b68211b3b015176cb345ec4776712b9f4b334a9893f9cae4490747676d934aa04b82532f2a4597c7af8a9cdd1333bc3

/data/data/com.pret.android/files/profileInstalled

MD5 fd0121762b06ebc737941a634541a998
SHA1 eee82a1398966a2e8d35f7dec2e0bd9f7510f8b4
SHA256 adbcdd65c84ee3b27d7577bff888133387415c15757eadfea57641e582b79845
SHA512 e84c5f0f4ffadc5d16cc11bdf06d812b23333d2c22af7cfbadd15617c2c73ab0073d4904b3f4e959c7e8952e07a37ffd105892d0c38f11d0322027b2a8bbcd01

/data/data/com.pret.android/files/AdjustIoPackageQueue

MD5 fda6034c695cefc455e549a95cbb8a55
SHA1 618008b1a545ce4268783480d263b9ca6e1b37f3
SHA256 4788dcba3a885fb3c680e7b209065d06c0d5b04bd87aaef960d8818985428176
SHA512 c30fccc6dec7b9d100e0f1eb0d0318f70d0d4981d3543a8b3c3d70afade12e76759ff1ed7249dfa63593feee95b5a2dd1c8de2d9fc2221c3cbfc562313fa0ace

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 8a956fb5d7fa9e14c544b2096971d284
SHA1 28789590ac024184420bca8fe8c6785ca4105d42
SHA256 4f236b2924a0ac953bf1c0720a887d242c7e17a4072a9c5fee3f50b46714d4cd
SHA512 d1058d997ec0848b053bdacd54ee425deabc10cbccf7e80e48e2754ca9ffe426be2d624b692355c018235f9d4ab8a87b70f25f4cc6151a4365b5d03656d1ee28

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 6047f9a5586cc9df43e27c6d544ca2db
SHA1 f23bb848088861e34210098e0df9bef5a0d36b47
SHA256 774bb3fcf4aedd29eb765803ef166bdee0fb821e09265e74b9af4df1173198d8
SHA512 71ed73c2e123ac900e06f315bc0d3778ca6d8f3d9d4cce335bd27eea7cfe023b9dc37af9a180429b5ea9c0e735e24940f512a7898238a1c27e69ebabdd65cba3

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 749e6be0efbfc81344bc9705123ad082
SHA1 3eb2696555790c18a69b629e8ac6103d2919051a
SHA256 f391fe5a8e3868980ce08263a2b0ad8d8a97ae3252eb7e6cdbd4176dffe697ad
SHA512 7776554f6cc12aeee15b375311bcd65590b67b30d2dc2e481e4d5b8171ace036fb3d5941613684ea1b165afae679d39cedbead044b3e9ff0bb3860d0aaf90f37

/data/data/com.pret.android/databases/google_app_measurement_local.db

MD5 dd86aab3f650e52ac6d502b4812c151a
SHA1 560b68bfd5cf494d23174d1067d739ac2aa87f74
SHA256 84b6612723e207d42b60f39d6d84c5dbdca2f4844b0286893dd235eb82b6104c
SHA512 21ce03bc1fa24a0e8a5ed0c5ac182cce60615fc734fb582dc862bd943a434fcd95a30c961ae2f672c5749cfe85b800d486d9e86b6f1869e45ad344f861b62abf

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/profiling_traces/04a111f6-f879-4d82-aaf8-6e75d7d92434.trace

MD5 4e755da009fe48a5f974781a89762380
SHA1 7a4b633d90945831ca9d3d425704fd88ec4d7712
SHA256 b1ac66d64a3309ac33625cfd02826374c9429acf51e36e06d4d98a45896f67f0
SHA512 841fb47c7d9f48d3d0991d93dac5b6b67c8b37303e3c434dc3519bb5ba39205e922c72a504eef5bc7127133921ff91f565b07574db4a5c5c908c44b78902d419

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/d3a2d3ba66ab4df9b86c0677edce5849.envelope

MD5 07c4c52ff56c9d5125677a0a3e4fe506
SHA1 3c7048ffca02902343f6b5731f89873f6e7fddb6
SHA256 6d82797582a12417fc89b3089192d342bc768c660cc808da6cb26c8f0e0606dd
SHA512 5ff29f5e6c8dc56bab6be598441eb8cf492c3b2218d82d43baf40515c1339117fe7571945b20913dcd7a47d18e5d9df59ac98dd098bf4f6d37c0f30b7317c372

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 78cae78629473988c8acfe2361bf1ae0
SHA1 a9d86a6633732b7189e92406a9a248c72756701d
SHA256 4bbbff07e15900645d3b97ab2f2bd521ee5818289be009875263bd18312c149f
SHA512 3d0ce62f32af4737d77a78fe51f0be5afae0fcd92d106840d7fc0b2fc30e4c0339a526d9b65ff0c38b8f40874350685f116d6cf728ed976595d8b0898c6cdb62

/data/data/com.pret.android/files/AdjustAttribution

MD5 b074d494ed807e3327cd05e0bd77c7ac
SHA1 b0b1df55fd1b96835ab19de568e55d8bbb380cf7
SHA256 c31c4400300c4083fd57ff80ee122c437aca835c658f10a871a3e8d92ac2c971
SHA512 ac1f87ebcf9e26cecdbb3f44f917ac53f0862390b6a334faadb9f6d6de05270dfd85d5ecd443b02b48d6af60674ac735bcf02fa1c5fd60e86caa41b7ae644b98

/data/data/com.pret.android/files/frc_1:237652659:android:3f552891025abaca27fec6_firebase_fetch.json

MD5 306d6e6ed6ba2ebec8aab15823ad84bc
SHA1 1266331777c3c2540b07f85032ce6217d43b11f3
SHA256 c0bd989bdf01dd1e88ad830b75566b0fb0763a85712e2bb11c9957fdc3021a31
SHA512 d6450f2daabcdd9a768293f09ca3764faafe7159482120ded2d89c77db2d904d008138887bde991f6aa4c50f9aeb4aeb2637b3b3ee4c22b60b0149bf131b956d

/data/data/com.pret.android/files/frc_1:237652659:android:3f552891025abaca27fec6_fireperf_fetch.json

MD5 8322f60e06ec5da05efe4a61506aba14
SHA1 42aa6ef382091d32f61ca58cb006f4f2b53d5eed
SHA256 f349e9e0662daa465f93bad6709d0728a7a9d41d6f9053229f4ecd23f71470a5
SHA512 37f04ea2f8f8227fbe7d8fda36c3c9ff18c9e54e41cf2d6134595308d5ed1e7ce593248f5078521597e87f5dacd4dbdf951da9a6bb9861ca44b6f1ab7e0243fc

/data/misc/profiles/cur/0/com.pret.android/primary.prof

MD5 fb08348b2f1d0dae24e80d161eb8ddd3
SHA1 2f481663defe9d909a3be948acad4c415f6aafb2
SHA256 dd52c06ca884d5b2f753cafcd653388784dc7622a489dc973789a4d29f373e36
SHA512 11b01997d0d07f6b39fccca850bf744c0b822df2ac8c83709341df9aa9cf2f95eaf109c230d8f7b56689812292e452917c127d46d6dd042022ac4661716a7b5d

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 70eb7c25fab664bc078cdf7b12195d38
SHA1 dc3c1cc242a4aaf634397b9b7b7f26002ff664dd
SHA256 16ba398422be95e8847341450950eb54ffa19326b546494b72aef8581d70f654
SHA512 3f8642a901b3d0917912831685578f0171c765c7c0873c38bdaf6695ae1211da90eb2cfef423902917ce913fbeeb2aecb03a23006a0448673df52fe4a0b4b021

/data/data/com.pret.android/files/AdjustIoActivityState

MD5 b3615eac24c804204b49f4b6b93c73a0
SHA1 bea5409e8c491bf977e342f806e079006ae047c3
SHA256 fa81160add65238fdd63713775bd943f99acfea770cefeebdbff594764aeb65d
SHA512 5bbfd9c02df8a3bcd43233b3f1749ae05c7db3b226077c076a492e99c13f824db4a1788fc91b87edfbb8b2615190a452a0ab3c67ff7f61abc3747f570423b3b7

/data/data/com.pret.android/databases/com.google.android.datatransport.events-journal

MD5 35518c6ded2c871df97fdfb47f45fa3d
SHA1 8691940cc8d29e623506fbac1cb00846ef8a88ec
SHA256 04c203323c0688c9ee883ea8cff61517e8a07f410aec92ab3742dd47d438d32d
SHA512 0d3acb6a64418504be6660fc4d89d54e7133359d6a8e14f14ecd3f25e29cdb6af2a664ca9235710aad9d7ae6823fb3ac22c0d3aadb4e2d84af52eeaef35a36db

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/profiling_traces/e21014d5-88fa-4ca3-84e1-a107824d6b87.trace

MD5 07e0e344fe041a4dc1ebc76c310c9236
SHA1 850127e700fcaa8fa90a392479e228f2851122ac
SHA256 6de1dfc9224f5a3fe1f0df696ee6bec0846fdc01c4e49ffd81c06371c258c217
SHA512 16f185449b1f38770a50656246cf4a186c6e9342007ded6b50c4590f9dde8f15bca356a91a31c5fd7e355e6c30293b2a8c50c194c11b190f9e6d6c6fc093e92a

/data/data/com.pret.android/cache/sentry/e0c7aa43df7285ec71421d64d295167dc9c0edab/82d043b996cd41ac857686f652a44e02.envelope

MD5 3703b8d6dec9203783d8bf5e0ff8ad71
SHA1 a3ed5cd1b4b0daa77e2eee6d1c9cd4cc7ba15966
SHA256 5787dc56761e7bf8404182548d3d59be23d769f07ad6dfdf5a93a4fd96a0d951
SHA512 69a8cba50ee148475229e24beadee4c53b3c72238abfba75bd8c423e696514054f615b2c07ccf6e2b6682b7e0b357e1a6b25ffb30ec54ab201a6773cf831d1b4