Analysis Overview
SHA256
d75f907f12aa1c8b3b48c58ae65a23d9c7f7de2e06badb122c625d2916a3a0b5
Threat Level: Likely malicious
The file d75f907f12aa1c8b3b48c58ae65a23d9c7f7de2e06badb122c625d2916a3a0b5.zip was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Removes its main activity from the application launcher
Obtains sensitive information copied to the device clipboard
Queries the mobile country code (MCC)
Reads information about phone network operator.
Queries information about active data network
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-05 01:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-05 01:52
Reported
2024-07-05 01:56
Platform
android-x86-arm-20240624-en
Max time kernel
132s
Max time network
179s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.35:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 046193d1abb515ebe25b83afe7d00ab8 |
| SHA1 | 1bee5f49bba9f1ecc1c659c7ff4d92b7650a9c57 |
| SHA256 | ec365a27afeaf03bcec09d3600ec6224bd41359a7a0085e5db96756227112690 |
| SHA512 | 7b7c68a80b6437f9fa172821e5fe2efaa571703f02377d3148661cdf1ca8359836ec33a96504bdd07a22f9df0e2c43fb6748a31a8978f3f50afac6149752d64f |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | ac26a375d5d673c2a7b39bbe42efacaa |
| SHA1 | a7384db83f153cce2cdd67a97a20df068f6ecd67 |
| SHA256 | 001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716 |
| SHA512 | 45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-shm
| MD5 | 1c4274aa7a9a5cac8c6d1df71e4588c6 |
| SHA1 | abaecd685e01cc68801292e3dc7085654a22feba |
| SHA256 | 3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be |
| SHA512 | 1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 4333e16b62aaf966b4aa8f1c3e02fcde |
| SHA1 | b5dfffc4111780c2d52ba45826c757d00c8d9f83 |
| SHA256 | 44b278baf62a53292bed6d4ae7ef112a8fe35fe149502f58f88d946714bfedc0 |
| SHA512 | 3189af9b404b13df2b9de79be964f89035148dbe66e6737417952ee214c307de7808456da9d3d5d4ef2c43e2f62fa4382606947fe759400f027d67dbe3b5bc7c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 610cec2be58972b9e305644c8a3fdacd |
| SHA1 | 8602f9f452645bc6c8dd1d80f6472ea336c6c53a |
| SHA256 | 72917aa9b9806157fae1f754fcbd12091de3c4cc163625bebd8bf16574d10328 |
| SHA512 | 056e5189769e92a12a3227f9cee9671e7e1bd82ccd1330f27c11b1ea41e17180f8a2fdc6c38b86cb94180f1c8ff712c4c5b8fbb70248c1c4456b8049b52eb2b4 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 6ee7fe1180bbc52b3a127c1e1e2f7bd7 |
| SHA1 | 1fa740a57d5962e712f29b782f64928c7b9bada0 |
| SHA256 | b3af205b3495b6d450551a3198615272ba229c736b0afb5c73d953c8ad313d27 |
| SHA512 | 79add18414c2790e1eb68be569fcf174b7f0a1698cfe6cff36e1b8376da12bf9be80cf88a576f7a593c03c21a0006acd8b56d127f224783f70b7028ab2b52e34 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 41c6c1f40cabf68f0e8948ce555b7e3c |
| SHA1 | d6b137ee17cab83a8c2cc6e11285250191152441 |
| SHA256 | 40120c223c1c12d21dbfdbff57c5738f7f74f1a34711ef17ddfd2b74eeacd3d1 |
| SHA512 | 5971d47d728c4063db5c7ea2f66959da7efa41fcea958ded9f5944a570b6ba1f1477c3492f6dc57e40f5199766d7bd4bcc17656efb820fcec0a3ab3a8b3ccef2 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | c2c47592357037ebee2620e24eba829c |
| SHA1 | 10cf558444de7510a0a166d11496dd8c8238f2f2 |
| SHA256 | 524c9a70855677d5585944132728ea275844a9ab99a0698d19fc4924cf236e3f |
| SHA512 | 2ba0e943b5f39479d26e8bde0ed1305d7f9f928c08a3d63ed116f534e7fafe1f431ab69aba43af9bb9a2f9051f31ffa7543b1bfa58304746f76470b80818ef3a |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | f8245320fcb01da479b4c7c430a51e23 |
| SHA1 | 084cbec91a5498754cf87d3adf4dcee59e8d3e4f |
| SHA256 | 65978cddc1520a1a27d60321cc4552647f59ef665f539022ed8b5270197e5e9a |
| SHA512 | 35717af08a2bec68f90f9cc53a3e21ecc9f27a3f51ad06b913940472573fab5f14c67431613ca29d62d2418e80de6e8d223c706541d75bb7c6f6395c7e78c77f |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 8e39576b2d6cd4d249e483a09f73a215 |
| SHA1 | 27847b0b3785c65c52ac55b83f8ff6c42b80670e |
| SHA256 | 782061faebeb001b99be77224a2e9376105b30c807fbdbeb665480a08284c19d |
| SHA512 | abdc49ad9f05d75f2ca21f2de22ebe17f69868a380489b4ebef2dd9f263a73d91892d848c066fb6c97ce2de051f3c112c0043d292a274f71a6b60146d41c7b3e |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-shm
| MD5 | 30367b7e3e9a8634cffb5c5afeeafff9 |
| SHA1 | a2f2634397b55543386b19adf38bf1c07c69685d |
| SHA256 | 30a5aeb02c5dafd0d468215eb757457653abffc63be4ebf39c41056ba8d6a96d |
| SHA512 | 1c3e42e142643ea8a3fa97f9aba7b79e70cf8697214e8836b439972181a265f450660796fe30989f632323eb1d7fb666dce93b060cf58285bf25c96809203903 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-wal
| MD5 | d9428bf8adc7e295ef9a6bf5fb2d7019 |
| SHA1 | 80576c1c4d662812b304324c9ac0561fcb488152 |
| SHA256 | 2e21d37b3f93fa1272351682ed22567972128706b68e1a536e59f5258ecc49da |
| SHA512 | 3786017db881dae3fa36f2a68b1122e311943f98763e5f1201080512f9343570a963a5df3355ce6d67fb3cd1a605e0b5685aa2b44d46ed544d401d3e26f49ccc |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 843d1ab607fa3f8e61068972b5372168 |
| SHA1 | 3d77c78f240a704ccfd1823896e4cb46b8a753d0 |
| SHA256 | 886fef23c26b32a1357bd3084ed3b0a2c0ae68f6ba240e16838119f3e645bece |
| SHA512 | 4d838954186a4108cb8acfab42319ca7980d6a65240c15f1f4aef8096762f2c8db960b139fb3897032a3f4ab765a9ac6896ee2af550e703cd079176185bb0b90 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 3360c7bf0e6c43c25502694ae3eeccfc |
| SHA1 | a89ee5272f6882277d29525b2314e97e14b77a51 |
| SHA256 | 60a20c5a042ace21ba3ded555e9a6b19f4476aefbe4ef26ff75ef68b7c3cdc70 |
| SHA512 | 27c11733014b292bc98327215f4621c358ff5d63b487114df15356065e103c67ec469cf1444bfb0aa676a43c80c6cac330ecdb546bb8fc26c2c85c4534fa862e |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-wal
| MD5 | 6fae88102620b5fb07385869fe2570b1 |
| SHA1 | 9c124dab29ca9383f24ef1c19e31103b556084fd |
| SHA256 | 9cba525fae98c656619e8cc6ab26a0dda5f3ac4f2544d37970959cb3f5ebbbe8 |
| SHA512 | 069299a87353c0ddbfc32750d8608c9a4ea9973f7957f9dd908eeb2661b64036a04487e4b18737d8fcc8631559d0e588f5e0ec10c3903535ad8d9971183dd880 |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | f7c648de5712e68eaad9fe3dfda3279e |
| SHA1 | e77993531378568137856c2600ac130b1fe6e2ba |
| SHA256 | 1b885919cf0c761b7b0809266db2766386c0dcaaa4429f4f21a778f8a8f79b9b |
| SHA512 | 49b5911fdac1a69de1e77d33a7cbc8322b8b3da53ae8f45e6cbdeb12187ed4c2bb6fac48887bc14dc7aa176731b52a7867cc81182a905a7ad42440ea74338719 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | f9d5f4f3db44b5afa1edfebfc7d3b4c0 |
| SHA1 | c839398fa088dadcee1394758d35520760e9982a |
| SHA256 | 351a1e15a670e29ae2275934d407ff5ec3b882d8f4799dffcddfe7deccc0367b |
| SHA512 | 8ddf5a6e8a77d20a772b6aeef5ebacc385e261216239e2155e9b1b6f657f6bb10efcbc053d305b964721462f7dab33a5394397e5b7feb568af6930b2e789e647 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 09f6f05aa973f061a112822000aa27ac |
| SHA1 | 43e49ecc4b3309f0466658c569f4f6aad0bf2753 |
| SHA256 | 707023226368eed1d661c53f62b79cb5d346f56327bd4ecc3a2fabe8120c2b05 |
| SHA512 | b2c35fc5a16d31f2453122be1a251d1795c4a1fddbac2e8ec84952240ceb2f294fe346c0db15ee055dae919736e7ac6d43fdc5dfab1ba3b4f267f671ed9a53c8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-07-05 01:52
Reported
2024-07-05 01:56
Platform
android-x64-20240624-en
Max time kernel
133s
Max time network
177s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 216.58.204.78:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.35:443 | update.googleapis.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 216.58.212.206:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | a484a6bf72db244d4d4f167819971ef1 |
| SHA1 | 9265c37dd0d727d8cf299a2f0c3aac80fba63486 |
| SHA256 | 6338e025ad7c4880c0ffe67cbccdc86837f90dd0f7b28f76612fa60d9e96243c |
| SHA512 | e9a7f2ee190d264c38810b78787b6acd72c3c99a03b667f025edae753e9cb6cd33b14a2db7f41b300c96afb495b4a062fed510875cdb2f10fef452abcfe8642d |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | a0a548793a510f9caed081689f935eeb |
| SHA1 | 2d1aad0213b2b86bfe52dd2485741fb00eb02f3a |
| SHA256 | 4564ec31a51694e8349f462d5ada137b3f37b7c42515a7fe34ea8ef33b5063c5 |
| SHA512 | 624204c5e505d3f2822a9761109babe81079ce8552551f23b7315baa171ef7881e5b5c4eab607a53b9bf080be6cb3100ff8cedf4cc86fa6218cd18301fcdc367 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 7ff08e8fbb99302ef3ad9f1125725aea |
| SHA1 | 0bde2d68317f60599dda5a95a992a5204fc81b39 |
| SHA256 | 5352338af320690bac601e68fd1d212b412f4871a69501da5f306bd41a482a05 |
| SHA512 | b496e658d4d282554437af65264fa6e8c6aee847f96043fba53c397d76d7e198920c52a225481a055dcb950c0ebe9c4010072ff94d6bf2127081ad8239b303ec |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 6aa627184a45be0c9ee19e92efc51888 |
| SHA1 | 5960a0852639c3835cdac282e205c228680deb47 |
| SHA256 | e8020f59fd1d9872cc8bc10b01004fe02b7dd0095641f40967e536c422096d48 |
| SHA512 | 309bd80ebcce09178259d73db847f313bab07f610ebbba5092d4df92ec85459eae8f862297803eaac4dbef8850265f82bfdca49e52f45b201c482e7c401a98e8 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 736a5ac52fb09370f56b0148ec8200d6 |
| SHA1 | b73e5ede7cf2e85ef6cc55aa42af0a171a557525 |
| SHA256 | 141d3e387d375f33627ad6915596fd5c65b5dc444cac0a6ffa0b123a890eedc5 |
| SHA512 | af555b79ea60ade25a0244670ed557be27ba1dae8aba5fe327d0bc1db5b328f604da82655cc6de76562361c2b84d6b189b292e36377529c4123a5b4faaacfe48 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 51fbb8ddc25ddbff6f68ab248cde13c5 |
| SHA1 | 29bf1f62990db50074c1b31694749caf79051870 |
| SHA256 | 6d99bbe40b24127f7709355d6798b9f81bd7e1022e5c89ff2d4e303126a0a680 |
| SHA512 | e12b9e13282965ce0062294ece9dbb74deab8123c6a81c3ec7a1dcf6b018f4feeef016ca2906243c18e92c23cbd08bd88ff354155cad55182768ed745e24aac8 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | b8fba084ee2695fb44238b666c955cb3 |
| SHA1 | e26b141a4c984a8646aa3903993beece48e2b0a3 |
| SHA256 | 21dfd09577cf5a927810d568a68d95d6f8f3a5c21d6529eb68e49e3ec710561f |
| SHA512 | 36530fe6ad7e66d2ec42119ad9f4345efc63fce28f324e1e84cb8a813e9fa5cc8f83f2c58bfd88761fa9bcef99cf03ff9e007fa938188a1a5baa4865c01556b9 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | 9f80af715526a1f38713041d465116cf |
| SHA1 | 75aad5ffcb2db62a08e46e7e91d2653cf9c9c7e0 |
| SHA256 | fa1c05bcdb89d53880c23e73b4e72dfbd9128d17dba0cb7ee42a78be0ee9a81e |
| SHA512 | 87a9105016c058eab8dd13240ba8e1d3a5e29d4533ee87d67fe5016e13573fbb443062ae459ed8a50ae796dd6019bb1bf5711f73f78cc892eb3cfab62a3aed85 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 87a46f4c4113a8dff979d5a7289ba27b |
| SHA1 | a3a8fef34847ef6532a7ef898d5befc95dfa4570 |
| SHA256 | 36e5b739059b5f1341967b6fbd00ca5b390b3abb40e0cbfcecd92cae7d696052 |
| SHA512 | 8125d21e3a9cbc77cb04b64cd1a0e7ec13adafc0b417ae31b3d8ad257f5cc5b5064633b2dde8607a19b53ae279ed8a4e0fe1afc34fc3ce3256af4d39c6b3ad86 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | 5dfe389461dfde8646b3a610515a4d71 |
| SHA1 | deac69958bbb97a048096cefe89b17f5770712a0 |
| SHA256 | d2ac0e3c663dc0bfee815e9f7ffc0dbb63db2e8caacdf53f0102a0d6d02ee753 |
| SHA512 | 88dc0c722d9b900174b4d233cd1c6a1e144bff5b871228e4d3b703a5f1c52173d623eef68aace2e804822bee2fec95f4444cddcc76a73f2c7af58148a4b599d0 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 193f5f607db44880d8ab20dcd416bb01 |
| SHA1 | a6be073120b40e787cc4bb942d66f6b697ad766d |
| SHA256 | 6b8c685177acc2a7e8b6ad5ce501fd4bf703817d8f8f28db1dd0a0d45f16301d |
| SHA512 | d8aa6f27aa0fa0d52a50c40bf17f1a057d38781bb50b33ed56ad05d6dc22449b5039c45c0db567bd8d9fb34144d323ab5bd328e55f63b707b2e20e5696b87a93 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | 6396afc07d2ad1c1212f749673524403 |
| SHA1 | 74169aa821ba03d2edc01b5dfbfb10ebfd63fe2c |
| SHA256 | a6b97f842fb441403c6f24955cd5a266a68bc10eff2db4ea4d8a226a0b5fafe2 |
| SHA512 | 584892406f25307a339a0aef7159c75a86670afc97b52f9eb21ad7330f315db1d50781abffde27ccb040d8ad47753d30254f19e8d8427bb60cc0ea8f9a691458 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | d3d099d116f484591b39adc2c9ea7df5 |
| SHA1 | 236dba104ca7f9877fc6d40dee192d1966c78753 |
| SHA256 | 66ae42b7b657bc2bb48955c9bd1a05c9e58bf30da98502b2fdf5e0f97ac21e59 |
| SHA512 | 1f7e95726781d0eed226480958eee0aafbe7fa1343e33519edfc247512528c41aaadf063e1fb8de60696effd3e6cb5b605eba16b5fa1b49597e0959f42316e9c |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 366e569053cb044fa389c92383b8341b |
| SHA1 | 21d7467985ce8eac005a1d485c7660b4c6db2dc1 |
| SHA256 | a4b522e2a3aa4293c849e20eb34dbece45d87503eb24231c5666376bc9409675 |
| SHA512 | f828dbc1eff978e296d75d2425630059fddd1a6e2629ed484e49c382066a134eb72450f54a1e318e33d5781c7b9a3005630704e42a38b3ec6351eea46215150b |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | fd4044e274f694e464ed13b04a25794b |
| SHA1 | 1ba285de9ab9d8d967033ee93de67fb28949acc6 |
| SHA256 | 738a43753d601bef7a604c2fbf001ec371e066c1eff1235ac690ae8d82d6eec1 |
| SHA512 | 69bbef42a0dc57a48e8154450f9bc3b0b8072cdbfd989915d437bfb8b33c2ff78ca04c97ce0f719a35cd9d7ec6153ac14a5581446340be752c87e48f7290db34 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 6f0af01d30f842264484d35eccc80137 |
| SHA1 | 0554fed1301f55e8bbe3804dd50f9903ce905f8a |
| SHA256 | d1153d2cf34904750ef7758457d9de0081f65c3a5f49155ed57b05b9041bfc3a |
| SHA512 | aabf3216991a516e21b8612ce8abebcbd1130b34a0b5f57e8a015fcd3439e7e066a7dadd42d20c283747cefd19d955fe1deecb67c0a83b5a56516ff011827c87 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 82585dccb0c6fb72b46467a8a481679c |
| SHA1 | 16dc8c08279dc9580e7a4049d8f10a6e1c7e33c9 |
| SHA256 | 176f34dc9490ff18a2221fe4ab2e30ac122594c369d9ef922ae9418e6ffddb9c |
| SHA512 | 2c3aa26a07d59d95eb69767a65c8cffc2118c97eed8d6b2644fcd274ef2c1e536032d6763c0f55c54f919962851d38a7b6176c7f2c7d8d149d8feaf80d50b2b8 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 5b147aadc9d76109cac8c73e2d174c78 |
| SHA1 | 23d4426aa47237bc64c411a56b084b2a80bd2965 |
| SHA256 | 9e8e69f02cb15c746e519fff236ee913c0a78cd316f6ff2324fde9aa5eaedfd7 |
| SHA512 | 5064cd97ee40dc488486f2e72329a6cb7ae7e019cf0f14f76fee95ed0c99b8596dddd4151657aa71cc58ad0ebf891f2c1312620decb1d2c38af22ab013af24db |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | d80d53444fdc8a7593c7e10de3ef2842 |
| SHA1 | 632d7b12b82d0fbf9c13e9e128ffd5f325e9a2a4 |
| SHA256 | bb4ef68b79c50133a232ab05f48b5e788b2eca2b0764b1d2286f1888dfafe2a0 |
| SHA512 | edecad5c3be22320c6c909ce62f1a55ae77d37873fa539c961e2148ad834cff64c557d5b58dced4ff8fd87f66e3a520977d5e432e3e7471f232ae8703382b0cf |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | c55249e7ffc64232908b996a1ddf127a |
| SHA1 | 4a0a9eb1be4835afc470492ec2edb11b924d5ff5 |
| SHA256 | 42347dd900778ef077db1321d60b952644afa563bb983ada8d1dd035a1e2507a |
| SHA512 | 3a3416c9c899c9e601e35b5436be86913f5e7e39651b26c4c4d41436ac5cd3ed114d6d604b4f3b8753d4bcb780921191aeeb75a49b503537ab8ec543d06beb95 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | ac7f9da9da7ab79a265a6e6aaad15c1e |
| SHA1 | d05b6aad79affa91f6937f89f0cdc8ff4d1ad66c |
| SHA256 | ddda61dbff6088f158e96f2a22955b9c9a625aff522a68ce0595bfbbe8d43eca |
| SHA512 | c2b023a00549aaa938e402a30c0193876003c6b6ffed84cd399faa2570c32910ac0b8a3c13b3c8051377f71cbb9c728c0ee8ef2cf738cfae6fc39eefa8282e80 |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | ed12dedc93d21e7bd1d28227d7f1b097 |
| SHA1 | 405f415ff42bff5165cefafcd565cdd751254307 |
| SHA256 | 5d0ba9f86079fc4f39e902e4db2d8e8c1f85c6cfb2e09dc23646de074faf928e |
| SHA512 | b569795a388c5ca78e61626409ff59f5c5d27f0d6bcea93d35f5ae0c16f37326f43f02a66add759e4023204c6b9c5f5b28b4b4a5433211454a9fa23a1841692d |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 414b431a5e001e492277301f2cc17958 |
| SHA1 | 9632b58030e1fb422bf521aedfe009a0ca184299 |
| SHA256 | 4d29f80cda4d070a7d80da767761cb14c40289fe4724f691293433aa303df1b1 |
| SHA512 | 98f24b31140aa31b7bfb67c87ea1b05ee2a2f03cd4b2f99e1ff98a19102551cd2879339184fc0791c92676bd86964ab959d77d9a298782fd54cc9483d0a318e3 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | bd0c327ea3fac1d85960edbe0c285396 |
| SHA1 | 468c3443f29f6e3a3bbaab2c1463b3705f12e2ac |
| SHA256 | 52df7131b4abefad451f173933d51aebadd0b556da92c5019ea4102ac2b6107a |
| SHA512 | 16832cf5aa0dba9764717b9304175ec37af78ec8e597cf34fd3f26765f1a56ca321e52a3ca273fb96489cd21cc98a7fd903e7442770ecac7490dc8fcc23dbfa7 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 43c6f5b25a8aeb3c6e3c317aa6278519 |
| SHA1 | 462eae86037c1c663e50752c1f2d81a3fcb41c30 |
| SHA256 | f07f531329c7e373683d5e9bf6a11d7f7da17ed792e438bd43d2286b783903ba |
| SHA512 | 4b78468efb5a1235517c55aee41744b00e80efe85b7502919f8a83bd25546f13e9348135638994e49fa5415578c05fe7852ef673f9b0be50dc91557dd2057909 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 4d7404eac73c627d879d5addd7a85146 |
| SHA1 | f7e55c9d2c54f1abd93f11bba83d1de6f4a9ffc6 |
| SHA256 | 70189c1bfe16a52d601a6ab5b794e30c8016bef4eebb7de473820497eccc62b2 |
| SHA512 | 1900f7945a95ec75b1ed8980785cd24b10e1f4aba2758451fb2304668c1f7a7f2ae683c48815e19570d7aa2241f906e7388d2946eb125e934677a1da4f76cd86 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | b00cf635401b1db5309ff2d45e820023 |
| SHA1 | ed39566f4887e146a01f422506e54e7e5f227e3b |
| SHA256 | 2c846218908ee1be47bba7d3370e30133c5ec67411a16cdc576e97c46a1d69fd |
| SHA512 | 2b40eb95f0237f4db9f5a95dfa1c05318e9e0a6be8ddb68983a3129d71c1043b40c8cc4faa38cc8aaea618de978c3d93db6c8466139997efbe07fc7bbf3f59aa |
Analysis: behavioral3
Detonation Overview
Submitted
2024-07-05 01:52
Reported
2024-07-05 01:56
Platform
android-x64-arm64-20240624-en
Max time kernel
175s
Max time network
141s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.213.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 172.217.16.238:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.213.3:443 | update.googleapis.com | tcp |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.187.196:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
Files
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 570ce85c503f02ad8e4a14b596e074f1 |
| SHA1 | a9d58fc6386c7309c8538ab656d0f1b95cc8e8a7 |
| SHA256 | ef66d37ea3aae421405aed2614b99687e0ceed4074dac7dc32e87b14ed7b8afb |
| SHA512 | 31b1cee58a028e6b04159da226f91b9ba3bb9ded4997c544d2ac2479ffd2e27439f4ea92f633dc59c25128dd631e11b9f24cb13aff3c3201d337c779605098bc |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | fc318483a677c71a725dbbe6e9516df9 |
| SHA1 | 8ac3af9cbfb464e53b709028d1f64a4d019bb2f4 |
| SHA256 | d6d65421dac425ed42a96af8b94a1d708f6e23b556f0bc80011eb4970304b7f9 |
| SHA512 | 0e3a0d7629cbfdcaa59e415c4ba982355f249b9595d234c0de6fda993c65c121435c442945766017cd78533fbd059d7edfe2eda0185ec6e4d076499536a63140 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | f35eec7ed20a9b7b6d44b918c99aaebd |
| SHA1 | b7d36c30bffd761b3749a037ddc350bf2f31b82e |
| SHA256 | b36f0c3dee79ea2df12844490e336d37c18b3436e66b72a83f83e81ee66d612f |
| SHA512 | 179ede3eafd9d79be21a7f126b0fbd62b74737eaf76988712c8eab1797c4a7351cbd3f47ca73377db168a8b071455577a807eee7ce467b492a2c68c197ca2f8b |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | a35d44b255d8ea1bd1115937a854bcbb |
| SHA1 | 0f8dfb3aa9f44bc42e6f7360c14e4a76d54cc07a |
| SHA256 | 1eb1139da4ce664555376517f8341b9e93b2c4ea97325c6f35bdce1d9fcd6791 |
| SHA512 | ad7a241413bbbaef995ab97e6ed5b208272694fa98b5ccd3bf0107744508f2d9420624d4a2f6a07c7b8b1bfb316f579d06c50b312bdbcede7c66faccec6fb9b9 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 0ca901bbf19286283df175890b4016c0 |
| SHA1 | 0e5d2194cd3b50d6af5b318be2c97c31f7715a30 |
| SHA256 | 9190f425329b8459afc76f8bf399199753672c62152f867fccc10fa88e490489 |
| SHA512 | 5487d053062e6428e4d299da87284b4d796058fcc2421b9882ef8f7f77161c8a1a0e33963ca3f6e6399a914310ea1a00445099ab2bb8dbf1057022db1f32f066 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 5aaa6d9e0b2afe2df3039b6f9748aae6 |
| SHA1 | 561b174f7ab37aeb15d50bbc4421fd24502b3e04 |
| SHA256 | e76b817467ee952bea2441d8550ca9191894e3e7a0c5312271fc3ff80a0bc448 |
| SHA512 | 42ebb4777d383a6f1aa30e678e3344a073fb5e3b4e1dde83ac8957fc55c70df2c8a1196e9d18c90e3a23c1ac3422d2378396a32868d7d89ef38b7f75029b13f0 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 95039dc7a3b1586b33987e549a8828b6 |
| SHA1 | 609819cf4418e2de70281fe1a9debe4e4c0ff970 |
| SHA256 | bed6d9d67c77750fefc17f289c52f0f297141448c978c75e36f4042ebaca4a6b |
| SHA512 | 043b09a04f057dd436f37dbab9e261af005fe84e4dd25422fef73a04bce64b942869478ac2e135d2cd4d1b8ee5dc9be58520cdd39061d4fc13ff1f187ea0c482 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | e56207a54088e5b8ab2b84949cec98c1 |
| SHA1 | 992ab7e16042c224442f7003ebdca78ae370bf73 |
| SHA256 | 35a4ae43c0fa3c01320bc6ae60cc001b68a4244e1407b34ef6acf46b4437ca7b |
| SHA512 | 2c84054f829e3e7a11a266df48d791afed9e2d027a6e95830c3c9146ef98b061036b4a8a1602c509006b4db1baade8bc3560921daea841fca352aef4a3bd6f97 |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | 53c1fb5808b4241eebc5b77f7020241e |
| SHA1 | bf61bf71f040c7ab7d28a8477b2b90bde1474f49 |
| SHA256 | e82b60117239f6310dd9898fecfcdd9ba21b9a87334394b62e20e0b1ec7349fb |
| SHA512 | 3e88a8a008412e379487ce04eb1d590d9246aa7c24617350611ec86139ff49fc64169ebdc0f5acfcf7a27474dbbbb82c6600ed8c21791a8de87e5c02ce9a20cc |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | e0023e28402d8a9a9e023e18377fe550 |
| SHA1 | 27b727e97191156413deaa0afba5aaa793fde135 |
| SHA256 | 3babc583ca4dd395e4ef76ae8a427fa9cf9ade5bb8b8457c3e37ca92ad621971 |
| SHA512 | 602ac60b1d1dc7baf9b2b284f0d422eed2e2d791faa327fe1af0f5a58a9a38f6ec999fe2652daea2311a2d2ec209cadf3b522f9906cd2b5e05350f9f4521a3f4 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | dd3439f8f72a5a99a34ff9b034620f71 |
| SHA1 | 88e7c5ade0868b0d8e1fb76fb81072fa39d5cc00 |
| SHA256 | a8284d4c58ab2951192a5655b9649a6719cfbaa6d4875e6209e6c7a76680581c |
| SHA512 | 291a51c65baa3a13ba55ca69ad7cb04f3fa01ae136f98b4a8f62954215bacc93a472372136dcf2fb2ed58032598e05c5d3dcc3d56eb5db8fb69900fd98e96b3a |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | 360dadfbff406efcbed833f8faf4cdc8 |
| SHA1 | 7d8d60eb35775c85c9091c8413dba2df86b1516e |
| SHA256 | 82741fcbdc09c44a3231290427406898b27f52fa719a48c3f9c50fe53600a6c2 |
| SHA512 | bed33666dbeb41acdcaf16d1b5e48a71aa74d124d78746f6580706ae15322ecb3398c7562f84f9f1fa302f089f8460c4ece7ec79b2d4121e1185f0b3920d4869 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 6a08a328e866e8c983302ea033ca1da1 |
| SHA1 | 986dc8b3e4d9977c91c94861a10a834b8dc35640 |
| SHA256 | 87bf902d378150413534bf7dd67b986d704bd9551cc3afcd3ab4b04b4783b004 |
| SHA512 | 497d710e8e620c3a0f120604bab6c5e5bfecc5c470ceaad8ee90363b6e068af4a7a4d7836c4d2fb70fa7a0d786f70a05f8a12f42453b5df8f39ec0f1aaa43d5e |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 1bb568bab892b779e19f4c5c21b9182a |
| SHA1 | 7b5c177fe13fad48eab7970bacb77140ba2afe52 |
| SHA256 | 14edeeb8c8361ffd645ebcc20ba6b4e1f5de7b55053d2b3cfd21eecd73e8de67 |
| SHA512 | 7440e58f1642a0d1b588359dbeacc2afdf573e6dd84fce2b3b1fd303e19a2fc14556ed91920d28a140ea2e466d4a1259e693195970ce20488e7a99fef6fb696c |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | e397c8d451d1483d8712d870b2cef06e |
| SHA1 | 40a16156c34cbed512e9c2001ba01b8ed9454399 |
| SHA256 | a99b9974e07fc5596ad515525e961884c6f34883d58dc15cabdf86176d168539 |
| SHA512 | 9130a3b55ac15f487d330d3fae3cd6602caa7f3bd421eb5c66749d332e6a01a3f3664f3bef334ed8f5af0d0e128d9d178ecede49656e8cddab080db7791753ff |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | bdd74d068b6f078d6ebc77dfa920cf55 |
| SHA1 | 7ddfa3f2f4dfd159140be8cea8db2e949bc5d6f4 |
| SHA256 | 367c7ee4af5326eec18ce0e5e56ff934240b0a669d45687a7b2891b988d0c348 |
| SHA512 | a802b2584bdea964b2efea0787e0eb431a809e535bf2a32290140020586b9ecab0132241d1287c697779c137d2d0592a53256052ff43e30721f61e5ffab92c20 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 8248063609b564136cd912eb54e885b3 |
| SHA1 | c09a46f95536daa5992baa2a9f7d021445e28585 |
| SHA256 | 3347dd98c186d778f7a1e0b71035ef2f9af7b3567ac0f9dda94127174df9cba1 |
| SHA512 | 819c2e425799d3585d8d41d6e5f8d248129405e284b7c7647ec9ba540f98b9b872a1c715778c488c324249259c76a8fa837631d185aec27139df89e751b38e61 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | d19a2a6b02bb83101afa4b1d88ba7f92 |
| SHA1 | 65c112fe0954975ca95ea200537f74f0b0d6c760 |
| SHA256 | 310f512db5f494e483a530b4755be2e6799f98cb1fc0de87b59f37565d21b54e |
| SHA512 | 3d75da1cf6158d67af567ff7a6425a60f4590cf7530f4f136d883e0dbdb0a992a0747b5005093211339088a9ec1a6116cb0a661cf5a62760f452214084dbb8c7 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | ca275fa0527e94b1d61c4b418ce0c346 |
| SHA1 | 649c16efc8d1622eafc366da08e9efe8160c0c21 |
| SHA256 | c3ff91f0c2c7fafb3516d425df0dae0ba4397a46a8a1d8e185fc33b41f213235 |
| SHA512 | 8c5c9c79efb3922806afd302e95de50c222050bc81beee020364598d4dbaad699a8376634471f814e5e2313f7ed775be9124d2241b25eb8ba8485870379778a1 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2a58509166e5d82d6f233dc201f6074b |
| SHA1 | 234625261a1e5ac497cbeb47a17416c772941c81 |
| SHA256 | 8d690ab32c9f35a05555baee05b24a4f124f8e795606678c170f48cfcb61f830 |
| SHA512 | 9fe035324172418cb2f3d7f6d62adbdfc332a25f3f12f66e3c019bad6c670d9aff5093755e0d6623ab41b106c8bb05f44ecb1f80d864fb7b7851ebe4374abcea |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | d48bf3365b56288a0a67e3919bc62942 |
| SHA1 | 199c4b39e7094ad5063fe8e760bd047b79462668 |
| SHA256 | 7f66ab95f01f5fd7bc748acf54685a2eace3da16924c71489ad2c646022bbfad |
| SHA512 | fe4daf4ea1ba3e0502baa2126b5a060ee950c3c7be84b36293fa3647b29150f8f08f0bfb55ae0cae6d6fa0b64fd076f4a45391df29ef2fc7e3b6e15035d195bb |
/data/user/0/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | d40f882769ba82fed72f28e745a1df0b |
| SHA1 | 99e33ecff4e34774e8cc662707451117a98d8d65 |
| SHA256 | b513776adcdd5e81135aa931932744b2d61841010e51d9271d389b681545fbda |
| SHA512 | a386eede661e9b4ab34835e2220c131477c66cff2b3c3de265c744bcdace84fceed28a571e1f4cc05c868774029d5f291c357d75420f4669fac33abb4c01f950 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 1434ecdd8972edaed2bd51b5b48c13c6 |
| SHA1 | d1965bba70634c4824ce2f9ad07b4aa0c39bedc9 |
| SHA256 | d27ff93ef18bf228770b769e938d33f10d556fb23b495f66032604f2692a6752 |
| SHA512 | a2c015fc9ad2b089779bdf646d3de738219fa4ee22b4d6b4ef65aa01a0fd2b1a7d895397770db35dd9c8cef75c6ec5d347ee5c01f7d886aa7df24312b8055237 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 4103f4f99d0e5db0a859b12c04cfc41a |
| SHA1 | bcbfd204e0b0b2774c17bf67703184b98ec36149 |
| SHA256 | dd073648cfbc88b824f67321a0be5045ee18eedf282264e34180b80a5823fe17 |
| SHA512 | 3072a9c447fec51bb111788a12da571ac7b2711a58153926acc330c2aa31b787c377de8862276ba5fdc1c8b3928ab1c2a65555597f7fa5d7e9ab656086b156be |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2debb682865cb6245476bb743f23d199 |
| SHA1 | 4995aad382cef5b98e95fccc95c53086043fb155 |
| SHA256 | 6b5a2770449bbd95e7a2c11b1aa985642a127915a1e2745a234b8b57f083dda1 |
| SHA512 | dd98c8b227da227df0e1d191470759f494f1fc0eb71c14748b6f52519eb58353af0a35b8b160ac1ccb8f42e35fa3324301f0056e0548ccb8687194a809563f39 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 122556625e712d8b4081a42240f412c1 |
| SHA1 | 6d14d8b34405a9de045f689d37f82950083e68cf |
| SHA256 | c9a99cee7069f7504974fd1e6c77617a9cc3ca0bb661424c4285dc42974d4d1e |
| SHA512 | 73fe9229b18978824cc8561fd99e9d0420f1d8ee50eaef4faf58eacb4872c388d08ef0648fcd87c173fb0b4b00b89d48d7703ed988df497b40b40f899c307395 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | a1e4ee55a246713de10ede65b5cc8de7 |
| SHA1 | ef914f8e1d942ec7a78abbb19145141df45c9b2f |
| SHA256 | 59b3534a8706ec46ba1b5813b6e5730e7adb2ea5be8dd6562b653810499cce8d |
| SHA512 | f07c53582dbd8a518ae5d1381b4170feabe0a65692c755d59b9ad8d501644ae85809879c02a67ba55935372a21cee48175c8dcbf4b89468507d56fa17854a293 |