Analysis Overview
SHA256
d75f907f12aa1c8b3b48c58ae65a23d9c7f7de2e06badb122c625d2916a3a0b5
Threat Level: Likely malicious
The file d75f907f12aa1c8b3b48c58ae65a23d9c7f7de2e06badb122c625d2916a3a0b5.zip was found to be: Likely malicious.
Malicious Activity Summary
Removes its main activity from the application launcher
Checks if the Android device is rooted.
Obtains sensitive information copied to the device clipboard
Queries information about active data network
Queries the mobile country code (MCC)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-05 19:39
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-05 19:39
Reported
2024-07-05 19:42
Platform
android-x86-arm-20240624-en
Max time kernel
133s
Max time network
158s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| GB | 216.58.204.74:443 | safebrowsing.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.187.194:443 | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | e623bad2722635dd2f8bd5e6a77e5c95 |
| SHA1 | 2ab8c8d83656d39f6070c83addd5657d3748f86f |
| SHA256 | 34695aed3daa58d863ca8d22144e47ead821f5041e4ab53b17ee22abb21be5ca |
| SHA512 | a7f97af4ceaf3707858444535aa71bae6718e3bd7538ea723a615905c4967ff119952a98a25f939ef0f2a1862ced8e90099c5bcfbed4672b8968adb0443dda82 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | ac26a375d5d673c2a7b39bbe42efacaa |
| SHA1 | a7384db83f153cce2cdd67a97a20df068f6ecd67 |
| SHA256 | 001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716 |
| SHA512 | 45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-shm
| MD5 | 1c4274aa7a9a5cac8c6d1df71e4588c6 |
| SHA1 | abaecd685e01cc68801292e3dc7085654a22feba |
| SHA256 | 3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be |
| SHA512 | 1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 54207cab17db4cd9ef67ee2c2c8601eb |
| SHA1 | 0bc26389265cc754104a9a20c771ab2f57a98e8a |
| SHA256 | 8f8b99303bc75b06e230e4b1630f69ec6cbe4863bad16f5ab77cd435e5ccf174 |
| SHA512 | 7e16057f31b875a40e22232fca9d9de4daed4a83d350cb000c8cc8d19c1b83a137b14ea4451fa9898f78eeb947007c37a090b3f192377151b0188c20aef820bb |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 033542421abf51826e71868164974bf0 |
| SHA1 | 5cb9181999916efca2dce922fab15b22ab512b99 |
| SHA256 | 0c08f2caa2ed5c8c077f71683bfcc03618290176c39403bd623e3ced75563cc1 |
| SHA512 | c3bddd03b0211ab4d42582c4f624200b09a189f5e65a4cae504f6ae228370837e6736d2cb4d0af025c95e044f0bc56b352a9e17f4f20fd80f2e48381c24d886b |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 245b6129fa3dbf20b1bb6ea61fc1d680 |
| SHA1 | 0531d7e7556493d23db8b357cc2b108426ce0ac6 |
| SHA256 | 89b5bf4af5c3363e59aee1110ea8dc42ffab0c8992376a04596a3e05c988c55f |
| SHA512 | 6d8db939e65d7f9103ae30f8c52ad3d1a5551f9209877345e83ed96201e593ec7c04c8cccc1970bfdd995074c7a1e4b877a50b8434be988c50e02d3749b34571 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 6784b2a00cf458850799d1f3d2992a1c |
| SHA1 | 525528ba816ba9e4464dc10ebe38f6c1e561f591 |
| SHA256 | 79c780d4546f27bf3e365a80bdcc63035c56c2ace84e200d1da1439244a4e5ba |
| SHA512 | 14f448ead5a3dbfdbd8393baf93b84df8a75b46b4bcccd28daa8fb23560319abcc00cf09ae3838c415ce8e1389fa9682c673fea84111b18d5cad55f302798b72 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 233853cff26ae5bd6bdad6c7a72e9306 |
| SHA1 | d8824c6a3da75c1876fb39bb6bd243d847c558f2 |
| SHA256 | 8f11aa3591d0bee430b12cf4b391612dc81b1c72b6b5991f4f08bfaad9ec8754 |
| SHA512 | 76c1319aab814ba5f6d2abe2f849093eba377b44ca0a83a3358020403d428daefbf33bd3b5937ef50941dbacd2b8165c9eb1e4cf4af7d5887b99cc81d47a9784 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | bad63b7007e000ffea19b1b2a6386fa1 |
| SHA1 | ac71488d04f9ca5b7872747fda5d50c59f448410 |
| SHA256 | 4bf43ff10913f93fe97f12bc09cd48eac0a5f89e5293f458511dd22425aee213 |
| SHA512 | 61a19f9865d7f13ddc84711f6a5d5e78a78f32681d15dcfddefc602d9b22855714fe1271e6596625df7753063df0e6918fd10ba8fe0f3bce941525ea58b2fa89 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 0d35c7dbab747cb499392fde0166f00d |
| SHA1 | 14fcb3e558d6586b04a9d5398f8ec5a90f53d1c3 |
| SHA256 | caf1ec29a86e3d0fb9f7de45b0dd11b2949f9c52cb69eab8a27abd1d68651a18 |
| SHA512 | 7f2366eeb1bea51a376b2be3792fb794e0603ac203fb81e12d5a4164dc2551015a74a8656a66c9e510540747a23c18d423c11ce0c2833ac87cfd08d0fa75b1e7 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-shm
| MD5 | e1f3c907a4628d27d3c90cb8f98e43d2 |
| SHA1 | f5a7bd7feec4f681e00afeb555d1241a66bf4c74 |
| SHA256 | c65466382ff7716f7eb535f7034c4eeb280ce0f1bbeae1420ec3e5839cc2c8d0 |
| SHA512 | ae26a731ef63cf3e9b2fbfca1d36dfa9c3c6d97ce79479cebcd80eb6a1e4125284cc0e1b7a87a1235f2a8c88c05b899dbd5aa7c5be68d04baf437e853946a4e5 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-wal
| MD5 | 36365e9764c96b5b8fc950ee76ec697c |
| SHA1 | 8917d218247e3f1df09bc979de772fa34c181e20 |
| SHA256 | 7f6e76d372d7e6b9da00d3c1182ce2d52cda7e7776312a58ad837ba775b2ec1d |
| SHA512 | 8593269f5d35d25096d8eabf4018d553ff73b8926f20505ecbc5de00540040f6d63652e5a9f8c6d380e7ff4ecb4caa8229e4127e03083da37586faadebe72188 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 1d1803804d56759bacceb4d954757725 |
| SHA1 | 03b6bb98b67eb25e63a7b2175d32582440f0df8b |
| SHA256 | 81530bcef4fa47848d6bfdd147bc59b15300b72656c7b8700994b5a2a3831e26 |
| SHA512 | 37ec932a4bcca1acde4e9e5cc8f803ad493e1ee27919824fb7339143e027fb5e42c2f470cf53d5755ccd7d32551d57b8065329d97add449d9c30e602774832e0 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 4e3154332b5c667487aa79ae51f6c9cd |
| SHA1 | 8359ad76752e35fd787be08d189f3de79222001c |
| SHA256 | 17e3bf844b56114128dc9d93d090b98be462453a5a0f04ea79696f6451ea3b63 |
| SHA512 | 6414f3cc23ae0920e7a104b83ea4ab5d8224a85db8d181e57b3acefcedaab19d18096bb20c7a17d58f2b83f7dbba848e20d723a977fd2db67bc8c199f4394c8e |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-wal
| MD5 | 7e826601cafe1ce21a637b94fa79855f |
| SHA1 | 1a4f6ae9ccc8eddd2059c7910162494c9989e19b |
| SHA256 | 2591a39b0e0997afe2d294d0205c4fee5c57c0fa731c63df971c6db6d56b471f |
| SHA512 | 9c1ed9afb4f469e3744978e313c10832a867126dd0fc399b1e89b539ceff70ec7bc99c8e281418e7725eafdb3b3fb6a930febe003cda7273a3a9720d91abeeff |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | 597fec8c0cae6f8d35a643df902321a7 |
| SHA1 | bf6bf88be7d7872b29df2b87872e68ae89e59afa |
| SHA256 | d285fdc8d89b7c2fe9cafc3dece74b6251aa10e03cdb41fd4f05bc0d6cf46320 |
| SHA512 | 6462f8d34d438593140b6c47b38f282e2e7f35e952e638bcb48596689539d4f1a5797f62850cdce3c2d7a191eacac6fd8f752d5e7a1a845576c282fc3ca163c8 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | f77a33da1bea7276892c4223165d1faf |
| SHA1 | 558c8fb8c5d534f841780cdbac124ab218db21a6 |
| SHA256 | 88ab6562cc06e9d93e9a585f96456c4ef8859c95953093940a0d2426b9f176c9 |
| SHA512 | f256e1c5af68d576f0fc2a0c7f1bcc0a34dff2f2220ccd3de42d49f048c7b6ee26e1e1daceb574bab3371420e4d177d10b5de59d0aeebf5f9a009c11bbdf564d |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | e2c33bc8cd931a7e4df735151888e552 |
| SHA1 | 3a48ed99ec2d0f06c2fa624e0a2e43a158e748c0 |
| SHA256 | e241eaa434700b27c0929e27f271cb7df798f1d5ace868c510525ef4bd7f33be |
| SHA512 | b41a12fbab66a720153b7bb5d44655293476e2ecc2e1e67cacdb74bdafd4a94abc5f9cb86cf00efc278802f1d840a1ca438aae43ef92fd298fdddc89b9040b6f |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 4ba5be0e5a5ad8bd7d016653375acda2 |
| SHA1 | c186dbdda9d0728d588455f2687f56d5104674c5 |
| SHA256 | 0faa6a15bdc6959803fbd09d5c0aa93a0f6444cfa9f62e3bc43a8007f4013bae |
| SHA512 | c37c4737e28413d697198520dc3b8406227fcb76981c3b9854ffc7e7179d8a96f3570a14edec22824ecbd00ad6712e2b746e1f8b121029a66c5ba7e326fca5bb |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | f6704c63d411892d3a4091c3399bf2b2 |
| SHA1 | 57d772c8e9648661268a40aa735af2cb9269876f |
| SHA256 | 9a0d42eab16a081bd1fe9afde65470b0769613aed55408abefbf8666cc0ddebe |
| SHA512 | 4f6c32d47eba3a4fd8681aeb2f65a7c1cd83ae0c95becd2048b657da48c5191b05d3bc6a5aa494f37dd027d523be06745eb78a0cb9ff16fccedbe3577c617e6d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-07-05 19:39
Reported
2024-07-05 19:42
Platform
android-x64-20240624-en
Max time kernel
133s
Max time network
156s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.200.14:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 216.58.201.98:443 | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 3da570e482f9a0c5481c9fd9225e5968 |
| SHA1 | 54e0340ccc5d56a410de2cb18c78ed68c744e63e |
| SHA256 | faa2e451be02f540e9536be712ed0cb5650ccb26f3cba25e7df1e25a814ad0e3 |
| SHA512 | a39ce062b0cf68cfbf187a7ce76d9a5dfa4bcaa86a497a631f9065a1dcdbb82d7205153b3b7db6f3d88bf12958ed6f5a9b2f056ae74c461b919367195e1595a7 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | a0a548793a510f9caed081689f935eeb |
| SHA1 | 2d1aad0213b2b86bfe52dd2485741fb00eb02f3a |
| SHA256 | 4564ec31a51694e8349f462d5ada137b3f37b7c42515a7fe34ea8ef33b5063c5 |
| SHA512 | 624204c5e505d3f2822a9761109babe81079ce8552551f23b7315baa171ef7881e5b5c4eab607a53b9bf080be6cb3100ff8cedf4cc86fa6218cd18301fcdc367 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 7574fe232cf50b14cb4dd5abaff27ab5 |
| SHA1 | 6155ac70c50fcdba6a36a295015934833a981048 |
| SHA256 | f9f75c26f70f227a3b6a5389067a363056688a6b60bbb91f8cf71a6bcc444e64 |
| SHA512 | 8f8f999e3bba281c7a519ee34324b01a6a034d03fd17ed938858a4f7fc5ee83409689e18deb2ba2c517d2a94dddff7a8a77025be32037c69f8b07744c11fae07 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 1764b07dbe66a579d6018d851423b8cf |
| SHA1 | add2b9f794c886d08eac715a676090e481c685c7 |
| SHA256 | d0ad7c7b5b06e1f630c37af996250aaef59b1b3a2c1b87e3bda272688c9df957 |
| SHA512 | 86043e7bb41f0b4c9816b52975870ac88215ada674b8555f0dab581d511dede3da21c20697ff824bb197389f36f3ce3765cc4c32645b641b0676d98b1251c0b3 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 5dccd7264d5e6d6093f3282333c7d13c |
| SHA1 | 99003ed66d690c1ba41a993c28241d49f14c0314 |
| SHA256 | 9f2c5ecd1842822c471595bd9620f105d821adbd4aa16ccc1090263b751904de |
| SHA512 | a67b95b1e04cfdc419e92dbb038fb803dce0b3b4ba7c62ce7a2082d1f84df7aab32d144b0b0ced8a76834913795179ff5117511f77eb68dd9e4a63e90b61ac66 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 35f788b3b23386c45e547f133caab746 |
| SHA1 | 3c04610f102d37666b48b024398bcd222e72d9b3 |
| SHA256 | e577affd5794e534c66d9723fc1e5499fbafb269ab38ff063921a3b85c2442ec |
| SHA512 | 142d1a07c17a066a6345b26f2d81a67034b9250cd6b2db4ccf82d0d9bd8d54c8009560ce786e5da1126c347ba854449651cb56c04606ebd01c45e493e116f51f |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 36047f7efd8bdefe5274f4810072a6e6 |
| SHA1 | 0801a98ba89bc621e2ea48bd203fae94383f5c57 |
| SHA256 | be5161af74db04830d2a7ec725d7e1a325d1121cc5e22a31631107303996c58f |
| SHA512 | bab061acd253d45871d7ccb63af707141677685b3e7c0644cb1e556d756a22d455262b01d6bb551f64c553f7630a3ae28873020879ac7c995c6197b1f5949bbb |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | b5fbe3c6404bbd7103240514ea8e64ca |
| SHA1 | 476f3adcf748c9302ec812b96561f38119eaf2a2 |
| SHA256 | 1ec008e54100a4988995aee9a99804cf6d55eab5bebc98c2dd6a76506427e436 |
| SHA512 | d920932110099ff82b62408c913763e6d6f653f911d7410c07f1e240f443889452d54001ddddb6248a5b512aead95cec425483cbd8013d1b4f9c5b64467d70ee |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | 5ec22ed4accdcf6733f9f1b1c15b554a |
| SHA1 | e1963d6602c7572345cfc0c6228007664a07ff24 |
| SHA256 | 39b6595378fef8f78fe049b9d0653c687a6aa20668ffca6940275eb60785aae4 |
| SHA512 | 52e6b71a6ee7264bf536bc1fb8c75904f228c18bc633b82ac17f1de2f73691dc6bedcfac724be653c962c3d969f2626435cc5e2d3416ca268398f285afb30fb0 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | eeafb5a5ea9f96c8dbfa3def21db8a5a |
| SHA1 | 664e31c09b0710c8d9a21c4d786fa3eec807043a |
| SHA256 | 120700f6bf6f70615787a90c0c50be353eed856120022ce9b592a670f0de735b |
| SHA512 | f9420bf17a299fde813b06feebb5e521e88d736f3ddbdef96c13c120fa3d86154891f4545e26fde804404f150e7b61d5124b413b7193af63cb161ee7f8e8c27d |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 74b99e9c3b5289fe9c7613c3dba3b570 |
| SHA1 | d3488ff947f5561125d14e0cf3739a86715c2a3f |
| SHA256 | d3e93047b08ac3aa14f609bcc8b0923c0401966c97ef3a84201dcb211dde57c7 |
| SHA512 | 679b8bb22e3adac6ea92d138c49a61c5d0e49fe958024c2907fd8a214301b8e5975e93f71833eab24718c1f2fd3b6cb8a73a709155944c27af8753c1f9b49cc5 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | 35d8c8b99431c074ebcb1f0c65dd36a5 |
| SHA1 | d287a5e58c2a7899f9efb3efc346bf719c4decad |
| SHA256 | 2d5984b0b75978f7dfe533159c36cad9ea46d545969f8cee909071d0d3de79e7 |
| SHA512 | c10c955fdaa041698b3d9e182433c5d556e6312c0e7848fb4ea7547d960fba95e4318450f79246ebee5c47d54b81cf509eeb9f05f612d50d858d684119312a35 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 193bd897eba4269ddba146cce8d068e5 |
| SHA1 | fbc2da50a48372359809ce8c3fec2172030884aa |
| SHA256 | 925ad6a287e5ad0fa077b4cafe5d248d276263f89f11ae12aa33f263910a1c0b |
| SHA512 | 5c2714f8439bfb4e7941c23cad8cc62fee538485a05aa2171c39fd1f8081b2556cade17e1386c1c4d17f914eab0d18f15a9b2c098d35ba653c1d605d48efe404 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | de6db0dceca77e25cbb3aaf43344fac3 |
| SHA1 | 2a010b2359ab0637447f51b40b6994fc743e7385 |
| SHA256 | 29087927851355aecd8670c0748fa0eb18e0d3af853ae4415f37d684606872c8 |
| SHA512 | 61c2fa78df0639769a7c4929c5e044fa0604f211c1d32e5698f07d504ffdd81657cbe9038a1f9b5589237f69134da7219f94159f924df5c51b251bc29cf6dac2 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | f969d751abb5f4341a63bcdd20c7fba8 |
| SHA1 | 570b0ea62def689e579fa8b3645660a120e9518e |
| SHA256 | ca1cd79901491ee170299094956c3361992b63a02c36854edb8247b301ea4380 |
| SHA512 | 83d3bc2c64ba73011330afa61c4699958895ed7ee3e03e9f73f6c9aaaa9ccf2ab10e4f823b0ce2e7006e9ef76f535fc401eb65ca92d8887ae38e1c4a78995022 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 6f1395aa0e98402e2a28d3b12c77f72a |
| SHA1 | 3b7b276b18dbd41bbd9391b2b6b53a7bd8af2eea |
| SHA256 | 95ae04dfbce81aaff1f712421574975e97fc9376f3d9792a6ca3807aead0fd12 |
| SHA512 | 4cd54e49cdae3a634eda362de852877c89f07154b66738cc552189ca66d158d2b54467a6e5246c7dd880407a3058a763dfd48ddf74000da5b9fb7e73a5ece5f9 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | d8238597f1b8a3f8855ef738ab2f242d |
| SHA1 | f71d635c37a4497e2d2ba5c5d08ec831ab0d7908 |
| SHA256 | cdb123c0add00e4dafbf1efad482b3b8be524844707772c52e5c0d65d6208631 |
| SHA512 | 0531482db0b9f9564e18afe8c100e6b96ca733cdb067f14568145ba19febe52100dd766445090b253e00fb4c49330ecfc9ebcfdb294ea73b7b678f230d929943 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 9edd8bd526bf5f9bfd70919e7e07a332 |
| SHA1 | a6adb22e40c019c0a261781426f1b1c1b8212598 |
| SHA256 | cf05b76df7473cc254fe97f6207eeca24c0f0e7b3181a6057129bdeb3e6fe594 |
| SHA512 | fb4cdda429eb0f5b7b67bb9d2f30955caf03eb096aecc01feb8cae794afa1328291e73789d917a4a50d605d6cf1aa75ba0852306d357e442788ccb8013de795d |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | cacce775688211d197220a164b09b085 |
| SHA1 | 59bc9eba2b4130e0e07890b44920e7f75be55ff5 |
| SHA256 | 206ff4bf782908b04860aca525bd58aa50c8c74ebac9904efbb5619a01f30950 |
| SHA512 | 072de07a959e6d7de60203fdf77b5628f247d17fb76c5061183d749a275f37b7e4a53cf2807ddd8878445597c697ddf1fc5b8271503ea808dfd657186d31f543 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 61ed2fe6b0394f53182d3fa0e2139710 |
| SHA1 | a595ce7eca8d428be2f47c323347b5c1c8579446 |
| SHA256 | 980d2b5e6769e5e1631a6f9490afeb2758d556ee7754d8ae5cda32ab6d58f7f7 |
| SHA512 | 43b16ad845a46cce2b2f88dcdd9407a1dc5af09b202a08cf218963057d25d92f8bc1e5ea438fdf5cb161fb013a365bbe83ada4699b8e9f5c8d473d5a13722459 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 8b36ab0ce4f8e6b029872762656c273f |
| SHA1 | 487ecafd428323fbcecfd0bf4444f4a6e4797cdc |
| SHA256 | 13526987854b6294817be391dc38a42945c76cbda1d4e6d2b1f96d1f4be0745f |
| SHA512 | c33fe7bcf8faf455f89ca2c42ed74c47b3b90090da33749b96ba0b541875a6bfabeba1fcef0c712eab37d0fe2d2c0723f7f2623beed2d1725c07c1805629d2ca |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | fc13d94f53bf767eddc04f0e8e7f19a9 |
| SHA1 | 9af5e7d36c1733b6ed3d3bf298774613e6320534 |
| SHA256 | 33b46a251e3cc914c1f89d53473f69a646fd32153ae8a996f1381b9b8fed1bc6 |
| SHA512 | 35a1197d54486653ba26c2a7e43059f282277024c72d9e2795a755b603188a29edf81c3e1eba96fc0e7215e72e8ca20d02d914c099f0ed55984d7c313cc7e73a |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | f23dbf1922594711bdf205f7fd38944c |
| SHA1 | 3aee42a1a3f343866fa3703594017e1a2bc19b2c |
| SHA256 | b5da7346095edff5163806803b9e47a509a39abd7f73e47fbdd4360fd17806fa |
| SHA512 | 3a498bf61493b776e641a038239cfc411f65682997c48aaa2efa790ee8cd37bc725bca3fdf71cdecf06fbaf89a44ce46484e5b166ff2ed68ae7e4bbfe207850a |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2bf0f10d6ef6f018eabcf93369311d7a |
| SHA1 | 36937fd84412d7ac912e3a3c6ba709973c979441 |
| SHA256 | b061762c589622a0b8a132f0aaca9a2c87b0d476ef92a37bd024604fa37ba4b2 |
| SHA512 | 410f7b27563c435d37ec1e90d75d82095a2fbeeebe073762f0750e63c1e39111db855ddb4f07d051db365489f1a1f49248cf44f459422cd63367cbee02499da3 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | bfa01ee5e5c77a470e6d30a224f97769 |
| SHA1 | 56a831a0bbd1c01453fb60626b591429930c90a3 |
| SHA256 | 83b35330c221d814d06bef91c2674f51f92c9c857585f93435e49056774946a4 |
| SHA512 | f9ff11a849e450e820b45d0fafa1c01dde644bd08499950438c94fdc0b19c2b84cc47205d41bfde4ffd71c5db2d96865d8ac6790133ea01ed28b8bde7ca9c21c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | b9d6903d92aea3914bff87ec736df79f |
| SHA1 | cdc4509888f10757c49ace558203d9faa7e084d9 |
| SHA256 | d94b6b2fe5a39d5dc5044f9b1d17786f586b918d9dcec6020d08124056e52aaf |
| SHA512 | 3bad4b61b16a0310e14b49be3860b4f7713444fb0f231a935ea551d3d4622af9d6699a8681d7631c3858012dc49a5a037c8722e23c074a94bcdd94d1cd59f4d0 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | de9556da95839274a17738cad67f869f |
| SHA1 | 5f4671ba30bad4e225eec7af32691f7322fdf944 |
| SHA256 | eff1bf168ef499859b059e8983aff6eb8bd95921291fcf388e3bfbd9d3ecd042 |
| SHA512 | e0f33ab35509850bbe55998dbaadcc80dadcb79dc2cfecd7814dfee96eb34e47c72c2a647780d6b2b1164ceb50a44e45571c6685cd7ec7c863f7ee9243b88c89 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 5b7741f4da8bcef98751e785ceeefd59 |
| SHA1 | 392329fd5bfc73f2b2f7a39c2fe4c3af00bd6bdc |
| SHA256 | 2ee5b93952d95a16e1a776ffa668975df502efb4146e655677409108a520947d |
| SHA512 | bfcd3011f73d8a28fde3507af217d30bf51750fddc8ec7f5cfac6d6a1ffd634402c7a2b73e8235189ca754a03c571a2d464e7d3da58e7633ddf90e286d416ae9 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 831b010d3c8015f14db1be20d29d374c |
| SHA1 | 1fbcfd38ffbea7dfe80a3604d5772bbe41935dfc |
| SHA256 | f381f3b96bf6eca3f964d5eeb7ec25788d500d83be80b35a491e52c9414b67d9 |
| SHA512 | 45c86aea0d88b03ce19bea31db6af4ce2641fb96188d0b337bea1cbe9b09341bf03151822cc7352042cc97dddd1dd62fc8a3ff5afae9b2f544c5999b0197ca1e |
Analysis: behavioral3
Detonation Overview
Submitted
2024-07-05 19:39
Reported
2024-07-05 19:42
Platform
android-x64-arm64-20240624-en
Max time kernel
133s
Max time network
169s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.212.238:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 172.217.16.238:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.213.3:443 | update.googleapis.com | tcp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 142.250.178.2:443 | tcp |
Files
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 26e07c4a24bfad37f917450124da1937 |
| SHA1 | 29de9317b8b68a6428787db8c92b0ce8e0e7c456 |
| SHA256 | e1e732d9b199e5e16c971ea4038e22c81abbb158a06a885836776c50c87b08bc |
| SHA512 | 83860e2539aa6f5225b9a0217bc670f83c5f5489dcd1655e2d1f543942adc73e3bb2d7df63604df453fb821c66f94d7f8ac69df74f91e7022cff1bad99efb6f6 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | fc318483a677c71a725dbbe6e9516df9 |
| SHA1 | 8ac3af9cbfb464e53b709028d1f64a4d019bb2f4 |
| SHA256 | d6d65421dac425ed42a96af8b94a1d708f6e23b556f0bc80011eb4970304b7f9 |
| SHA512 | 0e3a0d7629cbfdcaa59e415c4ba982355f249b9595d234c0de6fda993c65c121435c442945766017cd78533fbd059d7edfe2eda0185ec6e4d076499536a63140 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | e1ed3988b1d45704f8ea3c0c0a4ea473 |
| SHA1 | 4138f745b9bd3e8f4a7ac7bb8288e4e193d3ef43 |
| SHA256 | baf928d2b8bb3bc844c54fed5e4c0a389781830a4f053865654c4b054d1d2607 |
| SHA512 | b9dc1ff3bb2bfd2c79873670fdb6b1735c94f45dc63d8e6a52a00404d435d70dda7137e4ec20dd9941cc8bd69c3b5d3ebb5cc47c6a52135d3c2f7795de27d219 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | a07dbd22d5c157be06de61ea75e584cf |
| SHA1 | 07f81ae96e5778db000bc88c1d7090f2238fbad9 |
| SHA256 | 17cd7f810215fb8ade7ba55930994f20ab9e562411b4807c430cf75d4e62c78f |
| SHA512 | 76072210709cb62c77d9cd5053fe0e56b943f6eb36da4fc0d6caa375eb00b07968241b69ebbccbccde9fb724a3eb612754674442b18b4f38ed4938f786a05697 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 640688e61d3913d66abe0bfd119aaba6 |
| SHA1 | cadd4851b07bd78e92a46262e64ba1c4568c7107 |
| SHA256 | 3622a0d2ee7099db6a011920c49299d601e5c97447c660ae397a003b0c3d1bcf |
| SHA512 | 4da6b1a6bd6979a6059d8c36bbbdae878531ee54d62a662057ccf0f27840d0694b41b1ee02a4e8d0ecaa2b60971500cc8335fdfcbebbbcb8720efc68b372296e |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | d18aa9887141bbc8e6e77898c58195b8 |
| SHA1 | c83c64eb30b474fd9d0c746ba72f55db693d6c2c |
| SHA256 | d3f93bebca5039cb3a5d3c90bbcc016034064bf88efe426bb58bf1d56598d42a |
| SHA512 | 119ce2e41f1723de8a980b93223c6b1894b7fea741d2963c9fc0aa5be6d1cbf528d0c222551b789af57c5bf8af09fad8a65101fbc015f21f6fd8f220306fff4e |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 6528b68989ad7ba952aae105132289c2 |
| SHA1 | 2f112558970a78216db03c8e1b0e7c0f28d0124f |
| SHA256 | 434e1401ed41afd026ae549c725384f2a247ad2dcd782d4adac62fd61bce82a6 |
| SHA512 | 66f1f71a56d0026ba5f4b517863c84743777d638599551911f715325e015122fba151a018e901ad88c390ea0f0b01c4a7371b4aa24605544203304de0e1472a4 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | faaf87811e8714fb54363f2c815dcbf5 |
| SHA1 | ba2ca383cc64155cef3cd23d0474c17309bb70d8 |
| SHA256 | f7a68dabf37ecda019a00241eb14c7fbea8bda33331ee223b85e8bd811b3dd03 |
| SHA512 | 5e46b10e4043b01136d95cfe8adf308833b2a1f8e3b6d08ca900ab37511e5c4704e1c0173dba315d9017b6203041f5fb6d0cd5bbefa7ff93df80ae723e118d2d |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | 2d2a6c3d41d345634bee4bdd5a21bdb2 |
| SHA1 | 35e13f3be9060e36a2c7db0ec4057641acb78945 |
| SHA256 | fd897b0e75acbcb5da9a8c5e649f389d100dbc0d5bada42aff1b711e80bcce79 |
| SHA512 | 30a8c95d544da1a6456e8a96f86239a325c515edc6d8e295680fc771da4b3760845c23e78da222665e57e215c37230f3017416be7fced46d59d215a6feac35e9 |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | ea76bc3ddb58d1447d4899e0d6d09472 |
| SHA1 | f8fe0d523ae75d9ab00c0ae6aac37f99a3fe17cd |
| SHA256 | 8d8fcc720489f1dbeca3440c1db7425d232c2d887c25e78e113472c107098e71 |
| SHA512 | a26febebd8bf490a3b27f4bc40a496f53acfc4225c5c21727306b4763dd577aa66b95e8a7196e4c0ac13d846ee3e8880148fc35337264adedd011f6ed7b28878 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | b82419e24855542e9cac51329234eb43 |
| SHA1 | 699daa1830a11c4f503bd9d63dfd1a28d33a1c3d |
| SHA256 | bc4e92717eb5f8209e00291146c078928e9a009b7ff09cae477f0ad03bed823b |
| SHA512 | aa88f47493b5ac0974734a7ffe0514132b32cf374e2f81c91d1ad3bddfb527714d8b542f4f98b60ab278668ae3374840a7498ab8ad81eeb236336e1feb78a900 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | e36d7325ccba6ce65a28f9f47d34e5e8 |
| SHA1 | 1121477138e1df00611af627b7e70974601670e7 |
| SHA256 | d475bd1ab0380e7658292c7ad8aaf5e073db0f57c0d1771b8a0ceb4be06515dc |
| SHA512 | 3403a711d83ea3ee71ff172d639fed98d8dd70b97724dc8b8fcf239c6a89ae71bf5c9e7bf38106108409b6c38ec62a86f85b55d107b3d6e8e1a7e6b6cfc7c247 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 8898134fa5f97f934215f88327e66516 |
| SHA1 | d9647d2756b1172a1b155d115b3bc642c356cbcd |
| SHA256 | c4f749511b981e44e8e52f0f90212de8f03ca3af2049f74a643e6db741a7f525 |
| SHA512 | 23e9e874a71b188acc3402a68e4ceb8c25a027f3857999be0f0f6669fbb296010151785ee3053a6e8dc027a7e6b21680a059aaf9d6dd09721e795ca598481ada |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | ad4da5e84eb216c330e87211ed7ecb3c |
| SHA1 | 3a0a8d17b584369d777946bbeade5633f48afc5d |
| SHA256 | a74f2c0f2c5ca344268c36dfd425fb04bbf4993ba8d2ebfb351e793cf9f1b202 |
| SHA512 | fb1cc37347c8555e8dda50246dc6c00c5e5c6cef1c5395d50cd1df9523c7ce2ae4b0df71d040db56e94f03ca94a7c321a26362f121d1595ae2083b66f988d4b0 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | bcd1baf0f62bad1d3eccc9352ddfbd18 |
| SHA1 | 185a1dea3874e93f6b1e0688d10fd4f83b350fd3 |
| SHA256 | 8b9d9de8e820ff5f84c1b24a204e716051650458ea4bf980223e8b1d2b69c316 |
| SHA512 | 2ea72c1f3d60f3d497f01466f60ec8efd215da6a286603df7a4fc30abbce3abab373dad7e43192da36d4edeb1c1a49cbf2ea197d43191ba7f3b4776247f99c90 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 1deb95eace37f2b20c60fd0e4e6864f6 |
| SHA1 | e3dd4daac65d23520027d23af7874b886df15a92 |
| SHA256 | d5fb7d01aa237551d8e0c91842822fd5124cbe26e130c4b36eadb805a21028ca |
| SHA512 | 27df0423be35182ffb80fc3a6d5be45967ac813d8171790fd260866fd66fee06514ce530e92da9ccd2eb6dcdafa6733cb23bdb01f64dcb75eb914d4aab8c82bf |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 2a28f4a079791dd8679d201173f161c1 |
| SHA1 | 4ca1d12089680b1fec90c8bd686288a5972e7ff0 |
| SHA256 | 509354e5a66c8e008fbf781c2773d97d11f5fda1e38410ccffa8e0277d1a9978 |
| SHA512 | ce75da3c3f2f3fe4c16a2e78ea39f8f442351a2f2e69a101d2962fc7a64fdde4390d5649ca938f929cb80a83f6e71eee51291e0f29853bd78b9d07c109f9e655 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 1e963bfc86224a84945df496c9303579 |
| SHA1 | 80cedbe303c5a1b1137f72ff2510e51158bfcb52 |
| SHA256 | 6ba9d5f2aaede22b3a4394409473de804155d0e2b739716655e22c095a54bd8c |
| SHA512 | 6f23c0c910a4f211cd9c70b7cb5726debb61ffd3b465ceb3bb38a4cef160ebef7a27b171278517b4da77c202d4cfcc9210da87c87382aa4db6652e2638029cc5 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 1f2fc012e7edde296433c7b47edfdbeb |
| SHA1 | d78d975d7ec17de5c6b4b7cdb1ed7508dfd16b26 |
| SHA256 | 358431a052eb453d991f48833a62982ce855940835646064342dcb8527f3785c |
| SHA512 | fa03740ff7168dae83751f0b7b92441183ee6d77b98c8f1ec106169e344f099c916ed684642b3c82b406905b600a4bac63b98dd0a5d00f40a58fa7e4275e44df |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 2efcc6676558171863da737020f9ce41 |
| SHA1 | 56486079c4b07e7c0ec67da3dd750bbfac9a3132 |
| SHA256 | e54b4a8639e3ed6bd192960bdf24e0eeeba09d568247d484454083a2b64e1435 |
| SHA512 | e62bc040b6088e184753d1cb394772722a69bcbec1ab5f542522b7afca075c257d0605cf878deee43006f3dcfeb721a46d97fd99d7dcb16add41037f09105698 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 20529cd924bbd4dcbe8bebaeb7f22a47 |
| SHA1 | bc47a6a0107c02c6926155417a7f01292180815d |
| SHA256 | 7a95ab591967a5c0a66d9408a8c8ab8beb6458902861703acb1e7c0e20565d04 |
| SHA512 | 40f1f4a99eb22bc6710f468123818179a34cd615f499bdade0ca4c215716c0450ce715d725c4ae2fc819c5f692873a9a374f34e7bb28dc7f4d7612906468d71d |
/data/user/0/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | 2681bdd832748e4a5fc5d10237b53261 |
| SHA1 | 1fd592a8edd6fc4ea1afa5d700d56c50774de9fa |
| SHA256 | e0f68bc9ee9d3b00fddf315b49bd519687348826041c29fda6208f9990faea7c |
| SHA512 | f49a5aa65b211310d1176a80944ac689a84447be9abfcdbe3c99beab7dd1bb11c24424bed2aee2400cae4a3c198e896162e911017a4dc0a8067dd710d7c177e3 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 35f772eec25c1cf4de2183cde806a464 |
| SHA1 | 60cff5bf72375bd1e95b8781cf85de2a1ebdf465 |
| SHA256 | 6f6551386442e8ede0dbca671da4284340ec85542ae6d1702f527b21887bd473 |
| SHA512 | a2a0ee5140a63fe5ff297391130e45809cd9c5e9057e313351e058241bf230d7ec15733c31705527eccd46732c9ddd4aa36ea677255a710e5f005dcd45f74be3 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 06c6ed06179c7666cb1e840a9f256ca7 |
| SHA1 | 01fe56b1fc065739b116fb36dce50e33d353e5ac |
| SHA256 | 55daac3ad4ef4115072af75b7cf74f3c3ad56452befde15dff8a962200789184 |
| SHA512 | 039dcab392e6ddfad4ba128d2c8adfca08b6c5f0ce4aba5f6057b139031503538d363b63caa217343eb34c4c8a700d6aab052c43e64baee5bbb5c52a9fa482a9 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | e8a74b68b8b7f42201de05046d7ac578 |
| SHA1 | 549d8ee1f4dfafe2556b9d3e81dd611ad3c95231 |
| SHA256 | e4e47f1525293fdb788342e7aabe5ed9f15e3f40c1d27cf3393e2a63ba136fb8 |
| SHA512 | 3d78d462beb7fe14d0729b9454318061f7f3ca59be198c8f2fa5bec56060a4eb4f17c3502b61bec25670f1ec8e94b38a9885992d1aa119b3767f38b60bf09170 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 046fe3809cc27c33dfabf57c11a43fa2 |
| SHA1 | 5707bf174e70454ebfc7c5c1aa62fc6cd0228a0d |
| SHA256 | 702faff43587df6168d567dc3c105d12ac51b9a26d5e94d686e68cf5349e8537 |
| SHA512 | 96fdcbbb19f4c613da60499d23633927d9738cd643ad9f332412ff49e034bcfada23dccad73f5bea24a4ad406a14a860462cd0670e6c8f41a420a0757b14d232 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 1f9c48332b48d2e9a5dd4dda4f23dfc1 |
| SHA1 | 68affc8d92bb82157f45fa7a6731ae7807601ad6 |
| SHA256 | 8402c67f78843d2cbbb15f97002151c53e9142483a5d2ae8ed2e78ab611b900d |
| SHA512 | 28bd66d96963319c4a34e1f07bcfa81c84ef26a89af03ab676eb1ca3482abc033d03f2142aa60cbac752ef633f9fbd58d0f571482b5d8c1852439e8fa67e157e |