Analysis Overview
SHA256
57a47b81fdd3f5f95c8fa7925eec1338440efd2e626e8f5b89d1f481cfb697ac
Threat Level: Likely malicious
The file 82267a649aa0a1dbaea09a422f292fdf.bin was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Removes its main activity from the application launcher
Obtains sensitive information copied to the device clipboard
Queries the mobile country code (MCC)
Queries information about active data network
Reads information about phone network operator.
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-06 03:00
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-06 03:00
Reported
2024-07-06 03:03
Platform
android-x86-arm-20240624-en
Max time kernel
132s
Max time network
176s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 2b5b73cbfbe3f87c0f26997e2ca88f00 |
| SHA1 | 8e6db6e12ac84ad0d8b6693d35c70ae9ee4421f7 |
| SHA256 | 2b98a61e9fe269f3f856af426257b4ce9315aab25806c692019468c1974d4322 |
| SHA512 | 6caeb1cae1a6c3d01b81367fe9712f69b33638f2f08261fd5ccecd71859efaf971b30d688b66d26345a8503ffa9807edfe909d1c54201b6e3bd8414758e243a6 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | ac26a375d5d673c2a7b39bbe42efacaa |
| SHA1 | a7384db83f153cce2cdd67a97a20df068f6ecd67 |
| SHA256 | 001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716 |
| SHA512 | 45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-shm
| MD5 | 1c4274aa7a9a5cac8c6d1df71e4588c6 |
| SHA1 | abaecd685e01cc68801292e3dc7085654a22feba |
| SHA256 | 3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be |
| SHA512 | 1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 0fb04bfdb7ab4fa4ddb3fb35d0230381 |
| SHA1 | 7f362a2590493b1533215451228b6b4a146fe835 |
| SHA256 | b3c9adf82b33b28033cdae6655c6bd5dfd05a304e8d577d98a9122b5195b0c9e |
| SHA512 | cf42d6238e3d9231a24e57b176381bf485688b5d1f4c82532c5528d2c3d482c0bba23407fbc953ca3b01fa0bdf6fa196d0d32c848993204fb8a990b1f7ed455c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 7f2cf946c509b9c9ba21a102499a3dfa |
| SHA1 | 883948aee7b1e2a089c08180009320a90ce39026 |
| SHA256 | 5e07e4b8def2f31b7ad1ccb1c53aa40fb6fcb90cb8aefdabd0c14f671a95d314 |
| SHA512 | 0a3db857ec00f5cb8c67a28d4ff0271ae212bdcaf2836e31398603a9a8e0766b57f396d16fe93a93bb1a2d48379fdf0cdac4df91850172793b5e7191b182d048 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | c1630ef07ad9b6d8ecf067c040f17b6a |
| SHA1 | 3a805aea06f4509a92bfca79a52b5fe48802a529 |
| SHA256 | 5a6163d2f2a8c0ccad599f8661a567423b473581e0a8ca36c4ca617a5f7e112d |
| SHA512 | 9167c0ce59858f09b03261c508f5ac704f49d71fae7c38acc5fe5495f8ab6d5af5956f4b2fa69989944a8db62a11c4a40194fee939f96256bd4044518182e6af |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | bd4eb24f0e06a03b241823f5493f3f60 |
| SHA1 | 0db2f96bbd911c2a86034804500be711cf05ecdf |
| SHA256 | a0d6eee815c6ea1d4af16134954eb4a6f38222e43f3b92b2fab24dbfa8c20188 |
| SHA512 | 73a5306d5043750872e19bd3d3f9c99115aa0d3cf88d96ac171f9fed7265f2f427ff14b608894079af8c228fe0b6aa97c40704cf1207e830423a546ef17ab7b6 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | e1c47b2f72664768d85db7938071635a |
| SHA1 | 14a34b13fc12f35ce16c45c644f34088e6d71a83 |
| SHA256 | fc7e5c312f65672f8a1e70ddf4379961bf7ea77261c4a5e6cd5077cba143e5bd |
| SHA512 | 88594777457b90408494c2e8e5703bcc6be3db0260a592c940b67674469798c45dc658f9491bfacb797ef528edf8dfaf00ec777e452106a41f14e68f93370ae7 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | 84d26341beca5d6adaa47f3bd5f9b321 |
| SHA1 | b270ab001d46914998e4e1948afc2272de6eb995 |
| SHA256 | d1f2b60fde91af15e4a98b43ea3bfdd7ab401936a0675d2fa9df6ef9211a5879 |
| SHA512 | 5c22524672730f3d7dc8766401512c010e649d72ec57d2d3f0f5af57021813cc59282b18930bb7d67e5e9c20c3c554f810ab39cd66005a13a0e22517356688bc |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | adb7b33eac8f43c27d36c8d9a939a3b6 |
| SHA1 | 73ff5abeffbb10c20260081292432bfdfe608dbf |
| SHA256 | 62137d440010fde40907dba3bd095a5ae4a731369963e4acb5891ad826da3ee8 |
| SHA512 | e878b502cadf41df3a5c106a79a94d4d1d1a8d044abf3ac425a5142ca3eb5ad7f306ae25c32fc87443c0723a7e114d2930e3d3ae62f89c5972dd9d7984b20149 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 9cdedf9dc4af2969fdea32813eacf16b |
| SHA1 | ff373001e7306a194ca8c21047d32bf83b3cf55f |
| SHA256 | 9854a04a8d12ff14214bb14988eb8020a808b156b83fe9c4cf72c2472af9fb02 |
| SHA512 | 813adef2ecae00a64e45ae984f70d0831a71797dd9f2812c9e0b3c323b143e11781302cbd8b946a6ef368834651c66e38ca346273f5fadbe43bdb531cb10ddd4 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-wal
| MD5 | cb0aabad0e8ff28bf00dde77a3f51043 |
| SHA1 | 05b99855ef3230304df92528b28d80b8bbe3208a |
| SHA256 | 3ad5a10ecaacd50547fea5cf5f35f927b2404df67d5d244d365fdc8ed76403e4 |
| SHA512 | cfe3c7b3794b2b8c4d2fb4db13c5cc87a1332cd8c652128c72c7f3e8df4749194886f93f4e18bea14b98782a8b22b2afcf675427c79b8cd4f21cc46163438c03 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 3f39174b332324f2c043856add748250 |
| SHA1 | b5c84d2172cda5f93435c22c8a56113db68719f5 |
| SHA256 | ea64d88c2de66403ac04eab4ca81a22194ed5d7c5d604edb43d081768b4245c2 |
| SHA512 | 7eb94c6a2d68012ea316fae6ec9ca012dc5d05ea4129c5f5d55ab4bb69a1ea09a10b126b23b3c141323794fac6eafc13fb9e085f5b7a9e97e37bff38414035da |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-wal
| MD5 | 8321b3e764933519cdbdf47a0f25029b |
| SHA1 | b930a3596344e503cbd41a24b7bce1741ef0bf65 |
| SHA256 | d4d4d10cce8b02c86badd036c9ffc8aea1a82446c353174925501a045f208d22 |
| SHA512 | a62795d1eae9b5d455c684e09a3794d9d15a6aa31e2dd89637adbc2eabbbf345a9e1a37d8f9e9c585473077f6bf18ddc684dec765faf114c255177a093007eb2 |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | 1c3834c547a99991a65e989aa3dbdd08 |
| SHA1 | 90189a0947713d2f2223795ca82384e9606ad120 |
| SHA256 | d7ff4b231e584a995611ed0dd63fa1d15f3fe68daa76c943306c7701ecc2789d |
| SHA512 | 333943d6da1b3c36d27854e83cca44225b6d22f5c6f6eccb30f961d54a469ba80bad30975187e79d138572fd23a6e9e86d4ca2c8b2e5be2b9062e4eb590b5fb3 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 34bd1fbb99b39252a0e60d44da7d9b32 |
| SHA1 | c442a3de9b945a2ab48dfe617652644a2fbd8000 |
| SHA256 | 6901da1e0b869cb9877254db2c84c4192181c025a027ca24fe1b579825f26d6d |
| SHA512 | eec3e6c7569e2d6ef188c2f29d12bec9da455ef8995554669cf2c4c797a3c84e1360f93102b81c685dd3b80fd33d413c3d528e824867faa4cade36cbe3692b5d |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 74858c019d1b775f98f4f4f8a2a085eb |
| SHA1 | d88da72ca7a3aa716d5a366c66b29a9eacaa6628 |
| SHA256 | fce330bb28d8f33597b06df6393bb3b91bc436d590d22630f72c8fe5bfd77ced |
| SHA512 | 0284219308db09da67fbf4097c388eaa51b4e195d3bd75648d10fcdb2cb71c5329e275e50ff405221207d519a22f38cefcd21603ad1945fd2ff33037d7b8f65a |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-wal
| MD5 | 5bb1b92bdbe40a2a07fca29b0fa3b5aa |
| SHA1 | 44df0b599b16e6176b65b2869dc97a5b81af6e2d |
| SHA256 | f87402c6f5f7a735464c6a63e1dcf0eca04e26aaf8c50ebad62554d160b9e1b5 |
| SHA512 | 866f2037f3b6a19b61372a38f6ae1483d4d2219378895991d0b1d31c8e259b9588cbfaac2becb15322922993f4e9ef88cd4b576a2a6c72afb93702b58f2aad13 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 59c1b6e9ac2fba65f87a5f351f0e28ab |
| SHA1 | 5ac1e4b268503ba9a398d5f82bd2cd7dc37b323e |
| SHA256 | cd23c6f15edb09b83200c49042fa7a5eb3369b2ee956f393c209ec63e3a83e4e |
| SHA512 | b390d25bf82b82e0754c958fcd175fc00f3a4c75d198c7965596acc75174f9b11fe9c22859689c3ce0ac5aeaf9d4af9c2d5f83f9dd147b9a6e2522567874f753 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-07-06 03:00
Reported
2024-07-06 03:03
Platform
android-x64-20240624-en
Max time kernel
132s
Max time network
156s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.68:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.250.110.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.187.206:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.67:443 | update.googleapis.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 216.58.204.78:443 | tcp |
Files
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 9628ed2345e64e9c2d25d52bb296cea8 |
| SHA1 | 9cb506567f4ecf2dd568f9e2ed58e953ec15fe5f |
| SHA256 | 9102a6115ef9a46278d7f91cb1e5ed6749ac600bae784b400cc4d126815f142a |
| SHA512 | e49a1991195b7bc6ecd3ea8333ae93650463d17fbbdf784baed54d35903de1c9dc0c6d10a6d92ca11d37001e6d2e7fc1c0b4759d6a66c7bac93f25dd1967f680 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | a0a548793a510f9caed081689f935eeb |
| SHA1 | 2d1aad0213b2b86bfe52dd2485741fb00eb02f3a |
| SHA256 | 4564ec31a51694e8349f462d5ada137b3f37b7c42515a7fe34ea8ef33b5063c5 |
| SHA512 | 624204c5e505d3f2822a9761109babe81079ce8552551f23b7315baa171ef7881e5b5c4eab607a53b9bf080be6cb3100ff8cedf4cc86fa6218cd18301fcdc367 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 4940ccffe0bf009a9f11df82fed4e3ba |
| SHA1 | 985c4a3304ce6fe2c707918b6d8e79477347523f |
| SHA256 | 2a2c40fa63349df51f2f80fbfd290608957ff7510e85a5fdf8ffe4aff966e214 |
| SHA512 | 42c80a60c4d2dadcae081a3798013f3cc843b31e9b2d01ad8e1bea994da5358489dd4b5bb34a9645741c4e82cec7fa246cbf9c2b83d088c390dc67feaadf7f06 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | df9ddb8c5d1b3eb6b34b69232c7f957c |
| SHA1 | f05b2d71a527d00ddff853ffcd21c6c8487419df |
| SHA256 | 5327c9503c20d5fae9a072208c35e4f8e5932f3ba9297cf62efd289ebd167066 |
| SHA512 | 372dd7b3986bc1b3fcb5fd81b03d168c30cbe7bce862bd87f34176daebe637e5aabfd7ce0fcc36974aff8a71e758b2b91119dfacea2487f2b69b397478898842 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 39e0c9bfbc098e4585b734752a126b75 |
| SHA1 | 2edcf11ed4cbd6dc7ec89e288fbd08aaf48060a1 |
| SHA256 | 67ffab13557b4cde682bf9bca0d70064ed7ccee7155ac4086a4bb09a56996e5e |
| SHA512 | 1834296fbfd4dd8d24884734cc03e2f2134d0e1dbc32d1c718535ca01992c39c8587776b69b9d153201d4abe71cef71fffd9acdda9106aec6f2d591906b1ad80 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | fc26bb0153382385b7d29af692c77059 |
| SHA1 | b93075e459bfb36f8370b84997e9108f13942f2e |
| SHA256 | 0c72c2c53f59c1dfa3fbfee8b1a0bb158e04ab31808e225045ca4ecf09288ee3 |
| SHA512 | 4d7b965a7bd3c8746817452dd1fa3d3518b985f1bbaf7f9c96fb0d4b52d0bdc52a6dc2bc417af396ea28aad002f618fc11d8b10318521a2836b8f63ad3951580 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | 7aec84397cc7efaac9bdf58654b6d14a |
| SHA1 | f7a1b184b47cc96bc0c1555a848adec9f27c9c19 |
| SHA256 | 520c582261fe55006ded8404aec0acb52f7bd8d59eaff11eeb1e382c69090ff0 |
| SHA512 | 4ba78526636c71948fef9c062361bf8b34542fbc644f1ed9564d5a0abddb2a0668a11c82e3e818ca605eeccaedda4ac1080d0e4ab4c8f34d3c8cd1416a478950 |
/data/data/com.cover.the.dumb.roll/files/m
| MD5 | e2da854cfbd2dd93f2cd8e9c985fccf3 |
| SHA1 | 4ce21be3e10e06dd33ed9d44a6c0697b8200b79c |
| SHA256 | cdb80951ec9142dc96018bbbb55cbd23ea49c750ae2a96ba2537f1d37812035e |
| SHA512 | 4b1cc55209a272e9a217eb155b45fea9b897bf281d05930f1b92ec92f3436406566e0d9be6e6c1fe54d444b0516f1ff1d7855d0a7041c22e748b600bc7f92993 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | c0271d23616aeb174e9971e5585c4bf6 |
| SHA1 | ce466870fa250bf211e6bd19578ed4be10124beb |
| SHA256 | 1eb494274d44f7d531162a2ea73d9647f87eddb50f0b4ee4442baaabc1cd7593 |
| SHA512 | a4f10c5bca5c3890dce704fb3dadbe6846604a7d0e56e3cf72223059e88ce740f09259f06f7f37138280b2a9cabc2ee660a594d4e32c3406a37be6d652beae34 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | d1a8a9d8dfc96e0ce3743da08398af02 |
| SHA1 | b44759f35df59b7e997ac8f5b7169dbd5c7f0891 |
| SHA256 | cc4d89c025d129612fea8191f877df1b07b2a446f110c73940521274718f5fbf |
| SHA512 | 8157789dcbf5719597cec91275611ad6265abd6b999fa559caa11bc9aabcb47a2a0d78866eefff0d1a737363dd62c9f6f0657011476a1ad120d2d451ad85e4eb |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_data.db-journal
| MD5 | a2c45d1c5c7042ac89ac55c9424b7965 |
| SHA1 | 48cd3f2542fc1f78dfaf0d3fbef4bc88c48bb1f1 |
| SHA256 | 3de85459a7abc07637ec02be361bbf41429a07096bd69c279158502507bfac76 |
| SHA512 | 5252537c87bf5a38f02e15da76292177d618a0a96e8dc47163028fefc555354e7752ef7ca6b7d268245f3ebbfc1163594b5418eb6015d73828435dd2503e391c |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_data.db-journal
| MD5 | 9982ed95bfee80a89c9ef7738833884e |
| SHA1 | 817c232833d1ab42ab66bdc55bf3932d6e6223ad |
| SHA256 | d0497718e2537c4cc9e75b5bedbe9e8575cfa5ae05d267e01554e1d4f15d5596 |
| SHA512 | 6f63252d2ea47abcb2e0717f5f3c1fc0bcb3e28bf02e625557f88bbc84c8535405866de9528ec75fc95213c156944008dd9855e10d1b3c876b3918811123c55c |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 0668927c104d60e3c1dde507d69d8374 |
| SHA1 | 51827eceb2ae557da9ebd0c0c65be2cf63312816 |
| SHA256 | 3a3c2c128bdf9bdfd5ff1a18ff918d5af7fa9cf090851adc5f59009202148818 |
| SHA512 | 1e2389205759fbccaeed3051a45720c302ca5d3c69513895395b52e06d7a2005c6dbc2502f31f5c0f38f4742097b53c8c9d878f339cd04d83b442feba266083c |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | 11c9500b14d3666af5b6efefb6c68e5f |
| SHA1 | fbcbb2619a57b27122460a36d344bbb70072dd03 |
| SHA256 | 6fbfd08e376d1ec80ecbbd26282c78d75ef630acccc377055addb52dc1970f36 |
| SHA512 | 23d93b53a62d0312b66f9847b615a1a80adb79a1dd1a8f562611fa72e296bc0bf287c8f409a638e7d0c24ad4dbeee0ffda5b1b7e82393426cf1044fbf7724e92 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | d89c19b9d86d2dadc32a0125c0600f04 |
| SHA1 | 83c6e7035c2b475bc0a43e27fbb02613c60443c9 |
| SHA256 | 0451c01f935e6f387cebb076f0e9ea5650cb9cf3de27847b1a0c0b40e8dc7666 |
| SHA512 | c98c8cf061045b61470051a3e9fa5852413d65e06d7b00aca790e75ded86c0d94aa8e17603cb46b54446e895327200c5251f2ba5e6ccaeae323e2fefc3012abb |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 72f3ca3adc742b39886d225f1c63ad3c |
| SHA1 | a954b3d279923f5b76848ac874979834b86d6d9a |
| SHA256 | fbef47aff0b5572d011fca374401b31c60b1464574cd37f206e0ac8d8b742156 |
| SHA512 | e89318a7a661f0aa12c859c06324a3e63debe338633600f40e1aa2337ec5103d53ba75cbf26c2be3824a1e6b638a161b77cede9d76b8bdf75360c336cf193fbe |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 2c14388687d421516db858dc4d28fc4f |
| SHA1 | f99d4fcab54c5c3edfe8d13c41c734426a1d814c |
| SHA256 | ef3063f6ef5ce7e30d073501006f0a7e5aa9389d39d05221cde80e4b0c977c71 |
| SHA512 | 22a2352df87ecd70f5383a01fa9b711963e06aa365e65e85a3e330eeb2cf97f565ad9e1cab153e9b9cdb8f3fffe1a7b76394ab5cfc26dbebdfc0da36d4a3f20b |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | b87e2cf81d6f6528507a8fb18b09bdfa |
| SHA1 | f459f6e22d5a00e3a31f7697245eab5e9e4e35ac |
| SHA256 | ff1e2130f9052649fe562b026f73288917b3918f8741d2a4b21f2e213eddf2f3 |
| SHA512 | e9f0424b47e8f11c6851fb812cd12062f20600ae79c1722841d7862f29a2e38dda8105f75c5cddfbd129d1262f298cd66aa192bc2e598c25592abe26b5d28a30 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | bdf4a4e60954bf853dfcf14267b78fff |
| SHA1 | e1e8418e533b3186e4890ba9d928e34a49d56874 |
| SHA256 | 3783b760b25d40998103a7087f66aec04fcb0746c623fc9382fe6a6ecb4c3585 |
| SHA512 | 0761c1206cd4fae55cf4099051df63565b1848a66971dac282e1714aa2573ec2d21266a78576682023c89420568f16661a0ba50d8be21e74a72a32c8ff95a077 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 07cb222a14b88ab39f4949129a228bc8 |
| SHA1 | fdab0529f8703aa61de21db14ae6911663e3c0ee |
| SHA256 | 1f4c6c70536bb8d6c63853f4b72cbaaf276b15fe4b126ecf59c57d04ba577068 |
| SHA512 | 965d2c0bc4ec8f8b71bfa0f50bc5bdc6d58a3e7c20edf109ab2318a37d17fe5701fb4295c6246d5cdff1365470bc38517969365f3a5c9e603a846b319635c486 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 587959b119cb109b86a61979d81da4de |
| SHA1 | 8c9f5aeb99779b167335dc2f6f7d43fdd0a2e434 |
| SHA256 | 2f0300217e6694132f9509fbebc6ea8a6d31b05a224945e6216f4585bc35c912 |
| SHA512 | 2a66c8b0febc3fc99af8d63e034f8324148adf96245a3a22485794418e33de633fc6019e5cd03124824d3b0e7b1ecdd9861cfaad90782cf779d25ae60de2a51d |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 70815147387f612f4f116c533bbc98b2 |
| SHA1 | 146f1ee3110827e35cf7e19b0e11706d619cbe53 |
| SHA256 | f49bbf10eb2b72fd2efbc451fe05c0baff193fbe2cc4335661db319ce6ddca77 |
| SHA512 | 11dbc00af2926f9ceda3aa05c250020d80a61681d5d575dd87d8adf6592f1671492c65c2cc5d86f5dfb771a958edc33799c087972dfda39abcdedb5015c46da3 |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | a2de13948963523e5a9317c6884d51f8 |
| SHA1 | 26c708cfd4bacff8d808dd54251a664870fe0ed5 |
| SHA256 | 085879cbfa06ef2f7424c98721050bc78909a425baf1fe53e1a4df9c697a3f58 |
| SHA512 | 6f9ec698d8dab06ce6c2aa0c3c632d16cd18d20d84159a0d8d7511749842854f0aa96720c2ea05edc01235b39ae5b4b12abf5e12bbd388362b7a51441b5cf074 |
/data/data/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | b9655a5944f17a5d96488e5a1ad40db9 |
| SHA1 | 4353bbab6a7a29bdb722e076fc6ba8e67b02ebbc |
| SHA256 | 6361305b2b0fdc65e8e26a4c0017863edb55261825d76006d812f9e0cfd493da |
| SHA512 | b02140ebe6bc0658ef4c4231e73f7ab2cfe3a3169a6b0bfbfd9b543dbe950bc3fd9d78b11def29701a239137054ddaf295e6509e69a03a773e40b2ebfba20c3e |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 958620de9da698e905576f3487c417a3 |
| SHA1 | d13f01b561bab6072b37e9f4fc9105c3458affa8 |
| SHA256 | 86ef3179bec860de773036a649d70ca53071f069603a6e605cfa4d3ddf16c421 |
| SHA512 | 1cc0cdfdf9ac5b6748c9f905bbd1df845231d69a97651d20061f5705f6fd4d4cec5f938c0b98bca884ca538a11cbe57c8323afeb426c4c702383725b6035a468 |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 8eabb32cbc705ece33da43a435a75d56 |
| SHA1 | 5a1c77c5c6a791b8504a497af9aae4f69cb5aec3 |
| SHA256 | 318e238ab11401255b00564afc6483c412ca6285183a6731541c89dfb12cfb63 |
| SHA512 | 921ed465a5d7aacf2ca23072c8e330ab6d529a15aedceb4115767bed584083137a3062d311a5aae473ffd82a2cce9d0e353aac09eca2d6adf1c10d5bb66b88fd |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 79a0514c11da3e2f102e6f5ed81afefa |
| SHA1 | f51a34030453e094c93afc5c43dc2b2c9f10e14f |
| SHA256 | 650af52127f48f93d230f53c43c34d517427f0b1aad485330fcbb4809c1624e5 |
| SHA512 | 88d0326e39c16b22b9ebfbcfeb378d7c5655860212c0c66c6c4f84cc3502f0f9efd407f22e4c043f8bc3590c3f50c03444235c709ade86c00a9d6242e79ae02d |
/data/data/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | af31c5ffde9c6bf191d2f0f04f75ca2c |
| SHA1 | edb44691d4c0da1e0d62d70658f1af06a8a3c9a1 |
| SHA256 | 32cb6861289d7c91f6ad541d56edccaabb1d9d2dea74478cc32459b1598eba1d |
| SHA512 | c08a231f9786f9cd61a1d9779f14dc506edf111d4829bf634be39c4725817df06e45d81ebc60a166075653d39cb5bcda7eebb44b71496e57ca59ad44c889a5ca |
/data/data/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | c83ffedacf6314ba77393059d9e5fc62 |
| SHA1 | c4c4af55a14d3c20a69bd4669365a17e78bbf195 |
| SHA256 | 5f8535f8fa4d6bbf04be4c4bf4c02633b730fe214239efdc5dc25295fdcff1f1 |
| SHA512 | 834e7e51fb5016f9747741a964dc5c660841f7dae2598ce511aa39f2d4be29050ae16d52e30ab6109680e056b8084a6a62a0671fc595e53fb485702c233b56dd |
Analysis: behavioral3
Detonation Overview
Submitted
2024-07-06 03:00
Reported
2024-07-06 03:03
Platform
android-x64-arm64-20240624-en
Max time kernel
133s
Max time network
132s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.cover.the.dumb.roll
com.cover.the.dumb.roll:Metrica
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | vypakawleftervi.info | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | startup.mobile.yandex.net | udp |
| RU | 213.180.204.244:443 | startup.mobile.yandex.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.68:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.200.14:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | report.appmetrica.yandex.net | udp |
| RU | 213.180.193.226:443 | report.appmetrica.yandex.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.67:443 | update.googleapis.com | tcp |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.187.196:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
Files
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 31b824407c0771e5dd072eab2a211b5c |
| SHA1 | fc100c49f78b1b6686134e5eeb5c863fc761a6a1 |
| SHA256 | c3d85be967a36bbb8865a1a217cf0176448a4b6a21a55f0b3aea04a26fc59913 |
| SHA512 | 85f917eeab00b70e82a10fc866ff178bb7f5aeae0e8aa0754b89343d2108dfd67488d207d1bb611be5eccc21d318a77d12143e18ce35c641cfc73c751b516508 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | fc318483a677c71a725dbbe6e9516df9 |
| SHA1 | 8ac3af9cbfb464e53b709028d1f64a4d019bb2f4 |
| SHA256 | d6d65421dac425ed42a96af8b94a1d708f6e23b556f0bc80011eb4970304b7f9 |
| SHA512 | 0e3a0d7629cbfdcaa59e415c4ba982355f249b9595d234c0de6fda993c65c121435c442945766017cd78533fbd059d7edfe2eda0185ec6e4d076499536a63140 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | bec04b24493758de0f4887b69b5b2e74 |
| SHA1 | 34efc023613ab14253056c161b745e37383d000e |
| SHA256 | ca345853d76424c1b790e13d4e83d31bdd2140d68d3286559548ab085ee84cc3 |
| SHA512 | b0fe1687ed9a750c06007a067a80e3e9555d09f5f6fb605600013b3490043e2d42e70d146b20052223b7d65e1950ee788bf32c4ba294e2d6d5cb979b3881393f |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | bf398573da4e7b572fefaded4012a9b1 |
| SHA1 | 04bafeca672cd66a07dee82619a10652286ac0f4 |
| SHA256 | 4f3669a336b629cb9aa78cceb69c1a907587870d85f76f7de069e3ba3d35518f |
| SHA512 | c0422d4cbc193c8dbd62558b9e7944e59e31c4af72f9bcf6abeb42d71f63bc16bdc75ce8e275c7895a016c130602463d0be417cf60fb89a90398775b3cd13141 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 03d13871e67973df7a557ef0fb1c6bde |
| SHA1 | 1d1351cbb9c9036b1dd011075666f6271c631131 |
| SHA256 | 319e1a5065f3e625c15c500a9039c893ae49aefc9728b0f61e3aecb112b5dfcd |
| SHA512 | 114d213dfeec70c84b20e49749fd65df56f926a6d01ecdb5562f2f1709f1c89d35db7d843da26a003db2cbbc49e82f047bcbd4f8b75ff839f7da1b762414e69b |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 12e19738b8d95b9d4172adb0cf670b68 |
| SHA1 | 140b9593ccf3f1fa3beb86ce9d2dc3a8316f6594 |
| SHA256 | 4520bb0e07d672002a402c50881e0d16509cbea58441a55c9c5e6f71b8db491b |
| SHA512 | 2d83bcc6a6b70c114033c147acbdd8ce7b6450e11a96ac718b4a7fd21affb874f49fe01f2aa7133db2655c43521c50983b56bf3fa9b37634142ca467cfcc0d9d |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 7f465fdd66587ed84fd0abfcfc9e489a |
| SHA1 | 75380b04ccbba1c73c3d2f75887a14bfef2f6128 |
| SHA256 | 270fc160efe1673d3058dbd78957f1297e2fbb7d362d3a9463d1254535a47335 |
| SHA512 | 1eb2cb4d3d5e3ba34b85f4ed7b65fc188dce840d5882335bcd01ac730b40f4120484195b1ccfdd45b3543d6f4e57891a188cd2eac3a53983c09c0fef8d9de463 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 68f944b6aa09db7bc40ce748857bc1cf |
| SHA1 | 7f805678c5f0de2ad48fb44a7c005c9b9c7ce284 |
| SHA256 | f8e511aceb4da4aa5a51eeeca31865e28f9e11663d5d4cf6c50d0d160bc0185d |
| SHA512 | 3d4718074115e1bdfd2303fad1b25c66df6035b370c527513d4e3efd536eef527ba0c5f914629912db0e8ba41924129137c413d676497844ccfa153838f899ec |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | 9476f7d41c26698b51378569eb9a23f7 |
| SHA1 | b28175e06aff5939ab7416cf4ef067fdb1bdb25f |
| SHA256 | 0fac060c79c9ca0c543e4d3df83a6d63d3c370c3e0b23999fcbd8ceeca84b874 |
| SHA512 | 50cef934fa6b134aa5b8d3edf57ff806a465c3dd38952c65b7c1f76b61f45c8b5c3e2ebdced5279922450554b659dcba698d12f059ea59f9914ca7d2470c6704 |
/data/user/0/com.cover.the.dumb.roll/files/m
| MD5 | 3783bb4c5c1b53615cca5ddb556d5846 |
| SHA1 | 3e7b0ad4815e3919d6ff54548fae10b4ed3b0703 |
| SHA256 | 8ebefd3163142c039247d31456b8472d0fc06c11c07e4a10b3cbc04cbc3aace4 |
| SHA512 | a03bca32b42a88b6e8561df159c4ae155b0959989670bd59d4f13a114f32bcb6027a8769f529764d8b3ed55f331cf97fda3fbe59664bcfa17315ecbb1fc6631f |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 1b29459316bc535c3e933ceef445a369 |
| SHA1 | d266fb9c73f7eb569e32cbd73b726c65c092fafc |
| SHA256 | 08ae9aedf7f276d68e7464f87ee47a3cf4d9ac976ef92926c40bbb8a01b2ea8e |
| SHA512 | c37067b1cdc6b575a0ee078340255de6d043649399e4bdf6b93f6297b7276a62d2027c16537938a6a74c5f59cfed1e78d8dd3f270b6b44034a3f58e41439278f |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll
| MD5 | ddc3e051e7ecfacff39a30c4b51672bb |
| SHA1 | 16c57b3edee1789565cfbd6f1536200658c8d725 |
| SHA256 | 7ebf6713f2e2a8fe65801ebebab99db6de08502a66a625732c4ac90c400ab9b5 |
| SHA512 | 4b7918c4cfb12e3664e214a8067426bf298c33656db0954e0d215e4171b59c746cbdbfb306a50e734851ba7eaced8b5e0f2b34af0c8078323b68bcb09ac8cb21 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 5b0b7ddc53333dfd2d5def95b2729653 |
| SHA1 | 8e73a2a28849088d584c368a32c726a6031b40bd |
| SHA256 | 344980dce5cced048b8001dc8fed992dfe87e2bf0055ff54f2c78642c4b1dc9e |
| SHA512 | 74874158df65cf93e5587c1f968d22ed2a14b601c7aea345aa986f070b694d748f18dcfcb83cc650ba74d2987a8ce0999e8d3e0a26963e5e86a4cbbdbbcb7c4d |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 0b0f90348cdacdb0579a41fb443cf684 |
| SHA1 | efc7610056f761c3acf3c039a516f19025dc18b6 |
| SHA256 | e4605279cbfa594f9d7cb517e94983b541d7abb38eac3248060c95f4b088c291 |
| SHA512 | 1528d899eadb828bc5b6da47f9ecdd122bb5ecc336dd4512339cf5f169ffad53e3243460a90664b12e6f4c45b2e93e631b8778086588a8e5c262e78bc35c214a |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | ab712e9ec7eedad6e17af269f27acc45 |
| SHA1 | 499a220a543c2e5802cdcafedffeb464618dad36 |
| SHA256 | d90c968404cda879d312041c3ba4b6241422cbccf993b9d769a8a6835cb29017 |
| SHA512 | 1b190641236df17f384533a57c7c1a10532baec7444586f58b38913df92b91ca1f73bd2ab9d2948672cd962cc9023a5d58b3dec0c097b144db4619e9daa5cca8 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | 8b0dd50c4d3e390b35cca52388b0b2c9 |
| SHA1 | 592e815d1dd3727b996b9b8dd05f7d052ef797b0 |
| SHA256 | 83649d0df76bc148287ecfb45c9d092d7d2a40dfa39d01393c471493576e076e |
| SHA512 | d2313756e6c82d98faa472fa87e443ef27eda677ee579c639aa5fa85379e53aee1cc827b9586fd9260b5730a98ab50097afab874455fa4cef7fb91758a1d3f12 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll-journal
| MD5 | ce53276bfecdfe62018a1cbff34c012f |
| SHA1 | 4ab740a5af2d2e1aeb7aa689bd1569efa260fe52 |
| SHA256 | 044a544dcfe577d4496e21e820b47660a532d319f5ef30fe0e193273d264b72a |
| SHA512 | e6946c8fc3e7e1e128760a9154654542ed708ef6b6a0204abe3ec0d17a3f19fa43727941e736554866b977c2f2796fa5d3d78a1ebceeb84efba0d09e1ebb6e7b |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 167cea203b8fa93781a9e98663309b51 |
| SHA1 | 2d7956ef642e1dd8369ed7775da36279b7c1ed23 |
| SHA256 | 3310d36b906aecc0adce0a7e22ce07e1b6b0a786c369c4bb72a62f1c611bdd10 |
| SHA512 | dcdb4459875be739bd4310b5200ea0d640cec0ffb12a03d4b9358a1ce21aab5e379ea593d64de3dac2b5a8b4b9691014a527cd6293085111e15b2fb6b18eb601 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180
| MD5 | 210893cdc782878f64df1c7cecce59e3 |
| SHA1 | d86482020101a2abad481181b925b080a7b2c1c4 |
| SHA256 | 153c531d7faabccbef62421c5344b72b89be9276de386fea99f3e1364cf0f207 |
| SHA512 | 3a9c141bafe39fb724f615820e06aa5db3eb1442db4ee26645fe6c59c8121158224cf50fe9ae2bd1fd6d5fd0f13e690f7ad745aa24938425c44255cc741726d1 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | aef1179f20e002e9a6325ead2d792681 |
| SHA1 | 25182272ef65555ea7d7ee1dfc6c7cc1b82e55d9 |
| SHA256 | 289d37ce4c53cbd018952326eee11b1394258276b58ea915be1422ced31ae8ac |
| SHA512 | 14ee3b67e641d1a3f83d6b23365e4ee241ad498322874f24112ace5d7fe2e1a9fd1e9a41e58fb67ebef21bf35dfc8f8cbcd00e15ec9008f117118462cf651da0 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 3d74ca56290f6f164a48803e66fea9c1 |
| SHA1 | b9b92a1c66d2c36f85559fa89d6d21401c8d739c |
| SHA256 | 1ae170b1dbdca480f410f3cb71a3ef08a95426c80da5181c737cda5a70e22eec |
| SHA512 | 12dfaab6e98355fec8392b17d1f42144b6d06d69bd76f612ae71d6252af5b9849844e7406346db3fdef28ed9c664d06bd6cfddf68a23c05b181f6fd0fba905a3 |
/data/user/0/com.cover.the.dumb.roll/no_backup/credentials.dat
| MD5 | 97a7d5a9311a1e25179833f792345f37 |
| SHA1 | 80d6e5aeaa1610241a5293efe1d2825114cd8832 |
| SHA256 | fa350ed52bdad7ff686b6feb652a6a2cd691dea970fbba45f98f6c2c0fef0e3a |
| SHA512 | e6e3ad8e1c27d391194e2b8ec686cec3d865da4911e0f9aa6ea62896f6376ee71fb363b15ce3caf6c90193af8d841d4257e5f034c265d8152735b848cd8f6365 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | b53f5ca687b02c7adede757e669ef287 |
| SHA1 | a514652a5bb7a31bda0c517d4a839cd516c734aa |
| SHA256 | 1a18f4b316c86e90a3e9bfc6dc6c285307887db2df0eef90f07446c0aa41b591 |
| SHA512 | 741887c69dbb99e0af567876eb4892ea72079b6b987f99408e0a078ef023a7c0b84c85e3cf9e239f5795baf9dbc9b046a79606554c539b7005e88cde01b953a9 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 3c7ec192855062794c847e99ae497176 |
| SHA1 | bffcb7c414dfb1c4ebb5f63a30bc70190fa58c50 |
| SHA256 | baaf51cdcf523da39d06ca47fb27b9aed5efb82adf276d23563d967edec0147f |
| SHA512 | 23ad0fe7e3cf1144f0d6b72277ad7146be66fd2c78dd4f2d66b41367d923dca0bee553f0f283fd97e76d819ff50b4094f491e27891b45e407999dba842d1e9f5 |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db-journal
| MD5 | 035e8751110983fa53563c2e796bf42e |
| SHA1 | 1863865026ab2bd4bb06c40906b7ac585a330a9e |
| SHA256 | 93f6fc3069d98e9894570acb6c1864e1edb4dd8b7a0e1a2d2e52f4ab58e03d43 |
| SHA512 | 74b6dd26c364ec4803da87032e9b106f46399736c852068ae9e93b4a3a2d0790fb19bda367ef223cb0fcccd512735965b35b071e4fec5034ed72dbe9cfab65f6 |
/data/user/0/com.cover.the.dumb.roll/no_backup/db_metrica_com.cover.the.dumb.roll_20799a27-fa80-4b36-b2db-0f8141f24180-journal
| MD5 | 06219277d2e6c1d8c37715f1bf3e205d |
| SHA1 | d32aae5e425b57071fc25ce9c74a4e68b1a4c5cf |
| SHA256 | 5ead21f50645c1d3214e662b12cea8c3dabe6f0e4d8e2eec7b8d8d67aeb22953 |
| SHA512 | 4b92f985d609ed4b669915725f7d889a7a49df830843b91123d985544c66d61782ef07bf3dea37c66286f2493d0d28c9074b03707264cc16608f55c92fe8352b |
/data/user/0/com.cover.the.dumb.roll/no_backup/metrica_client_data.db
| MD5 | 99d630a85830241bce5217a45a80a02d |
| SHA1 | cadbcf287bb6c42c76383a1cefb29fbbafd2c3e8 |
| SHA256 | 0f70c868539092f95080bfbe70a35bba14c1c819e4407009bdf65a56e98bde53 |
| SHA512 | 8f890bfe8c9ed553884f455d8dac3d300195fa687b9c0e4de64b8679cf9465b3c5afbf148b0b8b35fca1b01c7fb088d00b3f8bede7bcdddae3488efd7a1fadab |