Malware Analysis Report

2024-09-09 16:06

Sample ID 240709-lcczqsyhmh
Target base.apk
SHA256 a3a764e9c97606af14d4847f6816167345bbc2c0f7157e9e4dea1a3db7eee7f9
Tags
discovery persistence irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a3a764e9c97606af14d4847f6816167345bbc2c0f7157e9e4dea1a3db7eee7f9

Threat Level: Known bad

The file base.apk was found to be: Known bad.

Malicious Activity Summary

discovery persistence irata

Irata family

Irata payload

Requests dangerous framework permissions

Acquires the wake lock

Queries information about active data network

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-09 09:22

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-09 09:22

Reported

2024-07-09 09:26

Platform

android-x86-arm-20240624-en

Max time kernel

166s

Max time network

130s

Command Line

com.mycarroll.app

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.mycarroll.app

ping -c 2 -W 10 -v google.com

ping -c 2 -W 10 -v google.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 google.com udp
US 1.1.1.1:53 14.213.58.216.in-addr.arpa udp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
US 1.1.1.1:53 obscap.com udp
US 104.244.124.75:443 obscap.com tcp
US 104.244.124.75:443 obscap.com tcp

Files

/data/data/com.mycarroll.app/files/PersistedInstallation232739366180411652tmp

MD5 b05b740bc9a140a82cbd5288e95ca175
SHA1 65be7ffa0c1591133d6cb5101d2bd271cbf58bd6
SHA256 58ce3d82e51244955040f44b677d678a0e7fbe781e535a54a0d8a8016cf004b7
SHA512 52ba2e28e87dd4ce00b8c778675380a924708fa0a6cce700adefaeb8dc333d826055a72dbd33ca06de85b6f4387951bcc7c18c32c82da7a1cd035f75b2fc1696

/data/data/com.mycarroll.app/files/port.txt

MD5 6f8f57715090da2632453988d9a1501b
SHA1 6b0d31c0d563223024da45691584643ac78c96e8
SHA256 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a
SHA512 f14aae6a0e050b74e4b7b9a5b2ef1a60ceccbbca39b132ae3e8bf88d3a946c6d8687f3266fd2b626419d8b67dcf1d8d7c0fe72d4919d9bd05efbd37070cfb41a

/data/data/com.mycarroll.app/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 baa286b2b3f981f27c3a0dfcda0d34da
SHA1 48d976b93a862f6a62a65dd33d997547ea8e1716
SHA256 285c9210646fc720bc142b74dbd8d72dabe5701778496b1563c87b732ccae452
SHA512 bc3973d3f9496261f43dece9d0e099f57f576eab00b8b3a7731051cb4f78f32ee8edb4f37ba0849552576153c659e9aec8d6fd8844161427832e0d5e362436e3

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 83c1685d575db6abb6b2061a243350e6
SHA1 29c47f986738f16131ad6d00c9e409f9d81cd662
SHA256 75e0d930f66146c371f47468256554d9bd9cb039989230a5f6d75ca4a21e0c94
SHA512 6f2ee36387d6f6bb18083b8b6ee19c7060e00a595d7fba128752a1c20bba0d581bc9a3e3dc6253d5a2dc269103913c917bc799afc9f9fcf38af50076163d7fc2

/data/data/com.mycarroll.app/files/PersistedInstallation9177415610128306035tmp

MD5 a9c41caeaeb7bab9d0ef6e11530a8261
SHA1 209c9c9301eeaa2d516447314830d9e1b6d0e9f8
SHA256 f5162495885a6538d37946fc17b247ec47e9b52218b93685ace4748933e25cd4
SHA512 631fa94271b74620d71704afdbde1a4b1598d8101d7a2c5a9714942be159723bd8edd00fa83f26c0577fc61b0379ba312df2d3f3d6d45e1b4e38a4464712391b

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 672f80a9c8209418904c5b97d73adcd6
SHA1 b757f849f2bb92fac2dd5bef13f9fbb63253f9da
SHA256 2e17fae962ca161124b67bdfb6ddeeef79134dd336b7d2f1d5b3b5e475d04d9b
SHA512 2df7ca724e48b1dfb4642b4c483715c63116ad2d78a5e5d6140c4f5fe581638cb80a7fdf07431d4ca30459dba7a7187407b08f75ed122108523078a63f9e12c7

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 ce04be39e4f6c13bba89914bb2a79369
SHA1 1a2fd7c441ef1f20d6f93515fd97641d36f8c514
SHA256 caf3f0eea59a245ba9e9c76ad5eab2e825548221fbbb5fba852c154b8021a90d
SHA512 08ec2d6e75f02cb8f588f3468cf0f992a28f31038ece445cf2222e69a17fe2d9011adef5951d779b11c6625d7a0efcd435e70e135b7e6ea28f19a41afbe4b22b

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 856a64014122fe56fcc517d50d1ac899
SHA1 55a50e2eaa5b968eefb16101d4618d5bb1029bb9
SHA256 034d0b28a9604a9b8641667b7194b355f58a4026753bc7872cd9736f729b659a
SHA512 4191edbb4399bc5da2590fb25c289b190cea3cb82db297d2b6bc850d08a6719fac619a11ad46714c83101ec5367c59a3e7b3f75cd5fdc45cac7d981c0059fe98

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 ac334820c2a4d7fb5e06f586e9cf2f2a
SHA1 4d5cb2e3c1c6ac05a6f63e50e02a1a409b21b933
SHA256 2c66f838132da4e104bc7a597aae3260e5956e6e1ed8ff9fc1ee30813e7273e7
SHA512 ad567f84d827e10bf26bddb821a8bfa8b471d07ce2d2014447d8908952cc7dc50a6758addbdd954fc9476c6507bc266d04a6b53d8c319fbca914e324251ad3c7

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 0e7692538a4b4d39b8ff262a4d67548a
SHA1 26a9c3bd81efbb7ae8ae6cb155e397fadb233637
SHA256 712941604c370d9e5b7704f8771666946f42098303578a7f8082be896817761e
SHA512 22fbea6545aa22491576c330b439f61a4459c6cf90aa3ddedbf9de5dec670a915e43cd9d8d8222bb22703768ce5e4fc39d5679b326a71237482311fb108949e9

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 83ad44bfb5ba149b1195dc3f991acd1a
SHA1 f1562b0f129602dbba529e1d5f98621b880b38dd
SHA256 5c56eb55768c5c8f8692c82dc92aca2045e84c4026fd4de71e844a158ab9e7b2
SHA512 c13865875da872d8e0bf93d3f2a6433b899407c47907fd9e5a1e01497912a9f8d35d2afe3d5a46e2542e790d53a066f17cdccbb17cdff72cbac43278477f1a91

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 f8f678a2f8a54d1ad4c725ea9716ac0a
SHA1 c2111ebb82b6072226482a4f1184387182d9867f
SHA256 d9aa6154e6a1fceae63b0f048397a1b6677b5ba932899bd0d0077918cfb093cb
SHA512 388c7977511ebe36c9c08044e1910a4ad15bdaae7c4fa7c25baf1c2e4e3c8a5d7fe9939106116c8e8e1d6bfa668707d2ebfd30e9f1dacbd29a212a337e5c70ad

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 f13aae3f50793004023829a758bd4c92
SHA1 7d39a978c12428338fef624a70027ab0da25c505
SHA256 26527c9080b76a21e7c23a64a5117c95f95a415cc542495529b680d24ace96e0
SHA512 724aa45e114f815fc6686d444df73ca177ee84e91b5db4968d7846ab263265e3097ef7ee7f3eb0dea5cc20ccd1153a43d3706fa1c7a4afc9597578ff1ce2f7f0

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

MD5 cdf77fafed5295b9cea077d2497153bd
SHA1 daa2e93d589a6b3b4e02ea1650214dbc9b8f5b2c
SHA256 03300b1cdb617fad45dcfbe077b4736e265b6aeedfbc97af58abbf5e0c897ab4
SHA512 7c93a3fac7e26b19ca46cc65da1de2d26d2aa902caff61f254ada7a37c8ef44354f9ac5221d5e3e71ceb1c52e0af97ba0867535d8d8ae83c5ef58a29297f43be

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 6e51f0580a08c55cb6598dee996c9be5
SHA1 225ee2d2dc97eb5e816e7c219c2212f7ac57a835
SHA256 6de59d2460af67b546c95f2ac9d7f38945f3bbfc46645c7f291ecb1dcfe05ace
SHA512 baacdfdef9d5d6abab374878f63d6749862f7f2bee7d27ec859ba2655d21fda76721bed71d1bde0799c332b0ebb6ce317d18c08706e36b04b0c0768fabe89f90

/data/data/com.mycarroll.app/files/MessageId

MD5 c4ca4238a0b923820dcc509a6f75849b
SHA1 356a192b7913b04c54574d18c28d46e6395428ab
SHA256 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
SHA512 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

/data/data/com.mycarroll.app/files/user_code

MD5 b4445bfe5c6119c06d4f2190fac788af
SHA1 56632c990a77b0e93e10c49bd06e2fd471ca2b4f
SHA256 f4f92596204459d00683c2027e5b0d50c8cd2fb42646800b8a31bbf89d8a6b21
SHA512 18e39ef69b7883d7745f88a3b8206f07f7e9a302c96f146b76dfc9a150be36545b7c7ae86ce77af4a17b82c5c91823fb6bfcdbe6610ac4a5e2bff1b3e0a255d6

/data/data/com.mycarroll.app/cache/1

MD5 a67719fc9ddcaedb369fcaa37e6747b3
SHA1 ba404d09c4446131c592299b20327c2ee03530d8
SHA256 88b02f3504259aece2b09faf52258565ba6bbd804b454f3349754db22e834aeb
SHA512 9224ab66cfb87bcf6fb86c0faee388a882c6e96cf78162b9f2fb028e57dfafec0fcf450df42bf48f4c394022da9d4a23bc2f7af3405b80d112aad4a79390bceb

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-09 09:22

Reported

2024-07-09 09:26

Platform

android-x64-20240624-en

Max time kernel

3s

Max time network

185s

Command Line

com.mycarroll.app

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.mycarroll.app

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 google.com udp
US 1.1.1.1:53 110.201.58.216.in-addr.arpa udp
US 1.1.1.1:53 obscap.com udp
US 104.244.124.75:443 obscap.com tcp
US 104.244.124.75:443 obscap.com tcp
US 104.244.124.75:443 obscap.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
US 104.244.124.75:443 obscap.com tcp
GB 172.217.16.238:443 tcp
GB 216.58.201.98:443 tcp

Files

/data/data/com.mycarroll.app/files/PersistedInstallation301012949031762985tmp

MD5 c3112fbdb5c6d82c861787f637009e85
SHA1 fbed6979d39ea43f4c124349052d2306e8eeeb01
SHA256 a3e3d8dfaac5ec5174e19da4252e4656fa0c6e7d3ba21c454a50d225b022f846
SHA512 64f4de05b6691ef647b9f812393f8ca9d66b435ac65ec95c81e915a2520726e2bcf695a16ac03923bc65073e43e8b665351088c2033c0dafc019de853e0a2209

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 c00301e7e6602a9b7f71a64aebcbaec6
SHA1 e5f752f87c1b5be610efa05c053bf49dec173067
SHA256 f849a1f1f02c778ebf1adb9b11c98a821c2d816dc5fc2f11b2b2d68c62c433bd
SHA512 96d2f8cf5426efeac46a634e09b171b37d76c39c80076021f20b9a0135bc2c976d0819987a3be0c66eb2ba53c38a95e45f6fed49553caffd6dc9e8b707ef5502

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 4ee893d1b7a5a349c467509f719553e8
SHA1 82e25cb227c3b82dbb67c2d3986ca216c7c0263e
SHA256 b600cfc53ff6061c4923d95dd97ed4ae752cb5da900a0e9b4adfd953cfd6baec
SHA512 d7707873ee8faca2264a4ea57d271d2dddcb0f17de6d3da05bfa6884a7035d2ee3b777993d36a6c342b7475009bc04c109bb2ebcb8acfa4aad135d4dfe8414f2

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 eaa3ec61a8544448065c381db83de359
SHA1 a064a1add722418173d5bc26994fe9b09236e700
SHA256 cc2283a33bf23ee8005023b0525d5e7cbdc92a1f6c2484caf89171eb1fdd4a50
SHA512 abb26dd031578a6e3188e48a94dbe5f8d72fbcbb23f21f72623e3e57b1173408be71882907a2fb7e805a69f48f8150380635cd428acffb05d65728c2b3e7ee5d

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 db25f4b66de022ff4991d8d30832fb03
SHA1 eb75bf9a5bd4b6e1eb792e8e2796dc5ee4f1f99f
SHA256 a69b6374f9e308b0c289a729cc7a441a7c49fc36a884ed7546832e6cfe6f0c16
SHA512 7a9144d3759b18478c4db23239cb30b692daee48d5767c146eb4d9c18cb36cb9f4b427f64dc6d9ac52e4eb7cd4aa0450a1b7d0e283787ff5f4afc96b937e0efb

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 cae057ae3a12d4490309bbbc72de506e
SHA1 299cd1541d8960894b1c8fd17fdc0e797e0a9353
SHA256 cb5843f7e240f2c3ec4c8a233e4526361e9d7ed6738e57c5d7da77d2af66c360
SHA512 e66982f8598a8a7ff38a419fe6eecc8c2164f4bfae6a5cebfde6f0155a2fc07826c4ae5c167771310b3a01db1804715fcc71e246c6e7ab1d9dbcc1bd2dde9c05

/data/data/com.mycarroll.app/files/port.txt

MD5 6f8f57715090da2632453988d9a1501b
SHA1 6b0d31c0d563223024da45691584643ac78c96e8
SHA256 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a
SHA512 f14aae6a0e050b74e4b7b9a5b2ef1a60ceccbbca39b132ae3e8bf88d3a946c6d8687f3266fd2b626419d8b67dcf1d8d7c0fe72d4919d9bd05efbd37070cfb41a

/data/data/com.mycarroll.app/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/com.mycarroll.app/files/PersistedInstallation4802585745547801207tmp

MD5 7a91f59f3d07ca2184c2d017f9c93daa
SHA1 efb486475dfadcd711cdac2f1d3970ae18f6a5c4
SHA256 a7b345201e3e364918c503cffef9caa0fcf119c8b0dc8e00b8f28b9df7c333d0
SHA512 3b07da4e90348a5506d47a9dc07e000ec08598158318407351c0b69f829efa5fb11f96ee5414dfa2f6b63c5d7dd17b96adbbcf5723a6b72a7e474a231c5d7845

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 0839f8c581dfdf65880caba5a7616ab0
SHA1 ebdf29731a0dbc2e6a7635c5e0b48809c8a2604a
SHA256 11581246bba4375205b47342c742ef280de6fa5626eb189841dd217db7b95a2c
SHA512 18abe78b7e71eb5ac358e7b2e88ec558cdd1d25540148a6e392fd5668551b444b61d913e47cb0025346786948eac81743eff2b40e3c052650c7664dc2588ab78

/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 e653b1da206841d8a61a050e2cbe71a0
SHA1 5e343f13f2c47cb3174243388bcc9f216574e2f0
SHA256 df8bfddd04a7c17b5b5f82b5240ab00a7b9348b4c016ea9926a6e849cec1a7ca
SHA512 9e8d2f513778eaf5d47c0ecc2206d218c143e3ba7bd6d09b2cd0d15515be329da1f78b6e4b041525bd7031c42869bf6e25e465d24695c95302d8187b6b6cda88

Analysis: behavioral3

Detonation Overview

Submitted

2024-07-09 09:22

Reported

2024-07-09 09:26

Platform

android-x64-arm64-20240624-en

Max time kernel

123s

Max time network

132s

Command Line

com.mycarroll.app

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.mycarroll.app

Network

Country Destination Domain Proto
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp

Files

/data/user/0/com.mycarroll.app/files/PersistedInstallation4779244433340771543tmp

MD5 8a44c9616bc3c6d52df7b2efc0bc328b
SHA1 dbe304ab2c0a007272ac01b2b649e9c1992ea47c
SHA256 cadb4fd814f1c74eaa5a49273d125a6e37d099f1ed45bbece18193b6845b8450
SHA512 949c5907e38c10cc298382f49e2c056ad42e6a6eb6808fd542ed16981bf26aec2da172c498f157b1c067f4b14665b5a7f95c68e62fe7018c2bae2d602644c48f

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 b08daedd1ae074f42edb6aeec1949d39
SHA1 9eee155c318311dd8ff8d75e7be076fd5185d8bb
SHA256 d9a0b23779cb054e85f1164346c883b678f063c83cf63be6210bec5721fff7f6
SHA512 b805858d2f383a5a62e4b2cae1f049f4d804d3f588e0b496dc629989bd900e017c9588f5bf00a1ed35b6718d9256acb8a382ad557726b2849a13d439cae52183

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 be3d2d6cbbb09ca5d69423daf439134f
SHA1 88fdaed32ebd44b1a0cdfc52175c28bba44b17d6
SHA256 e99b5bee1ce51d843c4700958f9ca760f829531fad677862decba7b1510db55f
SHA512 fd56e94ad23a774e2e22d866ea347d3a312c1def40a755c2f6ba6323977ad425bdc7e147daa4d1f73418c2393151ab6ab4d33e7cfeb83c03280a9033e592661f

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 13b7a8ec65ae49bc4981a34007aeff25
SHA1 ec115adbe3ecf4dd4c27f6cd9ac0ee22d9bccc8b
SHA256 e9071e52bf33796e63335eedaf4b885f6d332eec78a2723d868b4a9a668878b9
SHA512 87072947a392e797b46c6471d0c381735dc961217fc3fc3d92333c6096996f2453e190a9e71ba9226f2915f8338fa9ce4f01d412693199003f23f46ab127a653

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 6235c3e3e174c956d9b4549f51a7cdef
SHA1 77245c90dcd9ebd57eac2f164565c3cdc899dd8e
SHA256 cdb1da4da98c0a6ebcd89e9819bed953e47f86649ba88d57b707888592d97190
SHA512 2833d0ffd70051de599adb53e16ccb8567b6662cd824efab6608668806dea48107d815fddcd5b6cd80b0ca0b17b5a3bf686f1b351565add0f43500ebb9fc81cc

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 a1bcc4f242479d4c7c166a29f2216203
SHA1 1debcda38126f95f5b1d4f67127f70a31e8608a3
SHA256 83a7e87307541928386924f23cdc852f72ed8bc1d00073a21e301b0cacae278b
SHA512 396c5345af7a2b74d8cc4fc29fd5ad30978671b84493db9c255e784ba5a35dda015069929a6d58d12811930bc8fc0b29aa2a3b703196aa7421aeb39d102cce31

/data/user/0/com.mycarroll.app/files/PersistedInstallation5060631681483169087tmp

MD5 1ac95af3a5754400e4c05dfaa49701b6
SHA1 19921d03f1ed61691a9224030b2bae18926ea300
SHA256 ada785450d6526e3815986345870bb60286227851dbf54bb252e5adc4b7ad48e
SHA512 ce8f3c78caa959d1749ad98ff8e1a9825bec3b5b5de6be4ae85003efde08a9c824a937d5b1c36222fafb5187cd2e8c6e947ab79b299453cfa5622a4d03833fbf

/data/user/0/com.mycarroll.app/files/port.txt

MD5 6f8f57715090da2632453988d9a1501b
SHA1 6b0d31c0d563223024da45691584643ac78c96e8
SHA256 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a
SHA512 f14aae6a0e050b74e4b7b9a5b2ef1a60ceccbbca39b132ae3e8bf88d3a946c6d8687f3266fd2b626419d8b67dcf1d8d7c0fe72d4919d9bd05efbd37070cfb41a

/data/user/0/com.mycarroll.app/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

MD5 a57eb40d6ff81aaadd8bcd5b0be58599
SHA1 272cd8b001bae3d780add216bc144e77ff3e50f3
SHA256 bfb7c0a80a1608222e4001db5c8b68af35bd854de2e490d01f79e6240fd4850e
SHA512 a9e59367970c55e50e1d18852fe0ea33178eb41bb4498f00d0f417ffaa67567a0a6d9d9f9880ef5e93b272b1a6d68ce3d51f4a99d998fe30cbd284b9e3f81268

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 e73b7190488b18e96154c5ce40e4a6ae
SHA1 e6516f146cf3552bdd521ccca956d6d0d7a4ddb8
SHA256 906efad5ae6944c6c0d8452d0562bc2235fbfcded098e4d5ec60569d22c0d2b8
SHA512 b9aea0ef231c7ddd52759936d2420f2fbd0e3e723ad3f5368080da82b53ab6e29e6c19839bf315d924c4c2d33e92fcb7442d9ddc5a3581121fc8464117b0c03d

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 9e93ee6ac871f7a2a78469342ee11818
SHA1 e97af15708a36f2ccc46eea7ec9f7eeee04646d9
SHA256 5338254a330997f066a4f6d82cb2dd3b40096e8c0bcf1e3892897f4535c10c7d
SHA512 db009a5db94beab98406344b6f66f6bef296511385eeb2e070e7fc800001dfd75a31065bd480e0ce8f8dea6385bd3d96d6a2ab4916edb15df2ef07b05cb54a12

/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

MD5 d66c36cc59bfb6cd9f9c967f6fdd01db
SHA1 efa01cdc7e93cf6a6245df4b29787fe58e9a8826
SHA256 fa85ad28356658119d96d33c40ab5d24ca02f8538884cd3766887fcec18abed9
SHA512 1049d60cd93fdf85289c573e6a66c039f816b010bd00315877d5cae48f0aa04c3f918cf744721386bb355e0acafc176e37804f57a96306e29f34d4dadf9d9b0f