Analysis Overview
SHA256
9ca1f601e4a014349e56f6cd07f44d0ecf2d0d2bbdf75841257714161b61c581
Threat Level: Known bad
The file 9ca1f601e4a014349e56f6cd07f44d0ecf2d0d2bbdf75841257714161b61c581 was found to be: Known bad.
Malicious Activity Summary
Antidot payload
Antidot family
Checks if the Android device is rooted.
Obtains sensitive information copied to the device clipboard
Queries information about running processes on the device
Checks known Qemu pipes.
Queries information about active data network
Queries the mobile country code (MCC)
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-07-21 11:53
Signatures
Antidot family
Antidot payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-21 11:53
Reported
2024-07-21 11:56
Platform
android-x86-arm-20240624-en
Max time kernel
71s
Max time network
154s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/failsafe/su | N/A | N/A |
| N/A | /system/sd/xbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/qemu_pipe | N/A | N/A |
| N/A | /dev/socket/qemud | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
mob.play.rflx
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | = | udp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.col | udp |
| US | 1.1.1.1:53 | configv2.unityads.unity3d.com | udp |
| US | 34.110.229.214:443 | configv2.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | adsmetadata.startappservice.com | udp |
| SG | 138.2.110.152:443 | adsmetadata.startappservice.com | tcp |
| US | 1.1.1.1:53 | infoevent.startappservice.com | udp |
| SG | 138.2.110.152:443 | infoevent.startappservice.com | tcp |
| US | 1.1.1.1:53 | m.media-amazon.com | udp |
| US | 1.1.1.1:53 | i.imgur.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 1.1.1.1:53 | webview.unityads.unity3d.com | udp |
| GB | 18.165.227.78:443 | webview.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | info.startappservice.com | udp |
| US | 68.232.34.193:443 | info.startappservice.com | tcp |
| US | 68.232.34.193:443 | info.startappservice.com | tcp |
| US | 1.1.1.1:53 | trackdownload.startappservice.com | udp |
| US | 150.136.215.59:443 | trackdownload.startappservice.com | tcp |
| US | 1.1.1.1:53 | sdk-exchange.startappservice.com | udp |
| DE | 132.145.224.90:443 | sdk-exchange.startappservice.com | tcp |
| US | 1.1.1.1:53 | thind.unityads.unity3d.com | udp |
| US | 34.107.172.168:443 | thind.unityads.unity3d.com | tcp |
| US | 34.107.172.168:443 | thind.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | auction-load.unityads.unity3d.com | udp |
| US | 34.49.168.197:443 | auction-load.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | httpkafka.unityads.unity3d.com | udp |
| US | 35.244.205.3:443 | httpkafka.unityads.unity3d.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | firebaselogging-pa.googleapis.com | tcp |
| DE | 132.145.224.90:443 | sdk-exchange.startappservice.com | tcp |
Files
/data/data/mob.play.rflx/files/PersistedInstallation1080125353996334658tmp
| MD5 | 8594149dfd6d2f2fb8db68c224f4bd13 |
| SHA1 | 679d45662443ca3190241e7851dd15f9af71d1f1 |
| SHA256 | 2265df708ca8fc6dfb7c1f3bde4c4ec711194b075437385aae21256e87988167 |
| SHA512 | a57a6b9cd42aec72d4b0650833342eb06c66fc5bb725fca0a5d73cdbbc72e77e7d845ac8cf283a4212c71b6d747063f916cbff0d8647b2666062875e1a0fe6a0 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | d1a4a29cbad79348beadbf63e8aca70f |
| SHA1 | f99f75f53f3298db17b271661fa2696e6447b7e6 |
| SHA256 | cd205a19f70eae073fc603103c26a3065a7a246d08fedcdf63d642d11a7ec479 |
| SHA512 | 7a79dc52cbeb7da8408b72bb7664f81e19bc26461d19f3b0350d402927588e93f0da5b524d1acd7d1591adcd549779a8898b2511fe99b6c9e98ced54a9f4ce2d |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-wal
| MD5 | 184c527c62e438fb74fe72a3089413f3 |
| SHA1 | 45f09950588769710583a2dc485c40f9049f64f1 |
| SHA256 | 7a6d9ece517332ebf5e1f1635d1dc942d7afb01eb968cb1559d007f53e4815a4 |
| SHA512 | 3aa73d9ad792e9a8680c9e645b4ef8f969d1acee922408eba672aad6a874e8dcef5d77e26a3b46d20f3f6911ed4edbf3eac6587860800029ac1c8e32f209ffa9 |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsTest.txt
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/open-sessions/669CF6CC0378000110D466BE6B018C7D/report
| MD5 | 60536323e5af7a670598d4eef181795a |
| SHA1 | 82fc3d351ed842dce4c06144489fd6ca54c32e16 |
| SHA256 | ee2f2422e47220980292ec03fb89d6e12a087dec6f5ffe5099958347a4345b84 |
| SHA512 | 7a9e82a2e336b889bacc441a7a6e1c98905523ceb11ea2d35a77b7a355ab581bfc17793b79a048e50f480cd0aefa182b543319ff07f43196f95d68ce183b15cf |
/data/data/mob.play.rflx/files/UnityAdsStorage-public-data.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/mob.play.rflx/files/shared_prefs_sdk_ad_prefs
| MD5 | 65026ee778e1372d9f4aed742772e893 |
| SHA1 | 5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc |
| SHA256 | 15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c |
| SHA512 | 589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616 |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | cc55fca59467fbca9714c267912f6955 |
| SHA1 | 7e4baf3d8b0fa5714cbada979fd2aca0bb43e1ea |
| SHA256 | a16d8dcbc86503dd587a203dd3f5c059760bf933538f6f5de833716fac913db9 |
| SHA512 | c464f31d20b0dbbef2303df2009fc7a0fce98bf8a3349244567eb35768b7db8414b6866a9d34e99108ee9489bf09b2e9ab3706bc08c153e04cf25a910ab9994f |
/data/data/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | b902f8fe0a4e2342ee76e766c7f0f192 |
| SHA1 | af5d0ea551baac9b6fd769585d3cc551ffe87417 |
| SHA256 | 3d99898a52313906f5cbe66f779301a114fe0ea8f2d4153410c479a8c4d9f5bd |
| SHA512 | 1f1de122a74b3069a235f40405ae9ff85e6cf351d8b984483971904f0d5acb12bb99bf814f085bb0f46c6fa0a41b3d62b940d9c93a574c86ff117d1bb77f434e |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-wal
| MD5 | d9838bdf152baeb71db50cfe315ee825 |
| SHA1 | 7b586e7da15c0f1300f3aef476c5a8ede7ad50b7 |
| SHA256 | cf04b286a6cf8ac6c668de6dc99f39437203a6ab1491abfe9d3cba78fac7b60f |
| SHA512 | 1ec67839bc2ea09520fef57796c8699e71e56c72fb1091e26080ec2f59bd06fb73623dc0624c364825f1899e8c9eb2079b92bbc47f822c71d004170e7026b412 |
/data/data/mob.play.rflx/files/PersistedInstallation2057772360694260278tmp
| MD5 | 82821ec6a868d67d209762d516b8f384 |
| SHA1 | 355e03e2f0087f7a98654ed6f508f91cd36e732d |
| SHA256 | 9851d976120212fb512e51fb8184980cff9547f51433c5b9255f8a8a34e5e3c9 |
| SHA512 | 52738c080d606799d3cb9175f5834bc8676c5620392256c379a0d80ce52e97a4dda7ce7f95b86b785e3faf1f04970a75897e2ceaec3d7c242d6283caabf3dfa0 |
/data/data/mob.play.rflx/cache/image_cache/journal.tmp
| MD5 | d6ac8c8db0504502d7f0e057a78c5ce3 |
| SHA1 | 8f4cf91a262b24ec9c1a6e7c41fd6d16b6623bb4 |
| SHA256 | 8f22a32cd8de58916041d1097976f2b9c80f7e9a18593d5a6b058bcaed17e22a |
| SHA512 | 100e74f0c65b51a17de6eeff96d5c38bd6d40e3c8ee00094fd906ba5794088fe1ad6f3a15be196480384cf01399ea26665a05471404f1eeebb0c82ae6fb104bb |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json
| MD5 | d165470950d875a5ef05e52b16fa2b71 |
| SHA1 | 8eea6374a2f17e04a9265785fa1c805c4c3468dd |
| SHA256 | ec0f12a51524d344321180bd9e3a0ee6056b5a7a563e1c42b5f1c8a9fc9c334c |
| SHA512 | 41e5625b05198d45d337c55cc8135651bd11b2e34ad264fa4ccc2766b1efa4f5988768b3323950df1bd523144bb759db5e591fcdff754ba7baf669c67a1383db |
/data/data/mob.play.rflx/files/StartappAdsMetadata
| MD5 | c5ec03049f2a725dbe8dff5598ea7afe |
| SHA1 | 3272e70169bcb264b8072dec2dda5c2d2f7432a1 |
| SHA256 | 8d11f72942817bf46c3b47ba9e7892b70b5ccee1e01116804ac1d5b683c48840 |
| SHA512 | 8d0134a29ef6c20c39e755d4d36fee2c119ae32d6f05d1d62c8ccf116756f216e8a9825a5cfdd576576d79c9bac33055b47216efea7dd4f966a14111680588c6 |
/data/data/mob.play.rflx/files/StartappBannerMetadata
| MD5 | 1464bff0fd2bc323b44f3019e32e43e5 |
| SHA1 | e723343e3d4bd22bab0510ab4d1233e346b4a838 |
| SHA256 | 5225c5f27e665aa4efe233d9efa63a60e7a62171ed33c1667cbb5bf6b92e44a3 |
| SHA512 | dcfde2c757c5b83ed0060792c6900f1e2614410a2441563d2bdbadfc24326f73f2fa0fa7f2b7bd4555aa2a2b03c15e0ac3d28ad4836e0fda5484f00f8f2eac01 |
/data/data/mob.play.rflx/files/StartappSplashMetadata
| MD5 | 84d44d07ee0cd574f5c73907b7a6055e |
| SHA1 | 19c7bb2bdf7f98e4ec69bbbd94981fd6ef8966c6 |
| SHA256 | e0a6705cbbe7af1c15e10c45b471bfff79dada9044f17fb7226c8fb6460f7ca2 |
| SHA512 | d8ecf9b58cb4aa25d14be75bdbd5c941dd5ecc98b85edd26110f93da78b552d3264b5458ae1e26a489f66e0d4771dc147d8afc73b6532a795e6457e27aa27947 |
/data/data/mob.play.rflx/files/StartappCacheMetadata
| MD5 | c41164d8f5044093acc85a4f93b1ca1b |
| SHA1 | 2001e355baa615da01da5bb8b60c88f64d0e57ff |
| SHA256 | 5e478ae54831bad55c4dcda78db4fa071411c98ddf9d057ff557a36b1cd9c3e4 |
| SHA512 | 3812f2c85d4e24df3e68b0912a2dab1d1fff198ae0cd8c238e925239b19a084cbf2d58831bf5897ce764029f28bbe515b98acfb940ce985280beb9cf6251c57d |
/data/data/mob.play.rflx/cache/image_cache/journal
| MD5 | 296a35b34a6f6d3416345894df2b7ba6 |
| SHA1 | 3300ce21a09c34d8f7f1d08d64a10f421260d36f |
| SHA256 | 285acdfd5c4d19b04043d3381b54cd7362f72d80d632bc84cc22a6a5f18b7e22 |
| SHA512 | b019c9f946ea6e6ddf3f0aa80e1c25d36f712c1c4129b0faef4c7fa94ddb3e0bcc38ee34c09ab3aaef066052dc20189796ab8241e0cf26972c58edfed0b05219 |
/data/data/mob.play.rflx/cache/image_cache/7ae6fd055fb6315850cb90047af09a0e39b7d21bdc035e7e1427c49364d46071.0.tmp
| MD5 | 91caf4fa77feb35b1c6c7075c304413e |
| SHA1 | f9f83ce433ff6dcbe4279a7e71ef86735cc48f23 |
| SHA256 | eebaae33b0b25ad2e560640ad7570f1340ecb472d491c41addf2e8b6a82cfa50 |
| SHA512 | b79a2709afaf2a2138b35756d784204d72bb376b8164c17bffa3e1cac176627bcae6762001cc95c6b40d03106adb8029b840044ce8030b7c5ef316de5c16153e |
/data/data/mob.play.rflx/cache/image_cache/e23018f4ab59b28a7f656987e73a576d1799266feb9a887f3e1a2a68de2f2949.0.tmp
| MD5 | a12fdf589e78f18dcf9aef937ac875e4 |
| SHA1 | 1118b54f3f3ae5364dec700470479ed625700c1c |
| SHA256 | 04891aeefbfcade565792b95bb0c94ffa7b9227bbbaf5aa928db03507b1c5586 |
| SHA512 | a0dc29c184314820f033207e3081f59981e018a05b05fe08d412bf691ba5369bc801e3b8666dbb275dfe1e1453133ac9f142c93bcb16de1ea7469daa96d4a3ac |
/data/data/mob.play.rflx/cache/image_cache/7ae6fd055fb6315850cb90047af09a0e39b7d21bdc035e7e1427c49364d46071.1.tmp
| MD5 | fda3ba51d2563ae877262ab24a991ecc |
| SHA1 | 9668c8c5c4992d7e670a2a3a4cefb3787e86be8b |
| SHA256 | 0e004cbf60176d9250cf944f590b71be498ac6dbde7ded9b21bd2385128cd89f |
| SHA512 | bba32cc25a6925e3c57e1a1ef0c05fe8af52b9d69f69e42f3221c760db83705dc6e13362654854f5fb1aca9aebfb1a6811facaffa4cd96072769a1128b69eeb3 |
/data/data/mob.play.rflx/cache/image_cache/6a6bcad317482f3e63a6b153b8064b8c8da8181e7ba0556e036c1388db7f8c02.0.tmp
| MD5 | 8304563e8809973a5a04b1a998013ebc |
| SHA1 | 5860cd88c9f5f1b157400ac1c8672e33883d6a4e |
| SHA256 | 9d5363de27a270b97c0f9fc4d767a4e5bc1888dd18812f8553a39a1e173a8978 |
| SHA512 | 3d712a538e76308c498d8e32d152c0cc4c1b5b0e2de5a89b8e98675d4c106e54aa23640990f4cba31c4a44dbe9b2c8af41034bbf0b3c63904cda97c83a5a3f85 |
/data/data/mob.play.rflx/cache/image_cache/e23018f4ab59b28a7f656987e73a576d1799266feb9a887f3e1a2a68de2f2949.1.tmp
| MD5 | ffe181dfc72cb59bc2940e89840a8655 |
| SHA1 | 4929cb34a0bbb8e28d0c0234d98a196df29ce559 |
| SHA256 | f75edcdc1707210faad9433f90ab76ddc115021ef577f2d4100e9680db86eb7a |
| SHA512 | 501d279f6e4043988b6085839544d4040b73df092204a135e64aee387fbe627f572b4dd451e5e88e386b961522674d677f5d736471aca148dd5e73d1f06c7d6f |
/data/data/mob.play.rflx/cache/image_cache/150ce55074a464f003cbac3e1a2b1c4b3dd5a1353ae34cb113bd6ae9ad2df3bb.0.tmp
| MD5 | 62a0bef2e5307ff621e46f4f26567e42 |
| SHA1 | 0845b678ede17ce1c850683bd4d26f23762fcc22 |
| SHA256 | 50b4e80b9809125e0261f36f7e4355860ec45ca2ca0a8fb8e2e7effddeaa85e6 |
| SHA512 | ecc2fd752ed22168ac96a42d81123cd290874043b413dbc5e4ccc0c3e3be8d9f1270f2ec5b5226935396dc4148f0a5e1557cba5effa4a1660a9d2ac8c0a2fda1 |
/data/data/mob.play.rflx/files/StartappAdInfoMetadata
| MD5 | e2bcd2165a6cf58ccb9a18feeb319d93 |
| SHA1 | 11b5f16f4c4e419af93dbdb5d1b766ae862d2026 |
| SHA256 | 8cc77606971661dea6d7de35bdd090567ab4b91287ca50c5d5f0f84516de3ba2 |
| SHA512 | ef0b6ae3dc75c588f0509ec45954505462eeae00854c55a82fe8bdc62857c8ca2834f1affaa354ecd582fee2263b59ba39cd258d1ab1ff409dfe43b36081d3e7 |
/data/data/mob.play.rflx/cache/image_cache/6a6bcad317482f3e63a6b153b8064b8c8da8181e7ba0556e036c1388db7f8c02.1.tmp
| MD5 | 4a2cf19ed9256cdb59a73531a3bcb588 |
| SHA1 | 058219382c255b8e40d390845335b6451e0a939a |
| SHA256 | 8c5b3eea0736712abb344095b8a362323105cdf5ffccd772d5438c43e814136d |
| SHA512 | 325353d1ca0d7be8eaca3710b8d53972acdc3554dc1d2aa96c180a26f4f283264d35fd4bcb53f4a05ebbb4ab44ee5b4046e1e9a6fc90e4a10506872af3c97c92 |
/data/data/mob.play.rflx/cache/image_cache/150ce55074a464f003cbac3e1a2b1c4b3dd5a1353ae34cb113bd6ae9ad2df3bb.1.tmp
| MD5 | 81742588303dd0c3403427308754da5d |
| SHA1 | d2ee73da6a3d47a5c08b4dc16a25dc7f6db96324 |
| SHA256 | ac594d293dc889245ca7560b4bd013aa597dfcda940118f9031c88884a38cb23 |
| SHA512 | d929733bf20a958ba3c895454295f137ace169c930ef4731111f5508f27da5e250fbd64c09ac7848e830c227bc6bae2d529d0f96067d21c6a698e490bbbb07dd |
/data/data/mob.play.rflx/cache/image_cache/fe36d2bb575473fd65d6d20d71b8fc8a89b7d27022626b9089602946a98f85d0.0.tmp
| MD5 | 31394eec82024db7ef4aeb9559720cd7 |
| SHA1 | 42faa16818d84fcc57684b3bd7710ef52fc5f1e4 |
| SHA256 | ae2343aa0d6ed7afb7179aea0b823ce2564c43274b7e6a0fab35187d2d377df5 |
| SHA512 | 965a3f50ba5fd430132822e9245145758c02cdea6418e1aeb6d6458fd129991c58d080bd341813268d8a30132de884eec01a10ac7c5d16d54cf82544c6fd52bb |
/data/data/mob.play.rflx/cache/image_cache/9f818cf05bf8d244938d40094e27880365128a0510357eeb619f6bcc2c31755e.0.tmp
| MD5 | 4e19ba5bf7240214ceab395b9df7e445 |
| SHA1 | 802d4b3a4c0bd5a2556387464fd304ba58394c07 |
| SHA256 | d96bb6ccf99a4f74bb2f6e3a97a04877c1d33d84aa4ed4d3d520defcd1b55034 |
| SHA512 | 90e3c038ce71a9177097dcfbd4c42dd5a8455d10a583240771bfbc6c0febf479cc66ed617419c40737e67e84c884735213e4762a8ecca172cd642dccbad91a96 |
/data/data/mob.play.rflx/cache/image_cache/fe36d2bb575473fd65d6d20d71b8fc8a89b7d27022626b9089602946a98f85d0.1.tmp
| MD5 | 0db8fc28b5d233ab557346799f68a4b5 |
| SHA1 | 802b822e4212b5dc78fc106b77e741113350839e |
| SHA256 | 98811f419147a645db5335ea45f42abee877a3fa77fab5dcc274158f51199b62 |
| SHA512 | 9211db28ec5244673e7856ba06acaf1ea766f94b8d2a92d310b43cf434b544c310d4c1db7b6efe726d69d444a6a4806851829cfb67c2a82a85e956315c74eb66 |
/data/data/mob.play.rflx/cache/image_cache/9f818cf05bf8d244938d40094e27880365128a0510357eeb619f6bcc2c31755e.1.tmp
| MD5 | b413347912d6cc6841d4787f135d1bac |
| SHA1 | 76ce078af4c3bc6060638a7aba2211c8d9c53127 |
| SHA256 | 670afeacaf73b2e6bd946a728941e729c59826ece96b6a2d08c295e62f554b55 |
| SHA512 | 235d7036f06ce4720a77e0634022b836ec1447d5553718e7a9a3ed29dcb78dd323a89f2024751b9869f87ac88add9fce01d88b07dff75c80fcf3f62d8d4f5bd5 |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsWebApp.html
| MD5 | 60613793d0bce882b80f2429f3b50edb |
| SHA1 | 48b22e5a190e572e9014a10c4a4543e57f2cb332 |
| SHA256 | 92eadd3cdd8a390d38fe5df7c795f9398dd143f7de64937592ca16b69e0cee54 |
| SHA512 | 81e13b31b28f27abff6f67a827e4dbafced5d0814d958010f04f741a45aa3d5b0d991e9672f72e93d6d9680e0104a865ee33a68c29ec976c96c0743c89500993 |
/data/data/mob.play.rflx/files/StartappMetadata
| MD5 | 59b416585ff92ae222c818c093b55c07 |
| SHA1 | d01be515322b5a434c904dd8bfc42dbc1c924626 |
| SHA256 | cf15ff193b31cd29f0ae3a57b5c71181fb38580631e1676e5df0e073bf61acab |
| SHA512 | 4b762f575cf9cf1d5f80cd84bc8b8378c088894f2a154b652928c7d04a8a5004d3a15798ca47ff45411dff43f7611e5845ae460a66de4e04504a0ef397fb6389 |
/data/data/mob.play.rflx/files/close_button.png
| MD5 | 4d332a5c731fb506bb4644c91c38f5fc |
| SHA1 | 56fdadb5d38b29161910b3c89ce57b1aae67733a |
| SHA256 | 43e7ff284e786cced9a54218970d357ff06374836bc1791eb63d9bf26c6a3784 |
| SHA512 | c791b70329e32559d99f0259b38a832bc849768cab37973567a04fe8f66e9f5477136014ac17d16d1a0df0ca0f4fdad86d6a5f29581c85068b7979fb9e73b7c6 |
/data/data/mob.play.rflx/files/back_.png
| MD5 | 527385c9a7dadd870919fb95ce4ff227 |
| SHA1 | a83ddb0ba89e4f83a07d6e0524d6ea900e800c2c |
| SHA256 | 3df2ccce7702c69051afd3fe66cf99e3f07e86d354956eba3888ddbaf545e717 |
| SHA512 | 3b2f1781552f701331e91eb46fd38a982b2a9de8eb7259e912a710c63399fbe86fcdbe4c41fd8b8f34b99773a94cb02024e9ec64c38aeea68ef378de4f842355 |
/data/data/mob.play.rflx/files/back_dark.png
| MD5 | 74860bc33c04b72a4848a5d7b97bec5f |
| SHA1 | 336856eed4d49ebd0d429877822ac5781b4a18eb |
| SHA256 | fb479f88bc809d106fc15c465079b19f6027a01ecbd0d79267147c0529adea69 |
| SHA512 | 9b6993ba917c3a687b0df03deaf9e5e6ac41d3606ef148e259eb32de8c41203249063059a11bd598b860f2e3d795c73cd339c5325f80a2623745e7003f6586aa |
/data/data/mob.play.rflx/files/browser_icon_dark.png
| MD5 | c954c504c75c8ba2b112deb64869f78d |
| SHA1 | 5b594778f7a5bdac4e41de2d6c81225d5e329e0f |
| SHA256 | 37ee870f153d26b3956abcead4c45160b264fde6ca016bc2d330e9e36060ee46 |
| SHA512 | af1705681c3a2ef83427c853d310bc2dd6159f5db1c1b5a5740431a5a928b4c6541dcd5e3fcffd6c06697b87ca740a0ce2473e2cf141f21ee13730f325d4403b |
/data/data/mob.play.rflx/files/forward_.png
| MD5 | 795fe2fffc9505398b787eb2f15f440e |
| SHA1 | c124812df2fbd8e4a65fb104aaab352ba300a57a |
| SHA256 | 976cb8c0c715b0b0e8b4769b51af1a08f06a4823d69b1f5284fec4531da21fb7 |
| SHA512 | c698c060692567afea47446d58d32e92b0bc922088c99e175f5125b264c20d425fe7dddc4b0d70fe9f53d41cfb87ef52965cd40934f21c9f5e2b9281dee72389 |
/data/data/mob.play.rflx/files/forward_dark.png
| MD5 | ae1702688d33694b08e2f990527fd179 |
| SHA1 | fccea348af9e98608b152c1e35307d04a1cddeb1 |
| SHA256 | 87916bc88b54b8602b2f43695d34b196b5cc8948ccb6576b24cced2feacb245f |
| SHA512 | aa0aa7306867900ec765e0645e2666ae1a913fb1bc67ba205b3b80d1b37089bd8692c2b34fca233ed3bcfe89a42f095a375df787d5c29ced86bd040981110d2c |
/data/data/mob.play.rflx/files/x_dark.png
| MD5 | 2e42562e9d02dafe67ac6404f58289b7 |
| SHA1 | c37072894b2169be2643dd5e541ff8dfccecebe2 |
| SHA256 | 2f70939006596d2496c26284508e70ef260968eae1385c220e91e74b58e0d13a |
| SHA512 | a65a9fff0c6e17c322d0f0d6e0233fcca6d701a331a0fbc7da7eb21474c11875bd0e3edafc6c1df248ba85f22fc47b403d5668316405adcd8f6e4907a893d3bf |
/data/data/mob.play.rflx/files/empty_star.png
| MD5 | 136e73ffc6805e043bf61a12b3755b1a |
| SHA1 | b7bd8ee6bd46f7bf3a2f21879e71ff4684e56361 |
| SHA256 | ecf9d2a4448842086066d82fecd6ec372497298bfef3c8e3fd17a97187a3e7bc |
| SHA512 | 62a12a8070955026e27e6c146d46bc44a345b0b4752e1c45487f06224e11c42490344b259ee6fe51fb6e9847cf4146abd7d4fbd0274d0f2c532868bc4be5d527 |
/data/data/mob.play.rflx/files/filled_star.png
| MD5 | 4ef85932c17e863921c9bbdf1394fe92 |
| SHA1 | f3811986d3648be1ca89162a079aff4644fe26d7 |
| SHA256 | 0d6e7d7a915944adfb498a45a6db96efc77d0112ba1f374461868e257315dfa3 |
| SHA512 | 1ba7939efbd515f81333a155064e248de27b2c70cc71004136ab9d3c61ad34baab7f1d00529e1c78d4cdf11deddbad2376d27d5ab1af699a9d29c5b5da7f4db1 |
/data/data/mob.play.rflx/files/half_star.png
| MD5 | ba75be02cd7e410fa660a1783b0fff3c |
| SHA1 | b5b60389112f5c6179878423c6c97eb5ab1680b4 |
| SHA256 | 77a060cb9e3f9a5eb52654135d00106d36208f3d38878ca3b752ca1af85cf42d |
| SHA512 | 9985e466e1652eed843a9dd97832b8ee9bad05cd591a4b17548e876ac65c6cfa4da4f46e83dddf89f9fb1924d92dbf21ce13e66059d5cc7dbe0500cf0c0e7b0c |
/data/data/mob.play.rflx/files/logo.png
| MD5 | 5f93b7b61e5bcf973fd93c049061023e |
| SHA1 | 7c154666967abc13d9d38c9b79eb6933db64566f |
| SHA256 | 4e537f889054c9f1dfb4b1a30c34ea180310dbc9b9bcc9123605f0f802a24557 |
| SHA512 | d96bb4c9daab3b2a72a3d82682a8f66ee85a0eb525a87afd13f46de949ee8a02d9a560da6584ecd658681c93a13df03d9a0f57382fdc40f56b2541a51e858a67 |
/data/data/mob.play.rflx/files/profileInstalled
| MD5 | 5801d4c9b36d5efc59995d651a5efd39 |
| SHA1 | 13b7a7ce97e5e1fa09b21d4651d63952140972bd |
| SHA256 | 90b6af0d77258133bab4501a9258f87c6824dc1f0758e5a3835a2cebe93a3be8 |
| SHA512 | 9dce026bbc1eee740c13dac7a4b5fe593c4cf483e13db0eec5e138edcf6e356f0f34e62f132a12c273daa39cdc14e6aed2deecf7d4744cc0c585cb8468b48c1f |
/data/data/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | ba09f769db9a9e4193df322cec932af3 |
| SHA1 | 6044706d182117e1017f3689a4998a9580928d01 |
| SHA256 | 1e41223515aa9080e662ccaf3ed44bfba5e5be2b5a86fa426b60f441ee5de607 |
| SHA512 | 4e6194590d5979719c6e0870b25c3388f5835655a166dab81d15416efef1f674c89a69f485f77faeb220e5e66041d05ad86ce61835ecf32d89cc779281d621cb |
/data/data/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | 1caf17539732075329cffa69610a69ef |
| SHA1 | dcbe98b6bff628bf1b5698a4113f8dd236ba7112 |
| SHA256 | db337ff7e2c5474183473c8ae8ecdc0719ba94d53ba05bffa8fa84b74620d30f |
| SHA512 | 270889df3cad4672e7a066018a48ea32270be1f6e107937b9d1e35e36ee7663ab846b870bc03afb5826a7a58cbf2aee5d7a1a2ba90b1c2ea844acfc26043eaa1 |
/data/data/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | 721e2b4e54ed873b61f218adc4b62f8e |
| SHA1 | 125c84e0536547a07014593d4b6531d1cb89a36b |
| SHA256 | 20df350dcde73072d7b6cba86dbd9041f3b505a8bdd325430926a025b07e1635 |
| SHA512 | 742ab4bbfa53495f12a5014eb511661d8f9c276659dc3361f834c595bd08d569f9578dc1991d93781df673b42a6ca56d3002b2ecc935f56397e7b5992792510c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-07-21 11:53
Reported
2024-07-21 11:56
Platform
android-x64-20240624-en
Max time kernel
118s
Max time network
155s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/sd/xbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/failsafe/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/socket/qemud | N/A | N/A |
| N/A | /dev/qemu_pipe | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
mob.play.rflx
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | = | udp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.col | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | configv2.unityads.unity3d.com | udp |
| US | 34.110.229.214:443 | configv2.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | infoevent.startappservice.com | udp |
| SG | 138.2.110.152:443 | infoevent.startappservice.com | tcp |
| US | 1.1.1.1:53 | webview.unityads.unity3d.com | udp |
| GB | 18.165.227.78:443 | webview.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | i.imgur.com | udp |
| US | 1.1.1.1:53 | m.media-amazon.com | udp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| GB | 18.165.227.78:443 | webview.unityads.unity3d.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | firebaselogging-pa.googleapis.com | tcp |
| GB | 142.250.200.34:443 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/mob.play.rflx/files/PersistedInstallation208888431781879765tmp
| MD5 | 437f9b314eae48d579077c6ab3976d3d |
| SHA1 | 988118ba2712193dd4da4238193d79d77dfab902 |
| SHA256 | 12c9b8f774eec00ffaa651ea54a8c1f9ca95eb6500285e85588abf29bc73e065 |
| SHA512 | 48e459f274110f99001ae63ec2b0e43976d7bab58435b3bc77da021e6a33541a1fa91d7c213c3da5ed587465d846c3bf97e088dc5caa0562a10e0456e1cdd126 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 81a40d7d9c7cf9bcb7d66688d1ceb162 |
| SHA1 | 9f534db28642442758f671f9e92c7e292ec1e5f6 |
| SHA256 | 688dbb72cbaae65399836c034b02eaba8b7df97d9af198432c7bb6289d046897 |
| SHA512 | cdc7d534a4e714fffed465f2b7e014b42e6e622ba4b74179befc90987b604485c229659b4333060dfeadcaa5a19f9ecda2fbfcac0ee6cd5853ef3b67e79a307f |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events
| MD5 | a4385844cb3e241cd88ac5d50662ff06 |
| SHA1 | 95d39aed8619cce77bfef45502c38e92c9bc8103 |
| SHA256 | f59f82c614c61a581a416749b2b09d1d5436f4627fc1ca737e241ea4e767bb71 |
| SHA512 | 58822eb8fd169ad58f86c8c26d096f1a8d86227c6809e7bf36a7d0549d83eaad228e9670c20f676908a7605904b9562bcd9919f671a670f3167b6219e5157d88 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 36b24a2cf3af1947f6b7fea894a64d99 |
| SHA1 | ae7bb34d1acd33444fd980694b2f4d3df64c2819 |
| SHA256 | 4a3c51e6149848acc5b921f5d2ad987da7d4a352ae7e06b6fe729afdb3ae88d1 |
| SHA512 | 4e48ec180c520e2722a2fb576a345231ee05aae963a0565d69f9c4c53ba7e7bdbf75cb8e78adbc13328ebb67a93ba908f4b4e5a47e36936c4ddc00439d40e9a6 |
/data/data/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/open-sessions/669CF6CC00C6000113623DD8348C984B/report
| MD5 | acae5e96dd426826c2152304e6646a1c |
| SHA1 | 8fbfb8144d4814bd6d03df6128f4fc2c806334ba |
| SHA256 | 194676e8e1f1400d985aa8ab0231196de6c43100029c2779596ad0747e8dd563 |
| SHA512 | 479005ed73637f716b7db80f001cfb01d6270a22cab3b9022630257a0c847e2df29462bb68a5bed5e9b43492908e0bb78940951a70ccff5fe03d27ebaad0480c |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | f1d8febbb45f7124e5fc2ea1909c6be1 |
| SHA1 | 0299078d506198e4e4894b47b6d539449bebe550 |
| SHA256 | 9f404f9975c26b8b4e5caa52f0fcd4cfe188dbdd7868ff822bc56ff117e71acc |
| SHA512 | 5b487ab3ca98f6bb2daea393dab2f427d86f9196e7ef6030422010ca6a45d44755d7e18dd60890ae59d395e51491d8ebe9d14d9209184b47d74bf1a37a2165c8 |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsTest.txt
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/data/mob.play.rflx/files/shared_prefs_sdk_ad_prefs
| MD5 | 65026ee778e1372d9f4aed742772e893 |
| SHA1 | 5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc |
| SHA256 | 15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c |
| SHA512 | 589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616 |
/data/data/mob.play.rflx/files/UnityAdsStorage-public-data.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 876861a761fa94f1b4190ff9532a91d7 |
| SHA1 | 01b1ee0678ce77a1b37e51942fa7bd0439a03a80 |
| SHA256 | 9ed876bb160175949fbbe977b6e9499b79ab3c85303580d4d0fd0c23430bce7b |
| SHA512 | 936ebe247d57c817b8700994668523a61f3ae74ffde4aace74a3a96a1761c5807c99ff30caaf1837d7c772d03c95b67c8a95832c720d9dd4133a59f0bff5bef1 |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851
| MD5 | bfe3ce584168cac11d2c964bca6e534d |
| SHA1 | 68a05c2667427f3f69089a9194d5ead10c196bb7 |
| SHA256 | 6a38aa9be05f1ce67a227bfe411e6a5455ccf58b61ab0cfb3fa1b8e0ae9afb66 |
| SHA512 | 4d784dfef285a5bb75bc477afb82c94ea6ba6f4237fe23e3f9ab8b0052ef063ddb53948ccc440f4b31a7f51417abac2bcff8597d4e83aad1075968f5bc1e1705 |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | b69950bce1b27a6cbacc77b7d7b68bfd |
| SHA1 | 0b0c20c3ad73f8563128ba7290e3705515b1c0f0 |
| SHA256 | 377a00d3b0c0ce6c1c9d4c16a6f99ba62105db150f73c5d7da71cb000ce5a710 |
| SHA512 | 987a56675d0e2242112a8faa178124b6390e7410438c7295e837c4adef0e71e2758be8cc0f2886ea5a9dc9d8192caa4f21c84453e8c0f2aa85621dc42a324e9d |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 2f8cd75e60e3b338a208b2cb7004ad30 |
| SHA1 | 12522063ae9df374a4065b9729b55d75f070216d |
| SHA256 | b3998ec9671d8ee22971cf154aa8b19af2d2ae4f422735a8108271603d2285e3 |
| SHA512 | 8a15634b62c7b89983f4b97e15deccd643358bbc0fd0d3fa7e94cc22c9152e5607c9d001c23b7e126cbdeaa336ac19de2beca61928f1b1182f3e34928b2a9bfc |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | fa7ecf3497f62dd4336d50052dbe3adc |
| SHA1 | c2fb43d63fe4caa9ea6e9272565343a894b43009 |
| SHA256 | 7ba8821fdeee31786ac2c382844d0a47d0dc177ebde7e03464e73f5367d95cc2 |
| SHA512 | 4adeeeb55fbd7d2ec8f04a5a213c82ee7786d3e0f1c2101e2b91055592737604e6c550a3cefa095deac6238f03364f45706f970ee9221a99f7b0c727e5515b49 |
/data/data/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | a71ece8b252dab072ce3b13d3550818b |
| SHA1 | d3cd4f6c8de23438b2c3408d3e128b5c0ab431e4 |
| SHA256 | 400eb854650fb1826775927c593306ea4e992585d5be77a597e8d85f5a9053c2 |
| SHA512 | 55d04abba5110addc97156757b2b2fb7495afded02c0da84e453af0fbb44b220e2accb179fddb5af06de99bfd7000022ca6ef54afdf613ffc1fdd326b248fde0 |
/data/data/mob.play.rflx/files/PersistedInstallation7244552896960204163tmp
| MD5 | 7fa7b2bd835f580091911da66c5cfaea |
| SHA1 | 1ed5131a8ddc8043daadc9f3e821977c4d595fac |
| SHA256 | d4331d5693e4e500b970f54fba48461d30db3362c258b0f5acfdbceea0730892 |
| SHA512 | ec976f36541fbc4cf862b202103edbe790e7c6d878b4a6f846d17ead9ea7c5f3e8ce4983204bfbb1a0bf582f61457d9940a87cec9b7407dada8a64ac83c630f8 |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 166eba3d4a8090ddd45b10e9007157c5 |
| SHA1 | 53e676ac7e2a276718693880ae54242da2e907e0 |
| SHA256 | 1d1640699dba3e71384cfd34f161dfa8a81b23c38513e77285d6545505a03812 |
| SHA512 | 9e42a80ab0f31db79d17e5ef817851f63c6b9fd9234c9d2343850b1f8389f85de5d5839a1822dad3d2b093b914af2a0499d50113e9e64a3e61a9791f2cdd130b |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 2ad3207ca7a9c5aa9c2c4e3c2f7bb455 |
| SHA1 | 3e7069d02e487092728e32bbe6323b8c8ee17c39 |
| SHA256 | 7977905d8974d2905835d13b6ec9203ab373fba3b12a5a98a2b318cc48d2c316 |
| SHA512 | d67b9ed86726967eb1c8d0ed223ee311e81e1b69b700ef43cbc2a05c094ee4858bf2753bf6a4cab5f7d07d6fde0899d9e5e894e0a61e861888328ad2a6e36ba0 |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json
| MD5 | d165470950d875a5ef05e52b16fa2b71 |
| SHA1 | 8eea6374a2f17e04a9265785fa1c805c4c3468dd |
| SHA256 | ec0f12a51524d344321180bd9e3a0ee6056b5a7a563e1c42b5f1c8a9fc9c334c |
| SHA512 | 41e5625b05198d45d337c55cc8135651bd11b2e34ad264fa4ccc2766b1efa4f5988768b3323950df1bd523144bb759db5e591fcdff754ba7baf669c67a1383db |
/data/data/mob.play.rflx/cache/image_cache/journal.tmp
| MD5 | d6ac8c8db0504502d7f0e057a78c5ce3 |
| SHA1 | 8f4cf91a262b24ec9c1a6e7c41fd6d16b6623bb4 |
| SHA256 | 8f22a32cd8de58916041d1097976f2b9c80f7e9a18593d5a6b058bcaed17e22a |
| SHA512 | 100e74f0c65b51a17de6eeff96d5c38bd6d40e3c8ee00094fd906ba5794088fe1ad6f3a15be196480384cf01399ea26665a05471404f1eeebb0c82ae6fb104bb |
/data/data/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 9f13d5210f72e56dc5bfa690a3af2621 |
| SHA1 | a20fed5159ae88bda40a430946cb0e40a78bc122 |
| SHA256 | 6ac26f5e5f7ac152baa72821fc650aa79fd0d488097770458d434e8dc2badaa7 |
| SHA512 | d53260a01724f777f4ef586e05d15a4a60b17720d9ae90c478bdffe662f05c2f698f4d9df3acaba51127bf8b6f65bf707c73186913a1226323687f273cd9fafb |
/data/data/mob.play.rflx/cache/image_cache/journal
| MD5 | b97eb9176e365137a92218ff93880039 |
| SHA1 | 07b0ccdd5022ebf970a5af0e06878e6f06d4d3af |
| SHA256 | 75c1709cd6be04bcb6b2d37a49f4721039b13aa87800a2402cd4cc4d9a8cb8e4 |
| SHA512 | dac37c18ed60577d9e8d9ce8dc666ecf9ebb724d59f37a353d405d28fe1a601b7c61239f1ae36bfc3c6f45952383fed655a352ba3b08d22fb164a712e33775ba |
/data/data/mob.play.rflx/cache/image_cache/46367177e86410546bfa2a0315358b82614a85471f85818211f9f1dca04132a7.0.tmp
| MD5 | 819ef5556931b3471b5d14235a0b0333 |
| SHA1 | b841dea61a4cb9ff599a63a35352d8a18098ced6 |
| SHA256 | e29d97915d03f4e61f0a0055947b7a49725150469433ddf350ad9a9c06aec549 |
| SHA512 | cc9a5e41ddb21d39712e8a99bea8a135ba64c6f958f1bef0b4e0a7f0d78d12225123b7a61de7ff2c9ec4cbbfc54ac12e5735482b38a35196a935b4797d8d279f |
/data/data/mob.play.rflx/cache/image_cache/7d89fee0b6e82b012c340a3f5b8dfc898b9e1366c43d5868f5eb10bc345e2b8f.0.tmp
| MD5 | c2f2518a4350b7eb506be00ed249d3ff |
| SHA1 | f3214075a2057ff91ed7a8e9111070f3721e25e9 |
| SHA256 | 22b51ca0eecaa914a00629c62805bff88edfead4121a2ad77ff3abedf67ae663 |
| SHA512 | 7fecc782b3fd21addd7b8fac896de7d4717de627737f5eb097493bcb35a87068ab7baf71e7a458f6bc4a39b84bb55e21c486ca7cc5af1dd07615e986f3b03241 |
/data/data/mob.play.rflx/cache/image_cache/46367177e86410546bfa2a0315358b82614a85471f85818211f9f1dca04132a7.1.tmp
| MD5 | 2492864b8ca714702acb1c6258a0b194 |
| SHA1 | f6b13aa2d4a0fed83c3f353f788e3a00c699631e |
| SHA256 | 20e436f8cb0e0d42fe22047c554f7a74cd562a1cb30a43b8cfe06d7c8c03ba45 |
| SHA512 | fa1fefc6d774ddd7acb5d049e3cf32b8150f2ed51f0d21570093b2ec4195f8d0965cfb125787b1b8474228a8e0d148b7207d1b1fb951e3253ea72da259ab3682 |
/data/data/mob.play.rflx/cache/image_cache/7d89fee0b6e82b012c340a3f5b8dfc898b9e1366c43d5868f5eb10bc345e2b8f.1.tmp
| MD5 | 9a2f653e57ed9bef35e5ac0b020356f1 |
| SHA1 | 9612df0bafb0b2be4348374fa1b4c5d333ce9b0e |
| SHA256 | 9935dcf9478f20a8d388b61de7357f507a442f843b582b955cc754c1d1952ca8 |
| SHA512 | e02ac64493fe47702f99820786ab39fe076d513e31ac25c3b48e64466ff2f90587a408ab3cf7b432ed7408bb66248f69287492459e25f9e6dffb96f504073f4b |
/data/data/mob.play.rflx/cache/image_cache/89292c12a1a0ff8e977fd9ea493758c7813ab321ffaf8c4e8084651eec1e21cd.0.tmp
| MD5 | c1873beee04110eb74bc61a15209b913 |
| SHA1 | 03e2a7535fbf0097b9a3c1c8980a64c3a14b4cec |
| SHA256 | d9abefc3b0d08560533b5bf0027de927649c558e528f5c1c7b308b8f18d4de95 |
| SHA512 | 483a690fda472dd004ce40b3579d513751b81db4b0e9aaa3ff23eb47fe05b78e1a6c1f865a44eaeb3a290714f56a0e7e135b36968f88aca57ce13981c5c3bd6f |
/data/data/mob.play.rflx/cache/image_cache/89292c12a1a0ff8e977fd9ea493758c7813ab321ffaf8c4e8084651eec1e21cd.1.tmp
| MD5 | e6ab1eac366f3eb792b1dbd4b0131c63 |
| SHA1 | 2c28b2827cd5604db261c2731980eea697fecd28 |
| SHA256 | db2279e5c436fc5ca52f719dc51c3fb92f3d5f5c88af2e05dbc898f867a1fb25 |
| SHA512 | 88876409fc405b70a43ae54a2b87198d835d0e4fdd5333d962e6cad29989c08970b89e89e68893cb26b9f3887cf58080fc2c1b162315efdceeb99437801df74c |
/data/data/mob.play.rflx/cache/image_cache/4c5f26a015251d5a881d3088262050088265824ae755b2abf8a679d71bb2e1e0.0.tmp
| MD5 | 7fd7d792b3403f23ab56eaa4a8befc03 |
| SHA1 | eeba30b623adf111366034b4d5d6517f4c7330e7 |
| SHA256 | 2c388f9ec2eea5bc571d4532f01cc0afb25ca09f1aa633066cfa9f0bcfaf3e0d |
| SHA512 | 403f8a0c1963abf236ade5488e4a34caedb8758b4e523ee3d3214778e6b28c2d472c360d98f5acdf0a6ecab1e0de3aa1de1624c8008905513f68ada5c4c5b432 |
/data/data/mob.play.rflx/cache/image_cache/e0fbf7ac4472ca64af20c6f102c611403c9b08355707cd5db8f280b52258553f.0.tmp
| MD5 | 5c0c13d6e39ebc1ee9343c53f50b3111 |
| SHA1 | daee7a60d28f7509838c9a1fd41a629b1d29b1fa |
| SHA256 | 94628936551e91db2023e6c9da87cddff9ec308fb41e7a12f9f534945ce5e552 |
| SHA512 | 2ae1167b9b42401035513d01e73237b31bce24cea6ecb005c74f8050dfa07d822c4ac554bfcb96bfea79764a82feacc64427a74ce82eaafbf47590c97a9d72ae |
/data/data/mob.play.rflx/cache/image_cache/8aa1e1cbfd7329fbfac10e9146ac221fb955169a2c0df6003d8ddf8c3ef48b66.0.tmp
| MD5 | ea521fd593a81fe6f4764228fce67ad4 |
| SHA1 | 73c39feb94b263f63590d5eba3bd6f7b2cb67444 |
| SHA256 | 40e5d6f74cd0acabc4e9bf4d934039066352ce99df93a85f0b3a537892acf28a |
| SHA512 | 226e7ad84948565823f08413df08b955fa03b0bb2922a8d4909c2373cbb64e79e479a71160ca7ce4d6f0b8423ad68c3462e9b9990140321a4f4524e6b9255a49 |
/data/data/mob.play.rflx/cache/image_cache/4c5f26a015251d5a881d3088262050088265824ae755b2abf8a679d71bb2e1e0.1.tmp
| MD5 | 204e4f34ef11e8289fc91919e0e52b7f |
| SHA1 | e195e4e78e4a1f2097c63c85b4756f7935e02b7d |
| SHA256 | 46776e04fcc72873b69838170f25fc4dea9c33318de95a90d11eba6cbfa968ad |
| SHA512 | bb56e00e6cc8485f0983aeba84996dfa81a1a3ab5b0938646a09a867404d99cb1140ba5da7890af833738e592f1c415f59d22bf9f6ee9afc0592c8df57fb0832 |
/data/data/mob.play.rflx/cache/image_cache/e0fbf7ac4472ca64af20c6f102c611403c9b08355707cd5db8f280b52258553f.1.tmp
| MD5 | e65b29219c49797c1f0f835ea7aaea7e |
| SHA1 | 3650329d166e321ad50ddd22320455edd6f92755 |
| SHA256 | 00c3ad5706fbdf841c77a65e86ecb06eb4b98ccb7a3e7db12a0879f84da1dc94 |
| SHA512 | 6b5f5f730bb01c630cf8497794670a6d7a4af2884acb1fc2447d44f927a530a58832197501bf1067dd555237e708f1a86c4441f843de4f3e8a300ce98eed5a32 |
/data/data/mob.play.rflx/cache/image_cache/8aa1e1cbfd7329fbfac10e9146ac221fb955169a2c0df6003d8ddf8c3ef48b66.1.tmp
| MD5 | c611eb0721e9f82ec391937424e325a5 |
| SHA1 | d6139e0eea24f6bb7a129f711acb049f14f815c3 |
| SHA256 | b8e9020cf8c864ae15d2164c7268494e8a2d3d174d2b75aa61721af04d434687 |
| SHA512 | 09a47218b4f73008d44eb2292d9a0fc8dffe3bb6b795b854a86e094b4cb1145780589f754d92cca9f67dd0c7c2c7b07c833511f3853f2343875e73778b3361d4 |
/data/data/mob.play.rflx/files/profileInstalled
| MD5 | 1b49208050154951e87b7d783a80facf |
| SHA1 | 485ee0d6e70bf7ea560f22c196632d9c744a902f |
| SHA256 | b49312bf057d4d2fc441238b2889919573fef0aa27bb66dc71662d9ace0e4c49 |
| SHA512 | eda71e7c2335d634c408e392d93092e1415308ccbf7f3b4a01d70bff9e924cccb5a71a4bd2e21adafc62c72b246a4cb154dad9c2a6d59586faff21f22ac73e29 |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | d661c418992337712061e4338b2cc46c |
| SHA1 | ef4392c5b11fe0154d26235ef5fb553779b4568e |
| SHA256 | bfc6f50f5f970189af8c8819db3936baf54a4677c23e91bb5d42635886fa0140 |
| SHA512 | 2ae6b5abe07f4e026fd09b6fa941b13ec5e0efc43ae40b5be3cc6ba4fea3a002f4f0cfdeb785cdfa491af12d91f164c405665be2af9ae41969eec803a2b5c61b |
/data/data/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 0caad8cee0efe16b25f50009a5d20b0e |
| SHA1 | b44f7b6322f38a647c67838a873ed815ed31c7d2 |
| SHA256 | 1ca8fd931bfb38e2a0422a2403483acf4a8dbe01b49c6a89007ae997ca2868be |
| SHA512 | f32b269ccecb6bd9f3af80c4b020edbc9161017f5d8080730f5ecec6d8b11e838d61c5a4ff81ada1430396fd729968ee939f18fa28f0236ddec83ba393be7d66 |
/data/data/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/open-sessions/669CF6CC00C6000113623DD8348C984B/event0000000000_
| MD5 | fce630e28ab07baa0df734d5a6480540 |
| SHA1 | 24bd62387d830ce7490601e2d97628777e53a7ff |
| SHA256 | 0aaec2274d07a4618da6322a4b68b821e828b0576cd34484aa2afecd42025a27 |
| SHA512 | fbf5c183b5f5c5069bd60aee8518110d65779bed466408598fa180c3724e58b4aabedf65315133a68fca2665db83f580f2105610c8c9411954e9cbe2e490b181 |
/data/data/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/priority-reports/669CF6CC00C6000113623DD8348C984B
| MD5 | 94f96891c861bb61381ad01158cc2b1b |
| SHA1 | dfd8f0d085798bcdd4830dbaf67b7c4ae2d7b645 |
| SHA256 | 1757d8450ff38f591745f08f90839936383dcabaa68b0bcd288b99f65515edd1 |
| SHA512 | bcd7b77981319588be99750287b44671889ab10b4f709f809c17683ad72e9d4a7be49ecdf311a4192b7023c66fa66f7a8591404ea2049f0cd2540f2a6d159e92 |
/data/data/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/open-sessions/669CF73B03D4000213623DD8348C984B/report
| MD5 | 5df87b22943e3c8bdcc97f8b8fe3ff6d |
| SHA1 | ea915a587ce8b19bf40db51cd430cd35f3c38dda |
| SHA256 | 569abf7f6dc12808b1c1faed50ce49581e0f94e9f3cbf1bd47ac53ef353da6fb |
| SHA512 | e59d9e6453baf09e245025417ae997a5652f89168146226b8cc2d0731dd7b8f208dcd6d021e65b10cde5e0e500a3e602b98357dcb2db021de85289ee683a956e |
Analysis: behavioral3
Detonation Overview
Submitted
2024-07-21 11:53
Reported
2024-07-21 11:56
Platform
android-x64-arm64-20240624-en
Max time kernel
36s
Max time network
134s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /system/sd/xbin/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/bin/failsafe/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/socket/qemud | N/A | N/A |
| N/A | /dev/qemu_pipe | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
mob.play.rflx
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.212.238:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | = | udp |
| US | 1.1.1.1:53 | firebase-settings.crashlytics.col | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | configv2.unityads.unity3d.com | udp |
| US | 34.110.229.214:443 | configv2.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | infoevent.startappservice.com | udp |
| SG | 138.2.110.152:443 | infoevent.startappservice.com | tcp |
| US | 1.1.1.1:53 | m.media-amazon.com | udp |
| GB | 18.239.245.205:443 | m.media-amazon.com | tcp |
| GB | 18.239.245.205:443 | m.media-amazon.com | tcp |
| GB | 18.239.245.205:443 | m.media-amazon.com | tcp |
| GB | 18.239.245.205:443 | m.media-amazon.com | tcp |
| GB | 18.239.245.205:443 | m.media-amazon.com | tcp |
| US | 1.1.1.1:53 | webview.unityads.unity3d.com | udp |
| GB | 18.165.227.78:443 | webview.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | thind.unityads.unity3d.com | udp |
| US | 34.107.172.168:443 | thind.unityads.unity3d.com | tcp |
| US | 34.107.172.168:443 | thind.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | auction-load.unityads.unity3d.com | udp |
| US | 34.110.184.100:443 | auction-load.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | httpkafka.unityads.unity3d.com | udp |
| US | 35.244.205.3:443 | httpkafka.unityads.unity3d.com | tcp |
| US | 1.1.1.1:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | firebaselogging-pa.googleapis.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp |
Files
/data/user/0/mob.play.rflx/files/PersistedInstallation4819159836688108724tmp
| MD5 | cc875e70fe90cdce25d1c7fcb67fd916 |
| SHA1 | f0f68c2c07363f9b1a75249e56bd82097cbc3e09 |
| SHA256 | 60e1b3111f585916bcb3d9c4dd80eb3fbce9bdd399e55894d49e96166e2083ea |
| SHA512 | e27ce35df5585dd6993252c96cbb5f8e7f15126c43a5700319603f6806068b080638119c5cd6caf7415abd78f951fa5dbdecb2a7706f94866f32448313c9948b |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | d4e736884fe742c59e450f3fd9a7e235 |
| SHA1 | 5d531b1c73bb5bbbee40d7ba49fff215129255af |
| SHA256 | 189feb8557c6be08ba044147adc192b9f46b0937239b3933a9e3c44823e0355f |
| SHA512 | ce5365ed0913ca808a3855fb4366d8974191ccc2b1eaf403bb52fd48b26c1e5402f09346d153c74c7277957c216ec9d75533458091d173c1996a2ad60f2182a5 |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events
| MD5 | 7b769a11a978289f773c925926c3ea7c |
| SHA1 | ad3d722cc65a491d6ce392214b767487fd3829fd |
| SHA256 | ec2fb6667343bea1ab5c0ad1019d2a0560f2884be7c9723132e35cd2066a9fdf |
| SHA512 | cb0a7fc77a88379e3bccde58b49722928984f2be3d91c492058bed1077b5889dcacc31bcd3a58668a0e2111df466424f15e4af78aee415fe057e6c0c145db8fa |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | bf68268cab271e9200feafa89492689e |
| SHA1 | 78506f0a3880f724222ee9f3ad310c9ca3d9a3c6 |
| SHA256 | 2a7f9b4a7ff925c6d69a435e5514a56cf898830266d6fa08f9722b916ec7e8aa |
| SHA512 | dd9aaef7ea94fa96897f5012eb66d59a005ecfcec32960ce84f12d618ee74bf2a6c8bfc278b06908a1f0295319bfcbe510575f98e7bf5ff76915d241b8c6333a |
/data/user/0/mob.play.rflx/files/.com.google.firebase.crashlytics.files.v2:mob.play.rflx/open-sessions/669CF6CE00200001119982FB3E50CC1B/report
| MD5 | fb95381cb4c644075c48a30e88923f1d |
| SHA1 | 5aed6ab25f6f532208080ecf66257221434ad296 |
| SHA256 | 0ac10fb31116e13ea55c4228b0dfafcdc6190be4f810e796f79e77349e0b2161 |
| SHA512 | 59682e9e58c09c4d578c8ea67655dd4a49682d562453d0945be919093b09581504ab05c75644123c469a292551b048743b306be99a7aa2a6fe5e2752274b9acd |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | e1f4dadc177f08b7e82a6ec8b03b12a3 |
| SHA1 | e4a083052c29879c2af17a5d22d90350dc58e182 |
| SHA256 | 73ff9cb829dd05de264ea945f5e62a2c11879a0514c8b73201e160ea18de2c04 |
| SHA512 | 76cf1baca5e7367b3bdd7cbf3ec80cc1e5ca4e803853231efc447a1599e64862591abe7aa42d9ddb33a50d7735fc3f61655e45775423196120e174dc2d6291b1 |
/data/user/0/mob.play.rflx/files/PersistedInstallation4233099980930762263tmp
| MD5 | db35569f7a578a888018253400be7c76 |
| SHA1 | f2f230fd02fe4c6f671364d6dc3ec07307b96d67 |
| SHA256 | 29f913648ee0b32f12bbb39abceef1f3f809a5107ec5765dbbfe1aa15d88aa0d |
| SHA512 | 2ee52c918708408e8c1a6b5679c9ba9f3e8da61cad8ba76c63396c2367effb2d5568d79a375d77aa0062d5b1a7dc9c6320bbcd3378e413a218d2cf176bf24fcf |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsTest.txt (deleted)
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/user/0/mob.play.rflx/files/UnityAdsStorage-public-data.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/user/0/mob.play.rflx/files/shared_prefs_sdk_ad_prefs
| MD5 | 65026ee778e1372d9f4aed742772e893 |
| SHA1 | 5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc |
| SHA256 | 15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c |
| SHA512 | 589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616 |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 160a21e4374782602f821812bfde85ca |
| SHA1 | e6db0d98ba9006d5a4c02e5a117be00a0021b2f7 |
| SHA256 | 9b23dcfb6100166834370524470a3b1427f7d9d0ff85d220da2b7644b0782c2d |
| SHA512 | c838d28b6cd006878382b9510ccf2a457143e9a4eebb3a1460c71e6bf2f4a609f436dc29ed72915110b753fcd881c07003ad931f582fbbcea52e54e788789fc2 |
/data/user/0/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | 716fe77611fb62ec65eab284411f54a2 |
| SHA1 | fca14f702ec7e752b692062b448f3215dc5f2e67 |
| SHA256 | d4d3166b757e242043b9f2efdd30f19a4abfa4d0407d52a809069b3cfc5a7aac |
| SHA512 | 4e5f416cbd1857e9b47771b7f2bdb9b8ca944f03497aa0aba5843869b496371ddbdd368434cb8fa163bfc675d34c5307ebc5fd28780ad840de8aac1864d97b63 |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 9b08e3c7abc22662e0fc73cb49ff554f |
| SHA1 | bb76140155412e8a82eeb815d6ab74c34bcf8d80 |
| SHA256 | 2c542585154ca1b241fd274eecd1e3bf56c16c8d33a4344ec2f1b3f58b859bfa |
| SHA512 | 66ebe23807dc55eb80a9504f2b726f18ced014e236763195e62e22483256965bfc42eaa3f3dfd6ce4ceeb6572e91efc4b6f1125761b3c2a1264452cf3b96bad6 |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851
| MD5 | f6ff49fc92bef3d942852ec3e67c170b |
| SHA1 | 0fd4cf176dc644eff726b9287bb27483274d2811 |
| SHA256 | a465648b6b8437989aa763ac7fef688c054de03410dda0043e5a083977f42b43 |
| SHA512 | e528e2f45a97bf15373d0d0ff62e14928598e41d82847baff0cd0f4b6cb98942fdec2cfa1e7b8117551cfdfda7797d728731fac44aeb30708f627e36a87f7956 |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | b92180f8ad96c616fa389118e0d1b1e0 |
| SHA1 | 5949c3204c396b6c6b578bc54c25d18a63fc080b |
| SHA256 | 99f085c0e46a89bda563c2cfcf08e772424ba496e4ece2fbae7e10c5a6622d62 |
| SHA512 | f0b7112a0085419b0357a4fe74b4e0fb27baaef1d881fe99714eed5debfa37734f67bfcc81bf546655547f6df7b41616ea15e3bbeae7c9db0caa9adb9b94e37a |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | a89dc0268b5313f0b7309ccb353fd461 |
| SHA1 | e68b0653ac115a825226b840cf254df9e9618cad |
| SHA256 | 4f64e715626a2f2e338ef85f82982aa4a32fe9fa898c38151484ab34411d3c65 |
| SHA512 | 6b38edb4f52f61864148bba31a17945ca7b4c09e82a34ea54cdd5ca33d494fc9601b9a02fa228d87c68d8c9e14f795738dcd3d5552e9b510b5e51767a8a377ea |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 53da7406bf074785e40ce98936390733 |
| SHA1 | 301365d759690344e826341e8a28a4ec297f718b |
| SHA256 | fcec6d06a1b7032a849a6b53bc44aa34d482d52905a43b780110a113df46e527 |
| SHA512 | 1ce493563730187b8ec6d8932487121ec47cef434043466555a1bb79ea7f23fbd6bbf2e04c7cea3bb44941ef67e0465c75e45c91d6bc847f61139fb0aba38331 |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 7f8e1195d17f6d68f99c7fda3e4100ff |
| SHA1 | 2c4ebd1e061edaeaedf772b7c4b418f33d978865 |
| SHA256 | 6251e57c3844d6bfac51491ee706ae67983b3f52d9a2176bda0355df4f920bf6 |
| SHA512 | 5b2ac2da0351124d4b525bff312f2c53fba767f3b8f97304ae64f2c6a96fd38d54e2ca1b0256a607c5f5adb8869a43e2ec1acbd1dc1e1ebd07afc58b9db58c9a |
/data/user/0/mob.play.rflx/cache/image_cache/journal.tmp
| MD5 | d6ac8c8db0504502d7f0e057a78c5ce3 |
| SHA1 | 8f4cf91a262b24ec9c1a6e7c41fd6d16b6623bb4 |
| SHA256 | 8f22a32cd8de58916041d1097976f2b9c80f7e9a18593d5a6b058bcaed17e22a |
| SHA512 | 100e74f0c65b51a17de6eeff96d5c38bd6d40e3c8ee00094fd906ba5794088fe1ad6f3a15be196480384cf01399ea26665a05471404f1eeebb0c82ae6fb104bb |
/data/user/0/mob.play.rflx/databases/StartApp-d6864f2502af7851-journal
| MD5 | 0fb44b17ac5d6f61d7abb713f5e77682 |
| SHA1 | 659e189626e4d47486a7d6af7eca025d42975aec |
| SHA256 | 15cdb3676b4f50a80e59b423d3fcfcd559f2b266061cc3d276bef462cedc7d3c |
| SHA512 | 64421751fbc49ee65074bdfd328bcbd60a38495bca9c4b8a408f3972a38f25a5b0c02fb02550eee7ac27f213d88f4ecc26c49f28d9bdd31e3194d91ef264039a |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json (deleted)
| MD5 | d165470950d875a5ef05e52b16fa2b71 |
| SHA1 | 8eea6374a2f17e04a9265785fa1c805c4c3468dd |
| SHA256 | ec0f12a51524d344321180bd9e3a0ee6056b5a7a563e1c42b5f1c8a9fc9c334c |
| SHA512 | 41e5625b05198d45d337c55cc8135651bd11b2e34ad264fa4ccc2766b1efa4f5988768b3323950df1bd523144bb759db5e591fcdff754ba7baf669c67a1383db |
/data/user/0/mob.play.rflx/cache/image_cache/journal
| MD5 | 48f6f23b7f40acc12f6b0ec5a19d8470 |
| SHA1 | 2d6f489b2530bcb3262790e76c262e80294790ae |
| SHA256 | a819332935989616dac4d3c9dd31abb3174a9336fba841f6052211b2c3995342 |
| SHA512 | 2d18809e3c62bab3da19a164032bb1d9c584ccc8b28e3b1368f5675be276d869af8d06ce63e6d4ab9d510760d76b5207cc8902650f6b9fe1b013acb8b2841462 |
/data/user/0/mob.play.rflx/cache/image_cache/5c12cba194e2aedc6a00e2404f3d77d0666c7728883f50b9de3f031955c87252.0.tmp
| MD5 | 4a5078669db4ffcea399ecb16fbc6d06 |
| SHA1 | 9bb1e73585792da525327fbaf7ca3ca5008cb785 |
| SHA256 | 67052c52b6c49408e45b9e74c5a14773e18e18b0a8b8ee1315f786188ae861bd |
| SHA512 | 228726603de34133fe117fc8de085fed16f0f343098c6556b90693b96db2eb72a55526b6587dde4785e4c8b7b3ab72734f05ae08e1240a04f30075631c5b3ed3 |
/data/user/0/mob.play.rflx/cache/image_cache/5c12cba194e2aedc6a00e2404f3d77d0666c7728883f50b9de3f031955c87252.1.tmp
| MD5 | fad86a9b3e42bf67c347dad5f70aa01b |
| SHA1 | c5a0a91928b166b9c87fa5daee383ff8f4c0e944 |
| SHA256 | 365fd0b1a2ae7d2502b490d6533fbec35a35e36ba425d8a1100b21f4ec00bc3a |
| SHA512 | 0f84a6b6479f31fa40d0ae37095c0368f067db8394397539671c3f18a427e0128d9ca276c89d27d1cce74dfed1f22ccd13837c3631a3c64ee1455ca55cbbbcd9 |
/data/user/0/mob.play.rflx/cache/image_cache/e7ee3df443c65fd62d3df57e88fad45b63617fd79f4807326628c8bd0e3a5a26.0.tmp
| MD5 | e3e9dc677ab6f7e71e3c40f2bf1acba8 |
| SHA1 | 966c05c5921fd186c7986fbf28bdb726edfe71d4 |
| SHA256 | 923b7ee1fe62709a7e3d017915407f200272b420614496cb4f13d87150f859e9 |
| SHA512 | 3fee3d8be23520151891bc74753f4a4a85115a7cd2a1b85a303e9d2e8cc311ea175adead246ffeebe2396ae6d311a2bf8984f4967dce4c118d05fd8c13d8d546 |
/data/user/0/mob.play.rflx/cache/image_cache/e0fbf7ac4472ca64af20c6f102c611403c9b08355707cd5db8f280b52258553f.0.tmp
| MD5 | e47651443e721e88e5563d95268817c6 |
| SHA1 | 42a8efc5840a3e64fa728accc6df2d8baf4b279c |
| SHA256 | 31f8400813daf7a1417b0051175fce85c45374f39d617db471845a12d0059443 |
| SHA512 | 273ba36260a0010980d9babe33223c58c1f7301823da15aad916ce0a0d498bb2c469357eae25a1f99ea758d1b4d423beb0b27af503ab81b5abd867f7c554cd37 |
/data/user/0/mob.play.rflx/cache/image_cache/e7ee3df443c65fd62d3df57e88fad45b63617fd79f4807326628c8bd0e3a5a26.1.tmp
| MD5 | f396bc80ab4e2fcbdfbde20228caeddf |
| SHA1 | d7c8877dba9f1b5f0f7d1917231bf47b640d66a5 |
| SHA256 | 3d9630f0a992a76b855d713461eef38e6c0b125ec22cb3b342fdcec36505ba2f |
| SHA512 | 5ba6e148defb30e5b099c025164d5ff0bbc4d2a947b78f8fb1838a910fb2f45f73817ffca073758f7a2ac400782a175d826c90df675a04341849dd5908b28737 |
/data/user/0/mob.play.rflx/cache/image_cache/e0fbf7ac4472ca64af20c6f102c611403c9b08355707cd5db8f280b52258553f.1.tmp
| MD5 | e65b29219c49797c1f0f835ea7aaea7e |
| SHA1 | 3650329d166e321ad50ddd22320455edd6f92755 |
| SHA256 | 00c3ad5706fbdf841c77a65e86ecb06eb4b98ccb7a3e7db12a0879f84da1dc94 |
| SHA512 | 6b5f5f730bb01c630cf8497794670a6d7a4af2884acb1fc2447d44f927a530a58832197501bf1067dd555237e708f1a86c4441f843de4f3e8a300ce98eed5a32 |
/data/user/0/mob.play.rflx/cache/image_cache/3f5d82e357ce5154d866277c15436beb0428c8e2b2134dd11aab5537228965df.0.tmp
| MD5 | 948ae1e9a2a77ed697965f7688fcee0b |
| SHA1 | 1862340cab48d95fbb82f5a1e4038f8be6c6bdf3 |
| SHA256 | f8373476d207e69017cfe71a02feb4aa7a9226e6550fef6c04280c1e09a23bdd |
| SHA512 | 7f12993b6caf8a09f9dd36826aaf94f02d34ccd119e5a3144bacc796a0d78106e3d49303e7a89788e63127a3eaef2a6c1df2d4316979b5cff7b943f1170bf59c |
/data/user/0/mob.play.rflx/cache/image_cache/e2a9598a39ac08e28d54c24bc3799cc80f16b5a77d770923d34db37c65b44d1d.0.tmp
| MD5 | f7db9bbc0daf4cd60586b7b636b4826a |
| SHA1 | 852ca001c653b6645cd8ea8b5d2d53405ea2130e |
| SHA256 | 7f3306fc3a9493c32fbd302e20485e48f9bd8f64eef269cbcb4b921311362fc9 |
| SHA512 | 02610f8b17839dddc964e8b1b23020be80c90036faa165e2ccdc3df4817584fd5c1b1cc4e6c3526627ea466ee038f2bc80352bae1e119c024e4300392ee41c4b |
/data/user/0/mob.play.rflx/cache/image_cache/359aacf6c9d9cbab0b4b03ce832213f2a8b1c781830a1019c4610c542358a002.0.tmp
| MD5 | 160169bdcca731208d8d95d954b23f05 |
| SHA1 | 2ba88ae3f8b06417f8a0407e7fa9a2d98bb06afa |
| SHA256 | 2aa0e44da5be5ccbe9d77b7ac6bfe621136beee7764836969b215de79c070c09 |
| SHA512 | 42d5ec2b05b9ae041705d40481093bb40a1da39cba1a9807498b4383c4aa9127d60973eeabfd6d38d3964b6e820b75e156bba13e94a0763d3e4344eb36777051 |
/data/user/0/mob.play.rflx/cache/image_cache/3f5d82e357ce5154d866277c15436beb0428c8e2b2134dd11aab5537228965df.1.tmp
| MD5 | cea398c99abfa88a40add415e8a2c4e2 |
| SHA1 | 94e25931d9e331c1eec75e0f3a64b3d11b289755 |
| SHA256 | 19102e3d77208cf3a950b1aa0e18be9170e8032d66752967aca725513ae4b50f |
| SHA512 | 22775aa438b106b1edb61dd96850658b9261862259a5d3b633d4f0e265429b2e6142ea7f84994b68d6c9823f1f17b9ef44a5b5e2c75975f62e98818bbd0a40ee |
/data/user/0/mob.play.rflx/cache/image_cache/e2a9598a39ac08e28d54c24bc3799cc80f16b5a77d770923d34db37c65b44d1d.1.tmp
| MD5 | 923e5fa4edc591f8bca9b8623563ec27 |
| SHA1 | 3289b2781b5c1c82997ec9cb35f07660635a2da0 |
| SHA256 | 3533e93bbad8a405eb09d22ae6a180f1b16daf1ac5d828d8ff916e16bb825e30 |
| SHA512 | cc58edc0a283f863093b3d8722033da6ede4de559f607e286ade7aa8590d5263104cc7fe319a2e0beba37155f9a8ede9d8aeab0395861bcd5c00c5fd36d1bdb3 |
/data/user/0/mob.play.rflx/cache/image_cache/359aacf6c9d9cbab0b4b03ce832213f2a8b1c781830a1019c4610c542358a002.1.tmp
| MD5 | c555f9e232c6f4e00a788bec76e043fa |
| SHA1 | 5743a8254a1c91cc9fc63bc06f13f1dd9c00bff8 |
| SHA256 | dfdcc5d2ccb57c3a3bac51c45dd5c8bee96e3d8707cdfd7e3a4e3a1a001f97e2 |
| SHA512 | a6d8a1865649eaffb756cc5f2ead5764dc806311b16c93ec5df593942b6f8d14d57efbfa88de60fb754a37bb44f61cd9469f4f8d9deb4ce143093fccfe46ea95 |
/storage/emulated/0/Android/data/mob.play.rflx/cache/UnityAdsCache/UnityAdsWebApp.html (deleted)
| MD5 | 60613793d0bce882b80f2429f3b50edb |
| SHA1 | 48b22e5a190e572e9014a10c4a4543e57f2cb332 |
| SHA256 | 92eadd3cdd8a390d38fe5df7c795f9398dd143f7de64937592ca16b69e0cee54 |
| SHA512 | 81e13b31b28f27abff6f67a827e4dbafced5d0814d958010f04f741a45aa3d5b0d991e9672f72e93d6d9680e0104a865ee33a68c29ec976c96c0743c89500993 |
/data/user/0/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | a8c3b5db9eefa7e80c4f3f0b6f6ff923 |
| SHA1 | 6077d95714c0062be55a377e82d3189feef6bf7c |
| SHA256 | 4c83c7bf6b1640272ffd7590ccd72e57aa8ea7049d4a99e626c410163244a1df |
| SHA512 | 0ce238a36990ffbcfe880bb635cc00f78270aa0ee49c6fc982e6ab7ab0f6ceccc2ab53ce59cef433e9dc2cc8fd9a4601569a4428a13c4240657075b0215c2a6b |
/data/user/0/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | 5151400085185cb82ae8f8f535f20bb8 |
| SHA1 | 3fdae348f7b14f31d975a7d80f3aa0073f044217 |
| SHA256 | 97b03f4217c4e97c2b8202974eb930fb7b836a126e7d8948e09dad397db0fc38 |
| SHA512 | e8d6a6f62c0a2832508899054ec73556d4624f9f5d9b1e4c0a4b6216b4c6f7f56cd78c9423a49ddae6f21bbbba1498673dc7cd3e601e2b6fad7bb85ecf3968ae |
/data/user/0/mob.play.rflx/files/UnityAdsStorage-private-data.json
| MD5 | e25ac5562f3ca04e65608f61cbecc2d7 |
| SHA1 | d2473368dfd7ee66baeb2c348f1a18fc126f9e5e |
| SHA256 | dc9b19bfbc9ac10b69268d441c2faf1bc6c5aa89520abf94911a7e1423cd40f7 |
| SHA512 | c6becbdd3282df24e91fb4fbf4879add05223b0a0de15d7788ec0f23aeb9584d3befdbfbfde7739299430f8a9590de71f03648822327b9e926c8ba9fcd3359c9 |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 564328e40a26eaadeeb8935e73761ab2 |
| SHA1 | 7bda3fa7b6d5e914c947737269a55ac1a08d94c9 |
| SHA256 | 818bca138e26ca75b3c74ebd9ad3ea2c2720cb2fd090a518c34194f66a171ba1 |
| SHA512 | 7a4b7fb833882b5b4589e49e9f057c588373c913e8383517ada6a07f9777df9d335b39a48d4ac1f024631c0991b1bd74d6cf6c9ea87f0a7d6f79576e145de08b |
/data/user/0/mob.play.rflx/databases/com.google.android.datatransport.events-journal
| MD5 | 42516f9fc4ab0b2d309ec3bec6157342 |
| SHA1 | 936763d38816f63024a767ea852e506ffc97d338 |
| SHA256 | 0f0c51090a2a2c7a3456505136bb04e990eb8fd33d944319af58d2fcdd67ad30 |
| SHA512 | 79277cfe7e146dc24505cf97e840302a42081cdeaad39697f21b91160c88788cbb55e6c0f3fc0d3b649fd5a3d907a5962ce4db0fc422cc0badda030422b5e7be |