Overview

overview

10

Static

static

10

81d22a908f...19.apk

android-9-x86

8

81d22a908f...19.apk

android-10-x64

10

81d22a908f...19.apk

android-11-x64

10

Analysis

  • max time kernel
    35s
  • max time network
    141s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    10/09/2024, 16:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19.apk

  • Size

    4.9MB

  • MD5

    fc0f20db5f8098e42d845492fcf3fca4

  • SHA1

    380e9f9d17c1f13e66d367f4f8726200e2dee07c

  • SHA256

    81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19

  • SHA512

    d4fee4bd9bdaa012b57346c407a5e46eeb8908727686bd7022faf704a3baba81b6b6380b260e2f672fd8967b39a4d6f2008b6bf5e629efd163f01a30663d14a1

  • SSDEEP

    98304:UxQ993O4ZwUzMnKTI5qkVe6/7Tr/njx/3lIM1bfzyck/IISqf+HW6sR:KQ993zwU6+I5DE07TrPV/3lImKj7g26y

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 3 IoCs
    evasion
  • Acquires the wake lock 2 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact
  • Checks memory information 2 TTPs 2 IoCs

Processes

  • com.kongregate.mobile.bitheroes.google.hack
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4246
    • /system/bin/cat /proc/meminfo
      2⤵
      • Checks memory information
      PID:4480
  • com.kongregate.mobile.bitheroes.google.hack:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4286

Network

  • flag-us
    DNS
    api.onesignal.com
    Remote address:
    1.1.1.1:53
    Request
    api.onesignal.com
    IN A
    Response
    api.onesignal.com
    IN A
    104.16.160.145
    api.onesignal.com
    IN A
    104.17.111.223
  • flag-us
    GET
    https://api.onesignal.com/apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js
    Remote address:
    104.16.160.145:443
    Request
    GET /apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js HTTP/1.1
    SDK-Version: onesignal/android/031302
    Accept: application/vnd.onesignal.v1+json
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 9; Pixel 2 Build/PSR1.180720.122)
    Host: api.onesignal.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Date: Tue, 10 Sep 2024 16:44:16 GMT
    Content-Type: application/json; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    vary: Origin, Accept-Encoding
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    x-download-options: noopen
    x-permitted-cross-domain-policies: none
    referrer-policy: strict-origin-when-cross-origin
    access-control-allow-origin: *
    access-control-allow-headers: SDK-Version
    Cache-Control: public, max-age=3600
    etag: W/"eb5e836eec07b15225bee81cddc87a3b"
    x-request-id: 6a0c6657-dc5b-4d41-8146-ada14a264f73
    x-runtime: 0.029986
    via: 1.1 google
    alt-svc: h3=":443"; ma=86400
    CF-Cache-Status: HIT
    Age: 2110
    Expires: Tue, 10 Sep 2024 17:44:16 GMT
    Set-Cookie: __cf_bm=hsrTYTitwoTx9E1xLlehV8X6mJdUgefAf8O0Ae2LEco-1725986656-1.0.1.1-bCg6rqEnUMMvuIezbNcFyVf4cOVNS2u0WeaI.7aztxHhZ802YKVkXUzXxvcI4l9iItdwgsDEJTIV6kukUXynZA; path=/; expires=Tue, 10-Sep-24 17:14:16 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
    Strict-Transport-Security: max-age=15552000; includeSubDomains
    Server: cloudflare
    CF-RAY: 8c10e1badb61952c-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://api.onesignal.com/apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js
    Remote address:
    104.16.160.145:443
    Request
    GET /apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js HTTP/1.1
    SDK-Version: onesignal/android/031302
    Accept: application/vnd.onesignal.v1+json
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 9; Pixel 2 Build/PSR1.180720.122)
    Host: api.onesignal.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Date: Tue, 10 Sep 2024 16:44:17 GMT
    Content-Type: application/json; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    vary: Origin, Accept-Encoding
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    x-download-options: noopen
    x-permitted-cross-domain-policies: none
    referrer-policy: strict-origin-when-cross-origin
    access-control-allow-origin: *
    access-control-allow-headers: SDK-Version
    Cache-Control: public, max-age=3600
    etag: W/"eb5e836eec07b15225bee81cddc87a3b"
    x-request-id: 6a0c6657-dc5b-4d41-8146-ada14a264f73
    x-runtime: 0.029986
    via: 1.1 google
    alt-svc: h3=":443"; ma=86400
    CF-Cache-Status: HIT
    Age: 2111
    Expires: Tue, 10 Sep 2024 17:44:17 GMT
    Set-Cookie: __cf_bm=0id4eJUu1y605oZvEf6h10UoZO1blKakoyL1Tlfjm2U-1725986657-1.0.1.1-udirKL2xYyxkvVNPtNQuR_dZo7Rt53K1DH8tZgxVbnTzcJut_yWeew9fTl_PvrdqahRR4EJ1ddW4Q5Y9DOoYcg; path=/; expires=Tue, 10-Sep-24 17:14:17 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
    Strict-Transport-Security: max-age=15552000; includeSubDomains
    Server: cloudflare
    CF-RAY: 8c10e1c0498b79c0-LHR
    Content-Encoding: gzip
  • flag-us
    POST
    https://api.onesignal.com/players
    Remote address:
    104.16.160.145:443
    Request
    POST /players HTTP/1.1
    SDK-Version: onesignal/android/031302
    Accept: application/vnd.onesignal.v1+json
    Content-Type: application/json; charset=UTF-8
    Content-Length: 514
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 9; Pixel 2 Build/PSR1.180720.122)
    Host: api.onesignal.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Date: Tue, 10 Sep 2024 16:44:29 GMT
    Content-Type: application/json; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-runtime: 0.059263
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    x-download-options: noopen
    x-permitted-cross-domain-policies: none
    referrer-policy: strict-origin-when-cross-origin
    access-control-allow-origin: *
    access-control-allow-headers: SDK-Version
    vary: Accept, Origin
    etag: W/"72db73463df767b7be02d5881f1cb085"
    Cache-Control: max-age=0, private, must-revalidate
    x-request-id: ecc39268-2df8-4865-89c5-3192298ca85a
    via: 1.1 google
    alt-svc: h3=":443"; ma=86400
    CF-Cache-Status: DYNAMIC
    Set-Cookie: __cf_bm=pFQ7AyeQ6z2jWLRx0Yh.eoCmxbWz2UbMSxACrpEG4Wg-1725986669-1.0.1.1-ff20DrrhgjXt..KFA.DCccK9HT_Jp9o6HeYEXk9C67MAFkZMEVTefhPyit8Inb3QrvT3ZyMa20I2bamwh28n7Q; path=/; expires=Tue, 10-Sep-24 17:14:29 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
    Strict-Transport-Security: max-age=15552000; includeSubDomains
    Server: cloudflare
    CF-RAY: 8c10e2099b0079c0-LHR
    Content-Encoding: gzip
  • flag-us
    DNS
    s3.eu-central-1.amazonaws.com
    Remote address:
    1.1.1.1:53
    Request
    s3.eu-central-1.amazonaws.com
    IN A
    Response
    s3.eu-central-1.amazonaws.com
    IN A
    52.219.140.171
    s3.eu-central-1.amazonaws.com
    IN A
    52.219.140.15
    s3.eu-central-1.amazonaws.com
    IN A
    3.5.139.74
    s3.eu-central-1.amazonaws.com
    IN A
    3.5.135.10
    s3.eu-central-1.amazonaws.com
    IN A
    3.5.134.197
    s3.eu-central-1.amazonaws.com
    IN A
    52.219.169.153
    s3.eu-central-1.amazonaws.com
    IN A
    3.5.137.88
    s3.eu-central-1.amazonaws.com
    IN A
    52.219.171.109
  • flag-us
    DNS
    3581a62b.api.splkmobile.com
    Remote address:
    1.1.1.1:53
    Request
    3581a62b.api.splkmobile.com
    IN A
    Response
  • flag-de
    GET
    https://s3.eu-central-1.amazonaws.com/sx-dmns/v/list.json
    Remote address:
    52.219.140.171:443
    Request
    GET /sx-dmns/v/list.json HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 9; AOSP on IA Emulator Build/PSR1.180720.122; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/69.0.3497.100 Mobile Safari/537.36
    Host: s3.eu-central-1.amazonaws.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    x-amz-id-2: c88z7NTZTHqiLZ+tGT7h0uvaf2CKC563ABHEa2inC5O4Zlgb398xt0anS2CmiS/99rCIl0JXARc=
    x-amz-request-id: AGXTGHDN1VJ7GRJZ
    Date: Tue, 10 Sep 2024 16:44:20 GMT
    Last-Modified: Fri, 18 Jan 2019 15:21:11 GMT
    ETag: "1b1890fdf7e5114573a519d5c7d37950"
    x-amz-server-side-encryption: AES256
    Accept-Ranges: bytes
    Content-Type: application/json
    Server: AmazonS3
    Content-Length: 74
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    216.58.201.110
  • flag-us
    DNS
    sxdmns1.com
    Remote address:
    1.1.1.1:53
    Request
    sxdmns1.com
    IN A
    Response
    sxdmns1.com
    IN A
    23.109.55.108
    sxdmns1.com
    IN A
    23.109.55.164
    sxdmns1.com
    IN A
    23.109.55.188
  • flag-us
    DNS
    sxdmns1.com
    Remote address:
    1.1.1.1:53
    Request
    sxdmns1.com
    IN A
  • flag-us
    DNS
    startup.mobile.yandex.net
    Remote address:
    1.1.1.1:53
    Request
    startup.mobile.yandex.net
    IN A
  • flag-us
    DNS
    startup.mobile.yandex.net
    Remote address:
    1.1.1.1:53
    Request
    startup.mobile.yandex.net
    IN A
  • flag-us
    DNS
    sms.service.mobilelinks.xyz
    Remote address:
    1.1.1.1:53
    Request
    sms.service.mobilelinks.xyz
    IN A
    Response
    sms.service.mobilelinks.xyz
    IN A
    45.76.34.131
  • flag-nl
    GET
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    Remote address:
    45.76.34.131:80
    Request
    GET /api/sms?country=US HTTP/1.1
    Host: sms.service.mobilelinks.xyz
    Connection: Keep-Alive
    Accept-Encoding: gzip
    User-Agent: okhttp/3.12.0
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0 (Ubuntu)
    Date: Tue, 10 Sep 2024 16:44:24 GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-nl
    GET
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    Remote address:
    45.76.34.131:80
    Request
    GET /api/sms?country=US HTTP/1.1
    Host: sms.service.mobilelinks.xyz
    Connection: Keep-Alive
    Accept-Encoding: gzip
    User-Agent: okhttp/3.12.0
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0 (Ubuntu)
    Date: Tue, 10 Sep 2024 16:44:24 GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-us
    DNS
    semanticlocation-pa.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    semanticlocation-pa.googleapis.com
    IN A
    Response
    semanticlocation-pa.googleapis.com
    IN A
    216.58.201.106
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.74
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.178.10
    semanticlocation-pa.googleapis.com
    IN A
    216.58.204.74
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.213.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.180.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.179.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.202
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.42
    semanticlocation-pa.googleapis.com
    IN A
    172.217.16.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.202
  • flag-nl
    GET
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    Remote address:
    45.76.34.131:80
    Request
    GET /api/sms?country=US HTTP/1.1
    Host: sms.service.mobilelinks.xyz
    Connection: Keep-Alive
    Accept-Encoding: gzip
    User-Agent: okhttp/3.12.0
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0 (Ubuntu)
    Date: Tue, 10 Sep 2024 16:44:30 GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-us
    DNS
    startup.mobile.yandex.net
    Remote address:
    1.1.1.1:53
    Request
    startup.mobile.yandex.net
    IN A
  • flag-us
    DNS
    startup.mobile.yandex.net
    Remote address:
    1.1.1.1:53
    Request
    startup.mobile.yandex.net
    IN A
  • flag-nl
    GET
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    Remote address:
    45.76.34.131:80
    Request
    GET /api/sms?country=US HTTP/1.1
    Host: sms.service.mobilelinks.xyz
    Connection: Keep-Alive
    Accept-Encoding: gzip
    User-Agent: okhttp/3.12.0
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0 (Ubuntu)
    Date: Tue, 10 Sep 2024 16:44:36 GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-us
    DNS
    nl.node.soax.com
    Remote address:
    1.1.1.1:53
    Request
    nl.node.soax.com
    IN A
    Response
    nl.node.soax.com
    IN A
    23.109.105.124
    nl.node.soax.com
    IN A
    23.109.104.140
    nl.node.soax.com
    IN A
    23.109.113.76
    nl.node.soax.com
    IN A
    23.109.113.68
    nl.node.soax.com
    IN A
    23.109.55.172
    nl.node.soax.com
    IN A
    23.109.104.180
    nl.node.soax.com
    IN A
    23.109.105.4
  • 104.16.160.145:443
    https://api.onesignal.com/apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js
    tls, http
    1.2kB
     5.2kB
     11
    10

    HTTP Request

    GET https://api.onesignal.com/apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js

    HTTP Response

    200
  • 104.16.160.145:443
    https://api.onesignal.com/players
    tls, http
    3.0kB
     6.6kB
     13
    11

    HTTP Request

    GET https://api.onesignal.com/apps/2bd51059-181a-462f-a8f3-7c3f6f1dba89/android_params.js

    HTTP Response

    200

    HTTP Request

    POST https://api.onesignal.com/players

    HTTP Response

    200
  • 52.219.140.171:443
    https://s3.eu-central-1.amazonaws.com/sx-dmns/v/list.json
    tls, http
    1.4kB
     7.4kB
     19
    18

    HTTP Request

    GET https://s3.eu-central-1.amazonaws.com/sx-dmns/v/list.json

    HTTP Response

    200
  • 216.58.204.78:443
    tls, https
    875 B
     40 B
     1
    1
  • 216.58.201.110:443
    android.apis.google.com
    tls
    9.5kB
     9.5kB
     26
    23
  • 216.58.201.110:443
    android.apis.google.com
    tls
    1.9kB
     6.1kB
     9
    10
  • 45.76.34.131:80
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    http
    413 B
     740 B
     5
    3

    HTTP Request

    GET http://sms.service.mobilelinks.xyz/api/sms?country=US

    HTTP Response

    200
  • 45.76.34.131:80
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    http
    441 B
     792 B
     6
    4

    HTTP Request

    GET http://sms.service.mobilelinks.xyz/api/sms?country=US

    HTTP Response

    200
  • 104.16.160.145:443
    api.onesignal.com
    tls
    3.0kB
     6.2kB
     11
    10
  • 45.76.34.131:80
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    http
    533 B
     788 B
     7
    4

    HTTP Request

    GET http://sms.service.mobilelinks.xyz/api/sms?country=US

    HTTP Response

    200
  • 23.109.55.108:443
    sxdmns1.com
    tls
    972 B
     4.2kB
     14
    15
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls, https
    1.2kB
     40 B
     1
    1
  • 45.76.34.131:80
    http://sms.service.mobilelinks.xyz/api/sms?country=US
    http
    807 B
     853 B
     7
    5

    HTTP Request

    GET http://sms.service.mobilelinks.xyz/api/sms?country=US

    HTTP Response

    200
  • 23.109.105.124:443
    nl.node.soax.com
    tls
    2.3kB
     6.3kB
     26
    25
  • 172.217.169.34:443
    520 B
     10
  • 142.250.180.14:443
    520 B
     10
  • 23.109.105.124:443
    nl.node.soax.com
    tls
    2.2kB
     6.1kB
     26
    42
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    api.onesignal.com
    dns
    63 B
     95 B
     1
    1

    DNS Request

    api.onesignal.com

    DNS Response

    104.16.160.145
    104.17.111.223

  • 1.1.1.1:53
    s3.eu-central-1.amazonaws.com
    dns
    75 B
     203 B
     1
    1

    DNS Request

    s3.eu-central-1.amazonaws.com

    DNS Response

    52.219.140.171
    52.219.140.15
    3.5.139.74
    3.5.135.10
    3.5.134.197
    52.219.169.153
    3.5.137.88
    52.219.171.109

  • 1.1.1.1:53
    3581a62b.api.splkmobile.com
    dns
    73 B
     154 B
     1
    1

    DNS Request

    3581a62b.api.splkmobile.com

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    216.58.201.110

  • 1.1.1.1:53
    sxdmns1.com
    dns
    114 B
     105 B
     2
    1

    DNS Request

    sxdmns1.com

    DNS Request

    sxdmns1.com

    DNS Response

    23.109.55.108
    23.109.55.164
    23.109.55.188

  • 1.1.1.1:53
    startup.mobile.yandex.net
    dns
    142 B
     2

    DNS Request

    startup.mobile.yandex.net

    DNS Request

    startup.mobile.yandex.net

  • 1.1.1.1:53
    sms.service.mobilelinks.xyz
    dns
    73 B
     89 B
     1
    1

    DNS Request

    sms.service.mobilelinks.xyz

    DNS Response

    45.76.34.131

  • 1.1.1.1:53
    semanticlocation-pa.googleapis.com
    dns
    80 B
     320 B
     1
    1

    DNS Request

    semanticlocation-pa.googleapis.com

    DNS Response

    216.58.201.106
    172.217.169.74
    216.58.212.234
    142.250.200.10
    142.250.178.10
    216.58.204.74
    172.217.169.10
    142.250.187.234
    216.58.213.10
    142.250.180.10
    142.250.179.234
    216.58.212.202
    142.250.200.42
    172.217.16.234
    142.250.187.202

  • 1.1.1.1:53
    startup.mobile.yandex.net
    dns
    142 B
     2

    DNS Request

    startup.mobile.yandex.net

    DNS Request

    startup.mobile.yandex.net

  • 1.1.1.1:53
    nl.node.soax.com
    dns
    62 B
     174 B
     1
    1

    DNS Request

    nl.node.soax.com

    DNS Response

    23.109.105.124
    23.109.104.140
    23.109.113.76
    23.109.113.68
    23.109.55.172
    23.109.104.180
    23.109.105.4

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    f3a81e120475ae8ffcf118cc9903b8f7

    SHA1

    91700df9b81f33f309d2d21595d07027f0490058

    SHA256

    b067812e35419f2c367ae1064277971951f1bf3882cd0955cdc0184e60c42133

    SHA512

    ac98558fd860bc65926195bd27a54c83f77da9c906d9eb1f21604e4d856a49b4c297f849990bdfac62b9d39a99a0821d57728f3aef9515966ac5cf37dd5143f8

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-shm
    Filesize

    32KB

    MD5

    7d88c811f8ab0e73a4c394881f0d2a7b

    SHA1

    0bacdeb77e64ba114b793b2d02b8f59ff408550d

    SHA256

    af4192a42d9cf2e9fb6c655469540a1e8f9eec3a3dedfb7bc4e7e6b6cf93e892

    SHA512

    8f02705b31266c404559a58b7f20ad9cb468dbf2f6b6fb7fe51960463b1ead4c5d3057f394ece232421b2e7c3ec2d69394e754c2802c3763c5e11d3b6b3bad83

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-wal
    Filesize

    64KB

    MD5

    d4cea94619b82d671cbfe2dd770f0fef

    SHA1

    3286eb06b557238dce5ec7488728eeabd7cfec5c

    SHA256

    e5efb6ae76971da8aab6bc42ae613f8326b143041e9821b989d7b1cb7a726a2e

    SHA512

    fdf6fdcf41153011a5d781570e7cda2efa3901cc4485030fdf61f32e5157dc6248692004f8e21d548e21b7dc23cd5a372a69bfe160b700fa0a96188724d24d63

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/files/Mint-lastsavedfile
    Filesize

    152KB

    MD5

    728e734961ddb772cebae96299fb7964

    SHA1

    f60cc77c31d3908e1ef798a98b29ca6250c7f45c

    SHA256

    e7dd42f3cb60220844b43dcbd38f4dc8faa20650bb4efdbda89c94c975ae6d14

    SHA512

    0f398469b00afae1503162fe8f17c716aa5a52eb29650a8a80d1fffd34665ca69f385b76d359fddc176ff29a2a4a8056b1488e0e6d1c1483fe56e36237146dae

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/files/Mint-lastsavedfile
    Filesize

    34B

    MD5

    a4ffada888866a59912cb3d15deb2558

    SHA1

    32090d5687aa98d9f24577a05db3e31f39c65a40

    SHA256

    9d5e5f9131cacf3f2d0a02019af9fb0e37bd7c42044e165fbcd74de5003fd801

    SHA512

    7ad9e1f492e7dc2cb07808b91aa48f379f43bc95656409830ad211537f9d5516dc711c4ddadb39516fc23e6dce272df3d494e9d9dda0abf57435bbb775ab075f

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/files/MintSavedData-1-1725986656226.json
    Filesize

    3KB

    MD5

    434a5e8954b1c3eb3970de25d2d046ee

    SHA1

    6de0951dbdf95de3e927d881376958af46f13514

    SHA256

    38ee659b060054cafb878145a52d3357640d2f41f387c9469871159988356e49

    SHA512

    8f439618199a2c14d730db3e73b6823702edcdf90efe21fbcc3d834d6d1200f9cd3cf61575dc3d9479bdf3fffb0ed7018a2231cef1871fee91762a471e75a7cf

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/files/crashCounter
    Filesize

    2B

    MD5

    b026324c6904b2a9cb4b88d6d61c81d1

    SHA1

    e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e

    SHA256

    4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

    SHA512

    3abb6677af34ac57c0ca5828fd94f9d886c26ce59a8ce60ecf6778079423dccff1d6f19cb655805d56098e6d38a1a710dee59523eed7511e5a9e4b8ccb3a4686

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/files/lastCrashID
    Filesize

    33B

    MD5

    743168f4b98e9836a85299bd3a394293

    SHA1

    edc36b306a8ac731454bb901a601327ac1ff1d67

    SHA256

    95285d7c90069c19a86882857774f7d3e9082ccdac7dc4ed9225d5496a459d73

    SHA512

    8e5b0116753b86eca6bb651f5074a1e2e3a385fd6c536c1f737d4cc70b3715a43eff828e6da105130fed49903476e0ee4abe75388a6b88e7ad917d8e483e015f

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    4b7dadef2ae3496c2b1b3a2aeb996304

    SHA1

    cd16896f498452296bc12939127042807bdf1091

    SHA256

    8b6bbf72976559fea26493fe49e6edc54ae76a954d0182e70db9e75ac19c9650

    SHA512

    75ac0385518f220cabbd019cb5885dee621f20eeb5409feb80d527d3cf77e128f685ee62221d463e368f4c96b1669713e11f19779acb2e70700ca09f6dcf2352

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-journal
    Filesize

    406KB

    MD5

    ad88ccc75d3145e0e7e8dc6c1acf160b

    SHA1

    c092cdd936ed17f3c45922afab8eb7b5da0a6678

    SHA256

    258ccfb2c62d253351e81100bdbe4189bc4c830248af492801ef14402186e48d

    SHA512

    26a4f5067e08f92ddb72170c9ee2e70e2719ca66ae12be8be4bae2cea4faae7cdf3157ee42e2687ed0d87758cdb887057057d865fc48f12fc384bb0a8a8618f8

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal
    Filesize

    32KB

    MD5

    54aac8e0a933bdc8a4ba8d282a7c4fca

    SHA1

    0d7e7b287361ea9c43da94cb10ed599a07f3ce55

    SHA256

    49d17436ee047a59009c3f01c4c91065513dc1c583e7d342945d104b3e75bd43

    SHA512

    eb0f9b2a6baacaac298905822a6708ca18762e5362778fd145e2f49d06d38df2256bbaa7be15aaf7c565045be0e856dd1ddd926b863e13e69afab2e3085e5a0b

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    a35c3e275fa7b6020b9c9716a916603d

    SHA1

    16cf3a6400b390bc8bfa5ace800e310eae643cf0

    SHA256

    c23c5c466b78615bbeb8141341a2834a5d9cf0832a77f6d5b1c8a68767175d24

    SHA512

    e6bf8ba42dbc983e377b9a00decda2b9e0422073ff45e436afa8356ece875fe1d3d50325d1872b2ebddfaae3eacc0025c82bdbabfb1cbe65ba16fcc4e75a8a5c

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal
    Filesize

    116KB

    MD5

    2fcb2b24f963df40c8d702a261e4905f

    SHA1

    e715a331c707fe6a53e5fe6d306f728026b02263

    SHA256

    cbc437c43876d57b1be505d7d18fd0c30a7f96804f5563ebdf5699b3f28d9289

    SHA512

    af52e292534a83f14612b5545faeee4fe45e93ffffaa4b689dda82a48dae88c4d36181838e4948bbdde407a908b8dd158c536996a1964760f06d9918b9481b6b

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal
    Filesize

    281KB

    MD5

    1eb632b26519854a0c48c15e8fb8bfd2

    SHA1

    aa038e0fc6dbb3e50ff339491e21d1b6678db755

    SHA256

    a32ef0f4f4beb4bec3bfee88c75354ad645b1a2d045132f19bce5545337e9dcb

    SHA512

    3c2532626daff1208c9cb7cf51e22261751fe6716aa438ad238eab1716b7dbc651f0ea17abb44136563c847f63f96569fbce008383b109b70a97998f20a50a9a

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal
    Filesize

    193KB

    MD5

    5998b96f6b59e0af5cafccbff28e77db

    SHA1

    9246ae545f7b12e99d4d23cc6f530e36486aed22

    SHA256

    50da0f938390d7afe355dace135bba63e0fab83bd1e511c2487514b4175baba7

    SHA512

    adf8b383439e405043e07fc0cb10209ccb99435b59c6e1b73079f3c16d2f348b03b616348f6d839fa08d52118a62207518a7251ef14f10bf1b16dedebb79250d

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/com.google.InstanceId.properties
    Filesize

    32KB

    MD5

    fabb7853c60935c2289daa4e49c17ce8

    SHA1

    d67f4998fec925e21d791ebc9171a0e848d7bdae

    SHA256

    0c33a6fd9786c0826d9afa77871710896b9347e7ba9c8759370044403a85eb26

    SHA512

    b5b1940e392a92b3f6ff965b394549f733bdae1db6aaf0f4f7cff52588bcd88fa26492607ea2068206fbb3a98da21c2ae0ef0ad846522ebfb21828c014e5b7e4

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack
    Filesize

    88KB

    MD5

    84171eb6ac67d79cf7239577f6580274

    SHA1

    b926ee89bdb4bcfad8029fe26fae6d478528564e

    SHA256

    6482e1eae8f6cd6cbb534daf0463661ea80c482d1bd98a719291af183654a7c3

    SHA512

    9309feec7be5d85a684defbf0d895038bea8c435a9bf2c11cf48948173cf62b3413ef235c039cd1d6aeccf1f74f9bf6f2464418b3664abd2dc3907dafa322fad

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack-wal
    Filesize

    406KB

    MD5

    c6ba15c4d3babd03a14e7494021eb3cd

    SHA1

    b68dde35e5a755324ca4a0a0f7873ca3394b5b2f

    SHA256

    c81092187fcc7d34c98a641df953870806ed3bd2514aa757dd8cb6aed405268b

    SHA512

    f43bd211329bc8d45fac0f09d7af5711131af02a27ed6667aca1cdd6356071e9714cc2dc970ec47c38d3b5944e83bdc93b24514c36eda26516707642fdceefc7

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal
    Filesize

    512B

    MD5

    83a8383179b42e29a9b1bc45d5727057

    SHA1

    600ce48b8a049bbbea756c21d49489d3f57ef272

    SHA256

    2c246f78ff9eb54293e24f3ac01b48bee07c5c02a19fb70e9c60f568bab0f4fc

    SHA512

    363aa2f8dcda4d2d935fd33a5d23bda38d1b947705865a2668dccc1576fb0f9bc98dfd3c93539afda2a3aaa7b3cc611a79827d73f9ed9534c6b7c8649f4baf4e

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    5ae1dae9eb36649faeb07a94ca96e7f8

    SHA1

    9056cb35b999726d6576ef6ced55ca9228cb97c3

    SHA256

    62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

    SHA512

    e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db
    Filesize

    44KB

    MD5

    f11580f9a547eaec6ea8bc808536906d

    SHA1

    5e4be3d525861982556d3570942c281644339d11

    SHA256

    40aa84fbd9c517a8739251a20b35eb2431a10d28b9c1de9d09decce0dfc376eb

    SHA512

    531dd45463f7158c8611a56bccc94aca1c8bed0aed84b50d7d7698a77f85157cc51eb4896fa7dbea2fdf654a567e737117750e36bd5521d1c9c0e19dc3c00131

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    ac26a375d5d673c2a7b39bbe42efacaa

    SHA1

    a7384db83f153cce2cdd67a97a20df068f6ecd67

    SHA256

    001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

    SHA512

    45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-journal
    Filesize

    512B

    MD5

    507c1dd8dda6704366b3b1ff4a3e5d79

    SHA1

    e420828ad24c7a9e3d9191d7cd330bdbc6e4342a

    SHA256

    d2f1e542b741b13f588e66fac0ae4680ca21b918d6af5bac7a0b90f506cf7547

    SHA512

    b1052cc19cf023e82fb61e991e895ebc1351f25c50e29bc7684f039cee8227296ac5d78d7cb2428f3cae613189226ea44606bafc0903bfb7f5df5f6d189814cd

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    9f34ea20ca2d1a77645d9551c1ca22f4

    SHA1

    3949073c4eb396ab6416eb1f1810d6d91faf8be6

    SHA256

    2a41bcd0ceee65d856dc0b4453b9a2d77499e20f73f65d198903daad349a184f

    SHA512

    47ad85c2470a1c31cbcdb56dd926b1e9445b2797c839b9d46e72f974b8780d9f2b6313f52bb17f615b0c9b32bf9d0f05f665588ea79df112c23ab4ded1cf132d

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    7a0f20005a93ca05a4dd5d60dfc5a086

    SHA1

    d75d42f8d4c2944e3e18f334b173e48f4364efcd

    SHA256

    57c10dcf212bcc63ef166807d697e16bbfec14586b835dc4f7441757f90a95e9

    SHA512

    80c14e708de1a734db24aaa6474978b668b6f1263b1607d3aab0cdd4bdf5b76ae6e26ca8ba8c80bed56bb7eac7e9d34c8c01f4b9608ec2a3ad0b0d7e593cf389

    Download Submit

  • /data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    262c6ce4176725d21048b16970fb5f86

    SHA1

    c7d211f1e7df693f17dee7309ee2abe1f9c7c63c

    SHA256

    cd0ccb59dbb0bd1ef91e63f98a11d5cba7bfa39b40717b2ab496b0b69b4b4804

    SHA512

    ec28e5a2a718abe202f204a7fb5d37a25d77b178fe527bc52aa1e81669401eab35babf65c8f2817aec9e11a64f47352bc7eb2915d5820619c125b8f623955438

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.