Malware Analysis Report

2024-10-18 23:04

Sample ID 241012-rnfgwsvcrf
Target 2936207e-6d88-4986-881a-549cfb937563_oogleWebBrowserAndroid.apk
SHA256 e6746d0069dea77ecd1d7a611c45e5af220643c23f7b473e1bc2ed8aa2923475
Tags
smsworm collection credential_access discovery evasion impact persistence execution
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

e6746d0069dea77ecd1d7a611c45e5af220643c23f7b473e1bc2ed8aa2923475

Threat Level: Known bad

The file 2936207e-6d88-4986-881a-549cfb937563_oogleWebBrowserAndroid.apk was found to be: Known bad.

Malicious Activity Summary

smsworm collection credential_access discovery evasion impact persistence execution

Smsworm family

Android SMSWorm payload

Checks if the Android device is rooted.

Checks Android system properties for emulator presence.

Obtains sensitive information copied to the device clipboard

Loads dropped Dex/Jar

Queries information about running processes on the device

Checks known Qemu pipes.

Queries the mobile country code (MCC)

Acquires the wake lock

Queries information about active data network

Requests dangerous framework permissions

Declares services with permission to bind to the system

Requests cell location

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-12 14:20

Signatures

Android SMSWorm payload

Description Indicator Process Target
N/A N/A N/A N/A

Smsworm family

smsworm

Declares services with permission to bind to the system

Description Indicator Process Target
Required by remote views services to bind with the system. Allows apps to share and display views across different processes. android.permission.BIND_REMOTEVIEWS N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-12 14:20

Reported

2024-10-12 14:21

Platform

android-x64-20240624-en

Max time kernel

14s

Max time network

35s

Command Line

oogle.chrome.web

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/bin/failsafe/su N/A N/A
N/A /system/sd/xbin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/socket/qemud N/A N/A
N/A /dev/qemu_pipe N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /product/framework/com.google.android.maps.jar N/A N/A
N/A /product/framework/com.google.android.maps.jar N/A N/A
N/A /data/user/0/oogle.chrome.web/files/audience_network.dex N/A N/A
N/A /data/user/0/oogle.chrome.web/files/audience_network.dex N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

oogle.chrome.web

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 config.e-droid.net udp
DE 82.165.74.143:443 config.e-droid.net tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 imgs1.e-droid.net udp
GB 89.187.167.38:443 imgs1.e-droid.net tcp
US 1.1.1.1:53 srv15.e-droid.net udp
DE 82.165.61.18:443 srv15.e-droid.net tcp
GB 89.187.167.38:443 imgs1.e-droid.net tcp

Files

/product/framework/com.google.android.maps.jar

MD5 4899aca36d1ed747a447dcac0d101a62
SHA1 32e43edc0bf3e036683ea8639472e6cd31ab9929
SHA256 67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f
SHA512 50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

/data/data/oogle.chrome.web/files/audience_network.dex

MD5 69cf159b893eefff9a8106cc3ee37e03
SHA1 165207adfe8c6047ce9f3dd38aed50796c1660d1
SHA256 26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf
SHA512 379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

/data/data/oogle.chrome.web/no_backup/com.google.InstanceId.properties

MD5 bc3d56c024667b77cf0695de0e4fe22b
SHA1 787270a2dc94c5e73e4c318f1db490b16b428fa5
SHA256 2ea4c9d47a9a2168be9b058a9b51cfa99c5c8d07763acfd865d4b0ab1f5bd33a
SHA512 e73e8168e7451dc19917aad045565a3a68f9d2792b03367720d8d1aa87691f13b7383a37ba1c83362079124a633f374c383d0234ad5a745fe89e7489d156f801

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 ae173e7cfd258f4036d1b36cda9ac17b
SHA1 4f2dc37ef8e1170b2fd882a55fdde21f3d1b7f40
SHA256 548c6a765e431734717461d1b27cca96be84c97bfff7cf1bb6383c93b1719841
SHA512 be2ad858d750c7913289292541e1e25ab494b5383b43c2ab376c8ddb0873ebd6da9ce3649c2842bbc59158a213c84ceedd38df28ecd76769678599750e693602

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 ea5c88198d8a8df31cd036eceab9defb
SHA1 d4d15ebec0fa1a5811b80afe509bb65376bd728a
SHA256 0c679914f08c1b670f2c3e80d6d9b6c1329c7f7e1a07f35af9188ccc87e5ad6f
SHA512 d19be95cb28bd1fc48d5e76e9e71bd3426463711eb39bf76dcebc3c546948b0a62be31e52167dc92e37983b7f7093715030bdca91e27caf0df2b6ded51ad37f6

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 416c252ebf6b2ddf9e3b3ffe62df72ec
SHA1 0280afaebae97fb3474e8d39f4217766aaca1d4e
SHA256 d08558ab255811f0f2c85c79e152035ebc5ab0bb8248580cafc5cc5f2e6a11fc
SHA512 dbc7623f2c517783e19a805bd3fb8289651bf41676dbe7e65d61ab6d1f5586e5a2c9af3aba65d48c10de08243a39440775f9348201085cc9a69e352026c7b44a

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 315c8350b8087cd2060401508ad14214
SHA1 a8836f1f4c8893f0964e4dc50bdad12014f7a9d0
SHA256 7104eb205c0e5c07c2ae855c078993d6380dd593e00f593472e566a110bc1726
SHA512 54780912649ed1b02834065c384123b53d33d974696ccf6681f804e8078466a3b6f3460c64ba1171de62d54b835ed8870b979859d449a65fea204dddb357d253

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 c8e80f754f0e36fd40a8521c236d9da1
SHA1 143e1729a40c9c6bada6fe0d3450009adb351dd4
SHA256 8f94a020696db53c21c46e5b3627419f5e16917f72c4aefa814002250e7972c0
SHA512 33bdd3bd45d64025f8d321e31f097691a404658617350d488d25d82133ef527f53b7852388370c7345fbbd14052f7aa4a9398ec324cbe15e77c5a68a9b998fd2

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 b6c4c1237c2cb900107e9d4075db0c06
SHA1 468f725c5f7599fa02a8fc50a9891d71653d4a50
SHA256 952ed99a32efe29d7b7b7e3c8fda90c1a108301553d9b01ed6bbe747db391e67
SHA512 702c56f50c416c2ee903ba8e88b3fdb627e7f8e1f342720c90f48300546b31475c27715f899152a73ee6dc12dbcbe9337e07852eabc81ab0c29e4ef9a512521a

/data/data/oogle.chrome.web/files/vinebre_ac.txt

MD5 9865ea1cff2b9bc0436843b7c7a9d1e2
SHA1 2d26cc98ee50f42e16587dfb3c863bf3605d0d00
SHA256 53fd7d3a4be4a3b86636d6061e19dbd551be787c35e595565a737f2175ff10ab
SHA512 ebc8c8b15e4073e766822d132a76411031907762cb5cf61564a6fa7ca8848fec5d2a2bf7abb7de3dce61fb717ffd0d5b7be11916aef9ddc4ac04d72893992287

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 ea94ccdd9d71e01e728cc385872b56dd
SHA1 1e8382bca5cf7f2a6c997ee823ca73303bfd672e
SHA256 1c8d396b781815579b6a7b4210547ade75645f685b3ab5d1a486e55fc8202b78
SHA512 ecffd5cfca725dd7b61f62ed99fea40a8db35fd8bf72037b838e69f9b7b44695be43394ba95a41180fde02b742ccbedc4bc3d8303aeaade79c00691775a804af

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 3b426844711115a89d562c02265be054
SHA1 c509a433cd79ef6618963d753ba7beda60e051c4
SHA256 aa5fa19d2e9629323c9ecddf657b93f2a3015e19c7f8f2f2a3e41546e8e8e74d
SHA512 ea777e6fee97d0713df7fa61bcb30de03e6e9c224bc4b3550a51e015bdcde30913de884a54fa70f7d9fea91dcf5166451175c298bb6cd5bba4b06fdecacb397f

/data/data/oogle.chrome.web/files/shared_prefs_sdk_ad_prefs

MD5 65026ee778e1372d9f4aed742772e893
SHA1 5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc
SHA256 15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c
SHA512 589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 1ddb4453efbb560d626118ed5110eb18
SHA1 1ab66135534290a023ec2cc7a481ae5b9119313d
SHA256 eb4e47ddd664dd8be1cf2eff43d3679416e5b08f7a304d219f81706de7deb5bb
SHA512 815a1cd69e5ebae03d5ecf449f34f4294cadc07ce904f32c1a36b4ac8166d4d0396388bc9c6d2a36707a8a564609d26f1ec5cb31207a1a47fb418a1f75ccea49

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851

MD5 74c9016eed546f7e358eb8ed3d42c416
SHA1 197d5ad9a21f7fa0788de725cddb3808a0626ce1
SHA256 69ce344e14f34d7c89dc30b22a118f4aeaf33ae3e13716f0cd9ab6d8d69b5c35
SHA512 d9710d35faf4cb784775da35b25b26bb7ae1ef5b4c6c84b8642f6b70cd7e622b647cb9aaf7f2732ceeb7e572377b93e1f7eea124699411d693b780eb982e3d5d

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 cc2f3a5bf51c5fc4f68406e848f8a383
SHA1 e84642dc47f5802e622600dda1f79d84be33c809
SHA256 f20ff6b55abb2651394681e42a4fe79067b033dcf1534c3974391c31d2e68ef0
SHA512 72b5948474464a155b88e6d2821cf80d4390adf510204fc530bc6f733b47cc8761211ff1e7160abadb88a4d854fd7543eb27cb0f608a3787c6013edfddb4d846

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 2f1be083c81a8ac34469579a7d20acab
SHA1 a77efba14baa5b347c83ee8aea7645528585a5fa
SHA256 01da7f9c1c669d604a06ebe2e5bc32b665d8ad7c15f3a0da25ad11a8b2880e50
SHA512 0f91949a42934a035363f6272f7284d370320c5d8aae0d34f6792bb4530765055e1e31224aaf068c626efa4f1dcf53ee4d93fcbd85dcbe000f71bd1ead784b3c

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-12 14:20

Reported

2024-10-12 14:21

Platform

android-x64-arm64-20240910-en

Max time kernel

22s

Max time network

35s

Command Line

oogle.chrome.web

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/bin/failsafe/su N/A N/A
N/A /system/sd/xbin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.bootloader N/A N/A
Accessed system property key: ro.product.model N/A N/A

Checks known Qemu pipes.

evasion
Description Indicator Process Target
N/A /dev/socket/qemud N/A N/A
N/A /dev/qemu_pipe N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/oogle.chrome.web/[email protected] N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Requests cell location

collection discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

oogle.chrome.web

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 216.58.204.78:443 android.apis.google.com tcp
US 1.1.1.1:53 config.e-droid.net udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 216.239.32.223:443 tcp
DE 82.165.74.143:443 config.e-droid.net tcp
US 1.1.1.1:53 imgs1.e-droid.net udp
US 1.1.1.1:53 srv15.e-droid.net udp
GB 89.187.167.39:443 imgs1.e-droid.net tcp
GB 89.187.167.39:443 imgs1.e-droid.net tcp
US 1.1.1.1:53 adsmetadata.startappservice.com udp
SG 138.2.110.152:443 adsmetadata.startappservice.com tcp
SG 138.2.110.152:443 adsmetadata.startappservice.com tcp
US 1.1.1.1:53 infoevent.startappservice.com udp
SG 138.2.110.152:443 infoevent.startappservice.com tcp
US 1.1.1.1:53 info.startappservice.com udp
US 68.232.34.193:443 info.startappservice.com tcp
US 68.232.34.193:443 info.startappservice.com tcp
US 1.1.1.1:53 trackdownload.startappservice.com udp
US 150.136.215.59:443 trackdownload.startappservice.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
DE 82.165.61.18:443 srv15.e-droid.net tcp

Files

/data/user/0/oogle.chrome.web/[email protected]

MD5 69cf159b893eefff9a8106cc3ee37e03
SHA1 165207adfe8c6047ce9f3dd38aed50796c1660d1
SHA256 26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf
SHA512 379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

/data/data/oogle.chrome.web/no_backup/com.google.InstanceId.properties

MD5 2e74eb9e217f000ca9ff9116aa76b062
SHA1 e1256b0d2987e1e69ca40311f6c22517493de720
SHA256 340181b01ec540f6f6dab8d842a0daf74a95e967fb638df96b4eb57169d94dfd
SHA512 11d4641c8818a18655f3f24b9e7d6ceea9d5e145f032fef86e2be66c514cd8250b9b19e73e441d03f8562dabcc09b0942c9f7c805367cc98b6e50b352f9a179b

/data/data/oogle.chrome.web/oat/x86_64/[email protected]

MD5 30c6b0e2f2dfb42dc034825ff4ed8ea2
SHA1 0b765403b50fd2177b696c77aa429497feda3187
SHA256 43279ad9e065cd8c121ae49d18bac026d061901f3e9b28922a0fd6c6a62d191f
SHA512 64f8342e60c9b39378b5272c275151d02000de418342c8fe5f1aabc2739e3d1a90bc1101183c9419666196b5d0014962a983f848e6d85d9d55218259a0b6b9a9

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 a4c2945b572f7a25270afc120bcedcf3
SHA1 76c75f75d4a6129bc62a715b8c514ca80984653c
SHA256 1cc5192bae95e36ddf99c5be488a508b30a236bb0e98852ec4318dc53eb79cce
SHA512 2072618fb398a051886bc02e77d0aac11f57ca3ff64c78a5042d79c8e237da4a34a80c3c4349b9b460ce3947a8e8687a786b6b99a06bcfea013d5e5eb0f73cd8

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 8eaf76a70c2cf0928c73018de276c576
SHA1 7483083748a728bbdc770a67e8e4c879a9fa4815
SHA256 59deb6a8d60f09ca3990f6ce7e6349252e5ef55da6ebc3c68fa49fca65a0a6d1
SHA512 2cb5f91da299b6563a8f7d7076f6c9f9163167452fa11c4580ff28147ac44e8bdd2c88d7a8c3d729d6c9b0a307076f63723e9fb1912f6eacf94fbcdd8afbb20e

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 4d611ac0b3c701595b24aaeceb861182
SHA1 22b2887fe42ae6a012dc551ef5be826985f7c596
SHA256 783328fa106424aaf5a6dbf9b3304fde6ae33075eb0b0b8473932384716fa9c4
SHA512 3358b3d1e5cd9261ce52ad33923a63b4d88d8cc17752f3738f939918b7ca77a81d12fd0a461e6e523d67fd930edefff095817ae623dfeffb53ff8287db827f00

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 b86f25993fdb09741a94376904fc50e1
SHA1 5018cf63f2be7952635e51a96df525671167d650
SHA256 7286b34238c08d6f68cdde3c8d4f6b3cbfda5b859d7c5caad57de5d249450ccf
SHA512 f11abe6202b121be545d94056184d7737716c11151bec2d6df17264e97d580573ac28e5eef17b6be2bbd81c7a3d7a22219f3239b6608139189b72665f862283a

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 ccb61bd80a799f732e832a2917af5d3f
SHA1 3ae89cd1b757372f080cf99a3199d81b4701e367
SHA256 dacb4830e48c521c0ef20563dc2f277b881de2f6dfb0d7e00f4ec041814a2980
SHA512 fa7a9002f8c6363e15ded9b721d64ed9cc4cd5f3ac668fca85befebb042a5decd615aed424316154e2313a62468026af6174c6f25ed00f3e4c38fcee14dec90d

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 010712408b72453b6a88c78cfde7089b
SHA1 6a9341691a7c6a3484a127d75b2c53f97059fd48
SHA256 e387f17574be9704096acecf52756b3d6e3f5c1702e753ea974108fae7acd06e
SHA512 7334d74f84bc08cc44783a9fd09ea7246007ca48779b4293e5f075949a16aa5ce265e879e2a6c74dd9e6fbc74c7540c31e8673b508519f5b078cb64fef5b71d8

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db-journal

MD5 ba3e300954f24e67e747f592ca9badcb
SHA1 85e3c4726c07d349779481d6e898dcb17d7f4654
SHA256 046a53dfd09b9d2a74557bc1bce94fc8bbd13ce213f7a91711084b26c1a28615
SHA512 a807084dd9531ee5a3247c850cb0a45fe97f7a2879e0ea0a481851a3bcc7dd63509fb2e2c0939a1230fb959d5fa4aa8f0ced4707b5274b413854219b62aeec44

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 dd86ba8ca8332be839abe05662eeffdc
SHA1 f424ed2fbda9913bce3cebfecb4df0862f4cf370
SHA256 ed3420372ecf7ae52236d827997f5614aae367f27c3d8331a0a7eedd532e8ddf
SHA512 f8d93163e71a6091e90443a3e9d940f9086529133e46b1b7a9dfe89a5f0bbe2498e87fc68fc6d3da607529bfdb570e570183e6d4dc7ffec1cd7c95879538d692

/data/data/oogle.chrome.web/files/vinebre_ac.txt

MD5 e330240f5bf26a49dbba840d1b7fa74a
SHA1 6651c382d91066bd443e4c55f950834eb7e52c56
SHA256 acef5ade0cbc6450604e277377260f5c1259ad46e890f1cdb3106cec6d599273
SHA512 cc4b165016c8b1207921b107eb20540b8b2d85a00ac774d64f7697e6cc67bf83882ecf59d131e4717be80fd3e8710c4946df90d7379732c0634b6ee3dd3a8265

/data/data/oogle.chrome.web/files/shared_prefs_sdk_ad_prefs

MD5 65026ee778e1372d9f4aed742772e893
SHA1 5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc
SHA256 15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c
SHA512 589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 e659b14e922baaa81255fca2048b9c2e
SHA1 7e83ad29fb3fb45b5016f63f1e6efb3ffaa475fc
SHA256 5693c837e562f5677707a23a2b7e842379a9055f6700b27c483a4ce2dbb70fe3
SHA512 404c0ba1ba96d80b0073795aa6f86697ef924e285177888a8945f36818cd9cfe03b67cbcf3b0cd161b26082923408c0be4301876875b34ecda0bb38cb3da676a

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851

MD5 2d4cfac89857972794e027a1deea71e9
SHA1 1a262111bdec486a67187a88815a7761ed39427b
SHA256 9ada893acc122895cbb535cdf71634e935523e00ee0dc42fe629ba3f8c637838
SHA512 2c958b1050a66c2c6f7bd5a89e62717d752e5f42f2bbff119946f0381f7ce045ed6e1ced03af5739127fd070d6bcf1e25f1bf1708b5c379bae704a29cf6a646d

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 3006e18629bc632f8a8615d0ef87efeb
SHA1 7bd04a40285287412575c0ccc072e38b133fa17d
SHA256 1e0ad6d7ad9a09685896cb0d7a1ae4c8f41e8d047b5597605101d97a962d3583
SHA512 591cec8c227678be2ef96325002cd5adebe66819daed8e346f0dad824445a53c2e38184790f8ebb72e1022160c9cf71a2fc2e607f91ac1c822c15aa3ee2afee6

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 f738b64b971362fed429a4f0f810d19a
SHA1 a015d2f77cd36ab1c2dc88ab77b8428ba183ca66
SHA256 0743d8c484629a72aecf32a27e1d21ae959dc62117bbf8aa038603a3cf3f0dcf
SHA512 bccc103608586ae39a9534829306eb5681aec10bb689b79fc9ee531371ea2d35b05afeb0e695ae44fad317f62ec4e499d9ce2874c5ed1d01cdd91a6b3fe26f90

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 5625beaba72e3d719b5a42897c20431e
SHA1 3033c6476833c2fff3e955fdb6ce45dc6378fe0f
SHA256 b18088ca27ed269ccda506d1c6a7815abc5b8a7dfdffe974e9b8bc8e3dfeb59f
SHA512 0c6af94e92388d89efd1cde021497f05d511415fdd01cc6f21f5c566eaca5d3214902db8bdadcced3d43841eff5c71f41e1d2346c5dbd16aef5b818021d0bef5

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 33e61e6c73343bcfee53416aaaaaa318
SHA1 241fa01be41c6a0faf2efba53c888bb29260d76d
SHA256 335cc08717f577a47b92fd8d5706e79577907dfe0231acdd7342058650db267e
SHA512 2da5aad11b73323870a01c6642948971d1dc550f3674182f2109bd849ad5078b388ec9672a2cff797899d5be05162d448de2b5b3271d3ad364ebcac704990b19

/data/data/oogle.chrome.web/databases/StartApp-d6864f2502af7851-journal

MD5 e43819741d6a996f492a158005517276
SHA1 c7774e0af546476ffed1504c803e191042794a7e
SHA256 48184046fd4594cc74917582207d40cf5a3b5a18b470e063e99f7bf7470614b3
SHA512 7830493d4a0234f920acd5b1c1a66a9edb7231b261bdcdb75d0bd0d92908bd8f9f3be492d95e7a68c80cac3736e4bac9cd443de2aefc78886394d277e22f2c47

/data/data/oogle.chrome.web/files/StartappAdsMetadata

MD5 02d28ac2d17fe30a954942fb6fa47657
SHA1 a738a7d3a1fbb396a5387819b8106011bfbd35a0
SHA256 75e40d68562700c230e7c6ad2bd89d8304d6baaf1a37eb82bcfa8f05439c4a91
SHA512 a061b0074781ae0d97f1351fd955342a852b7fe893a9fe992461c044be73fec04336d8508704801573aef6afdf7d356f6e4274f15d7642db8d3103467f884420

/data/data/oogle.chrome.web/files/StartappBannerMetadata

MD5 008ad37c8d89f1f02004d2b63a20fdbb
SHA1 62536b74feba7abaa70b7b0c7d304abcdf623308
SHA256 248c48a58bcd53389c33ef11839900915e7a50deb9747c1ed258b2a8e2a415fc
SHA512 3782948b8c629005d360bb1170d157ef09d0d1b0fe64eb067144f20673e37e619074f880b07dd3ffed023c80176b9f99328ded0b7a6b61a1479d32d124e717a8

/data/data/oogle.chrome.web/files/StartappSplashMetadata

MD5 203a342363f3c8ccd4061caa2ac216e4
SHA1 cb71e91b8bec2d09609f607dcd04c7b8b38d4d38
SHA256 19bc60ff318b14608531a652b324455be016e710f24ceb4c3ece24f5d2f6e0cd
SHA512 72663d37343139c54b34c057975bcce95e8f8998d470771b5ac3ee4fd3c47779630007f05b36eae28ccdb98ff2915a5f740b12828baaecd596cbdc2d36c7d074

/data/data/oogle.chrome.web/files/StartappCacheMetadata

MD5 1cc961a176032fc935e671957856ddcb
SHA1 818562479af03f2cc3c1936bff5c7b13f5a6ca6f
SHA256 e6e9d42a25a60b9a933ac266abcad0f2575f3b7e7ff39f880b0845b7e4e4b0df
SHA512 c6761d342ce60ec7d7f8fe47f51503dd4ef7cce2d3dd399de9a9683477e70f17659edf35516f33ba107f8fe8088f8a1424e02a377bfe2909f590074aa7e6391c

/data/data/oogle.chrome.web/files/StartappAdInfoMetadata

MD5 ca5f71ac2d8722b7ecc79cf7280c4e2e
SHA1 73e01ee50d3a9b77345950a7c4eb974b0e9d1260
SHA256 661af6f88a63c184976aa63ba5dd83107e1e074b11253835064f9cea74b32068
SHA512 0a123881d663dd62ac650a2a05f10234ffd120bd2054c07bd1bada86fb9b5b229377cceb6f92e07356b6a603883d6553dcd9363083acae6b33448dae0d62a44e

/data/data/oogle.chrome.web/files/StartappMetadata

MD5 20c44d4c9e888f58fdee04174a718c3f
SHA1 8be4e9f28070be23640ad9a9b23c3470157703f8
SHA256 3af88d263df16ecad89d8178f7baa546e46f5b3e3e40c05c31885a19cf45383d
SHA512 199bde1384227d3f7478646e5b99cfb8ef694435a59ac9e10dbda510bc6672d2ca95bfeae88dbce65afb50a6b200ebe5da459109e7e05a7a5c33bda3d4557241

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 d745c5eb9933cf41e15c243bccdfac22
SHA1 7a9f309b4eb5262abb266a815199fb563f752775
SHA256 eba67ec390bbce0e0372b83c33cab94528f8dc4e98c7ebafdc85c1861764616b
SHA512 513e77b6349033c164d117c0d9856116282b967c52aabd13923cb22bb8563f2c1129b2b1f2e49f782acaabcf9a21e34850c5b0dde251072940b3892a380cb789

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 d92207f7ccd2b6ee6d554b44a875f892
SHA1 6933861fb8607e4fbe2ef738d06bebce298d68bd
SHA256 812d144658541473c642d5be6f59fce5fc8755f7afdce8ff039ca227c73b704a
SHA512 cb56365d01ffe16196c5f7f5451882d09989c4d6b4002e830d7368a159d41914b8ffed6af79dc10efc4b5057c99c2678f4f11b42b680bbb707ee59d31482d032

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 be41d0c07070be0f4874aae122b6592f
SHA1 f98d8190a25cd5ae12f1e0455dd4fd5df8d70ba4
SHA256 66292e46ed04cae33bd61ee0a77ef7fe480d7a057cfa24d5ac17b54d9ab38718
SHA512 a49bc25de254923b2eb74085615c19eb7c92d02b2c62c8500ac24716b6828d8c162efdab61432f888349046d027d9b406e18acffa7d1311b49b4684c8460ce9b

/data/data/oogle.chrome.web/databases/google_app_measurement_local.db

MD5 f29acb55f769909f6733e8e18bf0f5ee
SHA1 01719692447d8e31b3c395173e1e9f8d09b87e9c
SHA256 25a8e9b69255126aa7e8cd57698578dc114559962c57d4a7da858455927674db
SHA512 443cb130e46da0b91122fe171ce69b4eb6963fc699f17586c35ea6b28801f70c0a1a5317b6e69ecd6d6c2b601e79dc0f65397eaa9ae224833924d1e4b90b9f76

/data/data/oogle.chrome.web/files/close_button.png

MD5 2d858e8af5d9426fe061df5c82ffa6ff
SHA1 bc1b2eab876aa221b6449d11e482de24b777d58f
SHA256 73d875bdb982c50c666e30ba2b8ae2dceecc63cd0d5f8a35158edfe5f3303835
SHA512 aabaa75856cfc07bf65f3f2dae118e357cba83a45f0a900aa625f576de47c2753b0a00fb1913e45c1d743acc0f6e0100a4a6a326f402b0f4664ba181ad670c0c

/data/data/oogle.chrome.web/files/back_.png

MD5 ebc06fd3d86c27a426932a83325eeffb
SHA1 461c990e677114de3baba2a33f0a60c0a10bb9d2
SHA256 ada010f03b82133ccddb4ac69a7c81a1d507121ef1d276c7c191bb55401c2230
SHA512 3b3c682dc3876f7c813bff1a38e53e0c20f6c776eeb8362a8a750b81d0a3132a207b01740a493c61a03261748399e020aec5fcb7354c723e4f5703efe5418b2b

/data/data/oogle.chrome.web/files/back_dark.png

MD5 355eb0af21063fefca005d93d6afa9c9
SHA1 f854e3d2f0c0470a54e55f31017f9c499bd3671d
SHA256 b50339f939827a8e5a918ee4ed1d8213e27f6d546a98313f90449b27a1ebc00d
SHA512 ffff59e303636383dccc1282dea4c13b8c46d9aea1d646d745f7d26607cfabc25aea8001af873942749129291abef5dc5a858e7360cbfc145f870b80689b34e9

/data/data/oogle.chrome.web/files/browser_icon_dark.png

MD5 cac9a26c27728066be7a285defc0df6c
SHA1 9931d42eea7663aaec4eb901bcf279b246c19e34
SHA256 9347cbd8e6e2af4d09759e55b7595474648619da07992d6485b9756ab4d8170d
SHA512 11a3abfc4558e6c887f1f809a3837ffe6f4c1702407db945319acacaa5e677f6b117c07ca676cda6438639a1ebc447a2993e0ff31be8ef797bd219700f508ba5

/data/data/oogle.chrome.web/files/forward_dark.png

MD5 12bfe20382337a84c0fc004a52b9ba9b
SHA1 ead15f7ef372c16f78060b8f8c5fc6e0ca6a96f9
SHA256 621fbcd864a7dceacffddb00a682148042732aeb675e22cd42b1a0937c6717a5
SHA512 7a346febc49154dd348be77f88c6e7ed5c7a531c2fed981f12c40e22a19e4e1a5c51fa766b3122898d97f05e1546a6f2a29b598b0ff441cc7de5e3c505aa33c4

/data/data/oogle.chrome.web/files/x_dark.png

MD5 1b759349f0bf3e55c51e2a2c2802b3cf
SHA1 5a608a093fa5f513d1ba52e8a9e01f693c47da98
SHA256 59d83bb6ebc5394c048273ea9e1516a2bc7a6f80212d53f81ee44cb1f9b65443
SHA512 3b39d22d0f8368dac2e36884b0316c5aba24180f51cb3a993fdefcdcfd5a36823d6c02c75863cd5a3bc0808223dcadf9934d548c433332bb9528f0eb8cecc0a6

/data/data/oogle.chrome.web/files/empty_star.png

MD5 76ce13c6312eb334fd351e3b5cff4bf4
SHA1 203bd863b812c071ab3ae25bf4ab2f9c4d42942b
SHA256 f0a8e8d6b8bcb84e466f921dfb20a91fdd4e4b1777d9b0be6ad4d03d4a253af8
SHA512 d06ba34786090e3b027670a17910d2e35f48eb7bc639e6da1d08214534215797dadd1a56be44422b176801e5d1a1345cd2bf29e73acb6a49bc9a2f7670710783

/data/data/oogle.chrome.web/files/filled_star.png

MD5 317f802aacfab6282b8f74f280e841c1
SHA1 3b746a76f6322e97fd6c09a43d03ac14631d93e1
SHA256 f37f9a17c20ca3068f4f9db08c262c62b7b86544532f612a78421bdee92f4196
SHA512 a714f902ede615507cef840dcc03a5eca183c21c82cc419a924587f38b6974f5aa45fcfcc2bac4d6cf82b81d1b6ad452540e0581751bfcad72e524c83757a301

/data/data/oogle.chrome.web/files/half_star.png

MD5 a40e6a567b7aef329bda0ac200f7a23d
SHA1 2fa463649c7ba586b28670675a15e0d7a630c7e0
SHA256 ee0933e12dd4e302b1e18572d22f48861e8125e5d0201603e024d18ef5e38556
SHA512 5e77ca21445a09aa903ca08c10c1bcaf769d8273368b7981aacf1bbab08cefb7a521687e78d280828f46b625c99fde02050f5c914dd4d07fd742723f7713ee4f

/data/data/oogle.chrome.web/files/logo.png

MD5 45c24a8686a0978086c99f7039accc17
SHA1 c63ae2601322045390c7a4f230602b74ae18d2d8
SHA256 bc9c4aa36a0dd7efe16a8b3bca9172d970fd13d70d3e718aad17a78269079912
SHA512 d5861c64b9dc9139904c3bfc7da26fa6f3d9676a5b4203ad617c661d54d3716508fb02f282f5c204bf9d6a0c7162bbb565a44f2ceb96d825177065818b797727

/data/data/oogle.chrome.web/files/forward_.png

MD5 9ee047a6801bec9459a9dd5ec7068078
SHA1 1aaaffc208e2d86e53fc031e8413169850e65746
SHA256 9f63f6c9ed9d33f235c30508df34c3358b55cac8bfb4967fc3e15afc61a6fd12
SHA512 8245818df5ffe06c8f369c8d77479f9f2163d10dac36b0e37c834018b713dc8b063ec1de1862fe16a8c1a769b496652be880ddd48d6fcd24ad766a395bc3ff24