Malware Analysis Report

2025-08-06 00:57

Sample ID 241016-2fhbmazfkj
Target cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250.bin
SHA256 cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250
Tags
discovery persistence collection credential_access impact
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250

Threat Level: Shows suspicious behavior

The file cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250.bin was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery persistence collection credential_access impact

Obtains sensitive information copied to the device clipboard

Queries the mobile country code (MCC)

Declares services with permission to bind to the system

Requests dangerous framework permissions

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-16 22:31

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-16 22:31

Reported

2024-10-16 22:33

Platform

android-x86-arm-20240624-en

Max time kernel

137s

Max time network

145s

Command Line

com.google.mailtet13

Signatures

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.google.mailtet13

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 our-wedding.link udp
US 172.67.162.120:443 our-wedding.link tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 1.1.1.1:53 fastly.jsdelivr.net udp
US 1.1.1.1:53 api.our-wedding.link udp
US 151.101.193.229:443 fastly.jsdelivr.net tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 images.unsplash.com udp
US 151.101.66.208:443 images.unsplash.com tcp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 1.1.1.1:53 api.owlink.id udp
US 104.21.46.10:443 api.owlink.id tcp
US 1.1.1.1:53 unpkg.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 1.1.1.1:53 code.jquery.com udp
US 1.1.1.1:53 wowjs.uk udp
US 104.17.249.203:443 unpkg.com tcp
US 104.17.249.203:443 unpkg.com tcp
US 172.67.144.82:443 wowjs.uk tcp
US 151.101.194.137:443 code.jquery.com tcp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.200.36:443 www.google.com tcp
US 104.21.49.117:443 api.our-wedding.link tcp
US 104.21.49.117:443 api.our-wedding.link tcp
US 1.1.1.1:53 maps.gstatic.com udp
US 1.1.1.1:53 maps.googleapis.com udp
GB 172.217.169.10:443 maps.googleapis.com tcp
GB 142.250.178.3:443 maps.gstatic.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 static.doubleclick.net udp
GB 172.217.169.38:443 static.doubleclick.net tcp
US 1.1.1.1:53 static.hotjar.com udp
US 1.1.1.1:53 cdn.amplitude.com udp
GB 13.224.245.87:443 static.hotjar.com tcp
US 1.1.1.1:53 analytics.tiktok.com udp
GB 18.154.84.20:443 cdn.amplitude.com tcp
GB 2.21.67.25:443 analytics.tiktok.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 157.240.214.11:443 connect.facebook.net tcp
US 1.1.1.1:53 script.hotjar.com udp
US 1.1.1.1:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
US 1.1.1.1:53 jnn-pa.googleapis.com udp
US 1.1.1.1:53 i.ytimg.com udp
GB 172.217.16.246:443 i.ytimg.com tcp
US 1.1.1.1:53 yt3.ggpht.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 18.245.253.22:443 script.hotjar.com tcp
GB 18.245.253.22:443 script.hotjar.com tcp
US 1.1.1.1:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 1.1.1.1:53 rr3---sn-aigzrn7z.googlevideo.com udp
GB 173.194.135.104:443 rr3---sn-aigzrn7z.googlevideo.com tcp
GB 173.194.135.104:443 rr3---sn-aigzrn7z.googlevideo.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp

Files

/data/data/com.google.mailtet13/logs/20241016223128369.log

MD5 f422f07c24540a8f0805e46a44efac71
SHA1 63f2fea776488839b1c86bd6cc7a8154cecc661f
SHA256 a1f633ac1ce13f6532179fead50b173c71c2528eda9f345d6089afb4140955e3
SHA512 b2be0685322c59008c4482bd8af192e1feb5b269e71a0a90c3214204fb0e42e2b265ccd4eb9d095a6e731f45f57e297078e58f9dfd910148bc3aed9cf74db4e8

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal

MD5 623297d731541c3dfb07bcfdd73f7a11
SHA1 8749e225b6441ec456d37ff74b3634efc0e26993
SHA256 59bcce533ca9c6264507b38942004c56165d8e90ddc8f0ddcf05605f9b187883
SHA512 dde7806ea3ecf3507b5d6d663789b9bbfcaf68a70f42749a7579f20bec2c00e5d5873490f93ff54c21a8c33c00ac4205b08fb5a1666be6ef93c3db2a37775542

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 0a4946c515f7056d061c2e5eb0b2ff7a
SHA1 c169059714efb77a7534679fe4c1244ad63fa23d
SHA256 3cbd9e7062d305fda704e251ac0681371b74ef55b5242e2d64efae08619be08a
SHA512 aafa1f9d62dc98ec67f767f053d1ca4112626421193d7344bc6ea6302cdba2a6ad41b97b15f03db2808bb1cc0eceacfe9cc8a1efdba4dc436c8e523d1b17cb75

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 e48bb40424adc6fb20b7b564e750779e
SHA1 6f0e089aa65b1581e967a2ef6de6ef0f12c99401
SHA256 0f0f70caaaa2f4e132fb98b9de74bc3cb93e44935fb262ec90a53f3c15c964b9
SHA512 fbcc2eda4890c6115d742cbd8bb851b11e41c80b0486135ff1e6c98249163539d5142db1119011cb052f591025666d7f63f84425f95dfdc3fb7dc2911b44fea9

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-16 22:31

Reported

2024-10-16 22:33

Platform

android-x64-20240910-en

Max time kernel

143s

Max time network

150s

Command Line

com.google.mailtet13

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.google.mailtet13

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
US 1.1.1.1:53 our-wedding.link udp
US 104.21.49.117:443 our-wedding.link tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 1.1.1.1:53 api.our-wedding.link udp
US 1.1.1.1:53 fastly.jsdelivr.net udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.1.229:443 fastly.jsdelivr.net tcp
US 1.1.1.1:53 images.unsplash.com udp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 151.101.194.208:443 images.unsplash.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 api.owlink.id udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 64.233.167.155:443 stats.g.doubleclick.net tcp
GB 142.250.200.35:443 www.google.co.uk tcp
US 172.67.222.58:443 api.owlink.id tcp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 wowjs.uk udp
US 1.1.1.1:53 unpkg.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
GB 172.217.169.46:443 www.youtube.com tcp
US 1.1.1.1:53 code.jquery.com udp
US 172.67.144.82:443 wowjs.uk tcp
US 151.101.130.137:443 code.jquery.com tcp
US 172.67.144.82:443 wowjs.uk tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 104.21.49.117:443 api.our-wedding.link tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 static.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 172.217.169.38:443 static.doubleclick.net tcp
US 1.1.1.1:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
US 1.1.1.1:53 i.ytimg.com udp
GB 142.250.187.214:443 i.ytimg.com tcp
US 1.1.1.1:53 yt3.ggpht.com udp
GB 142.250.200.33:443 yt3.ggpht.com tcp
US 1.1.1.1:53 play.google.com udp
GB 216.58.212.206:443 play.google.com tcp
GB 216.58.212.206:443 play.google.com tcp
GB 216.58.212.206:443 play.google.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 104.17.248.203:443 unpkg.com tcp
US 104.17.248.203:443 unpkg.com tcp
US 1.1.1.1:53 maps.gstatic.com udp
US 1.1.1.1:53 maps.googleapis.com udp
GB 142.250.178.3:443 maps.gstatic.com tcp
US 1.1.1.1:53 static.hotjar.com udp
US 1.1.1.1:53 cdn.amplitude.com udp
US 1.1.1.1:53 analytics.tiktok.com udp
GB 13.224.245.87:443 static.hotjar.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 157.240.214.11:443 connect.facebook.net tcp
GB 157.240.214.11:443 connect.facebook.net tcp
US 1.1.1.1:53 script.hotjar.com udp
GB 18.245.253.79:443 script.hotjar.com tcp
US 1.1.1.1:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
US 1.1.1.1:53 rr3---sn-aigl6nzs.googlevideo.com udp
GB 74.125.175.72:443 rr3---sn-aigl6nzs.googlevideo.com tcp
GB 74.125.175.72:443 rr3---sn-aigl6nzs.googlevideo.com tcp
US 1.1.1.1:53 cdn.amplitude.com udp
US 1.1.1.1:53 analytics.tiktok.com udp
GB 18.154.84.20:443 cdn.amplitude.com tcp
GB 184.28.198.187:443 analytics.tiktok.com tcp

Files

/data/data/com.google.mailtet13/logs/20241016223124494.log

MD5 c405adfdbc2b7baf20b326afdd3cc378
SHA1 5de56895d6cfe2d45be595bc77f21c4c09ec41c5
SHA256 ef030c3017b1fec958089fde917489227e5546f265de65f01cf7b63f87ecff58
SHA512 cc28b53d2f65e3752a3300a37d3ac20465f670d5e3f960c112c2f54ff4ef070fae45efc1760750d449e83e004bead3f81237f1f92bb58e01d5b65deb5a9f371d

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal

MD5 41d674e5366405120817032eb67999d5
SHA1 85e191eb53501bbbb53a12059dbf0e5f3662f3f1
SHA256 2ac148d31ddef7dc5f9e944a9228d3a63856e090b237f16e60a5392a15dfbb93
SHA512 5e2d711c17c935166f75c3818994a9e098058ee11df2de35e93c6f63e40ac036d6e72e0f12dd01a0ac716a30baf5bf18b24c264acdde8546cab36f6a8794c6da

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 e164a0e7e7eda9cd6e56ace87c08dd0f
SHA1 073f048d857534cbbce08cd144c01eb9337f0e37
SHA256 f6b4629272c90d7647f8319e7ffde456723e8a21c339265c2a9ab1982e48c2cd
SHA512 b80b32da6c7a3728ae61c1aa918f9e330810bec91249c596d8801d0e88ed3b03d64a0e6078a632726c9248f917ffa28197a3c875835ddbc3d6d79fc8a175d17f

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 dc1a5c5a245641adee07669eed24cd78
SHA1 917137eadf00de07320f3d1bb150fe93013f3c4a
SHA256 90c5a36c828adf1d09261311ef3d3d5fa9b19508137f385c6455f0218ded5830
SHA512 2a8539a9ba444d52daa6433f18d0fe27d202c24c1fe9975f230b53342f581d59f8a8ca9025643fb1eb19a2c2fa2a0027fdddd3ad60afbd1dec31ba5c3d872c93

Analysis: behavioral3

Detonation Overview

Submitted

2024-10-16 22:31

Reported

2024-10-16 22:33

Platform

android-x64-arm64-20240910-en

Max time kernel

149s

Max time network

151s

Command Line

com.google.mailtet13

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.google.mailtet13

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 216.239.36.223:443 tcp
US 1.1.1.1:53 our-wedding.link udp
US 104.21.49.117:443 our-wedding.link tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 1.1.1.1:53 api.our-wedding.link udp
US 1.1.1.1:53 fastly.jsdelivr.net udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.1.229:443 fastly.jsdelivr.net tcp
US 1.1.1.1:53 images.unsplash.com udp
US 151.101.66.208:443 images.unsplash.com tcp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 1.1.1.1:53 api.owlink.id udp
US 172.67.222.58:443 api.owlink.id tcp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 74.125.71.156:443 stats.g.doubleclick.net tcp
GB 142.250.200.35:443 www.google.co.uk tcp
US 1.1.1.1:53 wowjs.uk udp
US 1.1.1.1:53 unpkg.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 1.1.1.1:53 code.jquery.com udp
US 1.1.1.1:53 www.google.com udp
US 104.21.63.81:443 wowjs.uk tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 104.18.187.31:443 cdn.jsdelivr.net tcp
US 104.17.249.203:443 unpkg.com tcp
US 104.17.249.203:443 unpkg.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 151.101.194.137:443 code.jquery.com tcp
US 172.67.162.120:443 api.our-wedding.link tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 static.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 216.58.212.198:443 static.doubleclick.net tcp
US 1.1.1.1:53 maps.gstatic.com udp
US 1.1.1.1:53 maps.googleapis.com udp
GB 216.58.201.99:443 maps.gstatic.com tcp
GB 216.58.204.74:443 maps.googleapis.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 jnn-pa.googleapis.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
GB 142.250.200.10:443 jnn-pa.googleapis.com tcp
US 1.1.1.1:53 i.ytimg.com udp
GB 216.58.204.74:443 jnn-pa.googleapis.com tcp
US 1.1.1.1:53 yt3.ggpht.com udp
GB 172.217.169.22:443 i.ytimg.com tcp
GB 172.217.169.33:443 yt3.ggpht.com tcp
US 1.1.1.1:53 play.google.com udp
GB 142.250.178.14:443 play.google.com tcp
GB 142.250.178.14:443 play.google.com tcp
GB 142.250.178.14:443 play.google.com tcp
US 1.1.1.1:53 static.hotjar.com udp
US 1.1.1.1:53 cdn.amplitude.com udp
US 1.1.1.1:53 analytics.tiktok.com udp
GB 13.224.245.27:443 static.hotjar.com tcp
GB 2.21.67.11:443 analytics.tiktok.com tcp
GB 18.154.84.124:443 cdn.amplitude.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 157.240.214.11:443 connect.facebook.net tcp
US 1.1.1.1:53 script.hotjar.com udp
GB 18.245.253.22:443 script.hotjar.com tcp
US 1.1.1.1:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
US 1.1.1.1:53 rr3---sn-aigzrn7z.googlevideo.com udp
GB 173.194.135.104:443 rr3---sn-aigzrn7z.googlevideo.com tcp
GB 173.194.135.104:443 rr3---sn-aigzrn7z.googlevideo.com tcp
GB 142.250.187.193:443 tcp
US 216.239.36.223:443 tcp
GB 142.250.187.193:443 tcp
US 216.239.36.223:443 tcp
GB 216.58.204.74:443 jnn-pa.googleapis.com tcp

Files

/data/data/com.google.mailtet13/logs/20241016223124450.log

MD5 11bb013e172c04a508584e53de1642e1
SHA1 1d7276f22289a156f35cb1976deb543835521570
SHA256 965a8fcd00b7c55ae840186e6ecf6f5d8648567e5e1beec25bbd1461ad70e58e
SHA512 f98b1a16a9b81e4396f86891d906e13eba8e6e69fc272db6712929799d22a000590b276a9ef9b82e59009cee7a62261aab8d2c3fcf8790046ae4956c93de6072

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal

MD5 c97202d0ecb8cdb62d9b12f3e4230fb4
SHA1 a6c724508b013e1795aeadaf10e4d0043bed9392
SHA256 a6ebfe0ecdd61cbe83b2c0ef7c871d166a99344e6a118f3493f68b8cdcbf341a
SHA512 84ef3f02d6a049509d7339cbc99d2d88ce591e26ba8c29ec55a56cafa00ecaf37545c675be87dcb076fa23215c7dde3db6f2c9fbd2b607de4a40acbba5840c61

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 5439ad151023490feed3d894871c32d2
SHA1 e85e1fa4a6b3235637c6c788e4fe91b3aad9d820
SHA256 b1a78fc6fc197c976b07b20099da9f8105c4bc3a3e9526c40917e0ea531cd300
SHA512 8696154dd274d7fbba21efeea5a5863c12650ec7a2313e02c75f2a8d72f93eeca8effdbfbc3af6beb49be62d6e13b9d0324766e262bc2b0ec01c05d83f936681

/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal

MD5 f9519ff3db2a8f94c8da96a493c236d6
SHA1 2984e52030ac3400795cefc7dce630a409d92b50
SHA256 c1adc5f7292e7d67847e5e9cc179c30dfbf95dae2de7c5ad4a55216482bb4223
SHA512 e0ff344817f86882680591ecd48e316a891ead35e55fdbe3e15af52f947f0266e0acd383075f832fcca3daac3cf2db147e31fa7ce0ac4721fbdb6dc317feef95