Analysis Overview
SHA256
208de1c185270d6b3ac1291d968baf5faa4387ed0a0d9b71bc42814ab6220fbf
Threat Level: Likely malicious
The file 85515a664c2779f1cb088b36ec145d55_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries account information for other applications stored on the device
Obtains sensitive information copied to the device clipboard
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Reads information about phone network operator.
Declares services with permission to bind to the system
Queries information about active data network
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-02 11:53
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. | android.permission.BIND_NOTIFICATION_LISTENER_SERVICE | N/A | N/A |
| Required by accessibility services to bind with the system. Allows apps to access accessibility features. | android.permission.BIND_ACCESSIBILITY_SERVICE | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to write and read the user's call log data. | android.permission.WRITE_CALL_LOG | N/A | N/A |
| Allows an application to write the user's contacts data. | android.permission.WRITE_CONTACTS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-02 11:53
Reported
2024-11-02 11:56
Platform
android-x86-arm-20240624-en
Max time kernel
134s
Max time network
137s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
apps.ignisamerica.cleaner
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | apphit.us | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 1.1.1.1:53 | ads.mopub.com | udp |
| US | 34.111.158.155:80 | ads.mopub.com | tcp |
| US | 1.1.1.1:53 | cognito-identity.us-east-1.amazonaws.com | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 107.22.27.166:443 | cognito-identity.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | mobileanalytics.us-east-1.amazonaws.com | udp |
| GB | 18.172.153.125:443 | mobileanalytics.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | push1.apphit.us | udp |
| US | 1.1.1.1:53 | config.inmobi.com | udp |
| US | 20.33.59.69:80 | config.inmobi.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.10:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401BeginSession.cls_temp
| MD5 | 46e9d0e5b0801e4203cd44f15c50362f |
| SHA1 | bbd78041addcd0f425cb077285791e9d277b1f58 |
| SHA256 | 05f47fed845a4c8645703385825e429c1378d3beab08e12054281cf4c5c23c48 |
| SHA512 | 3c48db10f3c09661e0eb452ed992d9bc7f70c89711d50541be7f2eb1a6125fd11f8f73527d70e39b4c95fe3010a7fbeffdb97dbb28ffe6754366dad6dc5070a7 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401SessionApp.cls_temp
| MD5 | a521d1547371c04cc9c0fb6d1cc20d9a |
| SHA1 | 2b8f08dbbbca1a0cf31a6ca639d28ca9fd62e6f5 |
| SHA256 | cfb2d3cda3c54f6c3f984e4a8dd65c24dd2bb9d38d8e9904cba643339c48f2ef |
| SHA512 | 0bc28a2704555aa95bb1defe35fefbacfd52a193c67ba2c30d652ad0fcd35f3123cffc6969c8f993fad9ccac79ca472442c63454f313eaf508870a233a339c38 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401SessionOS.cls_temp
| MD5 | 9b3d4522944ce6396563812bfdb92fa9 |
| SHA1 | 6d2a6133c8f01938a48ccc77ef86ad8ca335c020 |
| SHA256 | d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9 |
| SHA512 | 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 844c84b7074bec7409d0544388608bfd |
| SHA1 | fac1555fcb5c132a07320a9c8b9d5943dd700e10 |
| SHA256 | cd3bd99ff4af72835f75a5791bce8042074e3e93d8004077e72d4a8484b130d3 |
| SHA512 | 81b0bee2ccbae8282d783933cd85dccc949fc74bb8eec876fa46f8df456107d710caa7e4e3cc0a06b629c1a2197fdbed4bd9a8a6869616a850f931803374eb4c |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db
| MD5 | 5f75cffa300bcfb208b39afe3806a6cb |
| SHA1 | a1c4b6cffaba7880bd068bd899618acb201b861e |
| SHA256 | 0df8d3d9089f8632e71fa253ddf4c9a0ba9210193fe42855d01b27fdec3ce887 |
| SHA512 | d9ff8b79e0e36c28b680566838fd222d0678deca9a8a7169836a80075ebef7430c69f4e85cfe17865fad0a086591f36d2f4c79e44ae7a990edbaa1750ba14ab7 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-wal
| MD5 | 1ab270a8018b1904f572711c14a40a4c |
| SHA1 | 29fc6ded1f270fdfce12478ab35e552780c251a2 |
| SHA256 | f6491c46db75f5039f84222a7fbde90436730b2d36703eac333633efb94bde4b |
| SHA512 | 3fc43404612406a96b491efdb26ae23c2bf4189ab196123e1286e4cf2c7bf4efb21eeb4dcf2896fad6605148d18e2d56b17a3b9c24342fd22be6ab1eeaa4d981 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-wal
| MD5 | 02dd569ab5784446b2246b7eadfb0b6d |
| SHA1 | 58d2bbca0aa54fdac426a8a3ed7570d45ac13d1a |
| SHA256 | 95dd6f9241575cf0eaf0e024ab07937387e2d7c97b7937b2f964a6fbdd54666c |
| SHA512 | 81d409536e9ba73c713f969efc7ecff656b3d9cede0b962f79c338ec6f4aa0d9814cbccdc1c2188deb32aa0d2370711f13aef9780c3e2076b5123786dfdc0c35 |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | d7ccc0e9ba9f0860c5fcae80f7235a06 |
| SHA1 | 5ff1b0deabd17ae5a55ff9bde250cab99f9fa709 |
| SHA256 | 051b2fb845e17251d5d14c0521bbe9dfc2f993ac26dd3282b476b9891bcbef29 |
| SHA512 | 32fb284b9437df870e2f5e614908897f4bd1ec4abed82219f6a913c03f6ba26c5a2191cf87c3f593af6e62b218835445dfa879702e50e880f007d24345ae2ebf |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db
| MD5 | 5a05fad907ea02df9d96f83c34e4fc10 |
| SHA1 | aebe64b9062009dc5ad49e9c94c23a50258213e1 |
| SHA256 | 1ec9d130560b85af7406ba2283cd43dd723c6656a6643dd89f6aea104fe465d0 |
| SHA512 | 0df951a7a68742dafacbe3f5ad1da083dc08f620afa08cbd6482dc3d592facc269746fc68f6b6772285e03bc25fc17ae93dfe7ba2528153c4bf8a9471d3cd85d |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | ee0e06d220bfaa643ee24a3dd9ed1859 |
| SHA1 | b3e9b9dbb432789fd406970c6c6f18e6b2bb7775 |
| SHA256 | 5d01664da188643acb6e54f3dc504353b3bd73561db1a60014dd40397d34cd95 |
| SHA512 | 82ae48c5cc7a8900a57025985b00240aed53a54a3360d6acd7d9af22cf77f71e20fa42e8229ef4762b5417b38067955be356fa90a16c94b77db6158ac92aee9f |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-wal
| MD5 | 16e327ede23c2a6946d3a1a78599ed8a |
| SHA1 | 14dda990a41c2dae3857e7c71ec7e50ce950fbd1 |
| SHA256 | d8f04f27efca4cf95a41d6b46306897c578e0433f68319f0128dab281fe2b7b7 |
| SHA512 | 22b21c1250b4c37b4089f4c9b716c7e55619010fc3ff19fce9129ad7439dce9b0b85603850a0ac7349857cf7668885358d1ac0a3aadb3515f9a5120803bb3fda |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 33bcee05eaf236528faeefdfa74a8677 |
| SHA1 | e0563ae96a8d7bfdc3d51c8a4219c9d3abcc27ae |
| SHA256 | e03e573feb06ce6591688533e23acda877ce9ed3e2d30b926ac5997868ef85aa |
| SHA512 | 79d0013bb5d9fefdff9cb1f5b6d746018be49ade031c16765e3558c9c8ee475f25121e7da067e34309caeffbacedcc61c8c1712ecdd1ed79e73b71fea49f4300 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | 609db791f0269bc5937e5d123345d2b8 |
| SHA1 | 3f7a9da98d98e6f2e23d2218739f990ce6999c57 |
| SHA256 | a56a32049afba89843aa8e413ef203331c78f60657f739f7db116b378206b9c7 |
| SHA512 | 51c4701ca8b5562753a66b3b183882c187ab53f1471714b3fa838726236be1341a8a189772792a638f5889309192080d68609fc7aa84949a3c71537831f916de |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 5f0caa5fa746a41e28ab53d008cdb142 |
| SHA1 | b7c2215f07faebc18d2d3e1a83622c9b1ea728b9 |
| SHA256 | a527a6a5d70f39e5d5e5fa00646b3ac0255e0fc6692b8b561fc6d24263e0ec16 |
| SHA512 | b568d6f6ad42d503f57395c83c49476fa92e2ddf0129f8df2990593b3123dc3e16b32b25e3dedb88e8f64f8c239340a18c47793b947b13f8994dbc69cc76f8cb |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401SessionDevice.cls_temp
| MD5 | feaac65237f60388b6cfbe70b83605ed |
| SHA1 | f45b09228d85c2477a1a0e71fd606a3df117afcb |
| SHA256 | 9b7e68e62cc9c773bf3d4c862b8d47a6068d3770a5e123e8bea6164e2e049ffc |
| SHA512 | ed2dc28259828d9c8d621525a5c7b7def419a68a06eccfea822809c0f9a902d086f39026617ea7217640e2641c0caaad9c6e3e1c0d19f15f17f62402bfb69687 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 9d3d9bd65e5bc61abda1874b6dd7db2b |
| SHA1 | 00f0209465c682491887d14f98ae1a778e813ff5 |
| SHA256 | 03ec63115289a515fbc785eadf0f2b9bd526ccf4962cf460bf39f40949939c72 |
| SHA512 | 7429d95aada00bd377d69be5d1b6d3544747e1926557e084be9716e158ad67a3b94e6abc4920bfa61759f55a5078ab9565a8010fcbcdde6c844df1b4f5b2accd |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_eda789db-c916-4cc2-8178-31823f8bfc7c_1730548447452.tap
| MD5 | 9401bfb009d945549465b29bdd79273b |
| SHA1 | 73a96fb2371cba1a01566e5852868c4b85cb674b |
| SHA256 | a34bc5961fb723b408d3e391db57d07e1050ffc5977f6e2d718dd59852565ae1 |
| SHA512 | f782e6d6a6fd5800c633c1ccf1f11ac1206df98b6b04a7b40a300295b7d44373ed3a46a1849460e8927f1dc5fa5135205a6cfc958597a31b2e1a6574f352ea49 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401keys.meta
| MD5 | 47b5a1b8619f18bb88ebc8076db93edf |
| SHA1 | 6c94f4efb6993ba800e1c29501b831fcaef1cfe1 |
| SHA256 | 3e3f5bcde47bbf24fb540558136532461f433ee5a61d34c269294c53cbf0208a |
| SHA512 | 686403d15d0e222c6edeeebf38f62a509dff875d38fb410e435929fb6e704fd9aa7904b141a7910670d0bae30472c53ed27ef94bc80114a1da339ac34b76e6fb |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | c9d49da345051d92b31b0df37aa54676 |
| SHA1 | be9d6f493b266dfd607cad306a4d648e5c79b8a4 |
| SHA256 | d4f714cba93f089604bb58ce6e797013d9df4a41c4f9ed609abc119ccbb7a0c9 |
| SHA512 | 0d9bbec0f59db0a7d8eb6974b8c3092f9d621fa0754a371967b22c95646efad08a6ca5c9ff6d0d842eea2f4ae12a049245a5deb6cf57ff6ba03cb260d4ffb438 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC0296-0001-1099-B77D414E6401keys.meta
| MD5 | c9775a3ece800592a75b17745c3a0f4c |
| SHA1 | 772e2f8b840dd4111efd568f32de5ddff591a58e |
| SHA256 | 4247ff5b4d4fed5be8e2c27d139e06170bf22692ab637dbc3e698872cb78310a |
| SHA512 | e06e9ef28b9b14b1097026e29d2ae7cd08f2abb806a4792a198c159e69d1c7c9e1025a6110be4b1377385cb1e8265017af3970afe7bc08be067b6dea0f9613f8 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | 69d22d1c79583f11962cb289b6feca35 |
| SHA1 | 776b7d14e17af9b880ff841ce518d431f1de58ce |
| SHA256 | 70ae02bad700fa6062e801f934f6f02d14ecdd54cfbbb175ba5db335206d774f |
| SHA512 | bced1aee5d3ecc6f661c616560cd8911ab302a469fef3582ab9ad368ff7429f076e3b5d8faad547b839bfb580f356ebade49c9568f03e597ed7113bfcd5e31b3 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 38ed789eb5be43e122ad79c32896c28d |
| SHA1 | 827c61d319c988616e0a179324f7eb9af221e525 |
| SHA256 | 62bdf3d6105d67e0c5d9ee4103280a2c5c4b4a5fa1dfffe1f136a73665c0252c |
| SHA512 | e5e8239656b67087bd8d8bdf071aa1e0de8de2b18bc5a56d39c005571c3146ccdf5bbac2c488e6c6b0d1ae8ca9b940653d746ecc29230017865945a0d2365375 |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | 3ef38c288bd817b760a9f534344917ed |
| SHA1 | e81331fb154ee35cbf74d70c8433a31bf70524aa |
| SHA256 | 1e7d77ffef341c9427e574908c07d9efda348e8dbd95e61c6d57bac0c0a3886c |
| SHA512 | 689be8864fccf5e98c17947dcabf7ae29e18d5f3f322617c72104ff6793607aed50db01f4c9bf9e6301867544352da72bd5b02e97c9a025954ef722f455c2c4a |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db-wal
| MD5 | 4732ec9fd633ce35b5c35ecaea846b7e |
| SHA1 | 297e5483ad3d5944f5744692594caacfab7781ae |
| SHA256 | e5a41c6806f481c67ee72b1f7869128f616d06fc8352db2a152faa8b5cfcc8f2 |
| SHA512 | 46c6ff83613e8e54a104d8f20dbfcf8c21bf434829ae2e531cf9eea372efdab21aa58136685934044f22b131d5d3c11d562b1bef79c262bbc473ea28af53e1e7 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | bf390bd27a30e7ee77118da779fefcfb |
| SHA1 | a0aca5133fbb692718642a0d29762c1202c620db |
| SHA256 | 9b02cd1d58c9356f6633f4c1943b1de833372656cd53afdbd1ad95f373afb8ff |
| SHA512 | b249bfd38401f3a0ba4d2e923c259f8a537a745ffb98471653a22db859325cccb1e44f23523f6ed980732b0b6217f7b7340da76ba923af3eacd50135e2652d0f |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_32e5a332-03c2-488b-a36d-fceb9c961aa2_1730548449264.tap
| MD5 | 0f23eda6595eb6072fa1c34a61c3c477 |
| SHA1 | 58ae099cb6362584af8cf6b8c7444be5479109ac |
| SHA256 | 57316d4277a7f3e9fdf13b217af686dec9f1dd43aba57a900e8adbb7bbcb0b5e |
| SHA512 | 5186cf9e8afd34f30c5268b00de450459450d62cfd8c312e92eb0a0b882317ac1f45e06354d3375ae443daa09e5932f9aff4b5f11ba37aa7eba69224d7f2e2c5 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | cd3c82f9a7463b625c23bce3c03bef05 |
| SHA1 | e386240672f8659b47a6cd87a2d724fdb7c82cb6 |
| SHA256 | 147c4a6703a35d332ca32f70408aaea3b67694b6666fd32f3e9f5d2bc1d97e2a |
| SHA512 | 7ae781c39b7c925dc829e42a4e19f657956d8182bee1dbeb43053d52c237bb7e37c86b254494a2e11d88ce76611bc354e9b0bda1eb595504ac00e50afe0f88a7 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | a4b8adffdcc6bb506087f002311811be |
| SHA1 | 48cda8c50f6ea7d1fccf8ec1efc4a3ab71f43c33 |
| SHA256 | eafad7c978bbe01ae0b3249bb745121de772f1abd29b47a311091926a1e7467e |
| SHA512 | 2d836d865378d5caa3aedee69bc2e4f572c0fef2dac3051c1810bcd2809ee2e2797281bdf68da69d35e7ef66249e45f3e7e159a86560a34acae66112cae7618d |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-wal
| MD5 | f80b998e9cbb1657a2c97529bad000f9 |
| SHA1 | 95cd8223cc788e1a95982b291b229355e402810c |
| SHA256 | 6551cc079ac21c5fe5051db91f83e14397a1d92b9d1e8e4b5fe1216fde6ab7f2 |
| SHA512 | 90e17f087aa1869268cce44ffddeec18e88337cdd963b6b2865aee707434f706cf21e7883be10ea8dfcbcda9f45cc0e5b5714cdb0294eaf855f5ae0d9dd2734e |
/data/data/apps.ignisamerica.cleaner/files/gaClientId
| MD5 | e1e123bb9928db6521e9bb2cbab79cc7 |
| SHA1 | d250aca5757afa25cbe86fe12eedba747ed5023b |
| SHA256 | 9db4e8b2336b7e05dbb66ebefe166968b04d4aeb16c5e45132c400018fca4149 |
| SHA512 | 3fa79ba38313758533051620b185bd5a5104edfa0274efc6658f1a9be187d9da00a5f1464087b25e361cacae8a958e2245a8a1dabb953515c335c4bfcac6c712 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-02 11:53
Reported
2024-11-02 11:56
Platform
android-x64-20240624-en
Max time kernel
134s
Max time network
150s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
apps.ignisamerica.cleaner
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | apphit.us | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 1.1.1.1:53 | ads.mopub.com | udp |
| US | 34.111.158.155:80 | ads.mopub.com | tcp |
| US | 1.1.1.1:53 | cognito-identity.us-east-1.amazonaws.com | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 52.70.39.163:443 | cognito-identity.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | mobileanalytics.us-east-1.amazonaws.com | udp |
| GB | 18.172.153.17:443 | mobileanalytics.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | push1.apphit.us | udp |
| US | 1.1.1.1:53 | config.inmobi.com | udp |
| US | 20.33.59.69:80 | config.inmobi.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 216.58.204.78:443 | tcp |
Files
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4BeginSession.cls_temp
| MD5 | 774b034f3b2ea68e9d1abab2c392c5b4 |
| SHA1 | 1425e8948f78e14201ffec8a304f5b2f515cf27b |
| SHA256 | 8e3ffa6615499d38d8e05fab42c5d8d8f05ab23bf8901e01e366b1710f7b713b |
| SHA512 | f49b94af5ccf6da3e4d8bc1d10674d96e3640a2628459e463ec3cea822fde73f20dfa0cd3ad3223313ea811c8763f0e0dcd2516de077de9019932c7e99d02043 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4SessionApp.cls_temp
| MD5 | 11f4f23de18c83f1ccfc6fbe470296b0 |
| SHA1 | f34c74c0d02d1f7dfe40a95e1501185b100ace77 |
| SHA256 | 13c66ff9b1463541a6aa30f38db71316daec2d4d86287a1162b58b6e6d17b8b9 |
| SHA512 | 558080b0292460bee38dda213bac4d72a9e6e6bf19e9b088ac04df4e38c611a45361b33920d327a9515b65900e4fe720b90b6d58b7fcd342513cc6712df734ec |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4SessionOS.cls_temp
| MD5 | 2566d27ce8c28d8961f082c375d7535e |
| SHA1 | 92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf |
| SHA256 | 5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a |
| SHA512 | 1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 25047eb839b0e86b23d0717a2839be20 |
| SHA1 | 673d86f5a6ddaa71223c7267f219f7d44ce0efcf |
| SHA256 | d84009830f39abc10c38a7d37554e4ab28e4966f5dd1806cc75eed53b2b70ea1 |
| SHA512 | 6dce4f2a3481efee6429fe88c0cf75761bc859828fc927f7c9c5f73e2e0eab9ec6b9b737cfb872163cd1bb2e47b6700a2205339960c23d0c12e92398063660ed |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db
| MD5 | 0cc713525982b4dec4dc6a75edab7af3 |
| SHA1 | 459c3411668739392862e6ad6596c3c659787fac |
| SHA256 | d53a92d6cd1ae647e9f5a0244ad343f540ab00481f91ffa11d2fe3609ba11f98 |
| SHA512 | 1e0679b04fb1bcd12336300afa90c6fe90b6a5453819d993349dcab1bd3b01e3d215e5aa7d200489df12441f5d920ca73814ebbe3f89c4b0522701de930d3acf |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | f532b67a2614be3be0cdd2073a683388 |
| SHA1 | b41f01f475aa2134fa1b1df3f9d155e4ab30ae2b |
| SHA256 | a7e9658463e808f887f2d1cb928d05f70c991e86771e5e0ba89ca9560e378c18 |
| SHA512 | 1a882bb2c4e3706d71a57f6df0ff6b1f537df66d9bd3db37a44354ef3c909057e07a0aa7cc843f03ef1c890a1591a4d803e8b0718787bd691f070cad6b22be62 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 14cedd9902af70461f7b6b13ddede10d |
| SHA1 | 908b8f00cd6602eaec2baa8106bbe5bba6e3ec9c |
| SHA256 | 5ba152b5d77f7ea71976be1036bf0685bbdf6442ddb87f1a3616bc46acf3cf64 |
| SHA512 | 1be1f2c4485e32dede2b697f1e019d62895145b5bafa8a2db1271b13e8926bf9f740fdc84d8138d73c7ad092a58c72578e207ac4537ca1b5caca9ee6a656c74a |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | e7ed1395de7dba74c96534208f3aec9e |
| SHA1 | 66eabdc316f195b46bb0ca256a6351d87b599b08 |
| SHA256 | 553d15753af066bce3dd585b786009956ffd5c0388a33d3eb186ae8e3ae4ac43 |
| SHA512 | 02625a7c71940e605caa8dc3d0ccf09d74c7e340f4fa0b77af575c32c83da5925010ed8e97d7b2ee318cc2939de9b6276df937b98d068c6ed60459a5886cc3c4 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | d5043c5b0b207b2b5036a9df08ee11b5 |
| SHA1 | e9d28ddd9c3cb56d9c77c8af0091492091cbc8c0 |
| SHA256 | 583430c1dae383158d2e01285bbb6b599b6993a027eecbc279a15c3f9efb43a9 |
| SHA512 | 0206d3764c9671b297ce267f9b924a7ef8d46909d63bb61a06d0fa67ff7b55e646165e03bd4e1072fbd07bb900174f9c342f3968cd2e26f735ca80169242bda5 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db
| MD5 | a9ed6da4b2bbeccfad6afd39d7c5596c |
| SHA1 | ae5f00d94aa8bc1743e7bd7bab3bd46fd5184a1c |
| SHA256 | a00329b3ff8961dcb5e96928069324613007fae65ca7e8bad2383f1d0490e9d6 |
| SHA512 | afd2ef79182d8b450b49fe4016c30134f52a58e53527249ab4daaf90fc8ae27f767ea27a9d4b19b6d6c076daaab24039841807b894ac5b6aec1ad0b8b8636958 |
/data/data/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 027a7f52d675b9e17a1d0c2e780f633a |
| SHA1 | d2a143510d5ed8ef589fc9694f0b63d0ccd9c7c7 |
| SHA256 | c6621c7543b2d13cf98fb4da40217245b8ae5c53d033ad9cf2a9961646f698c4 |
| SHA512 | 36be626449be8eb5846833ec9215c5b97640abf806cb658992e268a6da2c2cf5579f37354fac5911f2a20e10db90d0cf3174183d428e7ecfbf1c04f863508b35 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 2ee689a66f4f724dd07895bf44ddd1e0 |
| SHA1 | 9a787c582d9d5707881ef8d5c5ba54c07ac700fe |
| SHA256 | fa19f063ae1a0e0b41fd85c0d5cfa2edd42f7c58ff7c5773dfec56074334d2bb |
| SHA512 | 8504be512cf71ff04bd9aed5cb1fed30411f890fe04bead4051aec8c5544f209fd1a07817a97625572894b0fab6cca914292400348db6852fc0979b4e5d4ac32 |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 3eaa840146829609a33b865a0fc4c76e |
| SHA1 | b234f7bda298fe092257fc05f3bdd5da2b0e9409 |
| SHA256 | e5139eab0953436cc7de524b2338bec07d36552165a22f5c8a21af2b38261768 |
| SHA512 | 2a70ed4c4954d6ea7073e12bbbdee49d98f6ab5245892fac12d7d9575bb1c3dccde3315b7c52be2381b7049c17089b059e150ce41d4e5210af2844cabc6254e8 |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db
| MD5 | 38ed095ad3228b8f6148b2918139d8ce |
| SHA1 | b12232ba552aff2f8fb3c3acdd586298c58bdc6b |
| SHA256 | 95d6b93b9290915e15fbd913b36134d42c36c687e8a469a1d8dc16b2bf96e079 |
| SHA512 | d5bdc1f681d5976281c41e6f52a422ec9b9cd4b2285d313714464bfd3d8be5ccdde8db1b8f17747b546025c9759f10d7a54573144f0b9155905c636691a1ff6e |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 3909166ead605266f7e419cf44be8ee5 |
| SHA1 | bb23cde62afcf75e0ea4564078d0eb7fc2cec690 |
| SHA256 | 3b5d8024ae6db3cd3012f9de12e0d7eea58a2a87a3b0d6adde68aec8cb32bdb5 |
| SHA512 | fcbfb450b0b0054b575de10adcd284f147ed85b2a7d4a97fb964a153076550109b5ec819686325bc6b4e0dec3e371721d9f63526470a4553b25e2c8ac6e1b3cf |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | ba97a1680a19c6d8338908a5d779a48e |
| SHA1 | d9558b84e96893db2832291d051cb6a6e6773977 |
| SHA256 | 8c480a45b81136161873834992a6764c9d742254c49db37fe6838a414131ee08 |
| SHA512 | ad025d6fb898e15f9de3c68962673eba20edaa11bf95e6f556488801d39477e0a595fb48d392a4d78dbe51229df44eaf0223eb8cef405131b98cae179d77b226 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | ed4f52ac84fe300770174458a7493e3f |
| SHA1 | d3d662f8ff924b29c9eed8cde746c4dc2b523f4c |
| SHA256 | 88821381daa3b7bef5c68458fa0aca762f3b2fcf45f738bafc6072052e451122 |
| SHA512 | efdb0afaeea29cf9d843957a9e95dd9e646d729dc6e98d98665aee6295296e698d95e6df30ec2343fc26f847a94dd94977514fbc099d797c362422d50d0cf8d9 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 7e13d9eb49351b96f17ec4221a991469 |
| SHA1 | 7285a7671715c125cb617df6a8d1f074076dd238 |
| SHA256 | de08d2aed7c436a660e2cea82d99df87a947d41447ae733e5341d8f60811d79e |
| SHA512 | bc31771a01c7067b7ed032d69ff2069a96415d27829f207fa8f694480fc39562464c26980e7f68b12d3babb47a8eda842e824266fc2f2104668f19dfdd52fcb7 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | f33c4709c9064b3d63144167120489b1 |
| SHA1 | e95cf527214776ab2955352c422f57242093dcaa |
| SHA256 | 5d988880ea4650d15ffb515938dcf28e7e3acee7e0569400e5d50b61efd524b4 |
| SHA512 | d4a753c3298931e6e6a07ed69bfb6ad23e6a998532882ca9e12060f49e08efa514260312f03fde34fab8b517bcc6eb9643b842f7da21b97357c2d3ccb9bdb4a2 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4SessionDevice.cls_temp
| MD5 | e8898030940d1f08eb36bc50282377bb |
| SHA1 | f954412b3c0573cf8944d7b9f8d9a7286f064701 |
| SHA256 | 399e774290e685f7d5e7e7a666a0e1901a48a9e1a4908aba05bdb72d673b2654 |
| SHA512 | e19364ac00ed938f31b00d1a1501f9802bb46b93da2f99730f7b80af64eeb290435c6889092a373449886593427742b6c4ad9cccc58214c56deffb38e4ea14a5 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4keys.meta
| MD5 | 399a0bee6276564ffdc02a215c01858d |
| SHA1 | e2131d50db4835956c13429a5f3dd0b68c745735 |
| SHA256 | d1826e1c7835c3057b0c7af4c03b1fcb8dc9dc4f80e75033a377bc07ab2581fd |
| SHA512 | ce50f9422bb5c42a5e1ef0234631952ec162bd99949ad74b8e8acdde3001bbca91f32f2a6b8cbb87a173fbe8f2f2f3f63f976ed906ed95ac05d618f1ee7e1d73 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DB0291-0001-136D-EFC002EF0DF4keys.meta
| MD5 | 6fc9cf53c7d85e50bc40848dc0f3c04e |
| SHA1 | db398310218a8646b6520f22cf216181045b32e9 |
| SHA256 | 3e9d43d5d3a03874937908c937228923faf7e6a4bb8c263a55a897a158cc3b44 |
| SHA512 | de045ba2e787eb8b1ac884db05a481a02b10b0b5774c988f22b5facaf1ddaeae42aaf67efa7122765989285cfffe7ad1652e6e1dc3f9bd9ce4258cb721d5946b |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 0483b50d18de0385aa83bcfafcbf704e |
| SHA1 | faf6fcd0f1f1c4fc2d42d3ff36a07a4948edee42 |
| SHA256 | 63a28ddb24ecbd01ceeb96fcf0710ac81e2d848a9e0e65042f38662c67dce9e7 |
| SHA512 | 85a5870c0918058f239680f1839c1fa8370525afcb59a1e5c241d225e6f604b5ccdc601d97dd4ae39614b6bc0df66f45f08cc74aab004c966b805507edfee7cc |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_b0e1efe6-d4ac-4081-b110-cd55921f4f33_1730548446710.tap
| MD5 | 6a15f86838058dc6133a60a2ce65398e |
| SHA1 | c6a23b5c94f052a5ed878cde169a376f217c46c8 |
| SHA256 | a10cfad87479e5ac1e292461e15b8d2d84ed5ab0b7e88b9265c5deccbce50784 |
| SHA512 | 1ef9c0b980df176f6b6a02e015345700f899dbdd9249a77f46b41cc33af3c5323d63a100ddb2276330ed47479c78860e7a58a6e7fbde11bc20b5143923c27b40 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | df1a248630399f4a45faa60f394d0074 |
| SHA1 | d2d1d5dfa5451e7c9f478baef8963a96ae393e21 |
| SHA256 | 3bb251f4fc9dde921be5e6b87897c38cbbfc8c7638a59eeb07aee25f4bad7a9f |
| SHA512 | d1fbeb93cba2bdcfcbd9207d15411ae6d35fc5091c62506a6d16c63a94949182226f88000c46ad6f3b54bb4e74f0f1ed880de60596ba988c3ff57aa95b933d0f |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 16de0328fc39929066b0d8dc597416b4 |
| SHA1 | 62fc323ac121d9b690a727f7e71155ff7b744615 |
| SHA256 | 44df1677cffd666916a607604baf1cd2f18db3dd4b43f27f06999f35c845e093 |
| SHA512 | e33e0edb3380b34e833e7fabdf9548f2f6585783d32af2a6c60ef7f8aad1fb90f5b3ec951b1d5ced3f807f5f00fb711d85f71161f04af8c78c29f1f587aa5c89 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db
| MD5 | 95796d301f0229022f1fd93d3c5affc1 |
| SHA1 | be75967af71eb9788d0130419933930afb78e473 |
| SHA256 | 3d484f761e0c2fbdca01a4276149c8ef1ebe291b6c6303cd7a239784c47d2812 |
| SHA512 | 95c44fba527f7833ec779046d68f408b229c3aa8420cb6ecd71ccd32a690cad4a4a8e680cabf3e6f059a037a61cd7fe56a2d08144ba34ca17dce1765a5c37027 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 213f8497134adaba595b0fdf1b018131 |
| SHA1 | 559dfad0a122424e1aaee85ee29a18c20425364a |
| SHA256 | 0df734f59a7298f7e7d74721110e6f0da81d8d68d8f3098f565b1fdddab1b710 |
| SHA512 | 9ba52e408d14f70c5a616daeae003fdf9405274e92abc6b289e8d0cf4f2f7b7fc29b49479042d8b503b85320eff4acef628f30115002565362ede995666b11a2 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | efcf73f03c04f6066ebdec42801d1d1c |
| SHA1 | 0e1296bc2b61faf11c9fcf70f76ac11c820408df |
| SHA256 | 0a6c22d6b328a73bdc2a7ebb6119b7b4f9334d324811c35fd80b8a725f501a14 |
| SHA512 | 8755c92172d61209077f729f896f9bea235d31d8a4428096473d536ee4a06464fd8a7d0a083a623177a4a787647cb1ceece284d36cd42b1703548d3598e0bf22 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | f76d1a4ff1811b898493b87624dbe873 |
| SHA1 | e8fb76c1250efeb5b6628e24d14382365184a2f1 |
| SHA256 | 706b760508316b07548ad69905961dfb898c2cbf676b58f2d8aa8cfbe33b3458 |
| SHA512 | 66cc42c70830d47820d229ea991c9fceb8a7dbf038a988578aae48489bb5c0f789b9a84f90e619229eb77abaf92cb96cf80300c21a4bdbb347df26a1c42c7c59 |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | 087f61283489caf9542bcc271bef6a0a |
| SHA1 | 59941d972bca909aa675e1fbc4d84cd79cbbe026 |
| SHA256 | 7bb5fd218945e1169d5507b34b3c927f7c9e86b6e135948d18bbf159cebe749b |
| SHA512 | b97d097e7467aedbb75d3b8307aadcbc5e98f24258928ac32fb6dc92e0ef60ce8c923d2654ef91b0ebce9b9ff17334dc53340f5d6319c2e645565fd90704c95b |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | e9f0d29e666c7fbd1cf8917ee68a810b |
| SHA1 | 2ee48b38abbae3043276e62ae807c43b9b91b0cf |
| SHA256 | 8b873ad949e50841e97809c4400d3755a6f00db9ead910728e20fd3ccec1c712 |
| SHA512 | d7365d090541f7e41b501c09156a348198e33d80165f3a8b0e2bc947899324c1bafec552ecd12bce7413067498d782eeecb31c66e576cefa63d2741f44590cae |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | 0a57576f43f7847ceed180575c1e3720 |
| SHA1 | 29bd909c4dfb7b46638a00ce59919c54c86955b4 |
| SHA256 | c8ee3e9d845fe599a0fb7abc599a307a451942d8505eae3fa897a56b755e80a2 |
| SHA512 | 3b1b9a03c5d775607974388b3d6de37745eb1040c7f536bd13a05fec6bc31d099feb195b244d14fe7d163f13c04276f98c280a01b7d325e102db759404915a0c |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db
| MD5 | 62a3561989ede658cd16cc1f14199c1d |
| SHA1 | 6320791cdfd16b26450bf711bd6776d80a396912 |
| SHA256 | 9ae0206411304ee027e0cfe3b4e6732ced5b423f99c33340dafb68d2b5b215f6 |
| SHA512 | c4ef43e702e053ee39153149d1fb11311c57c6ad5393ea905df942df8bcd3625e2224563eb4c35bfc45e140aa09135c5123f48d220fe622d9dcf2a4cdaf5dfe4 |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | 6aab15d37821fa086a5a795db2e920bc |
| SHA1 | 6e35d8ecb2f767ab722bba0062e98605cdada7f9 |
| SHA256 | ffe81200513ff3e5c3cea5cb97a2294896205838021b09ba5ccfba0c4024b975 |
| SHA512 | ae6b79b3b30f3efdcc350e6a1a71cdffc48c8c52442cf3f310415027411695f41500ca2502b5d43dc7e470a9a00f97fe475a2b452de55c9b76e04417330a200b |
/data/data/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | 92787940793ed7d63214c3e819a4c6cd |
| SHA1 | 48b6e3ebda1e44f8be906d7d361513ba524890be |
| SHA256 | 07089e56fdb4fb923674b9d6fd7934cdafc434d666e8f07b377e8beb871f559b |
| SHA512 | 4f75c2af4dac44da117ff37b5e52f6b892184cb4bf02221839527f50b27d6f539921c03d6bcfd39957232c066745e43a0dabfe033f4fcdec861371d68d0d4fb5 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 53e41eb350a82309bb00cb5369779b97 |
| SHA1 | 075f88ae890433fce938d17047d3759d023fb5fd |
| SHA256 | 41a48fff4e80b9b83a666f69cc61e31b65b1282c2b7ac4807a84593338ff3d13 |
| SHA512 | e497296a274dbf017d413e996f21bbbcaca8b8afb55a91beccfd49cb005b2bd7fdf85f1dc2c68d447d3f1cd6d0e292a606373c7f95994567c30b2a8cb371941e |
/data/data/apps.ignisamerica.cleaner/files/gaClientId
| MD5 | 10b141c4b205fee8d84fed5557bfe083 |
| SHA1 | a830dce047c258da57b48eb16df829ef6d239549 |
| SHA256 | d163238be625f27cb027f374b8240343271fac3c492154b6ac3d248354c298a4 |
| SHA512 | e80c061cd3934f5da3c43bdd33319244e2d87ffb7972437663837fa751c4a2a7127ad83f3f28135d9553f8cd268f10358a2147be18941f76e7b43c48ff9c6dc3 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_119ef6d4-04b8-466d-89b4-25b06d575fa6_1730548448620.tap
| MD5 | de6263a2db8eaac03bb40f877ed0c66f |
| SHA1 | 764c20267573a02083b74a9af3cec0a0a4d87627 |
| SHA256 | f2de24309fe79fd9fceb3422a401946ff4d4657e4d6f0ee67508d9ee6d6752d3 |
| SHA512 | 7b858cf512037f8f07387a8a0b0bd63a97879e2faaf4b46320e7cc9db91f6557b9e464f365ad077afc0b83e470909c7b193d389bc917658868e6519e5e2ed0db |
/data/data/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 87da6cb00e7245eec9eb92d6851063fe |
| SHA1 | 513b60f255f7587c06af0defa635097767c92e74 |
| SHA256 | 65e158ab5bb388fcbf2a15d5dcee0c280b3b83c0a4e265c68bb4ca1ac47b422b |
| SHA512 | 77a3b602b00b8ef939324537c6d72f7b957ceef01c8b4d24bdae2e64deefae37cc6601903a87bd596a5e873a6fb7cfed4aa6652950e39febc8559de8ecd5a453 |
/data/data/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 8a3f56551bfefde4e14f52da66428284 |
| SHA1 | da74270e88dd68b3fb75e94607a84e5b0fa38916 |
| SHA256 | b3adf93f5b1e8ad3a35a30376c71553f88eb741804d8ad7c1c56673a8476469f |
| SHA512 | 0167074e264193a39281ddd74fff12464cf33c8834a92fa3108158ff962e66a26d60b124d103f5592d4da8d83dcc06ba0a5099de6406f36aa26f9ddd2fbdfcb4 |
/data/data/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | a1594ffd74007ce5b836e118e10d8b6f |
| SHA1 | c0cd7fab84c5539f75b722d6cae2180c5f673209 |
| SHA256 | c35edaebbf828e41a9126b8cbcfc0c9dba24a6d4d9d58eda1b609cf10d80a018 |
| SHA512 | ba93d4214e539793cf4e4b5bafff7ed6382eaf2c5002e9c826e90600ae2183786327f547630586e979f12688eb6fed3c325b26d6ad69ff6738509f47844fe5c9 |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | f1b62e755aa573361fca9d7fe166c8c7 |
| SHA1 | d75444b849bd7d1a0bc97184f520f33f6e2184b2 |
| SHA256 | 5c57042aa133dc4129e296940fc7dd18817e3b4f9ca87b308eb7cc7868368219 |
| SHA512 | 294916eb4c48596a4ca58a3793d522008899abb80056fbaefb2ba857d1eda89591337f39328fe86b7d1f55049e6d47aa50f9c3486ebd25b96ea6d404c8691bac |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | ccd81e6fd7c6b94d87cf6baf26d098d4 |
| SHA1 | f17127b865e47e1d548af00cb2f5a4301282f4d3 |
| SHA256 | b865b0149cdff2c009b798d8060f656b4977afc548cea23766f35530adb4cca3 |
| SHA512 | 168495622382beaba9b7138cf67076d1a43e9673858dcbe50b993239cd24e35ebe63ef7427d611acdc3202353f599b1a01782324d14b585d6f1534439aff0a22 |
/data/data/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 201e444cde5bda5f1a9b6ec61226a278 |
| SHA1 | 5b32f7751a237b9f77a40aaca43b0ab7608d63dd |
| SHA256 | 6408987de3d0197e3af8b7db9c1695a1ffef6e48659d72850a77e21f50d6ee9e |
| SHA512 | 8757f0a28e04440ff151cc930961d72a4deda33b7dc3b46b9ea6c5758a9cb604308e1a9da598a6a567009ce92b3c7b44b31cba79bc1e0968ab5877dd5f15c565 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-02 11:53
Reported
2024-11-02 11:56
Platform
android-x64-arm64-20240624-en
Max time kernel
135s
Max time network
139s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
apps.ignisamerica.cleaner
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | apphit.us | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 1.1.1.1:53 | ads.mopub.com | udp |
| US | 34.111.158.155:80 | ads.mopub.com | tcp |
| US | 1.1.1.1:53 | cognito-identity.us-east-1.amazonaws.com | udp |
| JP | 133.242.26.93:80 | apphit.us | tcp |
| US | 107.22.27.166:443 | cognito-identity.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | mobileanalytics.us-east-1.amazonaws.com | udp |
| GB | 18.172.153.109:443 | mobileanalytics.us-east-1.amazonaws.com | tcp |
| US | 1.1.1.1:53 | config.inmobi.com | udp |
| US | 20.33.59.69:80 | config.inmobi.com | tcp |
| US | 1.1.1.1:53 | push1.apphit.us | udp |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.187.196:443 | tcp | |
| US | 1.1.1.1:53 | config.inmobi.com | udp |
| US | 20.33.59.62:80 | config.inmobi.com | tcp |
Files
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275BeginSession.cls_temp
| MD5 | 2c1d22394d11acdcd9c5e4d8038b1bff |
| SHA1 | 96d9769b5691b8b090d8374a5f3fe5bf96614081 |
| SHA256 | d9585fb3f6bb75e2dac1088296dcb9a1ef88be15be56e0ce81297f91a9712b0e |
| SHA512 | 8d57cb450c8caa86d52e772d6da99ca0116f45f35c851133da528fe00f1f312757fc2042d03bde140992e753dcf3a21846f8575b15babb4e07c8c13efd8c5d8b |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275SessionApp.cls_temp
| MD5 | d2daa3c2c09be7007ca02dfcd2fbafc2 |
| SHA1 | 271715e4109ce41227b4540b3428627a5c8a789a |
| SHA256 | a13df174ed3ec9689fdeb85e541f0b1363abcf6a4fbabe12da9ca25c170501ca |
| SHA512 | f9503489437defe83ee68ce17cc613e72ac19691204fa7a129ca71eba1d0d6ff0372253a2f0bae96717af7e98a50ba7ee8001d6081ca210d33a1da2f2f15ca34 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275SessionOS.cls_temp
| MD5 | b3d9541cc92a9153d14e5160f8d8c008 |
| SHA1 | 2e1ac80eb381dd82a03795b682f92020348c0113 |
| SHA256 | 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d |
| SHA512 | 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | aecc01beb3bec1cd16d4cbc2d2b843b2 |
| SHA1 | a168bf0a8a0bfe05ce16fc06db71ddd01fd2c1dc |
| SHA256 | 1836cf4efcd95ecfeee19bda960ac4658d11c1081f4a8469803696c5c15c9ed6 |
| SHA512 | 9bb2f07a6445316a8feb8d0ca464fc363a8d62db069ce33f27f29ca74f6476676e2cdb82ab2d8e8edf6a78c89ed04ab3616b5ee311f5a85d70ca360e7fefb8c3 |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db
| MD5 | 2ee92dd29908172d267224c806db7023 |
| SHA1 | 18e81aa3c343016018fd8520523ec8c9f3a641dd |
| SHA256 | 7551bf8f8224d0cb1bbf32fb647c8a118e0029512b273aff8a30bc3184632931 |
| SHA512 | 3b5c20265115ac96fb9858af83ada0f12015fa68d0315195b630fb0fc9c461f868ff12618a77d714627c9d03d56cd91e7100083dcf03659319353057da15a6ad |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 5f83334a7c1ce5e6acd00cb42a2ac0b3 |
| SHA1 | de8f48ae5b2ffa914564f6b26dd01507399b90ce |
| SHA256 | d78fa0bf80cc73145706290506ec8d9d93201140e0f7475c9c1e95058b62497f |
| SHA512 | 861636e275454fd7eec696f95179892c5940f58659df5d5ffda35bcc5e6373fb045fb907ccef54203db76e19ccd2cbd8b677e2b13d9dc2db00d5aecc991ea4e4 |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 58376116f23762ba4ab769fd67009507 |
| SHA1 | 9137d96989002018c3b6da49df2431376eac2b3b |
| SHA256 | a928433b564e1e4c05cf4ab1a03bbedd35506b5a5aa30a1e1b5de9cb5356d4c5 |
| SHA512 | 6d4e76ebd99549a0bbf1e53fe7c2433eceb0dd6b8bd39d27077177d31a5a48d1107608ea6e851ab4257988c621b9b33d18593224b4a4ff82cfdc05e258114685 |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 96caae1cff3ef0a6a1ed0b1ea44120d4 |
| SHA1 | 8bbe7dbb05596615b0c3d1d0aa8ced2d1ae9401a |
| SHA256 | 20e5e57b174d4168e8534ceb2175c36139a3665d047c19078751af417fd959b2 |
| SHA512 | 8e0e6649174f4fefd36dd2fda806190b9e68a915b1324ddb3f3dde1f978b8972b3feadab68cdd86b78585b9042d620f3f8bfb6ee902960829fa154bc6408d414 |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | e4faa58a18a98933bbfa5f4fa6fb9a84 |
| SHA1 | 460596ba9381b83b2ff5c2a507c93adb0863f82a |
| SHA256 | d33aa15f0ff915dd0a49ba38f8f29f525af07d1a2989fe3d097dd9f40a226cbb |
| SHA512 | 2d0d07aa7b449c92949013fab60249590e595dfa6fb6fa19100c6e4168cef4b79664c660668c24cbb7a975d5891d21910bdd601aa3759c0a7561d6f780df5d11 |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db
| MD5 | 876f86564ca48477d3bd0ca28de63986 |
| SHA1 | 1e841c92cd948c397cb29ee0746d694eac3cc7a3 |
| SHA256 | f55a71938a6d87d8318bf94207cbb04fdd3ac9fc9d9de70851cfbff946eacc76 |
| SHA512 | 3eee47221a49c609e2a9566625faf309e3ba5ca434d554808498f146e166ac0fa3972464492037a684ec6d51c90aadbd0820f93119cc1a7c1793ba9a2a95ebaf |
/data/user/0/apps.ignisamerica.cleaner/databases/com.im.db-journal
| MD5 | 0f802d958343b1d1e6d90a71bbb5c687 |
| SHA1 | 656cbd0b1f304dadcacfba000004a9e066fab400 |
| SHA256 | 5ed7d3397d9c6c6480a1c3bc6c52e8055103b518237667dec311754a65d9f2a6 |
| SHA512 | d78ded33297dee2fa6677a97e002ab11805f49ab5b78c81a6ee37594e02b72e3fca1a39a6062aaf7596a2e51fb882bab87df5cacef70178ab5b9954e28de5525 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 7a7b8dc1361b2b54e62d2152105a4a93 |
| SHA1 | 346d3200e412fa79e624487b819e762318482cb6 |
| SHA256 | 56568444e71774e59702d4af5700fc56c2781914424a055a097b006d1274127d |
| SHA512 | 6b27e591b67ff4911a355b998a98eb3d2a4a9c64f6402e8e3e1e49b74054dc57b4642303b97b85b07b46584ae92979f4d01ee9f99f1905d88ada97707c973c79 |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 8e0ee47ddfde3e6736657a432a644273 |
| SHA1 | 45424b0466d631d3a22f6adea9ea2d56e8ff4a2e |
| SHA256 | c491c417c40a69d426dbb6b1de54ccdac265690d1d0814e188288011edd75e81 |
| SHA512 | 2871cb7280d66591488aaae02d505f91ac3d9ac85fdb06356932995b1ff6f7461746c5b75561fa05cdcef7c639adfc1bfbe9a27adf14b0842649766005d37bb6 |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db
| MD5 | 8872b1d2c95ead108eb50772561900be |
| SHA1 | 24eccd5b22fc8e95f28fd1df8d625158e043855c |
| SHA256 | c35dd18e6caa460c7ec00362a1c26accd5b8e4b5a13bf9a2a897696f1d3e3616 |
| SHA512 | 448ee5784db56914f79019d7b5e369637d913792995937ce7bbe64d4462fabb55817e390e687205db026cb3e1e17b75649a87caca2c50b1e6429ce32c341f276 |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 0a5756e8e588bdaa8bcdcd3c2b621d3c |
| SHA1 | 022d82bf10883cb7375f42804662eb8bca4174b9 |
| SHA256 | 75268b43262466dda23caa492ffaac27563e54fab543183d4ca6b598fe0ffe49 |
| SHA512 | dfc87e366caa1f9810a99be9e2b020ef858a3f60cb666de23e5b840635ff4278ab27692ab86afeffa9470f730f1bd827cbf17a641dfbe05a18b47f6f0d4699a9 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | 3a86056c6b36c71ac98074289c2228d7 |
| SHA1 | 95bf72ea5d4d6fce6b0e8dcd75b542baf0be8744 |
| SHA256 | 988a7fd6f9e6e16e2769355107efa8f89f288ee942604b1067169ce72a7a4a1f |
| SHA512 | 582b89d63786143584db2cc7b7a17f8329f7a3d4f74316059c213371a31455fa822d499e1fa35627e6313528819baeec080491371dc8ad8feeb0c9987a5ae0b3 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | cc70b632c9b54ce7c49c680c4a95001d |
| SHA1 | d1a96a4254547aefc72787c5731b9497e6ac6ff1 |
| SHA256 | 97a3855b1dd83e70db1f806add5e376008afce68702348134d5c3c6c82b6b793 |
| SHA512 | 3e0c12c3b80ca49607f922ab4deb31720927fba39ab935234c7013de53061d1291346bb94933c8e98299b5b0fcee958c876f6f2f4568af3515c3c7594dbf7efc |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 252a5fd83fd0f7bdf9bd476e90751a51 |
| SHA1 | 24a968aba2484fc1cd05f9a4da459e6183101232 |
| SHA256 | 83583d6dffe5dd891cfe6413846b8414c68e43623ff47686c1782d888ea41bff |
| SHA512 | 3bf3402ad4d6207e35a7a839dd582521bdcedc2806fa79850393ef52e166a120be80202f45b591440f949fcf89c6eaf39ce574b9321a041003895e9f0519b1a7 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | c20e05bb5c499db2f06826c2bce98d6d |
| SHA1 | 1fbaccb0af62e2fef549698ae57799f9add211f7 |
| SHA256 | 8ea5cd16d3f4dbbfc5af769bcbf6a3da18f1198876e42ddd679be3c3175dd240 |
| SHA512 | d5d8db955f9d850d0110af8e4ec99f1c3849cf408244786fd351413a5449ca25273e7b488144a473fc928cefced53cd95e6980acea1ba2910df4d36aeaacd58d |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275SessionDevice.cls_temp
| MD5 | 47c9022dd6b84ae65f0227e38fc0b371 |
| SHA1 | bbd4726bf817443733a7a11876e0971008959d8a |
| SHA256 | 5861a4eb86043f0fe8da276a27768b6366ff5c8eb09f9c6b22336ca52efe10a2 |
| SHA512 | 1d081d3da25cbcdbbdda9268ce8c2703729317472ef6566a464cd569e20b05cf281de217253c6c650ad85997f6197072a19ad0e21489cfd592b869e300c63280 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275keys.meta
| MD5 | 73b9486ab059e454addb6130c2bcd928 |
| SHA1 | 8ad3c306ce0439aa7bcdbb47e4a841c7672b0337 |
| SHA256 | 6d2dbd03919beb430378b0ce0c0679ffbd486e11538e8c689de28fd2eac7e5d4 |
| SHA512 | 703759ba5d38d86309bfdf6c1772079be4fc6f1d921e951c901afa862ed72b3d30f7ef47a3e102b60e310d97feb1225097b56001c1d57eb82a0a0bf99a2cefc9 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
| MD5 | c33583fae4e0b61cde1c5b9227963237 |
| SHA1 | fe2ebe4d27469af1460f7e852031a04208ef629b |
| SHA256 | 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc |
| SHA512 | fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 5e95b01009e01751882764a706be6f83 |
| SHA1 | 55335e2d009f8be14759891a18c75c76719af5ab |
| SHA256 | ec19ba8be000ee167efb30176e006aa59e7b7b539873ad5f90f6396b7b4ebf81 |
| SHA512 | 8b4ed6213fde25a909b36e4ae935229bc19708a61e23806487623eb85f99dbb4efd6e25021c7efb4e95aee017daced87b897149e766617ddc76ca2cdb7b90bb1 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/672612DC017C-0001-1160-6BBB5B021275keys.meta
| MD5 | bcf8ed0f390320b629a859a735ca4499 |
| SHA1 | e25b12fb7c85d607a4fef4c5c17a7925e252001b |
| SHA256 | c96b1d4082dbf5dcc39e9ed964bba6a36612ef42a200509a3b174a8de94abe32 |
| SHA512 | 81acc5be403f522dd819756f219f9c75660f404ad61e75b9932c6d88f5cea4f1321aebb1e1333b42452a2d6be9e7da2a563c65df93919c4ed10368d51b621f22 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_610f81fe-66be-4ef5-a05d-379127775d81_1730548448080.tap
| MD5 | 01bf76c3c58a0fdc6e401bdff82c3977 |
| SHA1 | 64fe9c00bcd6bb152aefc98acb3d39703e274fc8 |
| SHA256 | f6228b853de1a92ddb222e2d64fd9c1036ffe2516c693f2ed720f68ef284e181 |
| SHA512 | c82f796373a0cb9c6dc1eee551eb0577b3382eda61b5a041daba14901ef6a42e1c80b82ef4ab14c024200358fcd96960466554b7e350b67d1b70da4bc710ade5 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | fa48e22752990ac86cf3a31ece1e737d |
| SHA1 | bf3f798b42ff0df6c59debcb330aba23019f5671 |
| SHA256 | e073b46fdf42dbb88978cd438fe1983d1e3eafb02507e4330efd1ed2fb428152 |
| SHA512 | 56a3067f30974120c5eadfca936425288bb13669b6c9385cc7e29694766c1bd7ea3ebcb7e234380ae51664668ffdda1d631ec60d13c1f7197c73975c1e6bbbd7 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/sessions/sessionFile
| MD5 | d10d5629dd153f75bbe486bac7d9aee2 |
| SHA1 | c0f8ea1dd3dcc907dd3920d95c29ecd8370b56b2 |
| SHA256 | 4e17a22cee3cb76ab89400287e00e262a662f27f97de32cc838a83b920e2ae12 |
| SHA512 | 889321de881ae45e467541bfb712e90b24a66f74e9d73df989c3dc78d8264a7762cb665ecac7f766372836482834cdcbafbe7602623c80dcc96a914cb50cd22b |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | a5a5d3143d4fa11c162e9a59799ba460 |
| SHA1 | bd08a00e56ab19a0490754203d2ae7f4f0bb0047 |
| SHA256 | 67360a68546686089fc23578910790f8208ad8c724e271d460731a7ba69c57b7 |
| SHA512 | 8dc5009980c45401a5384c7f649043e866fce0477d22cd1cac27ca6934a6b567a5629ed1527c46bb580594af1591b94336ebfdfc2ab9443559883cd5ecc44421 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 90fcd2c58f3cb2b83263a044b083e138 |
| SHA1 | bdf0f0572ee18d6267a5c36f8664a7dd790a18f9 |
| SHA256 | 4c25295fceee2da8047d039ba9c2ea048bf75991538f101d0f6c2108fd516d1c |
| SHA512 | 0646c77e2d8dc7deb724e0fe8a05e50f4af5db0c442538f323e5a356cd0d11e14c119daba877c1fca9942a72083ee0638abc07e47ec0d97a5cf367a08fa5395a |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db
| MD5 | f8c9b702342b86ab3f105fe9b0e66120 |
| SHA1 | d1fab668feabe5caf763d58e2a991c2865515996 |
| SHA256 | 20b1eeb8181f83b2423ebd1585619e40f6e25616405709e01c00c630685e6248 |
| SHA512 | 6b0eeeab56d4248d1cc95efcb6f29b5473c2cb2415613eb71e5a15136b61da81569bcbe318140368668ae54de235a2efc5a17053fe487614e6c41211586d43a0 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 61b6477f5fef068d3d723f2fae8c695c |
| SHA1 | 1c7b16288a58ebaf3704fb9b75be7760c7ebabb3 |
| SHA256 | 72b60d8ed569b964a7a21635934cf5b2f4134e834ca226c69941f872b294c3d7 |
| SHA512 | 77a079481c9189a36eec4534d1325aeeddf5ddaa492764c04c48c0b51fefd828d13b2185b71c9adf4fe2859e5a87282ff39b6cc5145a938583e32a20cefd4541 |
/data/user/0/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | f6f9935fd5fecf3415310f003d0d2b78 |
| SHA1 | 898b7dc29e02a71b6c15d789bc8a9d722b590aee |
| SHA256 | 1ea095773a7dde5ea80521e3d664fb0db48e6c0d6b6abfd1a957887d1451e48c |
| SHA512 | af84c635106887e1405c2f8f9695dbfd9bbe18d39c23b02e0259d50c68190dec8e1f05cc2c3a2cc39c54d1e80059f4994ed742eeca73aad9ebeb8c3e2f58b59c |
/data/user/0/apps.ignisamerica.cleaner/databases/http_auth.db
| MD5 | ed710a8968441282a5939621c2771927 |
| SHA1 | b6ac28b3e32ea66790c52d6934608b5e71f3d5b8 |
| SHA256 | 6e7b95a553c2528d6c564296a9e481a6d913074c35011a19f2da8e4807c53bb2 |
| SHA512 | 547d7c530ad345edf6b880b7685d2ddf3770e595fe3a40041677cb0c296b15ec6d9e8ebf3f2db51624be41766a0af6764512f1c352d5fde22bdea81d7c08e364 |
/data/user/0/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | e1c038fe5ebd25cef4230a51c75d4d08 |
| SHA1 | ecebc88fe718ed86da6ff1e331fd2f0dd0d9f540 |
| SHA256 | 89b40a538f5f7056ff233e2e69ce48c4436a843adb2441aed93715966f2f273a |
| SHA512 | 195995dc71fd42ef9b27bc398fabfd0ad6431a6867605fcc39192d5959a8e6376fab938cd5581591807366ae2ea0fca3738dd1a9184f76c1560775ac4cc25287 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 3955954775875fadd93665001a0e2271 |
| SHA1 | 271509d31e25851f01676b6cacca2b9860c0e8b1 |
| SHA256 | be776a956c6dbbefd3aef2ec4a3d3dd67d9690a998da3dd2a28ae93998c58890 |
| SHA512 | ba5c92fe507e226f99d642300f8d4bc20dea99fdc7c7b750af3a15d64d58b364fe72ec4c11ebe611e41fd037b8553d57554eee2608e48f1f770406b5c4c0407d |
/data/user/0/apps.ignisamerica.cleaner/databases/http_auth.db-journal
| MD5 | 1bcc63765874c18ba9943b70a9267080 |
| SHA1 | a0c51682185da76683265ba81aab2941f3081881 |
| SHA256 | 16597ffb3c79993f9e490b2eec24730cfcd2d6a4638f76315c2e9ac873bf38f3 |
| SHA512 | 82f1de1a75aca4e456642d57df1726c8a8b7c0ecdb3e1d06e80bf52b0403ec08cd9eb91c59781702568a1dfb46677a7fd54cd9a4eb508e196d93e54b8050e4d1 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | 27cd4ae583f98d84420b19ca7602a14d |
| SHA1 | 94ee21c6586e0e3e23071f0fc239971853a46553 |
| SHA256 | 976e552c0d52def564af77bf9f559b7294bb0c3bc18341d5b94ee6db76c2f5a5 |
| SHA512 | 843280e12fa8052529b85d8f565aad7848c57b944f01934b960b726c0fccb33e1c0635880cce4a942a172a652eaa484037574b6411224f28931ceb4921a89375 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | c651447e8551db7cd94b003d7f475d7c |
| SHA1 | 28671f894375dedd6bd60646aebf16c746b27f0b |
| SHA256 | b5abcfde45f5982bedb66e3b50feb7f1da23232be52dae566858cbe190beb5b6 |
| SHA512 | 1afa2f696c48639d3d69e7246ac5373eb6c72c67fff3bc438b3eece6e87d9190013d983159e5f651ac7ee85cc6cfdfcad4e361753daf391403bd3e4a6ac045f5 |
/data/user/0/apps.ignisamerica.cleaner/files/gaClientId
| MD5 | d375de8cad45291b25cab7a56439d468 |
| SHA1 | 5828f01c6299b5bf1d8eda11e8a0714f12600d7c |
| SHA256 | 7ac43618915ff124769a66a90744d22d9efb44d943f4edf09adaae059e92e483 |
| SHA512 | 54a93489ed4f60d56ed80b9f7d001a00f271c36196d494d9fb7c5fac1f18305e6fdfa55295a42f66487bc4ed354e8f60c125081f16287cd1866325650a35ec92 |
/data/user/0/apps.ignisamerica.cleaner/databases/google_analytics_v4.db-journal
| MD5 | a67202da02063647eba7d2e9ccbe0d70 |
| SHA1 | 09710db84e9b4f49182a06455d1c8a99a7fe740c |
| SHA256 | 0c5e45e0b777bd130191f268acb5b69f3ffaf9c3abb8f3379218aee54bf05ef4 |
| SHA512 | 99186e8bf59d5ae74639c4887372518239cb5b221af83bc2ff3a2e874410d427963dfc05128eedf065d49ac234fec4a51a5dbc87f3073af0543f2422d12cc85e |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_f98f9581-a75d-4233-9430-4ad3bd130bc7_1730548450098.tap
| MD5 | ae37b28d1c8629e130a05bef44d98ee6 |
| SHA1 | 669a036484f6951aed34f1115d1947b45dd883aa |
| SHA256 | 6c3986494475cec78e6af1408cf659eb5cdf11f5283cbaf184d6dfe3927bdcf0 |
| SHA512 | 8222ebcbbfc12a02cdb70381a387eed719d3f3c5df1e8d79db57887779ab79586aab98010cbc647ecb52ef3b6ecb373d5769418db84dd701512354dbc7bdb033 |
/data/user/0/apps.ignisamerica.cleaner/app_1c13a44aa1ec4fcd8e9d74cbbf47d678515d6767-01b7-49e5-8273-c8d11b0f331d/events/eventsFile
| MD5 | 574ed00d99a6b46ed6723614c1e3682b |
| SHA1 | 21d3f07ad2beccda1f44e9b6f7ce7921c515ef9c |
| SHA256 | f72bdac46621f6335f916d9b7efc6c5c69ebf2829ec86435aea138a24da2014a |
| SHA512 | cfb8b3452e31e2029e7d8f17bdcf995e1680602f98b58c45bcb4cb64671d75db368a6706291f234866a7246e741e85c573b0417814642921522b254d770fdb07 |
/data/user/0/apps.ignisamerica.cleaner/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
| MD5 | 076f3f2901fa11e4ad6c94ef892b7b5c |
| SHA1 | 44f19a4f5466d196fe7e15ba15a822112fc40e96 |
| SHA256 | 414f3618fa3907150391630c27102c5d066d32fc92bb799771db155a3cc20f16 |
| SHA512 | dceb6595b71eabc33ff99f39e167237ff497959255a271688a58ac8d3b23f835b23b9b10151f6bc80cdc0b84651d5d421cc98349b9b5c9223f77b2f5d65fbb6c |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | ca8224b2419124899180a1cb6d4a19c2 |
| SHA1 | 2bb9899ed1114059fcbe731dcbbab40f20f22d28 |
| SHA256 | 8cbf446f3cc9f8d7b7651dc7f5f352bbdeeea66c74906b2a831ca7d4bf2c61c9 |
| SHA512 | 8f18a7c8a9a75a083139d7c8f45779ea0e53c41e74dd3cef702e2088990b97630626b9e99468094a1660b9335ea068ed2cd94388e59d08c460b5f82aa053c14b |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | e439d28fbab93a648bbe6a6e1bd618b0 |
| SHA1 | e4fc7a135c38795674003b45060acf18cdcda82b |
| SHA256 | ee6359f2c3586528ef4351570b026d4a3dda90a6fe7c387bf727f30a7d4ee9fb |
| SHA512 | 6a77508408f74a41c1b269d51122b52793516299411d29e373c8d1a1f5e51f74a1882824e34f70189682b08937f3d432463e63f2de939093b7b8aec6019980cb |
/data/user/0/apps.ignisamerica.cleaner/databases/cleanup_apps.db-journal
| MD5 | 31ec1b986480e34269b075b63229e655 |
| SHA1 | 218e38159cae78a2af07aaebc877fbfc4a2e4a9b |
| SHA256 | 192bd714c47d5486a28d02a70a212a82ba8163e1c46772b9051d1afcfec3b774 |
| SHA512 | 0b4a01a6d777999a428bd0f46f8d8caf0fdf2fc93ed2504c6bae46eacfe4ae0172907948f2aa29dd89dc40e953af114ef0aa8c113bf5d1ee349e146f5ad25dac |