Malware Analysis Report

2024-12-01 03:05

Sample ID 241111-g9lkxsyjbp
Target AmnesiaBETA.apk
SHA256 9f0460662f390a0c5ca40b0ae41a5205a72553c9df68e4afef53d9becf6fae12
Tags
collection execution persistence impact privilege_escalation
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

9f0460662f390a0c5ca40b0ae41a5205a72553c9df68e4afef53d9becf6fae12

Threat Level: Shows suspicious behavior

The file AmnesiaBETA.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

collection execution persistence impact privilege_escalation

Reads the content of the call log.

Tries to add a device administrator.

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Looks up external IP address via web service

Schedules tasks to execute at a specified time

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-11 06:30

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x64-20240624-en

Max time kernel

10s

Max time network

301s

Command Line

com.example.myapp

Signatures

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

com.example.myapp

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.34:443 tcp
GB 216.58.204.78:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp
GB 216.58.212.227:443 tcp

Files

/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal

MD5 627cf1b7684a48835c3623752d887225
SHA1 d462b0c4ec750295ba5bfff8936081e511936480
SHA256 0dee7b4914d55232036ef3de7996d3b66f80dd14c5abe3cb7bc4844596077fcb
SHA512 4bd578dec2d25922b50bc6c6ac6e69be9bb11f7bdfaf5c77eb219865ab5f1e832c6742afd793aeaf4bb639bbe279c3c1a60ca70a87fd9b47cd64bc45822cd527

/data/data/com.example.myapp/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 506ed4cb29038ebf9b8e08ec145fde62
SHA1 855cc56d4ed76a4667f1cda52b465c94cde177e5
SHA256 20ca5e92b49b9bbc0e244fe3ce8bf1fa1a165b5ff14803be4bd6e164ea58c74d
SHA512 0667e5a2e588866c51c3485009e85aa93617368e286b03507c786c3671bdecc58f1e97a512abc5e6f124fb40ad9ec9c9155fa256a61fded13d00cf43793032dc

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 362fdee8396d32bde785c0db01d10439
SHA1 5b4e60cd8d49a8172ebbb9c9345224111953aa3c
SHA256 cbdb68384be1fa53b3a63476b676c86c8103a0127d17676c0565b93984f280a7
SHA512 02de9d9de413b70a04a32c19e517b30cb1dd2f7ab904154c321a5fad6d0b39e211180b9ff0352591d3dcd251c5c96a3e5798a61b4d8bafef8f84c18538d87bbb

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 696cbad9f15bd136f8f8dc2ff44d4eae
SHA1 1cf8dfc679a728647f1c0ed6a3890fe5c1d3324d
SHA256 f7e48df22d0ebbe6b2d5a398f8a72c9b828e402142a8ddc6385be472713b1a24
SHA512 0618c321100651bed81a30254654f1e88bd555a2a504e3a23cefebd5ee70a31ba0f8159c999bd2db64dd49c1455e2010afa256103660eb0657ce7c7ffff6b335

/data/data/com.example.myapp/files/profileInstalled

MD5 34901dc3b59780cc7dbe3dbc34d40035
SHA1 2db05f353073e7786484137bde95db0c29933e12
SHA256 eb6664598c0f5d0af6a541553c36909216be97f54d23db5132ed3abe129a6581
SHA512 a49b3afe084eeb40cf0b48567412e62db64526c393d0e054467264e75625f607009b855412c8c70bf65127fc8ceee12e15bd8a39e416cd6c92328114cab0a5e1

Analysis: behavioral7

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-33-x64-arm64-20240910-en

Max time kernel

7s

Max time network

300s

Command Line

com.example.myapp

Signatures

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Tries to add a device administrator.

privilege_escalation impact
Description Indicator Process Target
Intent action android.app.action.ADD_DEVICE_ADMIN N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

com.example.myapp

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 142.250.200.14:443 android.apis.google.com udp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
GB 142.250.200.38:80 tcp
GB 142.250.179.226:443 tcp
GB 142.250.200.38:443 tcp
GB 142.250.200.34:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.187.193:443 tcp
GB 216.58.201.97:443 tcp
GB 142.250.187.193:443 tcp
GB 142.250.187.193:443 tcp
GB 142.250.187.193:443 tcp
GB 142.250.187.193:443 tcp
GB 216.58.212.234:443 remoteprovisioning.googleapis.com tcp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp

Files

/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal

MD5 6c146ea58dbdb75d1c89a2adf5c63d54
SHA1 9dfb22160cf9c641b4a751bf2704f1b23ce1b699
SHA256 4bb67d0bb17de2d0ce86a57e055341a385fe1ff2a40de342466a77f5ffab487d
SHA512 747ccc13307a06806030973dd255dc2525e539642d7c22e33bd2acf1a13f07cfe70b337171bd8999f7d146410203a14d1529832a3558f780cda0831db3af2bf6

/data/data/com.example.myapp/no_backup/androidx.work.workdb

MD5 0eb157e1a86d4d00aa601dd2f6ff3ee3
SHA1 fee434f784e73cc7916322e949f727caf8363102
SHA256 b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4
SHA512 b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 034d36b7a5e1afedb63ad548c83c03f9
SHA1 cd1f067b0448e1be2107b92ab589a25001dbbe70
SHA256 d306c398fa65a46d50db8d40fb3fd7da3c0a6ff0f7d0e6069c0f0e826268f8c5
SHA512 2cd4549638aa2c33a469b19ea7b8913ecc553349e98d104e29b49b8afe26e594394dcdbabfd743e13a5419525c1b59873191d8c08cdac62cb026d173c8988372

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 443d750cf70895dbb624560860aae147
SHA1 3554cff2c8c2d87e87840209d7b6ea8db2696069
SHA256 cb1e028e25a01d46e457818b6c1cdff8f61c350d3be5a1bdde4ba787936cf754
SHA512 b5f9cef28b944d9cb8661e04dbe6b77083d8dd0381b1095fea3cf24072126df8ed60bc8c3c43fa0907c6835ca1c200b02e6c5687febf1bffcb7409a9be4baa94

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 ed6329dffbba2c6ac6997e84fd5edb2e
SHA1 159d699422fee97e89486ae2f5c8c65686acc243
SHA256 799da3e25208e74c23b27b969f15c5a044440bdfef0888ace0b7b8020d4aaf3c
SHA512 42a35bdbf166a9f50119b959da24e1db435b0cc13ea1cfda2a94512d16372530445e5d36b2797e04701c2833dd89fa4b1a2666af3966f6a47e8030e770aa8cc5

/data/data/com.example.myapp/files/profileInstalled

MD5 a1971d87ed45006c35a78b8e00bf8d8b
SHA1 972a980c9fc558348dd06cc73128c51bf82c36ff
SHA256 a2b962a4b7431227d631563b0906b9b76a8edd47c6d5ff0226f5b59c8546e018
SHA512 4cf58f1b56b723ba3a7c70c1f15259fb6179d83fe68e4d867d7dcc912892c52ad18d53e7dae9ddb8f6969b970cce5b77c9840d1bde6711a43b0b95c11301e604

Analysis: behavioral8

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x86-arm-20240624-en

Max time kernel

11s

Max time network

302s

Command Line

com.example.myapp

Signatures

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Tries to add a device administrator.

privilege_escalation impact
Description Indicator Process Target
Intent action android.app.action.ADD_DEVICE_ADMIN N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

com.example.myapp

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.10:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 172.217.169.68:443 tcp
GB 172.217.16.227:80 tcp
GB 142.250.187.194:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.187.195:443 tcp
GB 142.250.187.195:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.187.195:443 tcp
GB 142.250.187.195:443 tcp

Files

/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal

MD5 90a4b3eff84db32cb2380189c1b59e9d
SHA1 0fa77895210bb1896a37c81d5fa327832a39d30b
SHA256 6d847b5fec924ccae6d0f53feed98e317d782c1b7641138234a9e17042967633
SHA512 0b0ece9205f707d49fd50c01befe71a631a144221dd2f3e507a774f72beb60ac47e81eb3d81ce3782ce4d818f61efb1f0d9916bf779bae5f18250c9c3b564e96

/data/data/com.example.myapp/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 3ecc9418c50167978ba96a1b5cff2cd6
SHA1 d1299c5a6bb9b1a5bcdaa5fcefd3d71934763db7
SHA256 c8e96891c01643d4273df1093f67438248f260dee46f3d6a478d8337290a6fc2
SHA512 7876f1ef4e31906e90d08ab45357b2198db480ce11e5363a977bed8c779b7f671b08039a77bc4131e31d9a825ae2d05a325eab816dab9d7f6daf887db30da212

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 e644fc952c715f93f82301706c6659fc
SHA1 a839f8a2d3644477916b535ea85caf0416291646
SHA256 3d033540fd8b2c90433bc6f552614019f41c0c6726e2b81c1fc0f25071dcdfdb
SHA512 3ce96cce8db90a900d13ddaf0e3455dcb3a1e7da18e8fd88777f27cde528cab9181e8d7ebd96c20c4ffaf2c81a3a7bf11b2b40908283bf3a056290bc4354bc60

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 ff3a42c2a0249efcb3983f53a275aaab
SHA1 5b45493c77af1a54cbe90b42c2e9a884d77867cf
SHA256 b7066f58494901f97594f168d61ec38ef0d7e75edc7d86c2a613249321069fc5
SHA512 74dfe18cde9fb4b93252029dd8c5403323fb44887a970d6685d6b259165926524f61284957063a7845347924fad13850e7b3bae527c4c2b2c2e2dc2723721317

/data/data/com.example.myapp/files/profileInstalled

MD5 14d73994ec15481f9a608ab91fd3c3bc
SHA1 a9d9d9022ba789b58afee51dc930d2e42e919770
SHA256 bd2c8c2020873fba38fde14e0697efac2bdc89a647c6131f3944b1226a59c21f
SHA512 dfebacf7e6144c2d12970d710781f0160fb58ec6971de10c06e3eb0b738bf9eb8031b4c22f95de316507f1324e933effec3187d009f77cc54beb4f1dad06d372

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x64-20240624-en

Max time kernel

198s

Max time network

301s

Command Line

beznogym.hack

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

beznogym.hack

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
NL 149.154.167.220:443 api.telegram.org tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 216.58.213.10:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.200.34:443 tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
US 1.1.1.1:53 g.tenor.com udp
GB 142.250.187.234:443 g.tenor.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.169.42:443 semanticlocation-pa.googleapis.com tcp
GB 172.217.169.42:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.213.10:443 semanticlocation-pa.googleapis.com tcp
GB 216.58.213.10:443 semanticlocation-pa.googleapis.com tcp

Files

/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal

MD5 903cdacc979a62fe8074ac83505cc4d0
SHA1 24f7b4512e76366d4921fdb203b7d30fbd82129c
SHA256 49b9e9dcf56e3981990315f92e5aa2d77dd07e87dc9ad209269a9a8079fe640d
SHA512 53f8fee96aae9357b87bf134488db84ab6bf252da44ef92bc309236ef5acfd9fef37d3aa6887c9cf544c5b9669a3b0495aaf5474d71f267c9d407b9b7c1c3c1e

/data/data/beznogym.hack/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 19ed9710a3203ecd4345cd2b2d90aebf
SHA1 71091e9e98cb24484bb4bce5141c7388fbb36486
SHA256 d2a6f8a54efff6f1a81c60a948ffc65f9bf6563128b5f0f39ec87dd9f20e092b
SHA512 bc4f2b991ee2f304100948fa4b8c9e7ee4a0997faba64edde7a5f0a46fea1e59a8000b53655bd8050b100c96c418ff49c3aca07243fa81980d8bb8446d8e8118

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 fb479f335ab1dd5c13d98bf1a24240b0
SHA1 d990b67333030520c92b4a7fd3bf360f6acb6324
SHA256 1e8ebd4d8980ef54291f8665f0d9deeb2eab1e76eab946cd5638f36e4174112e
SHA512 4fda45dfcda68416ef90298caf3155c9a9566e0c7a3f18b5c2fc2506c2210888433d057cf0a5396ca78d7c961a38b353bd33e58a1e7733c466dff7e55b9ebd5a

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 a533b7360a46642cd66f6be4f23138ec
SHA1 efc3050cb803b639288cafe8fbe4872d0eac5e66
SHA256 df5f486e540c2f88b46278fc74d485582954d1d4a423e6d233aed977a531cce9
SHA512 ddb884ef873fe703b15684b43dee8079f84fee4903864818cfea3546337691ab3d3a1b3669507fa350387ff99f386d04f8449bfc27a6743256bcc9ebc66eef4f

/data/data/beznogym.hack/files/profileInstalled

MD5 9c1588e6ba35655451157243cf3b077c
SHA1 57c836ca21e860cf36081686555f610b8125d15b
SHA256 62da4d4fe54e8ff470e8c2b90eaeb98f74a0a1e4fb375a8843dcdf0da2624b1a
SHA512 d7ee7b397a5b8fd2855ebae319ab311c02b797f75c0d49a9296d1ad55cfdb7ee411aed836d557ac771b12ec274f23f4926164f0a7ae4e380818ed54fba458c9f

/storage/emulated/0/Download/Build.apk

MD5 7476eabbf756bc6eff06f8dac6f26bdf
SHA1 3d7b362bf9a9afdb5824900a50d25791efba97ec
SHA256 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286
SHA512 ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d

Analysis: behavioral3

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-33-x64-arm64-20240910-en

Max time kernel

6s

Max time network

304s

Command Line

beznogym.hack

Signatures

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

beznogym.hack

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 142.250.200.46:443 android.apis.google.com udp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 216.58.204.74:443 remoteprovisioning.googleapis.com tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.204.70:80 tcp
GB 216.58.201.110:443 tcp
GB 142.250.180.2:443 tcp
US 216.239.32.36:443 tcp
GB 142.250.187.193:443 tcp
GB 216.58.204.65:443 tcp
GB 216.58.204.65:443 tcp
GB 216.58.204.65:443 tcp
GB 216.58.204.65:443 tcp
GB 142.250.179.227:443 tcp
GB 216.58.204.65:443 tcp
GB 142.250.180.2:443 tcp
GB 216.58.204.70:443 tcp
GB 142.250.187.194:443 tcp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp

Files

/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal

MD5 e700982e3d43793efcaf487952f0b0d6
SHA1 47713c96084942e9ae279f8d9d90421cba3f965e
SHA256 ddd33e340188642436955a671dfb3be076a7f55dba6d92538e9290d924845f94
SHA512 767564068340f684856d0e567ff685241dddf3e118b5b717ad84215ea32e8335b4fc1bfd0a4e7c2d764c7f95dd8e693bb22efc62f5aa93179f8dc31f50394513

/data/data/beznogym.hack/no_backup/androidx.work.workdb

MD5 0eb157e1a86d4d00aa601dd2f6ff3ee3
SHA1 fee434f784e73cc7916322e949f727caf8363102
SHA256 b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4
SHA512 b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 7f88805889a46b002e4c968cd62b93cd
SHA1 8c807fceabef27195ee82fa78e3ce0077fe6a5ec
SHA256 137c0144dd4c894fdda8691edc958b547380bcef0f85229fb789a1e67473a2fb
SHA512 c0c7e974f8b887293f3858eb588345f9e759db4183c74ac8556d694f27a4266b8dd0c5301ce720a9cc9eb24e672b13c320e44ec328728434476849d1b2557fbc

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 bde3d7844f49391644c821384ffe085b
SHA1 b259e885dac7370c506331a4876cf17ae6af2639
SHA256 1ed550d3d791dbe4462cffbbcd631b9e7e61ab0cabac3a4d524a32e3d930efd5
SHA512 1278b22af0c397b366409a65a03ef70bb621f44ae03ccb155dbb8dc6a0f1d6f7f8e4df679ada7fa4e8a43c7b2d77ec94d0a902c6225ec7bb26badcee75ae21b2

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 b367fcec50336fe5c92dd39779ec22d4
SHA1 4d35e8efaccf5b2c4ea0f110f060775b7818e778
SHA256 28c17a5dfe6e49652beea2e637e6415f22de7d1503eb8b0201d84057d64134f1
SHA512 0c38df693b60edd25b30d01b2a0948d0d02312d25b2ed6673cc0ce4fa6bcb6692ef555ad9636b9b9d344bc0aef71ecee576dd7454645a8992cbcdf7d0b8abcfe

/data/data/beznogym.hack/files/profileInstalled

MD5 6a1a2ac16b36981a9403317b11a33534
SHA1 4f91ca4ef56c7d3d386d104941f7cbb220e2c3a5
SHA256 b5ec8349b21118a407338694d1e0bd3bd191f4acd6c2aeb984b3a94d92c455f1
SHA512 19f5b2beed806733831ac9a25bd7cae0e0dfcd3751d9e720f4887e578ca1a10ee01696ebf4460a925194e802000ab3db119ee64f75a7b674df667a8c45b633e4

Analysis: behavioral4

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x86-arm-20240910-en

Max time kernel

294s

Max time network

265s

Command Line

beznogym.hack

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

beznogym.hack

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
GB 142.250.200.2:443 tcp
GB 142.250.187.196:443 tcp
GB 142.250.200.3:80 tcp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp

Files

/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal

MD5 0bb81e88ad57bcd0ccda8193b5029c23
SHA1 3616bc93b86f5a9cb5f904f1ca8693c81da93cdf
SHA256 5400aa655c2fe18d2d1ba066e050af357d3d526055adcd0fb021beab7ae41fe6
SHA512 ad93d1845320ab5453cd7a35ec280eeb655f768c073e2bcec815ab6cadb34ebff38f4eedaa57d292a848e66e0118e44cfb07bb90884fef52b0cbb463d430ddb1

/data/data/beznogym.hack/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 d79b92b1c90add4e03c2be5b0f6166a7
SHA1 75b44bf6ccce59a8ab1c7cd0a8a95f59e2e23c8b
SHA256 b2d1daf21c6ef55dae0b5776714d07356c2909e45fe2e1eb68de61365a7101f8
SHA512 86daf00a06d5c45fb8b853ece2912a4185f627803b0d530cc35a1f584d76be9d00b40d1997a4202e5a0ebf487c84a3a8730c09ebdb322671d5ee183b2e55db8f

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 94cf03783f48685a1aca2b5b7ce8329f
SHA1 98eef45dcef287374c14250c2f061cfa83b32668
SHA256 5d72158b57931a79f5e1773a09c5c302a7c9c3f19f64dfb9f8805cde16b95f34
SHA512 aff5dca5630c3d906c1870ab55908fb0e4916336be5b15fa4b01ac99716d86b30e94e6a3cc3c06df0a4f455e4af980135b807577c1aa8ab9fb076f4238d1e61a

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 f579903ae2acc9761b83401008f662ca
SHA1 cb9e197dbc7e7a271ef478233f69a32e16adc6a4
SHA256 da975927120233c7952648f19fc904bc3055bcb4aee77e4bd6220851dcddd310
SHA512 afeebe1de341b0179e4eb0bb763dfe6e28f03fd2f762a4ed4c957dd72e589194388f8f675ad632f43a4731248fc70e03cc99fd36a809777d02e2481a62a5cd0a

/data/data/beznogym.hack/files/profileInstalled

MD5 9b54acd7a6ce7f4a23134fb760483a11
SHA1 b3465ca480cc1d98b514726d0fd2fc183d6ec860
SHA256 39b92a8d005e7f0f337672e54dab4f880876911075686c261c482bb59ba67d78
SHA512 4ec41702e91234b66c42bc85a7437d8491597bf9385f7b37cf26721b80405e1cda60abac335b37e322b96b4a7a5fe0afc74808a94954971d0e7280438b9677dc

/storage/emulated/0/Download/Build.apk

MD5 7476eabbf756bc6eff06f8dac6f26bdf
SHA1 3d7b362bf9a9afdb5824900a50d25791efba97ec
SHA256 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286
SHA512 ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x64-arm64-20240624-en

Max time kernel

168s

Max time network

305s

Command Line

beznogym.hack

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

beznogym.hack

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp
GB 142.250.200.2:443 tcp
GB 142.250.180.14:443 tcp
GB 142.250.187.227:443 tcp

Files

/data/data/beznogym.hack/no_backup/androidx.work.workdb-journal

MD5 ed6032bf1cdf2c90f6f937fa73633cce
SHA1 06d920ea567aa1815352a2ebbcab3f855684ed71
SHA256 b635dd319c94196995c2ba4441dc6ebd9116e9be04f7499954830791689b39af
SHA512 243d6f0b52581f29096e12b2f417e90fc13a45215674bcd402cc2b01f4da9eb1461c1048e4cd18073fe82bf530a7b141284a6883339f7638dbe1cd68f8be56e4

/data/data/beznogym.hack/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/beznogym.hack/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 fa0f773959b664988e74b64262dfe255
SHA1 21f53bc90e80e86c97b12d1f807ca0c086e88a17
SHA256 2fccf3988bdf83fdadfdbbd0ef70a519d451a31884dff70447fbe7f5b05dcac1
SHA512 d5323196cfaeb03a9234bd1f9ad0331609a54f80ea624f49340902dcb7980dd5bf7ee45458c4ac4f9ca481ceca5613303d3aa3df2d05bd515d00c5cc69a89a99

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 6cc3823ce5b101696756b7c34e708d66
SHA1 db7e9bce5d2cc87d198cb1473cabb3cd9db6bf8f
SHA256 195da37522bcf1ab44755495695f1bbce3723d6c23da46125df72f1ec8fc25ce
SHA512 65aa2fb9e9dccdc1e4880865f1ce165ed803cc1ff65b5daea8ff3abe3ebe4692821cae0a1f51fe184a1577175bad992df3214d8e808e91f25921dffd6a267aa8

/data/data/beznogym.hack/no_backup/androidx.work.workdb-wal

MD5 f5cfb75530b8474dce880c3e5151f22a
SHA1 930a6e23a8f25c40ed42b5fbc5ee8eca37a91746
SHA256 dfbd8057d247c4140ca856350c70ef009ef5891b6370ac9ee562c2dae251c2dd
SHA512 c80860918ec693850f83ad988d5ce441bc0513adae683c708c75ac550dd85739b18005f72db15ee70fa8cea68e3b39b95eaa1193625ceab6769011a03c9322ea

/storage/emulated/0/Test/Build.apk

MD5 7476eabbf756bc6eff06f8dac6f26bdf
SHA1 3d7b362bf9a9afdb5824900a50d25791efba97ec
SHA256 2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286
SHA512 ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d

Analysis: behavioral6

Detonation Overview

Submitted

2024-11-11 06:30

Reported

2024-11-11 06:35

Platform

android-x64-arm64-20240910-en

Max time kernel

7s

Max time network

288s

Command Line

com.example.myapp

Signatures

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ipinfo.io N/A N/A
N/A ipinfo.io N/A N/A

Tries to add a device administrator.

privilege_escalation impact
Description Indicator Process Target
Intent action android.app.action.ADD_DEVICE_ADMIN N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Processes

com.example.myapp

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.169.14:443 tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ipinfo.io udp
US 34.117.59.81:443 ipinfo.io tcp
US 216.239.38.223:443 tcp
US 1.1.1.1:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 216.239.38.223:443 tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 172.217.169.33:443 tcp
GB 216.58.201.97:443 tcp
US 216.239.38.223:443 tcp
US 216.239.38.223:443 tcp
GB 216.58.201.98:443 tcp
GB 142.250.180.2:443 tcp
GB 142.250.187.198:443 tcp

Files

/data/data/com.example.myapp/no_backup/androidx.work.workdb-journal

MD5 71ce19512f5d0bf4ca4edfce5a5b66b0
SHA1 7a410bbfe414f6f7e76a3d6678913d105f0f1c39
SHA256 f28eab408742de3874ef08d6024f3a023d1e6875ebb6bb99449dd649a2e20a0f
SHA512 65ab71a8d7fdae0e710d8d5d013839518eb76710324a31d7ae3b4cf4d8ea71e05de90c36dde9d3273ad4cbd73e41308e5bf75deb8b4a4385f2c657cb14c8a11f

/data/data/com.example.myapp/no_backup/androidx.work.workdb

MD5 7e858c4054eb00fcddc653a04e5cd1c6
SHA1 2e056bf31a8d78df136f02a62afeeca77f4faccf
SHA256 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512 d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

/data/data/com.example.myapp/no_backup/androidx.work.workdb-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 2345b4fea7ebc8810a0320135fdb9e23
SHA1 9904941644a518e3c49ce6416c85a907172bfe5a
SHA256 3b5e2d738926deaa9e3b736f74654a7cd48f5085ea735b4825b1489ab6736404
SHA512 cb26c6ae10f8d719b88fa1f1d68838c6e11ba6220eb0e2f563850bb68a046371de12d6d37fd4ba4e72fcc082c90eecb44b11775bc1aa27c60cdff97afb535567

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 cc3b7272480fd7d2331949f837aa7868
SHA1 ab06d13154145e202d961da1812ddd8b94c40673
SHA256 169f4b50859fa6f432ba55689104e7969c684db0096a1c275506ae2023d66bcd
SHA512 dfad7b13bde6b856bdfc697a7a77f72521ce0bd01fd369e939d0a2ecd9700801480f20e3f8101153da6ecd8a2d6c873806a8e9b7811ef25d2198deb0ef21f6c9

/data/data/com.example.myapp/no_backup/androidx.work.workdb-wal

MD5 38bfd0b5ce403f76787baf33a0d92565
SHA1 f3518dee1711faad81a4c57ca4841f021b401da2
SHA256 1f72f75b9c1cf8bfe12f205a95c2e229419b8ca1adf96807cdf398abee1ac250
SHA512 71e7295586f1a772ec225d8298fddeecdc194cb2dd4c7de17712829d5e57694871934fabe54195b9dc368a61c5fd9d0f1af1b9ae0d2d2c4e1ce376d2c40d947f