Malware Analysis Report

2025-01-19 05:48

Sample ID 241207-nezbvswkgl
Target Mi Claro_6.3.apk
SHA256 539704e94b7c35db615c77221edfd1922a354caff36afa4c843ea29e1741d072
Tags
axbanker discovery evasion execution impact persistence
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

539704e94b7c35db615c77221edfd1922a354caff36afa4c843ea29e1741d072

Threat Level: Known bad

The file Mi Claro_6.3.apk was found to be: Known bad.

Malicious Activity Summary

axbanker discovery evasion execution impact persistence

Axbanker family

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about running processes on the device

Requests dangerous framework permissions

Reads information about phone network operator.

Acquires the wake lock

Queries information about active data network

Checks the presence of a debugger

Listens for changes in the sensor environment (might be used to detect emulation)

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-07 11:19

Signatures

Axbanker family

axbanker

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-07 11:19

Reported

2024-12-07 11:22

Platform

android-x86-arm-20240624-en

Max time kernel

15s

Max time network

98s

Command Line

com.claro.pe.miclaro

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.claro.pe.miclaro

Network

Country Destination Domain Proto
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 142.250.180.10:443 digitalassetlinks.googleapis.com tcp
GB 142.250.187.202:443 digitalassetlinks.googleapis.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 216.58.201.110:443 tcp
GB 142.250.187.227:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 163.70.147.22:443 graph.facebook.com tcp
US 1.1.1.1:53 rwscus.shieldsquare.net udp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
GB 142.250.178.10:443 firebaseremoteconfig.googleapis.com tcp
GB 142.250.178.10:443 firebaseremoteconfig.googleapis.com tcp
US 1.1.1.1:53 service.imiclaroapp.com.pe udp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
GB 142.250.178.10:443 firebaseremoteconfig.googleapis.com tcp
US 1.1.1.1:53 crashlyticsreports-pa.googleapis.com udp
GB 142.250.200.35:443 crashlyticsreports-pa.googleapis.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp

Files

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 18b29b5f01c4ad2be8d8e4cf8cfbb436
SHA1 3341f2406d2030bd34d661e4e580a5dcd6ff283c
SHA256 c237ac251d7c9ad7fbfd6d8e21058527c479c771e56179ed5960541f10a8cd19
SHA512 9ed001a3c2bb5e3e2bcb19d42e33bf4cbd3fec01dd15fc8f6b651e3ed38ac1dd31570979a8b874928e0f32a4af9089384dc0f1d63fc104c0b65dac7779595d81

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-wal

MD5 b483d7637f9839d04161f1ece9dc0be9
SHA1 fa9df56e970c6d44f495bdfdf9377cceaa9fc578
SHA256 de32b26cce31ea52d0c247c60f52716a02ef3f04307c24d1989f8b20d017e236
SHA512 451db545f0787500adba2b224b4b128c94b759122948e423f5c4b5017f8e7c6f6fc52aa7fcc7c0ee947933edc50ed0a8005de1cd2947f29cf053e38c13a60fd1

/data/data/com.claro.pe.miclaro/files/PersistedInstallation6103903731937141525tmp

MD5 5806e5efa63e1103f1824284b6953ca8
SHA1 91e59022523153dcbf48db853add7d498dbe67be
SHA256 92c5a20c00f719d5f84bffbc21f0cc1e414ce013e6734a9386df056e89315fbb
SHA512 c5f9ecac6fd43cac94d25d34d622132ae9b723ac74446314840d428c4c7642718f379d4c8de005a1ebb83a72c59e8cda501f7450e6d4f37d86c3c1a38bc612e5

/data/data/com.claro.pe.miclaro/no_backup/com.google.InstanceId.properties

MD5 c81d3a6a59b94ae6efebb1eb551c2021
SHA1 1889d5b0f5dec337251c1d94c2848703a1356683
SHA256 3d3630e6229ed15fb22f832d745aff3f6c56404ed36d7f28b2c594364bfaf461
SHA512 e4883807f807b3239bef896bb65bd1b39a1e971c0d1da22b56fe15cc709552d2132d98ba61099b5e55f8424c106a922f6173fbd58ac7af380b0b5f7e632d7da9

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4BeginSession.cls_temp

MD5 bb3ba92c80785378aee8403e82997e1c
SHA1 26ea0b43f87101d4efbad9424afa5c5a0642d59f
SHA256 14f1e7a5d18a2c9f2c698e03cf8eed236da9b4a2f000332b15ab11884303c6cc
SHA512 5f61204c30381442ae7d9a460bb7624de16f80218f70abcfd896b08d4a4994daf04bf87f76a3cd1811dfc2e937867e4d5bf6ae9dde6f880d10019b209c14e630

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4SessionApp.cls_temp

MD5 1a301fb7ad717ef61d34b958e56abecb
SHA1 f19b2e3a79590f1c232ee267f883cc345a91ce45
SHA256 319b150b39783270e71d7aecc67289e9b667edcbe18ad8170e4d2ed5096ea80c
SHA512 793d58089e8a0ae66b76abdadbb14f4bb1e5d4a18fb37ce13db9c1d9d07ba738644efa1fae467a561b50a2c1730145ccc683dcaf82a45159a4721c66585621aa

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4SessionOS.cls_temp

MD5 9b3d4522944ce6396563812bfdb92fa9
SHA1 6d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256 d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4SessionDevice.cls_temp

MD5 cf9cb0612d588a1f71b63084cea67316
SHA1 3d035bb92fd3f8997160cf8025c40239af74d3ca
SHA256 0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9
SHA512 70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5100E6000110969818B8CABCB4/report

MD5 4a1be604cae973500f7f7429975c53d1
SHA1 b873c6fa8ba387ba74f3e573545757ac3327c420
SHA256 0e312e683396486acd6e8179921b6271735a2b0d74fddc5e158685593c4e0b17
SHA512 c6e93acea910c8a9934a1b42e74d9050326c2a845a23c755b6988a377b06bf5813059d3a30401af0e1551830ca93ae03d6e11299e302bcf29f84c765a5bdbaf0

/data/data/com.claro.pe.miclaro/files/radKey

MD5 9c37eb061b871cc840ce54a4bc0c9546
SHA1 66612f6b5c1c3e499cee20fc0da6c748127f8a8f
SHA256 47ab17d23e1f77c12e4b1ff3e950d2f2bfab079e11415ef84bd356d91f935ae2
SHA512 0464851866ec4ad3c95c98c63f46e18aa16fd49af5e37ca1ad39e8ae39038d75437c6c32091fa0b46d31164cbdbb91cb0126f33d7b085a814388246df678eea9

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 c5defc773e9f98807c9f5e7130d31672
SHA1 43c5be6e8484d1321401112335610b1d275f3335
SHA256 e94f3b020a8278b6665651acf3abf109cf3f13dc4a4161f00e753f0e9dbedbf4
SHA512 a800f16191f4001863d94d5a9bf23b3a850331cde3b1a273f5ee893a3ff1f5c84f70545743477256dd980aa0ef3f735165f3bd2cea98d943abc13d18600422b8

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/com.claro.pe.miclaro/files/PersistedInstallation2308241873913197071tmp

MD5 6bb69ea7ea9860b160f5c151ca3388cc
SHA1 498f7b27a15ccda01946c924805958cbdb35cbba
SHA256 8979fbff1d7c85e1ac42923bdf132332b77a23920d898a739e0c7abd2cdec366
SHA512 1f93c4c93aab68b9466388e3634fd1ba3b6607380b145309fcc86262e5a113663c15832998502454f30578feacd3500531e549515f8736d2df86e482936de88f

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 f46daa1e2904e296aec8f6daf98995a8
SHA1 8cd49e934f8d7391fda828861dc4aa7fb7bbeb8b
SHA256 501bb272ca1353a507366d9e504a32c8e1280c3fafe4da9d07c31d2c88c424fb
SHA512 a36211c76df31001d82bfb88524f0e4fa1fba8a07a54bbd14b3493f1f3ef4f30ebb5fb86f70eb4bed4fe3ed2109484f69bf9826b4359c9b868ab71c39272a427

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 98c70e57be4805b0b309872698fa5a9e
SHA1 822682464a2e343d8810583f5dd39f000f4b856e
SHA256 2fecbf9b64ef057d24cd4daafe3ab63670c65cfc2509b5c50ecae6efb56ef065
SHA512 425fbb49d3a25b9c887fd598c7dbdbad385dc21272cfcc42470e4d3e6bb3e52836dbae869e11b8f65c17a126ae9f8c58aa193a67fe0ce2546573f88c2f91e8ff

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 ac51a5db9a6c33089ef0df18bdd4bbeb
SHA1 7aa5c5b1cc1a75b3c0e5285772c617759cd55841
SHA256 271fa7c8879687872e7a179d09354c6dc016773eaf977505da3c9d48d422cf6e
SHA512 f8a72f6391f52b87f81f6c49b552bd138de0bfd52c00433519bc0812d39070602493dc4ac99d85b3108b61dbb404181225a06f40b89702344223f6563f665624

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 026e33edc038dd8c423af604d514d373
SHA1 b08451e447a61949c7b09a92cbc6d51abc1a6056
SHA256 8b99b2294795fef4798d0f04ef323c8b13f962387a43d37d2b81792ae0236024
SHA512 7e33fd6d36b9fc9be05a25b7057d53ffb02221c46f73da8dda71a51162c57bf01be9c96d696d50d937c5a4c2df1a2c00442c7b6e69aaa7584cee6a4cee53286e

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 6078fea0d3a25d5853d661d60b061e61
SHA1 780eabfe939865789bcd519787b2430fcb7377c7
SHA256 7dad4e432921bc9309e6fdbaa995ef7c6d3e9fc7711a7b4bbfd7d21e65236069
SHA512 f6a39a4013d44fe06114ecb41c967be85c2f110c652258bc377593a61c02164107e7657be3ffa7bf137912550083de851e8ef0b7c94f65102e1549c8dc304f4c

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F5100E6-0001-1096-9818B8CABCB4.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F5100E6-0001-1096-9818B8CABCB4.temp

MD5 ee867f552a9f22cee383a6b2322c03c1
SHA1 fa31402faeeb3f42f2b08993c916ebf18c31bf2e
SHA256 525461438be4e321b7856156f9dac2901e9f7145ca8273bdd17baaec4a52e40d
SHA512 46c047ee7d08e782c9bff09fd32a7dd233b9d60beeb31c5d0d21623f4db11ccc146e7289632ba88f4dccbc84b30685180119bbecd8f3ecd15c09f202b4142eb4

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_defaults.json

MD5 7cd51f77f78cc21b91bd979ede3603f8
SHA1 d7191dea9030fcd1430af39fa534e67fa8c28a7e
SHA256 0b4c94aa853afc5f1737320d6398f4e44b9c0c2ce5c7a7444df48d0a95522c41
SHA512 44980c2a96189ad05aede90684d4cf78f583be145fe7acd0fcf42c91e14138d336d8f91fa139c02ca7ee8e138feb3a9b51b436d9e586e8a2a5fcc2aec065f999

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 5c40461cae9d3a87503325384461e3ef
SHA1 1454bb42f24e6005889c37ea98917a93b387aed0
SHA256 d53ad2daab06b642fd7cee92cb5e5da797fa7f9b72d52b4d6cc9e187aa3f97e7
SHA512 4bbded34660eb532fc25ee633c18518bd60c22add2481d9fe1b7e548fbd61b31fd6ea45512d6227fdf17546ee615723482fc7086ef27714cbe53223c82a2b6d6

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 3103915dbd783aa8443f18f39c736762
SHA1 c71046e45c423f39004b1984988daa3745b86483
SHA256 f9950c7db898d8de466f61325d774a1ea33a83a6260b28b4b31227589ecf71f7
SHA512 7261a7adcc5e0e4ca30d274eecc3d5b99f73fa9033fcaa58f669288e01d93da7ecf559b1b90ce1cf68ac19ac9d9099a3e69e0d656e50b713f22549ad80e5c029

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 8fef3ff0b5186aadb9715a9c7a6cab9f
SHA1 ccd550513c830c7e1a0e2747c5e47c64349fb4b4
SHA256 9fe6bdc3b823b8c1ae7df3d6121df5d3b8158139c335b1c3be888e835cb5dac5
SHA512 cc02e319de6d219f57d990b698a3b5c03d93add5448a4ca75b5033fbad0b73e47eaffc6e724eb6c5e2363096f80af715590c653f10b37899c4af21c05fa8d0a9

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 e755699d81591070e4af28d5ff31dd95
SHA1 f31452dbeb17fe8ad54641802ac9361b9cac9eeb
SHA256 0b03d4fca0396eb30e128a554e8d7039f3175deb7c426aabf53a0141a163cc3a
SHA512 811e045ad3d39babbc9000f0a076d7e0e09f4fd792d18b87b7f754a0d6ff3c239d21b9f135dadcb04a9ef78fa3b42569b9c7f4bccc3885ae387106a764ac3eb0

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 dddd695a27f9e0dd2241331b4f7e537f
SHA1 531ad313fbc666399e589839ca7ff2b5186d2bd3
SHA256 5fb06f7d039cab32913fd0f3ad355e854970752fd676f48e4ef51ae1a8a3b060
SHA512 bc9b3dc167bab6816e8f5100b0cc1ec706e61b6c85972cf06d354b98b2482cd6869d8c8dd785d67d4ade1be11ca3aa41728c647a2f37562fd77b7358e4562c97

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 1e288d24bbba55b0de75084f2e50ee5f
SHA1 f4cc9215ce5c6be3bd8bc4144b39aed0a929a523
SHA256 8c679e7bd44273def1671227cdcab30763a50dcbf5322b2d8e03756e2ed289f7
SHA512 95a367d8a5061e7908f5407f6c3119c615e35566f0817747bcbc6d35c2589447237d2f0169246c8fa2538843f4a9e6b468f588735f36bc766adf289a82601c2a

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 662d3e9c5270485dfee93c2124406f03
SHA1 7ed625a8fbe88237d69fdfd842d4aab56c69fce8
SHA256 d93a55f1dcd39b46b1fdfea138148507fc6b956eea4775b9125b6f688cab26a8
SHA512 234aead1486b66f6f694c870ba962419d0b760842ce26b7faa88966a8ab70bcd99142f388c24af0b1d0b68b663007e14ccd7d590cb4a2eb42be5d6fc61c0eb8e

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5100E6000110969818B8CABCB4/event0000000000_

MD5 43f3378ae538da666038e3406b450913
SHA1 d1ed4aad1c8e0508711dbcb5856b66f809b51862
SHA256 c9436e7ee4011c0134972ac69af8690167e8772518c96bbf92f093b5be5f4f71
SHA512 a8012d7ddacd2236a17301472972dd11474ef6bc423cf0bbac277c917b34d8a22560908341b06131bdfecb784fc68c74539b1c61d6b407f4c9721abeacf8188d

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4SessionCrash.cls_temp

MD5 90f04292c926d22580e0d49145f13192
SHA1 481d69deb13fb6561ac0a4757debf440d6690ed8
SHA256 0f4a1223067e7417ecb85071cba23232580b81904fc462b6f4d9a39d42b2258b
SHA512 61e698da35b02d489738c4909a20e9c5580c16a3e4ec13c5eca55b313fe7fd2d52a8492d940b036d1500eaa40a3944a0e0af96644285bcec318ad7f61cf2e4c4

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5100E6-0001-1096-9818B8CABCB4SessionUser.cls_temp

MD5 3ed7a02f7ecd29e9a0da73bbd02b94dc
SHA1 ac0e7b5b3976127f95e987bd1f27e504b343a305
SHA256 dd385bd6d860af19cb2c132d628e3d6872d7b89b3bd2d50f56253bfcb84c78ae
SHA512 115fde1208bce0530dea2a5ce627349653d304274582103eda80da3e254ac4c3963444af769ecbda4bc609d89b2816e6620c2eae88f7b3cf3c5e9de5491855a0

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F5100E6-0001-1096-9818B8CABCB4.cls_temp

MD5 42c69679b7ea52b44032b1a998a63131
SHA1 0eb908a7c6217ac4478fc4f0c7ae42d77a29838a
SHA256 81cc298fed934ff34cd4bd0ebd78eb5050cb68fce63936ee472dbd96377d328d
SHA512 db23b40c3472d9b006c2b8ed502e8088eddd24899e79514592b19b66c5a990da9d4abbffe55ab23c3fc69dab6807c9bc70b0a2404b48fcabfbfbfd11828f4220

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/priority-reports/67542F5100E6000110969818B8CABCB4

MD5 ea0014da9a3d31895a93614019a59a58
SHA1 4f3c229735630ffbd2f7a5d3703e7a5726481203
SHA256 55380fd9801dca202cde0925e1bba80d43e14f757522753f2f20a7485d1edf00
SHA512 7c346ac38ce8ec51b16c8ce38d6e159828261b71abdc881eebc323418ed7220f32eb315375df823052d9ddca86c9df81fe49beb9a8a00dd87ebc408f2755e03a

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5D0171-0002-1096-9818B8CABCB4BeginSession.cls_temp

MD5 10842ee4782779c5996ab0f40acdec69
SHA1 ab1b57c86f1b7deea97e8a9673530a6220aec16b
SHA256 f0d7df606d1bbdc7ab461ecde16fc4c55c4cb8956ad96bb73ea5523370da6f53
SHA512 7168aefd4d7443c32059a589342c224768c8f0c6c799d8bb5d5d249ef59bf4d16d688a94d01b04c25e310adb6430848eab1481e0a8fa27d94b74a339867ac5ba

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5D0171000210969818B8CABCB4/report

MD5 69aac3df212493f727324aa0d7cdd0aa
SHA1 ad88a22d96640bdc447bbe3e8848d6422c536bb5
SHA256 c5504c44350ffbb1b381b2c6997b836f37532bafb4817c7ed8e609c35bedb953
SHA512 996daa3b0dce046521a2981077628bc47c8b0b2d51a5c83145f74e6fb6627e56419da0ab0073514d9bda810d77578619c43b2924d873e56f376c39b5c6aaf5f2

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F5100E6-0001-1096-9818B8CABCB4.cls

MD5 9b4bf2494fc11705866c1dceefc52d62
SHA1 2662d1720fc75b69981502257907b879bf847e52
SHA256 7a09939eae9c517a44d1becefe9bef7d20ee8a4c093e051e860c3bbe7c3789d4
SHA512 c70230e56aeff07a50ee2b4aa513b1434a9554c0c164f181f327ffa7c2a29c97ed33f1ce3d859bd6c25ed916b008b41cbad0ee0c402dc3be3c9917bc8076593f

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-wal

MD5 1b2f20284de035100b2dec5da1fae06a
SHA1 484c834307798860e405e78515db829f64111d11
SHA256 b7cf3ac48556e4adf1697930bc19f65cfc68f98620a3ee97aa0ea45469de94f4
SHA512 2446fa1d005f8507527881339bd3a9fa794229c2bd7a8561c2e22172e805fd1a716ca059cbca49a04c7346b604087ba5f8255ee638492a116aed328d0283edad

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 030ab07ebceda9bf9438a07ae57f72be
SHA1 a47d0a83dcb4dcdf51acc910d4c8181663075b50
SHA256 af8662dd6c387a04528c6d72e09d7356607a4f9b817b8200a202422ae86ff1dd
SHA512 ff9a1acc80e5a2858559517681630c7fe8bf2546011a8336a286850d0056a6bc419e861ea760d0d7d38d1f21ad1933964184ca29d43902aed9f8083d45bb7f88

Analysis: behavioral2

Detonation Overview

Submitted

2024-12-07 11:19

Reported

2024-12-07 11:22

Platform

android-x64-20240624-en

Max time kernel

13s

Max time network

157s

Command Line

com.claro.pe.miclaro

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.claro.pe.miclaro

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 216.58.201.106:443 digitalassetlinks.googleapis.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.195:443 firebase-settings.crashlytics.com tcp
GB 216.58.204.78:443 android.apis.google.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 157.240.221.18:443 graph.facebook.com tcp
US 1.1.1.1:53 rwscus.shieldsquare.net udp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
US 1.1.1.1:53 service.imiclaroapp.com.pe udp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.201.106:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 crashlyticsreports-pa.googleapis.com udp
GB 142.250.187.227:443 crashlyticsreports-pa.googleapis.com tcp
GB 142.250.179.234:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 172.217.169.42:443 firebaselogging-pa.googleapis.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
GB 172.217.16.238:443 tcp
GB 142.250.179.226:443 tcp
GB 216.58.201.106:443 firebaselogging-pa.googleapis.com tcp

Files

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 7f7e58220a7b4beb99a4bc33afcdba76
SHA1 2f2b19c199ce906d384bccd996e3e601a27bc0ed
SHA256 aab5eae93f8c43b9d773f46e115d26e1746d9498e439e4838bdf8fa33d31fda5
SHA512 b4693eea6e1882d8c9f7b566243e39e8d899f158e2738ce725a7e3e21e115b6fdfb2c4eefc81cd2a227dd9f89edd01ddac8b4e1a707d8976d6be47f02fcf1925

/data/data/com.claro.pe.miclaro/files/PersistedInstallation4852565576547108229tmp

MD5 57d6e1c3ad26a28b08330f462e18a64d
SHA1 48c9f07ce53b71fc4305cf016bd8fc0051be7fa3
SHA256 9db7801e02a1999cd0d479e15102529a0d59593f931bb93dd426a5bd1641e6ad
SHA512 db5ca248f9c09490f8185fadcf2d0bac72c25a946fa8a35cbb74d13ccde38907775f018cb23c09a89a53b31fc795b3876e4b7ea530e97e513d6ca06aaddf583b

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events

MD5 9c1d2fa8ab4ccc849ceddc2c9c8d2d4e
SHA1 834725d52774aa96cf297fcae0a875dad8e4bcde
SHA256 447d71ca2afd016a712e576a256008b1c5eee35d4ddbb0f1bdbeca5245f5308c
SHA512 c51aaee236e685542d54244c7cdf0bdd50e5b05d2de5c32311318c7dcfbb8c1f3646f862e389ecd9420af0de24c40c1845ee5f2fd2c7178c1fa04b37388cce5f

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 75d9c8d1c9f0beade647e6e21c8297c8
SHA1 037d3d73c45f21483575f2c0e282d2fc9ab6d8b8
SHA256 94b9d075901618d23f50443148c2ec56a9351a84dafc759a886d80abe2818a69
SHA512 030e3ee30d93108844f96c9b5a7ef4f254f70fa1b54a35ae70e65c38314a28a8310d04291e54f5d38593e83a1ee9695880fb0aa84f95817717e47e8bdb365cae

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 198afe38897b62369756e49b54e67283
SHA1 757c3fd81ba565afe4f4862e250eca1ecc3920d0
SHA256 215016df37241e24ce03f9cbe333b8da22222f97bde37669f2aaa90124fe8f79
SHA512 db99667df4a5532609963241648d01715cd3b5e5344a5816c2d909e17a944b5f6a26b1f13ecf79761aa96e6c584bf9220bbc4d858f52591b9ce5390317fa3c35

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7BeginSession.cls_temp

MD5 67b9cf73d1a3f058d3a78ae3167b40e1
SHA1 b6df2327b8aa708d89fd47f2f42c93a9f03ea38f
SHA256 b9bfbbfc3c94a85c0537c4918cc3e91abaf2113890827311ddf7e972320fff58
SHA512 2e77aaf374ee1bdde5905bd16ca083b23b37be39fd14dfd5dfa8e354c64ac97b805593f6c5099a922b37c095bc39fa618a8288e4cf76e54940fb08f4209dab33

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7SessionApp.cls_temp

MD5 360772aa76c1073f8a8898cc7d514c66
SHA1 c2ccb05a3888eadc58965df8c57fe63dbd0cc0be
SHA256 cb0cad4ce204a663fea636595ae08d74b3b2d78d7544e1e7004141954adfecd0
SHA512 b1bef39a099e47149492529b98d773dbf5fc2d6286f5cf28137f785a07569c0605ef516814e8c52fd3085e11ee92d06acf21f6f995ff1aef368a2d16c0e05e34

/data/data/com.claro.pe.miclaro/no_backup/com.google.InstanceId.properties

MD5 49e115c27a09874668904c5351d579e8
SHA1 f14ef5dac0a2fc36c0a713ea71d5ce224d89718e
SHA256 68278993ddf4b5af5e7fd66b4a6a1838ec1ba1563c3ae6e975a2078ddef5555b
SHA512 608b998a80e34b6893d55b5506d8eaddbbd42a7977b35ba428a2cf7f952e47a79ea500e8d7d96738ddb4978ba1b2d0e60f11d1d993a2966005bde06eec88a4c9

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7SessionOS.cls_temp

MD5 2566d27ce8c28d8961f082c375d7535e
SHA1 92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf
SHA256 5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a
SHA512 1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7SessionDevice.cls_temp

MD5 2390c1f21db00b20c07107e3ec7275fe
SHA1 e663a646460acc071aebee942cc1776c23d77655
SHA256 d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699
SHA512 43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5200BB00011360F39A719F32B7/report

MD5 efdb0576c0a9866fd860962d42c0fea3
SHA1 fb6e059ee70fb73cb1c1a43b6eef2ea1c8290cb2
SHA256 d649a4cb0ad97cf70cd4bbdbc4f81dea0061ac173b4979900bac4161d7db2e0c
SHA512 ae83cd7cd9681222ccb119e0466842ed07375d183e149132fb2c5eeb5957c729b2820efc63b36b54b6ee15c114819d501a6e7134cc00cdca23ff2f7548b2b076

/data/data/com.claro.pe.miclaro/files/PersistedInstallation3337976796525143696tmp

MD5 ce86d1dcc151908f9e9dfa2c5a93558b
SHA1 971cbf6c6fca586c6bdc4d03a4e242cb23ffe6d0
SHA256 fd481e89a55e407d76472ae1a75af95267d76d5c407ddc13fd50c177c222ba29
SHA512 a25a903ab96f4e8719b971ebab7749978be47b54b15ea581a4869d5653edb166410e12622ace60f9f319ff538a85bce5999e46638e89eec79845a4977708df9b

/data/data/com.claro.pe.miclaro/files/radKey

MD5 7b224d520a89b5422cdad7b8f451da3b
SHA1 b47a85346e5e9bd18b6778361a71fb0ec7487ecb
SHA256 f0e863bf58239cea4a09fc2deafbcae3d6b55aef5e517f27b7d7bdfd470254ca
SHA512 9e70831df117ca02f23adb14d159d0c81966d8abe0d6fa6920a7c72cef1d5529678919dab05c7f422bc8e6a607b338d40c92724cac6b57be0742661b8db1edbf

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 3cd483a233c645331dde09640b94b25b
SHA1 6abc1c3e148e29cdee487d8270666f4741f1c4c0
SHA256 a6251f54a01cc0f130ed063e36e2b9ccc355c0b8b627b2242920bb5b1a8f55af
SHA512 bf0e1eeb225282729c7ee303d562803f0dabe917008d00592c12ab070242cbef7fa97d6be8a6630dbc3028b9a2945016f236c785606078c91da94a8fe9f80efa

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 c4dfae50135a80d78cd941d757995908
SHA1 c3c3d4b331e913bd3be0a7b77125dfd92f7f11be
SHA256 f3a30aa536a1b399d35eb36b14454514cbe0aaa18ed0810d3e3d1da064dfaac2
SHA512 61ca24e2533866b819c6773a8f601027f600fa4d204ed2d82cfd34cd70cb7434843b2ecfc61e9c5a35525e5ba5432ad80fb31615e9ccb171fc81cb834dbd2aa9

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 86e0b235ddadf1e3c9de9fd4d11a70c5
SHA1 f2b0617567ee5587b72c76b3d7ab751f98653a12
SHA256 63f898f9064548eadd4857fe7ef756c0665a993806902c3b9eebd12572f508f6
SHA512 29607368ee02e920cdb3cea17f58e04b71f94b876bf3f96618a99ac99c45cd27ac3cd5f542db89b408c43d687cdf03e960b5e92c59b324d2ba8c1b177b3271b4

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 8ffc9d98981b5c5b9c11c35c51dbb3d4
SHA1 ddc779a354aed4a535c6d43b81e2ea2e25af1741
SHA256 a1f96d18d169e18bc88b0f122f287da6307e89ecd3f6bf190b9388444790a5de
SHA512 830667766b930f5729d435313835b32ee6472dff5ac49cc4ffee326fe00021824b1c321a9dfe6f4de204b7d1d1ada96ec9ecfc02d2d03edd7fd667d2a25292f7

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 b5ea9d6bb84a1cb3e967d991f036237e
SHA1 732c00a74a229e35d2273ef06c1e090e7f42e61e
SHA256 c10a7385617511b01f76d2a7106b41e72815965121d378ec7b89a6fe11b56da7
SHA512 b0e1708dc3add595190e8255e505f0b74afbd6e1a3b76d4b96d005b02dd70c8d1ab71e9173b61969b356938387cabfdb265ba76f8b8fa60fda409366b63be292

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 f0c8774348c960566dd6e357a8308f68
SHA1 a690134fdbe50d84c2641324b66cd951a29b8071
SHA256 7ef64afd1b74e4fcfa84ea2cc0296a88f09d441eaa53c228a880b90809c66bbd
SHA512 4f26449b10d31b49bbf69e0a9adbe3ac91bb60507b5109e9a38a3ccf0e89b1456c6b85b184b6367ff46e9e078311557e00d5ac11c9a4d16fe64897eaa42685fd

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 7039791efca4b1858d395ae7e2da0ae3
SHA1 42d183bcd881c5e91f8d76f36420d9f6bdcfe152
SHA256 6c86e6c888ccb4b998a161e10b1e2fcc24af315a6e12d12432269c936861a817
SHA512 f3642f602a63cefee8d45870ac512c5507995302e4f54bd730ecaaf494e57515b4e115d25bbf94f359a923021509fcf3f4cd0bf24abc95b539c147c01e204cb7

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 74ab557d6235b4f757ede804eb9895ac
SHA1 610c2c68c2ffc0cddf5dfd20d702530cc82c6d9a
SHA256 7a5f824f01c46225e1208bc6c2293f0773e3e7b3e09982990cb3b6f9b6203487
SHA512 12deb169708945a1c94aef3d05c1e60f7ab93adaa945e468cbb9fb94abffef759e86d106cf4fce13251501230cb33e1b1678239f118c8dcc1ddc8a5c0d5f0943

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F5200BB-0001-1360-F39A719F32B7.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F5200BB-0001-1360-F39A719F32B7.temp

MD5 646c4aac56131e16b85be68510d22816
SHA1 994d172236a91f89a06ce98d9e7d680a03dded19
SHA256 d945db9f50612e07bc775addc116f0c1acaa58d3426ce29197a8633eedf5fb24
SHA512 1a17a5367efcfe51d1720d178aac54b2c4c480f0fc07269273dffd0a1a90b9933f7466d580516d1c3f103711a755bfaf8b1cc1f55d770c1fcf77ef30e433fa9b

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_defaults.json

MD5 7cd51f77f78cc21b91bd979ede3603f8
SHA1 d7191dea9030fcd1430af39fa534e67fa8c28a7e
SHA256 0b4c94aa853afc5f1737320d6398f4e44b9c0c2ce5c7a7444df48d0a95522c41
SHA512 44980c2a96189ad05aede90684d4cf78f583be145fe7acd0fcf42c91e14138d336d8f91fa139c02ca7ee8e138feb3a9b51b436d9e586e8a2a5fcc2aec065f999

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 02035f2077dddbd9492828f331ceae8f
SHA1 7d07067263f9ac7ec405ae2691dd309e40aa07a1
SHA256 1af207f87dafa9d6aadf6c434b3a129cfdf06caeb1209fbac8c2d95dc3f6c284
SHA512 d6d6319a8d570152a5f0555f7087a2b8e8230a41d7c14f7b4796dbfa536eaa0f0ce4450832ede81498bb346d6db2ae1a2935bff5cd9c77aa905f55a0bcb9ce12

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 2aac000c04f33b719a132ddfdcdca920
SHA1 2d1f55110ea19119903c29d3468d27d174bba637
SHA256 0a140bcc0c35c89ac27de1cd5481e143efd66e415a373f91426bb1367614d8ba
SHA512 8aeba9413c91d13e0883f7b9541917e3ea15046b86b342af2ff73000b75c47c1ed1fab14b865737266e3a91055613b67d0167c21d1bdd2a50192c79372859085

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 346a7db5ad1c18d1f27e0c95eb56874f
SHA1 a91f95794f510adcbb8d19413fcf0eff43700c51
SHA256 8f3254c1d7b04fd7ea4adb54f6000ca249eea81d11796d3c6d9d27a7d14ed60d
SHA512 6c66f6b521b8e475c7b960a232e5c85cf87ea3dc6ad0620a5e4b57dde6ff2d71ed1544226fe80f86dcd9d47ca3bfe4b12d6d680e8b545bf353282081d85120e6

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 13204b95e9c585fff0def70268244259
SHA1 3e7dc1c4734d697feb487de1054b105b03f53222
SHA256 67b676c22327a510e17a0d5ee8266676f0e69482d3a93373b17e9f8b21e64065
SHA512 47c2bad83af36379858bf047ee3e9d4a57a6a77d6daf5cd4935090215dad9821f2763b57a7d5949be8832ea2e9729cb2b4e4d3ee2ff1280e318cb56be2d0a5a0

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 acd7b692111a87c26190dc5e07076d44
SHA1 7578cb5da5ca6871d15559398a3161ecc598f5d2
SHA256 e09289f3661c8f74960a6245675066a6a8555fb5778a4d4a29edfac6f16acbb8
SHA512 9f9b41f3de7757ffd6c4e48695f46b0537e9b86372a6fb8cbcb5ced05dedc81badaf218bcb414ed2ff0fbd4ed13d4d7bc0bd5c022ad3b7b37c87b0d94ce7eb97

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 b6be49fd6300298d45ab645fdf896e59
SHA1 39f925f088cc5b5369920cad7278d28e5c66fc99
SHA256 1785caec8a2341f6ebd9e5c0453fc08e6fbd02a47abac2dc8a5604c05d6ca598
SHA512 81c625ccf34d7832d9fc2fa02625ce7abdecc989256618b531c19475a089797ca28bec594032e7b9d759c7a0bd93ea19f0f719b93b20b325364a6c0b67fbb94b

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 75337c02f28276fb2612e98a65fc7728
SHA1 47e02932a1aeef3fbfa5f6b09667791f2340adee
SHA256 dc2d0dbf9363c9c0ba68afcfe98602d7d19cb6ba3eadb1e80f07a89f3de62b64
SHA512 7dbf483c7cad1540109fa07a2100a88dd04285d5db332591130e0fffce15146ce5d63e4d8ba5e1b1d3836698228aedaf2fd21e8154ae34ad3a60ee73a0dcfd12

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 45dc2b6b2e24c414c1444d2fe2738101
SHA1 0ff6ce5a187589e87ab1b62ab8a1e721e59b3604
SHA256 dc12e678f366db85146acac84d15101be21def9ad83252124a68b9e1398fbbe2
SHA512 601e3404b47ab11695a222b4b9f1bbd0108c8ee7cfba2da94b1a146ee42e66e14bdbb3cd5ce045c71a4bd13464094702a3b2af10868e4b04f16fbae32e7efbf7

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5200BB00011360F39A719F32B7/event0000000000_

MD5 b2b165998e070cf1b54380e1bae24e39
SHA1 13b3e7f22e8c3b71751f6eb5c21e7d5a806aa159
SHA256 28051f0396d140b5735c506009043be851fc557dfae401a0f65429316f0710af
SHA512 2d2ff6738ca0cc1f94d8ebd0ed72e062acd639e054d7f2fd7ac7bf958a1fc08235e0eda9b1b805f8064db5a2105cd592427d4d1e61bad8bb2192a3997e7b7d00

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7SessionCrash.cls_temp

MD5 e45aafaff445d8dd1e96d9c4e680e7ac
SHA1 d7f93859094a7cb895ce818b3f909ff97a40c1e3
SHA256 becb91f9b5a3e27b64738dffc9d9d328fe165140785c14430164073fac3b6fde
SHA512 c3099a5346605e98af1c5fe0eeb20cb7fe68b98b93d45d1915f69dfbc5c02a258c88a9915a396d641b751d6105306715f16a73daab01b3a50505eec920879293

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5200BB-0001-1360-F39A719F32B7SessionUser.cls_temp

MD5 3ed7a02f7ecd29e9a0da73bbd02b94dc
SHA1 ac0e7b5b3976127f95e987bd1f27e504b343a305
SHA256 dd385bd6d860af19cb2c132d628e3d6872d7b89b3bd2d50f56253bfcb84c78ae
SHA512 115fde1208bce0530dea2a5ce627349653d304274582103eda80da3e254ac4c3963444af769ecbda4bc609d89b2816e6620c2eae88f7b3cf3c5e9de5491855a0

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F5200BB-0001-1360-F39A719F32B7.cls_temp

MD5 ebc7c8a628c164359bd05bbc10449d7c
SHA1 fd59b5e64b424f6f4335dd4e92a80ca48a180b0a
SHA256 0c3ea6109125817b71e3035eac6a077ede027fa0b6114749b474d8f370021da4
SHA512 b16e0ffbe625c471ba37cf67a0527aad51f2218572b6fc519b0b37660e2b0ca8bbf57a977450ae77fc189e9b8ab0ae2c347088bb780ef8531fd52b41f3855d11

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/priority-reports/67542F5200BB00011360F39A719F32B7

MD5 981190e92f6f630ab007b4e1628b0d83
SHA1 6a9084b0872587b54002bc3e7808743487079d5e
SHA256 21c33f2fb9ec3d2bdda7cff37228b8b9bba55369b83e0e7ed981ac869780b67f
SHA512 3e88d5aa92869785e807ee0f9dadc1179b4c344a858dd04c9696f30f3358eb63909ff7fdb8e23014629463568083d1d6b6c7b2035e77c717daac0aa26ffaf749

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5C00CC-0002-1360-F39A719F32B7BeginSession.cls_temp

MD5 aa85e174b233b7e446660f2c6af8f14f
SHA1 fa53f5cf63f2f38ba5aa462dce1e67bebd53cf29
SHA256 077c4825dce458e876c1a0228863ca05371dd8a042ddd1a46a922a630f56c99f
SHA512 d0f9cbdb89c3b741c9285f5777b807107147924d291b1744b35bc3fa251ff89cd4267338a26037af3fef8346f1fa0d22caf0e5517fca09d36a4bf308129df429

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5C00CC00021360F39A719F32B7/report

MD5 d4563023c36ed791c4591bb966a396ca
SHA1 a3863f55c13792c394bfb0e92d2dbf13bc08a096
SHA256 f096cd9c3d740ba814b6c68e080ddf799e79f33cc896e0450fd45c7bf591d3af
SHA512 55c5cafec1653fc098826e43976f19ad95c16920d072c2181cdd14040c118f9ada003b10b1626391e6dc9e9a6ada8cdba3cca4a2c1ba6c01ca14e337b80a90ef

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F5200BB-0001-1360-F39A719F32B7.cls

MD5 9b4bf2494fc11705866c1dceefc52d62
SHA1 2662d1720fc75b69981502257907b879bf847e52
SHA256 7a09939eae9c517a44d1becefe9bef7d20ee8a4c093e051e860c3bbe7c3789d4
SHA512 c70230e56aeff07a50ee2b4aa513b1434a9554c0c164f181f327ffa7c2a29c97ed33f1ce3d859bd6c25ed916b008b41cbad0ee0c402dc3be3c9917bc8076593f

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 334ee264f632ae3f692814de5f10ece2
SHA1 4bc9bf7cb5c1ed3b63c456bc35621b3cc1311083
SHA256 649a24462538342bd5272987ffaa323c74771adb51edf530d79be7da994ae4e7
SHA512 a8e62088692da656f51e3d29b99ca64b53c225e5de085af5045e3f9194cccc3c8f2c265261da1a2cbceb332dbf0619ba185de4c544d4aa5d49aef31361fe41b1

Analysis: behavioral3

Detonation Overview

Submitted

2024-12-07 11:19

Reported

2024-12-07 11:22

Platform

android-x64-arm64-20240624-en

Max time kernel

15s

Max time network

132s

Command Line

com.claro.pe.miclaro

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A
N/A /system_ext/framework/androidx.window.sidecar.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.claro.pe.miclaro

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.178.3:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 graph.facebook.com udp
GB 157.240.214.1:443 graph.facebook.com tcp
US 1.1.1.1:53 rwscus.shieldsquare.net udp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 35.201.70.135:443 rwscus.shieldsquare.net tcp
US 1.1.1.1:53 firebaseremoteconfig.googleapis.com udp
GB 216.58.201.106:443 firebaseremoteconfig.googleapis.com tcp
GB 216.58.201.106:443 firebaseremoteconfig.googleapis.com tcp
US 1.1.1.1:53 service.imiclaroapp.com.pe udp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
US 204.93.139.1:443 service.imiclaroapp.com.pe tcp
US 1.1.1.1:53 crashlyticsreports-pa.googleapis.com udp
GB 142.250.200.35:443 crashlyticsreports-pa.googleapis.com tcp
US 1.1.1.1:53 firebaselogging-pa.googleapis.com udp
GB 142.250.179.234:443 firebaselogging-pa.googleapis.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp

Files

/system_ext/framework/androidx.window.sidecar.jar

MD5 bdf3529e80318eb14e53a5bf3720c10d
SHA1 25c9ace4b1af6e80ebb2572345972c56505969ba
SHA256 bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA512 48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

/data/data/com.claro.pe.miclaro/files/PersistedInstallation5590126335591279447tmp

MD5 3d7f6f9648e9a573f5f6f70388a9241b
SHA1 cf42b91d826ae13ff3903f40d1b52be04dda3b05
SHA256 33180204962fa308348a8c8b5f5d317d1a7c2046de7b15f03a22054e86359125
SHA512 3a6205eb6c27c51b6bb235dc21fc1011bd700d6fb10008bc8f38a2f4ab7aa5ea59acfbac0ec906eec5e19f6a9170a785e5428a379edca6af75fc55f49c6764bb

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 63d0a74c72ab0d095f651a325abdf0f3
SHA1 cef69b831c31359a1f25260238a01479f7f0110a
SHA256 22a7eeea2248bff91c6aedadba15c365fbabd90782b14ddfa5430f7ca1ce28af
SHA512 814bb1f09399dd5eea2b1afd7317b383e9f1d94fbc9c0d63b3b8324886653c0ba11dfcbfbd67fc45bdab910054ac1355d01dde3e66efe2b1cdac825075c28f2b

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events

MD5 345f4e9aa78f474d25c90084660e604a
SHA1 4c706479ac888e25b64bae75895db3b61c06fd57
SHA256 0036c9ee49acb032d992400d40217652b10b83f18318d3ce159e431108989fe1
SHA512 5d76a07219ecb337bb1bddda0d83281f36db41202f9c5c0352936c7ac9e6732f49c62f1e1d2ed7bd3ce6945af7027664344efe28de715a5dc1e7e1ad96258be9

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 0d9eacda0a8dc4a3fee50540d45fb882
SHA1 fe4e30d4a831a68d3e3ebb9b2b92676a7a39895e
SHA256 ab05aadc043c6af3362271c94f713b9651e065da2fc2b155c179439eeb6a1c57
SHA512 0c1a54f99f83ee7890b72ce04686dae097f0b6560a92abe1c86dfa38bcbc3f702a6f3f117f58a2a5542f2bb5a86f7c8d09edadbdc13f3f0647835c581812c9ec

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5BeginSession.cls_temp

MD5 94af28230d203bfb50d653739e7dd2b8
SHA1 1fae97317d19901917da93a83a1bf48f8526b0f3
SHA256 0aede2d31459951d51b6ddd17419fbe2b9166c2d684ccda5138e3da02556184d
SHA512 b2cac3220656eea832d5bfb6e580345a768197f7a9d9e11a24de75117d1fad0d4539de4f25daf6172fe9389e51629ebc09933b5639fd5636aa77bb3638d2ff53

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5SessionApp.cls_temp

MD5 3f3fc4248a5709bb081c97be2b610f93
SHA1 d471892989de94f4caf6f464cdc7b3443eb299b2
SHA256 00b1c7706332f40f41af97bbcf573228942ce41ceeb2f8751491df55c9ab12ab
SHA512 d28e42ed3edf5d19cd776879a578214a8b1a0814a2598e063e0fddc643ae4106a0a3b8417eeef246acbc8f9a2dbdc2db6072dacfeaacd4f70a9f99f77b9dd00f

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 3520dc20ab8bf24fcd9471cbb77d944e
SHA1 1ee29ac4939dad1ebe3f8add0b4311146e403588
SHA256 77f6d4fc9a08da1b2fceebf516dd739a45c0ec8da0ad5dfcfe10f2c5e7aa8c35
SHA512 4598b8939df5b0340097c2c557e4621bf0b35e9c1f449c7239abf042a85fec0b84499d3f9191fec97626d9cc64321ff8eaab0b59256b9e8d927c0b8342015fd6

/data/data/com.claro.pe.miclaro/no_backup/com.google.InstanceId.properties

MD5 cd79f5d1b0ed44a19f1314ab24c7e360
SHA1 fab6bb466bd9670a68f00f7cc6ef22798a803a8c
SHA256 f7345f963f18b3b20a40a9dc4b9b0d9ce38e563e2826ad11447aa824d16bd47e
SHA512 85abd88c200a01d1ed39df71322f97425cc8cdbe70e523700abc2d6d724e5df523f49efd8aa736e1eb9bfde32352b057967ba91108e6e8d0d2a05f9f2a3145e6

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5SessionOS.cls_temp

MD5 b3d9541cc92a9153d14e5160f8d8c008
SHA1 2e1ac80eb381dd82a03795b682f92020348c0113
SHA256 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d
SHA512 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5SessionDevice.cls_temp

MD5 fd6372364a5c5c9cf8945ac3ea7a5d94
SHA1 3c798cab71f6ae7a81e71e58712368231230588a
SHA256 7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641
SHA512 a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

/data/data/com.claro.pe.miclaro/files/PersistedInstallation9056301807161719378tmp

MD5 d6e1534eca26ec3cea89f45271e291b4
SHA1 feaa0dce74a4f3c34b443e47c89b84150695420a
SHA256 c292f27920ce76e57753e1662becd76a649fa71c977a01fae387f8ed50b3d32a
SHA512 4a44ff955c834a43877f59e3302c3a47e849b43fd67dcd33f72966582051198a4739866d1f3f270439db245f42c3103577c718d549efc193a55fa3e29d9f9d77

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5001970001118CAA6D3AB91FC5/report

MD5 07e9f89254d5721d12b5368e03ce56ea
SHA1 910ffc973c596f98fe522f64881cd5334def14aa
SHA256 bac55b3f56e8ae53b9ba87eddf1960a7a32c2542d16f8b293a4d2b349f2ccd75
SHA512 6c13dc47d9811f5aed5283c6dabef49d99263e338662dd6b29e4b75e7e23cc7831b2acd6fcb70a1884200fa3ff1c8276b40bebd0f81861ebe4fd4509561b9489

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 610c6c8a61a4f976b195c39f12f42078
SHA1 3afd7f8ee522a1b5c0780058a3884d0b1c78745f
SHA256 9fa29e3f525e08565c20c349b0fe44b05a29992d54e5075855a0001801300ff5
SHA512 4f7b24252de6aeb9af2bc3fd9c5f6e1168b2537427772aa2e5885d9185b67f89981360b2a12ff494f3ce4fab5c83281f40efa06fed18140204774e4a6ff0303d

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 cba65bd34222ff178162ff5626793086
SHA1 a56ddd12af9b0dab20fcc01fc5c4ec206855556b
SHA256 c2b9d7609f7afb04fb7d677ec422b3f7bc4db5a5299653b9a45424e1cfd9ee91
SHA512 fb6d80eaceae34b338170c8557690f45375e81749d01a028cd0ae003cf9655918884d7be680b28b97844356abe040ce0e46dfd9f8391124e094474a1ab085df4

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 fdda3340fd94aa7770db9de1367fcc33
SHA1 fb23060ee164de877c3b29b8309a6ea1df2cf9ca
SHA256 a6c8db0862519f042fda36547c607cf933a197504bea70a79a019618e2fb0a7b
SHA512 b9d76a07ab15d7bf7c657f924cf2c3257144ed2e3335505a8f67f41dd05cc9fc0b83a7f3a6e5cc62a31073922c61f9c77347fbefe109712aa1e0a80ceb8ec8f4

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 9aeb7a5d827fd0541e5c3b3b54cb47ca
SHA1 f662b8acd747c262eacd1723bc069c40d9bbcb58
SHA256 aa040b88f619cbd10407355d04e6ba8ff5ace1bda24c64f5f5434684c2a18c73
SHA512 5b3ad2d8aea18d2a62c13276493f1874412c083b34444a8a35e5f00396aa7e5897b3cf03fa0a735ebdff64fc765c64af8016d0c55270d455db2382956dcbc995

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 dcba39db5902d0788e436de940903b4a
SHA1 1ecec192dbe8baa3a5fd215f37a660e8d37f072b
SHA256 550e38acdfdff74f94408aac069dbd37221331dfbfad3cf2b0bef757b0b11b8b
SHA512 49dbd18e7721d8a09837871b89ea928b7bbd5a2e0e8a738ff65675532dd37a973a3fb76bd6a9d91e7e04c9898af82f7364c0176ed0eee06711a2f38db1b5302a

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db-journal

MD5 b153ae664734308eec7e4a1a8a9edd51
SHA1 027cf50a5bb7193db71d8d8c9f3c5615f7184c38
SHA256 005577714b785989b8cc8ffeb47a8ff92056984539d4e46a068086172ba56dc3
SHA512 90f7fc51425aae9ec418b975ddf499d47d9ed9d22a5f2faf1b5443efd47cb3892b5d8259685c6b94d64bffb98397f864eb1a60ba85ed667e7f91da58bff0e8f1

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 f65e39288b5c196d5b80cbd0243bdbdc
SHA1 0f7eaca4295f48ca2cb566ed0039090b83a86b37
SHA256 408945e6490de9d4710eb63dcfccd3bcec9cd8928f8da490fc11fe11bc966673
SHA512 a06ac299a30cedf4193eb93e9ef1eb702f1a1f37c5fac638cc0f497059ff3fca0631ca1de1b0edd4933ecfffc7d70019085dd81396b3737c4a45285abc8e52c8

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 f80f09695adf62b1c00b2696db4b5a4c
SHA1 ed8357993270d9ce7c4a2c150cf6ee7e5365a3a6
SHA256 be6d26a12f8932a3fdab3091f6ccf202daf28e1b2d2780444c0824e4a3de7509
SHA512 dd14a1033f5c3cc8f6694b98e5e019f100c8f688ab2844d15c6d1333f059fb56ca957d7f97b0e4a297f46df981cdf519f081988b6429878e1cce07d61bcfb731

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F500197-0001-118C-AA6D3AB91FC5.temp.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67542F500197-0001-118C-AA6D3AB91FC5.temp

MD5 8dd9349f2e61310ef86f3de453833b9f
SHA1 c2bf0396353edaa3f747ffbe8f9d0429b0c9c720
SHA256 7d2b48cff8cfaa55537177bfdc62a754c58f06b9af13e40d47891c910fec1a98
SHA512 36ccd8b5306c0c01ff16f148c0893b767f0976e9758364ab2d3cd5f3ebe762a155b29480397c153752512725d23cb56a04f35d5ba28ccbb5021e16ff6d8a357f

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_defaults.json

MD5 7cd51f77f78cc21b91bd979ede3603f8
SHA1 d7191dea9030fcd1430af39fa534e67fa8c28a7e
SHA256 0b4c94aa853afc5f1737320d6398f4e44b9c0c2ce5c7a7444df48d0a95522c41
SHA512 44980c2a96189ad05aede90684d4cf78f583be145fe7acd0fcf42c91e14138d336d8f91fa139c02ca7ee8e138feb3a9b51b436d9e586e8a2a5fcc2aec065f999

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 48d47bf94de0a032318959e3d787017a
SHA1 273a1b13b46d7b7d7124d90480bd1e09c41a6dd4
SHA256 a715c2519ebd175e23cca2711cdb891835a406efaf42a3f0273ff3d5650b9971
SHA512 a5cd27955481e7c9c222c4c89419c4494b5416011a80297111b695fe975f108d2db26d586e5686ea793967c892597c8c9db3cc11938d27bdbc4f12d9a4eacee7

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

MD5 46366dea422e637667bcb033ceee27ad
SHA1 7d2405d0066267fc4c23fbaf6294fa201e971ce3
SHA256 3ce60852733e1058e34bcd66a74c5e96c426caba17c95b15878233f506ef50ca
SHA512 ffc9c85a83c7061d2831b209c1ace6ac867822614b0dc42fe55b534c00a46e7fcdac7e3169a264115f309dfe042b332c1384c76f6ecaf204c99f1801561c5f69

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 9518ed56994ef4299aa08b0c3309d8d0
SHA1 aae7998afd82ac7c9a4ef6af405ed8aa12287d28
SHA256 f32e3adfbb2f91bb8591045d983aa94d91beb9794702e7488086e4b3f19d7dd5
SHA512 5c736a94ff623eade4c802210a1baa50b2f958cc32c3c79f2f43682a8be77bd6c71e73000381420cdb92c33b9043d4c531850c9f1c491918d5ce1b475cadafc4

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 728e8e19350b7853953d1dfd6dbee0e0
SHA1 34c4b3b62ebcfcc1e699b354087a51de8c346c03
SHA256 d4632f254cf14dc1172d1ecf919e39206e10142acf178d460ad5792293122f96
SHA512 747614c34e1d243f31a3cf07e359d9274818212defb52504c18b84e4a0edfec376461386b5e2928096fb9e36e81a534e25c4a3a37b4a3a999bec951fcf0cdd56

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 955bb742a2230ce2db7a4bdbc4f82430
SHA1 57f2feb40fba869448a606408f34df9be9a51f17
SHA256 48593e2ad9c6f28c08fe335421ff34d6eefa9a3da607bca2052c09bb26115a33
SHA512 9dbbbb16883aa9baf086ee2d3b4a1c64e47ea83ed9073ed20ed2d226f1a526f332498c97917d54cb3eade478d2f32de7cb62699a2bdf1e25dcaa2c140c461124

/data/data/com.claro.pe.miclaro/databases/com.google.android.datatransport.events-journal

MD5 315127d437f52e36fd00686919141d02
SHA1 582fe8ec67e466657ebea1bb8375807d018c4dfa
SHA256 39ca7bcb75dde5835cc26c8be9c2f6824226ab1566f94550ab5c6dad7e431ea0
SHA512 06f0a1baac50a5cef2162a891fbe21d3f26a436b027b23c7b73d4fb3e1227a3d8cd60086af49aef6445a67bd1dccc0a6cc2362f87222b865d86d54987ac6df8b

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 d4281bb72542873e731d066a27974a66
SHA1 bdb1e037026164713921fc36c4368a3abd65935a
SHA256 85158af4584cfb09533f9623c8a1ca4c5dedc98e135c83fdc627de23d81a93ea
SHA512 b36b22f9997d453e8f9e1a60d66c523f5d9bd0da50306cbaabc01c91565b5d8fd91b286c1a40a8c7f7db55c81378426da478a921d00ad4c2b2a5cfde6d932d1c

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_firebase_fetch.json

MD5 c29d294598faad829e5aa61c8445b6da
SHA1 0aed464474978a3b99477e97096dd60e54e517cb
SHA256 6bc027210284a251c4ed69a503c080ea416d136f681c2c2da52f6361e08cb1a3
SHA512 c0adb9a52f408b16982f7b204d5ec2a58270c8d03f23d74ffd4fb4060de9e81e59d170709f56245b1436abb743fe12b12b64f0713cec78aa3601bba47c210f01

/data/data/com.claro.pe.miclaro/files/frc_1:65002965112:android:b08da8305eed845db6058d_fireperf_fetch.json

MD5 449f21567762131aebd8ee4e00ef9cc0
SHA1 608829adc5ee59f17fa837a647365f619ce6226d
SHA256 0476bea2736012357165e939abff7e1329a4390acd6d47f89eb429f22bf61585
SHA512 7cccda71ac27f81e33e26f79f7e6b01a3725c3f45a713cc406d96fb505efe62039421ec37e85656c553c51d4273b4cf8355f6545406d424adc2e65c730490c8a

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5001970001118CAA6D3AB91FC5/event0000000000_

MD5 f6122407cf9eb75a5d635f0adfe03d8e
SHA1 85f0798ce697d0bee0639a8382170ee9921b20b2
SHA256 1ac6bbd4ad59743034b88173126e8a771d0f10458cbfaa8408ce62e7bfb11207
SHA512 47cd9b950a00cb98a25aa168b43572a2abe2465b8b95a7eb7c3a518ae66213c38057e370305d0d73be875a47b49153063a64fdeddcbdb43ece8ff4a0224bd868

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5SessionCrash.cls_temp

MD5 293d9ab0c310658b97b9055b248107f2
SHA1 9e7d46e83bf2f0191f83aeecfd19432521de380e
SHA256 901d7e77d88cddcb504903c15f02d39c2c844e6edb3c28b7d9e553e229a15cd5
SHA512 5cb3ee6d908fdc1887baa9f34259c7866f99630ae24d71111efaad0e2b8ae88e363064e676bdce971062bd6c0d4acb8959ec8e182735117f65c208d44527378d

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F500197-0001-118C-AA6D3AB91FC5SessionUser.cls_temp

MD5 3ed7a02f7ecd29e9a0da73bbd02b94dc
SHA1 ac0e7b5b3976127f95e987bd1f27e504b343a305
SHA256 dd385bd6d860af19cb2c132d628e3d6872d7b89b3bd2d50f56253bfcb84c78ae
SHA512 115fde1208bce0530dea2a5ce627349653d304274582103eda80da3e254ac4c3963444af769ecbda4bc609d89b2816e6620c2eae88f7b3cf3c5e9de5491855a0

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F500197-0001-118C-AA6D3AB91FC5.cls_temp

MD5 05143a63e7300e98cc85b62bf298dca8
SHA1 e16a28bf3e1566a6779349b4d799635d96a7bf0d
SHA256 48b11299047100bed4be117cbcad9029d382f0a118a36a9d2cbb662c30849243
SHA512 8ff8c7735c99344637d817d5cdf3bb1876968a5f93dd6ebdf461ade54b302f48a1eff2611d3ed586626000fd2f5685087b8d516f96879a5275016cc8633914c4

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/priority-reports/67542F5001970001118CAA6D3AB91FC5

MD5 75895d06b365678f768c89b3ac32bac8
SHA1 cef3da7f9aca4a698585997ba0e9fa570a553afd
SHA256 51e093fbcf0d77e3164f4dfe3b2ee20c82e124234c24a88869616387244fe965
SHA512 3b7dcd20c28fcece024cd167a4003432805b92b965b619538d4b7c30c26f9bd2220dc40c57625f2d7b97e29b3e55cb737caf8cd1984035278a53662810616685

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/67542F5B030B-0002-118C-AA6D3AB91FC5BeginSession.cls_temp

MD5 7380e3d9e6c7ca0df12230c3d891227b
SHA1 1a148e3e8919a7625be8e3ffd72b17fcf07f083b
SHA256 2b4ce4ecad2d5d175e0c38125f335e91166a2973d3aa6b077b9271b852a082d9
SHA512 81d6ce7af37f42e29226ac2983811b118f47886cd462a572dc596e928c12afe7621915a420d53485b45829cb32501dc5a28de51e58a57d4d5b96800cae133c44

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/report-persistence/sessions/67542F5B030B0002118CAA6D3AB91FC5/report

MD5 e2a695bffcac19f814bc7247cb32a28e
SHA1 b50ac003aeaa9fd58abe86621a579b46c2fd55f1
SHA256 b18a731d6b8916331b81603bd4608ce4095daf9c4812ca4f92294261c347befd
SHA512 950122665157c5c5920d5f07865e7ec5c6b25e1ad89fac980ada43aefed78c8519a7974c681db43a3eb18a8331dde5ce0fabfce22de51f3fba446678b24b1390

/data/data/com.claro.pe.miclaro/files/.com.google.firebase.crashlytics/fatal-sessions/67542F500197-0001-118C-AA6D3AB91FC5.cls

MD5 9b4bf2494fc11705866c1dceefc52d62
SHA1 2662d1720fc75b69981502257907b879bf847e52
SHA256 7a09939eae9c517a44d1becefe9bef7d20ee8a4c093e051e860c3bbe7c3789d4
SHA512 c70230e56aeff07a50ee2b4aa513b1434a9554c0c164f181f327ffa7c2a29c97ed33f1ce3d859bd6c25ed916b008b41cbad0ee0c402dc3be3c9917bc8076593f

/data/data/com.claro.pe.miclaro/databases/google_app_measurement_local.db

MD5 fdb3e74914d33ed74e7cee166106b61d
SHA1 9610843389c56888ee7fb9adf594a45cbb4b28e9
SHA256 805ac5693b43dd2d4c85dcfb2404513ad94e7db4cb29516e6023aa860feab99d
SHA512 dbba76af503a56ae4c2a88c8cc0fc35eec2cf140b11a6f3a8a1194f817cdd22581b53f3f36f5fbf79a6afa129144b95ed075ae39a24bedadb300d63cdb336a39