Malware Analysis Report

2025-01-19 06:50

Sample ID 241208-nq3hnaslhx
Target Pornhub-v6.17.0-PREMIUM.apk
SHA256 df4f4e2ee115d679002f9fdd40303a912406d63ca9ff822c613169cb4ccbb75c
Tags
antidot banker discovery evasion infostealer persistence trojan collection credential_access impact
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

df4f4e2ee115d679002f9fdd40303a912406d63ca9ff822c613169cb4ccbb75c

Threat Level: Known bad

The file Pornhub-v6.17.0-PREMIUM.apk was found to be: Known bad.

Malicious Activity Summary

antidot banker discovery evasion infostealer persistence trojan collection credential_access impact

Antidot payload

Antidot family

Antidot

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Requests dangerous framework permissions

Queries information about active data network

Reads information about phone network operator.

Queries the mobile country code (MCC)

Checks the presence of a debugger

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-08 11:36

Signatures

Antidot family

antidot

Antidot payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-08 11:36

Reported

2024-12-08 11:39

Platform

android-x86-arm-20240624-en

Max time kernel

47s

Max time network

131s

Command Line

fun.gamergarden.blumos

Signatures

Antidot

banker trojan infostealer antidot

Antidot family

antidot

Antidot payload

Description Indicator Process Target
N/A N/A N/A N/A

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Checks the presence of a debugger

evasion

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

fun.gamergarden.blumos

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.col udp
GB 142.250.187.227:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 update.liteapks.com udp
US 172.67.73.174:443 update.liteapks.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 configv2.unityads.unity3d.com udp
GB 142.250.200.4:443 www.google.com tcp
US 34.110.229.214:443 configv2.unityads.unity3d.com tcp
US 1.1.1.1:53 api.npoint.io udp
US 216.24.57.4:443 api.npoint.io tcp
US 1.1.1.1:53 xxxparodyhd.net udp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
US 1.1.1.1:53 scenes.xxxparodyhd.net udp
UA 45.12.3.124:443 scenes.xxxparodyhd.net tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.78:443 webview.unityads.unity3d.com tcp
US 1.1.1.1:53 thind.unityads.unity3d.com udp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 1.1.1.1:53 auction-load.unityads.unity3d.com udp
US 34.110.184.100:443 auction-load.unityads.unity3d.com tcp
US 1.1.1.1:53 httpkafka.unityads.unity3d.com udp
US 35.244.205.3:443 httpkafka.unityads.unity3d.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

/data/data/fun.gamergarden.blumos/files/base.apk

MD5 dfc66a31d71ac949c29565893c571fd7
SHA1 2df8959930c8291fa6afdd27a2f8819c0b31b46a
SHA256 0b67e9e472078eae6b145baf57458a4e2ae5169070fd23c5913e8f6465258045
SHA512 8a25d7eddeaebb371062dd206c1d9aeb4d906049d3f88db83e556c72806a85a83e728ee1fd4152d91a0e456bc124ce2720c8d39302c68c7652a269ecea66b613

/data/data/fun.gamergarden.blumos/files/PersistedInstallation2380539559872145752tmp

MD5 11b817a2f3c81315ba0f3b14d22d3f49
SHA1 2ec26a3d30afc3d34dd12409da65e4ff11646421
SHA256 f732ff9794ea49fcce1a2381d4bb9377f7f7e44ec7141f5bdd52a5ebb629cb0f
SHA512 f1345604d7d84e9e118248d6c780238eb8b4ae3393fde14cf43ed4993a13fd72856654affc9fcb21c8bbbd0bb2c275d7a25b9dc1edd3d329b8e11174a769faf4

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 6cf8fd5e6aa762ea6ab6eb61c0144152
SHA1 aac639968e829fabfd66223fd9dc6293de017793
SHA256 868748cfce00ff9fbeb66f9a1d90267af2a8967ae1d30ed9075efca1c42ff292
SHA512 7441b257390131f37be6cf55c6600579cd6609dd0f45267353f21fc4373079cf64b5d33eebfcce7e9f56efe3473f67226e156dbc0afca578588cb0aaf30b3d65

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-wal

MD5 41a4d37be17db76f9ead7dd414e74ed0
SHA1 07d734165123dacaad5a09212350da5f5608da9c
SHA256 e5b56fc983c5f70355a45fe3a31ccf5353d27eb48112a2dd54879f9fced597b9
SHA512 d16704edcafb0935f7d276e6cc8c28ca34259ad31a58173563c0c87919a060515c93a5d09f8ee77267c0f75a884409ff77a8077aac0a1ada13baeceae7963e3d

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA0172000110AC30494F76A9DC/report

MD5 5a31606ed10180a912d6beab44959ad0
SHA1 e75eeef91bb2b49eb25c160d1ee6529ed1586e23
SHA256 6ee8b0a554015e200984efc202c97689443ef8f08d76dc72cfb81715a8966c0e
SHA512 4799da281dd44d588ddb45cbc96d11fef145a027d75bd56c7cb20ec651d2e24f1a9ed3a4529669ba77eb03f05333c85639667729f7b55f5981b2d01570651e7c

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 35b51faac8b5af3886e70bb5a885dab1
SHA1 e6cb282da46cd4bf113e25c8573268578dcd11b6
SHA256 af5b3362ec35985974c6b73eeba53e5063861f2491252d61d8cd42168aa5ed6b
SHA512 6ad5e9766cc03a4436e1440b9e47c44da6c6440a3c94b1cc988f8c5680043cde6f7b7e02b2b4c71b25df4209c39ed099fb65fdde02a9f09464609a1abe6af8fa

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 944e6a5a08cb971370c65c06061f0ab4
SHA1 84d47725cc29bf167b782c702575bce4bf2ecc5b
SHA256 ba8f4af0e35f93cc15649f4c51969f5279421fc12deeafaddec5e5c48aa58dab
SHA512 bdc404233927a6a99160492d0b3e2cf00776d51b33612b8c9ecba395747b3572cf1790269fb199915aafe84c546d30e3259833c9d00af8c412823396882ca783

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 ffcbf87665a36fc21782400bd0537e79
SHA1 3dbfbdbfdcde953317b089f9a9fa0bbe50c698ee
SHA256 a21d3bf2cca0951e9e7b3fed43cafe9f89a4cf9d844c82279b260852d0ee473d
SHA512 7f98ac150c422eb4f1126d86501d0435817ceaa7eb5549e4d21a295d57be3d3fed4388cda782c084130c4ac8d57a4f225139a2e42e8a12b34cc1679140d16b57

/data/data/fun.gamergarden.blumos/files/PersistedInstallation3520014048654375698tmp

MD5 06048d245d78cda0ba448359e057aa49
SHA1 4675d276c8373197ea7d2aa3a1bc0ab9e76e9a8e
SHA256 39be7672194bebec1bb20f9c9be3be65bf87a3931b416d538d76deb6f144782f
SHA512 24c7f3ed99e7609c4b717ae5a85329e4484424b01fd6ae4780cd9898cd810972b56ca68559481088339b0a9181b893b0e3a9b310a32d67f8e6326af5de0897b7

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 dcf7d6c1cfd5e7b56074e3001577c78b
SHA1 b8eba89aee9f6688ecda6675ef8ff4998da0b141
SHA256 ba0830617929c78abca9391c2059f89c78049911f502ef5525d39341e4da2b91
SHA512 42d75be824d69de23d2e8605d60c3608db20ed5c059f5b67c63ca2845484c67150aea88a3aae36aae12a4ea266fb6b469d09f765bbcd444350d836ab83f7695d

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 04bbc65e5565be36142ff58e6df4eb18
SHA1 3525cc575ac8429f47335936e1d5149bf21f0224
SHA256 6d39e15d83cb56e307d677a637d7bfd2bff7a016d49c5dc6effbba0f508c95eb
SHA512 ebf7d2bd5129dc500d89ce64e99af773e269b3f18f3af43091ef4c4f9bfde230eeace35ddf0e07124aba2b98575faca579343e0128a881a2f30823b21275ad86

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 16425f2fc1ffc00fbf8c4d5ca0b0fbde
SHA1 7bb79410946b606b36779ad89be83d9b8629dd0e
SHA256 3f9ada46961cbb9247581ae37261d31899c54ab7446de17e97728f31dd3668e6
SHA512 543ba4b2fb127b1d786e65820fec3e04820f4ff4148477aaece51da75190eb99b617d8a26f84943e3a63a05f4f0d2d881093240cf057ae9ff1022fa3511b5d49

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 47d3c5b247299cd6642450527ddbcdf0
SHA1 d3d2f5e5a3e8fa2b23fe9c127585befa3a813c8d
SHA256 aa3fa62e7b4bba129f8ad8599c5e51fc0d21f93fdd005d52b5399308bed1e646
SHA512 aeed35d38c3ff1111a8e5dbbd29f78707d1cb0b8238fdd65ddf653c6c7bcc27dc28e6bbfd1a024aff0a0ca221fade6f5b55acbcfd97efd2a69b8f5f903c1f986

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 301132e98e73856e0b2824a84487b7d0
SHA1 6f1836983da6c786eac4ba22820f4f23907a7c2c
SHA256 234e469860fa5762d9c41b60977000b1d8aeb813858a92ef74d52923f2f07856
SHA512 60fe2958ba6c8c3177239a9cbc3d0765bed1d8fbcd44493daee01d37dd1978192fd704e42d30c531ee32e4e063123d1766ebad43163e945d45f8865e6299d05d

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 7fec30c212fa50c6d8325549edf1fcd2
SHA1 fea3765f9fc77b2b60ae46d5b4a7640798aabdbd
SHA256 525c229eebb96fdb5b2eda1e7bd92b5514eecad6a6ccdfaa8b2478872c65da1d
SHA512 5e8bf6545d5b74a1fb001687ac6cb00037c482ae638ac09b0aaeb632e57c9fee01652d6a961af22b87f2a207d84659fb1267ce3ad34c7e85a5a1284896507c6c

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 f52b2c169bef0e5a5b48432eda084312
SHA1 5b950f349027e1882e6817cffca4108586e28578
SHA256 f37355679a7f0484deb54cc9b92e03ddd3ecf4ac8ed57feefc2a104b20c68c99
SHA512 914565aaf75abfa170739c53e4c8d53b327c5ed919547c5a48103a7059a57b8b981fdf3707b34dc5d3d2012620bd751c9c1e146e4612d37654d9ef9125b6bd33

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 87a753c4bc6e2b10cebe772538343b8a
SHA1 48793a55b0deb219f6b4cf8457b199e82877a2e4
SHA256 2bd02ed18e25a7f05a2a35a43c51f2566dccee2fdb7fb60102eea57de180bad7
SHA512 e2d88334122edbbdbc3799c7625b961d0156c8aaeed96688c3f69141d670628a714f127874d394618b6ccb34ba40dbf1a28af2a54bfced62669db64081da3dc1

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 bc875b7fd09ae3707fef5d82cc25cc60
SHA1 39e010710b97b9853d59dc54d325174e5dcfc506
SHA256 303247e8ca988cc5a07cc60b6b779c613dbef9ee379f8021c6c6bcb801484656
SHA512 edb17e5e2fc84aca850f48a4195fc3c32a372d40351e77c68ce30d63bf1097cb16d85a7011220a6153afa61f0714839ab3862ea5b69ad768a4f3971d049d2f29

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA0172000110AC30494F76A9DC/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA0172000110AC30494F76A9DC/userlog

MD5 96263d2bce5975da02d6585ae0e54796
SHA1 6605fd128e3b9b9618d618c308b32cc741529e00
SHA256 bdfbcf5796dae5fb9feba1aa42750665feab43846e636e29c90ed984a0290f67
SHA512 3a2d21fab5e95a372d373f183c4947fc5b25625fb005427c26ee87a47e3f74e083cefd44a1adbff6a038eab3a919f823302b067420bd4a95377c0f015532ed9e

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 72af61edc3ddbfb5ceed245ee3112ece
SHA1 e695610ce2794ee1673fd6a2c9f4b311e0cb7885
SHA256 84e5c77863c86206210768d5322c725858ed3e38464c273b626f4e594e31d792
SHA512 2eff616a766bef33ef34df1add25e1a0c94354c8e2a932fefa94d31eaef56124121c1dd0a5d9e70fc24bf4076c811ce047e113ddbdc82ea416f23eaeaeb05d81

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 e7f6ba38a3e8d4b42e766333a93c6d3e
SHA1 6c574a9463cf0d5a1a9212a2c55bf0467490604a
SHA256 514a6d53b64ff92fa0fd9725aac49024ee2e130b10eb9a7b1c26caf1d7ad39b2
SHA512 54ee94421392dfd9d63a25488b25cbb6b0f20435f6f3297a32f6a41711764b6f097ef0a4aa0c00e33bdf8324e4dd2d3aab384baab41f14951a624053f0e27324

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 cc5d820e01c07086d7db53b7dbb33abe
SHA1 5c5bcdb835bdef08c381bef59381ddacf3bdb2bc
SHA256 44eaba5c17a481470b4e41086ef2b2be2452612742de296845afe4f2c5390766
SHA512 816ac7b8a2ae97b8fe2522b1cad62e7b8c8d1a5bbb93992f18c1ea3462e5cc66be68b6d6011fd124ada67e69445446dcff683fc76d546eb7c83a0b33ab4f2217

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 c1a8a462c8317dd9e9a6fcd40e70d51b
SHA1 90a96edafeb41effabb66a60cc44bda6974003d0
SHA256 64f9d62b812dccccc351fd002349647ba77ff8d1e60c9fe7b2ba430502a215cf
SHA512 2e9ad16be9985b935b390734344781e2a7d1b9241cc31512e46361105fec3bea6033520faee4cc8ab08695cba405dc232d1dc423f65e6982e938b3f2502f6e6e

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json

MD5 f5ee43be7ba631a46ed2109e1b20f5b4
SHA1 9b76483f8eee559689ccb488e6be485787c370e4
SHA256 5448146dde88f3e586ea16d83e9bb9451ee3ef2e8210d2d17ed9f563830291d2
SHA512 c8c6fa42ac26ba339d0d0e2d44106c64e21131dfdafb65cc8dff44595ed35b9cd76f2f5b43ac1806900c5f1582f3f585a362f14ba8163592ae9a80f03fc12d88

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 ff1878d25a9b594cabe09f091c7f9006
SHA1 d4a7150fbbab31a4f6e883fb66d02f1082de6e91
SHA256 ff12f43ac31e8b7fce617632dce76f2daf4d831bd10b02c6dadcfdb7c30daf14
SHA512 1afc4c55008d7c6f33ddb025984e1158308acac0dfd64308b389be3c7a550449eaa00f03d07737edd5c84c81559b9e390428ea85707abc51c5907c04bf19ab8b

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 04a5093c1912049be1d4a1cd77f9a77d
SHA1 573d829c28921aef6cda83a0fdf06e24113ee011
SHA256 2557ca55c0d4cb1b4ce8dfde764cd93db9f4a15024b22eabc457a3fb4b737583
SHA512 26f6e9810fd3b0381070d9cd9ee67b9b3206bf7ac2764ebef970dbd33ef4803b9c5bcd936f399436ff78803736e99217f86025870149fdd68d4a22619c990618

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebApp.html

MD5 93720c34583185046898674c8971fdcd
SHA1 cb6a7ffc90b590e90a0a0fcfd443ce740ef966e9
SHA256 0494dafce0d6eafb94e8bbbf843ace8a1c6cb43329eea1bfeb3ad781acf83582
SHA512 3727ecb0baf15f8187dcf1f6c8c206bd76e886a35080dd5b28f836135864b6e69cbb005b89604e357335fb67685f1c8aa9e44ee7ec40e598ec46c0d6a8d353ae

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 9d0dda2e202ab9771d978e39e2f3e925
SHA1 5fe92c691f8dee2ab5707e23863c28c66feaad7d
SHA256 64772a5e03e34a2181b6ea124ba26f81f2f1cf58298a101d4a6fe4e2d01cbb4e
SHA512 5a151375f9b4e8fc3446b002994c82fc777a4a1a5b382c9bdd0ef91fa665cf9476f61324a4d2e5d2be4b330094871e3bec1c30a51878f2b64441a514ba7ea06d

/data/data/fun.gamergarden.blumos/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 c1746b451176b706431f9129a39e1e38
SHA1 afdcc5dfd7a0f65eedfc2a48c50a805ad11ff406
SHA256 412b5e55d6d20a0f9fcce5f52021b37fcbf6f56205ac2c65acb3191bc945ca22
SHA512 976daa6ef6efbeef55fa9ede2e9c973dacb5977e3da5341dd296683afef2013dd30b11158249ceed0ef7c095357ea3235504fc54037cf3d9fea99bc817acd659

/data/data/fun.gamergarden.blumos/files/profileInstalled

MD5 f769b03ad2008749c41231c853a33a13
SHA1 9fec316b5747bdf2ad1729528f77d2bfd7ff9eb6
SHA256 0b407c7a2bc8a2caedf9f4d4612cc8d71df83d2f4838e53a348d6df7d7d0570c
SHA512 e00b3893ff19b8ef5155e5fa19108d600eb1149d15d77a745dcabbb0bd8c94910f8e683ab2f6c68ec4bbb788781f42966f8545792ba51bf2fb427064afdf50d2

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 ae22470118566e1bd15526d7944874dd
SHA1 7cb01665fd04450e33935de446d62a51cc6e7e45
SHA256 cdbccd2afad93a78ce5261c1832f6ead44fefd5ec15025dd735d5ee404023879
SHA512 70756c58fc87b380d8a48160bc25be75839c11bfbc72c70d9476130ccbab04ed91fdc17fd2879742cbdde19c2ae908d465f803883bfcbbdf4ee9756d79f4fe5e

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 34ad7d98451e4f44feb23359d9365737
SHA1 9f0a39f52529d864fbfc6671e75c3c805feee5e7
SHA256 0d131d5fcb2a2526a187a21bd75c3f14f6cefe00088f55207006aad99fbb70b7
SHA512 113304327ec4ee5ed79f626d0b425e746d0561646ace7c7b3b932df51f19aabb74177b482dec5448e1b020b1b493d57d29340ce4a386d24be77353ef88878b6c

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 cf08b69ee27f4a9e9af028c7f66d7140
SHA1 0215310dfa53470dc891e9f93f1856b973a5ab7f
SHA256 27f525ccdf247ef5ae43b8a9d5bae3991bef6b699e611a5cf718d88bc57b51dd
SHA512 4d3907cde0af350b84feb9fcf4d4cb8194c585922e53e089df3f3cea0c37c6f9b5ee479521d6afdae82ce1ae4f8e0c5171c848cf64270677b7647d1d3a7e2fdb

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 b6f8e9ce4c9749cb3ec3c2654cbf88be
SHA1 2eb0dfb9f7e5654a46b8fc424c32f623a75a61ce
SHA256 f75b44fa72c8201416e4f2e81b98f9d7501d3af18322f86983e70f8eb1f4bbf8
SHA512 901a6b448107ec3d9dcfbb610b3c3397ddfbc20f0f5fe331455bbe8bf71a01ac070d441d02124795e33e99498265b1cef778a87c8eb744d93e9a4768cb73968c

Analysis: behavioral2

Detonation Overview

Submitted

2024-12-08 11:36

Reported

2024-12-08 11:39

Platform

android-x86-arm-20240624-en

Max time kernel

21s

Max time network

130s

Command Line

fun.gamergarden.blumos

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

fun.gamergarden.blumos

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.202:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 172.217.16.227:443 firebase-settings.crashlytics.com tcp
GB 172.217.16.227:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.4:443 www.google.com tcp
US 1.1.1.1:53 api.npoint.io udp
US 216.24.57.4:443 api.npoint.io tcp
US 1.1.1.1:53 configv2.unityads.unity3d.com udp
US 34.110.229.214:443 configv2.unityads.unity3d.com tcp
US 1.1.1.1:53 xxxparodyhd.net udp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
US 1.1.1.1:53 scenes.xxxparodyhd.net udp
UA 45.12.3.124:443 scenes.xxxparodyhd.net tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.39:443 webview.unityads.unity3d.com tcp
US 1.1.1.1:53 thind.unityads.unity3d.com udp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 1.1.1.1:53 auction-load.unityads.unity3d.com udp
US 34.49.168.197:443 auction-load.unityads.unity3d.com tcp
US 1.1.1.1:53 httpkafka.unityads.unity3d.com udp
US 35.244.205.3:443 httpkafka.unityads.unity3d.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp

Files

/data/data/fun.gamergarden.blumos/files/PersistedInstallation7725489673865136298tmp

MD5 735dd2216fafde31c049d7b42779fde0
SHA1 d6e980deb775ef4da79ca76f63a1b4fd232f35d2
SHA256 7f26358c7a9ff7075fc4c350861375b39cb95fe8d492bd4db242de21b925915e
SHA512 9aac7b6135fc4e0332c96b4e6a30e2317d5289d5320f7123f403d61190f33b93b5b5c9a92efb3a1acc89c198f32c0f7d822b9df7ff75f98fcd917872ef43cdc1

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 07b152181064e1fa41c028958d656e61
SHA1 39a0d93c7e4857cb46ab65c06e92f8523d6146ef
SHA256 f678c86421d0b63aa1296d7a434a3cf3f38e815e6499ccd58b02f3c9202fbbc9
SHA512 bca1aed0c4f58362ac7d37e087806d16f53ac4beeb10af7790565cc480906e7ce3cd6b5f85aa253e11ad73374aeb6ca90c93de72da166e50d37c6488b29f4cea

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-wal

MD5 a57b58d27567d6796b0f9cee389ef816
SHA1 5607bc24cdca19f6bcfc39b78a9b80b0171143c8
SHA256 51650293daf84ab6dc6ced37eb302b3339b2056cfdd462c51ae2dba2c11339c9
SHA512 41eb32b750144d519c3f3fe61295bcb1d904e74a8ee711be9977d941262057cb5747d5bd4dfcb3f48f52cf65a6779df52be5b988f934d17c8fb95d467f7248dd

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA02040001109DC18563647833/report

MD5 8bb6c4f9996990702dabd2a7eefad30b
SHA1 f76d8ca4b854dc2faa0b5458f6e215a4a0755716
SHA256 5c68b6c7837dfd2ad4ec79fbb58efcd3857bee49c1dd1c658447c770b67c39e4
SHA512 e7f1f2bbe997d559a6a9091c60b3bbfd8602cea59d5f7ce6a90b77990688acce7037cfcf16366246c4018bf5ed347c4b3dd3f670491d7fcc32fdea8c8bdc145f

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/com.crashlytics.settings.json

MD5 7655ec4991258c3c202e8c6073239042
SHA1 4da7fb6b7bc7770a33b1e8ca64e95794d12561d9
SHA256 abea554944834e00542c8d7fde83f1307992b9855c894d3b9b78afec14bf4e14
SHA512 f011a280ce941c4dc6f6afdedd013df45565f709c0ebe9bb3cbbf8bad329d3955592dc671f20f6946a393efde5ea63317a52987c5074646637eb88ae8225e1c4

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 35b51faac8b5af3886e70bb5a885dab1
SHA1 e6cb282da46cd4bf113e25c8573268578dcd11b6
SHA256 af5b3362ec35985974c6b73eeba53e5063861f2491252d61d8cd42168aa5ed6b
SHA512 6ad5e9766cc03a4436e1440b9e47c44da6c6440a3c94b1cc988f8c5680043cde6f7b7e02b2b4c71b25df4209c39ed099fb65fdde02a9f09464609a1abe6af8fa

/data/data/fun.gamergarden.blumos/files/PersistedInstallation3142241033306129594tmp

MD5 2797f7db6b135d447f5c7e8c60edbde3
SHA1 c0a722e4037e1bc7a3ab9edd83c6fef79fa3a2ff
SHA256 4ffdb499d2951a19c2d567b942dda6a832528b8e0ff53fa0a79d65b966a5b4a0
SHA512 da77820d840b573c5419d686ee58ebc21bc552000ffbfe97a0fa9952ef228bb8009a40744135646a0a0111f72c1f6f550b3a7a05dcd74d9493b1537890f23217

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 944e6a5a08cb971370c65c06061f0ab4
SHA1 84d47725cc29bf167b782c702575bce4bf2ecc5b
SHA256 ba8f4af0e35f93cc15649f4c51969f5279421fc12deeafaddec5e5c48aa58dab
SHA512 bdc404233927a6a99160492d0b3e2cf00776d51b33612b8c9ecba395747b3572cf1790269fb199915aafe84c546d30e3259833c9d00af8c412823396882ca783

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 ffcbf87665a36fc21782400bd0537e79
SHA1 3dbfbdbfdcde953317b089f9a9fa0bbe50c698ee
SHA256 a21d3bf2cca0951e9e7b3fed43cafe9f89a4cf9d844c82279b260852d0ee473d
SHA512 7f98ac150c422eb4f1126d86501d0435817ceaa7eb5549e4d21a295d57be3d3fed4388cda782c084130c4ac8d57a4f225139a2e42e8a12b34cc1679140d16b57

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 dcf7d6c1cfd5e7b56074e3001577c78b
SHA1 b8eba89aee9f6688ecda6675ef8ff4998da0b141
SHA256 ba0830617929c78abca9391c2059f89c78049911f502ef5525d39341e4da2b91
SHA512 42d75be824d69de23d2e8605d60c3608db20ed5c059f5b67c63ca2845484c67150aea88a3aae36aae12a4ea266fb6b469d09f765bbcd444350d836ab83f7695d

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 441273ac051c976d92a095e0f59a874a
SHA1 f05e97e5faecc6752e61a31681bf8206b0cbc8c3
SHA256 97370e6aa243d4393d108fe719424440e91b38438520f3bf1b8ce709e60e1773
SHA512 3b5936e96c3ed9ad32ecc47f05bee0e8d0d7714966a8527930099c800a6a44d038db37fff4cf14acc7c745436c88f489906f64873ee468c050b74f1f968c5258

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 6c2da4606521ecc32e537d8882fe09f8
SHA1 97e8c7866a3fc7ea25748b6654ddab87c068236b
SHA256 943dc3e1051c20ad1b05151977bb5adfc8229cf494ef6ba91db60acc7424ac1f
SHA512 d445a540ccf0d93859c0fd404f710f741a247acca5cd90601b1ba4a8695fd2aeb3f0ffef2d9d35b381616b577bc24ea22ebaa6a7d8858938bd2c7c497ab81a1e

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 4bf3df6f278b463c190ab78d73645e5b
SHA1 1a747163f59d049a973978be0f85375fb9fd8e46
SHA256 19d3ae8f9a9c47c9f8cea2a14670a33cbd76850aacff168ec6b794831b766f83
SHA512 0bdbfe4db463d363043fd1af2984c2bac02f357ffec2cb6b63a7fa658c87a26b52320bc097dc1243cdd8e8e329571a0f4447a232c9bc7b781b7992eddd12f460

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 0f604b830f75f004b38a9eb2c86283a9
SHA1 3f353d1157a1b7485f98a7f6a2dd32d6e1a7d264
SHA256 a41e0baee7b48f2ea7e39f14a03457e6cc08564352c6d155e349a8876e6d9d87
SHA512 5be9d534a87dbe1631177f9f55bce926bbd4843fa987bba079a7cafe73506c3ea06cb10b2d772c0e490f47d0f782b882f7f2b9c61dfcc0bc619e4bcf34bf5642

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 e47db67629d4d33042842d7982b360f5
SHA1 62e4cf9cefeda7cb91e7de93daaeaab7d45b8625
SHA256 0452c8ca2e00023ae68285587a9604bf0b8ce22bc8f32e9ba47df25e2de3a256
SHA512 6ef22aa2732bd4410a8fe987500cc1a4e79a1d96a378f80268c4aec60362e3ef66f6c213d3664f17ab362141b68f9e2b9ff56f8d99519e9d6a3805ee615758a1

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 45a79bef813a5b1764057be9957cc04f
SHA1 3d25073587d25eb2384cba31f1e94c8a8b9e969e
SHA256 8a517ef818fa02357c2f24c312e2d00467c4506585f953fb1947ca84e3e8d99e
SHA512 5d2c9c62bbf6126d1721f80a94640375069e021f552729490a6f1d09057578c01a386f28a13f8ff5d5cbfd2fa5d686809a8f449c5e852c346ef414ae696a96c2

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 107a08fe5f4e51ad5b667e473b21fc3b
SHA1 6ce9edfbbfeb8cc217f7b38d10276e77747cd0fc
SHA256 22c9c1325d793f7038be20c0c409565af137ef3660368f3a87a52bb83a985a96
SHA512 f6cd7bd20195898d52e3baeda650233ba5975ecd9af9c55bbb41d2b709b1c99fc7603d34e62f4e0d9c4dfde45b0cb017faeed46043be98fed2cec7f04316f168

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 379440af2c2dbea13169274923fddab1
SHA1 9c029cdd1b4878d2e6189003beaaf33be402769c
SHA256 d93cc48c4607cf99668183fd33bcb564765a40ae82ef9fdcbabd3180ee3b8280
SHA512 4edb2f1aed08dbe88c29606a60d1d6baff621f621bd551aa316771f6a7077c9e9f6fdc84bea21ad258eed456feb766820fb47f4a9ea8f53a4d4faa60f9f85a0d

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA02040001109DC18563647833/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EA02040001109DC18563647833/userlog

MD5 2c6b7ac4201fc85f5ff453629ae51c91
SHA1 8a2d528599b9cfd5922c168912c92a7a10eb6f39
SHA256 183a028fc68c5d20b3457aa1668282550d38df2862d3eb0d9caac4b77d98122d
SHA512 3a4f2d2b61e56c67de8b4408de73e6ddc76198cf0e73e62513734fdb7a16e83f325e077faf175d605268575d63887e1dd8d928f684e15a26ab5aa2427baa92dd

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 61d886dcb568dd11ec991a4e8882357b
SHA1 93a2f48d87b9aab721e8e89b1440f3d0d3329f65
SHA256 763a6d7d47582bea9e48b040b6804e879c6f7d4212ef1a0fec1c75adfbc10645
SHA512 a16570e3bc3b0bea87f5419ae8c40f10346932f011c8cbed922345cf0ed07d4b48855dabd4a74d70701fbb4f990afe127649fc87b57d93396a8d590a4361db18

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 3f825a35f13638b6431417da4339eb2c
SHA1 9f7130ebdd921d15c40a278ec90e429770087519
SHA256 f36bca30b7b89d6e67f0a8da25872e4514094adc127bacb13feb09930ffb649c
SHA512 1d91bd80413d8e1630031dac38acb294fbe37d9af56af076f92befa967ece49e85fcf70a78d71667460d480c62aeb2d37ea432d6031c3072c199035968cf7b93

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json

MD5 f5ee43be7ba631a46ed2109e1b20f5b4
SHA1 9b76483f8eee559689ccb488e6be485787c370e4
SHA256 5448146dde88f3e586ea16d83e9bb9451ee3ef2e8210d2d17ed9f563830291d2
SHA512 c8c6fa42ac26ba339d0d0e2d44106c64e21131dfdafb65cc8dff44595ed35b9cd76f2f5b43ac1806900c5f1582f3f585a362f14ba8163592ae9a80f03fc12d88

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 9d73400d4103f1729dbe8184b5877aa1
SHA1 3bf0b121bd3c6c4eacf7d5c847b8db3691faaa55
SHA256 fb785cb379f27da9001903604f81af60dcaa4475e059ef94ab41e9a34f10b321
SHA512 37ece049ef19c8b2c81ffdb8055ab08541ad3272e41878aea33207fb0797cca84a0a13aca03343f1c8a8f467b3a2a09d31110afd852b61e964daac3333a8b68b

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 9e913a63030b9c008053a5e1083e1e44
SHA1 d1c504ea5be2c866e5bc8b2f63180f046a763521
SHA256 e90add9c2ecd9f41ed13210d16b4bf6590f502c90ed8a40a1107b27700c86495
SHA512 d8a295dae0540badbe1e7f3d35d7a8c7999c057a7c8272d93587a9312724ed4b2e6bbc961cf34cc75b36db2a91df1c3c80a523409b4438fcdc9e85ac7cf92634

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-wal

MD5 f21a78798316560d2382989bd8cbb2bb
SHA1 992c12ceb372fb78f21148986df334ec56b7661a
SHA256 a035b3cd249f650e64a1a203544a5328ee6d4a5e5b1b38044da6d6fc268d6e71
SHA512 6be20bdf6bda9a779cfbef80cb809ca5f3b1a1c47c501e3a2863ca8b2e5ae76a4d01b92bfba4b3880b6f4a91ea5754db2dada4775bc593f38a2ff4408dd1e155

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 a579ecab7e498592540410fe1a93dd60
SHA1 397401d7dba4264dffe55d4509cfd08fe3fbc1f7
SHA256 dea48dd49bd07f1286c46b92c1c8845d1e2ae10b24d9d9c4f947b57ab49c16f2
SHA512 154c267bd85f6ba9da1e8c16b3de4ce355968ebd1d0b45d83beae985335e41772bbf2791516b3fa6019e76d6d37a1c46cfac47495b574a593838cc1a6e96b9bb

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebApp.html

MD5 93720c34583185046898674c8971fdcd
SHA1 cb6a7ffc90b590e90a0a0fcfd443ce740ef966e9
SHA256 0494dafce0d6eafb94e8bbbf843ace8a1c6cb43329eea1bfeb3ad781acf83582
SHA512 3727ecb0baf15f8187dcf1f6c8c206bd76e886a35080dd5b28f836135864b6e69cbb005b89604e357335fb67685f1c8aa9e44ee7ec40e598ec46c0d6a8d353ae

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 2023dec61e68c61ab1a6cb75ae3df67e
SHA1 af173a43a1e549cd40af2b6cc34cedd2d3fa5e9f
SHA256 e40945dbd6d0c14b4fff6826f9b59b949c161cb9ab89a56e11c544f48068f93e
SHA512 6136001565918faac0a888682f4a009f2b2512794c94b935740ad0d769803d54b327b1c05525708f358e16feb70dda179e6bec33da9d89b3f2163d596c6b659a

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 9d0dda2e202ab9771d978e39e2f3e925
SHA1 5fe92c691f8dee2ab5707e23863c28c66feaad7d
SHA256 64772a5e03e34a2181b6ea124ba26f81f2f1cf58298a101d4a6fe4e2d01cbb4e
SHA512 5a151375f9b4e8fc3446b002994c82fc777a4a1a5b382c9bdd0ef91fa665cf9476f61324a4d2e5d2be4b330094871e3bec1c30a51878f2b64441a514ba7ea06d

/data/data/fun.gamergarden.blumos/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 10ce6c756b7e6f5e5b48b7f5f7fb84fe
SHA1 6a969c49300fb486bb0a619bc8b3866d1dc43059
SHA256 500abb670361dbb66b33e9c7df418455a0e10cf6c64a1ddcd90ebc62599096e5
SHA512 c0f7c80ee27bf063f51ef8ced5d8cc8e0bd74bb7166c45560bfd5d35ef78d47c6bac6d91a019aff015f099c026d93e37ae098ba5a232fe5eaa4760b0d74b4ab9

/data/data/fun.gamergarden.blumos/files/profileInstalled

MD5 481f7c6ed49dd076cb7bc534c6feaed9
SHA1 b8190d11115f4547d3f8f817c46f7091bea72b1e
SHA256 5c0bd23a1ffe11c05cff551eebab30281a63876d0e812de9c2f3257800b7179f
SHA512 e6921c93d731a36c7f547837cdeb5626df5a435cae8a05cb88e7f21bd85643a04e10607e3f0cdaf54edebe9d83980c213017741ec0e13b9f42010eb9565bda03

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 eee64c0bdbc8fa93be14ded28a8caa84
SHA1 09a9e5dcaa4274cb9b56ca733fa4de36fdf06fd6
SHA256 dba69b8d48fa75333da4e314a1548ba19f05259f0b6e10c664335abd30581732
SHA512 01c16c7acb5dec232fd59cec98e4cbb5e259d3246aa308fed5412182777fdb58a9701861755cf1f5ef9bdb097eda8f09bddf99638dc3a8a6b1e1b7c2036c74e1

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 49a11c1d935e85c4332f2bd0b61b8dfa
SHA1 f15736293ea89d033260909b9dea9d2e34f2bb2e
SHA256 70617f93e37545d484f3f853a7c21040856d3e4b0d60f4eb0fb738f83a430935
SHA512 e879a13e87568045725cf11594ecd8dfb17043cee8d02912b0412d2e109ee6f57291af204efff94023a109a09533f24283b02e0c0b6a8f87dc199738347b6bd8

Analysis: behavioral3

Detonation Overview

Submitted

2024-12-08 11:36

Reported

2024-12-08 11:39

Platform

android-x64-20240624-en

Max time kernel

115s

Max time network

150s

Command Line

fun.gamergarden.blumos

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Checks the presence of a debugger

evasion

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

fun.gamergarden.blumos

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.4:443 www.google.com tcp
US 1.1.1.1:53 api.npoint.io udp
US 216.24.57.4:443 api.npoint.io tcp
US 1.1.1.1:53 xxxparodyhd.net udp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
US 1.1.1.1:53 configv2.unityads.unity3d.com udp
US 34.110.229.214:443 configv2.unityads.unity3d.com tcp
US 1.1.1.1:53 scenes.xxxparodyhd.net udp
UA 45.12.3.124:443 scenes.xxxparodyhd.net tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.63:443 webview.unityads.unity3d.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 172.217.16.238:443 tcp
GB 216.58.201.98:443 tcp
US 1.1.1.1:53 gateway.unityads.unity3d.com udp
US 34.149.76.49:443 gateway.unityads.unity3d.com tcp
US 34.149.76.49:443 gateway.unityads.unity3d.com tcp
US 34.149.76.49:443 gateway.unityads.unity3d.com tcp

Files

/data/data/fun.gamergarden.blumos/files/PersistedInstallation7849790820583705659tmp

MD5 0e44895018f29843201010cd4cd03117
SHA1 479a7142a6736fbcb60841a84752ade336b3acf5
SHA256 f580e037eebe8bd08b0e66b7405dd1317a2b323db2c6869f09862b44e2477b44
SHA512 93ed7570781fdfd16f95a203c697dcf8dcd48b9156a598b583721538bf1f5cbf9b758cac0dd9d8d35f46f066a17b94934602f63c342b5b13fb5811baa7f3511a

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 45104ddf314a1f4caa15e6bd0f7e2c5d
SHA1 1262f0abd6f7a006208dd21ac3f9739504e27bdc
SHA256 cba38b468e287e3b7852fedf4d8af8dd4dab24b640b1b10e2fb8b9e0ba32ca5d
SHA512 d2d108691cf45930e7aeb860e53459eb5f0b376502e4104988b39fc7ae8913b2a7e6fc62678404a28385797efa55d9dc2631b981495a37b4f91905a51db4a0a7

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events

MD5 b6074969e185e2a3b7e2b74a32fd7ad5
SHA1 58555c5ba859f200fcb864ccf89342bfc403aa66
SHA256 1a7013e1c5e219dc79a05f9477b37f615761272a96f8086cc52ebf4ab7a43b16
SHA512 73cd04fefe14a2ca8778e185ca6074a2cc47a808ac6cbc84e8bf4aae657cd25fd02f41edf37da55edea315c501dd72e400e140cf6a66deb7ad28d57371041964

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 0596603fa73aa386af6bbc4401943bcb
SHA1 654d3ee311c74f7aed6fca98a02f415661aaeb39
SHA256 fe32439a5e07a4d59f211897605c23f7d2a8e9b9a3b2da803ead6a378d6fb881
SHA512 03ab1347945d79a8a697b2b6e7073b27bf0b14bf6fe544e99e56cf830cb7432aa0ddcb54916acf8a4383aff75126d83de4612acbc78b8bf07827a57aef4b9bba

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 83120a27ef19ce42d8490e3c5a6e3e2e
SHA1 d878d2ce1a63094479ebc8347d22066827501da7
SHA256 06b3f6eb84bd004c632c2b0fa5e8b04301fe12f6b4b7e25dc7fc1e5bd6ae8ccf
SHA512 b19b55484761ba9d9aabd1b3f6fd30630a15b34cbc0f4caa54847d4f79218c5aba243da6fb1df8fe5f2bf60ed18a26b34d0f4df3dd468c62b7e8f8418749c46a

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584E502C900011370CA59B3B69CA8/report

MD5 91d4edeb600aff41060a257509ba5787
SHA1 ac52d3e888e56a01ba00f58d53a2225754d33dc5
SHA256 003fe92142d5b328b45e39efd79fa4b78a8632227b6aff54a3e0e27d00b13d5d
SHA512 a9426006ea3583b729142df180f826277824007e8fcda3b2af2ec647d0f0b89c27d4daa0ecf826a62f2d3cae92a50622d6ca19996bd7d111de57e00132ab3db3

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/com.crashlytics.settings.json

MD5 7219dbfe95af74a38d4fcb900af96baa
SHA1 ebaa7ff971f206472915bccdc3e8473cb954c1ba
SHA256 e1362b733957681c19ccf8249fcf95223856c387b1df59541147d0be52296503
SHA512 9d831ec97330b991ec815f63a26de41f406c62910f9a56a5c07775fbbcdd126898a148d6510972af7801c02f8559df7a1aec5933b6426b5a8b27b85ec8308ee7

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 35b51faac8b5af3886e70bb5a885dab1
SHA1 e6cb282da46cd4bf113e25c8573268578dcd11b6
SHA256 af5b3362ec35985974c6b73eeba53e5063861f2491252d61d8cd42168aa5ed6b
SHA512 6ad5e9766cc03a4436e1440b9e47c44da6c6440a3c94b1cc988f8c5680043cde6f7b7e02b2b4c71b25df4209c39ed099fb65fdde02a9f09464609a1abe6af8fa

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 944e6a5a08cb971370c65c06061f0ab4
SHA1 84d47725cc29bf167b782c702575bce4bf2ecc5b
SHA256 ba8f4af0e35f93cc15649f4c51969f5279421fc12deeafaddec5e5c48aa58dab
SHA512 bdc404233927a6a99160492d0b3e2cf00776d51b33612b8c9ecba395747b3572cf1790269fb199915aafe84c546d30e3259833c9d00af8c412823396882ca783

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 ffcbf87665a36fc21782400bd0537e79
SHA1 3dbfbdbfdcde953317b089f9a9fa0bbe50c698ee
SHA256 a21d3bf2cca0951e9e7b3fed43cafe9f89a4cf9d844c82279b260852d0ee473d
SHA512 7f98ac150c422eb4f1126d86501d0435817ceaa7eb5549e4d21a295d57be3d3fed4388cda782c084130c4ac8d57a4f225139a2e42e8a12b34cc1679140d16b57

/data/data/fun.gamergarden.blumos/files/PersistedInstallation4554448158748536733tmp

MD5 92d390c3a37343142e2f325e5db15e5c
SHA1 2d4306c63869250ed37f599c56572b0a65312bf7
SHA256 862115c19726a92c12a3c24db9580899022023d66c7e910a8e862d66403fd4c3
SHA512 3541dc8fbee58294715b8356126e961e2a37e6f306968b548d1b4689cf4e5b8ad4644d6a383d5bc850640036babd565712e6991761784bfc20083b8700be49e9

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 dcf7d6c1cfd5e7b56074e3001577c78b
SHA1 b8eba89aee9f6688ecda6675ef8ff4998da0b141
SHA256 ba0830617929c78abca9391c2059f89c78049911f502ef5525d39341e4da2b91
SHA512 42d75be824d69de23d2e8605d60c3608db20ed5c059f5b67c63ca2845484c67150aea88a3aae36aae12a4ea266fb6b469d09f765bbcd444350d836ab83f7695d

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 d1ba0833ffd0ff0758d383a7119f480f
SHA1 4bdae3b38443ce8212408910a81816ae5e6af5da
SHA256 617bacc6faa52efc38c9bfd54555897390240d628d18a65a84e169e72a27905d
SHA512 44672152691736ed7b9a6a0185472aa93bc88500ffe2ba864b6c6f164503744add6b629ad854830f341e90686c57da9f7b3e24682d7bc9665d8beab439861977

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsTest.txt

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 b72fc2573a8dfbf4276c80d5936829f4
SHA1 c14a6afebb358b6a341cdb60228643719900f613
SHA256 75042b197f2d803c38d1c3549b5fc01216cc0e4d4477b2e192db5c27a1a37f1c
SHA512 1ac3eb00abdb2cd16af20a79fe80307e050e5937e28d5a4e540fa0f48b78ab4959e7af4e110f86b7649af8c43f39be9cb21b250f34fa02aaa3e12a2d5a28f15b

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 dcfbf5a20dcda1550470bfaacf8b8313
SHA1 ca82658fce1cf6cdcee0358ea2fddbed474dc37c
SHA256 0da5f0657cda28e9ff24923623d9b9038beacc963bda75349408964a053bed12
SHA512 5bff6110da6feb40c0e979eeaa717110fbadd1e5584773a8f0283ac6fce55456eb053ee637ad67d090b39ab1447b27f9c5ca24b3c5b68f5217e09c818a364d2d

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 041211c844e6ca6825eec3257ac9222e
SHA1 e99c64cbf671c44d6cac00a83670302910579e6a
SHA256 9fd767271af7e2d8bc4ac9d7272de38087e65753d33ebb718e5a8c667093cfc8
SHA512 628b707276b8f5cebd52fd5d44e8ba32164f42d4355c0db1e9b1ee17d29e2fa62cc800b8c09908d40e476072adbd9f46505583d3aca37267c9bd7b9e4ce32903

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 9f70a66678bb2b2fccbf3374eb9673ba
SHA1 8d48237841bb91bacdef78db60970028b0189f8d
SHA256 878faca6f0be2b8070d92cef0229afb32c5c36d6f905c3676d667050a0cbfd8f
SHA512 4e4f4ed1f8043b577d4b1fbf5d93fd992eef6e987cfabb08cf0300375d4be9a45aaae433a918633055c23f54c102ff9d2c75e7b74088cb892b4b9db667aa054d

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 0c596d1fb077542d7f1e50e41c731443
SHA1 f712808c0e14b9a2c7aeaf9bf06115d926357e53
SHA256 f8767680b70388cd9d2012ea85e7502492f654824224bf5350d65ef14ebddd47
SHA512 db3c157f92b6a9ff1467000b24c67fb7c8e55a0342b3ed8d3869739073c8c0a3c20c1d48fffc1dd732e95319d17cc59cf4eaba61d88d51a77e67f4b721a4dff3

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 88668262f7d13c03a22ea2de210300f6
SHA1 9bacf07ad3dc0880b62af00325c25029fea201a7
SHA256 bedb2ad4a8e8c282030aeca9551e0b1a657b03fba5bc695537a97fa903fc25db
SHA512 e38990cd99a43494c91adfd55c12014a25fb47e65b072da4e98bb0f262d157377697553b0165a1a97d85ef6edbab3a48332726e214899bf4983d9de4b58c5cae

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 abb1e9a23fe369e0b73103c6af0e1e74
SHA1 69ef0920192a5587220b5c668cc3232adab180b5
SHA256 11d1ba1695843c5acdde7cb6a905c14b1de6da7f517dcf8575a86d7b57dd98f1
SHA512 7ceaa5c2d33391b5d15ead38fde317e6a65f5590d688a53ca1a31ed9a9e437ac0469f894242efb612b39491adf7cd2a88853b122b2bf43a9715cf72fed656679

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 6437b152dd2231e2689fcc66145d2be1
SHA1 9fe5e8b95fbf5346f3d03d11dbdfe45a4d5f9e07
SHA256 90ab4022da5eede2b333d08499af59deb0d939d45f9f47ada033c8fb95ea7075
SHA512 29f06f0c6427a0c43861296782b74a037385be161a9f0e51f5fb359497a15463e3f07ce2ff93cff7840ec8a588d2c6cc779232f7148a5ccf839ce8f6f0376d17

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584E502C900011370CA59B3B69CA8/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584E502C900011370CA59B3B69CA8/userlog

MD5 512a124a3607bf7a69d5f5cb4e262fb0
SHA1 d3ba1059fb177cd5d4f60f6e506b3348550c187a
SHA256 c29e005bee36f4d4ab1325427f84cd0363503b5bcd00f175bc0e012e4e0c3529
SHA512 fe53b0980b07dc54c2a65343283a2f1cf0b64d41a8dae20d8d0444f4bf253533f5719124ae1b523efdbd5df464709a68ae27df09600e22415457640bc78f1365

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 498f7cfb54513c54e93e2e2c81815469
SHA1 8ea3743442fe24db9047f2ec125f1c4b32b02962
SHA256 3b1a2fe26d1a9c81d51712dcc33c2ab55bfa7b22916ac1c3a8591432b26cf33a
SHA512 79cd5389e37933c522947a4327d3d145fd1abed994db028c2e1c459a628a3df66c3052bfbbeee04e9a4b28c5c05ff4e289677445a7591dece5f89bb8dc86ac86

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 8177ec0a44224d6215bdda06675383b6
SHA1 bafd89868efd20dae97765bb81dc03ea72ddfdfc
SHA256 aceb2f3498fded1fcf1a68244db900f3993f351d9999c23ca117a1e2c5f41905
SHA512 ed51c711855435fc361efff770cec0cc206c155a719e5defeac5d647790f173c6d60aaadad01d8e069088dc16838b17a89589a4f50164b6d95e110a9a5010049

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 3ff259237f18d04006f7f8694c4cd7bd
SHA1 7eb807d0121fbb0cbf9ff51eab949cc14f801d33
SHA256 d2734e8e0eadfbc8b437f794e65928ba209d2f1c3aff3ae9cdcf2de02cd2a55f
SHA512 5e68bec1f8a743e6d00b5af7b1804cb854b46e2666fa8dd7ae307bed6435922e3c1b83c6930a3befb3d8768705caebb8b5952b1f0786adbb5eeb8d50bab9e9b4

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 7f90b345b98fd402a8fe0ca6620b8774
SHA1 eb3dfc92b73bb16d823eec5d25f48faa19ba5582
SHA256 1118f9da4012fca0aae74ebd98bd108ff6d4f37e380b90380800ca825876a7b4
SHA512 3ece1579c82e70caee93374d77b0f17e7c61928d52f0d4bf4bde81ebe317fd3dcdb30ee5bbf699ffe3458506be0ae82faaa1ce13c4382f491eec2c3c90fe6c2f

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json

MD5 f5ee43be7ba631a46ed2109e1b20f5b4
SHA1 9b76483f8eee559689ccb488e6be485787c370e4
SHA256 5448146dde88f3e586ea16d83e9bb9451ee3ef2e8210d2d17ed9f563830291d2
SHA512 c8c6fa42ac26ba339d0d0e2d44106c64e21131dfdafb65cc8dff44595ed35b9cd76f2f5b43ac1806900c5f1582f3f585a362f14ba8163592ae9a80f03fc12d88

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 9d0dda2e202ab9771d978e39e2f3e925
SHA1 5fe92c691f8dee2ab5707e23863c28c66feaad7d
SHA256 64772a5e03e34a2181b6ea124ba26f81f2f1cf58298a101d4a6fe4e2d01cbb4e
SHA512 5a151375f9b4e8fc3446b002994c82fc777a4a1a5b382c9bdd0ef91fa665cf9476f61324a4d2e5d2be4b330094871e3bec1c30a51878f2b64441a514ba7ea06d

/data/data/fun.gamergarden.blumos/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 d90ac70ee4034cab04350e307da3390a
SHA1 f301f19d75cb6d506b7807a500f546e819bc3516
SHA256 d666bb8827737a2424b180a3a6ee5e246fcbf2e3b71c3f19bec953c8a4c2eb47
SHA512 8a5afedadf4238d0a5d22437ebcb1b900a411934c0110bfdb6a4d6de8dc04a26144ee1944d077ecd63c95fff7d3c43301ce59e64e5a0d74ca3508c7655e28ce8

/data/data/fun.gamergarden.blumos/files/profileInstalled

MD5 c129d10ac4f29688cffa7cb52a892d91
SHA1 94dd871eb201f0d05ac9ee145b38d252175d82c9
SHA256 4689bbdc6b4d3708148696c8aa185dc8bdadce051c969c95986f979e9a54c5ab
SHA512 d3912958ebabcf78a6a9fb6d3ec820cab8caaf55b22e21b757b78b528b8bd8860d786bf30521f80c17192dd15a274f9cee5104311db18739e209f4221befd4a5

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 3acd92749b0a49f16c1a8df6ca67f481
SHA1 f24eb2a383d032f52c37fb458f25a334ddd53bb3
SHA256 dff61143f4f60278f8353995ae3def81bce29588477e6cb0e623e57bddfd1e88
SHA512 3067227313637fdb77c72941943dfd795d42c7e5247ae10d97783560b4a39462da0781ab9a7f444728d26eee6247c83189e06758295646f61ac77227a01d9e19

Analysis: behavioral4

Detonation Overview

Submitted

2024-12-08 11:36

Reported

2024-12-08 11:39

Platform

android-x64-arm64-20240624-en

Max time kernel

47s

Max time network

131s

Command Line

fun.gamergarden.blumos

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

fun.gamergarden.blumos

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 firebase-settings.crashlytics.com udp
GB 142.250.187.195:443 firebase-settings.crashlytics.com tcp
GB 142.250.187.195:443 firebase-settings.crashlytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 api.npoint.io udp
US 1.1.1.1:53 xxxparodyhd.net udp
US 216.24.57.252:443 api.npoint.io tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
UA 45.12.3.124:443 xxxparodyhd.net tcp
US 1.1.1.1:53 configv2.unityads.unity3d.com udp
US 34.110.229.214:443 configv2.unityads.unity3d.com tcp
US 1.1.1.1:53 scenes.xxxparodyhd.net udp
UA 45.12.3.124:443 scenes.xxxparodyhd.net tcp
US 1.1.1.1:53 webview.unityads.unity3d.com udp
GB 18.165.227.78:443 webview.unityads.unity3d.com tcp
US 1.1.1.1:53 thind.unityads.unity3d.com udp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 34.107.172.168:443 thind.unityads.unity3d.com tcp
US 1.1.1.1:53 auction-load.unityads.unity3d.com udp
US 34.110.184.100:443 auction-load.unityads.unity3d.com tcp
US 1.1.1.1:53 httpkafka.unityads.unity3d.com udp
US 35.244.205.3:443 httpkafka.unityads.unity3d.com tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp

Files

/data/data/fun.gamergarden.blumos/files/PersistedInstallation2248762200439197488tmp

MD5 82b00eeb68afd4fb6a9ee1f7a3d71491
SHA1 013c49c4c2c76cd914fbe6390170e4b7058138bc
SHA256 2f6b9652c179623e1ad691c27621555065db4a6d07a26ba9c2a1cbbee9c21012
SHA512 4a7fb2b23d782fae95a16a9af3073854ec8f55e22a98e36655d47c44f2465e7645bba66ff04766784b76ca3a8af2eabf0ba94e40de256ab54d1236daf80f354a

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 13b0097e23ae4dbdff111e712463132e
SHA1 48d66ca1f1951765dbd8a6c3c69f2ed3bc4e836d
SHA256 8dc7a6ec6de4f122c8ffcb18f9de54920c7af2c2ae62c1e488017e6f156db7ea
SHA512 030ce2f38802da87a34461dd6d62158e0ce2b3a16a813ef8d432376ee1abb68ad581565e2c307c9b6109413305c790ad3c3c7a3a71b3309efa9266af3fb34c82

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events

MD5 93b5a51383370be887adb583171a74fa
SHA1 ec81f8ff8281928009543ffb1be8a98fa6c266d4
SHA256 4170abf2a9cbdcc231ab70bcc510603b2d2c3dc808a25b0ba2d5af1e5fcc2109
SHA512 370d59bd768d65559caa60cceb7b80365d096f894c469fa0ee4b8f23950126344b2c6103b1cec998044c4bd26765cee0aa0fbdd37443691dbf3f16941fef8712

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 3d88bb74d7fe4e695a21fbd8c357128f
SHA1 64373ab6012d858d73e2c3182b31af0786106df7
SHA256 964e9ee7b98caf708356ea014742f08965bab075d0dd0222eaef99e639b55bee
SHA512 95ec25920a574506b65d2b691984cce8fcc2b057d7eed5aaed94afd2d01323b67d564fae677387e73516ec0ba75f3d028ad2455d69ae0f48633bd0400d4217bb

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EC019800011194811B19F23960/report

MD5 42992539702b6dab488acc7ab856f295
SHA1 b9561ef4f2b752ca6f735d232e167a2872acc22e
SHA256 221f10d91a2688f7bc0f25d086d650d784cdd66072855a3f2c55a0055f58b679
SHA512 4e68337c50c072dceb757176096a105a3de33f0b7ad6194365d5ada26c5cc2062bbcc8ebd95802a082449265c6f14641184724a04d269130bf8175db5ec518f7

/data/data/fun.gamergarden.blumos/databases/com.google.android.datatransport.events-journal

MD5 a70741228aea6fcbcf45908e9fb8e8b1
SHA1 6d6b402d47857d13bbe13f3aad1ea9c6c8ca0145
SHA256 39a8a179573681ec983e698f20a357205638be8559c8dd96ea0045c3f380a80c
SHA512 aa560ee270b97e1808da39e3f732b704ac92dd5c3d01d6d327fcc42dde48ebfd116841ec53f6b31c29f48a221a44f6b68e8ec9fc4d500aa43d319a9f88afed8d

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/com.crashlytics.settings.json

MD5 79622c8c02db9c673628478735d34dcf
SHA1 6291849c32d05601e862d978db80232f3ac6cf45
SHA256 1a117d07e034a92b6706dd49ee2094b56dc3b24048b4efe078787243f7ad1ff4
SHA512 31233d06d4e02e0c2f3155d1716fa6f7facb45b8d0157c692ca46747f5f8072ac2556429e92159dbc79989c2deca73e522a0309e1115ca237876c7266534455e

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 35b51faac8b5af3886e70bb5a885dab1
SHA1 e6cb282da46cd4bf113e25c8573268578dcd11b6
SHA256 af5b3362ec35985974c6b73eeba53e5063861f2491252d61d8cd42168aa5ed6b
SHA512 6ad5e9766cc03a4436e1440b9e47c44da6c6440a3c94b1cc988f8c5680043cde6f7b7e02b2b4c71b25df4209c39ed099fb65fdde02a9f09464609a1abe6af8fa

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 944e6a5a08cb971370c65c06061f0ab4
SHA1 84d47725cc29bf167b782c702575bce4bf2ecc5b
SHA256 ba8f4af0e35f93cc15649f4c51969f5279421fc12deeafaddec5e5c48aa58dab
SHA512 bdc404233927a6a99160492d0b3e2cf00776d51b33612b8c9ecba395747b3572cf1790269fb199915aafe84c546d30e3259833c9d00af8c412823396882ca783

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 ffcbf87665a36fc21782400bd0537e79
SHA1 3dbfbdbfdcde953317b089f9a9fa0bbe50c698ee
SHA256 a21d3bf2cca0951e9e7b3fed43cafe9f89a4cf9d844c82279b260852d0ee473d
SHA512 7f98ac150c422eb4f1126d86501d0435817ceaa7eb5549e4d21a295d57be3d3fed4388cda782c084130c4ac8d57a4f225139a2e42e8a12b34cc1679140d16b57

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 dcf7d6c1cfd5e7b56074e3001577c78b
SHA1 b8eba89aee9f6688ecda6675ef8ff4998da0b141
SHA256 ba0830617929c78abca9391c2059f89c78049911f502ef5525d39341e4da2b91
SHA512 42d75be824d69de23d2e8605d60c3608db20ed5c059f5b67c63ca2845484c67150aea88a3aae36aae12a4ea266fb6b469d09f765bbcd444350d836ab83f7695d

/data/data/fun.gamergarden.blumos/files/datastore/firebase_session_settings.preferences_pb.tmp

MD5 0e22c3e39d45011b143a8eee53677aaf
SHA1 0914165893203f28c1a91f8941abe24a10ab4440
SHA256 d80a9e98ca76f9644b4cd456ef5c4a18da2d86f6f25f9a9c9d081e99cfe86224
SHA512 443ba513514fc53f0b2576999bfe10b6bce4b072409cba0926637d5b6880abaf3e7ea8a3a82ab9901dfdd36c72d7f3f5c356a91bcc7fac60a29f40eba3b5c80d

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsTest.txt (deleted)

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-public-data.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 69fc5dd7752d24be2643f4e1186e1b7a
SHA1 de5f88b8235d41b551d459311e4a1dd448fb01d3
SHA256 939a2de919776d566f8b8dd443d30a8be577b983930c2b54d1eddf79d1dc12e8
SHA512 ae903ebfa6c29de8b9047e2c984c70d3d1ab769fd0fe99baa76076ba659905ce374760f08b360f67e9b5da867ebb2af51896f09d94ddd499db87191b6684dc66

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 a2bb5fd590770562e1374a08bbc2bbde
SHA1 3ab8684b7b421fc6e958a6a82c8b1fe122c0b56b
SHA256 5cdeb0de9d59dd0832c0cea8d21389290628dda2b30498e2a236e21224772e50
SHA512 1fc12cb2854275cf634d608969723f623bf3ca24e4bc6c502599daca19824c95cdbe8b686ec8706372d18fbb68ba45a5f32b251bf02e258e8b1923750b6ee0a4

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 095c82e6c0405a4f9113f5b13c7cc16d
SHA1 ab55329fc8226d343a4e5113657c318195b0504a
SHA256 e486bf9b07290deed29b6570f966db6652b79b36cb739aa4d4903e7a7351b7c7
SHA512 23f698e2bec1f22a79c94d1ade2b3e402af156a8a7ed70d8617649f975bb690ac208bfe01ac07a9afe0bc564fcfe44505bfd436eab0aa1f5c3b4338d43703944

/data/data/fun.gamergarden.blumos/files/PersistedInstallation1877882614955838781tmp

MD5 3ee0052d56d5892c078682f2200c8539
SHA1 4a003bb8e881d7a29fe164f2d231e05b28bfacc8
SHA256 b2a542ad920078c4701dd2cc481ce17652835d15eeef494cee329696b220c847
SHA512 1503f295b2b505eadc2a04e32f592c73072f6b428d7e2b360272376f1acb6ebab562d95b94089ca0d1c7e108fb3ecc514b6caad0cf5e540affc3cff07887551f

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 15d4be6c27a3071ca5d88a76ee1e5104
SHA1 60f4e86aaa07fb9c2d9dc599c22214ef9adaa356
SHA256 9a00beccc1561bcf50c97f992a8e222466984e798794b71a7a1a4e15c144c2cb
SHA512 a8a56f9da8d85f8f18f0827643db9b421edb79a67359532103b83ec4951b8bd215456e59bcbf51b525200cb63bb682608667cf7662cbc92d25b6ab1ca2239a4e

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 189183c1075e615665bbfd5a18207060
SHA1 fc8a8c86ff5dc54289699caa983327ef82ccf70b
SHA256 6384febdf79d548d188a495e649dcb1785e7805d294b5f2d718c09ed6b761872
SHA512 713a6a7fbd5a0aaea7d3db01444c3fcf941936d3b0442f44cc8b22b5ae13c89b1e21947dcbfb741ede34cc8badd1e28d19e73fc70f92b5f2587e0445f63efee3

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db-journal

MD5 f943d233f8a2f0f7bd9f88740f42dfea
SHA1 8f3db8b6fb3dfa4cda374ff5cefc5fbc240cea7c
SHA256 ab4e5ab8d45924739e13aa32bc7c4775af136f2cbc0d8059dd10768f1b580b91
SHA512 fd53ebfe68b65a85080efb6e459b746924e988e5742f89afe15f7dd2c95040f4beba6539e02304512c774ded20747a44498f210073e4b2f0603711b0c21dd26f

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 c75d095e1d9dd1f47ce1a340582d1391
SHA1 da50f61c9aa6e6216948f832b6b84457d2a0c7ca
SHA256 84651eb69edcd1ab8588f5527be9eaa28c7817e74316ca07462f3182174a5cc6
SHA512 6ddbb667d25a0c3479c9dbe9b4b237bd77aa13d0ffef42dc03d299c12dfc3c9906a8cf6baf2e924dddaabcdb228ac57fca12ecc0a0c7af1af2b35a3843036f18

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 64d25e470d48ad06b417ffc0b83082c0
SHA1 139531baedc713c19d99ecc4c1e0273c133b55b8
SHA256 7cb9edf3721a81ae0d5db6e83a0ae5f12b71649eddd91015b001441316a02b1d
SHA512 9723db3622fe2fd166298dbdd94c574369bdaca62895180e200a17c34e3264d9c834943559e6a97f3a49afcd851176c74a29afc2be0ced02b50f7c4fa9f8dc6e

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EC019800011194811B19F23960/userlog.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/fun.gamergarden.blumos/files/.com.google.firebase.crashlytics.files.v2:fun.gamergarden.blumos/open-sessions/675584EC019800011194811B19F23960/userlog

MD5 3ce198ce356c31195fd68ec8547aa767
SHA1 31af38e748f21f061cc2f17302236fa5b1e47155
SHA256 c26df6182af694dd4f69550c4767017de79e552ab3332d43d494040d6251ac6f
SHA512 ddc867305b0a100a05c6a6bf1781def007980f344bf28424689e7fa7e5e933fd778dc6c819e7599a90774570f17b923ec9539e19978df1e7a6d3ea6a1b53074e

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 71bf4a05cfcc3d404443f238a331cdcd
SHA1 e4952b95b0a940dc2788833753a74b53e11074a3
SHA256 9671d8cd606a8938bfdde89d9f776b36acc62a9da7d8786a34e77b84b8295aa6
SHA512 c4641680ddcb3bd1d2fb4ecfa1a3ce1f0eef35a2baea52ddc4f5408c3e69ac14ed82eecfc3091fd127a225437ded7dc3d31702c270e1a9a880b38e6a6eb507d2

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 df7e4faaed98bacb06cf04ad04fd6ed1
SHA1 83d3e283cffd2852058e4e05ac85ed073f732e02
SHA256 a4b14aaf674a6f8dd33175652339f6a978710dadc28e43eb4b1060ea6a2b1ac4
SHA512 dacaeb334b8f9376f45082d6803537055da5eb65111594c7ca727d8f45cc55f3fd913f5f364297f51686a33c4ba38787222ec5310f30eccc79b8e83e67f630f5

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 091163e4c0d872b3fa7e841c4c4c2885
SHA1 d7639e338a6745097629f10c4c04ef52ac6bddb7
SHA256 eaaec80deb1951cfed83dcba3a8175072fb445c340e520aa735c37da23a626dc
SHA512 64b9f657635fd247599cfbb297e50376a451f472da4e8915b2836f6f34b940fc134d4c955fa386b1bb5bb09d3f8434054e64e6d69c49a9eea76e0fc08cefa7b0

/data/data/fun.gamergarden.blumos/databases/google_app_measurement_local.db

MD5 0734b09cd989fc35b2c762e6049b885c
SHA1 5ff055b5d4c548c8347528c235b6ca8f0d54d3fe
SHA256 90b0f4bb4cd2ad25ae70a3a7447bc013a2f1870fbe55d662925d662ddb63e125
SHA512 a88923c81791683a87bd30529a10b2708dc4670795b22a768e6dfa2f14b23ef960c77ca670b2e6264d4b792183f3d6537f5c150f88245328b4bbc7db7275000d

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebViewConfiguration.json (deleted)

MD5 f5ee43be7ba631a46ed2109e1b20f5b4
SHA1 9b76483f8eee559689ccb488e6be485787c370e4
SHA256 5448146dde88f3e586ea16d83e9bb9451ee3ef2e8210d2d17ed9f563830291d2
SHA512 c8c6fa42ac26ba339d0d0e2d44106c64e21131dfdafb65cc8dff44595ed35b9cd76f2f5b43ac1806900c5f1582f3f585a362f14ba8163592ae9a80f03fc12d88

/storage/emulated/0/Android/data/fun.gamergarden.blumos/cache/UnityAdsCache/UnityAdsWebApp.html (deleted)

MD5 93720c34583185046898674c8971fdcd
SHA1 cb6a7ffc90b590e90a0a0fcfd443ce740ef966e9
SHA256 0494dafce0d6eafb94e8bbbf843ace8a1c6cb43329eea1bfeb3ad781acf83582
SHA512 3727ecb0baf15f8187dcf1f6c8c206bd76e886a35080dd5b28f836135864b6e69cbb005b89604e357335fb67685f1c8aa9e44ee7ec40e598ec46c0d6a8d353ae

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 9d0dda2e202ab9771d978e39e2f3e925
SHA1 5fe92c691f8dee2ab5707e23863c28c66feaad7d
SHA256 64772a5e03e34a2181b6ea124ba26f81f2f1cf58298a101d4a6fe4e2d01cbb4e
SHA512 5a151375f9b4e8fc3446b002994c82fc777a4a1a5b382c9bdd0ef91fa665cf9476f61324a4d2e5d2be4b330094871e3bec1c30a51878f2b64441a514ba7ea06d

/data/data/fun.gamergarden.blumos/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 3aeeffcf24e3855fb4be3c4015df49d4
SHA1 d3d2af9b269f3947fb0a810b375e3e7a705b8f17
SHA256 82c53ff89692ff4ff98e0fde0de932e3d9fd2af1619fbbc70eca33cc76380bfe
SHA512 da905993ec67bef3cb7fbf2c5e7c6c7ecaa5edb0ced57c280e2d4a1c3c929f933a4af09a630cb2e4f0bcf2bc90e224c517f12ff22b316215bca505ad59d541ba

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 24c4e0f59561eac4e47dfac1eab32679
SHA1 e8121dd1bb640c0fb34b94cd9509ce6f1c1d5ecd
SHA256 4abe8d3d9763b25899fae40a9f6d21773381fea8cc8d393f7a99fed210bbe12d
SHA512 db497ffb8686f03f1691b5a55dd4ee39aa22635a9b77303ee3596ac2cd641a3ee8ff1e8d5bb8bef7ec9f1abcf38aedd7b0e4ac95b151ad0ea45531103ccc40f8

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 6d83d24f35528fc01947732e331796ee
SHA1 065902fc1e3dc6b69ec906cd0204969eddd23f01
SHA256 d017a7a8f541eada3629442cbe56da871946b839ae7f102393d2154b6d0c3e57
SHA512 eb6586da070e8c33964f7fe070c392d8c0285e8bfba045107d1009240d42d5ec79813edd9dd3299e996d1427bb172e0bb90cfacaf130199a5f7f2b2ace117666

/data/data/fun.gamergarden.blumos/files/UnityAdsStorage-private-data.json

MD5 42ab738c608a4f58a7b44ab3d809cc9a
SHA1 1fdde69b0b0913a34672a8d20f3ae7b3aaca9a20
SHA256 a7345a34ffe4e5d651117144d3f6bc961938a742fcda67655257cfb587a43302
SHA512 c95b6d73bda59b22138856c8e5565c52500646e8a8013f075fb1fb879f487871bfa0d7cc12849ca98f23a266082990c360aba41a7a27bf8e9a8433045f98ea98

/data/misc/profiles/cur/0/fun.gamergarden.blumos/primary.prof

MD5 4d8dedb064910c76590e96fe47f9f12e
SHA1 fe90ae43d41a5fe6021814324e695c5c5b65a70c
SHA256 188d5efcc7458c8ee1df3d1c05f41ab3a67c42fbb5884834da8aea88c141199a
SHA512 74302cd9abef9e0b01bf9fc28ba090bc14ac1ccde7c838e7e635fb2af29b621947987b4b64e8914ddc92eacb3fda8ab1a776353f985599bfd66bc5f1e439a519