Malware Analysis Report

2025-01-19 05:50

Sample ID 241209-bwwwvaslbq
Target بازی-سکسی.apk
SHA256 dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096
Tags
irata discovery infostealer persistence rat trojan collection credential_access impact
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096

Threat Level: Known bad

The file بازی-سکسی.apk was found to be: Known bad.

Malicious Activity Summary

irata discovery infostealer persistence rat trojan collection credential_access impact

Irata

Irata payload

Irata family

Obtains sensitive information copied to the device clipboard

Queries information about active data network

Queries the mobile country code (MCC)

Acquires the wake lock

Requests dangerous framework permissions

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-09 01:30

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-09 01:30

Reported

2024-12-09 01:32

Platform

android-x86-arm-20240624-en

Max time kernel

122s

Max time network

130s

Command Line

matinlurd.com

Signatures

Irata

trojan infostealer rat irata

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

matinlurd.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 olpedrvvdvffw.site udp
US 104.21.47.244:443 olpedrvvdvffw.site tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp

Files

/data/data/matinlurd.com/origin.apk

MD5 60a50546ee79e6756c8571dbce141010
SHA1 59ae8063374f16100e93b49dbb3e29187d0703ab
SHA256 6a34ecd487969eb57e9558916da2af5761d6e010ef9c941aed22e4b4679e0b2c
SHA512 2de954c16d2d57aea1cbfdba73ff1d68414a3b03423d657abe8da42a52069d6acd09cb2bf2681394aa1fd8b0f0fe5b9bf015e06671bf49eff82322d820255f06

/data/data/matinlurd.com/files/PersistedInstallation8160475008636538302tmp

MD5 da079eb88cb2622942bf06ec07583963
SHA1 9f6315465c5c9d8256f5725aafec82fc6cd6b582
SHA256 fc921eb2622973c5b59478707eb3fbff7297820db6207e8a84ae7212ed50e10e
SHA512 0b825318744fad983518c4e80e3be2db7f670863942e910a3eb18ea3b2ccc2698906644eb82421c1076e0fecf5f3a9552a06be2038997e4817a044b8f82df74f

/data/data/matinlurd.com/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 d2e39d9b14afd53a9743312592aef6ac
SHA1 217575887d48d5f30d38706a99948dca503e256f
SHA256 4aa2d8282fbdfad8882c8cb031450ce38727a4854a3f041c4ad730e6a2901b6b
SHA512 20450c589be8f51717590584d0fd3e79a03a87c94e77389032c303204abe64e5b41ad88ac6176ec05623f6a7da2c95f5dedbee704106d1eb9aaa923fe170024b

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/matinlurd.com/databases/google_app_measurement_local.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 ad283e8b79f0da1758c7097fd7fae390
SHA1 0f155eab7725f240a7f656498804528b34c8b879
SHA256 3ac433050d74b252a0bbf710567f8669e6d9d30d6350a5587c331e6a8c604e68
SHA512 e2dba6c689e474c8cbcc57c9f809ede009035d0e883cb63f2e4fa80c89b42fa107dee502150bceb3577c993841bb08b530f0ef122eba7a2ab547a783aba4bc4e

/data/data/matinlurd.com/files/PersistedInstallation7311122028505393400tmp

MD5 b20c3a37a8f736e1b97f809886004a87
SHA1 8bc5f167bdf09174dcd7ffc9beccdf4d21db6532
SHA256 742e5bd2a4d2eda541ce5f8b72a78277646eca61f61d3cd5e591a9d4b3e81f6e
SHA512 e48cf150808a000873b397106dc352ab433b30279f3658ad86920958ac5bf6b5c4690a8233480ce004679101283c6fcf52e2382a0d8e799a9063abdffa402669

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 3ae28bdea6f57d215b704ee777d0a434
SHA1 060d48df5befbd95599f73e8741f64be4bcaf4d1
SHA256 c48346f7a2fbbe883a9a2901041c46d143730fa2f3d310aefbc160080f9207df
SHA512 43ac089ed3b42fa467eea81d72883f03fd712c2bfb3c8bd1101dd8436594b826e63523a2231674f3ffbef44f6e7f864f0d587a80b68789492507d2676052b01a

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 0e9c55e6c50361147a1183cbcef38469
SHA1 deb24e67422b11413f701cdf9b5d51fa12ade483
SHA256 3bc529c25a868d1469ff2838cdb0ab569c9d761b2c0797970c5c4a458e415c34
SHA512 215845282b3d73c9cd832982ef70d5c498e37ceda38aee676a85c76d6593ea92d45e38e762a492452ad70bc11a084a8727ecd59d8d89091e0f3ce65acb4f6cc4

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 707cb8e978273608455271526f5954f3
SHA1 032c81b34a026bb89ebd93fe20596cdbf6f31321
SHA256 6337d3e854a9c37bf80e8b4e72e5ed46006c7e8098ef6aaf6a4a44c0ba900fba
SHA512 2ef387e34675d19c637deaf5b96410e92ea900b98339f239c17800712cd9022d8c66f212dab471b5b155e7e4f2a8d6ba6d97aed260edeb17411242652336ed75

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 50f0fd87f12131182a3e931db5724e85
SHA1 7e3b13d6a2c5456c3bad5a446121021bdc11a83d
SHA256 969a78a382e5885d34367ea78c36d2154395fe49ad6023bf1ac7205cb508f978
SHA512 f835aefcf038f206c426dcb140deaee812a199869b288b5864a948d0ec130905764fec78acf733c5e4d5d338c8a79d84150bc91e756f20c9ca0685c394be857b

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 4915f8cce62e963b11d26ee5283f216f
SHA1 4590b3ba633e36afda42c6c828347a4454029483
SHA256 03ce500eee9317a5958302c21bb624b280f847d2900186e6b77c6049de4fe8e6
SHA512 519540cfbbde6e0ed239ebb18d2b034fcc92a23b92addf5065d011de602d6a15f5e3bf6fba476b198035df82aa30634ab8023b192775f8e594c74921f417a50d

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 4f18a90597ac157d92d8ce61452355cf
SHA1 278a313d2551e69a6b813b04219bdd46330bc92c
SHA256 cbf9a5a751e1950403fd5854a382dd343d7249f5a304018f56de2ddc5ee74b79
SHA512 2093155e794c4efa7ca6e35a34fab205ed6bdce016df0865f91a6cf3528e6642614fa50b1c2ca57fdce7c331d3cf1cedb3ad715e8467005bc808b2b2386ca9c0

/data/data/matinlurd.com/cache/1

MD5 0e2bec2bfd2fcc404075ca7d67253697
SHA1 689895f0d9a131c0246822c68652a07b1a8ab2ee
SHA256 07f5e48c9fac4eab7f8b8d497fd3ab8cff7af0c09aff97c24857a26a8fd7ef51
SHA512 709ff360dbf180a56c9810d4891cd75c1d66ff8c447e0ba7d537362599fe25c7b027b84d26e35b903f8f4927eae1c7c68821d4aac4d7ba5342231f98f257ab14

/data/data/matinlurd.com/cache/2

MD5 1d5920f4b44b27a802bd77c4f0536f5a
SHA1 baea954b95731c68ae6e45bd1e252eb4560cdc45
SHA256 d4c9d9027326271a89ce51fcaf328ed673f17be33469ff979e8ab8dd501e664f
SHA512 a5b5955a4db31736f9dfd45c89c12331e0370074fc7fec0ac4d189a62391bf7060287f957ce67cf3adcac7a4353a7a8241e33084a9b543cbb3f39770970a41b2

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 005189d5ff359510ee00903bcac8d26c
SHA1 9e5ef1476b17a9071e62422e71be162b161b4384
SHA256 aa763b8613d261c81181e07f7a7c0ab41818c3f1cacc497195b36e5b89e8b781
SHA512 34a9eb7e6a03ee8ba43a0698aa8bd6e78ce1ce255add041b0c52baf6ed3a42081f7e6517ef0c5ce31205bcc98b71602af3e56e4f6b6e4d12df26d7498fc889a7

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 b33f1ffeceec1e4027116d5beea5bc3e
SHA1 f40df28f0e06005130a002d4bd9fdcc7f0954409
SHA256 9af5f3d7c8b58c162b97d345b13b8db542af75f43a26dd054a040e8de009b8ef
SHA512 f0eba1b483f3b60a802e7dce6cca9d17482609283667c6627f0a269339aae6c187cc2eddbf4ea4f5e3585119ad1fad9de5a1227958dcfd1787e30ebf8a6e3738

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 078706a3dd7945b771793064712bee52
SHA1 f69260a69ce77bd65f95069f95373004054a3b0e
SHA256 e8cc02604f44bc617c134b26382882ae0588dd69e311230953729bea93542b59
SHA512 9d0b78d0b82c654da61fcbf8fecc36463d94b1fa519d36fc1bcc4f391224ce9a76447262698381b4e1cb8c66289983ace5972413efbbc92df521a55c3889c220

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 3e881d9a01ca707bed38018ac69f4518
SHA1 5820f9351d7cc8082de6e5686eb9f8fedf6fb830
SHA256 4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c
SHA512 8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Analysis: behavioral2

Detonation Overview

Submitted

2024-12-09 01:30

Reported

2024-12-09 01:32

Platform

android-x64-20240624-en

Max time kernel

123s

Max time network

156s

Command Line

matinlurd.com

Signatures

Irata

trojan infostealer rat irata

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

matinlurd.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 olpedrvvdvffw.site udp
US 172.67.174.143:443 olpedrvvdvffw.site tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.200.34:443 tcp
GB 216.58.204.78:443 tcp

Files

/data/data/matinlurd.com/origin.apk

MD5 60a50546ee79e6756c8571dbce141010
SHA1 59ae8063374f16100e93b49dbb3e29187d0703ab
SHA256 6a34ecd487969eb57e9558916da2af5761d6e010ef9c941aed22e4b4679e0b2c
SHA512 2de954c16d2d57aea1cbfdba73ff1d68414a3b03423d657abe8da42a52069d6acd09cb2bf2681394aa1fd8b0f0fe5b9bf015e06671bf49eff82322d820255f06

/data/data/matinlurd.com/files/PersistedInstallation7762226377322004308tmp

MD5 36412fec32ecf41a576cc6b2ba08e678
SHA1 65ed33cdc237fb4382330e1aa41b6cb824b1196a
SHA256 042ac85b30be96fd85468e0dbcc9cab4cd337c3d5c162ccb3dea6b378c7a8fdb
SHA512 db1c9a2244f47e480fdc34f333bacdf3715db1040f540b82a34601064f311e84c6f01e70c070b4d04c3bf3adc4a578c62f8fff53e09fb7fa60354761a79e12f6

/data/data/matinlurd.com/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 0d92824ea6693f4c54cc7a2b1cbc8abd
SHA1 276955b5d8cb19b77b72530f331a3b96d65338de
SHA256 34a45f2c8bd27f68cd5da4b1a08e6e18b7efc3e0287eee53f5810e9a36e1d65a
SHA512 f1e7a7b9b754e3b59b155f91f32f98fe279f6e2374eb50bf345fc740e81f3e363862442c8805f6fa4473501d347a9627a12dd2b2ce4fccf5dfc4f8a6e9cb7ff2

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 a41f98ea328323d95b972943e80a42d9
SHA1 e9a6d22f6bfc1f4538a7045d3fbda425ce761fd7
SHA256 85f02b010a414cd554e9b64b2f6bf34f1064d8a77c1cfad395c095f453c35dfe
SHA512 fce0c24296b379df40fee2adea1c6548d964eadbac1e77e62302b3da6b5c75462ff3bd5d58e212a7e40e315b82738c62b33bafaa4a55834ecf3198e0a109e8a4

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 91bc82d55fc7b1390c2352632675b73e
SHA1 552e23c5536e952e7ccde02266801dcda5f156b3
SHA256 524378c1b7b4c8d5d475ee38f16879094cafa8065bb648c9683665e08bf2b3fb
SHA512 a09187c9d32db51d323b712db92b3b67c37764b2bf400982c259428ee0e76674aa2fac554a6166bcbdecb5b1998007ae8b03b27492405e35a94e3b3286d60e14

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 5f9272841c3b06d26e554b4de6f74cce
SHA1 1cf0d6785aa3c6118c07811eda4dd03a9445e736
SHA256 89d8c82751f2990a5652c6c2a6bb5f0d1496b94f4a9cb4777156e4fa6ed29197
SHA512 14f84d3fdeee45e3692a65259f952bf8532932e4911f4c67d36ef2642ba9e20240cb6e7d59bb50764e0f9bb95007dde6afbbc8908fb76193400172e7041ac985

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 71040e54823302637a922f5f2c7f90f6
SHA1 1e453afb179b3b26bccbdfef4ab1f5d52c9565b6
SHA256 c64f7885849cc3195d55c6b83da0d572e4f024a5f061cf02dbe3c5f1b9a98980
SHA512 492c5ca2e31e9b25c3d253b0e926127471be4a77933cc744015d826eb2761d311076faa1249ba868da61db7f6ce87a78f08c7a7196993ea32e6e5ea0081bd537

/data/data/matinlurd.com/files/PersistedInstallation4732258033142183987tmp

MD5 7cb79fd628731c301312297175167672
SHA1 6b9ab283404ceba96f43e8e5c5da3f622c3766a9
SHA256 99142ccd3aae8abcd6c269e9d659fc8bafd3538336450697799e3d6b8eb72284
SHA512 0c9c44dd42f6cece5ed9d0b03868e4eaa27b0d1faf3d82616214aa6677dd5ca93b4bb87279d4f0dc238f6a92facd7c59e10f183288b8b115dd9cd3967074a710

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 5825d7cd4f1738df2a3dec08c711ffb7
SHA1 67d790c45a6bab4a59d53f4e0b52de5b1adf0ac7
SHA256 f388e1a6445f8a92ced4f403c66930c09bb7a228d1269487a598b65f5dc7d677
SHA512 0e89606bcf99e4589aa33e51e6bc93019deb2ff9a7f8f884ce38bc9123f17161125d0b4f3491aeb5b4f93b37e375ae89c100ce2d955f190fd0f002ab995c474c

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 64fd25463930957981c132e917af78f1
SHA1 2a3c7528f005a7fab216142358ad7b8c22630f09
SHA256 3d286eeec0f848505055eab3c695a24c69efea9292a1ddddfd244a046035dad2
SHA512 cdb7746e034a0194c845b36f4d9172541b3147003508c9dabd27bcec38bc0d18abde2897dc1e675347ec737cca87945f8ef214d66b38231ad6fd6c2af5845fe7

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 7fa53c29ea4f5205c06ecbefbe09ce76
SHA1 c3bbeb5e80ead170dbbc2a8740a6ed80ca45d117
SHA256 fdead75265f204da6653ae90fed10c4b0a0e44959ce4ae920472089f5782938d
SHA512 d657c140c5cb8114d1d389f1e7bbaf7f9f091d321f7851809a3ccb7ab8bc23243fe87c7645f13f489da0c4f9b7bd8d6055703a9ebd6b984e53e78430f58e3823

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 b0ef374dae04af27d9695058d552d433
SHA1 260994d419d974566fa6f5e8801030fd253d86ef
SHA256 65ca78bf9041e5c4b2644f036a79ec3e715c9d8384c47f5e121cb077d76f39b1
SHA512 7ae197ca87cc471c688fb6b120015d7227fa2d63507bd454c1a0fff5d0eef7e5de44ecb4ac69c4282c76b68a97ed7bcfbea4d552832332532273506534ca7958

/data/data/matinlurd.com/cache/2

MD5 1d5920f4b44b27a802bd77c4f0536f5a
SHA1 baea954b95731c68ae6e45bd1e252eb4560cdc45
SHA256 d4c9d9027326271a89ce51fcaf328ed673f17be33469ff979e8ab8dd501e664f
SHA512 a5b5955a4db31736f9dfd45c89c12331e0370074fc7fec0ac4d189a62391bf7060287f957ce67cf3adcac7a4353a7a8241e33084a9b543cbb3f39770970a41b2

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 f4d91a55f1592520ba4a3544945c057f
SHA1 64196b38f9dac6cc8d52cb1443b9a80ad6f2af9e
SHA256 f9f62661d7720a9e5c860b460ef16538344cebc4d5742252c766e37e88ddecf3
SHA512 df0874c3d3ec218a335ed4203049d9927f49a9cfa30e36340582fc42f745e2828830ffc698ca4273182683470c797272700957541ea7fcc61a167364d6ae1bc4

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 adf6082723784327d7d1b34adf974e7d
SHA1 b1502f70eb881a1dfe41139cb719fefb877ee37c
SHA256 252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9
SHA512 762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

/data/data/matinlurd.com/cache/1

MD5 1a934340c9c8fd00ea032e6c4ed3efe9
SHA1 9b00df3d8a1447040bc9370591438cd47d458ce8
SHA256 8111b28d17c0ad5e54ae5f30aa2e650a462158049b29bf1c2ee1483db61d8c33
SHA512 9b5604fda383bb89a1130b5e3e96371150b1c9129587472a22732f500bdd191254d845be7d915c45de4c9a9ec4419d8eef7b3bbefe7bbd2508faf60fb5527d2d

Analysis: behavioral3

Detonation Overview

Submitted

2024-12-09 01:30

Reported

2024-12-09 01:32

Platform

android-x86-arm-20240910-en

Max time kernel

2s

Max time network

150s

Command Line

matinlurd.com

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

matinlurd.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 olpedrvvdvffw.site udp
US 172.67.174.143:443 olpedrvvdvffw.site tcp
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

/data/data/matinlurd.com/files/PersistedInstallation390429688027425188tmp

MD5 c947f2401d91c84a4e05b0a7d97ab121
SHA1 946816cc406a17cf774161d82bca841306a5a4b0
SHA256 c40e0fbcaa39d1132b3873d28aecaa5b3a8be38f66e1e9836b9d9b90aa0d8d50
SHA512 219a86eb774e9738b793f978fa2cb4a75fda29b5071aac31a88d6d3b036a526d67c0e0b41bc4bedbd444135a756826a060ad9be68cb85f7efac83c53542da40f

/data/data/matinlurd.com/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 4cc108cd3cefdd60dbbe4d68c2298184
SHA1 305f4de1617ab5cf28f4277542deb5009523db04
SHA256 0c031257ffe8ef7d48a95cfb82b241652d82bb2bf2847a9880891161673fde03
SHA512 aa1539bbd5dd627e6efa77f2c57ae13228d2771bffcf9c868d3122eb553d5bd07661fd8f6e0d3a82f054d1611e8f2b41dd6f3db8d97edaf67cb0196e1115cc04

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/matinlurd.com/databases/google_app_measurement_local.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 40d0dac0d54ae503671a9d2247715e8e
SHA1 aae197f2dd6e9c92c69fd36390464997114475fc
SHA256 7062387effb0cd289e43def76047c11331daae091588f770b407d5a2aea730e4
SHA512 76883fccfcf473778f07fa03c2f6eee37364f120a6308e4617f05b8d5b57028c164960a84ea4430852ba70a729e2d5fbf047091f513639980381d603027c8999

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 2c8f9cc0cc92e0dcd0a1d03f9911287f
SHA1 6e4664c053fed8a1da8d42ef35a1a5b20938cc32
SHA256 805d7ada01957f8a39ffdb143071378139a5b8135c8fbe4872024bc8ecd829ca
SHA512 a50e4fd25d900929ea41a95d321aa28f9f0b529155fb1a8303882bb32a79f6066f3ae9ce9d71adf3979f51d87f250131568b214b583a2574cb7ad58e25b9f403

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 7687589ff7b28c4a168eaaf83ab71e92
SHA1 19e945d99abc222054a54a0275782fa7c0a2fc6b
SHA256 b3c0c5ce339355eda759cc272c51a87fdf39fffa71fc46400c7e64ff027930f8
SHA512 5cfb5eeb60cdc3c640613ed5922854dec3995a6d0399d0cc84a5e5c9ba61078c530ec49e2a4446b0eeebb562964f1e8fe75ec986ce72c574a845b622104bf367

/data/data/matinlurd.com/files/PersistedInstallation553543056535084076tmp

MD5 0aeaa34f6c54a70d346d53fa68dbbb16
SHA1 2fef57e8ce4d9146e44f8dfe5956ec7548cd8797
SHA256 1b4dd5ede35812f30a5998e0bbfe100e7bc6504910f6c86025fad270465b0681
SHA512 fd2da8c42ab8073b1cdfbba4d7bdeb124a9a4ac1a993d7f185ab23c099bf4bba9c2feb688ecec1cfc799052b724153c6d6aad3ebab65e59641c8b37414442a10

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 718397ad0e534385927b368b24b9cdbc
SHA1 2a483687a98e6f77250f3b457a1d1f2804977d28
SHA256 5aee1d843a794371c8f03a14f5bae973fc0bcb81a8afe221ca3d06b4743670d8
SHA512 f2b806ab223b8fd5a483b9d07d550ad73a0fb9b32b88835017e205915984706429f6e6c554b4f0cad476b9d6372185688329b715d4cc2e0e4668e861217a4628

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 be6cb880ebdea381cf8f8432a978d798
SHA1 ea1a3544ec6b94e07dc6ef53f2de8a8232d6f293
SHA256 39368510234e8ac23473aa4da5ae4a2ac6be781b8515f564e0b6e03f33a0de1a
SHA512 098c94241987e35abcfcb994e28bd5db005811912cbf28658813629919c1b4551df88c55ba6625eac036b8168d22361b1fece29d817cb556f5300cb0aa47c371

/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

MD5 e9b6962ab402759214aa0c035cc7ccc1
SHA1 8a45d46d8c3e6bcb685ba65d54b668b39198b60e
SHA256 dbd4131659daf3ec18792250b821d4857369c0f817d000be62f88b67fc77729c
SHA512 b40a5117900f6557c61c0d667552b254145c2dbdc7963e78693df18a8d2b15703416a97bd0626ac46e28499a803d9fe4e0b760c9f9c806c2489df8e7a593dffb

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 a829958a78a317d007aaeda846731010
SHA1 be87184422bb7d3e1fe1fddfa57f08fce18fb148
SHA256 e4abb503b260cae5d1210ca1e0c57a1142c3761c3cc0f7996f8147d88f8b371d
SHA512 55a44d786213310d8019d1f8fa792a1a61af7e9d62a6f18d3ca7da0ddbd5fcfe6a047bdb72eaf366cd60358352008db36d43327b0264a3a5012efb3777001db2

Analysis: behavioral4

Detonation Overview

Submitted

2024-12-09 01:30

Reported

2024-12-09 01:32

Platform

android-x64-20240910-en

Max time kernel

2s

Max time network

152s

Command Line

matinlurd.com

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

matinlurd.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 olpedrvvdvffw.site udp
US 172.67.174.143:443 olpedrvvdvffw.site tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.110:443 tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 tcp
GB 172.217.169.66:443 tcp

Files

/data/data/matinlurd.com/files/PersistedInstallation4880994088182315805tmp

MD5 248c071a46e3079a50a19ee9c08a54a0
SHA1 83176650e88ec00d0643da8c512435a1e12567a8
SHA256 53dd5788cc011a031e8c8b4e49b085fe388c52c11e1914524b5b78b6c09888b7
SHA512 9760b721f6bd7598579aa504a392a1b77f5bcaadd378737dd74460aa9979444ac5415e8e623396f10e0fdec41067b47e89032aa135a530534dfc3b3a490ca5c8

/data/data/matinlurd.com/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 6cc569a9002e2e3a13859de62b3f7436
SHA1 454c46aa0a23245a72f68e96d1b387e137e2546c
SHA256 43d3fdc534be6ad9e85bb92e563067999ac34476764e8cee7c95566a7b4ff466
SHA512 874aa8aee7406e9b0d54f16a3b9211187a293360be26d80f1df463d68bef0eb625444cf40c8afb42658d1f491a9842ace9ee0d300a839ca364e513fd85c67627

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 eb52a90bb70b76e946b62f50b6f7fb85
SHA1 42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA256 48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512 b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 d890b53e2f4f8609eae9ea1455e68cc3
SHA1 8908b97ae4815308c435f38cf178e55d6ac89d48
SHA256 3e993b72d8448f9e18d02006dd39424fd8f83b98ea9ac1f6193e350e98146028
SHA512 915852b1a4e0f8258e955a666dd34054a7a56f65d5c0c4ff782e519183593ce923471e6e36ff0cb1697f64ca3034500f1b3825810085ea5149b579567041ea66

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 d6757c0d985fa4bc61f4fe8f5d026450
SHA1 350dbfe8435ed3cc81b86fc0984fbcb49a625570
SHA256 26f88e993ed7c85658b9df932e3f2506b98cc0b1296d10f166d95e9d95077c17
SHA512 2ce27632fa8221c5b2010e8e4110f8ba207cb3000dd9c94e655b9f9e4b66103c6daa3283a0bc1df56a9aba1bd50eb6a5e8be2b1fef9d3c25a8083ace100b344a

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 876249047896ee3a0d0999a2ecef7cb7
SHA1 8a5f4271161a45ae0e61844dbb478abdd666b0d1
SHA256 86e2569506a3a3e47c1ea753265fcea90a9a1d642f193eca66e7b4824067f02e
SHA512 b0afeb7f5f926005560f08ac3d3f30da33319a990079f7904521c471c08bf21dbddf5530ca55e02b147f6f6ecb234682df10b62e3d73ddf9fe93005767263657

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 4156ec3e48aba69c7565ee6a1d793961
SHA1 79b49db5798d9ef5160493d75b20b29dca781335
SHA256 e570998d9b5c1054aea8af472ea989a75920f476fb492fcb9ccafeceb2f375d7
SHA512 6175043b6376e5b5325a5547c9dac3769426e7c1dd3ffbf9aaf2a5fd7fb5ebd3837cc60a312f9c5bc4edcfb81ef1e2d6db2ccdb2a139cd6803cd7726352d5bde

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 b15cb4761c860020f0cb2a1370da2dbc
SHA1 79ca2c2281d4b0fe6c22281f7c51df99a63ffc76
SHA256 f61ceb6471b03aa5d8743e29fe7d0892e185fcf6ace7272d615414b09e18fb7d
SHA512 3a23d55060a06bba50112f254883e8ae4594e64b103c8924dc7e0c27de49a913f391530010cdb2991753a27a9a4b4b4c9add71d46d319f7b1ad74d79b321b806

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 9610dc339a9507925949a6d620eb9cff
SHA1 b337f8cf4549fab456644f93e9e213a2fb46cfc4
SHA256 bddd41df6bb35b1d521c76b93ab413c71561c6d7cea9b0ca458275c9d879cdab
SHA512 a18cdad9914df53328a79e0d7cef72c99f655b850bb73c6c232c5811f9d8e096c9e481ef608287c67ef05f4ed7b0bf436ecda9703cd80220454b0ab60783bfa9

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 fd1771666a846d094bf89a1956869273
SHA1 379f5bf07781de64ba5dc5bb62673641830f1b23
SHA256 c02f1b6363685e40b85ef931657840059d6e836f1fdd115a339a155a8556c2f3
SHA512 06ff6b54eab07678646a7878c718663719d9ae356b6fb642be1782043b1edf554bc9ce336b181b071781253f52a864e6531460433c130d3ab2e990097357dac1

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 bf918dcea3b496568e3a476fe0f11fce
SHA1 0d6cb01260d08233de59aa8b4983de6b227fe60b
SHA256 a5c9fceca1a590cac9f195c578d14172f9459c8bcfc06460a7016231c8ba6748
SHA512 1d9387a680ea11a1e01357fa691c493111f2bd4a76e8ae6a50d11b4b536d3bdd65fdbe0141804de4b6c7d5c3b3a00d93a8513b63989d913cc2c854ac55b05148

/data/data/matinlurd.com/files/PersistedInstallation3382828567112408853tmp

MD5 83c1ba06b38cece6ed06bef0be3fc2f6
SHA1 ce4c274bbabdf1ad3c1a9173dc2ecfa005f81d46
SHA256 2a4b2586e43f002435390249e0b0f5ce9d28c98aa4ea16a1fb21640798cf7409
SHA512 2b7bb42a2222d1d3d8b58386b40ef65ce2a2aaf2914463472d96dd3ad874356b446d69901174a1f0f2892e9b6efba594eeb05960273c089727b9dfa36a32f26c

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 80d56c0d899179081c02a4d22060c74f
SHA1 9c32c24e9c4f58d2e44c347ebc72451a7616c095
SHA256 810349db3c4228c4d328850148bb353c917563479832836d20a3bb13d8eb35ae
SHA512 d80003a7126d5a8db03a676f4ee4d588dd410dd63f3eccc63071861b332732b4f12d7e56b6a56c7e12fd04e53ec62b8552646d6f35151250f21ed9e74f8bc795

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 adf6082723784327d7d1b34adf974e7d
SHA1 b1502f70eb881a1dfe41139cb719fefb877ee37c
SHA256 252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9
SHA512 762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Analysis: behavioral5

Detonation Overview

Submitted

2024-12-09 01:30

Reported

2024-12-09 01:32

Platform

android-x64-arm64-20240624-en

Max time kernel

6s

Max time network

132s

Command Line

matinlurd.com

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

matinlurd.com

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 olpedrvvdvffw.site udp
US 172.67.174.143:443 olpedrvvdvffw.site tcp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 142.250.180.14:443 android.apis.google.com tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp

Files

/data/data/matinlurd.com/files/PersistedInstallation7919212355921440504tmp

MD5 52d49fe7803f634113670865de52190d
SHA1 a1b8801098bc1c119e769009bdeb1ab45e613dd4
SHA256 7de95c84b6686a5179fb98080effad827d18e6998e3ebe646ce58b68b6f50e04
SHA512 3822d6b37541f684aefcb6ad7eca0e2573ec321ce49386ce1ee0fa82007d57fff79c3162cb56122ff833ccf4d7664d5323dba4dcc5b43cf470cb71a604e77a01

/data/data/matinlurd.com/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 eadbea34ee4a6369fd5775fd43a0e45d
SHA1 f0ffb9d4a96946e1858a51fd6c22b83dfe9b7a7b
SHA256 d652189366d0c03bd4c54926e49c00f186a3ed43da7b082202ba136f04a0f063
SHA512 7b97946ca60a8c30128ea1d778102531831dab971bbe20d5c40ce8d0e4c63c871c28c933a9ce96dcf991c708c0ef5c6ae72ae70245e267b9a11fbff8c3f84feb

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA1 07ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA256 2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512 442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 81a4d51678af8d73bdbacd7f9c3eeff6
SHA1 739d46789050671ef520e133c6c410737e75db3f
SHA256 9d3b38eacf29f286c97fe4c402b2732cef85026622d76810125eb50dc26fcb51
SHA512 d87b247d3216bbc3ebab3212dc50264457d6e78dbdaeba2b517316565f93f253f23be9b130cfd06591b0013b08249e8d57456bb7aa590a1ce9e3c8d4e5fe12a8

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 5c48d1cbc94461f0651e59bfda28a3a5
SHA1 dd2f3fdeffc718635f6dce1ae5f6ca4d85880ea9
SHA256 5c462522344027373add712740cf7837a96edd34c94a1fb54457e8d256db6e00
SHA512 288f264ae3f87579e85d1e94ac226829247c870a4deaccd774e741d5f313ed7fc1d46211f28d0f13463cf71c24c932fc3c86d98bdf3a4025b610bad2e80df981

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 85c0471e84fe07f1fefde65497393eaf
SHA1 ff56e268ba11749d5d2f95e82250420fb9c70a83
SHA256 0c12654c00bc2650bbfb50f0ab994a615fd338501529a368844bb97f675ca860
SHA512 c6708a7e26ede8652fc20cd04a3b63162638b5cf9eb75be69e46a3346b65f233f27007e677f522b01b55fe426befedd51707d769617e034e824b6d980fe98420

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 0ebb0357b7da316800d4dfe12a7c2499
SHA1 54c7d8591c60d5f998ee95a59521e2d91783f77e
SHA256 b88d9e9ccd2eda37ccddcf51bd06069bc48c8bfa086d4336d3511540831dd260
SHA512 9aefd7ab683d6a6ff0c87a3a702a427db74455b15ba73b02444386ef4c1de79f7c2aeb610a0a6f417c90998471ac0317c865447e742b6f45d8def8d4bf8f2967

/data/data/matinlurd.com/files/PersistedInstallation2763664922239758762tmp

MD5 293cd4b696a9d59a22a5f740b687153f
SHA1 a83b3f1df28c8d62b483af6f589e07d9b8678ce9
SHA256 cf561b65fc760eb318ebc713b098b0883ff0f6408f4754fe2eb41061024cb8e9
SHA512 cd397ffa29ba2ea43350de6e20ae3588230c34794d91a71af4ab3fc78f0590a27907d1cd4a5977136c13f85ccb21412814dbe1e0b2263332df1512abd8459920

/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

MD5 aea7819ce513fd7de9b2311e6a7b4eaf
SHA1 b4c2479bea5f7512d8226a7157bdb3f28eae8962
SHA256 951ba7378abbb3b3a66e34f6adf3c3cce08f8d637bb9b04a5925d7712cd22204
SHA512 8cef1346781d603ce56db992aaee24b3c090d6ae71cdd5be34e6d829e07166811e7302eb0fa1b3eb7b0acda95e5c4ecff9476802f3b5a1d15894909b3545b737

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 99d47e5ae9e1aa27360b9cdc0579bad6
SHA1 38d9d37e31dee211b9ffd080977cad9596290842
SHA256 b9c1ccb224c367dd5b3bd180170c4610208de81e6d97adfc56493fdf707fd3d3
SHA512 47e16e7148120be7fd589e367d4a81252937e851b36b177ef8d0d0e6952079006c5e671f5b24561543251c6bd89a3ba9264504f22d80f201129be7f596d2047b

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 5cc5965e63712af4302c3e2677a03d3d
SHA1 5662878050088912fd2eec1846ca5201868e1afa
SHA256 9c749e01004be4072c060ca868201d435a05d7a1dbd5b39194eb31ddaa2748f5
SHA512 eb5e3bcb07451d270ee6e3467a7ee76b547494c4a445ee82be75e6da378abf8844ac3929524b39549f3e5ad7068a2b62c429779a647b36f9201efb48ac860cf6

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 7c14639c191b59f89b39fb5613bb777c
SHA1 18d08c605ea72e234a66c7056ac15b5331b0f94f
SHA256 80d4d2173744a0cf9d9d10ffc523202894b60afe54702f81475f9ef385011f36
SHA512 5b62e00de7eb20c167a5ea253b8adafc66f7d8c2254b04593dfd74104c6d394d63c8aa289003293f115857fbcf8c41b1de7b3ee1703bfafe00e07116351e472c

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 207a8462f191551242ff77e9aeadce1d
SHA1 fd5282903e76312489b0bb56e43f3045779bd988
SHA256 0366be57f57fe799c6aea3f955a2e8926177b7b928e8e28ca1dc90572febec10
SHA512 7f5b046118aabff340f91adc744ed7864f3777ff82a6a246553281336af7ad98b64659488adc612bf44a576dc2fb8692c8ff353a56471f192500267a7cbbffec

/data/data/matinlurd.com/databases/google_app_measurement_local.db

MD5 de82e2c94d2718988804b035a46d17b1
SHA1 705f5ff19093ad209f2a666085d6ccaed3bf58a4
SHA256 29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39
SHA512 68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e