I find the CTF, but I don't know how to get the final flag.

that hash thing was kinda sketchy

man this was fun

Really fun challenge and a good intro to android reverse engineering, although I wish I'd read through more of the comments sooner. I ended up trying to brute force the hash stuff for a little while before I realized there were probably websites for that.

Ive been told by a number of users that they have had issues with the md5 portion of this challenge. As cracking it was not the focus point I have provided a link below to a website that will successfully decrypt it.

https://www.md5online.org/md5-decrypt.html

This is a good one. You can use apktool on linux, but use it only if you are a little familiar with assembly. Otherwise use one of the online tools mentioned in the comment.

I find the CTF, but I don't know how to get the final flag.

that hash thing was kinda sketchy