32Bit Hash reverse engineering

[FJ1325]

Guys,
I got this string (hex) which actually is a protobuf

080110b0d60118d8e1f2bc860220d9033a5f08b0d60110d8e1 f2bc860218002098910f2800300040e4b3fd04480058006000 68c1ea8b02708692407803800100980194800ca0018f9e8010 a80100b80101c00100cd010e0eacc8d501d6d8ad47dd019447 b746e001b0d601e80100f801004001480150a8def2bc860260 c08d87300b270b4c
Only the first 129 bytes of this string is actually the Protobuf, the last 4 bytes represent a hash. (echo "string" | xxd r -p | protoc --decode_raw > decodes the protobuf - without the last 4 bytes)
I need to find the method to generate this hash. I tried MurMur32, xxHash, CRC32, a ton of others, ... looks like it's proprietary. Any idea on how to reverse engineer it? I have a log full of those strings, so I could do some stats, but that won't reveal the algorithm
Thanks for the help!
-FJ

[Shelwien]

1. You can try hashing the data with only 1 bit changed, etc.
2. You can try finding hash values with only 1 bit changed
3. For string pairs, see how xor affects it: s1^s2 -?- crc1^crc2 (see https://en.wikipedia.org/wiki/Differ..._cryptanalysis)

It could be a crc32 with bytes in BE order, or a different polynomial, in which case you might be able to reproduce it.
But if there's something more complicated (eg. first 4 bytes of md5), it would be impossible to do like this.

Don't you have any information about the app which produced that?
Maybe you'd find a reference implementation (i've seen a couple in google output), or app sources?
And what about reverse-engineering the app itself?

[PSHUFB]

You can also try something like Espresso to try to find a simple underlying representation of the function, which would probably lead directly to the hash function. It would work best with small input sizes though - if all your inputs are 129 bytes I'm not sure if it would work or just choke.