malware – File level changes by an Android application

How to track file-level changes by an app when running on an Android device. Specifically, I am interested in the changes made to the file level by malware – create, delete, save a file on the device.

Looking on this forum, I found a way – / proc // fd. Is there another possibility? using logcat, frida or any other means?