agent_smith | 60d10d0e7ccc145ca787332582df7f8ef2a74cc113ec7b3bcca51f40450ab468

Analysis

max time kernel
3555842s
max time network
20s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
30-11-2022 18:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

60d10d0e7ccc145ca787332582df7f8ef2a74cc113ec7b3bcca51f40450ab468.apk
Size

2.2MB
MD5

9d8fe9358444032af48c74ec815a4db5
SHA1

1f67c2ec814ea73f07841a2fd9b477476c6f8d00
SHA256

60d10d0e7ccc145ca787332582df7f8ef2a74cc113ec7b3bcca51f40450ab468
SHA512

20b0309277e57224d37085009208a6e6d9892d2835c5b1c686dd992c71783a8b23dbf37017bad24c58b4e0224d373656cc720638fd695ea1907178d22470ae1d
SSDEEP

49152:Lu+ASxVPlnpbxqL6axSgA4VMP8VYehpWOchVKGqwKbiAo+uR6xHBJpx5m:Lu+A8pbxqL6qw2TpWOceHbBDhF0

Score

10^/10

agent_smith adware ransomware

Malware Config

Signatures

Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
adware agent_smith
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.duandai.aa.yx

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.duandai.aa.yx

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.duandai.aa.yx

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.duandai.aa.yx/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar --output-vdex-fd=68 --oat-fd=71 --oat-location=/data/user/0/com.duandai.aa.yx/app_jar/oat/x86/lpdf.odex --compiler-filter=quicken --class-loader-context=&/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/files/one.dex --output-vdex-fd=69 --oat-fd=70 --oat-location=/data/user/0/com.duandai.aa.yx/files/oat/x86/one.odex --compiler-filter=quicken --class-loader-context=&

ioc	pid	process
/data/user/0/com.duandai.aa.yx/files/one.dex	4122	com.duandai.aa.yx
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar	4278	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar --output-vdex-fd=68 --oat-fd=71 --oat-location=/data/user/0/com.duandai.aa.yx/app_jar/oat/x86/lpdf.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar	4122	com.duandai.aa.yx
/data/user/0/com.duandai.aa.yx/files/one.dex	4345	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/files/one.dex --output-vdex-fd=69 --oat-fd=70 --oat-location=/data/user/0/com.duandai.aa.yx/files/oat/x86/one.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.duandai.aa.yx/files/one.dex	4122	com.duandai.aa.yx

Requests dangerous framework permissions 8 IoCs

Processes:

description	ioc
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.duandai.aa.yx

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.duandai.aa.yx

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.duandai.aa.yx

com.duandai.aa.yx
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4122

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4224

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
2⤵
PID:4255

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar --output-vdex-fd=68 --oat-fd=71 --oat-location=/data/user/0/com.duandai.aa.yx/app_jar/oat/x86/lpdf.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4278

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duandai.aa.yx/files/one.dex --output-vdex-fd=69 --oat-fd=70 --oat-location=/data/user/0/com.duandai.aa.yx/files/oat/x86/one.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4345

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.duandai.aa.yx/gooogle/yunUid.f
Filesize
169B

MD5
c4493e5b2934518de29872d526cf4e11

SHA1
4d7c975e713306e3efec65523f4456177971f4ee

SHA256
ef6f3a139cc6f1dee13774e4cd111936167a8fd4df48019dd916eafb57f41a58

SHA512
ec31f8c907646a0d3e6e5405ecb38e10aa2468228fbfec3ff0701e16465fab6a531ae02d1432537d2104eedde3dbd7daee1d3e7f1644619b90ba99c7be65fbeb

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar
Filesize
35KB

MD5
e1ab911d4b585a26aae02d8540575013

SHA1
ac148f7bdf95edddc97d9224ff51a771f1070520

SHA256
8a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca

SHA512
983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar
Filesize
69KB

MD5
efa761137b704871d7e20876e397d398

SHA1
8b4c431f2387f66b220391660b9d9898e4c16c2e

SHA256
19d0968e122acb3d0a19265cd4c890fcae065e609ff6baa6d217d9a7fa1524ae

SHA512
aeb9696fcb3dbee53862529cc80324eda1e3e0f78f53178f9f2254e165d14e9f82b661e3be11a630a2f7f586ebdeb1c2cd6385100d23db2578d6f70b674e1829

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar
Filesize
69KB

MD5
61503c78bfaed115dc65f007a7461ed1

SHA1
e989f0a0abe36a164feb51d6419eb1d10db3fcc0

SHA256
f9eede33f737a4287b1412412c47a8eafbfb732f764fe18cce955c4a28d3d2e4

SHA512
3c59c6deaf0c0d0aa559beec62fea04a8021d471ba92af656983f6ad72f1a07af25a3d886b1c2783cecd802bf865c6100c459eee83e963cee95d834e643d2014

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/lpdf.jar.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/oat/lpdf.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/oat/x86/lpdf.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_jar/oat/x86/lpdf.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/Web Data
Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/Web Data-journal
Filesize
1KB

MD5
710fe97f3462fe88471538a0dbc3f97f

SHA1
f918d54789261e28b35095aa3407cb2504722b47

SHA256
efac33457d6e7ea1fe1e4e181302faf96e27c025882ecedad499e70efd851957

SHA512
3f57f0837ba8288457c31cc38c82776cc921416e0d00cc9563a3004d804bab22f95cb4fa34489177e93db672efafd240fbc7309a24fbb421ce7cea8d290c0f54

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/metrics_guid
Filesize
36B

MD5
a19edb0c399c19e9f1053fc69bd79086

SHA1
8675f618552168a7837489b29e89fb85920974d0

SHA256
c81427be589045668516986d34c1870570435cd5d043154af640774c2231a863

SHA512
e06d3889f31c6c7d6abc7fb1218f47152e18fdd94bcea30d582e1ba39d5f8d57164ff485263120c959b462bda1b0e9ec65fcf69f70911f6c3425c3296e981094

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/jiepayplugin.apk
Filesize
45KB

MD5
c83e81f064fbbff6870210fcc9abcf6c

SHA1
65f94be4a62160065ff192b9baac02da3a293031

SHA256
fc37a898193dd0b37c226a5841936c88bc51a02bf99abe3f17ab84951a3aa1c9

SHA512
100c617de8aadb73da780a8e16eccde545b9717bc0e77823efbc1d9831f13a2592a1a14d9e68ba49a364cf2a8029f6fee42d7268925da7f0112c18a5e9412164

Download Submit
/data/user/0/com.duandai.aa.yx/files/jiepayplugin.apk.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/one.dex.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/jiepayplugin.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/jiepayplugin.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/one.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/one.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/yywda.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/oat/x86/yywda.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex
Filesize
59KB

MD5
1b5c4ae7e385db4551ced8c19386abe0

SHA1
12d4bc9728c4f1deec1b9b8aacbfe71c3ceeb4d4

SHA256
8211fa61bdd647dc627a182c4e2a763024252dfd94d14f1f12c9c9b4df045d70

SHA512
f56d74aa9a3c150034866b12abf7ed233fcc2bd03d7f34bfdfd61cd054952189311669892e91dfcbf5000f509210d56d094abff99371e4897bf7943ef5a2764b

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex
Filesize
59KB

MD5
1b5c4ae7e385db4551ced8c19386abe0

SHA1
12d4bc9728c4f1deec1b9b8aacbfe71c3ceeb4d4

SHA256
8211fa61bdd647dc627a182c4e2a763024252dfd94d14f1f12c9c9b4df045d70

SHA512
f56d74aa9a3c150034866b12abf7ed233fcc2bd03d7f34bfdfd61cd054952189311669892e91dfcbf5000f509210d56d094abff99371e4897bf7943ef5a2764b

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex
Filesize
59KB

MD5
1b5c4ae7e385db4551ced8c19386abe0

SHA1
12d4bc9728c4f1deec1b9b8aacbfe71c3ceeb4d4

SHA256
8211fa61bdd647dc627a182c4e2a763024252dfd94d14f1f12c9c9b4df045d70

SHA512
f56d74aa9a3c150034866b12abf7ed233fcc2bd03d7f34bfdfd61cd054952189311669892e91dfcbf5000f509210d56d094abff99371e4897bf7943ef5a2764b

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex
Filesize
59KB

MD5
edd86547c2f3d608b2e52ee4fe17f732

SHA1
81304da30d2a4233b440fcbcb1a34709c50c61b9

SHA256
98bfd29e133724a8541f23dc40c197a6b463d12c602439698079bb63e9e6b452

SHA512
614f4a6fdb9b0cb87848d4015a86f1124c0a81bf02b8ccc10c1cc65fbecf4bd25a1293f355442c5b3134f9ad6c64d1e8b5db729ebb8623acf8051259b4bcd20d

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex
Filesize
59KB

MD5
1b5c4ae7e385db4551ced8c19386abe0

SHA1
12d4bc9728c4f1deec1b9b8aacbfe71c3ceeb4d4

SHA256
8211fa61bdd647dc627a182c4e2a763024252dfd94d14f1f12c9c9b4df045d70

SHA512
f56d74aa9a3c150034866b12abf7ed233fcc2bd03d7f34bfdfd61cd054952189311669892e91dfcbf5000f509210d56d094abff99371e4897bf7943ef5a2764b

Download Submit
/data/user/0/com.duandai.aa.yx/files/one.dex.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/files/yywda.apk
Filesize
35KB

MD5
e7f60d676d27306924ed35124698dbf2

SHA1
3aec5caf42c0cd6b262e7a9b5fe3da29ecd1f958

SHA256
82491bacfcc1fba3c0c425b37b1152e2e428255df1321ba1714b1403bd08563b

SHA512
e6d49fc8c233068756782e1c11b28b4a8b6a5717c65e6d3caad6a0967ff999cdce9298f090ab5d6f1098d591382ca24eb80baf0f4f0dbe37464ac46df152f401

Download Submit
/data/user/0/com.duandai.aa.yx/files/yywda.apk.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/com.duandai.aa.yx_preferences.xml
Filesize
143B

MD5
4a0ee19d4c5d765d065ff297474b041b

SHA1
58b3b2e67e55e1434325b285d453f0bb917b09e2

SHA256
2472a4bf4dbdbd48d66d3dd0682fd130c044849c52e66991b4878c7e9767df8d

SHA512
d61c262578a1de3b209fb40d351e9244ee6b2a8fab63aabf04777c7b270b693572ae6222a8c7347c9b58fb8d9e5ed8c45c8f214e2321c11deb432e6983e3e5f5

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/com.duandai.aa.yx_preferences.xml
Filesize
200B

MD5
4e60c764be5f6394c5b9615b7ea1c7a6

SHA1
fb5a2b6ce524eb0a97136f3547fb19781ae98184

SHA256
0b8661330b03d9c26a9397081a686f996ccb640fe4ab563e66d72e592fe583fe

SHA512
ac79f1832ae86f254ada944b86e36c37296b2e00c439fb69c69024ff166f284ca525e6fa216c49f1aad4d303771cdea7898204018c51105e795db62efce11860

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/com.duandai.aa.yx_preferences.xml
Filesize
241B

MD5
33f9e0121216d1a37255c9613206ff6d

SHA1
eebc7096f9d401eb3422ef1a019140e2a37443fd

SHA256
c290a5401cafe65c7c275bcc96fe78651928d34af7334c338d66e5b8de8aa92f

SHA512
d183f1374397dc8a00714dc4aeb5db5ec91f174f996407f69e6079953e7ee7b836b75a34e80a47ae10bb75dbe0eddf690c35a6f7b1cd8daa5e89ba325a368aa5

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/info.xml
Filesize
400B

MD5
bed4fbdb00e46a8d99327dd3576e750d

SHA1
6d1baf6bcca68bfd2a35b2c949ec1a89c3871116

SHA256
ef465c4dea219e13e04ce1fc84c0c3bf92432a70a80c01a90d9540203c88fdb0

SHA512
da812b774cea877ad1627dc26d11e35ac8246c5b46f08cd3ea1fc713308c5a1750e23ec239e8073b1dac0184a38f1b812716c3cad3d08034cd34fcb3b7b06fe0

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/onePay_SP.xml
Filesize
125B

MD5
24b69c8f35ecb747d525229acc45481f

SHA1
ca9058811829978cf65edae36b9a32c1c84c234d

SHA256
de1797b8a889f6e30be294acdf7980cf060e70e7b48a2a39f20721418d3dcd34

SHA512
46184c7c2d28a81f57f81acb9cd6205ea289e6a42061af029c7c541e543f9c06a81c7c6a6706bab1af03f4fc077c76ae927f81045085585a6e33860dbcb21b0c

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/onePay_SP.xml
Filesize
180B

MD5
b60547b4b3cb89135a0e42d1135b39fc

SHA1
dea96d18fcda45a8274c6dbfa3a6ae066d57bb3c

SHA256
9b2ef2859da862a0b3fa2dca215acc4a36ab1fdbf242d0034750b9f249a1113b

SHA512
6915bbcd4ff7f28e2885091af17c73926f0532cfe0789b6bffbe1643b1333c1ef25b560fa146ed9369bb6d55b217bc1f5884b93675876e7f39e291870c4210dc

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/onePay_SP.xml
Filesize
238B

MD5
d972aca50ac698da077752b801e09093

SHA1
729ff12776171cf1f76198be53e68225f40c9160

SHA256
594c3d36a3dcb67f44763640eabd3f7e50e2294f6e38518cac82c3c6c8892613

SHA512
99614d2f2a3ffcc45c59db7974aae001434704a16c9879ccb2babfa7a194d85f27d8a6c9959d169c399d3c783eb72cf60195508e563b2b49ab2246801fd97320

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/onePay_SP.xml
Filesize
284B

MD5
f428cda9b1450a8f25e63931ba9afe66

SHA1
90ec3bfaa59ba75413d3872b9fcb18439329b452

SHA256
d69a3c8df839b5ff32e03aa1ef1fbc46f47091a9bd366d8b5913bc422d9815c2

SHA512
5429f52dc2fcc9f7fc2c0fc6a39c63309b106e43461a54528e0323c244a8c47d0ab51ffa62b5f6403a2aeca49594808aaf268fbc5a5950cc5ea191526affc29e

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/umeng_common_config.xml
Filesize
111B

MD5
7cd052c524e28ffda4356710ec0f8fe4

SHA1
652b2b29445ee7945adb622e379f1bdd3e8ecfad

SHA256
bd07d9b6fae6f73a707ce194808e7cc0d5b628923155858a509ca1eb0fb8e4fc

SHA512
d01ec156e03c0a7645bc85bd39ab465cc6204f0bdece7839cc50f68754e7a4d6658f54f49f7f683beea44fb26aceea718a77b741718c2c9220a9603972a6ce33

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/umeng_common_config.xml
Filesize
171B

MD5
9c67623d99ce356d0693588be3c9e2ea

SHA1
0463ebd12e03583922b79ee189f289c6a8c7c8da

SHA256
b43561e01aa9267aff5524a16bd73b7dfddacd161f2b9c35fd0441aac3d09168

SHA512
95e15c7248a2b24b11e75edc1e092aa47569b59c00664a7ef7a0d32897ae3d1506d6cfdcc4241c0efc0c63d92775cacb71d603f5e92b813e62ab1994b9682c58

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/umeng_common_config.xml
Filesize
236B

MD5
298523bfcb3a69d4851fc4b8300b45c6

SHA1
d1439b6d0a368f2a03b0ca9104587ca44fc1f10b

SHA256
3dc59f688ffaed603c8827a5d970b1278771158c1b85b8a0615865892542a28f

SHA512
dcf921b5361e78fd4220e5e1c26d2c1e1da20af2bc75068987555c7e07f68fd0967041bea279ab9f75d7820fd896f8fc3f57f487093017dc230a491851be1df9

Download Submit
/data/user/0/com.duandai.aa.yx/shared_prefs/umeng_common_location.xml
Filesize
390B

MD5
5cb30012f95f87bd6064ef7e548d7f1f

SHA1
c2333a463250b2f529bcd65734b880b9daddd10a

SHA256
af7c46049a295e92289b78b889b1189f0b787f99e320b5bb64b7b38929718a95

SHA512
ce98c40606d8dce645d489099f187dadc8b49951f05ac43df33df6120e83ac9ea4caa78c6f3d55e5ed4bd2d770ba33e15edc5dec1a2b31fb23433d26fa33dde5

Download Submit