6d9b1ea3219c5108fb95dfef43ba73d9eaf533dd66a3943ce72d6d0a10fbeeb5

Analysis

max time kernel
2254979s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19-12-2023 23:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6d9b1ea3219c5108fb95dfef43ba73d9eaf533dd66a3943ce72d6d0a10fbeeb5.apk
Size

7.7MB
MD5

160936f83e511055d6752b0d8d884b5f
SHA1

882e21ed7f6b49b6719c6456fc96aea9b79ccd65
SHA256

6d9b1ea3219c5108fb95dfef43ba73d9eaf533dd66a3943ce72d6d0a10fbeeb5
SHA512

154c5d67f8d365b2b4843441eba9e4fb4b0009b41b14c46cac2dd35167c79ff574dd7a8edcecf73ee6218f658e68ae7cbce1fc2c3edfe7eb996158fa0f77eb7f
SSDEEP

196608:nTNQat7PIOAhTfZz5p+5UJINc2coiFCEwxjWpmasYq1uOFd:T2ayxfmaINc2ji3OHa+Fd

Score

7^/10

evasion

Malware Config

Signatures

Checks known Qemu files. 1 IoCs

Checks for known Qemu files that exist on Android virtual device images.

ioc	Process
/sys/qemu_trace	com.coohua.xinwenzhuan

Checks known Qemu pipes. 1 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

ioc	Process
/dev/qemu_pipe	com.coohua.xinwenzhuan

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar	4285	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar --output-vdex-fd=55 --oat-fd=53 --oat-location=/data/user/0/com.coohua.xinwenzhuan/cache/oat/x86/td_fm.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar	4221	com.coohua.xinwenzhuan
/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar	4357	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=71 --oat-fd=76 --oat-location=/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar	4221	com.coohua.xinwenzhuan
/data/user/0/com.coohua.xinwenzhuan/app_SGLib/libsgmain_315532800000.zip	4221	com.coohua.xinwenzhuan

Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.

Requests cell location 1 IoCs

Uses Android APIs to to get current cell information.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.coohua.xinwenzhuan

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.coohua.xinwenzhuan

com.coohua.xinwenzhuan
1⤵
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4221
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar --output-vdex-fd=55 --oat-fd=53 --oat-location=/data/user/0/com.coohua.xinwenzhuan/cache/oat/x86/td_fm.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4285
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=71 --oat-fd=76 --oat-location=/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4357

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.coohua.xinwenzhuan/app_SGLib/libsgmainso-5.1.81.so.tmp

Filesize
507KB

MD5
bec24c3968fd14fb7b61cac9e34e42cc

SHA1
049a01508d829c284ff08e61c819e9c5b4c18b6c

SHA256
783b491a29835cdf0f400e954b15bef25597f352c833092fcdb9016f34bce0d4

SHA512
dba83f01291b4eec66af6074d85e7a680926dc1b19e3f9f520ff846f3845b6b53bd56b8b72374daeebd37133785b5416cea0754dad5378838f493bf9032fbf35

Download Submit
/data/data/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
142KB

MD5
f0b930680aa93a62bb77d1916e64a3d7

SHA1
fc30b5641b8d32e4efeaf409d07a4d520a95a6da

SHA256
8f109682334d43d811c7d56620c5eb30c9bc1a89f3f36b91232aeb142a6f6ba7

SHA512
2a503f3aefd5ed8634dbc85cd952d10625e4bc18badc0661c7cfcc3345cfb43ba1e153d9fb264703e4cf0d6c40ac601942e841b9537125072f884c283adb5b99

Download Submit
/data/data/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar.sig

Filesize
180B

MD5
b23a77c1c0b865c67e4fd0ca80eb41d1

SHA1
e290e2dde37e0e2f6b1274f0a69ac4ed0d26af37

SHA256
142c0b3bab77907907546d3f17089585f1086f7d9711bef8cca9175ea659e26f

SHA512
b93447f22e7bc98a663e3c9f7a8a76cc1c462ca6288deca746256154d61ac58cd54cac199e3462a33ccfce1c43f3ff6a93b15dbf7e1fd0421632044b29213707

Download Submit
/data/data/com.coohua.xinwenzhuan/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof

Filesize
507B

MD5
ea4888d2b96dc392cef0e972342aa640

SHA1
6d759348951cda27d02851e4c9c425cc4eaae4cc

SHA256
64930d02ee6acf7adcaf7b093dc6282bcb6d4e5726692d7f3929264dd3a8d4cc

SHA512
ee0b690cc4275b73ec40a0d60f00774f99e6e064b4add38d0be417daa744e66d914cbd8dde66245ad50947b04b4e2d6171c5b39396b985e3ac86268d50264224

Download Submit
/data/data/com.coohua.xinwenzhuan/app_e_qq_com_plugin/update_lc

Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/image_cache/42a9759fc0ce25e3e968f6fafcdea326c29866c24ac56d19ef075a10d3c873df.0.tmp

Filesize
21KB

MD5
d87f17b94103ebf46eb28b91965647fb

SHA1
d9b4e271a5bb2d1705ce1b6a7d6950d4515d1061

SHA256
7d01c1f5763062d43730dede0086498bcc2db526d9779a543f1995f2da6db226

SHA512
d6a9696c698169602b4dbc1ef4de7c62e81e8cebb06771c025839fae8d618f79cda6664963635287f1574e8c50cc8d51a42a12259f360ba8ea5ad352ed79a114

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/image_cache/f649ff493c301d71b81f9a770e1e3c68b77694d8319c132e87b9789c34f893c1.0.tmp

Filesize
18KB

MD5
6301b6cde12de1aff1cb6d37931b1528

SHA1
3ff53b2f1fe8ed73cafc580f19c85293d19c93b5

SHA256
a45e741b1925f1ea0a0efd4f8508e5cb8b554ced48dac530a3bcf9fac36e8f65

SHA512
137ce9ecd88e09b45a498f4ee7ebee0d543033630f6a316061af75e1adc21fe2b001ef36941346a148900f699fbbc70852cc52165aeb8af478d565cd5cdf039d

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/image_cache/journal

Filesize
71B

MD5
6e874baa592ee17829e18cdc195f692c

SHA1
b25b22c670c92fba678310c794cca2e7b0ba3bee

SHA256
2ff9892a801a4219547fb533ef4ca7eded3ec8af31b3b3dcb00af925ad6bf434

SHA512
163c9777db2285fd687dbf882f54c7d8a032736e9383420e4e76d57d9c02bb669dae8df1a7617c7b10353f121fa643d966f8bb73d215e1ee8d672233ad088308

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/image_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/oat/td_fm.jar.cur.prof

Filesize
301B

MD5
8f1f8fca24943074ffdd8d73328cfd41

SHA1
0e97bbc9b5c350c54b1a6e0fa7c6ecdee6a925c8

SHA256
f354e47fce24d0910750738f90a79abfa94a03fc204cb2845e16c8347da15834

SHA512
0ad4fd0dd213d3b1db0d5e812b3f06f0a95df689d38540813a86549aa06fa3c511753bf518dbbfc6d9aed84584cbb16663a53676282e803297a229b0c035c1ab

Download Submit
/data/data/com.coohua.xinwenzhuan/cache/td_fm.jar

Filesize
37KB

MD5
42b3c54b6cc4ade15c34dfe9ad3b133a

SHA1
675b217b442cb294aea6c5b29d1e0e42a08358ee

SHA256
24665932081d23f045505281d72c95f3404f09372c4bb8d4f319ba38b29a2945

SHA512
3bb655c6d643ca304a84db8facc74d2d9bc3071385816410fb9134c209bc6b4ca335712b720f70c44f579824c79402c597d9da5363df73502c5c5131f3511577

Download Submit
/data/data/com.coohua.xinwenzhuan/databases/GDTSDK.db

Filesize
24KB

MD5
755d1d1b0599d7be973031b5a9ed3373

SHA1
3b13cffb97005729fc20cd9b9a8547e0fa32632d

SHA256
90bc14445f887f7dbff548bdcc44145362d7fd20cc8ad8568b4d5c9372ee9b46

SHA512
afbd3a1c76a41015b2d4523d1c08dc14a3a75dfea3a5082b5e0552d750a498fd316bc98055b9f0ad2992f28b820ef15254461fb5df4cd6c21573a96f17b24ae2

Download Submit
/data/data/com.coohua.xinwenzhuan/databases/GDTSDK.db-journal

Filesize
512B

MD5
8ecaab78aa78dc4ea9dab2bb102b3de2

SHA1
9b99c9711fbb237a310585dc5369bc0200d47377

SHA256
2d468c28484e71eeb756881b62910b892ce0b2514cd8206376a7fa443b28e6be

SHA512
2d0df71e4bf653be2cf892ab379a5c676572c1051b6a9951dafe170308e7713546a6b62b94c43b2368d1652570ad8345fa3a24a9566ba2e53f832c5fd9256ef2

Download Submit
/data/data/com.coohua.xinwenzhuan/databases/GDTSDK.db-wal

Filesize
36KB

MD5
710c62104097207f912d4e99015d354a

SHA1
dc056a4cb74f4863c50b1c12b5c2eb75fab3acf8

SHA256
487a7210a9c12c6397861189f625c9ec9b6d124ad65368ba96823f4629df8e43

SHA512
01b09b38ec5848a3be3e4b1cf3a390d9c77e96219c2ddcd2b8ff084d4639715d4b87c53b156ab5520a21aff971a6b7cfd6c4e34fa96654d89846ba00eb458129

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6582A9920208-0001-107D-A14E03E288B5BeginSession.cls_temp

Filesize
79B

MD5
0b2d90973de1245fc7ea5fe85fe63c29

SHA1
f2dd425576bee712a68803c8f6beeb865afbcd0f

SHA256
a22b6717634d2832e783069addf08be11e6c871231b33c7a61cf1a4441ec9afa

SHA512
90d57bde5733888b41519a7e6259946883663b17d256e2fb472a2de176066a6706ecdeee056bd0edd379c81413f0d4a212677310442362918eb05f325bab631f

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6582A9920208-0001-107D-A14E03E288B5SessionApp.cls_temp

Filesize
122B

MD5
be44d9993e42d6f91d86e36250c811ef

SHA1
3c1066ad7498620bcb67cd9b992eda1ab8c2dfaf

SHA256
57395a0eedc4b7182fe4b9b407f59a5e1c8da16debb7301fd9a711631d116b26

SHA512
8b70e798d38269edce25d4191f55f4926724fc5a5b4ae447ba5f0f92d28bc857f9a6ec04137f25e9f0bbc79b020c59bff67c8166161a4b383d0bae0d4ffa26fd

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6582A9920208-0001-107D-A14E03E288B5SessionDevice.cls_temp

Filesize
88B

MD5
048753c2b33830c0d704e4041a092083

SHA1
0edac8c5191741bd1fe3b6abfdbffffaea055f77

SHA256
7cac31fb8ff74cd5402c48c1195602673d349ebd1e200e5b09c187631bca8aa1

SHA512
17f5bf7e4e48844fabe50a242879f07d4e9dd292e66a2c3b7d6aa0bd3b2ebd75e7a70507b75e5dcdd748d147238fd86976b6cce12e6cfa945cc7a8226a777f58

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6582A9920208-0001-107D-A14E03E288B5SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
470B

MD5
12f6ddd5f4bbe232a6dd25591ad2a23c

SHA1
e568dbef55c568ad366aea5e054d4e604f702ca6

SHA256
b5f6b401d6922b1abb0d1cb246382de1315c0ced953bfe1b4d54eefe34e4c564

SHA512
bc3cf22ddd692509f072f283ccb3e63eacf0e43979ee79b09fb9bc18517d68640754a4b2d40dbd544e49e3c4185a575c3b4d6a6f611010a54683a3ec341399aa

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
981B

MD5
50149ff2d27e1b211df286ca560a3467

SHA1
ff3814b0baaa52ae85df269442dffc0afe0516df

SHA256
ba61fd8939d34174aa217206da5c5748fc08e3450e6a5dad6d74bbd0317a88b2

SHA512
64ef8a99b305d71cd6acf732785cf9493e0a39bd74c88280ed8f53565bc41f6192eede79528c71565e064c4348e9beada1dd1f9d031196d593af93ca1e15dbd6

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c7ac4db5-2bd2-474c-a8f4-d3465ddda4c1_1703061906833.tap

Filesize
371B

MD5
1841bf41d1e7e8e322c59e423f9ca61b

SHA1
3aa2a831fbffeb51763d7772d79cb2e0a19b63f3

SHA256
478360eb6beee9b2abe4b4bfabca022ff98f00a9e91700699e4d96907d973bf7

SHA512
5276cd4a587cff37f5d81a5aa94af584f7990651dc1d037be4c000d29486ca34f9aa9742f31f75f3fdebea4a3b26408a97dd73fb7fdeb60d365a943219fa965d

Download Submit
/data/data/com.coohua.xinwenzhuan/files/.td-3

Filesize
96B

MD5
4d3aff0a189c2e4accab5481a13217bd

SHA1
db70f05141b989b4207919c6649b89a3ed30a665

SHA256
602d591afc6767249b445773538a59e82a64b5adc5edfc1eddffc27af7938b8b

SHA512
ab06b7a1a3f8aac2f77464658041d8bec1ccd0bd25b2df500c03f7a42b523d83dff00371eb8aac0c13037ff7de8474f189e3456e3842bb925723dd25c23c8a31

Download Submit
/data/data/com.coohua.xinwenzhuan/files/0a231bd8575dcf72.txt

Filesize
40B

MD5
bb4226e7da84078dd7ac465fd5ce2c6f

SHA1
09201f8c07b5c4bf38025bf988383108f39f846e

SHA256
dce76575dee41b09390261dfe82773a4ea0035ea3de8e735db732b1422f6604a

SHA512
adb3aa8bd68acd689f4bec78a1e161696735c89e1f36769cdc720903b9c07f3176fee4e1bc8545916df4313d41fbf3defbcef077accb0c8b1a40f7273c7f79f0

Download Submit
/data/data/com.coohua.xinwenzhuan/files/21c22f492aba3de8.lock

Filesize
16B

MD5
e20cfc71ab5aa87cc5df559733d2e049

SHA1
2c15783d47468b3fcd2244aa7f3e91b204df82c7

SHA256
e2c66820b2cffa1a7066e641fac7e638fc9d7e75ffdf88779217cab0972f0718

SHA512
dab33e8e40092cfb41e77514309a682386dfbd456e40f0383201ec08215e4ef6e6cde832d41c1d0e50f88717d804a2bb6dc3992ed6e0158205cc72ac4285b5b7

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
81B

MD5
d95d0a650a3eee6650d70854de6de0ba

SHA1
5d529120971572ebf20e16a9421801173a51283d

SHA256
e482e1de4a84e63878f96526f12e456722bc0fbecc4f3926f7724eb7cf507189

SHA512
c54995c3231639e4ce712568bd2d880836ffacbef590001e0334b0f8e51ba997570e1a07a59384151be7455e1bc1346711961b9cc170ceabe46f5b2c6ccf681c

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
152B

MD5
6f2bdd9a2f6c1de2b1560569ad8cc562

SHA1
93561ace6cc306c2f9ec8e678bdfd9c3842b872b

SHA256
382ce2638f7b37b27d4dca380dec9aa2518d1a99f609b8fa6012f696834e65b5

SHA512
a8cb3845668b887b3d2348fccf6e48e4a2e70c9405fd5fea069805f6a0abeeea92e0098099d6f82314b5aa06cbd5fff774b7f1dcbb6c311191365e8ae6f24454

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
223B

MD5
2e86b293032cd0e16b6c2bee070426f3

SHA1
75682d2c4d8e130cb74f6bd5b09a69913ab13b49

SHA256
8f0397aecac63f014e2907b4ff0b84ff82a888ab9bce803e6c3293389c1eb9e1

SHA512
4811f2835130ce22491f64977470b431970f6899a6e810efb192e725b435918d238f20345c76e165af8b051a77881372dbaa2afaa96dc3199ffea5cd6cb87fbe

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
269B

MD5
064f58246250794489bb440a8b568090

SHA1
28d7beeda686ab396f16383777d6b3d51399c12b

SHA256
ab27aa5f2ff39d5a12e20e0dd94193d99887d8a4f60686740381c9ff82ceef56

SHA512
4ec094f39cc6c27e15c88cf2e40efb9a911c683689109cc4131a5a4d2f57186785d54ea53ff686d5217ad31c8c2a59afc039d25f39cbcc6ba3535037a84b9f7c

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
342B

MD5
f121e6cb0049524e5b5f8550fe0d6c1a

SHA1
70b8503a77d5784c67b06eb248a8918cb61a1225

SHA256
b9a90de253ec77d2200e5e7cb87f26ee348be3251600d5631e6d7268612fee33

SHA512
294effbd17a32fc931c41dc38e244d50b9bc316671ef53494b4833b894ca765c9aaf13f53500dabf10b5d0363e5203a53f0b12591a350b7e3091967ff4500a2f

Download Submit
/data/data/com.coohua.xinwenzhuan/files/SGMANAGER_DATA2.tmp

Filesize
414B

MD5
38e94d616a8f9aed7826dd5b285f697a

SHA1
07846f6ebe1c38451a82bfefd5d3d35f1d06045d

SHA256
d6ecf5b3dc15042ff6bcedce6f651b6d7b5885447f81fb4f0809e0a98e7305cc

SHA512
6188c37868a2b6f88920421e09be488854262bb34ad054b17eff27d557307d31425af646fc271cce5104461377c8e7273b29ccc2e73f0a35ecd531d83daf6b19

Download Submit
/data/user/0/com.coohua.xinwenzhuan/app_SGLib/libsgmain_315532800000.zip

Filesize
65KB

MD5
522947eaa37b029a247e3973f3be3621

SHA1
31c88e0d7c9b51904c0f598e80245bba41b1c7d9

SHA256
d06601f9eb8d8c991f00426ad30bada9d2bb7886a6de21d78cd0ccb7b7e62156

SHA512
f5eaa9ccf08096bf0df8f004fbfc1b893ae08fed3e6722e0adea1fdea2719a45876314b765134905841f440c27216c897876e3ac6c8903fc44b697854eb02c0c

Download Submit
/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
336KB

MD5
8101f3176c78d3293d6355d20c363ae5

SHA1
56d99b70dae57fa9a0472d8fc9edf441202948d5

SHA256
130b2a91918da091eaf5b7229a737b1098bb8fad476bd937fe52e00c5168d2c4

SHA512
b08c60271e9a13a78504e65ac90dcf509bb5223c57a737a36ca3a11258e5e9b3aae490992e3a3c00cf6950b3315544f141ec80dcc947cd77072e342e5e30dca3

Download Submit
/data/user/0/com.coohua.xinwenzhuan/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
336KB

MD5
798f10a662a4848ed33d16790c751355

SHA1
4198fc8cb89d53e338c2bf12122cb4f53183513c

SHA256
6f52b12d38067a97b22917660e919d36232b409c1505dee37233cf7bdcc12eea

SHA512
70beba592750c2d9ebda28b13378a82b2ff7d0e39d0caff0529d8e3ae7c23eb3b243ecd82bc132b1c12b354e8b171e589bdd846b169e955607e11a87c362957a

Download Submit
/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar

Filesize
85KB

MD5
d711357d53727b24b2e10cffe712c849

SHA1
2f76eaf7742b106dab296ca1cfcded05713ecd82

SHA256
049086bdd84cf9a31e605579ef711f2cea421cbe44973f415ba349941a0dbbe0

SHA512
da517422103012b3d95cf8f4b7c4c73a9c8157e731e8a9ec4c789d2741a1f69051d8ffd44c3ede614978025a9a989b1ce95d82f5651651041fb6699c2bd8599c

Download Submit
/data/user/0/com.coohua.xinwenzhuan/cache/td_fm.jar

Filesize
85KB

MD5
2c51dedcc47b21e3c0cf728191c6bf89

SHA1
dc6a029eeac9979bdb7d6de5b87f0505544b05da

SHA256
2ca4ef7622666b7015b29e830d1587044b1d18a019a04a41969f5cdeb264aa75

SHA512
169b1be0b9319da0b64b9ca254ad6b62ee54ca7890721b270225555fa76b7b502808ba0a3a8861b4b4afe2695aa3ff5121c94b96c2fcabf5131551b9855c13c9

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
f0beecc0c64423f547b3de5bdc903e74

SHA1
6193d31a95522444cecc0d1b6f8e1431ce04e351

SHA256
b769d6bff18b99e1734f2ab0f81288ee7a0096a0d2fb2798b2851d2c43135dc1

SHA512
dabd51c638276ba7c8cdfd4e554041465e31305c883ace6119e4fac36517c1b1e5b44ddf44e8dacb93ea909e70e372d143259dacf1a48eb8960994ccd563f5cd

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
b76307781a65ead1b73d51a21ed60bf7

SHA1
5d61ee673baee8f989453de11232776aa8ae46f2

SHA256
cb0f38636a6f1f7a748f79afcfc9910e78adfdf42cabaa4cecc0895970ed4678

SHA512
dac27cb8712f52a8b4ecbcd85c5113ff6e10376ec04ddb16b297d97cea920e732b7c6200722162560fe859f3cba01eab1c199ba463763484c1ce3315e96d266d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
4dd670a72e2febb99a6c8d87c45ac173

SHA1
3e878bf0c10d08cf0cb4fdf0d28e3ad4c9e7e559

SHA256
ac523d2003e133df8bb2e3e08e1cd4cc668dfd9e89ba9582bf7ecfcb292fd1d1

SHA512
377f68082b575fcd68db646b186970e1e58cd9a0d2523144b5e46cc2a0bda64d5190aec5187daca7672584f502f5958daff5d891098fb2bf54f852172b86c218

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
1db78ad4e9b6adc450da26c37b17b8bf

SHA1
cd1bf8b4c65909aa0547fef188103d7a3a4fb828

SHA256
dfea89583c2a9f8c5a7a4b21509a85fb885638165f4ff7e3e3ff5d935de549f7

SHA512
ee50493d08d8a7a983d803c59ab4ef5e02cc124b151704a451cc3446bb163b8877629768f3f7f3ad39557954bf38ad32e022a5ee41d352f89b6622928460189d

Download Submit
/storage/emulated/0/.com.taobao.dp/dd7893586a493dc3

Filesize
512B

MD5
3cb257b0cb4145f297a2729d4b7d0b6d

SHA1
612d71222ee38a88cf342bc4164460d97657d2c0

SHA256
267441929fce07862b9415f9995b8909ac0036e16673ea49ea266e81fa5b6b73

SHA512
5e9a5c82cd7b21894938f05e1be5c8e698e6d3890eac58b15cba4dab04881779178eadc8644b12b61a89b89f848df75196bedd017f99e15c21a26b2cc18da3b5

Download Submit
/storage/emulated/0/.com.taobao.dp/dd7893586a493dc3

Filesize
512B

MD5
9dad818ab6356cfb721c4312b1435342

SHA1
16c4bf79f5443d05443b0433523bbffb3a45df3f

SHA256
cf50471dfdad5f3b4698072d739ce772588ed2fc0b997e0bdc682d83e2df6cc0

SHA512
b7b056442e6e15ad8dad125cc61a9d8971fd5029fbcb555ecce43e4921ca9221acbc0e0d2fc8da1488ceabcf164ef8c85c89d263a1fb03ba09026258209c476b

Download Submit
/storage/emulated/0/.com.taobao.dp/dd7893586a493dc3

Filesize
512B

MD5
33c394eb45092968b51023d4ef28fa83

SHA1
7545cba0790d7ed1a14a2ca288fd2e4540bddbf7

SHA256
6d180734dbe4361ed3985aceada67299580bda6f89a8e6a24ec5a5d6d00047ec

SHA512
49aaccfa02079ec4dc20d2d30daf1037fbde3cc8be2700dc1db96beeedfd33e75f41a4f2d17867b175af0135de03753c8e62274d41f32bf2fae4d0876eb970c2

Download Submit
/storage/emulated/0/.td-3

Filesize
96B

MD5
180dcc9e949f009f209fd90a685f2f23

SHA1
3ed7c0504a8f09473b07eddb670a051378f6a157

SHA256
777fd0885aa2ba121646fd5bf7092b2e8e3fee504f27df4d43b406deb0c8e556

SHA512
57477897a3fb9fd547c33872f1d110b7ea772e6c4ea0ef78873b734b747de4b1bf6eb1bc942b2b9e650bd51aba60911c098b9e20c73299d128b73e5a2f6e0daa

Download Submit
/storage/emulated/0/Android/data/com.coohua.xinwenzhuan/files/tbslog/tbslog.txt

Filesize
2KB

MD5
901c2a7ffa59739668ba62811f898495

SHA1
fe0b699617fc6c549a3e935a0adb15967077f801

SHA256
dad245e69b73ea43eefc359387ffd8c050c814a207950925662624e041ab2157

SHA512
772814564ab93549e8b785cf12c185f31f544ea062bd90ab0386d1da82457e847ae02f1e809a76b188e8cbf59629955acbc9ede69ccb3afbb9edf61f9aad4ab6

Download Submit