dadd500d99efd2f2c88ff96616225acc3bbc163e2bf2365b3b33e01e7e854c19

Analysis

max time kernel
2207668s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 16:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

58b23e37d2c21f9c5bb879563d42a846.apk
Size

30.6MB
MD5

58b23e37d2c21f9c5bb879563d42a846
SHA1

7727e5df9e2cf0c9268d587a61423bcb2f8071f7
SHA256

dadd500d99efd2f2c88ff96616225acc3bbc163e2bf2365b3b33e01e7e854c19
SHA512

d94388336b42d7d1154877185cb494fce960f746c91cf412f24caf1b7c6ced1d838bea19b89bf09061d54e7527a43fca36baf43808aa2475b0e9655b71d9769b
SSDEEP

786432:2JooILqisBOchc/zawzJBlc2dz47u9n54tOzEadI:foI7GOzaM+q9n54tO7C

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	ai.zuoye.app

Checks Android system properties for emulator presence. 7 IoCs

description	ioc	Process
Accessed system property	key: ro.serialno	ai.zuoye.app
Accessed system property	key: ro.bootloader	ai.zuoye.app
Accessed system property	key: ro.bootmode	ai.zuoye.app
Accessed system property	key: ro.hardware	ai.zuoye.app
Accessed system property	key: ro.product.device	ai.zuoye.app
Accessed system property	key: ro.product.model	ai.zuoye.app
Accessed system property	key: ro.product.name	ai.zuoye.app

Checks Qemu related system properties. 7 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

description	ioc	Process
Accessed system property	key: init.svc.qemu-props	ai.zuoye.app
Accessed system property	key: qemu.hw.mainkeys	ai.zuoye.app
Accessed system property	key: qemu.sf.fake_camera	ai.zuoye.app
Accessed system property	key: ro.kernel.android.qemud	ai.zuoye.app
Accessed system property	key: ro.kernel.qemu.gles	ai.zuoye.app
Accessed system property	key: ro.kernel.qemu	ai.zuoye.app
Accessed system property	key: init.svc.qemud	ai.zuoye.app

Loads dropped Dex/Jar 11 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/ai.zuoye.app/.jiagu/classes.dex	4473	ai.zuoye.app
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes2.dex	4473	ai.zuoye.app
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes3.dex	4473	ai.zuoye.app
/data/data/ai.zuoye.app/.jiagu/tmp.dex	4473	ai.zuoye.app
/data/data/ai.zuoye.app/.jiagu/tmp.dex	4554	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/ai.zuoye.app/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/ai.zuoye.app/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/ai.zuoye.app/.jiagu/tmp.dex	4473	ai.zuoye.app
/data/data/ai.zuoye.app/.jiagu/classes.dex	4784	ai.zuoye.app:channel
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes2.dex	4784	ai.zuoye.app:channel
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes3.dex	4784	ai.zuoye.app:channel
/data/data/ai.zuoye.app/.jiagu/tmp.dex	4784	ai.zuoye.app:channel
/data/data/ai.zuoye.app/.jiagu/tmp.dex	4784	ai.zuoye.app:channel

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	ai.zuoye.app

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	ai.zuoye.app
Framework API call	javax.crypto.Cipher.doFinal	ai.zuoye.app:channel

ai.zuoye.app
1⤵
- Requests cell location
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4473
- chmod 755 /data/data/ai.zuoye.app/.jiagu/libjiagu.so
  2⤵
  PID:4526
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/ai.zuoye.app/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/ai.zuoye.app/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4554
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/ai.zuoye.app/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4761
- sh -c ps
  2⤵
  PID:4814
- ps
  2⤵
  PID:4814
- ps daemonsu
  2⤵
  PID:4845
- ps | grep su
  2⤵
  PID:4877

ai.zuoye.app:channel
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4784
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/ai.zuoye.app/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/ai.zuoye.app/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ai.zuoye.app/.jiagu/.jgck

Filesize
4B

MD5
84b4988a07624cc41bbe4b71d47ab9f1

SHA1
333dfab3ac3ee030ccfe361545873b813f53071d

SHA256
b9273d7d3d5071df4f82c7068c8748f4b6c2b8dc22cbf15a06e7839f73d959b8

SHA512
1b9b570648a9c41c2b1f325ab65c7477ca2a1f48eef9668795f2fd3278f747225805b0a20150736084ae9d1d1e81f86cc46768f56c0cc544aadf9a2cdffc06fb

Download Submit
/data/data/ai.zuoye.app/.jiagu/classes.dex

Filesize
8.1MB

MD5
6f8aa35e1e06d0a5c73a529159260809

SHA1
c9838705b4143cf3a03680b84fd9c7c2acfebe41

SHA256
4f59c55e44785a28974b40fdc42aa6e3e2f5e2f39358bb8e5d9bce7ba73cdf82

SHA512
48b8e3431b1c11fae499cbecad86d1f1613e53353340377df9a60b487b4f33be8f2fee9bb834a94a70d5f6670fe360be1ba91302ab6473cc9213601f31139920

Download Submit
/data/data/ai.zuoye.app/.jiagu/classes.dex

Filesize
6.2MB

MD5
674b6841a8f8a3fd169bec47c9a41ade

SHA1
8e7377ecedbc8a4fc460baa942d24d12d586175d

SHA256
fb9e1c6a4094e0c1cfad3b6fa71f9f93490438dc51c149d9e566b0bc6f042aad

SHA512
b24d4c8fe3234478de65df63dd827a31b7491710307ce15574cb6f5883669af4d5e385ff2e616eb328e23f1adba249bfceabbdd6e4a77717288f389a130c0bea

Download Submit
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes2.dex

Filesize
6.9MB

MD5
6a3b3bbf717a6000965e4fa29e6201a8

SHA1
d97f99593c5f8a42f503b5c72fac2c287819b1fc

SHA256
e59b561fa9997857432aa1d46f8f00a58dd7001e2d46bb98e930bd35ba5c11ad

SHA512
f75bf627522f74952d64c2130216e43d8a2d858aa5f185d01357957f94398a69475c9e3b140cbb68dd0960023527a3f6c9dfb17d2e5cd0dbcd84db45f7ce6020

Download Submit
/data/data/ai.zuoye.app/.jiagu/classes.dex!classes3.dex

Filesize
3.7MB

MD5
affd5b72f510eb16ed4904f8e3be5457

SHA1
b7ecb46ab2115f9aac3c42db629e9f22ab4a85db

SHA256
cd73e830f050e4f47ccfeca7885c9ef7fd185851d1eedbfd9fc2b803f0318517

SHA512
12cfa31cff4e8d1c9221780540630e7de73655c2d0565fac2f7f73cf62460f3d75cb8623f2e5eaedfdcee09dc865db9d55262db928ef047d7aa775bcc003b8db

Download Submit
/data/data/ai.zuoye.app/.jiagu/libjiagu.so

Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/data/ai.zuoye.app/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/ai.zuoye.app/app_06851326-179e-4f06-8472-d5e78a1ab259/be7b7b05-7ca6-433e-b4b8-e26585aa3a9b

Filesize
94B

MD5
6136d236662ad6278a740ef3bf033778

SHA1
a60d2e88b824519f5063f1f27f2bc77015ed8385

SHA256
ee5886a2a9e052d83cc8d5fc0c937022d1e3887b4cb984e6ab48f809151c0ac2

SHA512
c08616281ff8014df09461f7a3456d351938fab1a0d0324277a03a6a8f9f1ad5f528594b68cfc57b264aed7b750c767ba13a16d0afd2983a80067935e24491c3

Download Submit
/data/data/ai.zuoye.app/app_crashrecord/1004

Filesize
233B

MD5
00f6809c247382dde18127fdb03bcad7

SHA1
495950d23c3b77a335a9778e10ff887637164fef

SHA256
8cc6112c607474edc0409f8f33be545dc75cc86bc7ca03d8cb01afb8d1b48eeb

SHA512
1929901ab33e0b6cad430b2d9b53c2e82f8b791a8bcb1aebdbe6317b57cc577a2cb13263b960a12cf230ccf0a6398ab92b033691416f3fb7cf8eeb2990e77c06

Download Submit
/data/data/ai.zuoye.app/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/ai.zuoye.app/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ai.zuoye.app/databases/MessageStore.db-journal

Filesize
512B

MD5
353f9c2c1726d1385315c7d8ed8d8b65

SHA1
13d80f0dbe95cbc76eb1c5a2b85c58ca9e566976

SHA256
b368d2fc35cbbb4cb138d195079eac2ff9c50f5d8151d6a4b7edc424f748cad9

SHA512
a59a1b2d2d0c40d37baa8ab2fc5fff9201f5e0e19b92e8a4422406f9f7aa97d7623ab34243c9f2ab58f4b051bd3e4fdba6f32c528ec1e03aee0a26b5d11c836a

Download Submit
/data/data/ai.zuoye.app/databases/MessageStore.db-wal

Filesize
16KB

MD5
16099b33e761d779cc4be72819ae9be2

SHA1
eb34096cef8bd6ab22f639e788c7725101bf2b05

SHA256
e55f11012c7b1004a9e780ac2397c51db0a21879aa807462e031ca083fac6602

SHA512
494d95046765bd82e659532fa3386910de177c5f4caab1a9345ae8b72df333ce6b5310c534b5207932f60a5f843aef700c9406d125edca83545273569531774e

Download Submit
/data/data/ai.zuoye.app/databases/accs.db-journal

Filesize
512B

MD5
b2863f755927a36d0e80d05e27c255de

SHA1
748369e2f7bc730f0054d93ef0a41a054d7160ab

SHA256
09419e1abf1ab0ee4f75738ea9376dd89717155e3fd65f747e4dd2a5391cb3c0

SHA512
385c1c5a46327ad9cdcf1ad493067211fec80bf5eeee8033b38a2d3c177cfa149a32bb8dd0fc3ac96e8f1b61aeaef9e175c9f9ce46bd130c332ad6dbdf34a27b

Download Submit
/data/data/ai.zuoye.app/databases/accs.db-wal

Filesize
32KB

MD5
8df034cf0eb5d754405c17e6496380b3

SHA1
28f034527f241d87d8ea40fd46cd7ca436c40ba6

SHA256
dc35a65d2b5f921b39f85d7f997239ccf6b32b613dbe8c98bf55d352a623ce0f

SHA512
690e38610f49571417a385b919ec1755e3bf42bebf16a8ac1e9de677913ef15fd0c498d446540aa62ec89a3b194c39bce29c78ae23cf95b0496908e665c8fdcf

Download Submit
/data/data/ai.zuoye.app/databases/ai.zuoye.app-journal

Filesize
512B

MD5
2001d5ca9ee6ce45276f45e5fd7c2625

SHA1
a10dbfe960e958dfb294b95850d47263c6b213ea

SHA256
cb2803aad50d1bbf65d740749884d80162426279c43aa0dede2843bc8fd223f1

SHA512
a78363ab3e787e6f521516d7f9344ccb75745edf61254789c6d48783432f8ecf56b80693a642afa80b6433a29d1aa608b4014ec356c36d0e24828b6d8a4875c5

Download Submit
/data/data/ai.zuoye.app/databases/ai.zuoye.app-wal

Filesize
48KB

MD5
56a58bcc466f34bc3ff379aa8ca97095

SHA1
cc40d346a8475800bbaa2293da8ff49681dce208

SHA256
40801098f1c885c155ce582dbc6c9bac78e407593a8967b0377df78b8a13504a

SHA512
a51b06b5a623e045d9ef90a6448ea4c17c31b591e6cd1b208e3164e14c761c3334e4df418d33fb3677066481e90e01278a84b311fc6255d9d7afd4b193d3228c

Download Submit
/data/data/ai.zuoye.app/databases/bugly_db_-journal

Filesize
512B

MD5
aa1cade16564056704b76b2127576efe

SHA1
6919944710cedbc222da4de15273a0df26404631

SHA256
c21c38e2aec45bd224a6f86bf236483c6a469af52f5128d8f1766dd7f8ce400b

SHA512
2dcd8abc98184a2064dc1f44deaa9475ccc6b034a20663900686d4f5bc7f41a5bfeeafe0a71686e776bc7872be03cd0eaaede39f6f71627c26fdc0e3e6e3b5a0

Download Submit
/data/data/ai.zuoye.app/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/ai.zuoye.app/databases/bugly_db_-wal

Filesize
68KB

MD5
159707e702474aa24c0d4f2ed3498f58

SHA1
46f80dfb839c872606b1517201a0066e72533f1c

SHA256
86db60ef53e9ce3cc244502275ffb78c8325fbe4ab81c594ff37a46f439e9982

SHA512
86a5b88140f6f59676a1fadf567fecaecd27775c93bad5786e8823775ed6d4754b7268e910e6e2a65e368867c7f21e6b185d85bfa27d0d60b730e06c901461db

Download Submit
/data/data/ai.zuoye.app/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/ai.zuoye.app/databases/cc/cc.db-journal

Filesize
512B

MD5
a9e34bb6ad7033285477efdc4b8b8c9f

SHA1
11472adf4e3b813600e531d1ee665619f51022b6

SHA256
7828217363ab766c7e5c012969e87fb450f855dd9fa64ff20d8845e9de03a126

SHA512
d9fb3a54d71fd638b90d8cebe80eb30a8c2e80d06576bc00d107cbbbe1d198ca02037604110e6c26928566e52505586cfcae153c786f734c3de2e7f0e20e5946

Download Submit
/data/data/ai.zuoye.app/databases/cc/cc.db-wal

Filesize
48KB

MD5
0c6f36c013895799a71800b3a0b6f83b

SHA1
db63ab8a92d45b0213d59a07e5f364b6df568421

SHA256
7158650da08bafbfe7cb2662218895a8611f4757139cfcdcccf0c573e0f08336

SHA512
fc372bbc9f1126764e1bf8714a69fcdeb83587808bc70c135c24458022ebc18c2a97d4a15450cc8505bb0443ca6899be4785bf70dd89c3c3d9ddb251c738d0da

Download Submit
/data/data/ai.zuoye.app/databases/cc/cc.db-wal

Filesize
16KB

MD5
bc2b0f89c643de3408c75a202db7914e

SHA1
fc2805296a7f6cfef64baa2521e2d47c5b8048d0

SHA256
75646935c4a5f65400ca34b4467baa599ebea90a21893152be8ea03157744a48

SHA512
ac820dbfdd68de069d5c050a11b9a870d01d4bf358fb6c720d08d7a002c81c051fc211943376fdc3b7c8d9e735262439024f56af0fae6e86f4cf3712c6b35ad8

Download Submit
/data/data/ai.zuoye.app/databases/message_accs_db

Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/ai.zuoye.app/databases/message_accs_db-journal

Filesize
512B

MD5
1a8bb82c130fb699310bfeb6ee172caa

SHA1
710c5831f5f501e89d7b8b7ce185dd7045d64e68

SHA256
9b123673b47bfa6d79e8388345b3b1394076d0a723fdac389115855b324ebdd7

SHA512
cb204a49be78edc47475b5d82638956c10fcb5e6802508127781459f891e9dfa7471c1bf814b7bef678d9cb7d71821e52a5d56196aae7e03e2e910b43c7d4564

Download Submit
/data/data/ai.zuoye.app/databases/message_accs_db-shm

Filesize
28KB

MD5
20f773607a00cac2ea768d470af73618

SHA1
0fbeea6975dc52efa5be12e984ac4e2a57cdfce3

SHA256
2e5c8da60cb6e5defdd1e1041a692066c8217e0e82099f2a828042cd5122200f

SHA512
0c1e509ab259ea6f131cd3d8645de2f59aa91b199fda9bf06dba5649910dda759af60a09f2350105b974d31b67333f305d42434dfdbfd8093b2c5242d2815a9c

Download Submit
/data/data/ai.zuoye.app/databases/message_accs_db-wal

Filesize
48KB

MD5
d2ad7f33ab98b135097bf15d1188c650

SHA1
7b3dde91afd605674d752bb5b6ddf35b46a72adf

SHA256
be0e220d5e3150ed608f5f75134b7758db17c32279e34121964de4a1e5d2a5c9

SHA512
9552b58618a0f11f3d57744e24c3bb84565ca7a15e86dd4a82e83dd6933e23f8532d08985fb900ae6510dc90b47f2f16b0673fc981580d5287ca24370590345d

Download Submit
/data/data/ai.zuoye.app/databases/ua.db

Filesize
32KB

MD5
604158a027f44c635c9654c84fd70d54

SHA1
d972be22a4b0fb92409ecd1621b7b33fd87d852a

SHA256
9cefd3de207d74a02703e177308c371217596fb00bad9bfbb8e35da05dfbfc89

SHA512
e1205796ca24ab5ee053ec7d9e588d227c8d274689651f77875652c30de6f60d1866ca3930eaa9113014a17b3c90a3d8587d8fcb99329ac7a52901e37e11b0fb

Download Submit
/data/data/ai.zuoye.app/databases/ua.db

Filesize
16KB

MD5
1c10d58d216de7df0debdebe868d1be7

SHA1
a42b45f62218314a49512e47c370bff6837d7f6c

SHA256
22dfd545dd2ef130ca5ca2eefe627ac08e8c4a589dec442f25e1b63ed7778ea2

SHA512
ef8ebab0cc1da7cbfebb6749b02d5fa51f1b8277a11927982ec64d137b534a8e74a193ec7c769fc5519aeaeab40dbf6774e5ecc03de91c8cbe15bb900031a9f1

Download Submit
/data/data/ai.zuoye.app/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/ai.zuoye.app/databases/ua.db-journal

Filesize
512B

MD5
c76827f13ec0a341ae2aad2a97436a30

SHA1
b1ddd1216cb2060bc26552858dac7f51b36a6d7c

SHA256
44504038d58535d689c05fbd1a8666988c808a51b73a9428f710cded880452d4

SHA512
1d996be6accf02132ffc6ec842b945ef884dc3dfe6dc8cce5231de302ed86242f98ceaec7fe342501f2cb71a8d88719c47a9337237bfa642563634890d77f012

Download Submit
/data/data/ai.zuoye.app/databases/ua.db-wal

Filesize
56KB

MD5
e2d440a2910f04cd5e428c5393944945

SHA1
9ac22bc87c5f18c903e87c3322d9d3fe1bb94050

SHA256
701709c5be9a01dac0e432718d073d607a5cdde38b2400d790e2cb03d2daefb0

SHA512
b264f350d08125408cef2ec44d1695d9a16d59115514b3ff06737b1f98400407a5fd308b19d1b1be4754c9176d1e6ffbe110b44f8d8a70142dfeb3a7a62fb763

Download Submit
/data/data/ai.zuoye.app/databases/ua.db-wal

Filesize
8KB

MD5
5c0e2cc47492d65d90fc64c61e980eda

SHA1
658c792e327bdb200cd2e688038d6eef09d86530

SHA256
a00dc8bc2f8c880bd3bd5f8bf6343713b96ab1e4af77f6d49abb94e320f12495

SHA512
70945fa85a3bf4c20ddc5e61449dc88b0f6bfcdc50436e68fcff9c3f9f55ce5e6578fadb07e0ee199ed6cfdc445f5b1f08e7cd570717e9201a9e90ac558080f0

Download Submit
/data/data/ai.zuoye.app/databases/ua.db-wal

Filesize
8KB

MD5
cf19632d6028ad695c06b17eeb1c9f82

SHA1
93b58c1d5353dfd1d26ae5e225026c4b23c3c6c1

SHA256
4269ac5a467f99911233779ab65bbc7fd17daa175169b9995fa4382977b64597

SHA512
0103acdf1a7e8114c06ebf1fea073c08d9a2a65b6ae13b658bf816ca44e7b57f6d43cf439b83d68efea938f8161d61b88c3f2c8a41d7128b8e46e25a96e1e6bd

Download Submit
/data/data/ai.zuoye.app/files/.imprint

Filesize
989B

MD5
0bd48d365b8cc7ece4f829394471f6e2

SHA1
e82587ef7ccc677b6639d9491530948dcdc61d26

SHA256
461a4c1e22803fd426b29e741f0b81852651f7d9d7d8e13c151448fb33e1318d

SHA512
deebf87bfae40fcfb5f0260ce50c9db84aa76b6b71ffba4adbf9817e7c17a00d834e037bab5860291480b5cad1fafc327c6d7490e50745510658ca5521e5ad5c

Download Submit
/data/data/ai.zuoye.app/files/.jglogs/.jg.ac

Filesize
40B

MD5
fb81c5dd42340ec931a7b7b867cbd0c5

SHA1
58040115e395085f865cd1070d69b55a009f0677

SHA256
1d44bb8cfa10aefbe55d3b9417b45db6f332a3f9eed804203b1ee72e1fdf351d

SHA512
27eedee435f110d5554c53699c5d58fbd97b887de6e6df3f1166e4430f4d3e152c5d060785fa5d3be5a5aef6b82df92aeafb8b8edd70b36d63ce9512a172b50a

Download Submit
/data/data/ai.zuoye.app/files/.jglogs/.jg.di

Filesize
340B

MD5
92bf9e97285e805c1bc05171b31571d1

SHA1
f3d7af8fd0337044dab49da0afa8b34843d36353

SHA256
b6f855f000ea89c2b6ecdef173389c207893b1ec2662c444a711424d14297892

SHA512
ffaa1c2edd550f2bf286b2ffdc02212f366820f3bd1ca0e5eb676279a9463d27f5c8b2e356d6dc219b6a481ed723265e820882cd801b56a7fffa26beb44ce22e

Download Submit
/data/data/ai.zuoye.app/files/.jglogs/.jg.di

Filesize
340B

MD5
b79cdaa081276dea281ac75b5b3e7bbb

SHA1
6e16ee9471e8060143c7648acef2683c72a8806e

SHA256
be1a6f0cf5407b60b7a2f15579d3c609e145b02780048204d712fcc532b071f8

SHA512
e8aedb32aa04eb2b1ee50fdb71fb0d447d220325e9c51528e2a1906c8e02e4bf83793db9da76883f832e585f043207c26fff2e2507f231b26d702d1ee2570323

Download Submit
/data/data/ai.zuoye.app/files/.jglogs/.jg.ri

Filesize
314B

MD5
1fa6f1c9703711ce81da4e8731a52a42

SHA1
0158459cd2fe63434268fee81e98cd073dfaa62b

SHA256
d76b27c53ee5285d21e242ae8fb665993529e6e562c95aecc7c02ca423cdd715

SHA512
c1e982b87426e0dbe56d3584ac615f384ed82bfddca78a2355591cf0b462f21358071e3bb2d4379e643458e6af89811d62a294d60093d5a43cfb001f72dfc795

Download Submit
/data/data/ai.zuoye.app/files/.jiagu.lock

Filesize
27B

MD5
9b3de6337c70dfcc8425a594302ee025

SHA1
90d298df0ff929e2038b3855f6db6f93c1b63824

SHA256
4c3a06450ab330498665b110b55058cfa6d2da3e39172a3114483c0d90213829

SHA512
dfbf7af9afc156b95504d4c9ff1b87c47e4e55514a514913e40d55aa2e4e25b228d2ddf4db3eb8364054ddcebf925589641adbc71d33a8053ca810ee3d433465

Download Submit
/data/data/ai.zuoye.app/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
cb8954f2dec1391d6f255a499b00850c

SHA1
0510574087a5d90a82158e6a9795c014a1b5992a

SHA256
8482618e1ac369a070811f9e05ca1ad29482c3359586f96c66c0d9479750c06d

SHA512
2ebc7c542b0f2de78540983d4901fd368056748824087f0a1089102f6a91c9f0f3278078c35e35b277eda6b5280bd20e8ce49a1d9dfd84a236f3a4c0651a1c90

Download Submit
/data/data/ai.zuoye.app/files/agoo.pid

Filesize
32B

MD5
5bba1a938dad1c598ef22a307313dd47

SHA1
5944065cd83fc8124f77c281889ee55320784205

SHA256
a741101f82e5d1e3b51ab2ca3489f7a29b4aa450108b4bc1d8443cc66924720b

SHA512
d2d55a85725cba1bbca458deef751535e4c42bb4423231c8d468730a9fc1efd7111e5167a1b1b7a2390d8847f6debd20d58ec6109b04ea9296309b56dc27b182

Download Submit
/data/data/ai.zuoye.app/files/exid.dat

Filesize
52B

MD5
f5b1f0065c51e2d22e26adbb1ccbbafc

SHA1
5eb4b80f5a83fd89181215dfef23ec240152c5fd

SHA256
8b840fd0e5938548046b619c68f7c101d6ffb4bb5c77a864935585af5afefa52

SHA512
1b70ae47008f5996acda1b9b6a59c8243d3c81c267a0a06d91c6d639ed903a4e037a9e86e4378dfae46f0670494fb3431bfb8fac6e63f69c8e79aa3c614b34f6

Download Submit
/data/data/ai.zuoye.app/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMDE0NjE3NjMy

Filesize
1KB

MD5
c786f9cc4d3d334ae1bfb0979715c03f

SHA1
e3621ed4a36f5b1bbff32e67a295568b6898c9a1

SHA256
d5c735728623b132a43e7b8ba1672b3c223cf0c6b79d33ab9b74b2b822356677

SHA512
579b98398c76c81fec845915e8d3ff8d8067c79165b38c58f1a12a1cdaed7bf9ca254fb2c88d52210c28544e9306c4bf1c7e8231998db2780e9a25727dd52ef9

Download Submit
/data/data/ai.zuoye.app/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMDE0NjQ3ODQ2

Filesize
1KB

MD5
9bbc87e13d171b265c32473f5ca5d449

SHA1
b3777a2a837d6240c577988ac08b3c7f14cd2e50

SHA256
af9f0ce0fa36ffde6dc3c690e8fedddd9db0844b4262bb1b333240d3244411be

SHA512
c199a774dd4c377961f5d173692449045aa9f555346a883339863128d079358cf496e9c897bd1be6e5253b8fdc01b651745525ea68fb0498af29d3b84fb87d1c

Download Submit
/data/data/ai.zuoye.app/files/umeng_it.cache

Filesize
498B

MD5
45c8199a741ed70e928f819a0c9a1c6c

SHA1
610913163f42d5cb9e26364d8167ce62fc4b8c9a

SHA256
d4a149a658e8e0d6b327999f281b03706efbf5ad4317266034fa393ae6add26f

SHA512
c99c5663f492784aab9aa19b125ddb51471ce9779f424f1b2f98a231ed28e596bedc000bca45361a9432c28b10b402bcc8a2b0e5a8509e623b41ecc8025ea6d6

Download Submit
/data/data/ai.zuoye.app/files/umeng_it.cache

Filesize
253B

MD5
a123fc48fa47670b53777cc66846f60c

SHA1
d5cd355e3e7725db088d8d3a8156d72b0c3ca064

SHA256
4cf6f67356958cc0cba0a835ae2fadac5960a0c9deca9567e2d2201275c14a44

SHA512
3ed8aa4357d88098d2dd236d8e48cb499658be3720172277ccf8a4bd27ce46646b28df50a53c563768de58965acb6fa5d94806b191373c26da86266f047b7b38

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
1b076b52c7dc515424630399386a1d3b

SHA1
0bc9f46ebe379e81955667ff5bd0b052a9e92668

SHA256
fc1533f11201100e9fd03d79f0f210a13ae89cb2cbcd5f80971aa54254d03159

SHA512
61d36763187cfdd51d06017e14b355e79f0b55773c40637007cff64853a4723f4d51815e5bcbafaee12ab5d31be5717f6b66d58cfb17a691eea0cc2e44dff80c

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
63f2563bd6739409fc0e9032d6fea5b9

SHA1
39bd2dae04ec565eb89224be35aaf7358464b628

SHA256
0324587f4c9d2889bf9c84fdffc7dc8ccda02f8a3a91ea56d8fab8522402e591

SHA512
d823ec96e6c59930cf94bb4eebbcf75c8087edfcbbbaea200c7baf4331460d33f4dfdf1ad103c068740065f1aa01e255f28756a42ce7b3ccba068dd53f5e3a62

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
effc857530c93bd466525c67d95a3934

SHA1
17f46e59fd07b8ff4736b5b104a4b914b83a8255

SHA256
2d92480af473f7a2c90329d0ca198f93bfa128b965781b70717343d358506b5d

SHA512
8a512fe30eaaa61f568e983927c1d42415aea807c94afad586c630fc6bb32c8b182301023a21131eba41b7e644d87712c4aca05010d316753ce3e57a1ace313e

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
01f4d9e4a36986f87500cd2ec1e38e72

SHA1
583625f1e8a069ad1d1fb107b5cf2007ec62d5f8

SHA256
bd4de5a20e1e50840e196aa9ac667b4c19b938e06ad04452de6b6210deab7144

SHA512
89eb74652d2c65a3c6422149d027312223a99221fc72e7723cfa12e3324dc3f5022fc8f4ee0df8f17d24790f12844b8e95cb37a70e24712067f51931997524ad

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
1d8d16c4e3b19ebf18988530d9b9a757

SHA1
bc94c1cce05cd848a53271ecb9c5311e27ffebf5

SHA256
abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

SHA512
4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
42d9b17060051605e7f1ef7e205cfcba

SHA1
1573f6a455943ce7a3277cf839b94b9265b133d2

SHA256
3a3921bcf36e1a87fafce79b03904b789888b4085c9c00339e7e1a5730db6ad1

SHA512
75c497c1b1061c1b10e2ca67112a79a7c90f596aa38b595b60cd8bbea0f90d5024102ebc515850baac855bf6dc4bf41818657834b7db3f72bdc9f386bafe5de6

Download Submit