2aeac12d00d433ab69bc5d496467dd84dea10e4288ce5b318047218053ea223b

Analysis

max time kernel
2836872s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 14:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2aeac12d00d433ab69bc5d496467dd84dea10e4288ce5b318047218053ea223b.apk
Size

16.6MB
MD5

147a243d7f7b45c43569c98898a69be7
SHA1

3cbf2f6ab0200215b6c33a7a0a58f3eede933784
SHA256

2aeac12d00d433ab69bc5d496467dd84dea10e4288ce5b318047218053ea223b
SHA512

a45fe26f14601ed9c3e0375400dcac2c9ee20b664da6f50d1b1b6968dfb66cbdd0943d4e7a2dd7ede8757368c8ace415b14658facdc7161b798938f5f8fff96a
SSDEEP

393216:ZvdJFbqf71lPzJNoKLybaMoYjyVL8VuK9LwjeqzK:ZvdaD1lPzBubJPt9ZF

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.xgbuy.xg

Loads dropped Dex/Jar 11 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex	4246	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex	4246	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex	4246	com.xgbuy.xg
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4246	com.xgbuy.xg
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4302	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=46 --oat-fd=47 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4246	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex	4355	com.xgbuy.xg:pushcore
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex	4355	com.xgbuy.xg:pushcore
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex	4355	com.xgbuy.xg:pushcore
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4355	com.xgbuy.xg:pushcore
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4355	com.xgbuy.xg:pushcore

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.xgbuy.xg
Framework API call	javax.crypto.Cipher.doFinal	com.xgbuy.xg:pushcore

com.xgbuy.xg
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4246
- chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
  2⤵
  PID:4272
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=46 --oat-fd=47 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4302
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex --oat-file=/data/user/0/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4566
- sh -c ps
  2⤵
  PID:4625
- ps
  2⤵
  PID:4625

com.xgbuy.xg:pushcore
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4355
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4478

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xgbuy.xg/.jiagu/classes.dex

Filesize
7.9MB

MD5
8caaa48dc7e5c2e03e726f05ee06ce17

SHA1
ac7550f0a6a0e642d10e4841bf9412a6e97ee4b5

SHA256
04fd7621351c3b140c422131447cf1e9fcde60d9516e6d7cc5efe84168e0c92b

SHA512
22293ca350847a52ac41a9e246680de411821f194723a0f3b32bdf1832b6d2c5a5bd3eb4b02a6e3e69fc61e30d892219557689c3d48df0a7ee8856e255a09d2f

Download Submit
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so

Filesize
382KB

MD5
aa01dd97609092ce310e17bf791069ce

SHA1
f000840a8f68ea7beb2e29ea466088daf55609db

SHA256
e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

SHA512
766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

Download Submit
/data/data/com.xgbuy.xg/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e0bac8c3c005c727bb9b0b2d00be3d7cf020743113c01c46c33a507d6275519a.0.tmp

Filesize
79KB

MD5
3ccf674803e2bcca74d940a369b98a1f

SHA1
b82beb53b74476af3563d05f4b49b4628611c19f

SHA256
897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274

SHA512
b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f

Download Submit
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db

Filesize
20KB

MD5
68562751e831ee976950417f2850f32d

SHA1
7115547a5c83ae134b97b3cea28b939e2e692645

SHA256
0da153e1725d076519ec530f0953c00a8031b805b714a9a78e5dd14bf516799d

SHA512
90cf9bb653be6b9048697157534f571c67c9fbe13c3017e1158fb054adab94bf0c301fb0d6c87a6f5bdd548255fde52892f49923772cd43abda89fe3b0f43529

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db

Filesize
20KB

MD5
13a0daa6c7d7e443442af5c4b9a60490

SHA1
74f14456573dd45a5f234fb8a9e9678d0804e0b8

SHA256
455a8fe0ba3e78a088a31fdf8fd58c43e2a0a313c6f976a2e7130e89980b82f4

SHA512
ec0501ebe8a0c9866f0dcd517177d69ec988d051a9e500463a6135a5468b04e66af0011d4d256918496952c240b92a4ebf3bc6295c0b73c061c6eaffd8d6f937

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db

Filesize
20KB

MD5
af4b200baf0d819d3a7e94ca91d29640

SHA1
1bd94713d3631db00198635df19e5f3ed4545143

SHA256
a5fcb64b407712c227829f79925ff6b3db00b3c99b54daa8c38eebc6707920d6

SHA512
533a6f03cf202da165244109f05b02efad7d0689703e6ae6f4ec346c711e6d5f1c87e2ecf48d466a25e6147143ed32a664d5de69a6435fb48c8ded18365fa7f5

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db

Filesize
20KB

MD5
f7b0c5c01fb361cdda85be5a98b2d22b

SHA1
d0e7abc88f2418494987dc57747c024306aa5da9

SHA256
1c28028d3724245c750e7fbf0ade0499658fd1fbb9dfe3dba6d78da9b39aa6d7

SHA512
36b11b6bbb0765f5b1182584e8b197565ca36bb882440738f1b7316a3dad2d3f3d1284e9c9ffaa6a2cfdf002685741f4dcc049c1beada7b5cd4a2fb0d1b1c11c

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db

Filesize
28KB

MD5
a4e2f0aa028a1c8d99738454c36fb107

SHA1
e4813304761160c4f2ccb7bcbc7b2f10c477a3d2

SHA256
20c14204c331ca30bdf23f68b370d4df28e0a557fb3d138eabbbab66b5b556e4

SHA512
55dc8bbef370c0db78631e8a4665e99d8415c10b583cf15929c95ae37940382e09b2f36dec0837637c6009a8aee44b9cd94c77fd46d56cbc65244988c982728b

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal

Filesize
8KB

MD5
361a4e783c715fb908646fa3303ab827

SHA1
eae152aae6c771e6a3c0d18c9ed8c21fedeaac4b

SHA256
96cdad2f222ddc3809fdd4acc45a380f9e0b8cfb525415a97572035fe754c8e7

SHA512
d08b6fe3bf6b856f6d1b6ce0f6f727ee61ecb6b468b38ad3cb00728b815458f288fd87b9fce67a676a6410401ad8ff3356d38fee082f6964e2f43d1f7180fb56

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal

Filesize
8KB

MD5
91c04d02e95fd8e3501291d1a463a81d

SHA1
c900ed7fbc9f6807400aaf0f145cc8c95f289331

SHA256
5cca9865c5597c515572eae755f3fdf4fb82e54e5872d52211a6cc65e15bc992

SHA512
c2997105eb4beec2da48735c260ad406157975600771e6ce05cddeb55e3e72fa8fc5311a155639de1819afba1be20b33b2ff36745bb7d2275a0116959c5662fc

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal

Filesize
8KB

MD5
16b98190b2b48f05b20004686e5bb775

SHA1
f7de9b500e88cae9e7a0a32ca3e82f39e704fa5c

SHA256
e17445da1e1bec431c2364ba2bf106df29eca35ba68efb4b87cc467f4282a04d

SHA512
97caf711e7c39c64e6db49031c324da6c76a3f3c8218b131f0a81734bc9eab20c61e192e1fb9eb96344d223075917cc7c5dfc78acac2b3a68251c57b561a4915

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal

Filesize
8KB

MD5
c04b88216e005cec165e780783947a59

SHA1
cf4aa4862bdd8dc3faa5bd678ea80460bf6d8128

SHA256
c9ee66b6802f196d668a7e54a303ba155de8b9004b63428361da5061594b6373

SHA512
7f71c9ad4400d0bfc9faa9d190256e9e29d1f0919ec2bae18e02f038cf95412e31abd58b383557d2c05fb2b0723c0c14e371d2abc839d538a155085bbb324e5b

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal

Filesize
24KB

MD5
0271d22af203b593b636699b901de10b

SHA1
4b20be6229a5a40dcd0b13628477dd8a3f196391

SHA256
3c4b86e04cf028dbd02de4121660c538cb61b123c7961bd043dec2813380d627

SHA512
224001c4628576a1b7ed8d439d8fd886eb9e9cb16b65c2dda48f857e23e266a7a1c7ad6c8633a4b5989c0207ef68ee64956d383b631eb252eca934fc557919e2

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
9bd0dba34d9c7c6c2ee9fbbe240318f5

SHA1
9f1210d1d6dce83356cd22da4fdfd1bc2e000235

SHA256
81cf27f451349c50f2f83f55414de4cc0283687767eb0976066a718f8e21eeec

SHA512
fea23bd9cd7f54842be391c0f374f446a59214a24cbfdc552b23eb4ad9d06c34a2c478d0125f4e41797589d42a82f360ea14f19a5d0051b5fa319d758236fc88

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

Filesize
48KB

MD5
8779996d9c164e01d00391f0bec11dee

SHA1
6c9d4ce9c02eb014709703847445b5f14ff3e12b

SHA256
8d922efa76eef9d29965c851a6dc6bbb074043d85ffe906947c4c86e12cfebc8

SHA512
9546842b6773856752dcddd394e6261d6cbe8054fb43c75018a8b99161817e6faed65e30d5d9497b5ad2d0b48c078d634a109d9282c7ad22ab35f31a56ef9bfa

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

Filesize
32KB

MD5
d89290a2b16ceea6448b455f858fbe03

SHA1
3c3a25ca11bc536e48f03b6374a1dfb32dd33ef7

SHA256
f1ffa0d43ef661bd0cb73fbd2a370e720a94f785fcf773748e22fbbfb59e8508

SHA512
ac519c9f28a0ee1108e3b8f41d1ca4da747b813e831b78251a32aa607341b53dbee2c68c0a813d42399c6d7b729c4a5fdc567d1e431b96119edaf66934b955b6

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-journal

Filesize
512B

MD5
15d7a6c542912f59b1dc35b9d06cd545

SHA1
78176daccb11bbb1b4e5545b79239a3c52164954

SHA256
bafaa49cce1470dc0525ef13ab66caa17e31ef691782db14d561972599781b64

SHA512
631d400e88e2428d934ababdf7d1490ea2f01a1e664d7df6a70831b0a2b839489bdd45e7c7742caedf48a7cf7cabb3f4a951577aff609f3af73290d11b10fc0d

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal

Filesize
48KB

MD5
baada537c133422123f534113e4359ba

SHA1
caa7c6c6320c3da4c351347f322338f90c64db19

SHA256
a6971cbf3b6c93b7d6ed159f77b3e262b835553f477ec7fedea526efa29cb50e

SHA512
410fb5f2cfa67f4fc2b7069705c28f5a8598c2a0fc4a0af1b166dfac3eebd37337e884061ffba4606f4694d877dab1f53aef7b1662ed99f95ca933efec995e0f

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal

Filesize
16KB

MD5
a566447b93a3674437ad8651bd55f81a

SHA1
ae05ec5c52667c7b5ca6a30ce35c692f78b17945

SHA256
4bc9fe811d9254d744191c220d3868c239dd009ea92f6c8cda88ab0dac1a8f12

SHA512
45eff5eebd04955165ade48f38b6957cb5a2d540bbe56702c3f959cde4c3561d851abe8479c5791b2528164d3da2fc75eaa41718b4775e7271e1f2d4154f5639

Download Submit
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest21952515415931368992213882579171620000-journal

Filesize
512B

MD5
22d59bc7f6dc030ebf2fd23904cd83d4

SHA1
a4d1dc157923ec2ca892bb645f3c9f0db483f9d1

SHA256
2a9045258ede37fb5b541bf41128d21cc5d40ca42d56e2378b3534fb114346aa

SHA512
e884dadcc699ef169f8dd20cfa3d4610fdd09dfccad63c99d6f1a788a03fa8b21e49c6fbacea3881793f73951eed16e4d3908c74472ac163831a83a59a84a775

Download Submit
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest21952515415931368992213882579171620000-wal

Filesize
16KB

MD5
fe1afe0b9ff49bf0988eebfe0d5e244b

SHA1
10240a66878bddf5fb610f2f35786bdab3509f59

SHA256
0f5117c32438e979c70b8ecc7439e810fc5972174954c250712900e01d936b6e

SHA512
049664835a6d96fed8f695e7bc4a264e76badfe1971ea82db7aa62108407f79b69ad67a26bcd5316898a630e3eca11c75f22e0a946b2b880b2a33cf93cad3f81

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db

Filesize
16KB

MD5
afc7094f472e1f48263397fee7d837f7

SHA1
41bf02e5955b3f9766ae45198a60d2d6509991fa

SHA256
2051d7eb4b457dbad5a40568e48050cea3fddee22a4b503c91c3395ebd0bd4bd

SHA512
374521347ee6b77fb1789ee1295745f8bb38bff4cf47ec09030101c48d310bd70818bee0f733c9e78bb191b0c39eb8df1c6381d41f9bfecbf83eec04156e5965

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db

Filesize
16KB

MD5
57daf858b2054c76457126f6ed1bccf7

SHA1
2e3536c0ecc6fba506f7b18d0ea91c5a8eb3a5c0

SHA256
eb5b5b8791ca40ed8e8ebc8c8d58a587bd4c5815023db86bb111caa171f18964

SHA512
3a5f2700e7cf5c49057034e5246b69eac7dbd9286ce102840b83ab6e55da741c17919902641939905a75cc6137785edcb707c6e08c48959c452c54b1a13693b1

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db

Filesize
16KB

MD5
47bbf79a5bc1388ebcb73100f161671a

SHA1
3d4c8607c82a8321ea689214d13fb077000350b4

SHA256
bb08e2f259bc1af4e9c524d8fdcfebc6429a5540e39473837a70220fdd3699e2

SHA512
6e0ead35097f6b758d03ab83586c995339eb7d5a4fba0573c412fc1759e526dd069724151b2323afdaceda5652c2eb3df8a9f98996e1151f78c7cdd695d669b3

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-journal

Filesize
512B

MD5
bf75d9f9de6ff0bbd18ab32e2e5e44fc

SHA1
f2331f5a265dd56efc5eb370ab50cb07b4f37c94

SHA256
ad7150715695a03f74c5be6800e9ac9dd6ed6cec2924fbb69c32007af6d2141f

SHA512
edbd817674c8cc8e666806633dd893d53372c633f559272a62c26b68089cce7a1b8d755b064debaf65657116716a8a73df760c122f9fe99f0bab6be4b1274f5e

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal

Filesize
16KB

MD5
9206115dd03b6e404c627f61f22f31f5

SHA1
02fe10df67a40ee8cb93f065f8ea8f85c11cb66f

SHA256
753357b1e49e0539591532bb828823dc9d32b31dcaf4fea13ae4520ee82c265b

SHA512
20eca8cf2603008dcc3f5082fbab2a18d4e49c38d9697456c1610b7a3ac77ad39b77e185eef582176279a7930a4bc2a848cf9021e2e985aaf8da4289f330d90b

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal

Filesize
4KB

MD5
1cc3026b10869d4271dcd8ada9628797

SHA1
72b1f236333fe13dfdebf21c57f48992da5aa591

SHA256
f454311fb2557b65af902a054edb8248850d5fee5dc686a3dc634cb780abc8d8

SHA512
36ce99782f903f557376e2af7ec65b056b5fff2541bcc36d99a1447732c2dc4b9db73a28a68dd35a598d68c284ed2ff968fb297292f14164a84643dc76dee0fa

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal

Filesize
8KB

MD5
09537ba0a6b5c3941ff2c6f19b86536a

SHA1
dcae3bdabed280cb226e2ec107d8ce42c5de77a8

SHA256
026cdfef887beb797df25cc01b7a72c2015fdee44b134dca8001db52d3155b0b

SHA512
82b1d866e19cacf0adf4ae8295d896b37b54ff13f58bf908383a8bba76d8cee158559b5ea27534b8b9b5ede95691474fd9bae23f3b79d87b745b1a1ee2f7a642

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal

Filesize
4KB

MD5
f47556b9fc3825095817f0764056544f

SHA1
5ef8b1e1091e03543b22e884efe76b13acd3ae47

SHA256
e9202067fccbbe3672909d78414fe71f5fa9e8d96e8d7ec883e36756a2c3865c

SHA512
3feb2f727dac304a5f30df56fd19ca628e72cfbf8b76c55c728b2c12470c9baa5cf8a6068e3a094c2e9a51f4d94430bdf1053664e76b5cc44ecdab50eed4d965

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal

Filesize
4KB

MD5
b88f7f87c413f277d026a3808fce9423

SHA1
774a8681f65c3b03f3fd926838d42cfc26399d81

SHA256
e4fe73905564454c965bc069f7db16c9cb8ada4b48d191b1a7292c0a7a3e69ee

SHA512
2645d82c92ab5e335dfcbd3fb7725e28356c1946d388f109d5d3fc587e8115f24d4e304972af046e3023b7aa4a81914e251d08336d27870633a2244143d23d52

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

Filesize
40B

MD5
81024874f926b0c0c9e613997c9370b1

SHA1
a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

SHA256
da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

SHA512
8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di

Filesize
340B

MD5
9963bd015aac55a4b68b916b0d0437df

SHA1
8e47e8c9798b2d7e308ed56b9bd6e507cfd7f00c

SHA256
9ce4fec830793df41a606abcfb7f15e179739d716b387a5816b57efc259808cd

SHA512
aa30f2aad6c401d0be67cecd5e7e34a99131b0a468849f190d9459714dade64bc7c08607b1435af84bdb036528e6bbaaf4c9a485a5804aa1059a77a13d158f0d

Download Submit
/data/data/com.xgbuy.xg/files/.jiagu.lock

Filesize
27B

MD5
c8b1dc002f47e4ba4e702ee8e2e7fcf4

SHA1
d98da99898a6e01f1f0e5bd5c6e833dab02322fd

SHA256
119e04ea131f0d4af0b9a31df78b88de7c090f82b850aa71fc96e5b74b274740

SHA512
48754374c1bdb3e05f6110a72ba825911768a1df30d80bc49bf95fa0eac06229b0b116e3fb7334585dc019724d9038b37ad73196750b4514bbea87585b8e6bcf

Download Submit
/data/data/com.xgbuy.xg/files/.um/um_cache_1703643910388.env

Filesize
1KB

MD5
426c7b1ea8fbbbc5700fbe0f2a5a63c1

SHA1
66d670a7045b94cdcacfef998e965609e5593d59

SHA256
abfac5c97ebad8cb7245da62e9fd5a9d58c7b10e33143175d114d35655027629

SHA512
ea5afb39f70e8815f2523993c1ee051a284115f895778e038c3dbb4cc2deefb6c3c7cd9a6a73d8018fa4bced3c4f7f26db72c15882b03f4b25b5f8159cc09213

Download Submit
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1

Filesize
23B

MD5
8e24e79baab91c4d0604eaa9006a0cb3

SHA1
e427afc94a4b957a7096f73e395a10ea404c076b

SHA256
65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

SHA512
45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1

Filesize
62B

MD5
0465ee94a0a6d0b1ca8d8ac5d07bf70a

SHA1
90ba348f19c1932e8a1389a0907ca1fde72c3f8b

SHA256
0ee3f527e94c806dcd21bacfcfc1d501763ed84000bd17d75edce8f8de789334

SHA512
57df34ed2656b947bb884fec71e4cfed362ad3407943e1e887f7046c94fa061262859406b976ce85ba863ecfce707998e883cbd015195764a66dcc295e722276

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1

Filesize
86B

MD5
d23124a29f96a44660f11f4cdceae347

SHA1
9aeb3335d8f8f2c4efad4efbedbed8aece629fe3

SHA256
f5800667432629f7e407ab70f6f4b80f2969decf8465422283b215b56fe1e50a

SHA512
ad074e8d45953b7c352076fcaf23ba87d8cf6e05d27a2bd061d1a5653098483e5d6276a8a572c1f2d4b0aca3b16e82e0b23b889c4527db47f3fde0092364e2f0

Download Submit
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json

Filesize
190B

MD5
f8022b7261794175a0ac83588d2d8139

SHA1
0c3c4ae38868079a8d8fde5706bddd473711acd8

SHA256
58fe9bb6fadd42a6e0bdfae741d55d3236970e27c8be9da4ebc9a11b964f7a10

SHA512
10f587adadc9000e86e97ae1a22cb9671a7129487dbe611157dbe397cc73c025314dd181d60b209aa7f6d81391e6f5b1338a6e6c671aae0cb34ef53bf1f1537d

Download Submit
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20231227_log.txt

Filesize
201B

MD5
b674b1a4097e1ca8f7f292a08d1baeb7

SHA1
02344f512a5f7ad84caadf87de68eda8ee4013f8

SHA256
de7068895ff428a4788b5d5250af0c8abe1becc978dce5e05f9fc1e36c6a121d

SHA512
1ba9293b208bf2c21f1bd3ba30a0c1ddf265e27e5a797be9ad0c637f6148b41c3aa4f14e0f2d2265c4d48adcdeea3ea249c550d729d8d891d86801563d593e74

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex

Filesize
6.5MB

MD5
b56bafa72224cbb4d88081445bcbe79c

SHA1
2062e362274ac0c1490f34903e2a320c53878946

SHA256
7d90ae96dcd31070f7dca702af625529a5c0b439e510aa0b59e82dd4bae4fa95

SHA512
99dc2152144f58c997bfac7f66c0c4a8cc42c14ec01362754f61fd4ea62faab0a4a17694c9505965af0cfd67d4f08b749f13de91dfe6da2ccb050f39c322ba6d

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

Filesize
6.5MB

MD5
e92842ccbc2f3f8402863812504b95ec

SHA1
6e1a80d114587b4c7d1211cc097c3d0931aaddf5

SHA256
c11e5ae477cc44da9d739a2b4cee130cc61cdcee6da6bec9086f710c72a630be

SHA512
cfb54dc3b66de37c6cdf8eb03bed6eeaeba638bda3fe070dbf04de8ca92b49345d1cc9588d8d695f16b6cf0805685310c6c91acee4651320a7c437bf4fe45fe9

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex

Filesize
1.8MB

MD5
b32d34cc2cf732835aed3626f2d6365a

SHA1
3d2bdc12fd4e22d3bae35e7aa7aa5866b864cc30

SHA256
a8f1a230a41d3b0d6a4206a906c75c46f2a25e343bf4cf2ecbe2b3b7379d84ec

SHA512
2bacc2d993d7ba28cc18bca3ff6371cb39c4d1d9346a60874d5bdca2a93475f87c65ea1da3c18846941378b23c362dc371fcb5a7469f1d87ea0e5a9155042adb

Download Submit
/storage/emulated/0/Mob/.slw

Filesize
314B

MD5
052ef200097766220130366d8b814401

SHA1
06b271b8865a41d2c458527ec457d982ec248d47

SHA256
186ca05fdec1c55b8672bf632d3a924de08fda81a211c4820f2bd56321f9c47d

SHA512
ec33bf16acf0ec5e8bb43ce30aa516da71c91cadf6e4b609a434dfe70d46664ffcce5f80a906678b1df25000b0195bdc7250b7aa5c774d16ea03c766160a70ea

Download Submit
/storage/emulated/0/Mob/.slw

Filesize
66B

MD5
19402718bfb1c685a726b4e1d846ad98

SHA1
02a7e30044a67085f2f1da24e16e4ecfede65b72

SHA256
079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

SHA512
25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

Download Submit
/storage/emulated/0/Mob/comm/.di

Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
a6fab6547a9d8fdd16ed10e599d4e680

SHA1
995967be6c0f35e8853cba745be9e97cf7e9bc3f

SHA256
aee043c823f391ef00ff6a4fde936b347b4a71b07bec3d3098ad418b232fd064

SHA512
ce96184ae67e6e22b64429645fe88c382413d87ccc01344a1d3381006c5604d13cd81de2ae22f78ab51df0d1e57723b13ce20d012be55dfaa49a07d2844b8306

Download Submit