29f076ac254466834d747ab7568ecaff3ec55f61b87d799dbbbd9b79fe1efc0a

Analysis

max time kernel
148s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
18-04-2024 11:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f7e1a7ac8b704528b095457ae0f9a69d_JaffaCakes118.apk
Size

30.4MB
MD5

f7e1a7ac8b704528b095457ae0f9a69d
SHA1

0fadf06a0fe3fef7eda39dbf543bbaad200c21a4
SHA256

29f076ac254466834d747ab7568ecaff3ec55f61b87d799dbbbd9b79fe1efc0a
SHA512

60e2cb7965a02eb6e0b30bc6849b640cb2cdbcd2df5c5ee7dbc18d939a281d8b2b02fa55ccc0e5b106c308da1de5c85b18021119988f2e8b5ef47ed21ca03fe2
SSDEEP

786432:caaaaaaaaQtev8CO2BmIq/tRkiemU9/wJErYoSDuRhkvNBfIG0:caaaaaaaaQXCOD9GbH38uY4v

Score

8^/10

collection discovery evasion

Malware Config

Signatures

Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
collection discovery

T1430

Processes:

com.donews.firsthot

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.donews.firsthot
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.donews.firsthot

description ioc process

File opened for read /proc/cpuinfo com.donews.firsthot
Checks memory information 2 TTPs 2 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.donews.firsthot:channelcom.donews.firsthot

description ioc process

File opened for read /proc/meminfo com.donews.firsthot:channel
File opened for read /proc/meminfo com.donews.firsthot

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.donews.firsthot

description	ioc	process
File opened for read	/proc/cpuinfo	com.donews.firsthot

description	ioc	process
File opened for read	/proc/meminfo	com.donews.firsthot:channel
File opened for read	/proc/meminfo	com.donews.firsthot

Queries information about running processes on the device. 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.donews.firsthotcom.donews.firsthot:channel

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.donews.firsthot
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.donews.firsthot:channel

Queries information about the current Wi-Fi connection. 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.donews.firsthotcom.donews.firsthot:channel

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.donews.firsthot
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.donews.firsthot:channel

Reads information about phone network operator. 1 TTPs
discovery

T1422

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes:

com.donews.firsthotcom.donews.firsthot:channel

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.donews.firsthot
Framework API call	javax.crypto.Cipher.doFinal	com.donews.firsthot:channel

com.donews.firsthot
1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4187

com.donews.firsthot:channel
1⤵
- Checks memory information
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4456

/system/bin/sh -c getprop
2⤵
PID:4527

getprop
2⤵
PID:4527

/system/bin/sh -c type su
2⤵
PID:4553

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.donews.firsthot/app_crashrecord/1004
Filesize
228B

MD5
a57fc30b6040bd84bd5afda7109b9b04

SHA1
5a46fb29ee00df0601f24ae7e480c867cfc4cc3b

SHA256
df88042074d04a728ea94940787241f3277c1f8ab8d7e647075c2832a554d6f1

SHA512
7631163d5c04d3b4509c6d939f7037c2b659ba0817a7591de43a4b9f6243e5c09f6573f6d90f3fce0d1afd300655692717bb475cd7e6101d9bc6d3c4df586f0e

Download Submit
/data/data/com.donews.firsthot/app_crashrecord/1004
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.donews.firsthot/databases/DonewsSDKSql
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.donews.firsthot/databases/DonewsSDKSql-journal
Filesize
512B

MD5
5d0f464a9deee3c0c8ae926c1a251e96

SHA1
c7d12280355076ec3b0917ea1c816bc58438fc85

SHA256
bee6602f4aa8dc07dcf48d718c0b02f68708c46fa302e175d8827f238c6b8594

SHA512
3e9d643871dd12e8c1332954de6655a2188af85864c4cdefc4808212a4d08f9fab122910a25968e2a7acc02d248091326387a96251ad1397611a4086b2333c6c

Download Submit
/data/data/com.donews.firsthot/databases/DonewsSDKSql-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.donews.firsthot/databases/DonewsSDKSql-wal
Filesize
32KB

MD5
186ecd6ad34fe312ac54975469e62372

SHA1
7bbaa9895e642f0aa072c5b9d354dda7b71fd19d

SHA256
17b1907aa970b262f7d02ecd760650ba7e1ae53322ad39ed4fd3ba811a6daf7c

SHA512
c8d54262b47f9b1e470527149d1fabdd9223dd6c7e4a7873e1aa1e23665da4e7cc25bdd54b6754cbeb6c596578d26a59884ab2f9b5dcccf87b7d1bbe395c18a8

Download Submit
/data/data/com.donews.firsthot/databases/MessageStore.db
Filesize
4KB

MD5
b56addf791ca1a465b0d7f031859ab2e

SHA1
08a59cf4b16fbd437928917fc24e19a4cfaf10a3

SHA256
30408924fdb419d52c0b9f077ffde21adee98e16abd4117326b365fc4f9b8789

SHA512
6cfd5b49015ebc34bed0c900518b037eb93854e39a7ed449a932e90d00b0bb0866827398450a37f3515573354c9a50d241c007bfa5c59c7e1d932a18bcc9ddd5

Download Submit
/data/data/com.donews.firsthot/databases/MessageStore.db-journal
Filesize
512B

MD5
0ef84df80af865bd82fd28a36ba0384a

SHA1
b9cb51b4a2c7ff20a8a3687b10c719d4acbfcf86

SHA256
3c131c513df09e21ba2a1d9e9424e2812dfae8018ca7f4dc8422d75770b75305

SHA512
7bea3221f5fecc3909151ba60680ed111cac840148ba373f15e6c6232e746691932c7419b6ea41b94cd0cc788ab89aa261e1f67dc3c7bd80b25669f89c6abc8a

Download Submit
/data/data/com.donews.firsthot/databases/MessageStore.db-wal
Filesize
60KB

MD5
a3e3ee8ad9cef6f324ae853d1961ce55

SHA1
8847827869107bbfb32af04f5bc8bc5eb9cfe1c0

SHA256
5d8c875bd1e6be645fd9b03ba6e59094350103df4633e11b3dc8d4ca8f48c78c

SHA512
093a8b116dea3c9b1bdae38001a5fb5fec6427ba5a7452febca0111d0d7e12e14e36b7214801d61c6740f01147318b1dba9029e5cfbe388f7d9d71dccffd072b

Download Submit
/data/data/com.donews.firsthot/databases/MsgLogStore.db
Filesize
4KB

MD5
306fe7ba6a331a559afb072533f339e6

SHA1
53fee1d50c7559d327fd6a143985a2538e61242b

SHA256
560905cf12d0c879bb660e1364da2d81d1c5a16d7597f62f960fea03e64e70b4

SHA512
cba4cd298a5422a168f2b3e906c59b57a2360b7f850f110942604fccff2be48efef1750d5585a95155842e975fb2ca2fdedbfa0bb9b384dd721e776ae8c0dd5b

Download Submit
/data/data/com.donews.firsthot/databases/MsgLogStore.db-journal
Filesize
512B

MD5
1eda092b8dae69aa657a45cf1a06e4a1

SHA1
2bff376040091ed9ce2e1f8b80ef69c40bbe2e38

SHA256
1f22c5729b17dda2aa9f83ea2501cbb2af5e2b88005dd069aea387085f7c6f0c

SHA512
340dcc525dc44821bd70da96d0d4c3b22a829ae5f2550999114f38140c92994a78f58dca2d6904e20a1186e5730c160fb6a4058a315092787f3cf74560a8052e

Download Submit
/data/data/com.donews.firsthot/databases/MsgLogStore.db-shm
Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/com.donews.firsthot/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
d51a9a6c7af5b94f19f7046eec4f3fdd

SHA1
fa4df1e6f1ba25fbc2c4079e881aa6758fdf16e9

SHA256
7526321ca7aadd10afa28b21ad3c7b74451863774e6f43a32dc9aa3850709dbb

SHA512
35ac01d991919bb69d90270877744d00d08d809982460fd2041243da0e1ee3074b603dc56da836a39dd90b8309b401ef896a5260b7869ad2c784c681961c77c1

Download Submit
/data/data/com.donews.firsthot/databases/accs.db
Filesize
4KB

MD5
aa99281ce0cd69a9302f8b64b918ad75

SHA1
ccafc0e5fb16198e466b209a888301f4100fafe8

SHA256
a3cde8388c50e78c7b3c8dab1d0c46c64c375248031adbb6a5802e3da65bb431

SHA512
a8b80f09a555652d3e4b9775b6aa58341dad7fb120509e128df417533ba361353b19530306e8691f1ce5fc0c69f1a89d29bd2eb176291a5e85b945d14c9eb085

Download Submit
/data/data/com.donews.firsthot/databases/accs.db-journal
Filesize
512B

MD5
32c58b8cab460aa42b9fb61e234f9b80

SHA1
18425ce93ca1dde4451bde2d4978eb6f3026eaac

SHA256
907edd9df2c1aa65a8387f635c1e7c6c86fcfb8e705c3f064f3a2cc1deaa2c7e

SHA512
5194d27386239e42225a090f64289f5e7f818e2f9a6092c608a180ee30756f7d00a4fd398ca668cb085270a1f7e4d57de8c20471383353bb62f2d2dca64008ba

Download Submit
/data/data/com.donews.firsthot/databases/accs.db-wal
Filesize
32KB

MD5
5448b5d271b95a347142aec4542fce5d

SHA1
3a9c25c1f07d27a658791fc3d3ca2481be5fb7d7

SHA256
a60d1fa49c27083c0439fbd200b39c4a2e3f74b114f936ece76f9b5a61b34f15

SHA512
5651c676aa63f3d937df4bfd86cd7ac3e303d5d697ab0a261d475502a754e48339f2cddbed5d0bffa7475b7767355e36afc7460da3cc10cd454a5924e2e269ef

Download Submit
/data/data/com.donews.firsthot/databases/bugly_db_-journal
Filesize
512B

MD5
0ca196ce1a42fe0bed0c1f625737e30e

SHA1
76e6f26db0912ec0d5f56cf190e9fe0f902b9579

SHA256
a6121ab5b3541f6a93c618f2fb55dd526c7526f5978bfae6ba493b7b6bd051a6

SHA512
563a242ff508c5050f1dd01fddb5a262a5bf32849416e016f9cdd4441351c1e5d28bf9c2c4ff6a6827c4f0f48541ce8b18ca27906996ddf4b59df271e88232cb

Download Submit
/data/data/com.donews.firsthot/databases/bugly_db_-wal
Filesize
76KB

MD5
c2b0ba486c18b42bbca17c542db11231

SHA1
0b19de12984658410bf8ef8c06880f260d0e4e38

SHA256
921168af4405a9d405a8d9324acf2516f4e81a1ee22ae0136561c3bfc3f7ad06

SHA512
b8d6650a5b213fb32d2e4c271270ca2b9adcde302abec1c76f26726cc51efdf5061d56bbee381a3ad4ea0fda7061e7b595465b0d231b993e9ce8828581eff173

Download Submit
/data/data/com.donews.firsthot/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.donews.firsthot/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.donews.firsthot/databases/cc/cc.db-journal
Filesize
512B

MD5
eba1acb4ab7055d69c92d7939ace3b65

SHA1
ca3c63bdb92571d752f124d7ecabf8e08ea42f5a

SHA256
797a56259d4d883117841f6fc7b780a4207176f2abe273bff4301244ed630064

SHA512
8ff7a65ccda66004fb71c77cfd4dc12e71de94d8d6fcdb008e1f3b104eb071b161a6970813598b0fde819d9e63bfc02be66609f6c22d4d3fc846f80209ff9fcb

Download Submit
/data/data/com.donews.firsthot/databases/cc/cc.db-wal
Filesize
48KB

MD5
4ec326a9b2daff4a299dab2929816e23

SHA1
edc0f6ea4366be20af6c7263bec453a24f25c26a

SHA256
329c0c77b83f7f3de413b0027e7f75385d6c6ea8769c55c5ea332ce299b21a6a

SHA512
2d0ee0a582e895533073e1395a0d4727800b62af923a467d7e7c329ff5427c3d239a2288ec0f986eb7c40a239445debafacda087d7454b4815c6498c3ed6b90c

Download Submit
/data/data/com.donews.firsthot/databases/cc/cc.db-wal
Filesize
16KB

MD5
6c358cc82d87a609adf7750d5ef85b45

SHA1
31e6ee43b9169f5c83a81a211d5ce84332d11df9

SHA256
608bdf5efa177b33fd3ce8e52b5026cdbd1b1d84bdef10572ccd43790751487e

SHA512
5667d3db10084eded64c5378a1be9f33574dc4b514b306e9fdf6c5eecfabfe641fe6fd97ee65591d52edf8e5de19d9101368fd7647c9c6002c4c201017c2df74

Download Submit
/data/data/com.donews.firsthot/databases/donews.db
Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/com.donews.firsthot/databases/donews.db-journal
Filesize
512B

MD5
75acac4a25eea46f11685ba40be2a476

SHA1
7c2a54674b00e82bc1eda72f7281116f5b477db3

SHA256
56e83c9b5d34fee3102cdecbb79e6cb4a1b5f39463b7c9ff1ce24bbedb73dad1

SHA512
a4ba626e67eb0c7dde867184db38ad061e3c8459a95a9a0bcd03fbf51817759508ee030997a385a3101d2bb7619a53538eb7e5584ad136d1597d5759f356779a

Download Submit
/data/data/com.donews.firsthot/databases/donews.db-wal
Filesize
16KB

MD5
ed3c3d4f8436f67462e7e5264f73507d

SHA1
090028bc47168243281df44da8c160181d62caf9

SHA256
c5ca1a1abed0f4a36dc4fa4cf7caf1625f97a10c48bac1c15268abeda9587d7e

SHA512
9814abbb2fee552fe0089469f3994d5ad29b813321a93e0733e0319bd729c3057a2376e2766d821fda9226f02fd8eba90b19db5926b4b25397bbfeb4daaaeaab

Download Submit
/data/data/com.donews.firsthot/databases/donews.db-wal
Filesize
4KB

MD5
16f70e5cdf8a9a489d825d0ac17c306e

SHA1
16d70dc055ad7e16949e9370e0f37f44ac14701c

SHA256
e1bc4ce7598d034b5831589c90f9c9ac4ced2414a7dd2441c25ce46d2ee7a6ce

SHA512
242ebefe6d2e4a7a19b2e1c357a23a6096a1290462a4bd2ffcc6b3af09f86509cb291bbb08b90c2afef469e94d6dab6ab561f03bc9386ff98a449f10c30f536d

Download Submit
/data/data/com.donews.firsthot/databases/message_accs_db-journal
Filesize
512B

MD5
20d1ef8947514fde5f33b80d78b7ac8b

SHA1
baa5ebfe26917baf5550a29525b334fb8c6ad0bf

SHA256
b0a60ea4d94e96369070b457438af226c66f2cadf6dc3c44df5f3e6882df536c

SHA512
b9bf2ca8ada0b34b313d19653d717ae038486ed1e68d56816e8073c8640970278ea4b3c019672c0ac660cc052c4f8291293a0a60f90057d9b515d842baf8bf2d

Download Submit
/data/data/com.donews.firsthot/databases/ua.db
Filesize
32KB

MD5
86c7c4ba50beb49e6337f153e4280ce4

SHA1
1088d61a75058d1cc1db0886459841fab0bd4d5b

SHA256
8d7c0e0b49b34c57458c7a428635bbb4c109cdcbaccf159fc9d7da88f50c848e

SHA512
9bb4098b3b9b7e58be78d9f842150ef3c6a26a3d2b22acba57ff427edf52338cc941f0b82e394190e4aedb0b78453db190f0087eb638219beea451a8c33401e6

Download Submit
/data/data/com.donews.firsthot/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.donews.firsthot/databases/ua.db
Filesize
16KB

MD5
60dfdee6c327667d74d5e0766dd84f6b

SHA1
a41e2fb6fd97e4198069016b0fa1534954a2c6ca

SHA256
123eb56af556e145f2546faa24bf48e6e11b083a1a10ccc28953f5f15258cb3c

SHA512
136d9e4cf03fa5ae4e99655776d8ed123f955d7f5d34c630074347d6b9963b5fc103f8b8781516693ac4e37ed41e37601ae0f5108f9a6e6cf3b946d0bfeb0e65

Download Submit
/data/data/com.donews.firsthot/databases/ua.db
Filesize
16KB

MD5
0606e1297b0daab61d0d7ecba7767374

SHA1
c6b348b42c4aa857210c5eb3a367e6b3fecd3de8

SHA256
1f0c09df481f26391fb084cf9a7bf9fe0fd2855e9a8c313d6ba73b322eddda0b

SHA512
262b49cddfb89d92a19cf616c7bb4cdf22330880c905a9371745bd3d3e0e80ad21b79c16bbde62124991b99d022176301191ddc5b8f9a7176e7ac4809149d63c

Download Submit
/data/data/com.donews.firsthot/databases/ua.db-journal
Filesize
512B

MD5
a80010ab15bfa86f6f987154a04b6828

SHA1
4b4619a3bc41e028dbe788150d505d230ef3f77c

SHA256
01176ca914bccba7c5f74b4ca04e346860d7ec0b4d51872380022ac525ac2adb

SHA512
22ec6dd50781ed4f0b8144ee01fe747dcca9fae72e9f7557ab51df88282494c90387bea3ab2e3e46f6c9b6bea69b4d98f9806c1cf3f9720179c5dd54b9655842

Download Submit
/data/data/com.donews.firsthot/databases/ua.db-wal
Filesize
56KB

MD5
be77188b3038807c224ecd0fd5ef546f

SHA1
81a43f0c37514d84a26facf20e32c316129d65b2

SHA256
a707469ddc492156ebf14fc82447ba3eca91b1d5e7adf801fca7fa9a947b8005

SHA512
ad1f1542023921fc574b660a4e83e5b1c97538c829d8cc531aa5e6702fcd56168fde92e03b9083f49d8e386585b2333df78bffac0469d1bdda2438ac96713fde

Download Submit
/data/data/com.donews.firsthot/databases/ua.db-wal
Filesize
8KB

MD5
44a166719fc70c6353d0d52eec27c467

SHA1
dfe9325cd7574effc2536be4e8437634665425da

SHA256
da1226f038014cb18d670cc7db5fe8b40029b7cba62e8e37f838b25125d4a8cf

SHA512
cb39caca63fb4fb2dd1aa3a56698a868aa573148ce27bf243c7cdd1f5384b7ee405ef9918a7b0a04bc8a32f2d5073651591c53c17cff61825cab0b99cf26faa0

Download Submit
/data/data/com.donews.firsthot/databases/ua.db-wal
Filesize
4KB

MD5
4a0698f8ee4c3330ab34144f215f8ce6

SHA1
3809298e7a8cadf51301eaeaacec02fd302c997c

SHA256
647a94b0fda62d5fa076c3fad3a43c06ab9de45c0cd0887beb056232202bb8c3

SHA512
1a680793193f4879e2ba5602893a20428bd80816520e920b52c828d0e6a184b765229673f18a81bbeb9b31504234ee179b16bfa2bd0656bcba21113fe25c31c0

Download Submit
/data/data/com.donews.firsthot/databases/ua.db-wal
Filesize
4KB

MD5
7c374b82ef7d5592d37e0d7b704fcf8f

SHA1
1d6c16d6b0d28d251dd4e3854a1e8d317534a5aa

SHA256
80377ab06c26682cabf7b7e7d708493144a7aba6975ca1983d1ff266d8bb9be6

SHA512
b1a288d1f0024dba7e3cf9c1c417a2df90312b8e80227651b454685009708730201ed8bec435a5d1103cb981ec24cdaa7ba623a72821c7123e25295e9c962474

Download Submit
/data/data/com.donews.firsthot/databases/xUtils_http_cookie.db
Filesize
48KB

MD5
06499999690743a703901b8097c2153f

SHA1
7d5d704f530a9cb57c3d477daa765ef13508a9f4

SHA256
18702aa1b42459bb4438c6ae09a171bc80038254cfed2248d3316df3041b4ecf

SHA512
e1bf9ddb3cac39a2912ea96fcb51ef701c870e00cb9b0fe1808894844506042a392d231b827cf13231f3acd44901422699dbad7f96bb37b2df14dab076d24475

Download Submit
/data/data/com.donews.firsthot/databases/xUtils_http_cookie.db-journal
Filesize
32KB

MD5
0e4f312c8ecb708370f121748c082f46

SHA1
284d71262f1ada3cf1727aad61e9f49c31e2a622

SHA256
5a16ce454b2522934eee04e08d180ea01d1b9becce1b6ede5b178d2c72716e8d

SHA512
0258031cd10750b13b4504b5f4f404403867f34b96888df3abccce49896c3f4c16afb608ad9c6599c79f7bdf2bfd3ad34effc198fbacda16a0a63dbbb91b9f41

Download Submit
/data/data/com.donews.firsthot/databases/xUtils_http_cookie.db-shm
Filesize
88KB

MD5
79c7aca658c43939a0e477918d201941

SHA1
985fa1c14132084bd544760efdd57af6636c5e96

SHA256
e6bac7fa155c29e2c255df07f723b1aad0696ebd399648e076132f2a19c376d1

SHA512
ae843671bcaf2b345ebc861236006ca96ee2ff641401f3840487c28348a028bf29b27b4799fc4cd6a9a5107c9e70167d2b88f8420662d43b6253bc124c7198f0

Download Submit
/data/data/com.donews.firsthot/databases/xUtils_http_cookie.db-wal
Filesize
16KB

MD5
ddb43fd8c17ff28292268706776c3d02

SHA1
aae18f030d891ec5df51388fd8657a794af2de0e

SHA256
5746d9c69e90b83529bff01c927f7d5e45d626cc864c35554efc0fa2fa871368

SHA512
1071a07c634028d51913a4089e224d4a6749e79264fa33d78c0e9b9682da877aaefa972d49cba18adc0583ea7bc0618ed9b0e98e80882c031e19f314c8b00e07

Download Submit
/data/data/com.donews.firsthot/databases/xUtils_http_cookie.db-wal
Filesize
4KB

MD5
1d9688f3063cfaad0c6b421da7680baf

SHA1
2b8ae0b7f7ae01015d1d4ef3aec661218a12a481

SHA256
b2f736bcfe2e5ca658c7a0764c39c15595f4a98fc10936c9018b14976380b7bf

SHA512
149776d26ed16630e073bcc91465642a41f5e5315fc7c36ab0896e64a504741c690e23cfd126bc8d840c3ef84bdecde41ec9a964ca40fdf8d99a008355f7cee6

Download Submit
/data/data/com.donews.firsthot/files/.imprint
Filesize
996B

MD5
4bd323f4878deb9b0ce27ee2cbb85a6a

SHA1
1018bf3af5bc355e2f1ec102f50b979b81166702

SHA256
00fc7e82e36f3fbda5d1226d4b0916566425cfd987c9f8b0169dbae1a4b507f6

SHA512
685ac96b642d3e1844885ec37dc3f7293fce01e39dc3235241eee2e6c2b6c2963ba572532afdcee9e768f72ceb77a0240508224774504acb766b0e08d3ce9c7e

Download Submit
/data/data/com.donews.firsthot/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
37a9e2ad88bef0b1fafd2702c985322b

SHA1
4494e7358686ea0f554924dfef860d875c62746f

SHA256
6b7608d3eb87d50c23db5cebe16eaad0c487f5dc78bd0ee3f343b163c2e72016

SHA512
fa88ad661a445daba491ec1de9878fdd78174abb032e661d19c16b5ad57630571284be6622cc2ce86b96b29c4b0cd80bf0c7a4806e74f4c2ef556166d8fe9c35

Download Submit
/data/data/com.donews.firsthot/files/exid.dat
Filesize
54B

MD5
0d9dbb39f3aa8cb766332eca82399161

SHA1
2af9d4bf638a8d664b520f0a3761853578381115

SHA256
c203c80c5704135c10f0708deef911840745788e04e8bfcb5cf0346b3d72366c

SHA512
ae5696605dcb976c47b59d26ad8a11fa0f27148b689544d52efb1e7a85711aeb98488cdca8e4f2d3e3d447301080c9252c1b89037c7d082e0986896e3c70d51d

Download Submit
/data/data/com.donews.firsthot/files/umeng_it.cache
Filesize
496B

MD5
110b19f59a5ac3e0ad94d34f72178019

SHA1
9c0076826e2df815bd83dd06f2790420e122b6bb

SHA256
7f076672836150a38b3852aac9bceb22c2ff00133c07b86e7891ff556821338f

SHA512
e45e142b89f5ff7e6e76b11fe791ab0968bc7639f16f622fcb1db8d8f5a6344f4efe900d8323ef7de8d7c9b71bd69239f0c76807c818b5f826e2045df64fdeb0

Download Submit
/data/data/com.donews.firsthot/files/umeng_it.cache
Filesize
252B

MD5
bdd65c7bf0fb694ee3be9baceffb628d

SHA1
1d1e71e1dd5794cb905cd66c41f2c2a219b5a987

SHA256
d11328ac14b8b7e619b640a7213eb90acc96809003194c3d48260724d0f74881

SHA512
acbbda9c6cc8b4a93d5fb8f9fe2f6195c6fa8ac444975aecf90b7acbdf83ab6dfc301caf67376b02ead3ca17a79cb0e59fb85927215a93b9c652af3d592783fe

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
01140d7bcc244920ea2d73ee158a2621

SHA1
8171fc2b82b7f299ee8ad6f840ac9dd13d017938

SHA256
3dac032cf0fc8615f4275e891af83f628b0f2e29ecbd9bbd931264e459d3e7f1

SHA512
17e803cefccbb2bbbd95c805c777a4175af659dae4eb783480b7386c75c4f5955c48640556e6a9266ae08e01e2ca5247b82709ede87735b161a73d0ae1052085

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
735bf5e82fc84bf4ea3f23fa45026b78

SHA1
68fa354264fb917ebc9aed188941cb8999a31416

SHA256
609ef5a71eb452408363a37ae24461d13cab11c5b8f722fffaf29b842d658304

SHA512
4537925f969fdcfe06a9d9ee3edfd9d7506dbcddb9b0a01a9ac015f3481db4ff5b815f8b506441d5e7824c069b363bfe8d7a8708b34078459bdb9ef6cecce473

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
03faebde6bf32b248ee729d63461d58c

SHA1
8b283a66ffb8d0d96cbf02c4125c258266d44413

SHA256
9279d34d8e911a4a7aba79e576afcf228c59b9fd0875ab1628502939a7e75783

SHA512
b71e359b6447477241f82a146c93d6901c9991c4e8a14bb0de5d9cc44b0ff49b42131b8e25b59ef738626be4cc3e150c94dd8d46da418cd7df3d324024f3df48

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
045508dcd90703f3d8ca40670320cf66

SHA1
e601eaab80e833592748749c4dae636d4b6dc82a

SHA256
ae781b1fda3cc406344dc8ae90146bec94441bde71ad5c6248f3c825022f7d3f

SHA512
457e5ab6612fdb99e81034b93a4605836a0bbc3026af4835dbe625c7064d301b3825e65a8db92f177d5bf241a88981bc885e0e2da365421c78af83494d2049bc

Download Submit
/storage/emulated/0/Donews/apprun.dn
Filesize
405B

MD5
3313987b2fb565cb253f839e8d7fa2fa

SHA1
5d396c01bd063ac6425b8a5f4ae3e725182564d8

SHA256
3c8dcc0efdec2bf5056d89bb4c5ea552d2c1b72d7b322541889c37a3eb478bc0

SHA512
301ea337e3ee76e8b3d450c963296ba66a2de82d50535c3b61dc529e94d863a43662cebf074b5f06eac73f35730575feebbe34d03b99005aa5cabf22863dfa69

Download Submit