e0bea179f8d3fab81e71eed366eafe78638da426954429d8f7dba208b18679eb

Analysis

max time kernel
134s
max time network
157s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
11-05-2024 11:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3479a5930ac9cf6c11a8cb9365aba8e3_JaffaCakes118.apk
Size

19.8MB
MD5

3479a5930ac9cf6c11a8cb9365aba8e3
SHA1

449e15365778fd6f2e1515b14926ebcd79f5bbb2
SHA256

e0bea179f8d3fab81e71eed366eafe78638da426954429d8f7dba208b18679eb
SHA512

6991472d347466604a992e2ddca46385de8478f4d62132b1d745b67aa193216ad49e02650d0df20ebeeb3ffb699eaf44705d159a0eebffe7f795be854f61ab8d
SSDEEP

393216:71GuZ/KAfJfpsweES3RmdGyZNWL6jaU1YZNWL6jaU1a/LdR82YU8oySuM8e:Bp/KKTenA5n4SYn4Sa/LI21ynZe

Score

7^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

cc.ibooker.ibookereditor

description ioc process

File opened for read /proc/cpuinfo cc.ibooker.ibookereditor

description	ioc	process
File opened for read	/proc/cpuinfo	cc.ibooker.ibookereditor

Loads dropped Dex/Jar 1 TTPs 17 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

cc.ibooker.ibookereditorcc.ibooker.ibookereditor:alarm_servicecc.ibooker.ibookereditor:remote_servicecc.ibooker.ibookereditor:channel

ioc	pid	process
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex	4195	cc.ibooker.ibookereditor
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex!classes2.dex	4195	cc.ibooker.ibookereditor
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4195	cc.ibooker.ibookereditor
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4195	cc.ibooker.ibookereditor
/data/user/0/cc.ibooker.ibookereditor/app_e_qq_com_plugin/gdt_plugin.jar	4195	cc.ibooker.ibookereditor
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex	4368	cc.ibooker.ibookereditor:alarm_service
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex	4390	cc.ibooker.ibookereditor:remote_service
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex!classes2.dex	4368	cc.ibooker.ibookereditor:alarm_service
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4368	cc.ibooker.ibookereditor:alarm_service
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4368	cc.ibooker.ibookereditor:alarm_service
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex!classes2.dex	4390	cc.ibooker.ibookereditor:remote_service
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4390	cc.ibooker.ibookereditor:remote_service
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4390	cc.ibooker.ibookereditor:remote_service
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex	4619	cc.ibooker.ibookereditor:channel
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex!classes2.dex	4619	cc.ibooker.ibookereditor:channel
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4619	cc.ibooker.ibookereditor:channel
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex	4619	cc.ibooker.ibookereditor:channel

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

cc.ibooker.ibookereditor:alarm_service

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground cc.ibooker.ibookereditor:alarm_service

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	cc.ibooker.ibookereditor:alarm_service

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

cc.ibooker.ibookereditorcc.ibooker.ibookereditor:channel

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	cc.ibooker.ibookereditor
Framework service call	android.app.IActivityManager.getRunningAppProcesses	cc.ibooker.ibookereditor:channel

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

cc.ibooker.ibookereditor

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo cc.ibooker.ibookereditor
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cc.ibooker.ibookereditor

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

cc.ibooker.ibookereditorcc.ibooker.ibookereditor:channel

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cc.ibooker.ibookereditor
Framework service call	android.app.IActivityManager.registerReceiver	cc.ibooker.ibookereditor:channel

Checks if the internet connection is available 1 TTPs 4 IoCs

discovery

T1421

Processes:

cc.ibooker.ibookereditorcc.ibooker.ibookereditor:alarm_servicecc.ibooker.ibookereditor:remote_servicecc.ibooker.ibookereditor:channel

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cc.ibooker.ibookereditor
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cc.ibooker.ibookereditor:alarm_service
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cc.ibooker.ibookereditor:remote_service
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cc.ibooker.ibookereditor:channel

Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

cc.ibooker.ibookereditor:channel

description ioc process

Framework service call android.app.job.IJobScheduler.schedule cc.ibooker.ibookereditor:channel

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	cc.ibooker.ibookereditor:channel

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

cc.ibooker.ibookereditorcc.ibooker.ibookereditor:channel

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	cc.ibooker.ibookereditor
Framework API call	javax.crypto.Cipher.doFinal	cc.ibooker.ibookereditor:channel

cc.ibooker.ibookereditor
1⤵
- Checks CPU information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4195

cc.ibooker.ibookereditor:alarm_service
1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Checks if the internet connection is available
PID:4368

cc.ibooker.ibookereditor:remote_service
1⤵
- Loads dropped Dex/Jar
- Checks if the internet connection is available
PID:4390

cc.ibooker.ibookereditor:channel
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4619

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex
Filesize
6.1MB

MD5
dc455067bc5b6842806bb3f66d27344f

SHA1
d89619f6fff15d2e34476a220593ed2c632ac089

SHA256
f80fc989543100e7ef8649fbe6eb3b83f4f52be4ae015620b0b8255193814ac4

SHA512
a249a7df695a289cd700d747c664a18cb80e7de3e9caef317c55027784eda2c93e33ff326f364420a6debc095d9e3bd388411432f271845b538d41203241aad4

Download Submit
/data/data/cc.ibooker.ibookereditor/.jiagu/classes.dex!classes2.dex
Filesize
4.2MB

MD5
3c34038f35b92ba1e5448773fe79b2f9

SHA1
1de70488546b0b421386d0dcd386a84981cc0075

SHA256
5f73cd9e80d4df6a8b5a047d735bacda9eb3d552dc4e414a199ab3b1469f749c

SHA512
a51169d242ff9baa423e33543af104cb1072b53a10a770fa79b5303e01a8fa83927bc33532e6b58174aa5e9e502136275f1674572d91ad63eb2b0f2edd6bb8d6

Download Submit
/data/data/cc.ibooker.ibookereditor/.jiagu/libjiagu.so
Filesize
475KB

MD5
f0f9ef36b67807a253b5932f865eae7b

SHA1
6a8d66c6efa2750b54cb763f4ad044bba4154e0d

SHA256
646dcd8290a30e992553186392239da39ce7c8e7c2fd87b3d6a880551782db75

SHA512
e7ea65467e557e4992e746d808cae3e2d16b42187b1a94326c47c689cef9fe21a2a9d2b312c60c8ff40e128dacbde84cd6b93a191ae38496584a45fe60c04548

Download Submit
/data/data/cc.ibooker.ibookereditor/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/4195.yaqcookie
Filesize
8B

MD5
899b6ed477b4ce76b2810280a9ff629f

SHA1
c8115b911dc60abaae0ba4e356561cbb8e5bc640

SHA256
6884885d86e5f943bf3047f5f790ef383cf5d580285cea8827ac05d70449cd85

SHA512
cc47c5e50effed80288d4fb8cf569398bc39e78a593c6354803031145321e20fa2c8c0c0a1bda2f4a2e101e8cdf711199cb61f62b77f4f0f4ad8cf8559cd2c7c

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/dexMethod.36117467.dat
Filesize
23KB

MD5
f3651e2baf89104ae96da59498f02da8

SHA1
67679866b23e4f49e05f319a7bbf572a9b20d03b

SHA256
ff24b64724c3480103fdb7ecdebfb5af3b0b2fba205c311f5f44e7e1c9e7bfe8

SHA512
31797d7c61e3e6d366ec3dcd53c5e4920a6e3b610b2a9d1451c136820aa57f4369063c5aa1985cb475fe7618e9ac98301011eb5a8c9819c0bea6788a9602ede4

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
468KB

MD5
6bfe094580c89ba696ef8772de47a552

SHA1
210bc4afce84b6e6bb36f97f68f9d3d9d3432643

SHA256
a884e386bf4ec066c9a82518c354be513182add87107552b1f4cf33dc80bddd4

SHA512
7ae8c9210957f06eb177fa0472ac1fcf80f0e6b1f308ec1906fe059c38623e404b37c34d9e8702cab66efc7ebfdc5400f1506db89b75a5fd1dd915ec2c2086a5

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/gdt_plugin.jar.sig
Filesize
180B

MD5
71f1fe7ba0e414fd233f7ae92e328803

SHA1
b42aeb1be13ab429f0150c50351d43af5c17d99d

SHA256
2766621a98b9c58bf7131ae3658dbaf36336b9b893b2325877550c75555cfbba

SHA512
5939aac6f0cfb02c5ddbe5a4b26627c1bf7a82421c7c6d269a9fc2b4bea6f0e9920f103e685d60fbf7da5a4ea96f7411f26f3a3b24fb03cd78ad3ab3a74e8a09

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/libyaqbasic.36117467.so
Filesize
84KB

MD5
b6e6c7cd7f3c254b98763716fa98fee1

SHA1
49cec240bb50f33fef8a1865e3c2c7055ec1bcb6

SHA256
7352abf94529b9e51bb5be62bf34b4a1f788676d5ca8d08328988f51cf04f140

SHA512
51d40dac8264578a98f6cdb5f8aaa022981562a6959d480f3dea67c1cf7153e6b5e2c6668fb644fea8b012d507056df68b7d2b0ff7c6f892c8fde1e25cffd0e5

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/libyaqpro.36117467.so
Filesize
57KB

MD5
0282eea6954ad2fc7f833ef0bb9a0372

SHA1
0300c9cd7000831af0ce6ec5e09f268ce629b20f

SHA256
90a8f7e58a17e416d42b686e9864ee4a2ec4710a043c22c349dd5e55bf0084ab

SHA512
96e30e773d18227ef7cc4332616c2d317b1a79ff1522928aba5956b916c4167c65fec4a8fd4b369d671f55016d0a21ad6ab3692a5bd0d25be2355f88c366fe5a

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/update_lc
Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/cc.ibooker.ibookereditor/app_e_qq_com_plugin/update_lc
Filesize
1B

MD5
0bcef9c45bd8a48eda1b26eb0c61c869

SHA1
4345cb1fa27885a8fbfe7c0c830a592cc76a552b

SHA256
bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec

SHA512
91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MessageStore.db
Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MessageStore.db-journal
Filesize
512B

MD5
4ed7a92f98214501d19b838a647eff9e

SHA1
bb063e52a9635fb0b248c5b79f5b8d7015163e33

SHA256
3b18b89d355420d2524ec683d11dcdbc124fe565c737149c01957dee0c475017

SHA512
2be0fae8294420f2fe64383d1946eaf69ac7a1bdae70c75a28f97267e39a12694362fcaaf44b5aac8f5545426b3049ef875c88a97dc2a8620f58d9b27b8e7dde

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MessageStore.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MessageStore.db-wal
Filesize
48KB

MD5
efbad06eb4e900828630d4bc5f961a12

SHA1
535003fc5c293910ea39da7dbbf7982c3583f291

SHA256
9ce52e59492a09c4592fcd2ab860d1ac151ac292de90d5011cde392e77ea8de2

SHA512
4e702a08c82ebe0ec5d4d5e783bc4219901be4225a10608cf2d82e4b104b23d1650dcf65ca17e1d9e413d4a4ea043e3a0c904c4ebbe00135e438e57071a68c02

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MsgLogStore.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MsgLogStore.db-journal
Filesize
512B

MD5
0aaea3105efe12bfda2de0d44c64cddc

SHA1
d2f5bf63d8b694de551f71b2c4522673db71c945

SHA256
cbf27a9d2460b4ee1b9c881b0e2835ab49bc73816fe05b015ed3ccf41c38dbaa

SHA512
caf3ec296ddc79cb43fea9a3eabde9b283726f710d8dadb58f2e7b46a4635599f358a7b8e25a0890bc4931bcc72b80da53aad32e8af657b820ec62da2eda36f8

Download Submit
/data/data/cc.ibooker.ibookereditor/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
8bb25bb0a1bacdf0adf9177584ca4610

SHA1
562df8c4a41d4f11caba03d93db7d5849a740a1b

SHA256
91adbd986651b7efdd9ed6c0d05deae63889dff1ea6f41509d9112e90623c3e2

SHA512
b5ce43d2f1b5425398b5f8db73c28a60e1130d3d950fed0c253fd2f59617dc3cbd6504fc01e17d6000849946257b4c3c5306e0985b3561c95de2d44e0e5cdeaa

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.ac
Filesize
32B

MD5
c3d0ffc5ebc468f603ec6d6665480687

SHA1
7baeabf6b5bdefe8fd62bd49d936bf36c8adca52

SHA256
3ad97c6deb5b74270f3e4af448b0aa91b322a1eb015fa4169c999dc4de515b03

SHA512
e6feb49bb7628da0021be7db5f854904cf6ed5630c54fdcd0c6bdbf63dc5ac63cc66a508b300370b099ab2b6990dc234df9e06083eac9a60803becd3c659856c

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.ic
Filesize
32B

MD5
766ee5f294b47cc896cf8530527bf5a0

SHA1
bd04c1780324d949af0bdf7291f9b3149665c1fb

SHA256
eff9fa9af3b87a79bb49dd7462c34a7c008f59fa0475021972c879cf8eb01ec4

SHA512
89180534ad92519303d602efc6bb529609f192b994f631a5bcac58034defafca01f3698ce43c6b4acc51cfe6fa5e9d5e15c1b5e855475ef1593fc33b231ec234

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.rd
Filesize
73B

MD5
14033c3838aa5043093dd175e9af6b00

SHA1
a32d53fa455a73da3a591894d6bfd40d70da4e66

SHA256
92e8288faa524a9b69069d4d4af9e6b827146fdee03dc4e3ca8ec99e4b7e3549

SHA512
1611937a5914d86c7de4b96c1d44c97c24be1d1dbbe88a8351e24f4b8401bf3290159b0fa0ce2656c92392f2125692c2bebe0e44dd04e0cffb7db79a30464307

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.ri
Filesize
32KB

MD5
fa67995cbdedce3d6f88d27746434cd2

SHA1
b76ab9e621c83b97fc442b7daa232b3077db0160

SHA256
83babd9cd47e4a4d619f807ebc6f39a1effdab10775e930f068b61c230710475

SHA512
d6fce2d3fef1f727852320bb1bf66b18b5425e52e8a06d35acfcc337de8c73d2bcce9c1e58d2f9941d294d72c2f455d0bcec810eed7e8bb58940d0ea5a2779a6

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.ri
Filesize
314B

MD5
bf5d3001b216f626f06ae0ac80f069a0

SHA1
badc49f8a7228245ca850ea833f4e61a82459dec

SHA256
14652e8db9984ee62e5b89917535cc83ec68b1343cbffe296b174c5b12fcac8c

SHA512
72b2c46a083aca38eaa04376c8833f9d736e0a17e2e7206c7d84d86a8e5b216994067ee5f26c1a21dfb89fd7d8b8849c4218efcd492ca091edcd79b0c7e05dc0

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jglogs/.jg.store.report_pid
Filesize
213B

MD5
ff31b4e4ce726318b6a4ecc1ab787d0d

SHA1
1783da20d5343f19a03c3ca764c55b2798811424

SHA256
461904f8f7aa5fef39fa5269f8dd235e99e8be2f5a13667d35661c8499793c65

SHA512
1c580d33df5ed9576904157aea408a088fffdc3ca98007d1cec2f95426fa16dd9f3dc76f2ac0b35c6e1ca2565cceff9324a466b20dc862dc7fa24fc5bf09eacb

Download Submit
/data/data/cc.ibooker.ibookereditor/files/.jiagu.lock
Filesize
27B

MD5
bdc010fdf9487137bf5d897bb1a7dd39

SHA1
21355c130d8b3c44c8257214beea0cade915427d

SHA256
af3f0dc68344eb07e5eede16a00b844f73f53d21fa353e9db4f47fa4549d1b81

SHA512
6bc160c1648f3dd9272d89d56140a403fe54108ba363c6900ffba100ede4cf22cdfc441c74716c2dd72d733e089cb607ef1030b406c6bd60bf588894e37ec663

Download Submit
/data/data/cc.ibooker.ibookereditor/files/agoo.pid
Filesize
4B

MD5
1bf2efbbe0c49b9f567c2e40f645279a

SHA1
b1529f8a5f99bf4c2e9e2bbc2a4163c6aa5fc263

SHA256
4ebbca3ca29aad239c616dc000e64740e45889345d2ff989e14b2526a0ee82eb

SHA512
4286e07cff0a710bacb62d71e664875a8008990d955790efee8e6265aacf31194539f1d2a3c89cd0e2091b9a20f4660df8ed04201931ea9d93dcb1ac291a26b0

Download Submit
/data/user/0/cc.ibooker.ibookereditor/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
796KB

MD5
9f03083b3faaf85ae204f9ba7d72ea20

SHA1
436601a861d1c0c6e61e0fa8fb83671fb88f4d90

SHA256
e3d665d63e435195a25726c68da20d322169c157304f7d6963bf02a7dc28ae58

SHA512
e42ab94d65b52fe006197fd81ef55251a2ea6b922bc92e47afbf2a7e14fc84685b112831bdc964cad5bf97f18b4492f9d51d5f85d2e67480a6401e5a9ae1343d

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
afdf2f17ba45761a5cb57f611a019088

SHA1
44357b49c9a6c5fdd46c18c583b94907e2d690ba

SHA256
b25327a29f2523edbcdfa1bb91a3c34fc6ce5efebb671a45422c56c0508e869b

SHA512
c394c659c672703df29cc2d596488fd4a4cb3bc313ca2867cfc4739bc28b11dae0e90ae42546b9665c099c5208db46941c32599100fac80f549bfb3e182ef082

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
840b027b0c54ce36222a4422dadb607b

SHA1
26288a613f90e965a00620ffa125fd6898f2508d

SHA256
24d8bf5556b5f67686095788f48274169b06e5a433c2b3360d44f04eb98cac22

SHA512
13715fad85322f5b3f11a08f0c591e5338040fb5edf966d3e35ffc36a7180255c04ee2d1db14591955ca3975b37a376a3a8e9d53aa9f8b41288bbfdb41ef697d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
c184c63af3daf83b619bfcfaa7c09e38

SHA1
037c3382f7d6ddde23cc89e1ff6e697171a02057

SHA256
1b5b6741668b5f48b525c56d0bcac1b577f4fed7f18968bae1ba3d018d1898e6

SHA512
dd03137b5fcaa41a1801e1fcd5ba5d1eba2bf43bfe3f28b5552f4a272905a73d3979e9ef71eabc5ce5c700b1afd7e874108470ca0f0ff9b911ba11498640e730

Download Submit