Analysis

  • max time kernel
    179s
  • max time network
    185s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    18/05/2024, 16:30

General

  • Target

    55b2e5c53bfe00713164c2aa2c9a1702_JaffaCakes118.apk

  • Size

    17.9MB

  • MD5

    55b2e5c53bfe00713164c2aa2c9a1702

  • SHA1

    87279d1e3732d87e3b5a5c72f138b4502f27124d

  • SHA256

    1fc3dbc5a4161d462272560b4b0ab27c588bf37afa2595ed627dc81c3a682f46

  • SHA512

    3bafe2fc651e56ad7f1d84b379d5273545890d2ee8b06e67bcc9a5daba7145dfa98b026a1e4b81aea1ca9c6b029b49f590b6000f6b6e8135e4047e9ce727c618

  • SSDEEP

    393216:ZONPXBL3FFxnm1ucDS+N6cP+r2tF9Y83E7gf/dgmRYtjm:ZO5xpm1dbNLF9RUc2mWta

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Loads dropped Dex/Jar 1 TTPs 11 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Checks if the internet connection is available 1 TTPs 2 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Checks if the Android device is rooted.
    • Requests cell location
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4280
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4320
    • sh -c ps
      2⤵
        PID:4696
      • ps
        2⤵
          PID:4696
      • com.xgbuy.xg:pushcore
        1⤵
        • Loads dropped Dex/Jar
        • Queries information about running processes on the device
        • Registers a broadcast receiver at runtime (usually for listening for system events)
        • Checks if the internet connection is available
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4413
        • cat /sys/class/net/wlan0/address
          2⤵
            PID:4626

        Network

              MITRE ATT&CK Mobile v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                Filesize

                6.5MB

                MD5

                bc7b7cec4c2313b65f6d767a77164dd0

                SHA1

                f0a2fb5db284bc60f424c2084984c830cf4d2ca1

                SHA256

                84906c5a9b057b44e0df1fb8030d13110748ba30ef7a8017abdd3157ef349ffb

                SHA512

                379bec4a7a82a83c32e93cb3d5d0e0622d78ec79a5e17861f9600069283ffeac13340003fd2323c884a114bd45102034b3e5e609b3390ce099db6ef71a144432

              • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

                Filesize

                6.5MB

                MD5

                f1e1513c1caa393fe8e9a3f9fff03e7c

                SHA1

                db053d40d0ead70c10b229d129359601a8b5debd

                SHA256

                4e81f36348e9d21ea9121450a9c68817efadedf40bf365af9d54a6033b363934

                SHA512

                e9c0cb206d14c55f3bf375fddd0d1edcf2e4540c24ac5df6e1c4884e87be9861a87b4fa5a49162fd054bafac7ed223e6f79686ffd71224f64f7336173298c03b

              • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex

                Filesize

                2.0MB

                MD5

                e0cdaf1a37a325beb335128a913ce71e

                SHA1

                1b4f9eda9ff72406032655f7a7f97e361d90bb2f

                SHA256

                444121cbd8f09a2461d84bcdecea5c61c0a5bc7b0fd3671d6a1ba5a91281cbba

                SHA512

                2f24d69d48c4cf889db9b6d2d5c867b8ea758663e0e83ce1e7ecf650a6b5850669d35d46df3355a643bb2732b590d4609eabbe4aa74d4a4b076c3bb8e8a17d8b

              • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

                Filesize

                485KB

                MD5

                015df5724b50b4fbc6dd0caf7ccb817c

                SHA1

                980780e98c9958aec97ab7a0de8d28a4c5fd9429

                SHA256

                183990718a96d742bc6f1bb04c313e04db6dc62d445ecb294a7f15babd3281c6

                SHA512

                fda8f5343cac8102aade5f1aeac7c5b028ea5d8c92e3d12de92e1ffce30bab47a446f215c9cff7dd1e1bb88980ee0d27b5241e856719fcc1f6a5c25e062e9d40

              • /data/data/com.xgbuy.xg/.jiagu/tmp.dex

                Filesize

                284B

                MD5

                f1771b68f5f9b168b79ff59ae2daabe4

                SHA1

                0df6a835559f5c99670214a12700e7d8c28e5a42

                SHA256

                9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

                SHA512

                dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

              • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/1b980bbc765294097260c5501e33520cf79efb2e8ca5547693e262f223514bf9.0.tmp

                Filesize

                106KB

                MD5

                66c0c680753df4ee0641951b8cb1d613

                SHA1

                9573fb478fdd97f871e9019c3b88f27adb879a29

                SHA256

                97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b

                SHA512

                0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0

              • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal

                Filesize

                180B

                MD5

                37063fe243e9f0c0f014f25134b1fc00

                SHA1

                21d2f46acd1389325f9d3802807689f712f28a10

                SHA256

                a45f75c5ecf2ad7f9c8c66b70a6a719abdeb7ec73e80550f9e313bda34c305c9

                SHA512

                371dcd1f2d607836de0c7d6155bfd8188a292dbad5f4091edd34c81059f2f3bc2547f9ed73f77227f2e6e88ca133a9d51a2b50ea85da02514153592cf73dabe0

              • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

                Filesize

                31B

                MD5

                8c92de9ce46d41a22f3b20f77404cc1d

                SHA1

                8671a6dca00edb72be47363a7071be65cf270373

                SHA256

                68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

                SHA512

                30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                20KB

                MD5

                94ebbd986e7dca5e08e2680e99140410

                SHA1

                515a2c6b500b430fa20b4b6b846547b1b8074f80

                SHA256

                bfaeb947296cc0073d867f963bfedb3ee19840eeace225b3fe113e7e0ec6e21b

                SHA512

                addb470fdf8f0bb73086cacb1db7af24b70f0c1ce818c1fdb17221d6b135ca65d9defc6f73745c922092b0deae99413ef0b8074ad7380f814eb66e3ad6b7ed0e

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                20KB

                MD5

                2155701619d357f2080fb6530518abe2

                SHA1

                89bfd35cdb4ddf366987305cb81600fc86c0a813

                SHA256

                a786359ace431e01487f729e760876a7e904506d27e1efea4bb155cdcd556423

                SHA512

                9c79be048188576b27a78b8b5093a71491eb1da41160dd7bccd1ad6b6cb3b959ddbd8dc64cfe043fba23588249cfde0f0b0b0a85c00157e02c44f9b96a90ae57

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                20KB

                MD5

                ee9a0e23d0b5b009ef52465efedb9ade

                SHA1

                3f35f333f67a203ec9e140524bfb4f50c63f7f53

                SHA256

                10c9d6da788e38ff94185e7e324200d1ecd3856ac303d7d11a8e0fc17444be03

                SHA512

                6ace02f374bd84a13b04c4e8462f2550d5446549b610ac22915082cfe288e38eacd4636787955495ef7ee144131fa7afbb3c68e21d35d4e90f9280e3444a3855

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                20KB

                MD5

                60d2d332ac7346b1d9f692c4603dde37

                SHA1

                f6e63e2c4aaf205a5842673d89ee880696156845

                SHA256

                a6dbf7fafc753991ee79844edc777c68897ef7ae5ae021951777c58ed3173d57

                SHA512

                43d97445ab07edaee9546ce8b275c166f58bd42a8d7ae08f1f86ca3f16e48f3d73ae319e8c55598d1e9ddca32d8f4cbadf5161beb4859eab057e39bebd822e72

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                20KB

                MD5

                323fbd5f1cc6eb881352f680324c70e4

                SHA1

                2daf9aa12720553da6214737ee620007e07ba50e

                SHA256

                0b979ad0b422ed8c0a867c72372c2e0778ee7cab3525123a14251d6156cb3fb3

                SHA512

                db1ee462ac8ebaa622dd5fa14196d2cdb3bcebbb169d0023cd174c521d7c63c7e02bfea186a83f58822c94755d99677d9584944fb31205a5d1e86044e321076f

              • /data/data/com.xgbuy.xg/databases/Reyun.db

                Filesize

                28KB

                MD5

                02827dd47b68b98c29dbead61d6550e3

                SHA1

                a7b2cf853ac3c4d606b816ba273e6ba8e1cf1f40

                SHA256

                972a7555e13792edd22ebc4238ac271689b06499e55528cb8da5d7b5985ea2cf

                SHA512

                ea966e60fa5843b7f23788ecd2b5121be53fff79bb7819e8b39bb366bdcfe9976ad9d0b0edecfb9a3d45a957879de40859c3b34cbc7456e6821655cd9de89d5a

              • /data/data/com.xgbuy.xg/databases/Reyun.db-journal

                Filesize

                512B

                MD5

                69011f8bcecd479ebff8fd6288727396

                SHA1

                d67baa35131b6cc56c1065ea5b7a2cf092861de5

                SHA256

                c3978c1b6d8f2a01f2acc16936c6f5f90c1bbb8385d6c0e6cfa1428044da6467

                SHA512

                28e75c5b9d13c3e61b2a27eeab9b64087631275d458174f0c70e1485da540c24c72db1b0224294790e62ccd2085b168c54c96fccbb9ca5a85d2d7fc43f67cc26

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                44KB

                MD5

                2c24065e0798a84662569be5e7010e27

                SHA1

                f179eca5db0ea5dd5edb93540e39e7ee1c6cbd44

                SHA256

                f60f883dda63de5d0b3a7a279e01b4ce5be5dffee7b24b9bc8ca0e2ae0afa86f

                SHA512

                ed7a770584ed970892b568638c4ea83ad0c2dfaebb24d290d06298f0362237b1706bad8a23fa6ccb15d297f0a9183e2a0dda6bf2f257b100bdbe46c5a7591a3a

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                8KB

                MD5

                e33d4971517fffacbc6048e85a4f684e

                SHA1

                4bcc3873a7f8157add3caad326736b7c150b405e

                SHA256

                cbddd1cd3381bef2a8734d6dd268a519b4fa997527e2aba2a859c99382bb3a3e

                SHA512

                e5c7406e2ae5feecddb31ff34555278daa2fd0a9b80246e73b062fbe21ef9ff12c890b85b2644bb5d25c70e9a0237c7b76f7a5e757aa13769f1e85097604736d

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                8KB

                MD5

                afc6269b05c94f54f7144d3ca4fd4c99

                SHA1

                3465639d8f2deca3247de6c6d32fecabe8a97342

                SHA256

                9a667f4075246e837d7ae69c2a1ee9fc72ec0917db26c6a9f00e2bb866b50a95

                SHA512

                d8753f46236344782e3d3a85b20c2bb005320cbdf10b79a3133d386ac2c231b35e6dc32b005b7a67cb674c196efcdeacadcb6a5d0ad6d2927429ac0af2306d1b

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                8KB

                MD5

                c5c949a0a72ff264f077c699aca7313c

                SHA1

                a90336c734f8c766c335db2213ae011a2c865403

                SHA256

                e63362d660933da9232a66b551591cf30596f4949adc4772b4f962d96e36db9b

                SHA512

                5cdf6fc271fa61ec3d90985dba41920d902c67e17bcd49a0d4178cc5a3414f944a4f7e151d1a4bd56d4a1390a3398eda1f305ea053042fd4466b9226e43e5e19

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                8KB

                MD5

                54e95e85893e6ecb123558e746df11d3

                SHA1

                64cb2ee6de88d17593644d74fedf1b8e7607f94f

                SHA256

                988e50a2e11f16b6ac5005c212d68c707b60c9750fc6b634f3ff3ee570c6749b

                SHA512

                0ad9723ec403be1e5cc5953a6c1160ed406042a103cac312401b42996b996c08b706b4c96622e8bfbc3d725b9c3e5ba8668cdc1e58ccbcdda1d1fb6c9e112895

              • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                Filesize

                24KB

                MD5

                4fd8e11c4617b28fcbc2498fb918bfc7

                SHA1

                4adb9ff40eced15732a47496406abc1795bcbdc2

                SHA256

                c1ee7f416eaae990c05c6cfe95a492da016c3102710e569c9fbff45291254d7b

                SHA512

                e518912063f950cc17955b8c73e60ec3677a368b20f058216aaece616d1a7c9c4e67196878e4790d3abd98dfdab2cd9bfd4a81d2fcdd213fa1267a535461e3d7

              • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

                Filesize

                512B

                MD5

                04075dd9ff800e5f2e286897366e2ae3

                SHA1

                bfae973c98f0efdbd861cbf7ac6721b04789b229

                SHA256

                759fb4b13adc181ef86795c3830d15bced2ce03289d147f661fc545f7ba88d5d

                SHA512

                c6eab7b9111e16d1e9a6fe65062a6d6561069fabbdb7c04fdad12007220a0e65d125c89371a358ef08618758003118d74f609e435e6247bdb4af4926780d8db2

              • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                Filesize

                80KB

                MD5

                cc86ba17bcbb77275fb78e305dbd1f9e

                SHA1

                0b4219c9c150f0ee1f21e70122c8f24226e5486b

                SHA256

                4ba49fad46c3946796a3d07ef7b2185b665f900d425ccc2873e69aa18ddf6869

                SHA512

                7aae5876c52cb710672dd4931946758bf509bbb258dbdd77d7418ccf355839d694cd84d682a23dc4bcb82513409bac33d91476059a591ac8b2ad5db43708eb4d

              • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                Filesize

                140KB

                MD5

                709a8fbf1194d0e8255cfbe1f6c7cada

                SHA1

                c2aaef38fc2f0068f59debf8a33542f66011dde5

                SHA256

                d3c36e6205b98f06b66f07ea9493a3d0abe212e12cec0194176b8b129b354dac

                SHA512

                f6c57903b0c226162ba8503cf7dde6717bddc3078fa6448c97473a32019b0e7c1846f157745c78cb1beaa7f8428893dbfe5bb92e80fe03db3bf237dfed0ab0b4

              • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest27558214461684365095532231094976515190-journal

                Filesize

                512B

                MD5

                aaf1760705b3ff534f6d2bc0d8c0ab7b

                SHA1

                c8e9ac761b53116114fcaa7813573cf6113e3681

                SHA256

                feb013638a737be95684ea524f386b25de5a929e475d376dc899a04b42c06508

                SHA512

                606694a3ac0728a8c2a9b9b685395c5974871b241f87f1ab3bc44c62f9eaff1c94b0a0d4eaae9e5f9825afee76c92a87c6358f6c48000db5ddd480da831b7cfd

              • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest27558214461684365095532231094976515190-wal

                Filesize

                48KB

                MD5

                aa83663f8a3fcf5b5eae81611791c153

                SHA1

                824bd1d232104992a1e4225afea45fc8bf445732

                SHA256

                f8eee341f86a2453198eef355f7cf59429e43d39b3de2ee779c7525a61e96469

                SHA512

                d346e717631ffa8ee83f9fe9fab923db0a1cdfbe27c02cda2393f87dc1747eff970069039c9f7deb4daaf7d08c9dd35e1e8bfaa47b4c3b7eaa4564f99be0edbf

              • /data/data/com.xgbuy.xg/databases/xinggou

                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              • /data/data/com.xgbuy.xg/databases/xinggou-journal

                Filesize

                512B

                MD5

                53625dd9f10304cf6feb0f39475b18e1

                SHA1

                f53d8a7531da9291fc988670e0781c30f9a87b23

                SHA256

                1d1ac765ab6e2b5be4c2b00d9d6a22e57927f99298bac23f7ae36ac1b23d2fbd

                SHA512

                fe9c6b41d9929c9b254edb32c910009efa704f54e7f65e11f4aa2bd11dcd17728e4d5cfca3790d0f78af9cebce908876f3e714a6e3f92f26b1a7dd4b83690995

              • /data/data/com.xgbuy.xg/databases/xinggou-shm

                Filesize

                32KB

                MD5

                bb7df04e1b0a2570657527a7e108ae23

                SHA1

                5188431849b4613152fd7bdba6a3ff0a4fd6424b

                SHA256

                c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                SHA512

                768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

              • /data/data/com.xgbuy.xg/databases/xinggou-wal

                Filesize

                88KB

                MD5

                939439b19d6bfa272d7f98441e25cf8e

                SHA1

                c831bbd287046a623b043f0d284d4629f8b9b0ef

                SHA256

                ee5979578eccfe0359084ef167df1bdabcd37454344550f66884367799f37e2a

                SHA512

                9b3a76b94884cf06778bf163dadd845aaebcaa6364c9fde55811c27bff2acf0db804e557dc93c20b7ce5179c6f8f200b8fabb9cc2736239cefcd9e358148f342

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                Filesize

                40B

                MD5

                81024874f926b0c0c9e613997c9370b1

                SHA1

                a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

                SHA256

                da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

                SHA512

                8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                Filesize

                40B

                MD5

                3911ad10a2d9a4f7ef7a09639a1b8cf3

                SHA1

                d8d5dae863fe04bef8d987202e25e065efce1e1f

                SHA256

                0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d

                SHA512

                d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                Filesize

                340B

                MD5

                679d2b83bdeda825694991b7e7a16d11

                SHA1

                e727e7827c799b723770bc89371abd513dfb0148

                SHA256

                3c12d5dcfaacbf4100dc6e0f56fe6fa753d5608b5b1abc3fa4cd5eee6dd8e7a2

                SHA512

                1460f2da5d9747c03435cc83572974079328c87b7625a1e76c77580c88122a90e43dc6467be69e75b5091e85a881a99102988a8bae0f665fb5145473adc42b2d

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                Filesize

                340B

                MD5

                b90bdce8aed0632eba067ab5b6f95f45

                SHA1

                781ada9099f1ebd98e9e6bc0671779f6b769c371

                SHA256

                39695a78529da49c5a2ad4c631b6a281e7774ba731e77f9979c8b07ca647411c

                SHA512

                fe0b4d42fa9c41d0143d000d3bbb583240a961068563d957741cd1490a18600031befd00518865623f68485a9d9311879f929063ac92906d3c7e76102c33dbf5

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ic

                Filesize

                66B

                MD5

                46c7a3c0004f15ed66fae7917cf02459

                SHA1

                8b9e502e201cb9a38680406b53e6b9d563d161b0

                SHA256

                62ded4545adbc4d2227296ccc92293830f9bbb2b00adda3734ce5879c9192517

                SHA512

                cbf444b650193ede5f99717ee5e01d9785f9c2bfd4df669d3a4c47969a7f2d447e5083e11ed932793f613d4b808f428437fa6a2be7e302601bb773077a3c9fc2

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.li

                Filesize

                100B

                MD5

                6633d0ab5ca39deff748c4edf9a404ab

                SHA1

                32a91408eb4d67d59419324c1b4d4cedc91518d2

                SHA256

                eeb1129638836ec0be8cdda1c871bb977dabf316e524fccdecbb89a6ac65dc73

                SHA512

                2c49539c779d7d208aa7921b3c3bcabb44b1efab3d2ffe052080b6b6bcdd95e6a27f22252234dc2b72391f39166dac4a96ed0837fbb573db0f9e11bb1e269067

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.rd

                Filesize

                73B

                MD5

                7cef4bf7b995564773e94229541dfd48

                SHA1

                4270195392562f55dabae96238b59d535f5d35f5

                SHA256

                b599c40c0ae5855d3ebfb7b876a0390274d0432e41e5d58b4f347e941f2bbb1f

                SHA512

                74c9fdcf8183f798bfc0eaff0bf1b0950a72bce6689e2c00ecba8e98d975a4e0e872f8ea406f400de8f6941fcd56bf75820e044585ddb52df1d9b851cdedceb3

              • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

                Filesize

                314B

                MD5

                99425412299295600269f6f71edaffc2

                SHA1

                9dd93d5bc8b5a8543b6048440d24b8804dca9cd2

                SHA256

                7c5254164b9567e702cabccfca1442c1d64775f7371bff082c28b812e691a695

                SHA512

                e0c05c94ac45770f801ab59859ea6d0f8e8a289310deed449e50b7ce8861c6d9d8a93d88761d9b595e6a07fc0b63d4b9b173aae2f2c72cf1a496296c1b7436e9

              • /data/data/com.xgbuy.xg/files/.jiagu.lock

                Filesize

                27B

                MD5

                49e2b6f4b0ae1fe8455a74df6ed11801

                SHA1

                93a535f4a615a9756e8c41853e09c85de8ee456a

                SHA256

                77b6a560f0ae8809696a8e0537564539791288a7969a54acbfe3cab53c898a26

                SHA512

                4a5ef0cd63fc5f2483b83e1ea5c1f948f2377c358aa503788174b366437378be23c5fce9168ed70a8ed3333169788e431c3b0600d62398c6194ba62f949db96a

              • /data/data/com.xgbuy.xg/files/Mob/mob_commons_1

                Filesize

                2B

                MD5

                99914b932bd37a50b983c5e7c90ae93b

                SHA1

                bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                SHA256

                44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                SHA512

                27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

              • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                Filesize

                23B

                MD5

                8e24e79baab91c4d0604eaa9006a0cb3

                SHA1

                e427afc94a4b957a7096f73e395a10ea404c076b

                SHA256

                65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

                SHA512

                45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

              • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                Filesize

                62B

                MD5

                53938cd100aec1fe03e1b969f1a7a349

                SHA1

                bddf641d4297f59a2947a502174173c93c97533a

                SHA256

                3e31522b85c9fe2a779f18919c31f705d24b507e8e986c4c2f2ba7e3a1f5f44f

                SHA512

                5e019f327ff7de50da47add7fe3f3786a1c2904d4487444579ed17f909120fd011a8f0bc61449b84ecf2fcdb550d7bfd50974b575413f463aa0a5e032936cb87

              • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                Filesize

                86B

                MD5

                31c4d6e58faec74097ece9c9d08f54f5

                SHA1

                e5ca123dc7bc4b6b76b03b81318e11e8d1cea547

                SHA256

                13da06a4e200a1c105d63f997d649843fb00da5afe4bbabe660dd74eaf922a45

                SHA512

                74a3076776a1fe69214b6ccbf374f2e8a6d483584604c1b50e9e002e8b51f8f3c9c7162df6392acb60642dc6e0623890c489d14826f6f07f548a95a1726c8a40

              • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                Filesize

                131B

                MD5

                33c3ceb520654f941204559ca973ccde

                SHA1

                70cbdcff3399ce530b58991bf95fc17da5c0be59

                SHA256

                7bdda750d21632872c52e9e2507acc91ae02b703137df30e93a4a3748bd51f17

                SHA512

                e8f427c9ee383ab641d55ec369ff92e921c2812d4d23d83b919a96789f9bb68e75a939fa4e02ea164332053ebd2eb26477804ca3da1313940ac5d8a928066f09

              • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                Filesize

                177B

                MD5

                eb2badb04dc5e6c4835aad1c0dfd6dfd

                SHA1

                46f19a57ab6b692cb6187a71a2df7dcc3b220b2e

                SHA256

                3b6621e31827a4992fe3d6c3f55648c74c87672f798dff74d8e77fbef2787fb8

                SHA512

                ba2866117d9830aedc023cd87b75459b19bcf324054ac1b6b5e0abd04f78dc4374d6fba083e02733fcbca941eddcdbeb03b773af6a1fdf3ef1a7ec6a96e57b24

              • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2MDQ5ODY5NDcw

                Filesize

                1KB

                MD5

                c122f4c875713eb15884e99e0d94a02b

                SHA1

                bbb5aead8ec659e336d89a1badee9fab4e203e33

                SHA256

                0798e6bcc72ce742221c70d8738f316d5572c07368786755f77ce96a9b3c4bff

                SHA512

                933886bdf55727899a545f53f739da632f2659b7d158a1530ae2ff55a5d261be066577485d84ed3f1724bb7f6bc71b4de6d04cfb700d248c133274b68171cdc7

              • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2MDQ5OTAwMDU3

                Filesize

                1KB

                MD5

                4ed8c275d677a7781450390a87745fce

                SHA1

                86c7a13f11f77d3febaa012ca178176a89516609

                SHA256

                156cd83a732aa76f24a88713ba031f6667a1b5b404a25f0d248caf6afffe6704

                SHA512

                77ef807921474725fa5fa091804c21139666cabcd558f22926c100ce3cc84d1ee7af9d39b4de8c954b782fe1f652663698f01fb60f6911bf4423ef238d33660b

              • /data/data/com.xgbuy.xg/files/umeng_it.cache

                Filesize

                415B

                MD5

                54c441dd1738bb22acc490e5a213d416

                SHA1

                246efd747bee9fcdf628977e8cf6f21f7cb2bdd8

                SHA256

                4aa30aa51f4a39fdf38fae83f43ff157cea933049d31ce3ed5200cee04725575

                SHA512

                cb3b92aa0a636f817007103558f71a6ad1a4ee23b87cd030343208d6012274bbc55cdd16eb19fa78d96761dec88b975387431c856b72691dfc60b5b2769bb1dc

              • /storage/emulated/0/360/.deviceId

                Filesize

                48B

                MD5

                1d8d16c4e3b19ebf18988530d9b9a757

                SHA1

                bc94c1cce05cd848a53271ecb9c5311e27ffebf5

                SHA256

                abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

                SHA512

                4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

              • /storage/emulated/0/360/.iddata

                Filesize

                32B

                MD5

                5bf85148841d8383d6d7b986208f4e57

                SHA1

                3ae0cec3700200310342e6fe027dbf002e8dbb87

                SHA256

                5c84aa5fca03441f84293fdc45f10fe0873daebdee032eb82ffee4ce4bf8654c

                SHA512

                900486ef249d3e04f5cc092b1203a3a447a80ac84a870cd749fa428e850e13e2290d00262f99ebfc5be55cbd771c9b18eb0e4133cc668b6086fe525ceb1c96fc

              • /storage/emulated/0/Mob/.slw

                Filesize

                66B

                MD5

                19402718bfb1c685a726b4e1d846ad98

                SHA1

                02a7e30044a67085f2f1da24e16e4ecfede65b72

                SHA256

                079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

                SHA512

                25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

              • /storage/emulated/0/Mob/comm/.di

                Filesize

                57B

                MD5

                acc2a2f5cb76c41d2e97e0d409b53bdd

                SHA1

                ed06f22ff10e0912f50d53bc775ed2ae70f85d5a

                SHA256

                12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448

                SHA512

                faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419

              • /storage/emulated/0/data/.push_deviceid

                Filesize

                32B

                MD5

                6a65db3c56fcf56897d18b9cb35ddebf

                SHA1

                51660e17cadeb6aed417a246d7ff2311527051ae

                SHA256

                2123ea93e50eae952c165c41fec69dd7414031a5e747f7f869e2872a747fa545

                SHA512

                7c6651e6a33da8c5c9386c5ac1e734948645ea7ad096274c76cbd641559a2cf86d34347f152fc43c110b3a8e8394c70883fe1a1e805839b425a259c077ba4d5b