Analysis

  • max time kernel
    178s
  • max time network
    184s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    19/05/2024, 04:19

General

  • Target

    58824f303341985caf4d6f78feebfc50_JaffaCakes118.apk

  • Size

    14.5MB

  • MD5

    58824f303341985caf4d6f78feebfc50

  • SHA1

    80b125dfd97dd13fa217663164e6f5dbec37dbcd

  • SHA256

    cb5e7148d142bdac750c820699703e34001c7af419f048235f154416a2bcf420

  • SHA512

    4b50b7f134a66ff2c10542bf694f08fd455e4bc61681f5c42f37671874a56a59ac48dfce6c8f0bef7b298ce9d8ea3ea8a9924b12e97e6f1d9194d73d34ef9ada

  • SSDEEP

    196608:BfHVGzuPs5PNE13P6TP3oO7SG+8Lg12VL+fnFuCp9L4jEwPx2Y0H+WB2FNGItvxb:BfHDstOWP4oS2VL+duy9LwKe+2ntvN

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 3 IoCs
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Loads dropped Dex/Jar 1 TTPs 9 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Checks if the internet connection is available 1 TTPs 2 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4317
    • chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
      2⤵
        PID:4342
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=46 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4369
      • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --oat-file=/data/user/0/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
        2⤵
          PID:4655
        • sh -c ps
          2⤵
            PID:4682
          • ps
            2⤵
              PID:4682
          • com.xgbuy.xg:pushcore
            1⤵
            • Loads dropped Dex/Jar
            • Queries information about running processes on the device
            • Registers a broadcast receiver at runtime (usually for listening for system events)
            • Checks if the internet connection is available
            • Uses Crypto APIs (Might try to encrypt user data)
            PID:4466

          Network

                MITRE ATT&CK Mobile v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  7.1MB

                  MD5

                  1965e1bb38c289850e4b52fed42d7972

                  SHA1

                  9d2c75b400801b402e446ab0e762458114d56d58

                  SHA256

                  e833d7742813edd2c6aef2e3b6b623b20a8a50b21ed82e0b77b9ab56ae311d30

                  SHA512

                  8af03946a4a3679db4b7aad6b62778c60eb84091495ea4011f77b6e0ea47ddd937ccb62be7e549f4cccfdfc19fc06e403c9733e98a8e5ae51a0d27c70c6d0d44

                • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

                  Filesize

                  382KB

                  MD5

                  0e2958fb6d7b2ff1d1930d98eecc2362

                  SHA1

                  02d543831b4c4b9307aeed15a8bb2bc063a26a4a

                  SHA256

                  d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7

                  SHA512

                  952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551

                • /data/data/com.xgbuy.xg/.jiagu/tmp.dex

                  Filesize

                  284B

                  MD5

                  f1771b68f5f9b168b79ff59ae2daabe4

                  SHA1

                  0df6a835559f5c99670214a12700e7d8c28e5a42

                  SHA256

                  9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

                  SHA512

                  dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/331608c17f28442e8b7d10f85593e090d1c8b4d3f562b3115ff626e74ce985cd.0.tmp

                  Filesize

                  79KB

                  MD5

                  3ccf674803e2bcca74d940a369b98a1f

                  SHA1

                  b82beb53b74476af3563d05f4b49b4628611c19f

                  SHA256

                  897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274

                  SHA512

                  b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal

                  Filesize

                  179B

                  MD5

                  0bc1eb3f0b3703cd86492f3149ffcef1

                  SHA1

                  df528ffaf5021d7ed7d223c488c4eeef8548c861

                  SHA256

                  3682aa482bfd7dd9c22e98c300033c6f26d5de8988c3a35cca34308f30de1a24

                  SHA512

                  a5055bc5d4a4a67d73027ede327a1a3f02126f192e9670dc366e6ede78a8195c8c73545b6c7982d543fe57da46ac0b148a0614677aa1be9de705f70d9ec68d6d

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

                  Filesize

                  31B

                  MD5

                  8c92de9ce46d41a22f3b20f77404cc1d

                  SHA1

                  8671a6dca00edb72be47363a7071be65cf270373

                  SHA256

                  68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

                  SHA512

                  30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  203a845b72c9cc4c93d665d7bb9e312d

                  SHA1

                  9046a83de3f28f53ce9c55d1102819c946f7a362

                  SHA256

                  23b13cd1126bb00044c652d650374b94cc1640b22dffc4e1d3059fa0d3182b7f

                  SHA512

                  078e7a36cc8816fc02bb9ec3dd2f9b17e6731edc2a4f7ad49ec789754def8f278f99c1f75fce544d1c3b1340c9e40cf73fdbf5104fe9cbe33ab1a3f0f19c0c29

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  362604ec3a088db9d08714af52269c5a

                  SHA1

                  6716b0987535f14399ebfb88c77590cc7e926107

                  SHA256

                  165d95746dfc9bba1f1bcd045c5bc350798f4ea215dac4ff01b48e3dc67b79f1

                  SHA512

                  c9635b6545178ed468de6e360d42dcfe16374bf5e409e77d33c3dc531e3f8b40ceeae9619da3a4f347b1bf0760a5d110def208078da45d5a39509a5d8ffea9a4

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  44073829b141420894401b6bf26aac9c

                  SHA1

                  b9974517358d1097cab26fe418a1c84f160a8094

                  SHA256

                  b1c39f145d7fa8a5bae3ab4043157abb2e9e9ba7e86812147fb17a8a8db5a4f3

                  SHA512

                  6864e272f0f2aa1313bc662de13197faa2b237bcdcfb613577093d07aae55ff6696e5f9c2e61449e6a65ca240b20a975082440dc579e7983ec3ea3397945ac21

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  e4896858ac071738ecd96ff23838a298

                  SHA1

                  fcda19331884aeacb6a0d5b31a9511f77a6f69c9

                  SHA256

                  633cbf1a48d0a0f6e72253dfa9bdc67f8adc6deb3326277cbefa23bf54325799

                  SHA512

                  bcb06d2be4020316de39ef741dd220e22609465c44ff5252f7a0476ebc252191c605d8d1054a5fd208b194d6a1f0a81a5f811057f5b6d9e543a7146e97d10b0d

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  db6501031119863bdb13be8005805846

                  SHA1

                  479a02fccfabd302d0a12e4a6e08088dffd33652

                  SHA256

                  2ff5cc8dcefd4a9984632b8a9168be15a70b687954062f4fbfc73770425da529

                  SHA512

                  72cfb90a3d263962bea5c33721bf2fdb1a2709d5fe363719e793b049f992c07f471d3d4af3a3208145bc3847c6c93c5c95c05469d16bd8cb8906b14a90eba723

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  28KB

                  MD5

                  6a10ae9c00a600ebc4b62be56522a52c

                  SHA1

                  0a8b8df6efee2dd36ade92b1316a296c90f7fb57

                  SHA256

                  cdce1ca699aae0f2e82a901324fbb896335113a1802a587cadd8f569b8a7fdde

                  SHA512

                  62346bc017429ef3c7a31fb290213fe4fc910f3dd825c4fe256562276a78c2b598594fe72ac582e10db68c9786eeb700964bd69c759b77151e4183e541d9eca0

                • /data/data/com.xgbuy.xg/databases/Reyun.db-journal

                  Filesize

                  512B

                  MD5

                  f969171ec9983b2abdb0646cc37fe796

                  SHA1

                  37b22588357459c16e686f1e534e7c7491685bdb

                  SHA256

                  07a8cf084ce111072c68c38a1eb67a91de446ed5dc5a1ff1de44394054203305

                  SHA512

                  8b9e58775f736c0e56b9e8532ded7afb1da63fd1d16ce4cfbab7b2ecf00e59cb394fde8e4de487abf6d33466b123d61a7f483b01f7fe25b41e412de6dbc85579

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  44KB

                  MD5

                  1940e7a6baceadbfaceffa77ccae30b9

                  SHA1

                  6f6fcebebcf5067e1718f50c6d86f5f5346ddffb

                  SHA256

                  7b1aeaf657cb58c769e8079fce710c3c69fc7259c2320942d8bba393bf137758

                  SHA512

                  5457e38d1e9359d620d6e279ab7bf0d2d080ec5093e13c4a01460a70090240e4ae795ab498082180cdb521e1d6617ad5daaf458d201ce6a1d7d707bda086b83c

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  c2584ff860ef80ec0a8f2460b1ac6e43

                  SHA1

                  d6fc0a56235ca24373e4fa15ade69ea29e6c4e22

                  SHA256

                  abbb583a86da4d1eed9cb5fe0e78d7bc4fdad72ac6e10c6a29b6512703a4a55a

                  SHA512

                  bd16cbfe847f26293b1c77009e0ec3d380522961bb1a4f369d093ee554da1f78c70a8b509808114e3cdd2cd25af6c8c60a003e7e5fa5498f1debddb6b2d0539d

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  98a75e31357f79ec2c3bd96351e888cd

                  SHA1

                  a0b4b940ccf7a9e539fcad8771676fbea20fe242

                  SHA256

                  12daaa610030f9c7ebcfe47291f32d957617e99595f8cd174ef103c6cbf8fb75

                  SHA512

                  e41d24ecd17f3f1fea2f72b3dfaae75a22645c1dc6bea3e449327944e8566a888d90788a16ccc0bd409a5d6e34aa485b65aec29b662b95be0a09964509e609ec

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  7f6dddb134792ab2d96fe8f7e786c32d

                  SHA1

                  194e343714dd1bf15717e6eb9657f9dea47d17f7

                  SHA256

                  cc703d420935d1feca573bddbb68dd8594535832663fad2a2decfbdbfdefc03b

                  SHA512

                  20ae7637962e9796bbd35d697781573e3ca4834c6a08129ecc682e869bb83a636203d1fa923128da6f79ed83f00c4a25ba1df73fd530cb3df298d9ce383b1ee1

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  7835a587252a95d1e97a12fad1ef573e

                  SHA1

                  5dadc1fbe3df2be35f9b28526349f5f8d30719f4

                  SHA256

                  7011290d5e66216b4147f998731e6cc63841e2a77d32afce9711da5752a93e4c

                  SHA512

                  2d17911f8e4e91fb91ae1d8f165cb3d39b352070791fae9ff64be30839355fc5cb8ac2be02acdebc8b01b1a03cffecff417d11e64f3e6209db3dfb6146339397

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  24KB

                  MD5

                  7b98c67c6ab0997689e94c439362c2d7

                  SHA1

                  9e9c8daa33d556d191d952402877c073f6f9e887

                  SHA256

                  67433c35f4388f8debea656da28307a9a8c81a1c7e0d009dcfa8e06b5c532603

                  SHA512

                  4fb99fd2287b8ba20dd5d22d6dfa338e975dd6ee516047c67dc39001d78b4d041d426e70fe6ac8614838c0c6c55942c7fade36b8ae8bd87c7943eb30784826a9

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

                  Filesize

                  512B

                  MD5

                  26d9ba99bff16360ab1654b105b3908d

                  SHA1

                  663994afbc19749aa78be9b63a25d493aa7816bd

                  SHA256

                  a20a3dc94742ce2895c42c5222900f1c53baa07e6b487d7b2291801972576eb3

                  SHA512

                  2c2e62614f03ee49ff6afd9f902550a1128d6306a80607835ba2649f4589900cec4e43dec27cdea8dbabbffde8a3be6efa02418f04ceb60a6f67920f63ec66e9

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                  Filesize

                  32KB

                  MD5

                  270803b0e41d1ffa84cb456bc16c30e4

                  SHA1

                  bdabd3a57f3ae263f5b89b698392439fe28e37e8

                  SHA256

                  0122df88b7af7476c9f623f1cbddd9a22903b0d901bad1ec8456fc6f314f1926

                  SHA512

                  bf0e69ccae7733e65b8b8a9f28e6531940419dae1b43154783d66dabb535081d092429fa53e6ef67c5e6189bfb7de778a7b7e54caf3a719b7fdd368a306db922

                • /data/data/com.xgbuy.xg/databases/cc/cc.db

                  Filesize

                  36KB

                  MD5

                  5d7ea1a23af19b4340cc8d90f28297d5

                  SHA1

                  4cfe95b23a9e98378d69c4290af81b51fbe76aea

                  SHA256

                  474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

                  SHA512

                  33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

                • /data/data/com.xgbuy.xg/databases/cc/cc.db

                  Filesize

                  36KB

                  MD5

                  ce6135aa1b1fe4f2c2db2a546d2a5558

                  SHA1

                  79b59582154017aadab783dc266fcb158c252940

                  SHA256

                  7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

                  SHA512

                  2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

                • /data/data/com.xgbuy.xg/databases/cc/cc.db-journal

                  Filesize

                  512B

                  MD5

                  a15bd8b9de5694aaef8e8a320b0d1e5d

                  SHA1

                  fb2ed34e69f913ad98fd7bf6212a8de77ff6c9a5

                  SHA256

                  7994c3dbf55591ed200ecc97f6eddc358b3607867da553304439d0893bcb53fb

                  SHA512

                  aaf9bc87e1591bb1d57c9a76586a2ea8a44c6cabdea95355305ca6256e04ccef1aacc4495c296bcd612c75d5c017787a9b04f9da62c06a41c08d1bf1e104cfd3

                • /data/data/com.xgbuy.xg/databases/cc/cc.db-wal

                  Filesize

                  48KB

                  MD5

                  fe0faf581d33b4b60c78a4243b8f1b33

                  SHA1

                  f6d508d54bb9ee769e4aa9016a10efe49cd37008

                  SHA256

                  f929364fb455e94c68cd2211ad600c231cd655b99f0e5edd33361241441f8154

                  SHA512

                  9c4a3fc509b07bc9e263e428b6dd8dfba6e1b3a60a87383df8958e7141906814c136e8bdf6270ad00038ef33d4919a107da9606db6c720dc7015b8176b9a58d1

                • /data/data/com.xgbuy.xg/databases/cc/cc.db-wal

                  Filesize

                  16KB

                  MD5

                  676cd87e6a55fe9dc6d29d89e793e7c6

                  SHA1

                  ca649a83a2f919f7400b76fdb63aeec436944238

                  SHA256

                  0be281648e5749a2a34fa9f681448a4509b079d48b011f31c87e899598c373b4

                  SHA512

                  e0b36b9b4f3c6291e2af7411aab7d98b06bea9441ca04d644560fe79c25158e861dcafc46b3f4078f6943157398b02b39ba0690348c4fd06f7ec1c1513faa301

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  32KB

                  MD5

                  049cf5357645e90700822a4557b6af09

                  SHA1

                  c7bd952f49ff8ff62b840945064e762b91371da2

                  SHA256

                  88beeb14e858d7eecd199638eacf672863bebb1aaefa9fa6336fc936fa57bcda

                  SHA512

                  60cab8e33d93470b52da052f75b2b434081187db5f70b64c3b42a7e1ac333ce2ea594e58f55cd66d5a0f1a7ebff738b7ab0a9b5489330f6500dae3302bb0478a

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  5aba5120d097f5ab09f8571f2e746fbc

                  SHA1

                  719b58ea8ae065bdbc4d48003fe8a6a699a75654

                  SHA256

                  12ecb462bacf9c71f71b842d18bbdd2768e09485bbaa2cc8ebafea68f2eff05c

                  SHA512

                  3785a120bd40506c2db1e09563f4bc799793965e2877e0fc537fd59ff543ad702fb3fcc0e420494a932d9d1cd41e86824b021ec611a770ae232374e2f3a3747c

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  cfd0cb145ef63694bc8dff41653d7bfb

                  SHA1

                  6a14cd095972e28b08f223f71f457c19a9bcd453

                  SHA256

                  e026ee7419ea5f928cfd66610ef0c21eb0201ec1b96fa4e5392cd306870bae99

                  SHA512

                  27ed11245631292ff651f44794ceceabb57d59927e08acaf0de60ef220e2c2e530ba264a54d5c0902669fb90c70d596ffc8a375452d4cfb7fe8d291b58a09318

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  32KB

                  MD5

                  d604a3bf1f8d992cc320ea5b1f7609bd

                  SHA1

                  247f88df0b55c7d523ea5398637711a0e4a483a4

                  SHA256

                  329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

                  SHA512

                  67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  3af1e346d0d9606242ec8ac41d1fdf16

                  SHA1

                  61b10276b2547e66810be2b4ab3e9afbbaaa1553

                  SHA256

                  623dca21b109a8b86a5d487e261afe1a63b089f65d265a8791fc87647efa6120

                  SHA512

                  4bb3814aba7d9e70f48afe16585d41641761c7a00799ea1124a3d6880821c59ce275d4a71337dc359f1b7dd2146913a68bcdbe7c637541089a74e951b9def28e

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  f0c12da4358a9146310b1941c0e44739

                  SHA1

                  2ac8f35b555ff815d2fad13cd927dc192761efcc

                  SHA256

                  5ebd009a877a3e0c8d745f3e821df8f9291e96cc5500a1c6a21ee5dcdf457ed2

                  SHA512

                  a8ad8baad557ab6cb89e3a9ab2a36add17bc0e9c71c78d47e13f522df3146f1d8ed361312ce23d62ab2bc77ae8f8942e3abb1d26b864a2749acdb868348ae19d

                • /data/data/com.xgbuy.xg/databases/ua.db-journal

                  Filesize

                  512B

                  MD5

                  c89af4b8239b7705b81fa6bba269b77b

                  SHA1

                  93464c1356ddad3e2a0a6086242006d67e88e582

                  SHA256

                  dbaa6bd8d150155851ed35f17d6467578b352950f3406be28222b1b1a370ecf2

                  SHA512

                  8ec8b7c5d01f4a80a56aa07b97210a0ae2feccf46fac892e545c1ebb0635d04791d3dce222ee2a3d1dd524a079f864178491dbf788191d2753076a71215285b8

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  56KB

                  MD5

                  eda7b041c68412e02f0bdd7757e7c83d

                  SHA1

                  dc9a181faaa32ca5d20d9ca8be75c0fb9d1002c1

                  SHA256

                  44bb14c50d14377833e5d09139b786b72b4f31dffdc18493690dad8eca3003cf

                  SHA512

                  66e19f5cb4eb701af01cf0a0a90ee9bf57955c6ec678da4b6eb79356d21c63e4936ce099185da95129471a3325b6665a98ec6c6ba13568c02647e0065c3b6e72

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  38eea2c98cc9cdc25feca7710df5ce97

                  SHA1

                  fa29adf17b5ade53833f422806c68b0b7ad6878f

                  SHA256

                  fbb67f106ddee54cf8571703f5ca8170151586085d5e3aa5967e4f610d40471e

                  SHA512

                  a6fa5daf3676479f1b0e27a82439045877bb45aaea32cced78c98c4808423ebf3f3880f84595dab253f4366ca5c4ce81d1734553f890751f0eec8eee28829d9e

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  3935acc29a274412a77594592f9d75f1

                  SHA1

                  0c762a1ee3cca60aa371d0919404d5b8f981e628

                  SHA256

                  55b82fcee251d43ff28b65257ba198aa0007674af8c22568d73539c2db4b2ad1

                  SHA512

                  caca412bdae9e5d13ae3df2324ada4569eabeaab69af3f6e6d9488a99a423e8eb08b241fdab7cb525e7632021177136790c7d3804e0cfe4f81118fa6da41ccc4

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  8KB

                  MD5

                  1a8dade2a28b1bb463188cff3b6b490b

                  SHA1

                  a8cf5edd3f4cefe55241bfeee282f57a5a3d9733

                  SHA256

                  bdb587d3d3aab71de6979df086fc3ee2059b7f971e1796768d87e648486f4278

                  SHA512

                  af949ba68f11a0b130ca6dbbc604085bbff22fae71ed2dd4e3dac92d6b009342ccb3300ed5a8fdfa4d40a5f22966fba8087f7d9054fde9e012efe6e4181cafb3

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  bf92e6854ffd883f4a62eb2f74081917

                  SHA1

                  170684b3e8102ac4438c997c55923d3348ca189c

                  SHA256

                  1ea4f073302e2f497f40d72e620a5abb7b48648eaf114fcdc2dd7882f46f3282

                  SHA512

                  4f6b5d7045ae1aafbce8b1b9116f8fa6dbcb69783815a2d9aea2d08ae9498aa1e1f6d4587be848daf0a7db9f589c637c7bb37e8ffb2029bff19e1e912076250b

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  6e329eda1e0e960d36fc653d349ad66c

                  SHA1

                  d7f5f59f03939b839a7937c07349ca3a7f57cfbf

                  SHA256

                  5a17dc320c9819ae80382b217f95050ca60b264264ef7c9db76ffcea54b0755a

                  SHA512

                  2b63fa10c645c16773adbd48b372d37d6ec2cb4b4a0c578c54e65df9946ffe796dfe8801ef6cf92abedb6c01cb09fc402bcdcf4e797b3d43a42e8d9e90796893

                • /data/data/com.xgbuy.xg/databases/xinggou

                  Filesize

                  4KB

                  MD5

                  f2b4b0190b9f384ca885f0c8c9b14700

                  SHA1

                  934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                  SHA256

                  0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                  SHA512

                  ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                • /data/data/com.xgbuy.xg/databases/xinggou-journal

                  Filesize

                  512B

                  MD5

                  cb80fb6758db242ce6e9bd234750146e

                  SHA1

                  aa38b1c493df506412a5489126de77440da89790

                  SHA256

                  be7c48917db9aed33b32363f25be6d9e85a3549e663f3a11fbc876328849afba

                  SHA512

                  cee06a8693ae298e02d1620c55fdea3822da1209ba92cd4631b762f3b9583babcc8fb472f59d7e28baa19c35d3c8ff8146c75aaa8dc4e95164f9850a6b97d39f

                • /data/data/com.xgbuy.xg/databases/xinggou-shm

                  Filesize

                  32KB

                  MD5

                  bb7df04e1b0a2570657527a7e108ae23

                  SHA1

                  5188431849b4613152fd7bdba6a3ff0a4fd6424b

                  SHA256

                  c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                  SHA512

                  768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

                • /data/data/com.xgbuy.xg/databases/xinggou-wal

                  Filesize

                  48KB

                  MD5

                  355ff1860e4887740e5f9d064e05f64c

                  SHA1

                  d8c6af3027d3c7e5a5eeed28665eb79b96ea8e3b

                  SHA256

                  9dc93413191c3a9df246d177cee2ce34b31459aafb88d75566643d1334241615

                  SHA512

                  a516ae25258aee593c5e94edc6508ed1955c63ce21f6c0b12948b37cc728012d0dfad0aed926762ba328f6a4b0023ce2048034b72be8055dd5c44378feccece7

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  40B

                  MD5

                  3911ad10a2d9a4f7ef7a09639a1b8cf3

                  SHA1

                  d8d5dae863fe04bef8d987202e25e065efce1e1f

                  SHA256

                  0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d

                  SHA512

                  d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  40B

                  MD5

                  81024874f926b0c0c9e613997c9370b1

                  SHA1

                  a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

                  SHA256

                  da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

                  SHA512

                  8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  6859b220added791ce44b039ca704a4d

                  SHA1

                  7ade402f6deea8245930ba7833f3d816920bec30

                  SHA256

                  f1834bc8c9d1f4093bfb2bb6d2bc7def5db0fbab67af2ade47f8be1815881b65

                  SHA512

                  73e4794704d62880b4d7a7f9a2e6b6ba88abffdff4278bc5e3bb1e3601501d6f1bbba9b676678f86cfcc0015e7cbd1651c17d005ad8580c744bdbe34954accc0

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  015f27b0da49821b3833fe2ccbf21551

                  SHA1

                  557729275d6be48e279d687e970695c6e0998259

                  SHA256

                  69d26aaf02ebd2e1eb6e69813ef295dea6326c0fcc915c136eb3733778860f27

                  SHA512

                  ed1988279e318e3e005ce5f0955e7311afcc775c74480461c41a19e7dcc62c43f268b26b1f01d4399e5166c547db646c58fc683c7fa7853208b4b56fbd0ba33d

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ic

                  Filesize

                  40B

                  MD5

                  1bd86b90e1b355f123e5ce8c93c3de53

                  SHA1

                  bee5683d6124650c8be0b3740ad66e771f29b178

                  SHA256

                  3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152

                  SHA512

                  6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

                  Filesize

                  314B

                  MD5

                  9592490881b1f0fdfe2630b50b706904

                  SHA1

                  b30edba0482954f552e00070870dc2a7c220be3d

                  SHA256

                  57376f9d256a002e13baec36475a0097c6986d82bd11d0e2e48cbc747319d5ea

                  SHA512

                  521b57d2fba075ef1289376a0de150ddcdf95e955404a6bac33e689738e796b7c1cf87b71001f7a29781bd1f7191c7e4c3373641a092953959ce6b0bd0ddfc9f

                • /data/data/com.xgbuy.xg/files/.jiagu.lock

                  Filesize

                  27B

                  MD5

                  7c94c38aad4d044e1e40715b2215d7b9

                  SHA1

                  d3958178345020d05f967b05911503a500bfae68

                  SHA256

                  826594ce4a89903548de640bad988369e4baeaf944c930f591ae2fde67428bd9

                  SHA512

                  928582468f60b81af7d85b5faa5842ba83c1de71304f706b9d699f6486ce7045de54800ebdd4096afcc2df1afedeb8000378fd5cebd42908e90b0af832f83e33

                • /data/data/com.xgbuy.xg/files/.um/um_cache_1716092497931.env

                  Filesize

                  1KB

                  MD5

                  386902974877cebbf3de354f0a99beab

                  SHA1

                  488686723c1e8ffe98fab3db3db24d52b39d6ad5

                  SHA256

                  d3d3afbd73d763d86273e01f06a7f92c2a22890bd6089e7b12598b87b36f399c

                  SHA512

                  3b8d097dc53c83aaa227e34ea16f00e8a1e81d53ad0c1136d4801cb52200397e7856579f57bfa38b3efa20f776212d19a0d9ab8cf7d33ed7587fe5d22cccf175

                • /data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json

                  Filesize

                  162B

                  MD5

                  b37138364ae1e6ab46b14591db427afc

                  SHA1

                  76bd28ac9ad0349c149eec93b23725e7b13de7d5

                  SHA256

                  aa4bcd083a47239e5849cbd964b666e1ffa7abc905357a6a1672c4775392a6b2

                  SHA512

                  db0546f742868322a0e15fe5bff8a842d9c1cad573370d7881fd407c627248d71c8f2ae51fb5295a6ac65ea53fee33e456facb5144683205530eaf38c7a20fbd

                • /data/data/com.xgbuy.xg/files/exid.dat

                  Filesize

                  62B

                  MD5

                  cbfff07dc2c5cbada569b7e1f0421f1e

                  SHA1

                  b5769017a7b9a82ed706f4a9aacec7f709abc1ae

                  SHA256

                  8ef66971e15808f6653be5549e7adaff4d5101241c95862d652ae16244557104

                  SHA512

                  dba9aaa1506d6bf21dd3dceed1c944f0c8c555b3e33b6ad7bf3fe1317b285a6db5dad924fe7db4ccbae77bc9b8dea9f17acc67167dad10f729e70d11820f2d18

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  131B

                  MD5

                  c9f7eebbea6531e6ea0c68d8267bfb9d

                  SHA1

                  20623b7951279e74dfa23039f0228c7744d14ef7

                  SHA256

                  d24f55406d27335a13ad9f07063b6b6e5c9e2c241b8a6c45f8177749a081e333

                  SHA512

                  0044b0d2199de8e345f74fc3b96178a1d637f56f9c538461898747417cf6c5c58e4620f4fe9f34c8a179f21adb03baf0efd4202711a004f516e034f374b84357

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  188B

                  MD5

                  5a9af4294eb69ab71aa0ada6daa5f182

                  SHA1

                  4b81e9c2b790594940c4d379fa7b85f6d636c459

                  SHA256

                  85601310d824d659876606d2fac678c1cc9b5bb3b7dd36428828a17e26d5cc8d

                  SHA512

                  1be302ba921476d2e4538b4ed30ca2fe3a3f44465fd8b8e0227325d68e19a5f0acc6a2881310f43a989b652a25059b812378aaf2c61d5b8b34706bb8f85e538a

                • /data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240519_log.txt

                  Filesize

                  201B

                  MD5

                  863498ff2426991dd7a260372fd881b1

                  SHA1

                  9b992aea1e6f032a8151dbfec905a0e0b2a224e1

                  SHA256

                  4ef5f3057ac9ff7254c0e30b08f5a00f321866f291fb453d8249d901e75640b5

                  SHA512

                  fbeee3c1b45bc22afc3093b7a4aa2f02055f8c4dc2f7aa7d1b9fe3b0b661f679f8a0658357b23313238bb8fd50e0f9ba125fb10b1556abbd58f74fd1bb94851f

                • /data/data/com.xgbuy.xg/files/umeng_it.cache

                  Filesize

                  413B

                  MD5

                  de0e942f276005b3f4e0e5c00908acfb

                  SHA1

                  a63a97884d7abf60e568179454ac9cf40a28f0fc

                  SHA256

                  5550a166e4c6a8138919be121479dad1bd7cb03403c22599545d1e3648d1ba2d

                  SHA512

                  f45581956478b528b27d3f7cead3c3cc755b7ef04870fdc347f9a98869a31ddea14a0c9eb5c7fbe739b8de6dc8b9d3da3d99427efe3761330a5c87983e99bcc3

                • /data/user/0/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  6.2MB

                  MD5

                  63fc865b7765f587895d81d6a80fac9b

                  SHA1

                  9321b3cfdafe0530a00d99f112bd9714d6036632

                  SHA256

                  b9e199751c6bb19a66ec161748b56085a9119dc7fa432c0e911f0672cd64152e

                  SHA512

                  e7236e95d4de7d3dab93ea34d4f421b3aa6196d4e2646a289fa2db361d9a53f05664688fb4a627266ce2e382533737c8e4480a38c67aabdbff8b04eac83f1950

                • /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

                  Filesize

                  6.5MB

                  MD5

                  34f231874b58dc18c8c8dc5c5aacf41c

                  SHA1

                  cdd5b680bca4760310c17505ba709c1fdc482264

                  SHA256

                  ea5d90d35e04d8d09a363bed5bf525fb3eef47cc335ee56537b484c899e9375c

                  SHA512

                  c47ab48d2fe484c2e7b9a3781bd551418a031cdb08ae927256218d84e8261db864a4d9f1188776f7553bfab62f13e8239cadd9dc0111dbeaae37728997ab73e8

                • /storage/emulated/0/360/.deviceId

                  Filesize

                  48B

                  MD5

                  1d8d16c4e3b19ebf18988530d9b9a757

                  SHA1

                  bc94c1cce05cd848a53271ecb9c5311e27ffebf5

                  SHA256

                  abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

                  SHA512

                  4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

                • /storage/emulated/0/360/.iddata

                  Filesize

                  32B

                  MD5

                  5bf85148841d8383d6d7b986208f4e57

                  SHA1

                  3ae0cec3700200310342e6fe027dbf002e8dbb87

                  SHA256

                  5c84aa5fca03441f84293fdc45f10fe0873daebdee032eb82ffee4ce4bf8654c

                  SHA512

                  900486ef249d3e04f5cc092b1203a3a447a80ac84a870cd749fa428e850e13e2290d00262f99ebfc5be55cbd771c9b18eb0e4133cc668b6086fe525ceb1c96fc

                • /storage/emulated/0/Mob/comm/.di

                  Filesize

                  57B

                  MD5

                  70a42cba408700f9a6c01c7941a8829e

                  SHA1

                  eab01cc2c0671538795fb0b1146017dc099d0984

                  SHA256

                  499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

                  SHA512

                  8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

                • /storage/emulated/0/data/.push_deviceid

                  Filesize

                  32B

                  MD5

                  d87628dcaa6ac0f7711d164d4d866c71

                  SHA1

                  6d17e08cd33c59b2288f84ac8072ab4c1b7977e0

                  SHA256

                  2533aae57051950b934ff4bb4c49df9b5265f8e2b3296c802bb7abf67f16ca46

                  SHA512

                  9434bd006ee0fe1d00b732b6532d1aa0315d355fa4db970482f8c6c2d34f83747a1f95fd5f443911a623c2ab9a72e2bdc1d4b1b1f4ddba675e53ef5ceb4e43f1