f323902c3149cf10c2c79e1b6eb45be7660962b0621258871afc5f12e973792c

Analysis

max time kernel
178s
max time network
187s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21-05-2024 15:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63baa6faf06375ac9b8f6a90cffe92c3_JaffaCakes118.apk
Size

9.7MB
MD5

63baa6faf06375ac9b8f6a90cffe92c3
SHA1

8fcbfbf037d90c7e94d56ccf3bde87fa549323d7
SHA256

f323902c3149cf10c2c79e1b6eb45be7660962b0621258871afc5f12e973792c
SHA512

3b9dc1d920e905eeb79bcf9fcce0eb4bd9e191eb175d80bdbe5f58c456a26d6a532e22096d128bfcc103e304268177ca72e934d5e81caffe7e3a4e681184fab4
SSDEEP

196608:yDzB0MJqYHqOdwIiIswkISpDrnU30s0lP086hlwUvgNsGy6N4vdVKca:n8qiqbvQSpDdsucXhKU7G/2KJ

Score

8^/10

banker collection discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 7 IoCs

evasion

System Information Discovery

T1426

Processes:

com.yxxinglin.xzid5099:pushservicecom.yxxinglin.xzid5099:duwhich su

ioc	process
/system/app/Superuser.apk	com.yxxinglin.xzid5099:pushservice
/system/bin/su	com.yxxinglin.xzid5099:du
/system/xbin/su	com.yxxinglin.xzid5099:du
/sbin/su	which su
/system/bin/su	which su
/system/xbin/su	which su
/sbin/su	com.yxxinglin.xzid5099:du

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

Processes:

com.yxxinglin.xzid5099:du

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.yxxinglin.xzid5099:du
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.yxxinglin.xzid5099:du

Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
evasion

System Checks
T1633.001

Processes:

com.yxxinglin.xzid5099

description ioc process

Accessed system property key: ro.product.model com.yxxinglin.xzid5099
Checks CPU information 2 TTPs 2 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.yxxinglin.xzid5099cat cpuinfo

description ioc process

File opened for read /proc/cpuinfo com.yxxinglin.xzid5099
File opened for read /proc/cpuinfo cat cpuinfo

description	ioc	process
Accessed system property	key: ro.product.model	com.yxxinglin.xzid5099

description	ioc	process
File opened for read	/proc/cpuinfo	com.yxxinglin.xzid5099
File opened for read	/proc/cpuinfo	cat cpuinfo

Checks memory information 2 TTPs 3 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.yxxinglin.xzid5099com.yxxinglin.xzid5099:pushservicecat /proc/meminfo

description	ioc	process
File opened for read	/proc/meminfo	com.yxxinglin.xzid5099
File opened for read	/proc/meminfo	com.yxxinglin.xzid5099:pushservice
File opened for read	/proc/meminfo	cat /proc/meminfo

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.yxxinglin.xzid5099com.yxxinglin.xzid5099:pushservicecom.yxxinglin.xzid5099:du

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.yxxinglin.xzid5099
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.yxxinglin.xzid5099:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.yxxinglin.xzid5099:du

Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

com.yxxinglin.xzid5099com.yxxinglin.xzid5099:pushservicecom.yxxinglin.xzid5099:du

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.yxxinglin.xzid5099
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.yxxinglin.xzid5099:pushservice
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.yxxinglin.xzid5099:du

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.yxxinglin.xzid5099:du

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.yxxinglin.xzid5099:du
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.yxxinglin.xzid5099

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.yxxinglin.xzid5099
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.yxxinglin.xzid5099:du

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.yxxinglin.xzid5099

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.yxxinglin.xzid5099:pushservicecom.yxxinglin.xzid5099:ducom.yxxinglin.xzid5099

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.yxxinglin.xzid5099:pushservice
Framework service call	android.app.IActivityManager.registerReceiver	com.yxxinglin.xzid5099:du
Framework service call	android.app.IActivityManager.registerReceiver	com.yxxinglin.xzid5099

Checks if the internet connection is available 1 TTPs 3 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.yxxinglin.xzid5099com.yxxinglin.xzid5099:pushservicecom.yxxinglin.xzid5099:du

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yxxinglin.xzid5099
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yxxinglin.xzid5099:pushservice
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yxxinglin.xzid5099:du

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.yxxinglin.xzid5099com.yxxinglin.xzid5099:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yxxinglin.xzid5099
Framework API call	javax.crypto.Cipher.doFinal	com.yxxinglin.xzid5099:pushservice

com.yxxinglin.xzid5099
1⤵
- Checks Android system properties for emulator presence.
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4238

com.yxxinglin.xzid5099:pushservice
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4383
- /system/bin/sh -c getprop
  2⤵
  PID:4505
- getprop
  2⤵
  PID:4505

com.yxxinglin.xzid5099:du
1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4490
- sh -c id
  2⤵
  PID:4699
- id
  2⤵
  PID:4699
- sh -c date
  2⤵
  PID:4733
- date
  2⤵
  PID:4733
- sh -c service call iphonesubinfo 1
  2⤵
  PID:4762
- service call iphonesubinfo 1
  2⤵
  PID:4762
- sh -c ip link
  2⤵
  PID:4786
- ip link
  2⤵
  PID:4786
- sh -c cd /proc/;cat cpuinfo
  2⤵
  PID:4814
- - cat cpuinfo
    3⤵
    - Checks CPU information
    PID:4830
- sh -c cd /proc/net/ && cat arp
  2⤵
  PID:4850
- - cat arp
    3⤵
    PID:4868
- sh -c ls /dev/socket
  2⤵
  PID:4888
- ls /dev/socket
  2⤵
  PID:4888
- sh -c which su
  2⤵
  PID:4912
- which su
  2⤵
  - Checks if the Android device is rooted.
  PID:4912
- sh -c cd /proc/self/;cat status
  2⤵
  PID:4936
- - cat status
    3⤵
    PID:4952
- sh -c df
  2⤵
  PID:4972
- df
  2⤵
  PID:4972
- sh -c ls /system/fonts
  2⤵
  PID:4997
- ls /system/fonts
  2⤵
  PID:4997
- sh -c cat /proc/meminfo
  2⤵
  PID:5021
- cat /proc/meminfo
  2⤵
  - Checks memory information
  PID:5021
- sh -c mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5048
- mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5048
- sh -c echo QTJFMzg5MDNGMjNFQjJGNTkzN0NEQkIzNEQxRTdENUM1ODRGMjA6OEE5QjczOjMxOEM3RQ== > /sdcard/../../../../../../sdcard/Android/Data/System/local/_driver.dat
  2⤵
  PID:5076
- sh -c echo QTJFMzg5MDNGMjNFQjJGNTkzN0NEQkIzNEQxRTdENUM1ODRGMjA6OEE5QjczOjMxOEM3RQ== > /sdcard/../../../../../../sdcard/._driver.dat
  2⤵
  PID:5095
- sh -c mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5115
- mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5115
- sh -c echo QUQ5QTQxQjQwNEIzMEYyQ0ZDRUUxNUFEQUFGNTIyMUIxNThDQkU6QjEzOERGOjkwNDRGMg== > /sdcard/../../../../../../sdcard/Android/Data/System/local/_system.dat
  2⤵
  PID:5142
- sh -c echo QUQ5QTQxQjQwNEIzMEYyQ0ZDRUUxNUFEQUFGNTIyMUIxNThDQkU6QjEzOERGOjkwNDRGMg== > /sdcard/../../../../../../sdcard/._system.dat
  2⤵
  PID:5160
- sh -c mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5179
- mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5179
- sh -c echo QjQ1NkY5QjcxRjEyMzk5M0MyOUFCNzlFNURBQTI3MzdGNEIxMDk6MEI4RDhFOjU3NzNGMQ== > /sdcard/../../../../../../sdcard/Android/Data/System/local/_android.dat
  2⤵
  PID:5204
- sh -c echo QjQ1NkY5QjcxRjEyMzk5M0MyOUFCNzlFNURBQTI3MzdGNEIxMDk6MEI4RDhFOjU3NzNGMQ== > /sdcard/../../../../../../sdcard/._android.dat
  2⤵
  PID:5222
- sh -c mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5247
- mkdir -p /sdcard/../../../../../../sdcard/Android/Data/System/local/
  2⤵
  PID:5247
- sh -c echo MzNERDJBNzJFQzI5QjAwNTNFMTU5NjhEQzU0RkJDMTczOTcwYmJjNTI1NDc0YzMzOTRlMWY3N2ZjZDllMWY5ago= > /sdcard/../../../../../../sdcard/Android/Data/System/local/duid
  2⤵
  PID:5273
- sh -c echo MzNERDJBNzJFQzI5QjAwNTNFMTU5NjhEQzU0RkJDMTczOTcwYmJjNTI1NDc0YzMzOTRlMWY3N2ZjZDllMWY5ago= > /sdcard/../../../../../../sdcard/.duid
  2⤵
  PID:5294

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yxxinglin.xzid5099/app_crashrecord/1004

Filesize
236B

MD5
538a13f9b20dea73f14fcfa1cf4861d7

SHA1
733cc24ae32bd66c3493ba01572646224a5097fd

SHA256
3bfece81b296bb46857317ea9ebf378643acbd8113f7883696e9ec587dc54fef

SHA512
e1f64d16b05d351269f9ac1dd443cf3d227a48cbbbdfd9d558306e2e826d2b0de45b3c616753bd3962d653da1258f2540260ce6f1072917b212c9f9a77c01503

Download Submit
/data/data/com.yxxinglin.xzid5099/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/aliclound_httpdns.db

Filesize
20KB

MD5
a90c235b8608c5859038094c61868107

SHA1
13fd36a6b4e1d847fc2b3a2f664c0aab6bfac018

SHA256
37353f6f980deb07eac2f1a06a2f34ab7b35e98468a2776e721b36dff76cc42d

SHA512
36a80467bbfa6f42827fa14a44a7b7a672c9443e522f9e0b55db0bcf9aad9cc050ae47b3d8d064b114cadeab7bc220d41358fc6deb77e50ea01b62247c613635

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/aliclound_httpdns.db-journal

Filesize
512B

MD5
4ff9feea07afa1dc503b081c2412bc67

SHA1
545d7b874500416cc7e7e705bbdb0881efc4780d

SHA256
62dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c

SHA512
ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/aliclound_httpdns.db-wal

Filesize
32KB

MD5
0722000f142b65bf4356193546f67f3a

SHA1
9a36f36bcdf8ca9e11a268dc20ea9c42bf762147

SHA256
664c454b2d968cfaac26286a0fc00aa7675e9f4f6e9a590319ca87ff615a73a8

SHA512
f0021f05c6010631388b3efa5b604788494a0aad1ec85fd5338fc20fba879c94d4b603c5dfeddbc2f7021fa3ec10f9cc2b02cbf7985b6fc0d14bf10811fac35a

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/bugly_db_

Filesize
4KB

MD5
feb8396606f137937a8660c24a78166b

SHA1
5287736dc8f723034bdb9891237de715c4ed7877

SHA256
d999adbfe18377ac658496d2ec70d571e27baecd998591101478fd0679d5dbde

SHA512
33c5948b4ec9ad288ba2aade4382c94d305a32517c7f6b719cafefdb0e266ebfd53f7b4f976091a06dfa75667bbceb5406ce53f2db8526815fa16d801451f74e

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/bugly_db_-journal

Filesize
512B

MD5
0c7d062d6951f3aa723d930e72a3ea63

SHA1
99aa8a996d8ce7d9bf4bc97f5cdfc1a19e9b2df2

SHA256
afa4ccfdd6eed4e7f36de7a0d5ed2777ed2697d632123fa7d04cf6812ea7e159

SHA512
6b220b303b7cc95b5775ed18c7b0b97f4f087f4a52e0b996f41363efd91c3981c017765504394206e4090fc7d84cda208d7605fc2bac6753ea943dae0f0e709a

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/bugly_db_-shm

Filesize
32KB

MD5
1c4274aa7a9a5cac8c6d1df71e4588c6

SHA1
abaecd685e01cc68801292e3dc7085654a22feba

SHA256
3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be

SHA512
1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/bugly_db_-wal

Filesize
92KB

MD5
9fe685d285321502ba431ff3ee6db4c7

SHA1
b9747e352f996176bfa7163b6ae626d8d9f6406e

SHA256
da03ae5a32267d480ce4f8433f867fe7581a5bdc4cbfac1a3353c03b4a727b4b

SHA512
d017d7c9579e6ced7c911f6c903b658d1b6c880aae164555379ddb22f3fd702940f65f9b6fd8eb9beed0cffd9cd8cedd35421777445ae6c171c0f81e22e0c86b

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/cc/cc.db-journal

Filesize
512B

MD5
c7f704bdd91fca77ecf69d4b622083db

SHA1
e3ff3a18dad8023a422d2310d20ab91b33e09905

SHA256
bf5c71afd02ff9ff54a97182da698e356cf55e41c0ecd8f42162d789646d6e1d

SHA512
420c6ae426c9d5e32d5467a20f2b4363a87c179edc20e29122ee8a3c0cc5bc94b124256c51c624bbd99b7722ee34c127b547af38d8010413b26916b39bb95296

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/cc/cc.db-wal

Filesize
48KB

MD5
bf9e7d6a093ae87e5bc0b500b198716b

SHA1
d7e7bfef9cac97577530d317b5848bb7ff6e007e

SHA256
aa37661d00503495d3b0b7be98c74499ee81dfc2ba0652f9d83bc16200b07d9b

SHA512
8d71dc18e8a11a4752e566dc5ec541594395938af8aba0f772c6b01a85f932588d667f7595c045ec8914bcd78dbbb8c2af7d0ee789d9af67a9d737feb885b980

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/cc/cc.db-wal

Filesize
16KB

MD5
59994d3a299bec1c8e9e7a9948cd16f1

SHA1
eaf54bb2054afab16fddd2dd769813ee91fe32ef

SHA256
b1a4bd6313bc9aa719536bcd8ce7157ebe7ec5fd7f6df9e855d3429c58b7b458

SHA512
bdd5f260e82cbd4f18f512c6236dbfb6477025378b1a2913bb06ae6377fc9c743fbdfc29ccb2d1e4bec9b5c1c6e27af3006dd669d557dfd59ce562948c5fc6ab

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/gtc.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/gtc.db-journal

Filesize
512B

MD5
cbff940a1e1b21a967a7f469e79b9087

SHA1
523e1763310823ad945113bff804a297cd9c688c

SHA256
64e51a38e3d6deae9085328c29a78740b950355925840eb4ec0cfe675da92505

SHA512
da1ce08528034b5d24d4182894cb9c5f8f6af28d274bd59121aefd84ace74243a0209fa3080ec336894f3eeefc61ee6496b5998d3b278fff35bf71866ecf8612

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/gtc.db-wal

Filesize
136KB

MD5
5d2b6f661d69b02ba40c566eb8fda561

SHA1
5e8141d323e910e7b9eb2c9fd1796f5234d121b6

SHA256
ac8593c21a331c1e3788e9791f4c0d9176f313aa723bf31925586303b05ad296

SHA512
7c5b9cbd8a73e7888117ea648819a84617c06054257d2ef63762142e7152490fbb045a039cb96e4c30d77c03720bdfc37431856a8d1d29a0e53eece2c8b68420

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ishugui.db

Filesize
4KB

MD5
aa99281ce0cd69a9302f8b64b918ad75

SHA1
ccafc0e5fb16198e466b209a888301f4100fafe8

SHA256
a3cde8388c50e78c7b3c8dab1d0c46c64c375248031adbb6a5802e3da65bb431

SHA512
a8b80f09a555652d3e4b9775b6aa58341dad7fb120509e128df417533ba361353b19530306e8691f1ce5fc0c69f1a89d29bd2eb176291a5e85b945d14c9eb085

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ishugui.db-journal

Filesize
512B

MD5
b5ad300944b98fc25ebaa9007894edb9

SHA1
ef7d4194c7db97e2c85688fd010d1f0678500b12

SHA256
73422945443451c3b5f3f8792a2c86f3dac1daed5966a69e30870e2ee1c7d655

SHA512
251440bee74e8193fb3df8d7b7c9129fb2dd5dda30ad591517f9cad9fe63d77e3ae22e4a6cd7e0d7f0c882f6d0db95439c0091dd463cba668ad1a696d95d6b87

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ishugui.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ishugui.db-wal

Filesize
181KB

MD5
699f87cb86f54056e324f6ac5312c440

SHA1
ce74810c96568170e28e5121b513ba0400ed272c

SHA256
f9ee671ba18e3cef13155529610ad65044f358475022cfa6e478da6168a6849d

SHA512
233970df67efbe8e1164e9227233e6bba671f5735feb65833051976275958be5e50da8d0755b39a8481f469fc057da4631a6d401f609bfd0ca91a2eea9bd979a

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/msp.db

Filesize
20KB

MD5
1ad174ca6c4eaba8a1b11b7c07f13ec6

SHA1
d0492bc003ae9ab00fb5c32c74969512b0d83b83

SHA256
c68744af90be5dffa1bb31f68185dd1f02267c724d0de7908ee3cac7def8f35e

SHA512
c1e6ca91fc513a242217d43855e0bbd91e8de0c9b11cf3cb434465e575616663156db1ed7f1194bcd4dc93dc2356eb4504fe6ef6c3158c26faa591150a203da1

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/msp.db

Filesize
20KB

MD5
b5ceb56e82d6522955d0907b1e08a5c4

SHA1
579ea7cde98118a8caac70cd7aacca2d49fc58b9

SHA256
4748a4ceadd6dcb2b7a94de547b5d5285266d15c7cfbec66c6c3b7b985fa743f

SHA512
7f873eea8abb02673cf57bd54320f881fbfb0959e93c50decba0bd234c9d3d8dceb693c87806548574e72980759b34c717a20b0d5eb9fc1d1d78d9e4904cf0a3

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/msp.db-journal

Filesize
512B

MD5
29e518aa487dfa7233c5e1d578cb7a41

SHA1
11b958762ddd1af1cccc2b3fabec0f69776b1762

SHA256
cb29b6e6bae82f27b6893ae66d77275c9516cb95844ee33c0d7261bcbe54c06a

SHA512
1525c8fbc97bceec03544343fa6ea0f5365046d02787b4b764873a1cfae9b521bbabb9826cb7e5b9efc3fea4c26dd98dc0772a88a49ceb75caeb1723ad329c2d

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/msp.db-wal

Filesize
32KB

MD5
52f25e0e9a966e2824b22c894af0873e

SHA1
86853203be468338055f36082d006e013a0f4a9c

SHA256
71443217cf2eb54b9f8ce9f533b1c458cce840c66dc38c021fbf2974a9869722

SHA512
2dabc2c7e1ce29c2b03f0ea49fca523cc76cb0f8c00623054d3cf0040e063463f3100965374d4d166a136a40f8a45d3d79f71efa832d49eda435d2fcf6741137

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/msp.db-wal

Filesize
8KB

MD5
3cce20b65fbb8cafd06a13b19b63e699

SHA1
b79a889799f4d00819ac941426da6414bbb6da17

SHA256
aedd9012e9eac9899a84de3151413cb39ad3e9012b4d562aff96c021e25852fe

SHA512
7ed27fc19dc6cd4247b8dfbc9cd6df73932b1c97ac0be51766eb47aa538e945f9b9d42313d625fd2f1440b9f917936971bdf18ee8ccfca9fb67591822f58fe3c

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/pushsdk.db-wal

Filesize
185KB

MD5
858d7e3e6078c3e0eba41d6930210449

SHA1
e387fa743b6efd745805fd6ce9ccf9ac36f39716

SHA256
d069edc9d40b295737db74112f46c4e239c5b10e61799cb408cf8d8bcb78e508

SHA512
ad2975350cf92940c4ab0ac1ef49dc37c91f77ca13f028cba9fd65c9cce50bb7bf1b5782df14fae74f1c1f4c6cb2943147a71f9d544b615c43843ab34f0740aa

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db

Filesize
32KB

MD5
144c6a47fbd0773432a2307e7941847e

SHA1
7e3e0701a3cece5d06a1906324bfa361143bed99

SHA256
67abf71365d760b6c642c732ba9c5123195b6aee1025d4a759723b7d2436743b

SHA512
2610b35440a5e43da5aeba8333799160ef4584c790fe852e63a1eed950a5509b42515382c8e3b8171e1a7706ed1a252c211fc3a2f310cedfb20d09397236925e

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db

Filesize
24KB

MD5
3f053fd210a978d80e738477b6c46270

SHA1
b4caeeccb19460989f896d615f3ce0873490cb96

SHA256
e8d8c37150eb3770b7e3f935c0f750edbda90b0748dcd6792f1285f640bc05be

SHA512
54a1bc40413035ad2e12470360f414992a2a19b075926199afef4d789ed4c1a8ce40aec4638741b7d378352e39d8060f4d81502ac412f98ec42dca35674ddafe

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db

Filesize
32KB

MD5
9a895a63dc9e4f83ece4d881a47a58a7

SHA1
fb7bdccb1aeeffe936b42f08f8ced9068710573e

SHA256
a1e840caa8bed10fa78cc79de3c2c673875b92fcb89b261429bbbf0e607d1c01

SHA512
84c121857475201056cfa61fd673ede4dac698dc9b03faccb906fc966dbe0efa2c1d0a4d7e8e881ceb45c834dbcf018280a80f444ff258b057b289576a89c688

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db-journal

Filesize
512B

MD5
d4d4a855b3df1112ced7379f3f8850dc

SHA1
531ddcb1164ac461cbecdfc55890e7aac0fded0d

SHA256
1ded18c00bb014b78dd176a7dedfa48327f1487238c30f496a70502899d2ec7e

SHA512
af2d383f01496b24700f0e39c398960ef74acd295ab0dc33d6d6e8205ac7bf32971d104dac2607dfba88adb41ffe1cc7339846295a06115a763ab50ffbd12bbb

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db-wal

Filesize
52KB

MD5
799d06cc50c58d5d7e51b4eee9bb2f9c

SHA1
642d8454038308c9b13e96460e74d2b9f2b7685e

SHA256
8b80402c774c1075e8d921d78d41de0dabab6cba8c70ad501d3cfeea2f13b7f2

SHA512
0e09eb36ba0afa1514815f195b480653f75c6d1c8caacc09bb36a4e32eccfbb50d446a7ea575d2bfa04273acae7203e5ade915f811c74d7caf2d9033447f8e67

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db-wal

Filesize
12KB

MD5
759ea903e16a9f45ddb4f8d02c7fc432

SHA1
f2087c7eb61af4e27ab2fca10dd537d006531bab

SHA256
e89e555a09130ccfbc68e5147d8c5aa8f1d2f995986f8742d555ad270d2d8635

SHA512
56ec3463ef6fb46b09cd711f65f9662a74822c98a242a79b8edf548c0664141d528856c3940141cc0d4a63046687512d862211347d73815999d4d77108c51009

Download Submit
/data/data/com.yxxinglin.xzid5099/databases/ua.db-wal

Filesize
12KB

MD5
550cb002517bbfee956996ed56d7c792

SHA1
f2134f2c10bb4db78bede38ca875ba415f058a79

SHA256
a8ae8f5a6f78c9e32488b77f10c42c917c83d0580353288e76c829c3ec315244

SHA512
b7eda7419293b50b9a00353d0ff29aba3177e0c16ee7fbcba2463c9ce33abcb7900da90da9901105f1debbfaf15225d19aca1001e0ac9d54e4d7b37238d5b29a

Download Submit
/data/data/com.yxxinglin.xzid5099/files/.um/um_cache_1716304177973.env

Filesize
1KB

MD5
7ca38a25614edbd7a374f77011c29d62

SHA1
f2e5f00bc853f622f582011f8ee738ee57e8e285

SHA256
72113582851333b0ae245c85210e24188000ee8a0b24c58d98e6cce5c079df14

SHA512
7c9ad56f635a3564734bd8412f113ec7a8cee6803a3ea7918099d2d13b3e884e96b4da0b544dd7f010a8f9f6b787d722f2ce69fc89aac38ee37d2397cc03c49a

Download Submit
/data/data/com.yxxinglin.xzid5099/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
995ee2f62bfafdd3c58c039e88ea919f

SHA1
af0eae9372ab23c9d97ca8708ff9a0f6c3addbcc

SHA256
d3191bf006f10c6352083417397bf97cc9420c4e6e68500a851603089c34a014

SHA512
92a0444c3d2ef598fc05c3027dc62852f775e02b6ef2de7e48daf6f9a2c60cf898b45f18a1836be6dc78d8891abc8947eda434fd37cbd3d254302f8a552c4f9b

Download Submit
/data/data/com.yxxinglin.xzid5099/files/exid.dat

Filesize
59B

MD5
294c7a18e6fbe0834b4de8effb8029fb

SHA1
8896a7c2984b67e701a9a0051b1ede9832f93479

SHA256
8b32ab3a1cea51eecacff28757f3b7a2bfe65a7bf3678bc8788cdbd27273d287

SHA512
2339b726b47808b09e1d19ad348bd8a8bd7302f8ba825a6ccafae3c7828daccfcd94fa517113cbac8f44beac20d85a033ad98fc041f9414ceac31e4e871e897c

Download Submit
/data/data/com.yxxinglin.xzid5099/files/umeng_it.cache

Filesize
498B

MD5
30c5cfec00e899b5dee361de740d9153

SHA1
7d1c02c674c2c51ce25a10a2d45ad975bc97ae27

SHA256
ac84cc8d1916a36b63a04fc1c3779a0ea529340e8b9de2a16701ef8e9d054a16

SHA512
7a5313fd2df3b26966a410299a475fcc210ab08fc9b894a97c6084407cfe71da098267f139b9652ae66de014b608ff4d7530cdc6b45e8a23d7fa8723942e6643

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
32KB

MD5
b15b00bf90b7c93b3665eda88fbc4808

SHA1
5d90cbaee0798753afcad7e6555a92d2567dd02a

SHA256
92882182a7ffae56437ee1b2b3a68ddc0594b28c1e3a4254920023015cb4b429

SHA512
cbea5c61e2043c01bbf5b0ba79e45106bf011e29447317a4bc66560afb52177f2268f5fd95d84868152b25b1aa4368256392d24eed3f4fb9a56cb2eaa1b27059

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
512B

MD5
0c19f347f602cc5d9e87bfa8f0dc0171

SHA1
da61da0012342df002346eea0561ce7a2ff94ff3

SHA256
5b9ea345b6b7e632819a13c84845435312384bf2e098757a082c443d1cedfb7c

SHA512
1c85acfa6cc0af6cb3146504c36a54292ca252a0862e20c9a8a4b0a3c1608c777150c7306b550e66da251e3e3c647b4d3cb7fe2de920e0127c7181e6447c9d2e

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
bb9bc15321971acb0ac4314604b07017

SHA1
827bf15c07c65efb94e82eb1e228bcde1bebd2d2

SHA256
97c99d1209cef45d16c4a4c21e4f79bcea228ab8a0f994f1d4239324d2b9148b

SHA512
c641ad02d8a9c97172fa66b60f0341b2247b073faf87548f5e8af569fbcddcfcb6a5a2b44837a88be219aeb86b14436817131bf86ab2209565fc356465b9ab09

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
41b25d080a8789212f50f781af04b626

SHA1
a7ac48831608269601dbd931e3077e9a86a52d7a

SHA256
44438078a2157c2d3439a1f6aaba917d993fbb88f7173676d9b42238a997f728

SHA512
d18a854ba5d2980f70844906d3a74d4c2cc20d97d6052565f216546860311d90bc51382daf575be8e0247e0e6c189fa742dfd24d37605efb310ba016ca35f468

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
529B

MD5
ff32cccd4e65d767f2e99afa904ea437

SHA1
775a39ce881baf2183879b046b3806ee594538a7

SHA256
3b0df6716791be45036093c5aa924acbd5cfe9407c74fef1226dc71fe27a6e5d

SHA512
933ca79f1b4ac1fbe8286a4182a8ce1c0f9e6dfb2b86e54bfd70339e75a222be4bc4adba5e5d73c8774480616fcff36acdac6cd59de2b4ff889e8e1f7a7cb83b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.system/device/factory.dzt

Filesize
34B

MD5
54e0f52d251cf893b35d7f1a73a80182

SHA1
02b432a6672679a6d4bcebdabdc96eb931216f2a

SHA256
ede9c90fcbfd073f2d361b16dea712608aea54e1620b72ae659c38cc97379c65

SHA512
e628be7a0241ee0e636e3f2f47cadfebbe2b6af465113431a4f626edbd738bcdfe366a64ee6ec73511184b8996a7bc7bf70034511437980041e1a0ca9a482e05

Download Submit
/storage/emulated/0/libs/com.yxxinglin.xzid5099_.db

Filesize
68B

MD5
0e1d89c4dacc22ccd13c1230a7d47fba

SHA1
92716304aa40d7fc49045711547a37c5c1e30ce8

SHA256
0df968e615ec78f1be0b0a38857cc2b26b3f847623bf5611ecfc31c32e5e842f

SHA512
09e17b413105e675836970721a6c1f54d8bb9062fc0d502fe9f212606af7551c73767bd1625a10b778278fe975ee975342136d52a005e64ebb52ba662ec9da92

Download Submit