0565962e1208fa1a103825906dd5d6655adb49402dc015de39baf247e8baa84c

Analysis

max time kernel
171s
max time network
186s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22/05/2024, 01:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6571ea09f63399fb19ea404bfd06216c_JaffaCakes118.apk
Size

16.1MB
MD5

6571ea09f63399fb19ea404bfd06216c
SHA1

ea5ce0f136d22410e94b2c8bcf44ab9d674dc0a6
SHA256

0565962e1208fa1a103825906dd5d6655adb49402dc015de39baf247e8baa84c
SHA512

9e5e5b1b3a4b204cd74eb7b9bf19792c7d5714d570e96c8b7189cbbb7b0e1d8e0ecd97a352ef92642558d5c11aeb3074788a0c3ce572fb528f4372afc5f09521
SSDEEP

393216:yVhyzO7wksBuhrxIaMOxyHZBCODrPmPwcdYl98LAlxzvp6XunjbRy0:0hyzOcRBuhqHZBCO3uPldYl98LAlw4ZT

Score

8^/10

collection discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 11 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/data/local/bin/su	com.longshine.xindiantucar:channel
/data/local/su	com.longshine.xindiantucar:channel
/sbin/su	com.longshine.xindiantucar
/data/local/su	com.longshine.xindiantucar
/system/xbin/su	com.longshine.xindiantucar
/sbin/su	com.longshine.xindiantucar:channel
/system/xbin/su	com.longshine.xindiantucar:channel
/system/app/Superuser.apk	com.longshine.xindiantucar
/data/local/xbin/su	com.longshine.xindiantucar
/data/local/bin/su	com.longshine.xindiantucar
/data/local/xbin/su	com.longshine.xindiantucar:channel

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.longshine.xindiantucar
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.longshine.xindiantucar

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.longshine.xindiantucar

Checks known Qemu files. 1 TTPs 6 IoCs

Checks for known Qemu files that exist on Android virtual device images.

evasion

System Checks

T1633.001

ioc	Process
/system/bin/qemu-props	com.longshine.xindiantucar:channel
/system/lib/libc_malloc_debug_qemu.so	com.longshine.xindiantucar
/sys/qemu_trace	com.longshine.xindiantucar
/system/bin/qemu-props	com.longshine.xindiantucar
/system/lib/libc_malloc_debug_qemu.so	com.longshine.xindiantucar:channel
/sys/qemu_trace	com.longshine.xindiantucar:channel

Checks known Qemu pipes. 1 TTPs 4 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.longshine.xindiantucar:channel
/dev/qemu_pipe	com.longshine.xindiantucar:channel
/dev/socket/qemud	com.longshine.xindiantucar
/dev/qemu_pipe	com.longshine.xindiantucar

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.longshine.xindiantucar
File opened for read	/proc/meminfo	com.longshine.xindiantucar:channel

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex	4526	com.longshine.xindiantucar
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes2.dex	4526	com.longshine.xindiantucar
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes3.dex	4526	com.longshine.xindiantucar
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex	4712	com.longshine.xindiantucar:channel
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes2.dex	4712	com.longshine.xindiantucar:channel
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes3.dex	4712	com.longshine.xindiantucar:channel

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.longshine.xindiantucar:channel
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.longshine.xindiantucar

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.longshine.xindiantucar

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.longshine.xindiantucar

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.longshine.xindiantucar:channel
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.longshine.xindiantucar

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.longshine.xindiantucar:channel

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.longshine.xindiantucar

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.longshine.xindiantucar
Framework API call	javax.crypto.Cipher.doFinal	com.longshine.xindiantucar:channel

com.longshine.xindiantucar
1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4526

com.longshine.xindiantucar:channel
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4712

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Execution Guardrails

T1627

Geofencing

T1627.001

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex

Filesize
7.2MB

MD5
cb1e887ced4f00496cc50c046f5bd891

SHA1
19094112cea0418534b360263b6eb0c3b1c19376

SHA256
ae7f68cf1a9894ae674da25344e79b0efc0fd183710f171918657baf101c9037

SHA512
9cfafb7a9c9ff884de2f5516fe38c8f130eb7d29a7b9bf330c0912c7d85849efac819db783111f402d58dcb6fba71b198230d26240d98b2ccf3d3c927980e719

Download Submit
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes2.dex

Filesize
7.2MB

MD5
15cc9c08a6f1c525ae267ed9da591995

SHA1
a33c7e81ca8f1b4f998ba6bc51621cb876b1df98

SHA256
6832395a24eac7c6f111fc1b2f9946327434298b83e3c4730f5655190d52fb19

SHA512
492513bf6200dcf6c592decf22914a77fb19d2c71df8d4d73b58cb002131b8e4c7432aceb927041594ba1658eb65997cdab67c29e63e56d589667db2d85c79eb

Download Submit
/data/user/0/com.longshine.xindiantucar/.jiagu/classes.dex!classes3.dex

Filesize
4.0MB

MD5
483e9eff8efe26ded646be2540c3ee00

SHA1
c9a2e6dd1559c88ece1b7659ea48f1cba1555c72

SHA256
908026f8bd24197fcd946cbb66f00e28e78ff247f5653a6125b88e9e1f3fa844

SHA512
470593e7d1ae40e3587baa215ed7785f0ca894d6c1cbaa7f8dee15f46146f23d481c81c599dd4286facfc49882874f9282053dc45342fb69d54756108b1396f0

Download Submit
/data/user/0/com.longshine.xindiantucar/.jiagu/libjiagu.so

Filesize
477KB

MD5
1ed88aecd49a144fd094484a3a45c9e5

SHA1
99c4cd22d05b3ba40ecaf2fb9b5dffb480595423

SHA256
1c38f2e98f1e8252c9651ed500a43faabaf075175b44a0ab35938426be9d3e8a

SHA512
96e4fc8d756e7397b909a0208d81f51e133059fb68eeae7c1a54afebc4d8dc5d3cd602e2a398ff81d66910de79ee200d868c3fb8f33bb07f326b87525ca95959

Download Submit
/data/user/0/com.longshine.xindiantucar/.jiagu/libjiagu_64.so

Filesize
513KB

MD5
44ee486c6bfd602bf74733f221bd2077

SHA1
2e0c4a3f15b8e041bcd1b1aeace92e26cdc663fe

SHA256
7e4562345d0031ea40381cc593356a5ed7bc003413b4958efdc5d1556cf20b7b

SHA512
82eaa06a03cb773e3279f83db3b9684de68ea578606dcce17b87464fe6fdee95711ef55eec6be3cf698ce0eb19d636ee35bd6e286d92bfe427b2c04fe13f32e4

Download Submit
/data/user/0/com.longshine.xindiantucar/app_crashrecord/1004

Filesize
235B

MD5
00d8ff15793fc749b3ad86738c646c56

SHA1
bc282558c682f3970577acdcc06f76a2653a9611

SHA256
00ae07e801f17d7d70e431ab82240aaa9815ebb737959e02e73ec788725ef428

SHA512
8cd1e445dd20c865fc3c6b4149ae5210c0a0b4c5648f5f3c47e60468a4c89220c54415505ffe07d1625794243d5be5f452fee92ef29f0bd151a2e69a23cc4e3f

Download Submit
/data/user/0/com.longshine.xindiantucar/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/user/0/com.longshine.xindiantucar/cache/tomb.zip

Filesize
637B

MD5
4a64860f4bc5865e3578237081ad5119

SHA1
892555eb935655d7323ccccc9173d5bf21ff746a

SHA256
700798938b8949c6dec111e668456442bbf9337344e76c53c63f9784bf5a84b8

SHA512
44414313cf6164fe55ea2e7951b145b30a0fe94640db02a5c70a7a5578d38b1fef83567847fb622eff2e04a5f606b774c5a22d505ea3de56225b2bf528dba76b

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MessageStore.db

Filesize
36KB

MD5
6a7c3fe2f23aecd4fb8bb2ec1f178b20

SHA1
2cc30ee54babc4bf1d6ebbacb1e075dad8b7aaa8

SHA256
05dd1623b6b7153fd1ed738e77fece7300ac3e38d649a9bb2a114be42885ad18

SHA512
60be9d9aeb281106074ec8831ed212a5a14724846705e0f385aaf7b181b92c7fb7d4f0eef1da579d29c36a7e502d0a0a5f91076dfd35c00cb44461e238a5f5fc

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MessageStore.db-journal

Filesize
8KB

MD5
128b0adff58f48f1e3ae5a22da51ac42

SHA1
6f575cadc01f08beac2877994b9f87227923c0e1

SHA256
2263effe307a69ae1151e41a10ee06791e6c22898f7d0e9f374a45b36591d1f2

SHA512
e057394fa54374db403292c8a78b95ffc2d743fe86d3a99f7f3c7c25b6ccf74793cc9e742fcae5b16967758ed53b6372bb79a0af6b61b45436052de792738c53

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MessageStore.db-journal

Filesize
8KB

MD5
d0c9628604b32b465b6b591d63dddc56

SHA1
a1348a00ff37cf0c69133491d3573388673c3950

SHA256
5659b044b1db5efee63d9292e920de00b9918d8b025143f7e7c26af7e77362f2

SHA512
4a2366bd6a9e05401541f2db9d0ca05bfcc1ff18c36c22298f59b497c320c98f41c83f524447220bc233a4dc099590eee0d89249c557a4550bb7747b20d6f253

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MessageStore.db-journal

Filesize
512B

MD5
81ff861c109386c3647211e8e4ce39d8

SHA1
8f451b37474cb78c8e626f42bc870613a59b04a1

SHA256
f40a85f9c851b9c672a827d3cf06ff11df1b34035e53be1d1a45d3cf5e3b020e

SHA512
201a6bb4673c50f6dfbf0da112a6c3ea48cfb7d1f10c22072d1f770be8dfb47ddbc10b8f4d6c78135202b05ec6f134832803b8e074524977b49160dd2625cafa

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MsgLogStore.db

Filesize
56KB

MD5
a7bd2a39e1dd89648618619098faec18

SHA1
81c552489ec2eec9c35d93b97fd405951abf4e88

SHA256
be62dba627fcfc45c713f640c355eaddc2f55a9ea7c7feeff3621beb2c924689

SHA512
b7f654cae2be962c1ed6dc147fd81f15d186fa9be72b2f98a340c98520ce83e77b90ece43eb9b9dd58c30d4881c16764ff0093a71d566988af586e1bcef9c886

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
dc3f30e759d55e090d1eb1d2d89663cf

SHA1
cc3fb99591cb7b77543624af53e4b56726d19823

SHA256
c87bab48dd8624c29eecc48f5fd7ee273c20fd7d3877d3b7b4b7c7112a006ad5

SHA512
a824a9df4d83bceaea4fb12782c8c37f8dee5beea1ac5abe8cbfa51a3619be458912b7a49a2e71c401e56fd0b7703a7626396412f3dbeb6af35b40e0af562db9

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
4b1eb88579f7a2f3ab0109d75e3821d7

SHA1
1486c6ec94a57f3214a35127c51bf47a8a50402d

SHA256
c34224a883533c69e2f8400f4a7ba5069543c92767e96774f1e35278b2b2e31c

SHA512
a1886e839f229083edcd1caea3858419b2092acc9ca593f268c55649a2f22abdc329a2e4c02fbbb404145a1d246048f29610bd374e754751dea7847e9adbedd8

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/MsgLogStore.db-journal

Filesize
10KB

MD5
31ceaf2a69323267ea9f8db72b8f5245

SHA1
6735325eab6e81c7a8a53caebe2b6e9d26a8aaec

SHA256
9cb866f7d504896b752275e31ce11f99c64d25b66b2b02fa977ff16164c172e9

SHA512
8baa5fe3df17258df19711b62b3932bf0909bbd77a032d1c85512e44555f63dfc7c61367ecf2bdeea10df8fa874db59858259a070488beba6d375f49957a07b7

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/accs.db

Filesize
20KB

MD5
064201502ce25754236b3b5c12e24c65

SHA1
e2c89961dcf8306440bc99f7b058ef4680eacf0d

SHA256
b4ef8a71919ac4b6ef9a895a991b527f5c3316fd6204eb815366c9614dc71f00

SHA512
3f5af9d3e7fbca1c0a3f9ad5a8d8d8e1d3b3e3c79cfda89b6baef007aeafb4ec5738626fca1f682b73b0305a94a4e2bf17c0bdd4fc7fbacb80ed02c7affa44a1

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/accs.db-journal

Filesize
512B

MD5
5aac413a4d5cee95301aeb536bbfac7f

SHA1
b8b7f8bc409d7ae5d517edd67329a7b635a92f1e

SHA256
c27a090f8715a993829eee5b19fcbae031a884c71c53fc420cab984d39e4ab17

SHA512
891eaedb7ff76800437928390befa5a68e88bee760dd8c97fc5c5b0cb180fd8e02b82032ff8f7b15240c2b9185108e7bae34277dadfabb8512fb978d41d228b3

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/accs.db-journal

Filesize
8KB

MD5
338dfd6eb21964138e2bc0cd05d7d991

SHA1
50a698bedd4b3e78d0809ab2c5b2f559d7d6d288

SHA256
a71b7dac72a48378e5c14221c852c71159265ef6614bece553b7f5ed0f09bc60

SHA512
c00bd8e6dc04a854f25c21e32f2963af5b9f21843cf4b49f76c9a4d9838d9ccc8fbf50f1f324cce613523b3044e3b1fe3bce64021b70a014dbc414322210a2dd

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/accs.db-journal

Filesize
8KB

MD5
87343c0a8b2e0e1f138ed6db42921d84

SHA1
5cab18b0b752960d7c63ed93ef71b514e7d8854d

SHA256
a443c29a6a0aca962bfe60df79cca4a934001b57bd0a32effd6c71765b2514a3

SHA512
581d70bc0048864e5330151838778217604cf32d1c39e22d913d602f7719bb40c615dd375f6254e8a36d5032d090533fecec37548eff25699f56c4424048ab57

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_

Filesize
52KB

MD5
f22b64f5eec445abf89e8172329b2847

SHA1
c13eab267ce3126ef23e29cb4bd47b2f51c945cf

SHA256
678c21d422abd1ba90b6ad2f08d67af5cfda23381357b274e24ba2dd93416fbf

SHA512
3b60aba1d11317d43c5a31e360620ec2c17b8ff837be314f49235cf9bb551b28bae29663e34fbe20c24e220d14d74a65878d2bbb558fc3de5a30776bc152df7c

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
7dce98f298d0a464d7a54160a59a7b05

SHA1
7a33c8f0e427d6d00b6a7bb65ee073592a2baafb

SHA256
496d344c6d5cee41d93d795519364d2bbd5d7adef40ad4c7b1507f4478bfb5ea

SHA512
d1e98a945960f0316b757fd3fc7f5e1b6b3c7aa597bee4e3105f59e9ae4254d15f93959898e52adce0595bde0cbf462050e54be7eeea5a3fe6e794f30530ad12

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
5e1d8604d6951099fdb1a6a4723587d6

SHA1
ec88cc6e75211b73c7771e431c4fcc8b7a30fb19

SHA256
9cd4c2cb9d8aac86a919923dff6e19a302a33b501ce15f6e74ed84234401915f

SHA512
d99bc80782ee679f9848f5bba3f1e76920ffdf6abbc7d6af7c932c34df524f6893f49015b69d963d15a9617ad781c7d65aa44d1a0c1f159b2d32c45497ec3689

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
55c6ab53c1b395d2f524894340d3e070

SHA1
3845d8739b7080b832d3324c6e234b4bc65c3440

SHA256
dc3c0a5a59bc9b1242855fdd4c9af43b98ee2a80572e23e7379028049cc6f5a2

SHA512
820e1c131ab97875b2dee999da0ec9f2c71bc88b7cb36df4c41ff311866686e616d005492fc291daacd828121f06b1189a33bafd258886dce802cd70f4c9ada8

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
f50e7016d06ead5c8d622458d29bc775

SHA1
7b43d92a1e16ceb5ac0502159108b0cd17cac60e

SHA256
d586981473af2595e3d57c1f3ed17dad338d246523ab2c7ed38235a4fc59a2e1

SHA512
27ae81e27e4ee29f9bb8046b419d873208e1462cea166e8aed32b25a59cbd6f2ea8dcf680ff3d3f3912f6181881bb7d8aa3c2bdd1c2fc56ee37f12e900a6d850

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
d662fe57674cf6ae625c7b530575f24e

SHA1
b7598fffd86e1f0d754ec65b619e39f7adae445d

SHA256
e11f7d47f917b6977f1c1f63c85ec964bad2f2c53495d2e853a33f981a74bafc

SHA512
07c17e85a9d6ed805987fde4a608757cf2374184a240cae121ebdc932ab93b99807a0f1392dc743be540567cf7ac6f23c339827dfda59787590035798284742f

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
8957e022c112a0d94eae5bbe57e8e331

SHA1
92f1506e0026b45522fb04f3d3fc34c114ede6e0

SHA256
3252554b98bd1a1bb3337e5f804260706657937a0b2b62b431689d51ea99c8bc

SHA512
8e75657d130b4a2706a038e044347eee7b856e1ad9174d0b0a8df934f0b3adf110093d9103f1f59aaa490a38238712134f4837fcba730680066557910f7efa12

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/bugly_db_-journal

Filesize
8KB

MD5
52deb3524a6ab2720d6d373c7ba8e723

SHA1
b01845ba03b8d4e39bbf8fdebe20779174339407

SHA256
c27e6e6d76027a5feca05090359fb9352027a43a9796c4a0daa538eceb526280

SHA512
905a601e533126134a0e38a2a1ac91d9c357e07534d8d2ccfd51f8c524356c8739bdcf70feebf7eabc2ad5458af5dd2ebf7a7f777e5b1c65304faae9f8eb4b1b

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/hmdb

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/hmdb-journal

Filesize
512B

MD5
1c738d37e4912cd7fdda1d95a1b38e5b

SHA1
18968b6286c62597f6de40cd91c9009e9a758e40

SHA256
083c95ed7ff592c27ac0f7b1d2a1a63a107e69d5756df7587b48bae55b3d0e36

SHA512
7d2b5a7baec8d8f064e55180c01cec99d3f2d4717a2dcdf082f0c1be8165773054f6788d51475450c496088274a509f4ed78d85ed3d018ac055acb97a54053ca

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/hmdb-journal

Filesize
8KB

MD5
34fa020daffab49f3e923d5b0f053a96

SHA1
a15791a75cd1d3b75ea90b65b30819835575688a

SHA256
b92695c8b619e80e483cc1ce958c011923825e6a22cb8bf12bd0cc7f926c2946

SHA512
91d9227307ea2720c55cbd03f54afe45c178eae4790757ef2d59af45fd152b7825ed8f7e02d308600a4ade8fe3719e27daa1c8842056de597d697a08a8ec6104

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db

Filesize
36KB

MD5
a925951bbef27a9ea507f847a6ceaad7

SHA1
34b73ba1b11a2423198826f820fe87a1b8cc13b6

SHA256
1dd2d23b7c64bde28175205a16f99abac0aa5938d31812c095234defbd1f917b

SHA512
4ce18802068f8549fae1d3c594423476753deb776c57acf8ddbacb47360db50c922452db037b3c2d852f28147781c6532a141e9cfae51772b96958825e7ce5cf

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db

Filesize
20KB

MD5
f8b2fcce8d0949382805f77219667866

SHA1
7e3bb55581dda22da14c51725f65f158e85c82fa

SHA256
ad36f77c8bacb01100109eed202bf983731bae290edb2db9fe8129819cacb61f

SHA512
04b2267d6cfc3020ddd9457f8768c08d7586332483ed8fb4f5b6934f574900d8421e386f9b3c5d9e97faaef70e5acaadc4184fa1c96af6500b230ec14b350a96

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db-journal

Filesize
512B

MD5
403c3bdf7d4972a61917a80a85d61ac9

SHA1
0c2fecea3f66ac569e51dd994279817f5b2857ed

SHA256
47c8e135d90a1a05a95bf1d4057a099801cfd9c3c6025d43efd77e6ebfa3e551

SHA512
078fea4a4c7efd7bd7511ab9150c56a1432f5045fd63530df5408093bd17c3550e57afffed41cb87193ca036d111faa14ab8a5f5e645a2a1ff7f83e112875779

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db-journal

Filesize
8KB

MD5
6b117831fa3ab0c91f1d887590acc2d3

SHA1
c48a1f7c36da6593364f6d664a245d20d20d4293

SHA256
33700d3601c07ad3b08288786181d8611833ad5a968fc1a4af79a4622c424d26

SHA512
04129fc907058f411c99c626990aa5e791f217d8df4cc2338d6f0ca0ff39565ef94b8f53e45743cee524fcd69aebc0673587627f2037882b41d494a979ab7e00

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db-journal

Filesize
8KB

MD5
4464edd4f5ccb8c0b878be09d90f2b05

SHA1
578e80cd168d34f117f5b984459bb843c0161f24

SHA256
392e8f918e54b75a83bfef99c3aec7c67b66a6dec8a548ac860a539c211b25e7

SHA512
7ee6b67309def9be5ad229aaec42e1de71bb022a7aa295f1ced09115730bc45a8e4a180c5bdc94564c63d7649010b5bec369e244eb233a373929c4c410977b18

Download Submit
/data/user/0/com.longshine.xindiantucar/databases/logdb.db-journal

Filesize
12KB

MD5
d41d3d8861972c6461b2984421641472

SHA1
ad6cb7a0d8e2a6cf003f5e8cb8cfae34bb850178

SHA256
69ddc615016cb1bb10ba18ee4c179fa737400f811e14dc499f811f2deb37393d

SHA512
5fe9570e5ee0b95487b1804f097472eec12d07d57a0aad55bdbdcee510f24832a843bc8ef0012b1a4c39d54bfe1f42bd91596a59dd45e4c4f15d8ac6c605e5a0

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.ac

Filesize
8KB

MD5
dd6814fb077db076d91c4765a27cb043

SHA1
703c9d3e92c664b0a5297530f8a76e29b8aa0eba

SHA256
89f6c07b38690c9f3e0a35e37edd8202986163b63c97adb8a4e779690d5b37c1

SHA512
8a92a911706846d97677a2dabf44a4295f6622bfb5506c6a7a5af40a90d1f6dd3e45ce481a1215dcad65e2bef23c20c61efb078feedffee3b7448bca923bcc7f

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.ic

Filesize
12KB

MD5
eb0e31ccf72fb3711d4b3663846d86b8

SHA1
574f85ba6cf0cce20605b2f406b5fb233034f8af

SHA256
aebea9c782de2fa07733a84d50068d1359fb418ac0822b37f404e3c3c1482410

SHA512
229160effa0df46a2fb6efc6b3a1fe5096299af3b34d8e0e0cdf6c06fbb0363c07f8075ad17356b83ae3357e9aff5a225370fb50c7f15d970f14a375ca2ca1b3

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.pk

Filesize
36KB

MD5
7c0b5c6d1120bf3635cb815eb5e29f28

SHA1
cbb58092e164d3d098e750a608f3833f85a06476

SHA256
f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b

SHA512
151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.pk.h

Filesize
213B

MD5
2414dc063ae490f376ef99ae010d6ebe

SHA1
256c622c57a343a39d04f58c61e75728b98bbb28

SHA256
fbe6c7bcb7096698ba836652f78805955f6d959432ddf753b3064afe81cb74bc

SHA512
3fb475f305b10bc5c48a5ef9e943953629ac3f7ce80847e81409c3fadc73e346dbf94e843e0b116d937c6d36b0384431ad52b2468043df24ff1e8d495c523f67

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.rd

Filesize
8KB

MD5
e13cf797152083ad236ae22fdb49379e

SHA1
843b1ff227edc6c4c6d9aa68c2dc3c5e81864882

SHA256
71ac352a597844e1d463f1b882cb08782bad549b26aab94f6d65d2a4d933bfcf

SHA512
768c3a13594c7e85f8921276db295f2f5e3dbbb8d160b9cf0517ba52e90ce29ce23f6a95eff3988b7059a1e708d8a556cc8c83c99c060c845a249ef50641b9a3

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.ri

Filesize
92KB

MD5
9eece724446366fa8770967dabcdbf80

SHA1
9b1d614eb380052b5c1df4ba5060f1b292e9e500

SHA256
3e0bdb9ffb256a38368659fc01f7b68e1a2bd03cca5f0b1317f37220b4c5ac96

SHA512
32132e96563cf56f6fbeed4bc1bf178ac4dfcc17101db92cf6e37ed099a80e253385d8bf19ad5738b0765380e80ff2c609aa9ff72eaa460e8624ceaa499baa65

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.ri

Filesize
314B

MD5
0a4ac80f0ab8432360ce68318ca5f516

SHA1
5e67ab0566990e6fa9b0bb6407463f3c2c928fa5

SHA256
0ef3ce3832b4cfd74cfb73be3cd2523fdbd0c0f9e1797d635760025f3c72ba08

SHA512
de80dd3c13dcea3cedd82f95eee4fbb91ca0fc9283d2499de616fbcb77e3831bba2aa9b9a01251ffe40cb4807e65c1c51c025a78cf9a147c6c0b86b7949017fc

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.store.report_pid

Filesize
54B

MD5
864b5834b7d1567786b902b9dfdf816b

SHA1
b11ca34b3b18e3989fb899b5c3409b5e0c63800f

SHA256
e7d479f6dcd25ea592c3b0761207b15b0b10d94a674b413f6b930b3807909155

SHA512
b927a01b06ee8dced40fce86a953c933abd8b28d04ccece17736c19ba7da12694e5e9991040d32293d014eab5cc0c1f4f56ee0951e436c565e5267f7da6a8b71

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
4aecb75c1ce057e2abeb8a7af0d2f4ed

SHA1
84a2f84eb61436e60dcfa6f2e64a62c4bac20570

SHA256
e022d3adf80c7aeb04c6386c0d670cfc1bc202f744275eb22eac9c0bf506e8cf

SHA512
1024046b680118a10e8e1d9468f26f836f433fefd7c86ef6ad247c3324f7cee256929a24329246760d8d666aa5bbaa0cb60440b9eef51a95dc038f3dff838f02

Download Submit
/data/user/0/com.longshine.xindiantucar/files/.jiagu.lock

Filesize
27B

MD5
e407e0ca12de07398325f70a0319a76d

SHA1
99154d6b10cb4ede87a8170b3b3bf3edc1f4fba6

SHA256
b876bdddc25c89ae90ba6820df4220baab4bef8800f7158b2a55618d7ef3b2fa

SHA512
7e131d22e260d62ac8474160c036726c31e22b44e877a073dac14ea3a7eb17e37e3b82d39d073f9038c1d6efc3cb2cec6b563d74c88877fdaae082da2127dcca

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp

Filesize
547B

MD5
7b3243cb695e3ee7f87197cc58871d24

SHA1
1b6decf2000db2b0426f8919b9fde54e3422d429

SHA256
8760ba3fffaad4065d4b01d46927454861f64f4b9b8c3870a0942d54005d6d4b

SHA512
6fa090984fd64948a995df48d369744d76f75f0c9dff0a60a86bef1bdbc8cb33d2159401884ddacecebc344dfb99bbb3bce96da4f5a6a203dc69605cd07bac56

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/b/5ad6cdbb45b4a14283563bba26a5e0b7.0.tmp

Filesize
547B

MD5
d62688a51bf8aef1fdc7172f471398a6

SHA1
4212662c2b3e8c61a061cf486cb7487bb24fd487

SHA256
403e352565a28eb169bf1efc75641e35c6a1fe7f413aa926c4fdbd9b1e25e19c

SHA512
aba123f5417ddd7b0de696b41aabb28ab76000aaea61311505dbb53de5b2c711f31b97f6287cfa2d3c45b02d0c8db521a0ac811420675c977007e7a1dce8edd7

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/b/journal

Filesize
113B

MD5
94ea29ccc65d824350a5409832de3577

SHA1
355bcb9e942202e511be21cb264dcfdbfc0a93c2

SHA256
768bb5055e609f1dc8f2c10b27bbe265eb707d8585b80858253c261ef2682fac

SHA512
40a00f4f7e7a882ed29f4e01301bdf3e020d7f5eae3936289e0952939c8bb3a908c4927ba2de6dec82f71eae09ebdb72380aa1c4e11bfef358ca14adfe7edf95

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/b/journal

Filesize
195B

MD5
4c36568f024e351d18fef3eb856bc13e

SHA1
46ea2ee737cac459607bffd86cf72044726ca65e

SHA256
df62894c08968ff667d8dceab87d74d6275595c04ec78c2e989c082effdd475c

SHA512
dac463d217bb10a674de0ec17cc74054238e7e8ba0bda3088fc18d30455b1640d03488f983ffbaa925138866a5b6db046055a1fa050b6b1adcc74a3240f2406c

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/b/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.longshine.xindiantucar/files/a/k.store

Filesize
32B

MD5
470a9f28f6ad053d046072511cbeb8a1

SHA1
1797ac41fce71d5069193cf3f4b6ea0d045a73e7

SHA256
cb6bc4ad063ffc910dc850636a9a71a5da4070018d17b280105ae78c7a226a45

SHA512
c9fa18028016bf98bd76febc582ead1662c6b8660afa5be7d422397a20c11176b16b6c91894fc9814dec84d861276e97a219e085aebc31af262ef32d93364d2a

Download Submit
/data/user/0/com.longshine.xindiantucar/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2MzM5NzI1MDkz

Filesize
1KB

MD5
b5587fc0dc1855073ad36f9cdf15d4d4

SHA1
17571a32553a1795fe3e5792c65c8e4d8b60bc18

SHA256
d6eddee6f00ebde06a77a2acc859bf12cba1dc22e6a5dc75dda80fc297900b60

SHA512
a48ee1b92951e4373d30d7be8b2a0c3eb5f647a0c4f087de3c7082cf8bfa4efbad53f7cb2c8ab8293c4b52acc814fd5111192fa4395257dc2833f8db030128b9

Download Submit
/data/user/0/com.longshine.xindiantucar/files/umeng_it.cache

Filesize
433B

MD5
7efdd8926f08bbcab14a61fef6471aad

SHA1
275d83bde9201d1e7004776143705b2980936d75

SHA256
f7e8238d7f180307d1587c86655a4f6b9f314b220495e79eb3961485e702180d

SHA512
e7b2f0d29dcea390026b045f078ab001416706f5b54371454905faafe60394c17fbc3d4226ed64e0c74f86f182e5ae5e9d0ba7946e118ba942f2de70db9d5dd4

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
7d77f097be905236ffba604976ec39f1

SHA1
d138c8080eca5fad610e0fdfb8b48ce6c31446a4

SHA256
fa94c72382438c74490befa06ab812bc592d4544a0717a9de1f04e6c828c4e4e

SHA512
345349a121bd07d693917e6bfa46838a1238feebbb7a009777775391f40c5d292516fd50a6a8043495840177a89d967f114b093b36acf8eb984e348255c86b8a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
6adbb1e787a5b022886d42052c638c68

SHA1
e34f0c66cccee9155a752d4ed647df44b28260b9

SHA256
8aa2829c67549897c13b0398d5006a83490db5115e19e4373d636035e4ca2a24

SHA512
eb4410a78f971be72d8ffc6d1e7597b8ecf87de50cd179c6b04a4f2da1ce7d90b72d6d514006a22ef84b907e4cce3d498d1164c87e4d895c8c1244c46ddd910a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
db71cd306b3ec152f5a80e51c381315c

SHA1
8f13af50c495341d5b1e74f2d53e33eff90d8b8f

SHA256
8c155fdb0317c1e2829a707f942f6b01a806ae6386d20c053c8c24d7674377cb

SHA512
67c6d26c1a0d98cb2331c140b72bf08eb3c597dca4fbf0fc07e908591ae8c26f686ffc08229350057c043f3e9add9f7781ea4818be72c463e0e5fd6303d7ed70

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db

Filesize
20KB

MD5
7ab674da0f9818e9144f8b2c8169ead1

SHA1
318a4b8137ad932b0e1e61c540c4b4a4a536837a

SHA256
8f341157c090835d6bf14a770bb188eb3e05cfc4ed1bb13ba90d2bbbe8d331dc

SHA512
0d06a65cdffcd5ad23bbc1a542fa3aec1b8fa94f864a3e510c03e262268b56271b46a06b679d0eeae7bc4a7b783132e81641d64e3b683138b02537cb6dd07e32

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

Filesize
512B

MD5
9e0566aded62942104901c1720ef6518

SHA1
fac11003cc2555daddd39652f21af573f983e618

SHA256
50835112af3d127e5a42f34e841635c37191543f68fe76e450139de77003f92d

SHA512
5e4d872fe8f1f1eb9ab90730b5de6166946c8073d6fe3720ad408919aec2de183a5511df8cbce6234f457ff2d5640794396b6b4d9e9f211f02b404bf4063820a

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

Filesize
8KB

MD5
dc2b6bd682fee44c2501452c756fb90c

SHA1
a5f7d8760e5260cda753b9cce4ab5a8c231da7d0

SHA256
21d2d62949e3f38d6e89efbc8659cc3ac924e7760f3527641fb48e160230c63d

SHA512
1bab5a9ddbe2918d6c2f0a21a1822cb159b535aefdd0053166daabe8b3955f2e7aee7f6821a252fa91fcfb9bb536b1b0be000ce696a25c2ef3f34d03f6bd89bb

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

Filesize
8KB

MD5
daeea0c7bd4cb85d1395c54b66637e41

SHA1
2451e9c71d5f7ea124ca840b3a7766cdf820c808

SHA256
a966b0e57eb28b27a92b32684b7de009c38569ed61fae57e9639c075e394c657

SHA512
868f3c0aecffe3ba5b2b039ca3649e8ec51f382ae099577009045896edd12ee5de608d9e218ed9da556aba6f163ff900c34bd3b7f3c8eecc998a88cb7075c972

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads