Analysis Overview
SHA256
6f38da6bb5b0a7b0ef8996aa69f865dd49b7fc21d9e6f9b3c229ad088765fd1a
Threat Level: Likely malicious
The file 65788ec9c2255139f7b64d9e8630b6c8_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Loads dropped Dex/Jar
Queries account information for other applications stored on the device
Queries information about running processes on the device
Queries the mobile country code (MCC)
Obtains sensitive information copied to the device clipboard
Checks CPU information
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Acquires the wake lock
Checks if the internet connection is available
Reads information about phone network operator.
Declares services with permission to bind to the system
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-22 01:10
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers. | android.permission.BIND_WALLPAPER | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-22 01:10
Reported
2024-05-22 01:13
Platform
android-x86-arm-20240514-en
Max time kernel
166s
Max time network
181s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar | N/A | N/A |
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.gau.go.launcherex.gowidget.weatherwidget
com.gau.go.launcherex.gowidget.weatherwidget:pushservice
com.gau.go.launcherex.gowidget.weatherwidget:com.jiubang.commerce.service.I
com.gau.go.launcherex.gowidget.weatherwidget:AppWidgetService
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.3:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | imupdate.3g.cn | udp |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | goload.wecloud.io | udp |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | newstoredata.goforandroid.com | udp |
| US | 1.1.1.1:53 | goadv.3g.cn | udp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| US | 1.1.1.1:53 | goweatherex.3g.cn | udp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| US | 1.1.1.1:53 | goweathergcm.goforandroid.com | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| HK | 218.213.248.178:80 | tcp | |
| US | 1.1.1.1:53 | gostore.3g.cn | udp |
| US | 69.28.57.173:80 | gostore.3g.cn | tcp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| US | 69.28.57.172:80 | gostore.3g.cn | tcp |
Files
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-journal
| MD5 | 94105d9624bc1dcb94b36b750c14190c |
| SHA1 | 5afecce853aede70964eae3685a53d4236cae14c |
| SHA256 | c1ad1bfe5cbc7ea0c04308875d6edb316f1c924aae3c41f5a27e3e36d6d41cdb |
| SHA512 | 4a4df87711b1747c09ba34795125eebfc0bb5c7b8d26c39d1e997d056fce197b0fcdfc2097c4ab310586f168057919064d80d162186f7b34c5f21a0cd2b835ad |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-wal
| MD5 | e1b2b90703c8f7d7b12108b6f505cc6f |
| SHA1 | a345123db21ef637bbd6a4ed3d1a827103e84995 |
| SHA256 | 3f2f2945102a45c4f8b905e60462c7c0baa59276a5c0c4aeded2add38c42e7e2 |
| SHA512 | 102d82c0aa3319a74169a98ec9037cce6405f68fc74ba2b7bc9546fe5e5a8b53bdeb948146b5055d2c7e04529fe7dfdcd83655fad757528acd105199c7fe5448 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/city/go_city_international
| MD5 | 21cd735cc2153c7efbbb97f78f0a3710 |
| SHA1 | 21b6e2f3b3e5c94fd7582617e8bdf98b37f95820 |
| SHA256 | ef509d2cc080feca7c609796b85356d519951397794e3a94031a835043f69705 |
| SHA512 | 7af6d3a431b0e127e51f4e1791aa43cc15f711bfd568f8697b18592766a2d74b63e83c750e2ec18dc2efe3f8b5e93457f5702ff293bfcc629fc2149164c32963 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Y29tLmdhdS5nby5sYXVuY2hlcmV4Lmdvd2lkZ2V0LndlYXRoZXJ3aWRnZS5iaWxsaW5ncGF5MQ
| MD5 | f2103e1fa0b575c37aff1232c79fa353 |
| SHA1 | 0d77a21319de8d5e4eb996ac09101c1a6ca98cb8 |
| SHA256 | bf8de636d4ec5254813d3e8fc3fff8094e757baaf2a3a7110972f74dd8077b3a |
| SHA512 | 0710a027723e8567c948465d1a019d0a464e35cbc2d0064fea6785aa8926ab7e1267596a7f20c8d43028146fe3f56df107acbc8debec67ae213cf8b451610ba8 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdmlw
| MD5 | ca0d08aaf4c60d0de54efd10b03af4ab |
| SHA1 | 8bd8955ca512a3635e8960c7bea36265b8157bce |
| SHA256 | 987e95b25c7c453470ad0699b4c83855ab4e964f8dbbc5ff49d6021182a330b8 |
| SHA512 | 687b41834becc226a72ece60936f078f0806beb2d024eef3cc975965150e08b8371e8c2da9d911c0575173b201604483684746f49b8770e37f29d4b7d5eabd93 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdmlwX3Byb21v
| MD5 | 9187b5b572b807bdc2b81b49b3f11c0c |
| SHA1 | 33324291886b40909801528d8f8e7bed575cac35 |
| SHA256 | 85aadd4540ce91bcb5719b4dc92d5efc8db1d63ef5253f3d8a6383651a37f2a2 |
| SHA512 | f15a72b47cd6e70277b5eb98434f423414bc906de9c6b7a869cdcb995b851665c6f8d055e15942cc3a0421fbb6c404788ed436dc719f5a7ee81280de1ebd7d3d |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdGhlbWVfdmlw
| MD5 | 652d7154d2b14e42256f3b694ffd16f9 |
| SHA1 | 737215f207b7547d5f6de2b3715593b1ea418596 |
| SHA256 | 3a1fb1e4dd54c848f15dcc2e3e7995d45182f9c21cb224c2d4bfeaf3e8abff10 |
| SHA512 | d91781fc639010e3e206a9f0ac807d49ea35bc482b066c3d69b683fbcb316f31c1a3a2c16ab8f34d26ef5a8e2c4fac86b82c03e31cfacbea1d2935ce32467bbd |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfcHJvbW90aW9ucw
| MD5 | be21c137567e027aa0b4fd4c05cfc4d4 |
| SHA1 | 9d3b93ae83b5a1352f9bcc673387de7ce730f372 |
| SHA256 | 1746230ef3e2da8c1f97e2d3a72dc3e9e101cad332345382e7e43a9e5f77233d |
| SHA512 | 9f955aa4f7118e92e84bcaf22afa43fab5c94f2092346ef82d1231cfdcfb5fc5c4e35e60b720d763fb0b8f33c1910289c1039389669713f3276f3d4d00678482 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdGhlbWVfdmlwX3Byb21v
| MD5 | aca167ca6ef6fb78e2ba872439d0781a |
| SHA1 | 45c412ba4a0cfe8a0d997a00b3465644a0101190 |
| SHA256 | 81dad9dc0f09376f86e8ea46b58c3122f2033b26452f1e8bc3533025372749b1 |
| SHA512 | 22c2a32ec458ff34ef7cc11eb56d2bc07bf89cede5671c6e337564cc2eacb46fc889c13f84b4ba06b3523747e8d68eddc815f3ae26d6df8ad0ba7f2c5536f470 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z293ZWF0aGVyZXhfYXBrX2lk
| MD5 | e9b8274b0739b93ba4e1122ae0b3e61a |
| SHA1 | 9c2ef50d65d20c56baee57af6b9002ee34bb2393 |
| SHA256 | ba5353ef5ed3d424670faa1dffd552fb7d8ecaa0f2c424ea89ba60ab8f8577f4 |
| SHA512 | 72c00dedcf3044d4aade5eaf371d5fe8c8c6d818cb0037ae7147cc4de5e0ec38cb03acd7b4ae5fbe420b19e44b41082736c6840789fea8183d540b05b6bf3163 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX2FjdGl2YXRpb24
| MD5 | 6900c09452a431409a79554d6bb8fda6 |
| SHA1 | 5293e626f9da8a58d5147032f65c6521d633b21c |
| SHA256 | 98e99d12a1ebf16fc607bc24dd59ff1eccc5ecb832a296104c53b52accfe856f |
| SHA512 | 8815bafe7db43e829ca0ecf2cafa7452318987f207a19b25389161fdb36d06baaba3196e3dca72d3790868c67d4951d6e4675f5aff97545e4029b52aea409a35 |
/storage/emulated/0/.goproduct/goid
| MD5 | 11abb5e880f81a0478620d37fbadc26c |
| SHA1 | 0ee156bf33dc4ec5e05e28cd8d2050de72e1d005 |
| SHA256 | c1610135c351336fd74482e081db35357d4400c13f8ca9b21e7225ba781fd2dc |
| SHA512 | 36a2835afc66c44e9dc6359aae1e33a1079137f30a01c108065995d086315333588c38548fef4caced7141d6fd61465f78af14bd7b95555d10f9f4b1ae655f8b |
/storage/emulated/0/air/as/statistics/deviceId.txt
| MD5 | 1d19d729b2817f212fa6a7e6e50f9e81 |
| SHA1 | 704fafba2e850f39916ce64a296125997a3298ab |
| SHA256 | 5eda496a6745815be59b40a3a7bbe25a773239d73eb096306f8336ca18a2186a |
| SHA512 | dc6650f662941ddbc134363dfee8660c5441cfb12d79def391eb60f52d07e6f93aa42b9e49989d3cb4bf7170a1b64b0e5c534f537ff597e805e10235e97f309a |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/ad_sdk.db-journal
| MD5 | 1ebaf4b0dbd675a4675fe5d6d32f2834 |
| SHA1 | 0ef25b0cdb9fb559c926c8a55ff9418d878ab2a7 |
| SHA256 | 82561efa9f01f7742d581c3546623d8af6d4c9697d2b22d502b915a577b453ab |
| SHA512 | 82317e26b443e0ade56190aa84bbf5ea64e727a1cef23d956e5506eebbe8e1da075b30d7685a5cbf6518f21c46aa07b3a8d8d20327dff2aa947aad1b9f6f4ae0 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db-journal
| MD5 | 559063b69b98cf97f1c67c9617894674 |
| SHA1 | 0c7e563dd19c40e6a065b8fef8cf5b791adda478 |
| SHA256 | 594020f4af202859c585df57b4461b7b16933040ba06410ab16db5c816427108 |
| SHA512 | a228e8516369aad7963084dc2e37c9ce91a130a0b76e4d2f57cec655c9fccb65feb48d4e9e23de093ae1c03885c651053c86ae8087a4c2797f89de4c2ac90fa6 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/ad_sdk.db-wal
| MD5 | 2a04081e976408266cebf0867eb45560 |
| SHA1 | a5b7bebe8bb521e5ddf85ba608a5ae410c03c729 |
| SHA256 | 851e4cc9bca54c51b72ad4a39ef6edd62dfaa2b7cf3ec8fb6c987833127c2170 |
| SHA512 | b87b500fc2b3a95a7587f4837605c876fa16bda838f218cb1784e59b74abe20ff2defe6e9508d97225517424c18050068328e671c4207083ed829aac24c2a850 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db-wal
| MD5 | adf5a9de87d7fa0eb97c045f4bff0ce4 |
| SHA1 | 22076d39a4eb541740567717fcefaa723919f41b |
| SHA256 | 73af1df6526d4750e35150c40b827ec3c2a2ec93c1124f0d14dd093fca65899a |
| SHA512 | 1f39c08feec5e9cd64f97634d6e0b8aecfd2697f7ed3cec3a33f859866cef07cacae523b77409cf395ea3cb8c886a9edd71943196e3b9b874c39ee75b4f81eca |
/storage/emulated/0/GoAdSdk/config/user
| MD5 | bb38f24ce647037acaf8b216cdf7ca3f |
| SHA1 | 36b3c0e8a5453de7216c31e590dfb7959eb84718 |
| SHA256 | 39ebe3ad079bacbdf55b1a9881e9e1533340bd38c607e8312139de9ee4f40fc5 |
| SHA512 | ebacaa2283c7380c39aa2d2ad5324338c30ddb2d75625bf3beb45f9edcadd69dcc93b6806ebcbd1fd01e889464f35ad77ba884029742c88000da7158aba96385 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/gaClientId
| MD5 | 3720398b1b0d07ed8e14df1517ae3713 |
| SHA1 | 48c7ac823481bb50c8e89cbe47e56a4d2cca8455 |
| SHA256 | cbf1104d32f8c2204ff59c9321daffdc6c8ac1851a7c3acace933957bf4a7f54 |
| SHA512 | 5ec6328f050c30d8bcdc7da21e977771389a5ad7cb42be8edb353566bcc84d211f1f8922404fa603e0502ce4479002429dc96125c5fec953775e6f128cf00017 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | ba422c988fd02720ce08e8f3f6eb50c6 |
| SHA1 | 81a8bf6c856ca9598c5e2ced53975fd0dc067289 |
| SHA256 | 0511329e4fe56ddd6700a8d67fdcf3fddf5daca6c50928ff4bff67e74bd9f883 |
| SHA512 | d4ed4c48c240d5fc50dd201f134c1eb74b90b6b466c08ce6d1ebb38dd32d4d3d86ee526109d8e8e2a058e1fd4d3cd5a564e23f9f98a855ee715edd25559a71d7 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | 2fef7adbea3ad3270ce73063cc34686a |
| SHA1 | 548648cc6faf3637c86926cdbe3b4b557753f1a7 |
| SHA256 | f036c14f89361330a9c3824c7ff66978b0392409ef29c342ad2a243868e80884 |
| SHA512 | ae140ca7056c92fc44662be988a5bf4d5c5231b95d02b7a2825f0865bbb99212a53ea6372a413c8ab06cfe59fd1138871961b2cc8eed2808f13ed950cd38e8e4 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | 71cd085a2de58a2b4add1a9023a28b8c |
| SHA1 | 89d3fc146ad45d021cabdea70df2a5c1b5ea198c |
| SHA256 | 35ff17ac3f6fd231cf629294b24fd2935948c851f043d5c696066bf50b8bba13 |
| SHA512 | f8f6b1846270f4d4b9b3fce063b19a19175ea3431f302035381346cbcd019b4bf5b7ad46ce27d2a3a0f5df6e640606cb712ef1c1058acea3726d529516ad51c8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-22 01:10
Reported
2024-05-22 01:13
Platform
android-x64-20240514-en
Max time kernel
171s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.gau.go.launcherex.gowidget.weatherwidget
com.gau.go.launcherex.gowidget.weatherwidget:pushservice
com.gau.go.launcherex.gowidget.weatherwidget:com.jiubang.commerce.service.IntelligentPreloadService
com.gau.go.launcherex.gowidget.weatherwidget:AppWidgetService
com.gau.go.launcherex.gowidget.weatherwidget:pushservice
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | imupdate.3g.cn | udp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | goload.wecloud.io | udp |
| US | 1.1.1.1:53 | newstoredata.goforandroid.com | udp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | goadv.3g.cn | udp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.221.18:443 | graph.facebook.com | tcp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.16.226:443 | tcp | |
| US | 1.1.1.1:53 | goweathergcm.goforandroid.com | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.10:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| HK | 218.213.248.178:80 | tcp | |
| US | 1.1.1.1:53 | goweatherex.3g.cn | udp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| US | 1.1.1.1:53 | gostore.3g.cn | udp |
| US | 69.28.57.171:80 | gostore.3g.cn | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.223:80 | goweatherex.3g.cn | tcp |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| US | 23.236.120.225:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.224:80 | goweatherex.3g.cn | tcp |
| US | 23.236.120.226:80 | goweatherex.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | goload.wecloud.io | udp |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| HK | 218.213.248.178:80 | tcp |
Files
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-journal
| MD5 | 6072a21215d3104c55bc23351c4b17b2 |
| SHA1 | 7f78dfd19c13f749fc2ab6ae01d11ac6fec47671 |
| SHA256 | 236e6b454d3fbe2b832c997cdadeef8344c1d299aabb4efaea9292842d6b87ba |
| SHA512 | f3b3398e82f2624d8ffe034d0d56bfba91d3a755f0bd7fb90a9c36a2d4df4f8bf3e7751fba3499e02ca62fd6eaabdfe20986c2a1b23ba18bc60b3000c73f2e8f |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db
| MD5 | c995c51aa3366b6414694f9cab0b87dd |
| SHA1 | 2b2a3a785eba90d801e09cd8301a5cefe01881b3 |
| SHA256 | 099fb77a003de007f514a63d447bc108f69b7f03b2056c6163ea1c0e0d6c934b |
| SHA512 | 9c4948ef4c0fe8ca2ed79f3f4894de049bbd37bb095af01297f52200cad1a81b6f9bcd3052f784b3b0698c0b9565886eabb06a642aa3d3f4b7c3b42dfb296935 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-journal
| MD5 | 18524495f7d31cef3b3f245e1a198605 |
| SHA1 | 143b852764dc266a04fc72fa4bdc9a8448ef3ca1 |
| SHA256 | 189121b26a2a2080d3af2e8bec6857dba98cd8704746f568e0e1566aa83a65de |
| SHA512 | e681927072523b014aa2299e96989f5ccf19a0215774c4c17e6f3dccdade7efa8abd32951dc011696513259eba7eaacd011a8e4076333c8149069e1db78725e7 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/weather.db-journal
| MD5 | 1ca0e53f59d4928378136d92e8534d42 |
| SHA1 | 1e542fc6b51c08b5a6612e4dcd2548bb897a05c9 |
| SHA256 | ac7f29ce55dbc711dd0467373867648604edb0a509413cf867ac9a84b1870ef1 |
| SHA512 | 8d619aba8bd71b005cabaeaa9cfb3dccba77dc43776d45a9ba8d995f40fd7578c1c3c4f0edab5e94a569b25cfb620a64c0de63f4be7e5f1138d081d17002e277 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/city/go_city_international
| MD5 | d66d43ef6b3628f10f7d29c73ff3e117 |
| SHA1 | 5e031b518f8f0fe5bf246ea1a41be3a635238eef |
| SHA256 | f3b763b4cdf00713023488fc10643a78434f589d9545682974dccfcd3054d1f7 |
| SHA512 | e45259fcdae6c9fc2e26c5aa9b7e139901459452c0d65ff05b833a6893ff465631de5c8acc09698ef0129f0181dfb575727d9383b84d1338d662830cbd00ce22 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Y29tLmdhdS5nby5sYXVuY2hlcmV4Lmdvd2lkZ2V0LndlYXRoZXJ3aWRnZS5iaWxsaW5ncGF5MQ
| MD5 | 9e6accf68d6b49d857c2e17d57db04ed |
| SHA1 | 8aa1346c068c7ca83d4be6885f2b9a8da66638d1 |
| SHA256 | 65d1cb12e9e0aa93f11d9dc487d02d1f2646c7ae2255551e305889992f43abdd |
| SHA512 | 51debd54f92bf0ad57d21c59df2854fa212434e73ed25be4094f01d328f70b3b4ba85a17eac794af7786760109f2fdef503a10d55ef6779a03b3481a6305583f |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdmlwX3Byb21v
| MD5 | 609127e703ad3ab644fc01f6d43ee028 |
| SHA1 | c72c66223bae485fd1c915cc3e1fec78e90499ce |
| SHA256 | ce6616323b0b7aedd45240a9b5a370ebe7275799d90c5e92df89709ccf638209 |
| SHA512 | 2763ff3557dd4960b5ec93be0883c73881bb8bbcb27e8146a03c6f288bee44503e50873f8f1e163e4dd99f050683eeaa47a5c14ab786a1ff0ec7c9cf9a90e801 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdGhlbWVfdmlw
| MD5 | 12fad445b4a7f708dc8137f956439719 |
| SHA1 | ea47939abbf6f40a153c4eb6e21b148097824df5 |
| SHA256 | c63210b90fc38248178da7f2076c64cb035c320e379cb6fba36898930e85a001 |
| SHA512 | ea13ef53c9558d789348e7800d7655e04c7937301f6e0d08d9211e3f94f67992c9f46d63b8723f34d0dcfbfe9cddfcf9f6a98534f916ad9ac8660cc4c8ed6003 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfcHJvbW90aW9ucw
| MD5 | d5a28014eb94fd77269f95afb2d07e03 |
| SHA1 | cc44891dd56162fe3c823b3f3df5cf5ab0e9fb05 |
| SHA256 | 9015b5fabfdd1203efa94a7e8d70cdcd56830317d976491549ebc8c289891452 |
| SHA512 | fc5fdc459ebb87504002ed8c1e83b4a38f7d46a677c6ea27a0b341238a92f87aa675789f6bad67fd7a88767ac7a224739ae8421ef978be5a2a283c71c1930746 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdGhlbWVfdmlwX3Byb21v
| MD5 | 8916838222cd865e4554047a34538d67 |
| SHA1 | 38f31e0c4401f1913224f0516756517c06719847 |
| SHA256 | e269e6fa6d064f33e311f6c1e3746974d0ca738232c5b01911806663872e42fc |
| SHA512 | 6b257f5e93d3911da42df77964d5f70ec62d585bcf3aef8a6411de38a5fb14d0468e96bbc63a10948e7f5bed053785bee4e976d69033a8df61c2f9003f71e38b |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX3BhY2tfdmlw
| MD5 | c7079a0e9d1d90b51727a3812c934cd9 |
| SHA1 | e2346c0f7a3279d84ba783fa4bd11afc926098f2 |
| SHA256 | 0925fd01ad031c7889adfd10f1f08fdcb19d1c9cbf6a47457af22475838cdbba |
| SHA512 | feef905b9c7889cc987bc5861beb435995b7b6be315894e3cc5a853f30041d7eff945836e620b4c017bc9563ac4c0fb57f3da348ba8549a8e89642c15890bd7a |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z293ZWF0aGVyZXhfYXBrX2lk
| MD5 | 4f3be28694f80b7e458cf6d56983b9a8 |
| SHA1 | 16757811c8de9a7c8123f0daf97d87133b69b774 |
| SHA256 | c2bfa5c31d0e40426aa6fd1a38b25ffe0a52648a6baead7dc5cb84ae9ba9ae72 |
| SHA512 | 7acfb5c273901bc5a7d750337093580a604aacd016561a43dae731cc60c8350290041f970647a01d10d9cbe1ea796dd108e86f1d6af9ff18d51e2b81f620443d |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/Z29fd2VhdGhlcl9leF9wcmVtaXVtX2FjdGl2YXRpb24
| MD5 | bc7fdf6d0a6289a741a5bd225c185d25 |
| SHA1 | 76ea06bfa665e336601959e015b8300c2ba90dba |
| SHA256 | 10874919ae6581707bdd2913d6686d00834d0c570676046137d6009cbcd83fc1 |
| SHA512 | dbb40d06ab5e8287ee7fd7ed497ab5629e985d8e73ab22f1af6790cc7421c53bdaaa535a61aba1fed26cefeca2adaf6ece8c4a42dc6ed771799d1258fb8040fa |
/storage/emulated/0/.goproduct/goid
| MD5 | bbfe1c7b1cb0f8fc80a79164fdc691a3 |
| SHA1 | 73e4e533d830a0b84dbe7782339a0a18566c1c46 |
| SHA256 | f99c59a35a124fdbbb8941b81ff8c40111df178eb1592d39d73d787b12995696 |
| SHA512 | ec4737bf7b534378292f82fe3bff6b0ba56c0563983584d52adf598a862c0094fb4cd471ac2172fa90d4dc54a69b1d9b63081095a74cf584a37fb371b27f4634 |
/storage/emulated/0/GoAdSdk/config/user
| MD5 | 88ac528a7101f972d226a9ac3c376c13 |
| SHA1 | 6b553c0426e52b9afe97f4d7ddd05c5e9cc4ee9d |
| SHA256 | 0756197b35085622a95b65f505a49db58e3c0e458b0e4d496d11961bb9d6b30c |
| SHA512 | 318dc63994943292e0bb36beb365d02844c5388f849987e0cbf942b1b3e5811b8949ae5db687c3ab922bd9f368bbf4e3aeaab19de7951e41e7a4de792b580d96 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db-journal
| MD5 | 917b4374d1d8049198ea2bd0a48c4b00 |
| SHA1 | eebae49980923359dcaaf3a5b6eaa600a3242ad2 |
| SHA256 | 2ee860b0d2fd3fb8dcc94220327615881717593fe2c79ed07ed9f052161bd98d |
| SHA512 | 86c8ede7de948b54ee6effde84260e3fd3ce5b4ed9248b4efe09ecf5cf763951164223de19cf2453d0aefd1d47e86fdd62be079917cc9493369d974e0fe3263d |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db
| MD5 | 552902ad0a8ba78aa6b93ddde3c1cc94 |
| SHA1 | d4276128e30e171a4f8d0ca680cc59f1c38a7e8a |
| SHA256 | 2d6ed23862eefaea98274ac2bb5f52c4bf9fef0663707d2fddcf34d2d3c4bc10 |
| SHA512 | 2dd20518a9342d8d812fb185cb67561e5305a0c345a075c79906109438629c875a94b7742b2f0f634777186d7d8e44659c475a268302170c404f6ad2bd2cca4d |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db-journal
| MD5 | 02b49cc58d91c657dcd86e140d644a36 |
| SHA1 | ab4220aee5ac255e4aac409d9b1b1424a888cc92 |
| SHA256 | d23aebeaf0c23d5597a4e23f3b5e06b29abeefea0bdf2eafe8d950cb9017e9d5 |
| SHA512 | 72c0a3096e9ca6eae5d71cbe4c42b1293bcc43fd81df66a722aeecaca0a1fe32858007aa3e99d1a2f893118dbb0c7a0feddaa2a3df912c02e3e6127a7a751914 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/databases/gostatistics_sdk.db-journal
| MD5 | 898983cd42cf08a3c1d2dfab40b519a6 |
| SHA1 | 8bd3dea905d3946c268c9af1466968b191f7c049 |
| SHA256 | 1baafcc4a86ad2f1361d1ed28517b4b07d0f6b2d745150b2b02a0c5ef1467b4e |
| SHA512 | ac7f78318dc129eabcbbb06d2ab250f3cf84f04bcf69bcbe0df4218bc85dacd00a93b06e254fcdec73db2e0f18b7b9705f37c1c4aacd55ddb73c202843387c84 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/gaClientId
| MD5 | c69102c46a37607e02a66dff4bc2e1b8 |
| SHA1 | bb3d3a48c5e56ea79efbeb9dd444e650d21cf9fc |
| SHA256 | ef51ac41a8dd7151d614025f2979bd919e590b066594eb927fdf9b2550150ffc |
| SHA512 | 7b50a0c9a8fb7d015efbfae29ceddb4bd81cbc205a7d6d73e3f1231e7e368447f8008e5cab7bc909ca50d726d9d413b240a98fc61d30cb0a8b563928f07dcbbf |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.gau.go.launcherex.gowidget.weatherwidget/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | 3a392f5a2cca7af302bc64fddfacb373 |
| SHA1 | 32f960987614fc1d826fd7d884f87d65b0c2c60e |
| SHA256 | 40742e626b0e49564a65780f90a337c8ded4fba4f3184c36ed3cebdb15c780a8 |
| SHA512 | 3a3871471e7d0b8fabad7dd742caea974af95ceca17845352ae0908844ed61befcce65f865edeed2f61bf4e92628bd9b657ddee1d0a1cbe960c6ec547a939059 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/collect_data_weather_refresh_error_info.txt
| MD5 | 577254836b09b4d30b5a5d5ad5729136 |
| SHA1 | 31f309f0e41a9ee24b31e0b6032017268b6cc138 |
| SHA256 | 88382f5b8695c50f5921efc635f17649c5af51d478ad1d76cf7a5a5429772490 |
| SHA512 | acea628223aa9ed625796e365f62dbd010e3221cff66b1a683a204212347e267ccbdc390c372ddd7048cae0391dce8135117dad2841d365301be8542eb27bea3 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | 9e9c5a16c655223ab3ea0eb0a72b7f44 |
| SHA1 | 383e966bcf85b664009f6d279910680eaff74434 |
| SHA256 | 613bc23878637b32a8b746f9f0d6c5b52b8e2c921139d127f612859db0a6ecc6 |
| SHA512 | 0da571db09f7960d5f2c095fa803bc8cc8f3bdf4276d91c2d8080dfc8ef88eb517c52d6b1a74acb98a6dcb1dbff955194b406d7223f0b7b98e263e505cc4a579 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/collect_data_weather_refresh_error_info.txt
| MD5 | 392b6c35e2bd2b01ebb1b5e1b0a1053f |
| SHA1 | 98eff5dd1db8b1df5399ed38afcc2f9793d936d5 |
| SHA256 | 066996b3b05ecb09f45e161a06c3369b9023e296aa330dd5a18ab2d6596a0d27 |
| SHA512 | 44e54171ddcbea9af2c74c8d91ad34d42b2a36d8a2a3c6675e9815c00490125d16c09a18c758186c353145f390f2250292ce8890b9043b39ac12bf3150a0ac34 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/network_time_and_status_statistics.txt
| MD5 | 47ff2d5ac75cbafd994af71cb62e9a4d |
| SHA1 | 0cc755103f002e51d060208db9d50898436489a5 |
| SHA256 | c7e30496a8a4d5f481c8ff374ea643bf74d228d205d4d0f236b88c81262034ad |
| SHA512 | 8a7be0c20745444aa4aef0395626e3eb3249f2d89b1c69720eb44db2d8cbe42a33a3a861c18d7844f304ba9c1e084dc0f3f9316cf4449f9bca69e5b79e92b469 |
/data/data/com.gau.go.launcherex.gowidget.weatherwidget/files/collect_data_weather_refresh_error_info.txt
| MD5 | 5f0b1c13b16c714b4f6f341c7773ef5f |
| SHA1 | 489ccb13fad341738cead84c8d51f41b2d240be5 |
| SHA256 | 21d82ceba2be1e3279a1911378a007e8d64ca99e2e9dee2f77888c172c1a1bef |
| SHA512 | d28e827fd1dfad4358172b531cd450f53496db1af9f149fc15317df5347c856a5e26a72b1797a4fea794d6d54b5b99d48f47ef605edac34e14731789f6ae880a |