b75a36052874806c3f0c7467fd92694f02a866a236b8d3a0fcde4b195d2049ab

Analysis

max time kernel
13s
max time network
154s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 06:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6640d2fdab5dab271e9d362147c3e2c9_JaffaCakes118.apk
Size

19.5MB
MD5

6640d2fdab5dab271e9d362147c3e2c9
SHA1

2f47bda66732ef151f8700da7a47476fd15964f3
SHA256

b75a36052874806c3f0c7467fd92694f02a866a236b8d3a0fcde4b195d2049ab
SHA512

66aad2e7d1baa05597f49f7b6cb2f4d201b99ea30ec1dc57d36d3f7db1858a17e73257c23632e400aaeda291c20d32bc45f2ff898bafdd80d9a5b7871090b78b
SSDEEP

393216:leX/i/bZeqp48fJKvYqDsUUEtYoCSO6GOUtE2Js1ATpZ4WLOd:leX/i/bZeq22qYqDs+SR7lOaE1Y74WLM

Score

8^/10

banker collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.remennovel

ioc process

/system/bin/su com.remennovel
/system/xbin/su com.remennovel
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.remennovel

description ioc process

File opened for read /proc/cpuinfo com.remennovel
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.remennovel

description ioc process

File opened for read /proc/meminfo com.remennovel

ioc	process
/system/bin/su	com.remennovel
/system/xbin/su	com.remennovel

description	ioc	process
File opened for read	/proc/cpuinfo	com.remennovel

description	ioc	process
File opened for read	/proc/meminfo	com.remennovel

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.remennovel

ioc	pid	process
/data/user/0/com.remennovel/[email protected]	5143	com.remennovel
/data/user/0/com.remennovel/[email protected]!classes2.dex	5143	com.remennovel
/data/user/0/com.remennovel/[email protected]!classes3.dex	5143	com.remennovel

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.remennovel

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.remennovel
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.remennovel

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.remennovel
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.remennovel

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.remennovel
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.remennovel

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.remennovel
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.remennovel

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.remennovel
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.remennovel

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.remennovel
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.remennovel

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.remennovel

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.remennovel

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.remennovel

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.remennovel

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.remennovel

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.remennovel

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.remennovel

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.remennovel

com.remennovel
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5143

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.remennovel/.jiagu/libjiagu.so
Filesize
486KB

MD5
50750315eef281575611bc425174b939

SHA1
acaff02526d7b4c257e00002ed09af364f66a401

SHA256
c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef

SHA512
60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9

Download Submit
/data/data/com.remennovel/.jiagu/libjiagu_64.so
Filesize
568KB

MD5
32a8cba7e6fac645ea3d1fca87cba90f

SHA1
6b01347c0d6777ea644c9859214decf5a00431b3

SHA256
ec2270b007c53f33ec3ae7c49e78fde28a64bf2eaf4309ce60abf9e03035227f

SHA512
018c9c65ed954c48b98d6a42e28f6b2e5850179079497367bca849667fdd69a96a2182b43c2a865ebcbfd8548d6973d9b0d2f9570644a36bc7549b1a420557d4

Download Submit
/data/data/com.remennovel/databases/MessageStore.db
Filesize
36KB

MD5
15669eb47bb19111cb64fa7508b227d7

SHA1
c7585424afeb0fc7051697b771eb3d81e0e3aae3

SHA256
ecb0e8c93a782292a1dfe20a90e204d1c1c804e2773f1831c9ca34826aa62071

SHA512
13c2cb45912090ba0b670b36050eab5954e22d57b79e141d2236035dc1ea2000960d93ebc544fc4dee48765335a3d52baeb5d31c8a40407224c624fffebbc11b

Download Submit
/data/data/com.remennovel/databases/MessageStore.db-journal
Filesize
512B

MD5
290f8482f07304e7f82b2563a51ebad0

SHA1
55780d6b967be786bc2f0a464b5d5d855fc1598f

SHA256
5afb426b285fb7016a596e1300ef638feed69a9b73cd2379a489a38a90922040

SHA512
2c9045ea7b95c4c94263921d8575387424b7f0d200d16da9f1dfd52513af1b548e78bcc3e9c79587af75c6c69e298e8ff3b35b2fcdfdb79f31f60d6b878cffa7

Download Submit
/data/data/com.remennovel/databases/MessageStore.db-journal
Filesize
8KB

MD5
171999aec70145d919b4777b952c5621

SHA1
32cddc62c476e5e302ce9ac7cf41f4b25545c7ff

SHA256
b243f4622c7d684a6757b46e2c8670265d732da0cad118b89ac73b61083e5fc4

SHA512
c7530eb109741269d69dd3037156c2f1990593948028f4cae09a0e4a633e832e1326c23e9b7cd4c47b5e491233f41c6bcda15bcb4c494a180b429baa9ab67b1f

Download Submit
/data/data/com.remennovel/databases/MessageStore.db-journal
Filesize
8KB

MD5
1c0ab2ddae10c28e8a4fcfe58573db39

SHA1
dd65cb08bdf9fe244325c703b88ef24825e66bc4

SHA256
526fc292b4e4d56f649f2cca236a5b9ee7c82b12dc287ded0b5ec25da5595566

SHA512
bfb322c2fd359e007e6ba768b111570031fdd5789296f9937c2f3c1408fa61209ec02080cb186eb859198dcc40e7da9460c1157d977ca9784f01db9ebe448494

Download Submit
/data/data/com.remennovel/databases/MsgLogStore.db
Filesize
56KB

MD5
9cec591e3ef91ae568f4cb6e7c2a8745

SHA1
ccf756b6b465ad9ad7ff6bfbeb4e8345ba3f6ff7

SHA256
05be88f05e9bfd4d6496caab584a704e7956fb87036529a0c8028f1e2bda309c

SHA512
f824b3268338787275c184bb740d152d53c1d8e57a044f587530735ef04d021a2671cc2aebb17ae3b497a0ad171060da484a565bfa62d32ed334ae5ffb538f51

Download Submit
/data/data/com.remennovel/databases/MsgLogStore.db-journal
Filesize
512B

MD5
e8456ac0ee9011280d21c3813f90e05e

SHA1
5e79cf608262fd7206e6a90f318e728b547186e2

SHA256
d74cc05ad08e9e961bb231dafde8fcd2f5411ccce471f8c90fdc30b553e2c959

SHA512
b9a6d1c2af187c677e83361d3c683b25f6071fe92eed840cf65c64b7364d09d72834fce5856dac1c180bb8b1f3cc8ed68b8bbcbd58af6546b35733dc91630672

Download Submit
/data/data/com.remennovel/databases/MsgLogStore.db-journal
Filesize
8KB

MD5
f54fe14ab181857bd38fd4cc28245e76

SHA1
27aebf9cc963c1a35f41ccaacbf2d6ba1dee5be4

SHA256
c2868dc883b3ca733923331a612bb330dc897f826e163c096127bf46f40e8af3

SHA512
ecba93094330f81c3819eea10968cc8958cf1444d2bc6d06222ff2f76a65fb871a4f482d35b2e85f050049a0d82fa7a0837e3c7ed2c2693b54ab9b933edc9b61

Download Submit
/data/data/com.remennovel/databases/MsgLogStore.db-journal
Filesize
8KB

MD5
1e5f3dcbe3d0a07658f02c1712874cc9

SHA1
e3d023f6e64f4b4d58be9f7a0b195183759ceb98

SHA256
2b53b6cc5f04ecb7dfbe6d578b13a4d225db60cbf1cf42eb9a54744f86e21e81

SHA512
1f24cda3a08e4187e620d2ef982904a2a31f034aec85be2bb73db860698729c42765f6bc6dcecf8ab6d84782ad771c08a495e625878583c321206f6db990ac58

Download Submit
/data/data/com.remennovel/databases/novel.db
Filesize
44KB

MD5
2a366fe9ed321e84ffbc3890d8de9ce9

SHA1
6549eb9d9089e7d96bf73eda6c9be8026eb70529

SHA256
162c26d9008738f619a82fedc8618c88779591d305ffac9ee937ceaa5733d306

SHA512
41699edac063c8b21d5b918a32eabb77e139451ea5fe9f7e47c66edc04afe25597e0e9b2502b9a8bdb0e72d7911a9705c5c16288d6c339a83e9af4e92daf5caa

Download Submit
/data/data/com.remennovel/databases/novel.db-journal
Filesize
512B

MD5
9e76a3440eb0098da1803422a25d773b

SHA1
8726e365ce0b925f21b6bd15ff7e651be69d2cc0

SHA256
880dcc59fd297b22e5d744952157da30b5c348f0b9a06553f447bd8504d629dc

SHA512
d9a3410ec563dfadbe1b39e3ba4f5994a41fd868f1dc06faa9e2369f6126fc217de038611cd37d3b80b3e5958d479d5bcdb68754212b9f96923dfc516b155bf0

Download Submit
/data/data/com.remennovel/databases/novel.db-journal
Filesize
8KB

MD5
47a3ccea7e76b2f83bc0d8660d120155

SHA1
bf6645ffcb4b53750399d7211b572a6f1df5d9e4

SHA256
d91b3a545a8ffb6c3fe193e8848c1bd0969b3dcf0ee27094444d23943737754f

SHA512
a410d99aa5bfa698e041ad7269d272088bc2242570466ca4c406de3e9ea8bc7fd701e04e993b05dcc8dd71bed730b5a823fd89ce2eea83153aef6171aa6511f7

Download Submit
/data/data/com.remennovel/databases/novel.db-journal
Filesize
8KB

MD5
f32e484e7cb3d007977106185cf957ee

SHA1
42180755d4d2a45ff8257fb26f8c8b78face5266

SHA256
1a2bbf6f16b4288f1cb126b93f6adb2eb082f223e4e6ff3f88b444bba702c43b

SHA512
b7c21ae290da71cdc13b26850e03d3fa24d80313996f87b65ff2b58475edf38e66f45846c5730f93ccd052e004bcc2d0506a4201e4982fc42b128224e9dced75

Download Submit
/data/data/com.remennovel/databases/ttopensdk.db
Filesize
40KB

MD5
0362ff8c522fdfde856794ec7129548e

SHA1
aeed20c7416c53f2ccf5c08ad2c5c4cd506c9ac0

SHA256
a9970743680fabda47cc591171cdde116d84014c399b5799113bdc59d75de29d

SHA512
fcc315662b8d22224ae5dee22d578ff9a66077939a19ff83058d5894bb1c4d8a648974bdbc6d5ebed5f8a35af0ba0ba4d6c666c27c7621c07065ebdcd5c01857

Download Submit
/data/data/com.remennovel/databases/ttopensdk.db-journal
Filesize
512B

MD5
a03aa251f9430430b71b1b968fc1c945

SHA1
1719bf9ce91b9240a165a670eaaba57a0dd0f4d2

SHA256
f132e0b22162c020a2bd6b7b8bec905c21c52dd54d38c937dc9eacac79d2362f

SHA512
d95e371fad985880a6c966b91a71be33dc0c3a2278eb5f58c52c47f02b4dcbe93e3d788807f16b5a30efb1e9ebb9c390535929cca4d4be213e963fe7142a0d01

Download Submit
/data/data/com.remennovel/databases/ttopensdk.db-journal
Filesize
8KB

MD5
2a78e6c1e04840127c8b1dbad3aec729

SHA1
0b8cdc899c313ed69cc7fb1fd74fffed07150718

SHA256
f85e6602bcbf27c8772be7338c4f916af910675367f89ca7bc9cc0fa8b8bb59f

SHA512
32a93ec473abe123dfdd444b51ba76011f1af7607fce103bf157096cfa4a97e63d11052fc2159786f6a9022f3970515c15d0c9b6eaf74b1224bd0000d7c20ee7

Download Submit
/data/data/com.remennovel/databases/ttopensdk.db-journal
Filesize
8KB

MD5
75283e6436d44ce190df337981f5f479

SHA1
d623e56b94b54ea15b992a1cdab513741bb13544

SHA256
e19626f504cafaf8c57ecfa22fc04f3d15fd954b39e06b4a43649ad103f515b8

SHA512
617c5bcc8675ee19dd39cd60726a2c3d5ed1a2adaadd112d3906faf0b3ebc7a396773d0dca0a5d264bf8cf7742e32da020836e4cd1d2483caaa6853abf5751a8

Download Submit
/data/data/com.remennovel/databases/ut.db
Filesize
20KB

MD5
0f39b3e5801c74f4608f4347f15d52b8

SHA1
b6cd0dada2a34467570f439cfc2be19b78cfb73a

SHA256
bc203d02bdd554fd1f46fe56480181eac992238d9c0d02f55197bdd080eb1996

SHA512
e053a66c7800e860151c0b8a947fe41d08af960cee5f1448ad00827b2990d97d4248e07549136531e12154470e5f347418525a21c6635f923bf74026ce120042

Download Submit
/data/data/com.remennovel/databases/ut.db-journal
Filesize
512B

MD5
0112212a1daeff2c08c9cd37a3034e0a

SHA1
e3826a27deb23d8ad569b1fc5094db774f26bd71

SHA256
8c81bb861dc99bb974de8f1dafb17caad8d126330fb66ec6a9fb8f0106a05e7b

SHA512
2f9033d0f28cd30a340905441b3fd0f48197778fee92bd1444b60c12a39b1226ae9ae4852c9d88896f35a797ef37cdfe2758508eea51ff08e6ba429fd17d0de9

Download Submit
/data/data/com.remennovel/databases/ut.db-journal
Filesize
8KB

MD5
015199a40c46ce5ee34409bc4c798277

SHA1
41e16652bb441e3b6dc9c27fb6b495690b34d7a2

SHA256
a9156dba4b174a00de50eac68e757a38ddbe4f38a79b37bb69a530c211e51a75

SHA512
86d6619edd60b7b95ad963f7681f91ddca6934b9442b86fc402119aea3f2b86af945cdbefd3058fcfc64a5958f789c02e0306d5cb9ffb5e79c8a1e808a11e954

Download Submit
/data/data/com.remennovel/databases/ut.db-journal
Filesize
8KB

MD5
cd464db03493a1879b7e9ae4b6618c8c

SHA1
bf812d936400b81fc4a8fe8f1975aeee20b3753e

SHA256
95201d373c226970f2a0232890427847e3174b5ba4c1cc56a1c19ec95290650d

SHA512
28a128bda2b82e115e0e7f0624a3dc299e479fb27487b39458840430319c315775b79499dfadd9c9e19f720b1a75a2e009a3c25458347eef4a80947792778a14

Download Submit
/data/data/com.remennovel/files/.jglogs/.jg.ac
Filesize
32B

MD5
6888acfa6e15277f24db22de89b48da2

SHA1
8502f372a618ee18daab660a88b7230fd637167b

SHA256
436b2e4757de530304419b34fa732fc97db5a8679179c00899257fcf8a90dd65

SHA512
58ec1b76269066ada3b9064ec94352224641eb581f1bffb83b5a783ce09284f648b6e1f84814e10594519f4daa8469ac417a93c2391d00d97df0036a84fbe4c0

Download Submit
/data/data/com.remennovel/files/.jglogs/.jg.di
Filesize
348B

MD5
12bd8801b04f0249e3ee9bbbed3fee5a

SHA1
944acae17450d028ac41b6712913041069cfa04b

SHA256
9466515e4f56be42e99b4dfc003ca67f6701d18e8bd9d43d0619c76d57fcbd43

SHA512
14193bf0f5b4fd2dc79c1630db4cef7135dbcebafde03b774023a9938d8d73cffea8932700419b137272ac70093eeca6e22500a9d10c574787989a2180c0e109

Download Submit
/data/data/com.remennovel/files/.jglogs/.jg.ic
Filesize
32B

MD5
0ae7d5dea6685a91848d93d3dbfa0055

SHA1
a926cb2f60fe1da69c8abda334f813f72ab6b600

SHA256
4c1117fe7dbf8777d610909cc229eb473d9194c4abaa8a1a7e88f8545a26402f

SHA512
8c73c212f14779d6aefa1c3b6e7d48ce15bc359d32254e9c8d97c35d9ca1368b725d43ab2fccc6e58437489ab574d642071b631238c3fd256d4f579605a6cab8

Download Submit
/data/data/com.remennovel/files/.jglogs/.jg.rd
Filesize
32B

MD5
07844c1d1d5370d775c6415356d77568

SHA1
d7ca48e57c3f4718c2dab528e67966ed7ebcbd55

SHA256
5fd3e99884618509d6ac7094d32f2b1571febef57cf84f89ff646a954e9737b2

SHA512
b15f23c99937e726bdaa1100bc6a2cc32296ee6eeed280e44f285700570865b96a7e9ce20dcb1723ba948c43551660dc3d43cda7a51167aabc60c797c51d1b6f

Download Submit
/data/data/com.remennovel/files/.jglogs/.jg.ri
Filesize
314B

MD5
64858453d0f8c497bb38e2fa7cedf40e

SHA1
2ac39aa782697c5b1ba95385616328ca4af4fe0f

SHA256
1b7dfe33499747ce20ed68a7a3d815fe2b11d29b0744dc47423d4b547d72179e

SHA512
41996171098c2b19bfbce7d3ca576942ccdc4a53f6ecfe07b59ea350ef0625052e0b86c6233325d3430de5a17319916b79a36dc8e364fabadb47565041e39b9c

Download Submit
/data/data/com.remennovel/files/.jiagu.lock
Filesize
27B

MD5
f4b175a711dd83105d1f5c9f72dc1999

SHA1
f14fc824921347d57f84d28e637aac2990626f5f

SHA256
a2770280cb47c65be8c5b874b9b5f352acc8a58afbd7a2eaa7c0efffc5199d91

SHA512
972784cdac4728e163b68347999b53f1d9868d011149111275aeb90b8b7490f38af9ea765158da4272d5b819b24ed9aa4816637dec5fe00f36d4e19073e1f679

Download Submit
/data/user/0/com.remennovel/[email protected]
Filesize
6.3MB

MD5
06277f75e0a4e4f5bac8b5df7cb9c32d

SHA1
96325388e21e14f66d6b212e40052ec6d80d0a06

SHA256
5a5cd0f76f87a871c43af6a05d5130fd555ffee180edfa4154555cc06d18e920

SHA512
bdfe647815235c202fda90f9edffe29b42043b86ef604a900610a309f742403216654eb841a03a8b6b12067abbacb62b0fdeee1628d53a8c30e7eb75879dd7a6

Download Submit
/data/user/0/com.remennovel/[email protected]!classes2.dex
Filesize
6.9MB

MD5
9df7daf1611e81cc4f576d622e0eff5f

SHA1
eb70ce4682dfbb61cabceb55fb171e05610d8464

SHA256
7f99f82a8b1dad43441ddad3a2925d4469bc0042fd7234d3fcee44aa5677ef97

SHA512
82898ff96522e4f282970decce8716b5452fe1435e44bc849c41d8763444fa9dd7f4147454f85316453c082f0ef02f8155452609da05a21a467136d6c46b8c5d

Download Submit
/data/user/0/com.remennovel/[email protected]!classes3.dex
Filesize
4.1MB

MD5
49230c3c73b4cb8d5cb84987edffc290

SHA1
ab1480997792da94b2a970c52c97fb271ce98683

SHA256
a3255ea611b63f2599d3f217a23ec0fec39227dd169d5fdf69753f93698b776d

SHA512
429a302e7eb1df3e7e9844f981e6dd2ad3fe30d1f89401311b58354ae06bd21fe940492873e3c6cc7e2e704141402c5fe69cbdcefc9f3f8039d98cad6c8453be

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
673ebd85e5e3d0dd9a7bf9f071250334

SHA1
b8a1783d41ac39578d62e27ef3cfef9373becc1c

SHA256
87d97bed467467d01c4bf8042979b6c3856a222c15d3604dcb35974e3a04df6a

SHA512
eca171f7efc4ee290aaa56be9039c9e0ec11f7ace7956efb19fa6cce1ec90f6c7a478601176580dc2d6a5d18fd687d9458efded680cb3db3ffeba894be8c2930

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
3330ce3c4be70521ac58504a7fa6c753

SHA1
49aecedcfcbf8b86466439a1c49eebd3f424805c

SHA256
af7593b55acaf8ff422f72b86721b3a4138d1b5ccda6304091b2c84459dc60b8

SHA512
ef0bd67afdca8e113f47ddc20d0203e4a8cb817b0690db2d89056208aa7601c189f8bd17fcc7ca74b95306cc454f92fa74bd0f6a831ccaebfb5f9b62fe6fe4c9

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
4a5e583e065ab5f8ad91e1081755d7b8

SHA1
65086dc809d0e8954ebf5a42b287520d53162d5b

SHA256
6670c9c3c2cadc131c2cc709d51187bf5cf7cbed103f8cbc128efcef95699a13

SHA512
e4b362e81b97c7169a4d6d82ace60ffe221e5ef8bd36a962a1596f3cd892610a216d4f213f32d0c969ce21a48651b0b806e08e5e27fea96092e2dda6d398b954

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
44f8c1fe209dd68fd45e9d1af4b73f3b

SHA1
7207e31cbd1b64c4d688213a88b9156ab47d6128

SHA256
a84985f7e6392e79ea12b944913a9041df465a71403f2691804bedcfeaad43a2

SHA512
e2419266460fefcd237fd34471c0e5541e8cb4c513687853cae71bf8a4fe18501d9b7166e3b2c670c99634d76bb45af15620be2bfd9bd0c04f08d09b75d2e22c

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
7a4b693770f6c6c1f9ec3d8b8e0fc870

SHA1
d897f704a93e8ad464349f1e267c69964b49b96b

SHA256
4a62cbc67ae7f1e38c9053aff2a9bcc515dbfb8b2105c6abca5ded27632d7ccc

SHA512
18c7a491fbe41dd2fa19a5e3410d329c30baf9a43d9076fd405ed683a93dea865783441248aa94010e780f942e82ced5de1d614ca8a48daf299c9fcae29cd9a0

Download Submit
/storage/emulated/0/quanben/cache/uuid.text
Filesize
32B

MD5
e417956e480512b170377c63f47e59fe

SHA1
b658d95fd984e4dde68507f687985fd728263284

SHA256
1d87378cbd86c3462b45b510af49e459490ac19ad7db7b2c2a746ed80274cd64

SHA512
82da8877bf609f62c166dfa03b50002fe7000fe222c2e3979918f60b3c89d30db08ab3f9b390fa5b2a039d553a3806f1ca2215ad282472786f1212802ded9edd

Download Submit