Analysis
-
max time kernel
178s -
max time network
187s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 09:32
Static task
static1
Behavioral task
behavioral1
Sample
66ce89a1886bca71e5aa5bb6a74ab459_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
66ce89a1886bca71e5aa5bb6a74ab459_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
66ce89a1886bca71e5aa5bb6a74ab459_JaffaCakes118.apk
-
Size
29.9MB
-
MD5
66ce89a1886bca71e5aa5bb6a74ab459
-
SHA1
0037521d070b95a1736bf521436597119c391282
-
SHA256
cfad957a90fc93cecd4f9471f6c20abafabe7df6c7f6d3930c10d4483f605339
-
SHA512
2d7f45697ecc227471e1eac4f3c97fe1b200b9acc0be8fd164a1758ffca2ac81b4651432895feded3254177327f38c67aad3d58c2a7c6bba0bda17f4cb6ba182
-
SSDEEP
786432:Egu7+NXmcFbfwxE79CV1/Myqz3HwYNrUayPLhT4g7Y884LBX2:6O2cJ9uEyyQYFoPLhL7Y8f2
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 10 IoCs
Processes:
com.i_banmei.yym/system/bin/sh -c type sucom.i_banmei.yym:ipc/system/bin/sh -c type sucom.i_banmei.yym:pushcore/system/bin/sh -c type su/system/bin/sh -c type suio.rong.push/system/bin/sh -c type su/system/bin/sh -c type suioc process /system/app/Superuser.apk com.i_banmei.yym /sbin/su /system/bin/sh -c type su /system/app/Superuser.apk com.i_banmei.yym:ipc /sbin/su /system/bin/sh -c type su /system/app/Superuser.apk com.i_banmei.yym:pushcore /sbin/su /system/bin/sh -c type su /sbin/su /system/bin/sh -c type su /system/app/Superuser.apk io.rong.push /sbin/su /system/bin/sh -c type su /sbin/su /system/bin/sh -c type su -
Checks memory information 2 TTPs 4 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.i_banmei.yym:ipccom.i_banmei.yym:pushcoreio.rong.pushcom.i_banmei.yymdescription ioc process File opened for read /proc/meminfo com.i_banmei.yym:ipc File opened for read /proc/meminfo com.i_banmei.yym:pushcore File opened for read /proc/meminfo io.rong.push File opened for read /proc/meminfo com.i_banmei.yym -
Loads dropped Dex/Jar 1 TTPs 17 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.i_banmei.yym/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.i_banmei.yym/mix.dex --output-vdex-fd=57 --oat-fd=59 --oat-location=/data/data/com.i_banmei.yym/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&com.i_banmei.yym:ipcio.rong.pushcom.i_banmei.yym:pushcoreioc pid process /data/data/com.i_banmei.yym/mix.dex 4312 com.i_banmei.yym /data/data/com.i_banmei.yym/mix.dex 4381 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.i_banmei.yym/mix.dex --output-vdex-fd=57 --oat-fd=59 --oat-location=/data/data/com.i_banmei.yym/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=& /data/data/com.i_banmei.yym/mix.dex 4312 com.i_banmei.yym /data/data/com.i_banmei.yym/mix.dex 4312 com.i_banmei.yym /data/data/com.i_banmei.yym/mix.dex 4312 com.i_banmei.yym /data/data/com.i_banmei.yym/mix.dex 4423 com.i_banmei.yym:ipc /data/data/com.i_banmei.yym/mix.dex 4423 com.i_banmei.yym:ipc /data/data/com.i_banmei.yym/mix.dex 4423 com.i_banmei.yym:ipc /data/data/com.i_banmei.yym/mix.dex 4423 com.i_banmei.yym:ipc /data/data/com.i_banmei.yym/mix.dex 4461 io.rong.push /data/data/com.i_banmei.yym/mix.dex 4461 io.rong.push /data/data/com.i_banmei.yym/mix.dex 4489 com.i_banmei.yym:pushcore /data/data/com.i_banmei.yym/mix.dex 4489 com.i_banmei.yym:pushcore /data/data/com.i_banmei.yym/mix.dex 4461 io.rong.push /data/data/com.i_banmei.yym/mix.dex 4461 io.rong.push /data/data/com.i_banmei.yym/mix.dex 4489 com.i_banmei.yym:pushcore /data/data/com.i_banmei.yym/mix.dex 4489 com.i_banmei.yym:pushcore -
Queries information about running processes on the device 1 TTPs 4 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.i_banmei.yymcom.i_banmei.yym:ipccom.i_banmei.yym:pushcoreio.rong.pushdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.i_banmei.yym Framework service call android.app.IActivityManager.getRunningAppProcesses com.i_banmei.yym:ipc Framework service call android.app.IActivityManager.getRunningAppProcesses com.i_banmei.yym:pushcore Framework service call android.app.IActivityManager.getRunningAppProcesses io.rong.push -
Queries information about the current Wi-Fi connection 1 TTPs 4 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.i_banmei.yym:pushcoreio.rong.pushcom.i_banmei.yymcom.i_banmei.yym:ipcdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.i_banmei.yym:pushcore Framework service call android.net.wifi.IWifiManager.getConnectionInfo io.rong.push Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.i_banmei.yym Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.i_banmei.yym:ipc -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 4 IoCs
Processes:
com.i_banmei.yymcom.i_banmei.yym:ipcio.rong.pushcom.i_banmei.yym:pushcoredescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.i_banmei.yym Framework service call android.app.IActivityManager.registerReceiver com.i_banmei.yym:ipc Framework service call android.app.IActivityManager.registerReceiver io.rong.push Framework service call android.app.IActivityManager.registerReceiver com.i_banmei.yym:pushcore -
Checks if the internet connection is available 1 TTPs 4 IoCs
Processes:
com.i_banmei.yymcom.i_banmei.yym:ipccom.i_banmei.yym:pushcoreio.rong.pushdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.i_banmei.yym Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.i_banmei.yym:ipc Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.i_banmei.yym:pushcore Framework service call android.net.IConnectivityManager.getActiveNetworkInfo io.rong.push -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 4 IoCs
Processes:
com.i_banmei.yym:ipcio.rong.pushcom.i_banmei.yymcom.i_banmei.yym:pushcoredescription ioc process Framework API call javax.crypto.Cipher.doFinal com.i_banmei.yym:ipc Framework API call javax.crypto.Cipher.doFinal io.rong.push Framework API call javax.crypto.Cipher.doFinal com.i_banmei.yym Framework API call javax.crypto.Cipher.doFinal com.i_banmei.yym:pushcore
Processes
-
com.i_banmei.yym1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4312 -
sh -c getprop ro.yunos.version2⤵PID:4356
-
getprop ro.yunos.version2⤵PID:4356
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.i_banmei.yym/mix.dex --output-vdex-fd=57 --oat-fd=59 --oat-location=/data/data/com.i_banmei.yym/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4381 -
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:4633
-
com.i_banmei.yym:ipc1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4423 -
/system/bin/sh -c getprop ro.board.platform2⤵PID:4562
-
getprop ro.board.platform2⤵PID:4562
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:4755 -
/system/bin/sh -c getprop2⤵PID:4848
-
getprop2⤵PID:4848
-
logcat -d -v threadtime2⤵PID:4974
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:5002 -
/system/bin/sh -c getprop ro.miui.ui.version.name2⤵PID:5068
-
getprop ro.miui.ui.version.name2⤵PID:5068
-
/system/bin/sh -c getprop ro.build.version.emui2⤵PID:5137
-
getprop ro.build.version.emui2⤵PID:5137
-
/system/bin/sh -c getprop ro.lenovo.series2⤵PID:5214
-
getprop ro.lenovo.series2⤵PID:5214
-
/system/bin/sh -c getprop ro.build.nubia.rom.name2⤵PID:5289
-
getprop ro.build.nubia.rom.name2⤵PID:5289
-
/system/bin/sh -c getprop ro.meizu.product.model2⤵PID:5363
-
getprop ro.meizu.product.model2⤵PID:5363
-
/system/bin/sh -c getprop ro.build.version.opporom2⤵PID:5476
-
getprop ro.build.version.opporom2⤵PID:5476
-
/system/bin/sh -c getprop ro.vivo.os.build.display.id2⤵PID:5566
-
getprop ro.vivo.os.build.display.id2⤵PID:5566
-
/system/bin/sh -c getprop ro.aa.romver2⤵PID:5623
-
getprop ro.aa.romver2⤵PID:5623
-
/system/bin/sh -c getprop ro.lewa.version2⤵PID:5672
-
getprop ro.lewa.version2⤵PID:5672
-
/system/bin/sh -c getprop ro.gn.gnromvernumber2⤵PID:5723
-
getprop ro.gn.gnromvernumber2⤵PID:5723
-
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version2⤵PID:5774
-
getprop ro.build.tyd.kbstyle_version2⤵PID:5774
-
/system/bin/sh -c getprop ro.build.fingerprint2⤵PID:5822
-
getprop ro.build.fingerprint2⤵PID:5822
-
/system/bin/sh -c getprop ro.build.rom.id2⤵PID:5870
-
getprop ro.build.rom.id2⤵PID:5870
-
io.rong.push1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4461 -
sh -c getprop ro.yunos.version2⤵PID:4653
-
getprop ro.yunos.version2⤵PID:4653
-
logcat -d -v threadtime2⤵PID:5047
-
/system/bin/sh -c getprop ro.miui.ui.version.name2⤵PID:5114
-
getprop ro.miui.ui.version.name2⤵PID:5114
-
/system/bin/sh -c getprop ro.build.version.emui2⤵PID:5188
-
getprop ro.build.version.emui2⤵PID:5188
-
/system/bin/sh -c getprop ro.lenovo.series2⤵PID:5264
-
getprop ro.lenovo.series2⤵PID:5264
-
/system/bin/sh -c getprop ro.build.nubia.rom.name2⤵PID:5339
-
getprop ro.build.nubia.rom.name2⤵PID:5339
-
/system/bin/sh -c getprop ro.meizu.product.model2⤵PID:5436
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:5462 -
getprop ro.meizu.product.model2⤵PID:5436
-
com.i_banmei.yym:pushcore1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4489 -
sh -c getprop ro.yunos.version2⤵PID:4641
-
getprop ro.yunos.version2⤵PID:4641
-
logcat -d -v threadtime2⤵PID:5020
-
/system/bin/sh -c getprop ro.miui.ui.version.name2⤵PID:5089
-
getprop ro.miui.ui.version.name2⤵PID:5089
-
/system/bin/sh -c getprop ro.build.version.emui2⤵PID:5161
-
getprop ro.build.version.emui2⤵PID:5161
-
/system/bin/sh -c getprop ro.lenovo.series2⤵PID:5241
-
getprop ro.lenovo.series2⤵PID:5241
-
/system/bin/sh -c getprop ro.build.nubia.rom.name2⤵PID:5314
-
getprop ro.build.nubia.rom.name2⤵PID:5314
-
/system/bin/sh -c getprop ro.meizu.product.model2⤵PID:5389
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:5415 -
getprop ro.meizu.product.model2⤵PID:5389
-
/system/bin/sh -c getprop ro.build.version.opporom2⤵PID:5508
-
getprop ro.build.version.opporom2⤵PID:5508
-
/system/bin/sh -c getprop ro.vivo.os.build.display.id2⤵PID:5584
-
getprop ro.vivo.os.build.display.id2⤵PID:5584
-
/system/bin/sh -c getprop ro.aa.romver2⤵PID:5641
-
getprop ro.aa.romver2⤵PID:5641
-
/system/bin/sh -c getprop ro.lewa.version2⤵PID:5691
-
getprop ro.lewa.version2⤵PID:5691
-
/system/bin/sh -c getprop ro.gn.gnromvernumber2⤵PID:5743
-
getprop ro.gn.gnromvernumber2⤵PID:5743
-
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version2⤵PID:5792
-
getprop ro.build.tyd.kbstyle_version2⤵PID:5792
-
/system/bin/sh -c getprop ro.build.fingerprint2⤵PID:5840
-
getprop ro.build.fingerprint2⤵PID:5840
-
/system/bin/sh -c getprop ro.build.rom.id2⤵PID:5888
-
getprop ro.build.rom.id2⤵PID:5888
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
PID:5920
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.i_banmei.yym/app_crashrecord/1004Filesize
234B
MD5667eee6c7c3870d388e988c609752430
SHA15e8ddfbd2fba2abaac66ad93d2b17eb6a04b4203
SHA256caedf0affcad5a57da94aae16820f8c228cb2baa72d7a31372c25e4c94d01c31
SHA512044dc1ae5ad8f73893dd4e03f82aca25e29b6d4b3b305836f7d14178b6031d944217a4c30dd24c650ed05a725ce14b34e8fa7a5f827f8bab1c692eca3fcb5a9b
-
/data/data/com.i_banmei.yym/app_crashrecord/1004Filesize
225B
MD5fa7040ead8826f4864ca727488e800de
SHA119aa9d10729ea550d391331860469c767af73a5a
SHA25671fd7e3a59455a6067baea5295e917e4904b4a96ef4a72255c4d7e40d8e8369a
SHA512921f1e7cc2d18f74fcc1eed153a2f271bb05aa4e9824e4b043aa74c596be0cbbf18c2b874d6940b8b78c5dbfeb611488bf232b042475e5138eba1d506675fe53
-
/data/data/com.i_banmei.yym/app_crashrecord/1004Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
/data/data/com.i_banmei.yym/cache/image/journal.tmpFilesize
229B
MD5509cc92dee7001bc63f2c5039c105cc6
SHA1f0e32b56ed0f0d1df7b0621d5994e677ba699697
SHA256421a9b2eeb29e1d539cfa5785652634a29358106c6c19241e59bc625fff7c99f
SHA512488921bbf95e8208b791cdc099dd07c9020ced90885bb42c18d7281a15653232e39c74f78dfd749b7d209c4aed34801cfe706fd1b35e43488851804841613799
-
/data/data/com.i_banmei.yym/databases/ThrowalbeLog.db-journalFilesize
512B
MD50f5436719c1b51b1782c7ce990d91bf6
SHA13df7ad2aef8a7b606d71fe102ebaa4cbecbc5ed5
SHA25600b26242cd1a6c9ddc124662455729ed8c3abd79a30c992ac09a8f58160ac119
SHA5124448a88de0d7b6b8b061934cbee43b332f64495908820977596d2b9848a95f0dbc055dc8e640fcb1d754a74debe14c0f503bb85d5ad52c479f016899a5f63ab8
-
/data/data/com.i_banmei.yym/databases/ThrowalbeLog.db-walFilesize
32KB
MD531e3430fc89708f2613353bb850ee5c4
SHA1bfb23d01f1852e61195fe2faffe5b686adf241d6
SHA2564481b23550033804996321339d5867f64b8364ba565d006a3538dd3f346a7bd4
SHA51259bf8412e774d77c7eaf9e7c40adfc784e8287f16203cc304e45b3a3eb8fc7dc61f2f966efaa2d028a3eb311d6a5feb0e5a26260367edef21ac50feb30d2b8ee
-
/data/data/com.i_banmei.yym/databases/bugly_db_-journalFilesize
512B
MD517fac16e3b517638dc386936121db747
SHA198ff1468d9d14b58fca09d3af7bca426d02b8a52
SHA256a56c99cc685d92ca91d000197b3417510d8408f6a9a0e3643bd48788a372b1c5
SHA512409b42d46ad9b5a10330b422980af494d0c2125bce26a71d79e6d6678296a20bd7c4f78c8e236255205288bf090934ba2eb0770f78a2b71e84b409aa8c0cfbbd
-
/data/data/com.i_banmei.yym/databases/bugly_db_-walFilesize
96KB
MD5e9e4f9cfcdd21c4e6d742f36bb61358e
SHA1e3320f39c8b12847e4f4199b7da1a6ee1500e0bf
SHA25658e7d7b2a7851d4661e629f100b198e0de55e178ccfc048b23f16b421c64cab3
SHA5126b390368fa7650d73f093eea0992f82cf2ef272d6ffb0b5ee26d425370f03d4d47693278889301ad2f85eb01d43a153c6ec556ae109ed262abe05481e2b77e1c
-
/data/data/com.i_banmei.yym/databases/bugly_db_-walFilesize
76KB
MD5a8b43551f90c9b94bf00baae8f5322c2
SHA15326a7a471383bd0bfc7a059cbcebc70a3472929
SHA256d8e61a2e60592960820a4e9208b690346854a77c86b3b3613799a98fdabd252e
SHA512efedf111b6bd49f5fcbd4ede17b152fc602ed467fa1f8fd1aae2aff38f0b9f2f79c6c92daeb23ccb08426a513d2f84934e1be1d1849587a96582ec0665af88ea
-
/data/data/com.i_banmei.yym/databases/bugly_db_leguFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journalFilesize
325KB
MD53d3edecef29fe57d8e8fdab5e54ff3dc
SHA18a1e402438630b319e589d86f9cedc842e8d4c25
SHA256ecc8e37a5097cc8845c63bf65789ac5cab23dd6b39bd75584ba76139310a5ec7
SHA5128dbf55e182fb39c4ec99b8c6dab0791783d9f3dd06e2459fcf85585efaf4e052380a7f47c9640c3ca12e9c6b415fb13329f180e9bc787855ae1dd219a223805f
-
/data/data/com.i_banmei.yym/databases/bugly_db_legu-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.i_banmei.yym/databases/bugly_db_legu-walFilesize
92KB
MD5c31e66cf7e656139212183acde8908f1
SHA1439628f087df30fff2261b84a4abf8ad1b8820c9
SHA2563c5017c0554961897ebc1eeeddfb2737710814527710c4aeb099877402a41dd2
SHA5124f8ffe6e4e920b3af407c1741d46e3c2816eb703b22477fdca3ade11d5772cd9e0e2603aacc8c3bf4436bc62177a2f6deeeaa639cabe96706e1860224cbf52a0
-
/data/data/com.i_banmei.yym/files/jpush_stat_cache_history.jsonFilesize
346B
MD5061b513a2ac14493d631e091e373ce69
SHA1a81c69ea7d2dc64c4a723c29fec58f83342ebd49
SHA25607e1388010d97819c2b1e97db13bd94c688a8705ce5309e45701682f2e0de174
SHA51224cad5dae57f0ca6af2f565340465efc7ed1c980204c6804205929fb0f7d1d28b5912fbd0eb1de67ad9211e0ce9a8972cb2034cf450b14c4c7bed8391f302bd8
-
/data/data/com.i_banmei.yym/files/jpush_stat_cache_history.jsonFilesize
174B
MD592990d8304d1e40ca2ae8e04fd723954
SHA1a302cc75af0742cb757eddc33168d69d9085eefd
SHA256622ae57a1f6c21d04df937bc4c80962f3552a6448069c4396a2c68edcdfc928c
SHA512d1432f1400d2f06521c5c72fcc144d682e3aacd99f7a186346c247a802f80b77ea65d63f731dcfdd647f6e7a1629c7750cfe6808a96408c6893e6420562206cf
-
/data/data/com.i_banmei.yym/mix.dexFilesize
292B
MD563f77f99bd2c2b772a479923bde11974
SHA1c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA2564c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA5123aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c
-
/storage/emulated/0/Android/data/.mn_410185822Filesize
82B
MD5e8be01a3d651b9f955cbb28d7fe2f623
SHA104010f8b539c2e98c8d7b7752e9879547aa9dc0f
SHA25697f36bba6fac1a853fc47a62ed426b46325a58a209d20a7c232641ffba4e44f4
SHA51219eb61bf037bcc667e6a19773beee13011faffc9a5f8efffebddeb5e27e017bc47f26e143de5e9f471668bdd9eb445fb85afda410b065f0d3ae323169ba4b34f
-
/storage/emulated/0/Android/data/com.i_banmei.yym/cache/uil-images/journal.tmpFilesize
112KB
MD59f25d69a1f9ce806880f5226b401e998
SHA10ebd2513e8d027049f8250408d7e7a238a1d81fe
SHA25687a6aa4280b4c20bb07aff7e6f5bd6a80ee9cc591ed3b8e7744b589dc0885a20
SHA512a4c3fadbf6698cffa948d4a7fb850de0f86f555bf55ad3d0d28b412e6c17513b015f3fac81f1f94951dd8e66a5f9d0bf66957883cbd98e540762a481c0af24b2
-
/storage/emulated/0/Mob/comm/.diFilesize
22KB
MD52966512d639fd26c77c8aa20251ea21c
SHA1a6ff9a1078ef9b9ddc6b26a785800e53f1f39bca
SHA256fc4f13aa25e18876dd379d578e7a37de1252171ca3e30a8bab6ded087b06733c
SHA512d30c9c0262ce40b5c49de5de96cd2747d20a12c97b525b8ea7d3d2cf4d090eed3277db75e072143344082ee586b406de186a9fdddca64b49cf28392412e13fc5
-
/storage/emulated/0/data/.push_deviceidFilesize
32B
MD5127a59ce6c095a7c89d515bc27d91fec
SHA196bb4c10f1070b2becff0a31a2fe2a14ac4c3ef7
SHA256fb381ceb5ffe4c13899e015e328af07dff84477bfc7601e95596363a7d96cf50
SHA512a7be8fe3204402f260ccaafec8534b143c72680471b3accb79b3deff3e7d5f759911336d155a8cfafd84643f30aa306a09b2c9911d644da5ed4709ca443b6b28