Analysis Overview
SHA256
2ee5d631fba4f70586a7a95381af68048176f2f5f411d28ca459b1afcfc7eef0
Threat Level: Likely malicious
The file 66dadc1d34d399725a6ef5105aa19ea7_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries account information for other applications stored on the device
Reads the contacts stored on the device.
Reads the content of the call log.
Registers a broadcast receiver at runtime (usually for listening for system events)
Queries the phone number (MSISDN for GSM devices)
Checks CPU information
Queries the mobile country code (MCC)
Checks memory information
Loads dropped Dex/Jar
Queries information about running processes on the device
Makes use of the framework's foreground persistence service
Obtains sensitive information copied to the device clipboard
Reads information about phone network operator.
Requests dangerous framework permissions
Checks if the internet connection is available
Acquires the wake lock
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-22 09:52
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to write the user's contacts data. | android.permission.WRITE_CONTACTS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to monitor incoming MMS messages. | android.permission.RECEIVE_MMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to receive WAP push messages. | android.permission.RECEIVE_WAP_PUSH | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-22 09:52
Reported
2024-05-22 09:55
Platform
android-x86-arm-20240514-en
Max time kernel
163s
Max time network
187s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/failsafe/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /system/sd/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar | N/A | N/A |
| N/A | /storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar | N/A | N/A |
| N/A | /storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Reads the contacts stored on the device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://com.android.contacts/data/phones | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
| URI accessed for read | content://com.android.contacts/data/phones | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.jb.gosms
chmod 755 /data/user/0/com.jb.gosms/app_daemon/godaemon
com.jb.gosms:com.jb.newswidget
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
com.jb.gosms:com.commerce.chatplane
com.jb.gosms:pushservice
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
sh
dd if=/init.rc of=/data/local/tmp/init.rc
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar --output-vdex-fd=175 --oat-fd=176 --oat-location=/storage/emulated/0/Android/framework/clrunpath/-936679160/oat/x86/meal.odex --compiler-filter=quicken --class-loader-context=&
com.jb.gosms:com.jiubang.commerce.chargelocker
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.3:443 | tcp | |
| US | 1.1.1.1:53 | goupdate.3g.cn | udp |
| US | 1.1.1.1:53 | conf.api.hk.goforandroid.com | udp |
| US | 198.11.172.76:80 | conf.api.hk.goforandroid.com | tcp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | abtest.goforandroid.com | udp |
| US | 47.88.91.115:80 | abtest.goforandroid.com | tcp |
| US | 1.1.1.1:53 | adpush.goforandroid.com | udp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | goload.wecloud.io | udp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | gosms.3g.cn | udp |
| US | 47.88.94.175:80 | adpush.goforandroid.com | tcp |
| US | 1.1.1.1:53 | adviap.goforandroid.com | udp |
| US | 1.1.1.1:53 | newstoredata.goforandroid.com | udp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | gosmstheme.3g.cn | udp |
| US | 1.1.1.1:53 | imupdate.3g.cn | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | goconfigsync.3g.cn | udp |
| HK | 8.210.132.106:80 | adviap.goforandroid.com | tcp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.111:443 | t.appsflyer.com | tcp |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| US | 47.88.60.195:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | api.appsflyer.com | udp |
| GB | 18.165.227.6:443 | api.appsflyer.com | tcp |
| HK | 218.213.248.178:80 | tcp | |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | version.api.goforandroid.com | udp |
| US | 47.88.91.115:80 | version.api.goforandroid.com | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| US | 47.88.60.195:80 | version.api.goforandroid.com | tcp |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 216.58.201.98:443 | tcp | |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | events.appsflyer.com | udp |
| GB | 18.244.155.123:443 | events.appsflyer.com | tcp |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | smsmarket.goforandroid.com | udp |
| US | 47.88.91.115:80 | smsmarket.goforandroid.com | tcp |
| US | 1.1.1.1:53 | gocurrency.goforandroid.com | udp |
| US | 1.1.1.1:53 | launchermsg.3g.cn | udp |
| US | 69.28.57.174:80 | launchermsg.3g.cn | tcp |
| US | 47.88.60.195:80 | smsmarket.goforandroid.com | tcp |
Files
/data/data/com.jb.gosms/app_daemon/godaemon
| MD5 | 4552c7c9430c1ed7bc43db1504909bd2 |
| SHA1 | 64559abfc0156d97612b843ebd10abf6d991660c |
| SHA256 | 2fbb7428b15fb54440ba1f4938b8629ffa62818053827baa0bf51513768a6d5c |
| SHA512 | 291f06ab3187df51bc2e0e419ac465f70e91b677d3c77ec6d56f004900e292490f9a359755afdbc3a215b8810206be24bfa3b7a68b164afda63e8a2041986b40 |
/data/data/com.jb.gosms/databases/integralwall.db-journal
| MD5 | 5edb9e893b2d84d0b4c5db60ee4e5aef |
| SHA1 | 158b5d5b9b8d3e167620540b0726f15f20e1d5dd |
| SHA256 | 435062cd98d1257b5664d5719953d6cc70e01e209929144a2fb09f3017b0594e |
| SHA512 | dca17efcb50c9ea52c9f4ccd69ec8aa083e23cdad3bf981f308f20287bdd55d8a66d8371d8444928357b775ce84359be5fff7767836cfe8512fb88252dae1a2b |
/data/data/com.jb.gosms/databases/integralwall.db
| MD5 | 7e4189412c0dbafcd4e25cabadb5ccb0 |
| SHA1 | a5ed140e60641f569ec04208d63be12a283d00d0 |
| SHA256 | f3b81221dafdd3bfd06641b6759f15a8708ce67b71d5ad1733b8bf9d1c61b710 |
| SHA512 | d56fc6d5d7e5e709f9a40e1d26e3b5cc70d1bb53955b640590e152429daf1c480de59f1d24b766bdb02ed12546f4d8f4a186869ccde3b0df16f2c9c8d553fbb1 |
/data/data/com.jb.gosms/databases/integralwall.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.jb.gosms/databases/integralwall.db-wal
| MD5 | 2f6adc3ec51344b2e1dd006393707aaa |
| SHA1 | e50885f1fe38a6ae6710d77209e48b83526c32e5 |
| SHA256 | 9ef6dc2ee4c7027d27074d327fb2f2ece76a8ba5fd499ae592fdf8df5df54d1a |
| SHA512 | 6dee1fb20a3cf7063b3d5ae3518b8cecca67b0aaa5f950a7d9741cafa7cce29b4aa63b4ed6a67cc0616f950908a18f72ebeef0cf28eacf1a2926355db3cae3ec |
/storage/emulated/0/air/as/statistics/deviceId.txt
| MD5 | 2ab0b1b4d7d163ccd26c2677e89b3962 |
| SHA1 | 94435072dfe71445a52cafa29c8a8451708410fc |
| SHA256 | cb8e0979900b043d40dade94134f4cf50af46b77b9eb1e9abf43495d76bff036 |
| SHA512 | 77838314e3ae0e089ff8cb80a5a6067f2deb0f953907a332f7864d33e16f02804e4a0b5e2cfe20a2c0edff326210502a3ad570c9c6147615de9bb322fc599602 |
/data/data/com.jb.gosms/databases/gostatistics_sdk.db-journal
| MD5 | 1b76bd7fbb14952198df32f9448ffca4 |
| SHA1 | eaeae09e3bc2e3ad0787464a28a13355749a0bfa |
| SHA256 | 6cac90bd83fb0edaac6ce269dc57883b5ac23c22f202561e99ae55ff2582ce51 |
| SHA512 | 5931a0420f9fd1af7611bee4a8b132a9169d91a023bebc5f30d41f2bc2e76cbdddac148182379f4dea9a7228f6df47aab742cbf59ae9c8c1f61e2418be249462 |
/data/data/com.jb.gosms/databases/gostatistics_sdk.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.jb.gosms/databases/gostatistics_sdk.db-wal
| MD5 | 5f7b93d19f3f1eda984b60e1f8a02efe |
| SHA1 | c43d8a318952adf98d14813d4d4b4708e32929b4 |
| SHA256 | 9900aae170f8f7d743eb4746cfc13a7387ee8fe42f44ec85f76c9a4d377ce6d3 |
| SHA512 | 38df5f07c54d8d4e792c48931e044e86fd91ad5221ee5f639530b525d93e5ee06d9312cdd61728d32bf155b076fbda405763644fc073a35d448755b564dc32f3 |
/storage/emulated/0/.goproduct/goid
| MD5 | 7324e0f223b3f9a55ba3ef22333025bb |
| SHA1 | f84812d7f59def35dfd111b0550d0746360dbc86 |
| SHA256 | 51ed56be74808594fc32c49cb35d9d61cdb2646db99903bb98c3b6673de4c835 |
| SHA512 | cbc2896805393a093a3c70a37c6b9faa3520b554d0f4b13a330f43360ffdbb12a95ca6abbc46936adbdde917795925132a37ba3fac1e631f68447b47bd31d692 |
/storage/emulated/0/.goproduct/goid
| MD5 | e4dcf4e9f131c7249a35a2f3f231c30f |
| SHA1 | 4a7ca80372add437dcc7819f126e59857a2bf870 |
| SHA256 | e2d1f00f80c97bdbbb86d91dd7227ee75220de4f434aca5de95d7fb308205f6b |
| SHA512 | e2231144d551484d9b308ce36f834370cceecf3431e683b8beaf4349cb991ecbe9a76b50989123cb1edd2975c5c3391070d772736097c0cbdd7d7b33d153de27 |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | d6a69d89672ed269adb4c58f8270c9cf |
| SHA1 | f2d47c0e6279e0c4a241793af4ae04f85d10af48 |
| SHA256 | 30c291ade219241fba34c13e2e8b835e1dba4c51817c24290ed7f1a51a7fdb92 |
| SHA512 | a411371a0ae0e1c5e62dfd884e6b874ffabdb53ca46336e9b9d1f0554293433807b1db19d242f272978105cdb7dd738d08a1c58f08538255b7d7dfd41d46cbc4 |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | 51e207df2f80519a6924faf147571c17 |
| SHA1 | 028bbe0de3534e6eee553d56223f60f5e8a3d0da |
| SHA256 | 409871e58ed102f977e2cd9035163c12742ff506fa9ab7819f1f7434e9f0f396 |
| SHA512 | 3a9d850a88fb26b74f8932ac0a7cc014d4b41941240f76bae9df91fd43dffea975aed3bc4929f0ac840da113c8843214cef377ef3ba4cbe8988b08c69d5ed22b |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | 96c71d9ce18a19503f272df7b95b3e1a |
| SHA1 | db9587d63ca328e5d4d3183b9f5496507149d4f2 |
| SHA256 | 1877f7566e855ed45ceac7e3f5488d4ef91ab153db228c7ea4968492ba9932b2 |
| SHA512 | edcaf6c91009db5ad7766b1ae6016d49210919191a7de00a8d6674e6d3db1101979e0099425fdc7a8b7f281cc65c551d1b0ef72ce9cbaea223e5408125efa99a |
/data/data/com.jb.gosms/databases/messaging.db-journal
| MD5 | 3f8c2cb3666fec9ac9de608d6a97b8f2 |
| SHA1 | 5bc33f7ec3f9837fb40c1374cd2b25aa069a9fc5 |
| SHA256 | 3ad51f1bb9009b905e61529dc650d72bd3a53e88f5dd49eaa00572ab83549c59 |
| SHA512 | 21bc74609bb9d645df5c99ee7b2207769e9cc0fc76aa9a2c644fc6e7453e3a01c39098a8980eef31a4799ecb899535cca7eec208b519322465f3e9d85d4c12b0 |
/data/data/com.jb.gosms/databases/messaging.db
| MD5 | 60a940769dcf40259f3c36434a86313c |
| SHA1 | 1b77065b244c5389611c49861c1f3de72172dc73 |
| SHA256 | 42f77eb99ef7c69ab562766de8b7690fc8745dc5f9ffea1f220d8db2a3ae6b56 |
| SHA512 | 036f096d6a6b50b0a25ead1a2a6d28ef4aa8d68137827027b307464f6fc8f08a41af403770401cec8f37faee08723ac46aa7fb83bdc69ba01d38b40c1d6c2f46 |
/data/data/com.jb.gosms/databases/chatplane.db-journal
| MD5 | 3ee852d31784cf1fdc37cf8f77fb5f85 |
| SHA1 | f86b63b8a28a2fb215e9625a2b9bd464e81f4982 |
| SHA256 | 0256d67bfab5539f9505c7a25de246055466c47f2b27be89d3541124c25de071 |
| SHA512 | 8709705858b9ebf45ffd8432cfdb305968bdd95600018fa205e79150173c166883e561dcad069e46c80c8bed6331092a3c7a754f83671acceda17093b7e50dbc |
/data/data/com.jb.gosms/databases/chatplane.db-wal
| MD5 | 9e77203e2048e479bcd24292dd93505e |
| SHA1 | e1483caf4b95d2ad3d7d62de6b1fc49b20b7e4ac |
| SHA256 | 5728e62833476023faf1ba71d64e95ab8f9fa3ad10151b7b968ca18c79b15768 |
| SHA512 | 9e47c4e261fa509c5deca009d95aa0588fb0fda76edf3f2099fed0b5cf789525f2d091a644f5a71dc702263d03cb8b2b608e1cb6e077a8c470f81dc9724d6c02 |
/data/data/com.jb.gosms/databases/messaging.db-wal
| MD5 | 4aee50c7da66f60092a93c1ec7615bc1 |
| SHA1 | 6dae786465c2d3de81157e453330d71049bf0697 |
| SHA256 | f766a5bdda088f0b6759ec1ec2ae22ff71da7bb85e6616f02a75d46b7bc79394 |
| SHA512 | 62c2b727b13eed1d152a87d9db7bf358ad6394d7e055212e4d6ec758b817f4ee0cca6737e55f5ce57c10e6f662b39aff5038c3d7f699d2dace9f4903e46ba85d |
/data/data/com.jb.gosms/databases/gosms_subscription.db-journal
| MD5 | 1c397ff649b6491c15b4458c653f9c82 |
| SHA1 | 9387cd2606f243fef0d51ae90d1c8a6d202bc36b |
| SHA256 | b616dce323e5549628cd19afbdf9abbbe8866b5553d149fe1ad528c77f14de61 |
| SHA512 | 845fe05b6bdc1dfdd886fbb5fb0a405f35bdbe5db11786f3ac1bf15875f687e5028f015044f969ebf9884ec012906315f8fb49aba19bc300a15dc5fe61f7ff75 |
/data/data/com.jb.gosms/databases/gosms_subscription.db-wal
| MD5 | 03f2fc4b1892273c402407e1303bcbc4 |
| SHA1 | 5bb792c168c52fc9d3e7b76f00b87815f06fc8bb |
| SHA256 | 2ff0fa79a6d388cd6f69b5ca139168cbf22783e77c82acecc02c699ccaa724ae |
| SHA512 | f2cb93363ee2ef111ae7572377b130df329a3ecb8c4c135ac987a2aa534b9b5a39ebdf634202aa98b475bbb91bdfd0f9f0887decbef1d9c7129a16323f800017 |
/storage/emulated/0/Android/data/com.jiubang.commerce.notification/evasion
| MD5 | 01394c2ee6ba00687ee40a3c80a21b61 |
| SHA1 | 58c194ae193e49b47318877ce52e182b57f92b3f |
| SHA256 | d157877c190628783fa99f30d89de1653ba6e9be9cf24b135824d133d1a35c4b |
| SHA512 | 18076b7657ef034c6996aa21511782f1d55a05f50b8e0c9334c9a4cc9d533831574a348587c72f232552b3ed063b204362867458c563b234f67fde5484d7bcf8 |
/data/data/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | 213b8022509e6654a2a3dcc1554af63b |
| SHA1 | 1629a240aef8fc85e7c275ab86543d2f0bb3d2b6 |
| SHA256 | 47c88c8ae484a51d2f7d0685b75beb4a7f95a938b3f24044073cb3268d220db8 |
| SHA512 | e57ee23695fabc265037746c62b38b832ea77f97af8431cdda37d594d80fd8129c5c90c726a7383f5b4152238ac8849c19f24cb5c545e7fb0ae553e94494c767 |
/data/data/com.jb.gosms/databases/BgDataPro.db-wal
| MD5 | 9040f6488373de067e120b48e4782cf3 |
| SHA1 | 1065fa8e13f9647ea6d22937b002d10b581b874c |
| SHA256 | 00ddcb66a558e8fbd8b5be672feec4deea4ae78dc1d17ed86350f54e5c148ea0 |
| SHA512 | 3db03d40687fe692f2ddd7ad7f839f72297c16bc63cbac1f1fd3cb1f07659a59375bafa2bfeb7589705f7312acdc70a6852ae27338899d6175990e397b30ff35 |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | f0ce898a4c8957e697e6435ffc8a2ffe |
| SHA1 | 52a2fffc6dc54c12a04497dae426b3e5c6957f93 |
| SHA256 | 1cf46e875fd19742e0759dae16b6ea48122c050399c5f79d5459c34d37a33e8d |
| SHA512 | 8fba126f85b7d6d5448280b62259573272d9e6d03cd68e44e70d71a55f1cdb9a4a206e1686acde8c9048f458242c24f4cb0387a12ba720802e82c0d206b4b0ca |
/data/data/com.jb.gosms/databases/feedback_switch_db-journal
| MD5 | af7ba298cac2d3d5e11df9cd7e968a7b |
| SHA1 | 876da89a2179f2a551ef6292bf68d9b008c0a2b0 |
| SHA256 | 1a379369bdf1125babaebf427bad1d66240802c1558ed8e69bdd6f51401a0854 |
| SHA512 | 3041fe7aa103b231f10a05f6a3ac8d75022bf83653b86dc015870bc3482702d5fbd94d42ad273af25b84726e5c0b759e75e4e2ab15dc6bd513ae59eeeb39e8b6 |
/data/data/com.jb.gosms/databases/feedback_switch_db-wal
| MD5 | 8da51a40b665f327fe2448b5e80d39b8 |
| SHA1 | 11cd4e5715afab2e86615c06b54e38f34d134155 |
| SHA256 | c85e60ddfbfe4f8ddc2c275556283eafcf70e02f390d26f95eeb5f0dd71dcea9 |
| SHA512 | 3b87582f5f25c0b7360419f51fecd835e9aec1296becbad2a5e4e91d88ee4cae549c6a8d6cc5ddfba3e7ea3a3d9e629670a807a5e9697fa1a2a869cb84c8701c |
/data/data/com.jb.gosms/databases/Account.db-journal
| MD5 | bd1087f22923cd67122acc458a99691e |
| SHA1 | 159b2cfae66a206b4acf7626818bcd88318a3bd7 |
| SHA256 | a5e1a3e5a48dc78967d1a661c359acc72e8211d35bcbfa7f0511b981921b16b3 |
| SHA512 | 9da954deea49fbde451f31eede4d3d437258af82b571d03121ccc726a4cc5ff7e96f982792ea6d9d6e72d26b874578cda85553d6f1559c4894592f6e0d05c8cb |
/data/data/com.jb.gosms/databases/Account.db-wal
| MD5 | 042099261d6b589fc5e6ff6f23adc37c |
| SHA1 | de124f06d488d4768e5eb8d085131db1ac22ea7d |
| SHA256 | f55429fcc9902b5cba91f235b89a5328319ab248cb9f9f4545b8e520a5428c2f |
| SHA512 | 7a49361d3c4cd0c0f2ccfd25fe1f3d8789227e0d0549c7832063b37fdec770bab9c8dc4b2dec0867fc2c72aad93a9f9f7067fe82e1dd73c06b3dfa77e3ededb0 |
/data/data/com.jb.gosms/databases/schedule.db-journal
| MD5 | b60bd47f3ec25d7ec15ba5daa407cb6c |
| SHA1 | 9e9293114c032de099c5d52d3f93d94a3058720b |
| SHA256 | 6eec11e203db89e62e9a1154f22f4a6dcf9a478bd1d5f10ddf13588afb9291b1 |
| SHA512 | fb97264231b638bde1178b4497d9e631e1eafb81e70aa8c6090660639cb8fcd049ec7a43a2699a2fceea218c587d11764286a1bff584dd8b870d233cf0fb702c |
/data/data/com.jb.gosms/databases/schedule.db
| MD5 | 166791b75f1a03a45886bd100bc30ccc |
| SHA1 | af3cba25a9c684904f8791f942374472d283e61f |
| SHA256 | 58190a2b0dba3b7321a9397374ab3aa6be88c6d758088c1d421251090cee425b |
| SHA512 | c88ddfaabde079eac636d4cf3a2a87a77a319a65ac9c528d93310be82c473410edc762e342685fbe1d4469ef563fce3666bf8fabdd1d23edf0a92c716039491c |
/data/data/com.jb.gosms/databases/sms_interception.db-journal
| MD5 | 9decc6115b1369b6de35688a74224613 |
| SHA1 | 078c110bf49a4bb86a25162ff45be923aa73102e |
| SHA256 | 1dc499b0904898b98186cb5db498f9b430749f0ced34ba9f914482f340855c08 |
| SHA512 | 19e9ac2bac9bd3c267cf4551bdbf4ed407c75921439d9b6e78542f989fbb82093b751c63baba159e9362a0bb5c17494183d9d2a38850f61433cde9924fc7de39 |
/data/data/com.jb.gosms/databases/schedule.db-wal
| MD5 | c26768de20d8a3e4746d027b753ed1e0 |
| SHA1 | 20db3e5d93a29b4ea4899da490d0ec9bc12a7966 |
| SHA256 | 3352b08b2b6c5cbdadd30cb32bdf70a422d0eaa52f88396de70c7b9d2856f0ff |
| SHA512 | feaea48d898576dda7299603926ee6cccb3806f3a361c836337c0c8e4a64da33df7b0d50c87a38b52587721bc432819a904f6c5d4e84e009183be53ea5153bfb |
/data/data/com.jb.gosms/databases/sms_interception.db-wal
| MD5 | ccd96fae847ee94281640af1b2a1c410 |
| SHA1 | 49aa14032db0d1e0905e3e9e4029aa265838abc6 |
| SHA256 | 366721a0f01f794548d4c7ff72016d23e722e8bb9c483f16c9c7bcd46b38207c |
| SHA512 | 22f0168831e4e416bee8f57fb435ee2f1649d8801346b636b8ea1456af8448a15c39a77609fb30bf30a1e2dd2643d7c34068833c0d33d7007323619bd88584fe |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | 409cbc6c2abc1b7b345e04e1c6b7dd71 |
| SHA1 | ec3b26aefa80cf384de07c96a4242af556712163 |
| SHA256 | d5811cfccabce499d723b35b8335bdc60fa56a6c3892a1c8adb2a0df04de2ad2 |
| SHA512 | 76e91e2b0a98f3b006c937e0ceff4f2c34ab1049fd47998f48218088cc8105c7a1b8272a58ef9c03ff2cfe6a068fca036a142ac5519cd53b6f0b04948f86fd1c |
/data/data/com.jb.gosms/files/custom_preference.xml
| MD5 | 34ed87bb5a9296edd31123c7b5f023c2 |
| SHA1 | 95026f6e288b3404074660097d18a4e46c7eaea6 |
| SHA256 | 715f2c7b68ce52a57d9980bf0fdaf68549c8105b31b72a50e0caa18ab8f65db6 |
| SHA512 | 871790b6ff20ddba563b03e4d9aa25127ce3d5e07a3bedd953dcdb0ca08b0c04fe79370bcf663fee3f2a8352979f44840f82567cf7cf3caff6c5974558fc1891 |
/data/data/com.jb.gosms/databases/holidays.db-journal
| MD5 | c3a44ef3c18e929fad5b9535d16bf5cf |
| SHA1 | e173694f982c28adff493bb25c290a68cb1ce42e |
| SHA256 | 31cd2db21f3ce6369b1efd27bd0d6dc3d45f35870d40b22bbb3001d9cea0cf7c |
| SHA512 | 93a53ab31e1ca346b519cf0ac3d0a2e230ebc04d213493518101b0367b79fd53271435e080c589f080023e5f773cf6cd71eb200e28b1d510dc90b2e452506e45 |
/data/data/com.jb.gosms/databases/holidays.db-wal
| MD5 | a4d11ec74b5aefb92f4f4166fa9206e5 |
| SHA1 | 3673bfcaddcd38a886c11df9215b7a27d4fdccb0 |
| SHA256 | b03e6f3ff849f8b0fc0c248ad761ed9c297c4ae5c4cae72cb497ee867dbc321d |
| SHA512 | 576b502299f39990800b8a8bbd59e73767d782baa331802135dec74362df3c68db32128387e7693b3a66d6c0f8820a8b5860da6ba56868320887f8afd48b464a |
/data/data/com.jb.gosms/databases/gommssms.db-journal
| MD5 | 85e6e8630943adb5a4b6e4889672fe4a |
| SHA1 | 0597876c3be242b16fee4961300f68111ef75956 |
| SHA256 | 572186b9421add66c81583439c25647142a7e710e095b3a13a6cfbb62ce7b3c9 |
| SHA512 | 2ba2e845e259ea91a1af24fd9fa66903645af0c6280054c37a15b4d972eb6f4eb06461782316a557f56e2c8fb215a5a062ebefe9dffaa026858c09de6a3d1d80 |
/data/data/com.jb.gosms/databases/gommssms.db-wal
| MD5 | 3eeb8064cb2db4d7ad0f95a4423b1e0b |
| SHA1 | 5516dc2b6fbc6a069ee8985d51646cfca12771bc |
| SHA256 | d6db8cc3ad366bbdb5564412854016ba0c887dbb3ce06b22d96a547f7f78451b |
| SHA512 | 262782dd8b0db34c6e93e382caaa8dd37e3374c32cb5d6d851aa0f19851c7ea4d2ec4040e4507ac1029ebb9850dddcb6fc0c773adc5298d2061cf9922f586758 |
/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar
| MD5 | 704b581ff928e7a1c998fa6c98c0b3ae |
| SHA1 | c862400ae30e318ae3028f3dee5f7b52c19e23ff |
| SHA256 | 123398dbbe734a4a602e5f2172eba1c7ad3a015260620acc812bbbd10915ed6c |
| SHA512 | fddaa3356b23f7a6353ed2e55418143fb2412ea4b825d0d2ab9d6a15d50fab446332991fb3b2fa04542f8962ade82714708381dbfb612f44ccd109458b81ea49 |
/data/data/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | e2c300a7e236dcf398abc1d529131c10 |
| SHA1 | ce173d33205871d25c073861a34dddc29e54f7d0 |
| SHA256 | 7c23cc1a673c010917d33a235e8d5f8e0aae60c962acc6ef0b41641cb9c1d4f9 |
| SHA512 | a0cbc705c71adeae4c920b08deab27b45ebe96521af8e4ff0af2778d24fceb9751dd56e4fbb2c2329dceec62492ac18a9c788451e88b1fe1efe784f92a242cc0 |
/data/data/com.jb.gosms/databases/dynamicload.db-wal
| MD5 | 782ffeabfc5d7dfe21e4579207c23d8f |
| SHA1 | e54eecba572be7556d5ca261e9daa7b6e9b2a236 |
| SHA256 | 85aeb3956220098e2006595b1980247a34f993c02b19dc84ad1771b1df75180b |
| SHA512 | 0611d372c59c22dfd5fa6c52f02129f0ed21d44b24f21d9fda862a1d8aa6e90e9ec76c6951bbd99be36e43cd8dae061aec19689c309fcfab87731e07313bd5f1 |
/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar
| MD5 | 7ec711050cfc0bf2e0bacea44b5aeefb |
| SHA1 | def6ba686b06c854fe6290f6d1e29becaffe7dd2 |
| SHA256 | 03e61f7d7f0960666cde25b0952e1db32fcaf94f151b61da388ea40d54270395 |
| SHA512 | d652c916dfbcaed6adc8a510b3a5d4161beda4d2fb592ab8b7882a40fd3057be81c5b87c1a4ab77c3517aedccebe53ecb971d4e8c4bba97614252388234da69b |
/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar
| MD5 | c81984dd8784ff0ec3244f1880cf6242 |
| SHA1 | f374e9e7b273feb657305de1f9dcc85d1f22750f |
| SHA256 | 74ea0b606e5d608859d886d92d34b766eaab03f15fd4aaa0a513005be13ad0f3 |
| SHA512 | 375ecf4d637bfbdfb7c1ec7288331706ed46b6c51f2f42b1fecd54b3e568f7a1f1e4b25afb74b31b3709ebe39885f9b8c9d2107d4fbe87b87073bf59115b518e |
/storage/emulated/0/commerce/statistics/deviceId.txt
| MD5 | 9ce68fee17af4ebff224677379a85711 |
| SHA1 | 7689a9106ee27e226d50987c0d7648c349c16a0f |
| SHA256 | e1b5bce1e8e638901235e7760ee37a862c56d10bbcca1af3da3a1f160f7d5f5b |
| SHA512 | 3ca93eff3b0b7c4137edb57f86c4140be7c027921f15b5f2b69b17816cc6d9da5063a6edcadcbab2e67c6e0e446f3666877b77c4e3cf503798b9b3178424800a |
/storage/emulated/0/Android/data/com.jiubang.gochargelockor/hodler.cfg
| MD5 | 44ada8809c99b28706800bfd7c4ab311 |
| SHA1 | e81ede5c4681febf1dc7abb4edb1178c957b4596 |
| SHA256 | 80efbd587e6577eb60448edc104bd02b363b895d0f3c171eb9609ea5c4843339 |
| SHA512 | de6d70c0d84ccaa4cfc57baf8fd0967940a013a18175cd2ff039f80f26cd74f31429ae0546b40ad0332611319101e7e9fada088ad032e3c2c7a0468b488cbf65 |
/data/data/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | 14704055bcb52dd81eebcfcccfe2b65e |
| SHA1 | abfc0dff2023e7a6677d96a406874c42a0978a1f |
| SHA256 | 32565f020e1d724844a849e3788e2f494920ecd63b767fd1b4810f56efb628ae |
| SHA512 | c50706b7a873a4293b195942990c5af770186ecc3c1b1b4356170d7454e28a686dd4e81c0c177dd500aac2dd94cac491681d3a0e836f7bcbb3279ba225f2f380 |
/data/data/com.jb.gosms/databases/google_analytics.db-wal
| MD5 | c7afd3f533d28ec9a08f62eadf14386d |
| SHA1 | bfcc1aba784eb16d25f0843dd574229d0c387384 |
| SHA256 | b0523959790a49071d3f1caf1083c92360bea534a870fa0c1199271a3656ab61 |
| SHA512 | 35ba46c6322d4c8e34a709b4ca02d6bd01efa2abc9b52dffdbde77c8e31abb207ac2224c1ff44753f005ade874d7858a42a1b7e48d66326970e12546903c07d1 |
/data/data/com.jb.gosms/databases/MessageBox.db-journal
| MD5 | 5cd058144e4c213c8df55372296d4cc4 |
| SHA1 | 65535817a6458f5725dfc44dfbdc5b62cf2b196e |
| SHA256 | 492ab7eae864f96310f44b6dd3ad7cbe7b4e0f9264bf195ca69c80bb83a1070b |
| SHA512 | cda60a55e03dd0960beccc6d605dd770653f35b2857ec550736d52f965a2e6167c46e43736c217498553923a0984ac3818d27e18add5797d02e0d64961216d3f |
/data/data/com.jb.gosms/databases/MessageBox.db-wal
| MD5 | eb7b55ea6f072cac71ec424c046ce7fc |
| SHA1 | a393fc605445cb13de8404d97cf24359ede85712 |
| SHA256 | 58ddbd9ff804afb515dd5f49b5a5acebe44573b2b1484217da0e83a13798c93c |
| SHA512 | b5bf477c83199cf14b0818b8ade507d7d73c3fb5936f4dd30e8b5f8c9038c0fc56bf76c2c2c13a59d0f748ef1657bbc158d90705bce6cd513f1cbc96dc96467f |
/data/data/com.jb.gosms/databases/SyncHelper.db-journal
| MD5 | bb587ca0ec362cf32f728bbe3dcf9224 |
| SHA1 | a1394bbefe6c1806a840eb48548b93ac828394d7 |
| SHA256 | 35b2b2d09c7af75e5ddfde5e3692fe865c0da23810b2ce0c3fadfb2c71240b47 |
| SHA512 | a02628f8fd145835c363035b77a0da7175c46b8424ae395ab1f1ecdc00af041713a0242babae68d38862a410e86937aaac97d87e3fb18cc34bfd8b75db2e1e44 |
/data/data/com.jb.gosms/databases/SyncHelper.db
| MD5 | dced75f2a9a4a615575c50caabed6c3f |
| SHA1 | ffa810bc65891cca29dd16056490bfe6ba84e9ed |
| SHA256 | 1f0c373dba48d08bc5f842039ee20f96802ebcd9a76a430c2754c90f4a5db74c |
| SHA512 | 2f9dc56261c0a066131fb190be9202e959be126ff2eb7ea52c7c104fb3cc92d7aeb23cdda2fa73da010ad80788f2ffc4ab24ab02394c461459808f7614f04e6e |
/data/data/com.jb.gosms/databases/SyncHelper.db-wal
| MD5 | c4b271c50f919fae81af50ac3a1f8339 |
| SHA1 | 926e108d730aed5c4583125258dce6bd8c90685d |
| SHA256 | f6339b19bf61b1a26df9c7ceba18e33ca0d068486a0cc97342fe7f9311e2b8c0 |
| SHA512 | 84bd16c9b2ae4073d56174291b87a61271446fac19d12b6dbdb4969f57516a38b790d6175853d1af6be46d82be24d73df318f872a47b66b8ee9072c4e8c5acb5 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-524
| MD5 | 4e152dd6a9ede2c7fd07e23662ab334d |
| SHA1 | 82fdb3405507aa1eccc65f895e20a0f05e8fa35b |
| SHA256 | 1b81bee329794d8a489bca5b96ce01ac5eda460c4e43c3ba3863adbd2dbf1e49 |
| SHA512 | 226c4e757c842bb458c202e0c4d388f33b2fef3b4b1102fc8449621b8a31e6ee44622c844e9634fa4ce6da14c5318e86af56b0e53aa672d70327cace9fc75865 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/524
| MD5 | 2c015fc322042fd4d827468ef0e41761 |
| SHA1 | cf3c676788545c0909466ba542cb0cc540e898af |
| SHA256 | 7d12a71ba3f46da6ae4008bc297e2a4f0b71e60869fbf7f697979c2edd7be7a8 |
| SHA512 | 154caf5c6d7469ad61d125b160b078acd3bb1f6f0bf8a6bc580752d8d93fa3015031ababb243d34ddfc3d792ef9ab1c2c7a0c20f804f5427359a75a4d09b07d8 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-520
| MD5 | 3a59ffd5cd31b529878e8f0e73ea339f |
| SHA1 | 0d79d9dce81dae9168427383bcb4918d0ba49086 |
| SHA256 | e0010a60a20005312c8a531be225691afaf31adcfcaa27202132ef96914a5162 |
| SHA512 | 45dff4346a4a14bcbf7253e5cf9d887aea14b590f82d5a3d05086a3d793cbe64d83edc92abcbfbc6a9a05712a835145a5e7bc839172e87d236d9458ad60bc914 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-562
| MD5 | 99279d34e5db1e6585234972e30e07d4 |
| SHA1 | 2f9659be5da3b178ae2125aeeaded4e4fc612d98 |
| SHA256 | e0ea9f692c79168c4a3d2caee9e8b8108f6b53a2f42bea9a1f640c216f79afc4 |
| SHA512 | c4522a30ebff1b9068d60511b2f21a0b018a87f15abf8d793f3fff64545951e8cb6f6a6ec2fca714a2aef35f1cb7c821ca0d6ba615e99157ca1decc74211409e |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-692
| MD5 | 2e5b457af3a6c8352d276cff10aa5ecd |
| SHA1 | 478854a2b4a090ad2375ec8df8068bb385e1f868 |
| SHA256 | 21fd895c68fde25684d95976a417d834d7ae845317d542274656551faeb2dba5 |
| SHA512 | b014e407dcae96fb2097550ba76967ba6257304f479679f12966ea75e1be980345e35c2ac007570aabdf57cb4054b46d0eaeb06d22ece424771798ab82ad4352 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-1844
| MD5 | d012bbe1965d705c90b7ff6786455653 |
| SHA1 | f8f30d068c72585ba63cd52e9827b9dcde2c4a47 |
| SHA256 | 6d345e3b598653dfca8f032c69549650898f03df407615b6180241372a1bdbd8 |
| SHA512 | 85571fadf2beb23293de267b05ff30710fede5c77817c6f049141af713d14948a528737b546f8d9d07868b89f1795ef90c6df56531faa1604594bd356d5dbba5 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-2072
| MD5 | 707be52671bdb9f56c27c1513abde44a |
| SHA1 | a97708477b54318ca609db84d0e188fc80940419 |
| SHA256 | f5a36f157e0997acfc3d2e690268eeeabaf4c90406fb3cb6468ee23aa81293e4 |
| SHA512 | 68ea233889e6f2507cd15cf85709fe88bbd3ed3a4c01eab16e332246deda39fbad5b7ca361314d6f2a05ddf0c2947e6762c73e1382c30605dcf643751ad86f9c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-22 09:52
Reported
2024-05-22 09:55
Platform
android-x64-arm64-20240514-en
Max time kernel
163s
Max time network
189s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar | N/A | N/A |
| N/A | /storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries account information for other applications stored on the device
| Description | Indicator | Process | Target |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
| Framework service call | android.accounts.IAccountManager.getAccountsAsUser | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Reads the contacts stored on the device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://com.android.contacts/data/phones | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
| URI accessed for read | content://com.android.contacts/data/phones | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
Reads the content of the call log.
| Description | Indicator | Process | Target |
| URI accessed for read | content://call_log/calls | N/A | N/A |
| URI accessed for read | content://call_log/calls | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.jb.gosms
com.jb.gosms:com.jb.newswidget
com.jb.gosms:com.commerce.chatplane
com.jb.gosms:pushservice
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
com.jb.gosms:com.jiubang.commerce.chargelocker
com.jb.gosms:com.jiubang.commerce.service.IntelligentPreloadService
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | conf.api.hk.goforandroid.com | udp |
| US | 198.11.172.76:80 | conf.api.hk.goforandroid.com | tcp |
| US | 1.1.1.1:53 | goupdate.3g.cn | udp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | abtest.goforandroid.com | udp |
| US | 47.88.91.115:80 | abtest.goforandroid.com | tcp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | goload.wecloud.io | udp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | gosms.3g.cn | udp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.128:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | api.appsflyer.com | udp |
| GB | 18.165.227.6:443 | api.appsflyer.com | tcp |
| US | 1.1.1.1:53 | adviap.goforandroid.com | udp |
| HK | 47.242.62.57:80 | adviap.goforandroid.com | tcp |
| US | 1.1.1.1:53 | newstoredata.goforandroid.com | udp |
| US | 47.88.94.175:80 | newstoredata.goforandroid.com | tcp |
| US | 1.1.1.1:53 | gosmstheme.3g.cn | udp |
| US | 1.1.1.1:53 | imupdate.3g.cn | udp |
| US | 47.88.94.175:80 | newstoredata.goforandroid.com | tcp |
| US | 69.28.57.141:8888 | imupdate.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| US | 1.1.1.1:53 | goconfigsync.3g.cn | udp |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| GB | 142.250.200.4:443 | tcp | |
| GB | 142.250.200.4:443 | tcp | |
| US | 1.1.1.1:53 | version.api.goforandroid.com | udp |
| US | 47.88.91.115:80 | version.api.goforandroid.com | tcp |
| US | 47.88.94.175:80 | version.api.goforandroid.com | tcp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| US | 69.28.57.140:8888 | imupdate.3g.cn | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| HK | 218.213.248.178:80 | tcp | |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | events.appsflyer.com | udp |
| GB | 18.244.155.54:443 | events.appsflyer.com | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| GB | 142.250.187.194:443 | tcp | |
| GB | 172.217.169.78:443 | tcp | |
| HK | 218.213.248.137:80 | tcp | |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| CN | 139.9.193.166:80 | goupdate.3g.cn | tcp |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| CN | 139.9.105.102:80 | goupdate.3g.cn | tcp |
| CN | 139.9.188.168:80 | goupdate.3g.cn | tcp |
| HK | 218.213.248.137:80 | tcp | |
| CN | 121.37.4.24:80 | goupdate.3g.cn | tcp |
| CN | 121.37.22.146:80 | goupdate.3g.cn | tcp |
| US | 1.1.1.1:53 | smsmarket.goforandroid.com | udp |
| US | 1.1.1.1:53 | gocurrency.goforandroid.com | udp |
| US | 1.1.1.1:53 | launchermsg.3g.cn | udp |
| US | 47.88.94.175:80 | smsmarket.goforandroid.com | tcp |
| US | 69.28.57.173:80 | launchermsg.3g.cn | tcp |
| US | 1.1.1.1:53 | newstoredata.goforandroid.com | udp |
| US | 47.88.94.175:80 | newstoredata.goforandroid.com | tcp |
| US | 69.28.57.174:80 | launchermsg.3g.cn | tcp |
Files
/data/user/0/com.jb.gosms/app_daemon/godaemon
| MD5 | a71f2d8197e4d30dee93b17ee0c6c53e |
| SHA1 | 8871b267c6c1d4b4adf9c720db124aa6af2af797 |
| SHA256 | 8e456c853fe43e907135c0d230a61eba328bfe0c729d66ef006772d864e0d12e |
| SHA512 | 11b9c2917d22d638608af7a9ea99992a496ba38cbd59c31813a673863253f37b7006f53ece16adca6c42416fb0b3e07a33529b84a392601848f1e2ea30c4cc5d |
/data/user/0/com.jb.gosms/databases/integralwall.db-journal
| MD5 | 323fe879035d3ba84bfac470c89e3512 |
| SHA1 | d210d7a859d913cc1c616fcd029b316163b4209e |
| SHA256 | 2763aa7e140d2fde96040fde04a98ec7e31d3c2ed54b98eadce40766e48be00e |
| SHA512 | 981ebb9d4492e04571fcbc825521c5d31bcdb5c465908669c6ff5270f02ebf94548cfcfecd92268fae875b2d0547147dc8bbb8268a65c21b52b1474f73b4171b |
/data/user/0/com.jb.gosms/databases/integralwall.db
| MD5 | 8d5ab85e42d90ba36681158733300b32 |
| SHA1 | 2194b6be16f019130427ee1967024fc1571b2274 |
| SHA256 | c4cd6698465468ccbcd7325d81a4dff33850139640599bf8636a59ad5a50dcf7 |
| SHA512 | dacaa596b7af312562c90f59747a892d2e20f79e43a4279e84561ef1eb493133564235aaf8c944fae2b74d91d4872f25a6f4d8cb0e4175c41374472b80d34c55 |
/data/user/0/com.jb.gosms/databases/integralwall.db-journal
| MD5 | 198df6598b399aa47f372f2d6a1920bf |
| SHA1 | 411c2e27239f9c64d520179d738fb55f13f3ca58 |
| SHA256 | 974f6c6174e0fb0facc75aeba898529e3a94263d4dcfa45366569839cb64947f |
| SHA512 | b553350d9486a844fc0849471c0258ac182cc84020f27994b95a53d3eb6febe33fe4bea63c7a08b1a3700b032ec84648afa3bfaf5b759e41cad66c53cd7e00ba |
/data/user/0/com.jb.gosms/databases/integralwall.db-journal
| MD5 | bf9546711957f133b76daa9da0592c3c |
| SHA1 | 8af56d8ef3d934b4dfc251dedefda5677707e4eb |
| SHA256 | 0f52d5450b3a21329b7b5f99914cee30bfc3747f3ec3a9522fca21b5197b2247 |
| SHA512 | 14bef946ed106344dff35341bab77dd1fdd55f4363778fba5e00bcbe99772fbfd16d88165a2a0d7b38880e81d9d9b3cfa5ff33b35f7b87ad4ac01ca7e99f2db2 |
/data/user/0/com.jb.gosms/databases/gostatistics_sdk.db-journal
| MD5 | a63ae01c12c6133dd2d7e45e0634150f |
| SHA1 | 0d4c4000c7b5de59a1cbe8d127767f77149e8177 |
| SHA256 | a13b886eba673c976c48c30abc8247ca3c963a55c95503671248064045eb36ec |
| SHA512 | a20c21674a8205d9e1e3922130d46dd7d4d3ca67f59afb9bda8b373b711a37a1cf312b54147498f89ecb282d01a5eef3c1d4493baa6c331e942a077acec955da |
/data/user/0/com.jb.gosms/databases/gostatistics_sdk.db
| MD5 | e403fadfcf4d498c6b8553b8c5b82e81 |
| SHA1 | 20320e31777ef62464ebb692f588743779b0989b |
| SHA256 | 5eacde45973b5ad20e67a7d1a6e6b804c24460b84e8919e8577f7ea6862ba68a |
| SHA512 | 2dd272288bea02a03ea06501b2024addf8912937a03856720dd2a97418fc9a7dbe4977db678068d1e3c9c85cbdf38fb09d16ccabe304425004d29580d7507f0c |
/data/user/0/com.jb.gosms/databases/gostatistics_sdk.db-journal
| MD5 | 2660c95543ee9b837518321b16c59c01 |
| SHA1 | 569e3bf990f8270c535c19bf0c1e2759448793ad |
| SHA256 | f0d1e2a7f30a017f17e5589b226567391d375e40375597ee8569ede182f4b805 |
| SHA512 | 6cd9c7217ccbe8f29c8818fa864cc085eb9511c759087dec746370ac9e86188b02254e6e2fd6ce67d86c1ae48f833f6dcc53cd203dd084d987600f064940ad7c |
/data/user/0/com.jb.gosms/databases/gostatistics_sdk.db-journal
| MD5 | f7779ec7a65dabf5568ebb253018b92c |
| SHA1 | 7a24dcafe7ea87bd4ca5639b0071f509fcc45f0a |
| SHA256 | 21f14b0be96225128ac5a67e3048e1d2d3eda429541aea6488cde95a6c051238 |
| SHA512 | 4f1471536f337b3b2016099dc19be6f0eb08983037ba5c203e825178eeb9a7e15f825cbd91680a5e5fae027ceb1aede69709da13ef0bcee21c4b42401cf6f9ef |
/storage/emulated/0/air/as/statistics/deviceId.txt
| MD5 | ca9f09281f8586184dc1c1b1a2ebb484 |
| SHA1 | 608889e46040e5689a86f17da1aec44a79d77bc1 |
| SHA256 | ce69f845e5456d24c20548200967921f713ff7d2349fc057ae3d7a4e2d959789 |
| SHA512 | b4db30098def4c202d0a8520fbc7d6eea25332983139957ab1752ac849a2ad7d906f8c1523da649d676919db377af25fb61fa280bd63fb85fcb1f78b51d8ede1 |
/storage/emulated/0/.goproduct/goid
| MD5 | 40a9be9ef7a84163182ae2cb0022e63c |
| SHA1 | 865e517b7ccb75ca8421b1c8b2836ab5cb241a1a |
| SHA256 | 0fe7bea8402546977914184e32e80e68e46fdc968208e50b969a7b97b0e7834e |
| SHA512 | 24922d10050e2540e01f2fc0f998556e06fc56e17fccd395a216f9a9cf4db58dc0f7106f8aec396038d10a90db0629216cfb3b18c199c81ec93676eefe4f6314 |
/data/user/0/com.jb.gosms/databases/gostatistics_sdk.db-journal
| MD5 | e152332a7ac87df2e3662b886d42cffe |
| SHA1 | 97ec618564ee0917c1bee67f954429149287b258 |
| SHA256 | f583bd7ba855862653bcccd5dbeea6d084248d77e3887c7dddf7bed704f29e97 |
| SHA512 | 66db828c5ff92435a42a4303f85c4d315ad6fd9d52d0a91487918d91c1807b80066d5d5a576413d8b229f6de567e9ff53e912b6970ed96165673ba78050cbf5b |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | 036fbc7ebfa8126642d247f960ccbf7d |
| SHA1 | c6b520592e1af8a924aabc86572d89b22e3965f4 |
| SHA256 | 2d86bfcbe1080ac29deb824e78662e104c3b4a359b5d8ce6d6a319c3766a268d |
| SHA512 | 00635dd9563126079f97c9b1e67daa5a172cb2cc190d3a1a9fe5619dab21e1af1e7e191035d5abc7b94a7daf62b229e904afb355f230506b655d4613dd3d37b5 |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | b7adfe089b705b4bfd7ec9a5efa9bc35 |
| SHA1 | 3346ccef913ab5c3eb4cbc8da53a860a10dfe022 |
| SHA256 | 6e40d065a8225c8dca4e83c6eff04e86d5dbd012e18cf705cf898cbf853fc4ac |
| SHA512 | f89bfcc16dcdaa1aa07767bcf564322c99aca3be63e696a72f578d7726179491640343f2edf55427cbc460d97b1f091020647b765389de7c3ba55a91e0f71387 |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | 14fe8e968b35607bc28de28b19d67fd6 |
| SHA1 | aacd3057b4cbf8ebcf6b743855da961a55fdbc0f |
| SHA256 | d98e4fc2e781452ea7e182c7b02f6f2db0215eda4cfc9c2446161734879b750f |
| SHA512 | ea5097a8017f23b07b2f34be772126c22e100354548eeb5f8261cf7b6cbf25075b41f208e37acbb2de3691ad0ba21539c087b00087d109517399260fdcdba2c1 |
/data/user/0/com.jb.gosms/databases/chatplane.db-journal
| MD5 | 0b6f312190009e96014a5fd6a2046dd6 |
| SHA1 | af413db09e49e8771698ac7b1a233b31966a86c0 |
| SHA256 | 2f490caf64a9036a950b4fd253809db75ca955032132dfac897f24e1ea745616 |
| SHA512 | c69a7f6f28c9329bb0b48ab80d8a5039c145faa541ecbb160fe648040ede0f6ba680386cc714ec87df354485c83f3a59c426f28a6d1387bbd5338a0b995324d8 |
/data/user/0/com.jb.gosms/databases/chatplane.db
| MD5 | 17103828dec15b6a50d0be46fca46980 |
| SHA1 | b0656d37fbe431466a3cee442fe9a4a9409733f4 |
| SHA256 | a40df2adad217745c2d964d81556fe08b803eddf36e50af7a40a14286e157112 |
| SHA512 | e9b4b173d07878c444cb7cf3a8acf9055840a85c39bc0bc55a3db55fcc2769e60256ef39d58446035a925ea00b4e4f57a1ba14bb8b22194397ba6f259ea2eed9 |
/data/user/0/com.jb.gosms/databases/messaging.db-journal
| MD5 | 2a36f3ae68c7251861e1a3cca5e9206c |
| SHA1 | ccb88048cda40ee238758010d24b0f0e1cc8fe35 |
| SHA256 | 14e26bce55a482160addec92d49b3cb009ef0fcbed043173c9c16cd93d7d32e1 |
| SHA512 | 5833a2128d0ed86a8f66a9ca05f3496a6775ac6a6e326fc5acbec789ecfd505f90dc9e0cce0033bd3fbe2c1deef3611cd1eea54bf49165aad196101281ac140f |
/data/user/0/com.jb.gosms/databases/chatplane.db-journal
| MD5 | a0e0079448107588830614449ba667a7 |
| SHA1 | cd9ba3581725a4eaa26d2bdd76f4e3d59fdcf8ce |
| SHA256 | 4c2c7c39021dd06e6f83b6386f6fba579fa5fa0b158f483a7779e43b2fcececa |
| SHA512 | 2276060390c7de8d70ff43b7f01b860dc355df304b82d4eaeab5db8cb455d123c434f65531be8d4bce49c93eb0db24d4ec88dc4af1834bb4b65ad1ec8a9f9acb |
/data/user/0/com.jb.gosms/databases/messaging.db
| MD5 | 277f25cc0bc39176ef0c1bcbe27311f5 |
| SHA1 | 368d679256eace4bdab4e6968a0f62e771db465a |
| SHA256 | 029179a8f79c9b0ecd33346f565494e18c5b6fd3ee9d663f83b8d11d04bf9a98 |
| SHA512 | 6ac8bf8a4b0b1975f305116159e86050b4b25bc6220a02f406c8dd98caa6d64d5f2a4221f017cb0d957442c06a7568762f7012b607f13bcfff50f8482a26f83f |
/data/user/0/com.jb.gosms/databases/chatplane.db-journal
| MD5 | 3cd9f85932ce20eab06f5e86a57136ed |
| SHA1 | 9e741533cb31573827855ed30d32a4d8252750f8 |
| SHA256 | 584c00777f071b66021169a60de60caeb04aaec613d6e377e48c16b8a8a73a9b |
| SHA512 | 23d8af8a2508c77c73fcf1f31510c1a9519d2e2daa034a87aee16005a423af95c1ae3060bf5369f7f3ec569d498ef53a1e67cc799a37252fdf21fe2e0dc668d7 |
/data/user/0/com.jb.gosms/databases/ad_sdk.db
| MD5 | b16a2ea07661c4be8b3d6deb02d08b99 |
| SHA1 | ed942de6f22322cfbd423537b59fba8a7d1d9494 |
| SHA256 | 3220fdb213d94327b8cbc8f5751f141192ac827658c3610e6256061b42cc42fc |
| SHA512 | d75c5ad5a981a1fdb67a784baf74284c545bd1a41bebfe06d842036a0998f3adf5eafbab7c87be5479fe8bbe1902c3be35f6a33f7c95aac3a32c5a4aacdc3b42 |
/data/user/0/com.jb.gosms/databases/messaging.db-journal
| MD5 | a974c8117b4d7d03cee4e8ab6dfdf7f9 |
| SHA1 | 9b7d19c367d8520f1235270ebfded41e2f016624 |
| SHA256 | f95dc121974eeee8850fe57c72c4a9518c8aef7d526e98e75437e29416b75892 |
| SHA512 | 02d3cde214d9d27a071bfe230278440bcc28ec34ade68c37b53b234b18c2ce27074cb70a6ec97a3c0f675299d76efe00ed3a38fcc2ac086ae14124993a0eb33e |
/data/user/0/com.jb.gosms/databases/gosms_subscription.db-journal
| MD5 | fa6771e024b8cf416741298b05273e92 |
| SHA1 | 5e786961b5b80acf998942d04c2dab76825e77c7 |
| SHA256 | fe08440be42e29e04c67f4c412cc66e5d496bfbbdda31423362eee34e6c6c0d4 |
| SHA512 | ffda85f654619093f2f304e8a91e36933e5d925c887be846630ba1df369e08eb92fd3e96cb3ad57b83577a1143c1b171d5d1921278fe8f288f4539d0399ae54a |
/data/user/0/com.jb.gosms/databases/gosms_subscription.db
| MD5 | 2c28c236ad6e0c70c516915bfb718142 |
| SHA1 | f22147b64fe8fde676b65f9d5cc4f6e8ece3ba0c |
| SHA256 | 2088eb0197ea793e3fff185e14d22337a509141e5d841fc457a87ed147be7880 |
| SHA512 | 3935227d590cc7571a1eeeffa8ccd0c38a5e21dd6333c75e34f5f307390305d0197a9132aac7a4d4a1fa4bf864ea4e62c7b98d2744a5d6b134bcffabd9cfbbb7 |
/data/user/0/com.jb.gosms/databases/gosms_subscription.db-journal
| MD5 | 2cf1ff3c7fd49d839d829d7772ce1326 |
| SHA1 | 62542442e4da597d3312417db59c9aef3f001a8f |
| SHA256 | b68bacd2216933adad9de665810de2a955413ea702c559f8e4fa5ce6407068de |
| SHA512 | 402770a4293f535dda224e9d8c0467c147490bf32f436d6ed37c057b8e01d5f0746dfdd7d0524fc60ddf367183701d6073a3bada9ec386d44aa11268d9c90126 |
/data/user/0/com.jb.gosms/databases/gosms_subscription.db-journal
| MD5 | 3cffca5012855b85f566557ebc0b1990 |
| SHA1 | 935f450d7ce560db3949ddd2f336187e87160673 |
| SHA256 | d7660db196a18393fc4f5d5ab1dc39febcf07d954a38b363c5de2cb309c2f18c |
| SHA512 | a09528b44dbb8862db0b88d5579b08715487fe3a2338124aa32fe075df5920a3da3ac6a0757a26735f7938b54ddb8f5b795165126355bb044f51749e3f768ca1 |
/data/user/0/com.jb.gosms/databases/messaging.db-journal
| MD5 | 32a148e6b3c98cf4fa425f16f0eb5ca1 |
| SHA1 | e2e2b83f6b1447edcb816f1555964542626040ae |
| SHA256 | 65741dfc8f72b2e1167d32215e742fc4aaa93b3a5e953e97e233ea526c0f07e6 |
| SHA512 | e72f4b50ac5edf9737039e41c62ae15e2dc22db24bdc13ec5310962ff66a485d388030be934d4394dedbe746353f9f204bec543aac12a1614cc7e84b2b3bab7f |
/data/user/0/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | 7d48bae666a6b3768c2c70b0b1d8d4da |
| SHA1 | 363d1b4f8189ac8231a929412f3b73d91a1fa80d |
| SHA256 | a01197aca4f980223507e5b40061992afa6542abfa0adf58086c6e515d5d8a43 |
| SHA512 | 24d9f6b79cc8a9b2d31c10bff8e6767e387e179bd2359769241f7898eb49228350e137ded2ae5cfff837f04ec92293a88196c2bc96e508b97ea6039f71632028 |
/data/user/0/com.jb.gosms/databases/BgDataPro.db
| MD5 | d40ae3b2d66a0a346fc9328f7338aac0 |
| SHA1 | 7a45c111fcd76aaf9b52294c8b4972e29554beec |
| SHA256 | e7c67b7e0cce45b46cf413ba2e758cc9e72aee87dc7f36beae563dff7dfc9392 |
| SHA512 | a5bf565a47ee93c604fc13f379d69353c2d2cf84a5193d680b2c788f9fd6b98e271157856eb8e64ffb833b9a96cff32c4f0e0e00dde2189214fb872482669d42 |
/data/user/0/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | 429071d81575bd1e108c5acce80f4098 |
| SHA1 | cc4b7228b3486cf5fa0d808dd91d0aba655bf8ae |
| SHA256 | 2761915cd7eb04592efeccc1193d5caceeabb5387fb2fc1789b3c112463a94ec |
| SHA512 | 861511f0d54e9800e2d1674254381adac960f32f32e26d2030edb87067278c5caf2b5a6aa37e109632ca9cff501d91362d44e7e9f3f4d5a91fe908bba0cd97a1 |
/data/user/0/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | bea3eded64514c2df03fc42a70284cd7 |
| SHA1 | a327a1b04f12cf2eaec16153c7aa94533c7b9bb4 |
| SHA256 | e16f987d52eb2d432cc850d16bf8c63d98c0ad4f1322078306aad7f2d18b60e8 |
| SHA512 | 63253ef371666f8f490f79be4c8355506cddfa6e8550aa9516cbf519ae0a74e6932d27b0fe2f8e3bda74a96b5a1dd5e875ae547baebb7ed6c992b1440f438976 |
/data/user/0/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | 61fc36f1fcb7dde64fe04269c6fe98f7 |
| SHA1 | 2842c50e4107707df7b1e23c5c5ad51b75d5dbcc |
| SHA256 | 170aa187e9d1ae4f147dd23b5a6ca6d91e2dd32138e16a837ed21b5f8f1ad554 |
| SHA512 | 327d0f2f55b611506f6dd45a07f147b604571df12fd295ed5c25ca4307f951255a07384f65013c02470ed7e36694d53e56e74a9955ebcc5c8e42e710eeb6611a |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | d60cc5c0b913c57f9108e60515091a83 |
| SHA1 | 80c9b1f47c9240161ad613779ecc0171d8c862c8 |
| SHA256 | fecdbf8b3cd395b7e213ef0b0b7161e595b79b638bd6be8ad71d8e772407cf80 |
| SHA512 | 296d1f28f9b3d059b12276113d1505a9c1b93c1e54dbb683b24c8149ec27fd624ef5fecf2b461904d75a059473fc3d30206b71b48f8a0885b54f3161627e4735 |
/data/user/0/com.jb.gosms/databases/Account.db-journal
| MD5 | fe7c135506e359ef5d6181a1a245ec7e |
| SHA1 | 336c9895b6f9b88d891a4a4f269cdcbde8737b28 |
| SHA256 | 89c81de6417d0b5792d634e0d46953153a455ed04c2605519dac449d838733a0 |
| SHA512 | 67b0d6e15342921bf7edd8721ab5170c24a3d327cd17c05354f3c9fd6a9b8d7f0e83fa06b26814a4cd4196b7be69c787ee8a3c38169d418b9c1db6f9a1e8c8ec |
/data/user/0/com.jb.gosms/databases/Account.db
| MD5 | b75f240cc5446aa8a8f7a0ff206ac227 |
| SHA1 | f1ba460775c427c37e36554a9c30030ae9c33b5d |
| SHA256 | ba75e055c3ea1c1c55a81521c50dcbe95b7bc26e1a2c3d816d70f1481b572a96 |
| SHA512 | d7bab7626e4d0caa7d0f040ea8e154775608a281f2b9e56726e72ed461081dc79ce5e1c2fef0c5279d514c1879ba7484c58cdd636090a6f71fba68bd204b8ce7 |
/data/user/0/com.jb.gosms/databases/Account.db-journal
| MD5 | 8a2bbe5c5b58e1bee7c78b48d4c6773a |
| SHA1 | 89ecc0be22e549b79a41cf7ebcd9409d6f44b65f |
| SHA256 | 7b3aa64fa4f6ca7adba32109432ecc344fac61878356b3671c2935ba86267e8a |
| SHA512 | 3ada02fec4a706d997290295d2836f5efd178a54429cb622d50441abb4a1ef99735440c41299ab2c0e8e9f829320518fe259ac19e3e6fba987e698da97589869 |
/data/user/0/com.jb.gosms/databases/Account.db-journal
| MD5 | 332ba514b203e2ed5f0fd05160105dad |
| SHA1 | 25c86864460071f1295217d840d61c61acad11e8 |
| SHA256 | 71fc2c9f9c8ce26d373602a699e001c25b79824daf9de54e4592b91f5e451f76 |
| SHA512 | 73b270b0ee2fb43573cfd5c1596f2eae68c7db3f742b58d6dfc6004445a8f839c9e7dd722cb7110375b0ce08eefa0a68d3baa6feb4a2ec89f63c3eb93e08e04c |
/data/user/0/com.jb.gosms/databases/sms_interception.db-journal
| MD5 | f38d9dd3d2a932fa7f88b7052452e697 |
| SHA1 | 55b31e215275b6ca0f0fcf88700681f3d72f3d9e |
| SHA256 | 7393d59c2a1563b8b07791027e47b7dca909979b869a76d3032a370c00231662 |
| SHA512 | 85a897caf19ed2c65865730f045067b8ad65d4b7a20023bd1dad95ab7522c703b7e36ef8efe84d6dd8bfc781484f9db1edc9530c7ba43eb3f34d7f4b6633d428 |
/data/user/0/com.jb.gosms/databases/sms_interception.db
| MD5 | 799a25f312f0467b419e22dd42ee37ff |
| SHA1 | 4acfa4ff5810c301b3884ca29cd68f8f1344656b |
| SHA256 | b41f9d1cac662acaeeaa098f823dde06001ec2f4021928f4c7d2561a91b7f6b3 |
| SHA512 | 6d2a36db0e3e717e9b4082d032fac94e78644eb0af9cb0aef875c864817ebb0c9195da8f4d7667822fb0e4c9e68bfa7641132903c3d7636439a104c46c603ecf |
/data/user/0/com.jb.gosms/databases/sms_interception.db-journal
| MD5 | d0ac813b702b77dccf735613d2eb7cfc |
| SHA1 | 44b81e9edd0835194b0c6b41f74b0446d29be057 |
| SHA256 | 762361f9cc4a5dedb87513f1a1771ad3677f5e3e92ba7fd32b329c4644fb8491 |
| SHA512 | 6d46883190134e0d3a366cd821dd159d68e147e39c87980e9649f1a7b56898bd916c2f58ceeca86f6c63e8626417608c84e76b378666e305be00ec34a2eb4e56 |
/data/user/0/com.jb.gosms/databases/sms_interception.db-journal
| MD5 | 88b20b8ecc600fffb521a32fcd7ef76e |
| SHA1 | f99be052d234dd7cb84f6e25268614d69c809b8f |
| SHA256 | 9f69cd9c8f3c9ae597938b5bbc3bf6f1f353eb1ef46780cd24438e75cf545859 |
| SHA512 | 5a1b99859568139798c59fac5f79ae8a41b442dc8208999fa52d7ceb2b4af198b3c9e88ba93fef766b0ebdd5be0889770ec4c4296784cccc508b0ead64126f46 |
/data/user/0/com.jb.gosms/databases/feedback_switch_db-journal
| MD5 | d1684244846f57893ca327a2de2723a1 |
| SHA1 | f9011ade50ba564a6cda7ae5150f2a2fe2a815e2 |
| SHA256 | ae357ea8af99a48ea398562dece142eb5818ac5f664d40b4cb413e28026c218f |
| SHA512 | 0e820e6ce1fa996d86e0eab11888dc9fe4ebe10e82e2316eefd6f6adb7959a8ca27c95244f992b1a543a86c1a57686abaf0547a2b29df764ca5ff6190aee688a |
/data/user/0/com.jb.gosms/databases/feedback_switch_db
| MD5 | 7f15c5fe09852d887b6fd86d483b14f8 |
| SHA1 | 0197d956c7c1dbf9d6855d72f774a76a1b308c4a |
| SHA256 | 826635e96d3df1590623e4bdba670a7a4580b56d743fa1c9bce53a1ab5e534f0 |
| SHA512 | f6b89f79ec179dcaad172cae9ab8336098f06ef7ce227c9be0fb04f1abfea6c11a4f638d1cfaf80470d2e651e49ab6facab4982ff9571ff94085167fb756bd84 |
/data/user/0/com.jb.gosms/databases/feedback_switch_db-journal
| MD5 | c1bdd72f41a4217254dbf576253096c3 |
| SHA1 | 27de26605a34c438ffd9678aeeaa62f6d680a5ab |
| SHA256 | 964af30905d55d82c57d4e7eab8d5623afc9ce5002f889a8f47d09cee66a74cf |
| SHA512 | 4a116e64c745573840a9e37169ea0628eec471e58da830a18de8635dab0a84d8ea7bdb20edf114d094e1d1f36b30ca5dd76a7b95fd55e07d79f843f617c301e5 |
/data/user/0/com.jb.gosms/databases/feedback_switch_db-journal
| MD5 | 1e2d66fd1580b63bb15dff68a01d53e9 |
| SHA1 | 19d77019ebc0b127ee9e1e5de5f70ac1afeebc2a |
| SHA256 | 304e3064859536845d16f5b1b1fa970db06bb0047947173f428451d7a242d0d7 |
| SHA512 | de549bdd366ae35b70fab2cdaf536a0c4c7d7b758bd833f0522feebe3a27ef1b973fcdb70019331c453f8499e88dadbfd235a318d6d44bb2b5f7b04404c0c943 |
/data/user/0/com.jb.gosms/databases/schedule.db-journal
| MD5 | ac3e940fb83e294c988c4ef2c1021e54 |
| SHA1 | f863581b7a1350f8a61f5cc950eff87d5e1e189f |
| SHA256 | 7056f920561e49ce1c6ae2041833a6c2c13b492900de6d6038dc39956b696992 |
| SHA512 | 6b9f55f827456e885c456cbef33b6a4fa66a3097080dbf7406f3a16429f611ab80de7da6138ab4869f961eda11431401f8d9e15188b4fbcf7ddce704fb4ca5ab |
/data/user/0/com.jb.gosms/databases/schedule.db
| MD5 | d9fda245cd9151198b5a706789b1c20a |
| SHA1 | b1204a1714445ba9ca6d6f63396f8964a7896b61 |
| SHA256 | ceca821e184a5ab551b31f8073a571e356a1e145547725fbffa45be02e146154 |
| SHA512 | cf477a8252e59a61bf567180e8c0f2efdde34f5bac0e3577d7e3f25aa3e9c4f7f875e6b684d9476510cddfa53123b207112ac5fe02f30b651dd91bec100efa4b |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | 5722592b7874546edc3e74a30f36cf77 |
| SHA1 | 717b788c8da2ea14bf5559904886763ee4de0a26 |
| SHA256 | 6c43a463f5c2fc2ebd0e3e68a85d8bc8c8a5669eae74507684ba6112130e04db |
| SHA512 | cdb50b6f85deef7d36cee610e2269d6128f4bec892a2cd58b7d72e29b161b2f6fdb984e83123ee56f06b095d503b2a0f665db4883cf2b50b7a1b5c72f43f5b40 |
/data/user/0/com.jb.gosms/databases/schedule.db-journal
| MD5 | 633ca5d78d3a2028ee464fed3a51c320 |
| SHA1 | 135df689effd14ae42ab347f3e9cef61fa598636 |
| SHA256 | 993c1f9115e2300f16799c8d1b65a9768973d36b419ab7989e3624ac9d43ccc4 |
| SHA512 | e53f0511f55eb20d5d15ae8aab26f4d1b26e3c8748a9e3d7710f7ef9795efb131e790284e6f9f4d61088b88071f1753fae58a97c7f09b1c4817cfd9cbd719ca4 |
/data/user/0/com.jb.gosms/databases/schedule.db-journal
| MD5 | cd94d6c771b95ba781ad2472d93e1f21 |
| SHA1 | bb701b802b1df4b022a4688967738d7459c60f35 |
| SHA256 | f00d13add56a3f3f0bcda9083377790d994f800e8e9471daa4b3f90fb2b9cc2e |
| SHA512 | e26613fd6340ad7eb6efb584999d15b5b63501ecf56fa2e501272bf4e7949d6649afbfcada39d8bf259b18e42eb9a4c09f13ecdba10664a2d6bee71eaab7abb3 |
/data/user/0/com.jb.gosms/files/custom_preference.xml
| MD5 | 7b1857e7a1441aed1c92a5c1b5c4a498 |
| SHA1 | abc4650a9d39cf3c1b175e195b65d1fca14345d6 |
| SHA256 | 18a33761bc2ef718930acbc4db410a60f6c34b323d0d39bf36cd4e4818b602c3 |
| SHA512 | 3f0f1d3ed030bc66a9ea632b66f2acfdff981cf952868d8086c9ce42da229e4796fe572f1ad51d8b517be37bcd520e755420ca70248323128755a818f966396d |
/data/user/0/com.jb.gosms/databases/holidays.db-journal
| MD5 | 31b6d1b5df7ae389e2aaaf437710b5fd |
| SHA1 | 0c2ab9f9acad960fefdcb43f683c4f7d847fb65d |
| SHA256 | 9d0b853c46d9a333b9fccbda16c89e5d187d55aa8fda04d14a834ebdc860e446 |
| SHA512 | e8152092a5f8d70b7bd6520291384f04e9b66984e06ac0884b0b48ed6a4ca629d218e325541947ec9b65541d431c75acade4a685e2877b1c5c39f63d2ff8bfc3 |
/data/user/0/com.jb.gosms/databases/holidays.db
| MD5 | 0d1e5927ba67df503836900abf601868 |
| SHA1 | f13d9f7f5335ae7901bdeb4abc61cb7a6eae84d3 |
| SHA256 | 4d19813103c097040b5a9c7bfc2a3f8a740bfa51a443446825304a02c6f1adf8 |
| SHA512 | e1c2be3b4f91925c12c71e92f6e79751f316b623e6bc86224631a06052201e895790011abfae9b13cf2c14ba2b5271551860a65581826140d335802998acd680 |
/data/user/0/com.jb.gosms/databases/holidays.db-journal
| MD5 | be0d2177b4d573b657660cc9c8d6f894 |
| SHA1 | 3b77862d9a29913d39c107580b9a357585706275 |
| SHA256 | f52dff7909219c6b2f5be288f8e4137f046e0d0fab9d552ed60a39bce57c3d1d |
| SHA512 | d20096ab0d773db139e2cafc173c38a485b349e40fd7f6cafcffbc1a71db60b31d49ff873efa36634c1834b7880cf29277bb83c1869801ec836e88bf9b39d820 |
/data/user/0/com.jb.gosms/databases/holidays.db-journal
| MD5 | 162fa3804e784f49f0eff6efdb47d6f5 |
| SHA1 | 6c22437c75a355c93dc6228eee08e9bb67b7d73d |
| SHA256 | 5379a98d1bb10540fa76c838e328891e8162e6900ce9262ea12a0b961b78cc85 |
| SHA512 | 5b6bbb25ff1175a1248ce2fb2a4722b7cb59d9b7aa6d89d229271e303d35ef726e1b451b97d10c3cd3036a69d86928c61d3c233bc4567af2342dce4002b2c04b |
/data/user/0/com.jb.gosms/databases/gommssms.db-journal
| MD5 | a9a82ddf37cd2bb9d13cb1f2002bd365 |
| SHA1 | 96faeb76f9b82af48f380742bfa87c7d2ce02bc9 |
| SHA256 | 87c61ee9bdb53ce97d1aab85e213e3fff657b91abbe195960c579128901aef49 |
| SHA512 | d4be2fef96b3bcee93f030648e6635912ec7a1bd36f55260afe09483c2ec5897dbb09f95eb7041116dadc8478a4788ef5b70a7f594b35ec5c3b2f99cf50eab35 |
/data/user/0/com.jb.gosms/databases/gommssms.db
| MD5 | 7bddcc5dd3b14da470a8684e23e4ff57 |
| SHA1 | b9a56af7a55945e8769044c43baf91f6bbda836b |
| SHA256 | 547188afae1c0e37484595bf6ef4ef0e9d858f568d455b37af1b61e2b0b92f5a |
| SHA512 | cffded43d73e4d87f08e027a7fde2ddb3294340559c14876fbd7aca0217793d653fa9fcbbd20141f5840b01da1466a14b25cc036bfff0c651e9b33c2767482bd |
/data/user/0/com.jb.gosms/databases/gommssms.db-journal
| MD5 | 860832ba4813f3c20ca1457a0767d499 |
| SHA1 | cd4e4cb2433207153b8d54b912033946cd550c81 |
| SHA256 | 8cc65eb22536faf84d125d5604b0d5315dea64dc6e819dbd0f22c4603aa0cf56 |
| SHA512 | eac7d6e1624303b52c279cfc2ea6a27b64a67f865147b4282b71a71b98667287a64d89584345163186bb7255254e670c9c9ece58665da5e5c562fc60b10d51dd |
/data/user/0/com.jb.gosms/databases/gommssms.db-journal
| MD5 | af73b61b2e48c944d2c5f0766fbcb514 |
| SHA1 | 94e2b5a00e7109c51a02ba084521002a372b5fcf |
| SHA256 | 73d0ca5cfae2783e40fcc9c9992aae6a587405862a0c9f3c661c6248d9c095d1 |
| SHA512 | 41eef46f7bb9eab82388b69433a90ee06fc87762bfa9aeef941b4309d0757b5e966d783197c8fc9bd91997fb73f59f038c26d12e4fd1b32d93114d6dc3ff69be |
/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar
| MD5 | 704b581ff928e7a1c998fa6c98c0b3ae |
| SHA1 | c862400ae30e318ae3028f3dee5f7b52c19e23ff |
| SHA256 | 123398dbbe734a4a602e5f2172eba1c7ad3a015260620acc812bbbd10915ed6c |
| SHA512 | fddaa3356b23f7a6353ed2e55418143fb2412ea4b825d0d2ab9d6a15d50fab446332991fb3b2fa04542f8962ade82714708381dbfb612f44ccd109458b81ea49 |
/data/user/0/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | d1a76199f1fb406ab54f137bf46574e7 |
| SHA1 | 359fbea3450e6de3d397f3d95e54888702f615da |
| SHA256 | 2189d66cdbdcefcc9880b0f0f3a85413eb71d39e2f75c6e1eb0cdf7b627d1c94 |
| SHA512 | ea4f73f3379bf448221169286cb9a56b0fc4769f12d7f752fb65ad5b1434df59a510010aa027bc3a458ab4683c79c76b4c730c98c0ac8ff4c351595eeba7dd71 |
/data/user/0/com.jb.gosms/databases/dynamicload.db
| MD5 | 03d15021973bec10b621b9935619f0c2 |
| SHA1 | f417196b24ac710066880e70031f0e222666af4e |
| SHA256 | d1d4bf9439caa2bea36a53bd16fde5581e5a260490db7c76244fb2643b8a88d6 |
| SHA512 | eea70d4949e9e30f443bbb3e4972b1daac6fdcca72a5ad6fc12ba320c084bb894925830311c8cf6065ecbfde137a31f8ac3c47fec93313f96d4b0bfc638ebada |
/data/user/0/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | ee716a7e6e7fa1981331287cf9f9f564 |
| SHA1 | 5ee096ebb50d302c02a427c9e48608fb6222574d |
| SHA256 | 48e333bb4d02813798b107dceb52b2bbc1724990bb4f99ebd73ee9050c87f3cb |
| SHA512 | b138a9e164711725ab06b95ce143c83c672003fdb38cdf4935c98452b2f5d43f16c4bbb1b4f70e97bb303cde61b4482283b0cfcc8612ca8989d4ab83aa6d809e |
/data/user/0/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | 4b2ae3bfdbe38ecfd6316c08740d483a |
| SHA1 | 9b244c1064fad847688beae8f074783b5918bce9 |
| SHA256 | 9339687bf855b0a0a90d7dce0ac08dd4eac0f0f479acc55daf7b677c71ad427e |
| SHA512 | f8be4f193b502ec997e3d2712ba7a842ab9daf130020ac885bea57c8c9a2c4daa3ba8429e3743580f2bf25addff0cb9cc03a06f2b399ddeb44ff65d9b5881f2a |
/storage/emulated/0/Android/framework/clrunpath/-936679160/meal.jar
| MD5 | 7ec711050cfc0bf2e0bacea44b5aeefb |
| SHA1 | def6ba686b06c854fe6290f6d1e29becaffe7dd2 |
| SHA256 | 03e61f7d7f0960666cde25b0952e1db32fcaf94f151b61da388ea40d54270395 |
| SHA512 | d652c916dfbcaed6adc8a510b3a5d4161beda4d2fb592ab8b7882a40fd3057be81c5b87c1a4ab77c3517aedccebe53ecb971d4e8c4bba97614252388234da69b |
/data/user/0/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | a4ee176952b68889711b6661d301530c |
| SHA1 | d446a69188ac3e887dc2b13027e36a42752a4fd1 |
| SHA256 | feb092a756bae3d32528dfe0b0a6bf70f25fc5bbf2600788c5c4f0a5f79aeef0 |
| SHA512 | 915de165721431815d8661b1990f32106c867a8d3030c2f3dbfcc38c2fa2483f749a6a6ba476f776c9d4da7d1712c8a4fa5af6df9b85de6513b9179131b3a1e6 |
/storage/emulated/0/commerce/statistics/deviceId.txt
| MD5 | 62defbb9bb45581de9db47e8c5bc3831 |
| SHA1 | 6c9d48fc3c7f0aea2e89e7a04d7583958ddc9290 |
| SHA256 | feb7fa501b3e6626fe55b03e32d68c2ee3f088212345c9d2a1e8b9e0e4326e7d |
| SHA512 | 6c1e7047da2b909d71dc0ef56f8ca249ea3b9b4c797f8b1aaa50a60ab171e397260f39ddadb4914cdba2250f8a6289977a1f53a0bde1515fd4615d0f8882a8b7 |
/data/user/0/com.jb.gosms/databases/dynamicload.db-journal
| MD5 | 2d3d0c5bb8a3a2606991ce7314fa564c |
| SHA1 | 66083981ce9737060f2fc056bb08923a4adc9939 |
| SHA256 | 4403e9dbba0cfc9ec149d14bb96b437e7cecc057935c16529a63d733be9d5d7f |
| SHA512 | 610c5efe0d80d25e6473c89f922dd128113950e9508fb13623c13a036351512270b400c32920ba24c7bbee0ecef8bf5aaf484dc85db824ed9ef840701ee82f96 |
/data/user/0/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | 36e7832b38e390f972e900ee295d1f87 |
| SHA1 | 386c1b09b3545f6a728701bd961a828e13853455 |
| SHA256 | e9ea217c9b0e14bc9a497c39f5ebc0efc904f97218749971d472843845dc9cb6 |
| SHA512 | d60c1f77ff0276529769d983594815a55dfa956e72bebf2e94f41984d25cba76c2308e08eaf8d9592e9505cf53303b7e8de49ed3c46017f7891106eab0a82220 |
/data/user/0/com.jb.gosms/databases/google_analytics.db
| MD5 | 17cfb379c2f6afaa77da7d5a86ac32a1 |
| SHA1 | 1740a1badc0b4db0dd6ffdaf5fc2703760e2cfb9 |
| SHA256 | 28dc8cb2e4ca5bebd00427158d4f2771443f8acbf5a2aabe7ccfce9fbd2e2813 |
| SHA512 | d84e4c44c98857fc2d44b303185d36c88c1e631e35236c8ac3a5ef9266aa8a4eb08838385301281e15816dbd6d315d5ba2235f7bb36a5c40e53d2ebba1e569bd |
/data/user/0/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | c9c1119af911b44df4209368266fd5c2 |
| SHA1 | 5edd8023d25b6210d4b587fc0e1e66efb3873b80 |
| SHA256 | d708240000ca61827af257cbaff441d81026d74ead45514a34ed955fbb0886c9 |
| SHA512 | ebbc616a98cb2fa0880ac7f21334c4075f0491e6385ac013e093c4432b1eed30d410df926b8fe3781fe64e02adccd26e61b525c3d56d3b07ee250eeb1de2995c |
/data/user/0/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | b288f6d91269f0f518d22289390f2120 |
| SHA1 | 2b1de8be15d05bff2b3b82f56f0d4ed97b96c3d7 |
| SHA256 | 771fd0006bcc15a9e946f151d90ee999da75a95a7c0929ab932209c51ac5e44b |
| SHA512 | 32daed2929e454295e0fec85891a85057a86918f119d9fbce30021c9ace96fa54b1d434f4485b11b0cd65b0456d47ff43dd2cc2e455f3eebcca5723f0d2aaf49 |
/data/user/0/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | c01e793b58cb002fab32471a5d699c50 |
| SHA1 | bf3d9d0d94f49549ffac33e28831ad8e412f1acf |
| SHA256 | ba84ef659db93e346a0b2a7bb717bf21224db197683bb3960681be21bf1ef4af |
| SHA512 | 3e1acdbcf86f14dceb2815de3b8f5d7e2c628aefeb5db9afead145bebc26409554c72c87c0fa91cf4ec7c24e9e8687627be68f45181e7c3564281308507e3764 |
/data/user/0/com.jb.gosms/databases/google_analytics.db-journal
| MD5 | 15d4db3b9d33e381bbe43884b32dd2fd |
| SHA1 | 9e749139209092c1839b4d9af43966daf49db0d0 |
| SHA256 | e94ce3723b27e74e036f6900de13611496993aeb2c76843953ae03f35e998f05 |
| SHA512 | f38c44231480788a54702af3fb4f0a6dc1a7dc2c8b3ae897466e032aad107ec2e3d130d8dc5b1d9c5a87cfc26722e9fed5caba97693789f4b7ad8efc5c1165a9 |
/data/user/0/com.jb.gosms/databases/BgDataPro.db-journal
| MD5 | 237f957aaebeff0cff898c5ddd989374 |
| SHA1 | e0c363fb1fa68346be2c4c9a31dc27cfb93cf4ec |
| SHA256 | 787e6adccf4087b1fb63b7b1707284ed301910b580fe2d3bbf2201ca0e5ca48f |
| SHA512 | 6fe948d22b371f280c962dbc03587a797ee819523b2fba8970a904434b9609e28f155c4755bcc84d3b77882f672647c39c4374ddf37ba36f366fffc50620e722 |
/data/user/0/com.jb.gosms/databases/MessageBox.db-journal
| MD5 | 992bfa0912dfd1d69b14bfccb217f0e4 |
| SHA1 | 287db9bdbea99aae4fa2ad55c53b04a4756640fb |
| SHA256 | 751a7c3def0c7717fd161462b136dc56e2392ea0462369cf5a788e86576ed45f |
| SHA512 | f87ffb2edeab2d48e15955490155cf0ed5426d2144ceb9535f91362a4c5b030f31895083c63da557ae04e48032bba45cb77a26597ba50cf18ea5e9f5ca39cc18 |
/data/user/0/com.jb.gosms/databases/MessageBox.db
| MD5 | 9ed1bf884cee2feb601213c054fd2360 |
| SHA1 | 571cc723bcbff961e7332027889427f7a2b65416 |
| SHA256 | 56428de6789a35eb61c42105493c1e8611f58e9af598092b06aea9cdd8f7d9b9 |
| SHA512 | 60a049632db97793409e4e20d8b1a1ba686acd1d21eafdbac14b1c8e2032cecda3a86be2a7100c6be87fdf0df652151a0a403a5f5dbc212d6f9d44a4193f6bea |
/data/user/0/com.jb.gosms/databases/MessageBox.db-journal
| MD5 | 04964e849b538b826c8c5db8c08f6f34 |
| SHA1 | 8ef866442183bed20589cd740b510b06e182b08b |
| SHA256 | 7c162e830cedeb9c1ae58f4505940409704c39c49fbf84b7bc24fe384595ed59 |
| SHA512 | 0fac80e69bc043e94d505ad3ba9cb541e7d6db6f729790c0281c646225f3425d9bee7f8063cd07ac5c7ef1f72275691973f7b8e2c39a214fed16652cb2b6e597 |
/data/user/0/com.jb.gosms/databases/MessageBox.db-journal
| MD5 | 0a64aee2be08245a163001545d495cb7 |
| SHA1 | 931edf8ccb4cac1f6978fa727c3e71546897f0b2 |
| SHA256 | daa84e171eeb23c0d950a910b326edbe0afff6fb972643395782541ed4e06271 |
| SHA512 | 47a26b5b33755dba3c83a9b385aa17d7ff3633155ee61d2f4db2a693ee3362391ac57f06daa42628626bdf7879dd79516cf0eed026c058904de1583869d78f93 |
/data/user/0/com.jb.gosms/databases/SyncHelper.db-journal
| MD5 | 05ca52eb10906316afa4b06008146049 |
| SHA1 | 0210cfbcc0f14aca15589f7472866f647d97e21a |
| SHA256 | e349ed41c7a719f18e28226228fcd16fec12b09cf2b0ca617c52310353f3f40f |
| SHA512 | 0e367415f54fdd65cc4cce2a2967653fa054473421d0dcd0ecd6895e83c26508b7090244de65e3cae3e07aef9e1dcf0326a591e3bc6f2301aa75b3c0cacf36e7 |
/data/user/0/com.jb.gosms/databases/SyncHelper.db
| MD5 | f8c3141c07ad0ad3ab7453bed3f1d230 |
| SHA1 | b0496348ff7cd322e134532b47ac99382b0cef46 |
| SHA256 | 3787ec0b3eeb1c2dbdc89375ef6c4694ef6992ea5d8ca84dfdbd3b0fa7201187 |
| SHA512 | 1a34327396e784ea0c2dba647a989d3e2c379574dadabf97c0198f0cb8c5c5101028cc5eed9bdc228bdf8af4a352dfa47fe9f3ba407e72f5c384588d46c7566e |
/data/user/0/com.jb.gosms/databases/SyncHelper.db-journal
| MD5 | 1c896f9d618f1436c82194d008958525 |
| SHA1 | fa98cfb96b2ae303a42af24f67a7ca4336f7fec0 |
| SHA256 | 1f8f6c42090849e4f2e21b6a4a6d8232c729083aadd218e0aabc00eb22fa5442 |
| SHA512 | f6ea3f4e7f5f9b0a1c5b87230bfe4a983cb8863c88168c219eaf5878935fcf54d047493f94bb7b82b9ad85d6eab28fdd8bac58998def11fe2e8b4c5ece902e63 |
/data/user/0/com.jb.gosms/databases/SyncHelper.db-journal
| MD5 | 82af4012fc65b2db6723dd4adfdce4b6 |
| SHA1 | b62fee98a6c099dc45d2776715ff3d908175c4fd |
| SHA256 | 31af3a9371e92ce07be374d38982e592bebf2d68ebfe52af47a2720c660ee733 |
| SHA512 | 65c377cd3455e80d640cf8c84c70c405b86aaa4362e2e8fd3922b817333eba05146ebf49e03104f9d69061b09274c8a1320b9c2815c444bb0d7423c2e822e273 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-524
| MD5 | 8bb83b70813c15d25f904e4f271365f9 |
| SHA1 | 8189b4fa230a4276f41c5089ec97952f2db7899d |
| SHA256 | 30eabf53f4efb8367f788abf697c0663ceb131b32fce9940c286bd78d90bb684 |
| SHA512 | 96a4b72bf923dd6666fa0bac1df9b14e6913931e2c1d1ef70fb2bc0092244645f90ed51a4a1ede591c02394fa3435b6ded31d4a579f1649a0631c9661586a3e8 |
/storage/emulated/0/GoAdSdk/advert/cacheFile/524
| MD5 | aabc32607daf8129de08f424f231b327 |
| SHA1 | ca45dce8baa2f7ba794ddf2c4fc14dec62e5a8d7 |
| SHA256 | b20fe7ca7a7fe644affddff13c61c4043811830bc9a4876e754a69b46c308f0f |
| SHA512 | ef612a154d548c5719837db5d518a3f3bd66df2ce08e55d02a5af6ee4ebf9267cbc75d447328ed1fa820c2078c58ebe1dfb3c6b232f7c5fbfd3841915bc3149c |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-520
| MD5 | 669d2f2ae440db3ff7fc60ec7dfed95a |
| SHA1 | 63c07e54af1d90d4f00d2c558057d0f4433fc7a0 |
| SHA256 | d58bf6506c73c19f5f286eb61b5c94a2ad54edab0cfcbb5175a91a73ea96016f |
| SHA512 | c4141fb14930fafcaabbfb931f393400a1b5a7f3641dfb4e6fb6fa1df5d9c5d55192888465783ec666c3cb9c7eb84073777717a3bac4d09ef6d3c3fc0357cfcd |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-562
| MD5 | 0f6d95cd285a19600aff38773b613462 |
| SHA1 | 2878c0cdf29291ec6a9638df5336c821d4ed0111 |
| SHA256 | 840f700c23ac40d629da912dbff0242e1e06a065cc83fd0df9fba06cc0c90bb7 |
| SHA512 | dbd7e414bc9f086fd7e661fa5ac1baf789c4c1a3aa505311475abc45af51ba1873123d8604c0f3d83568c9ca16afc89eea4bfc0897a6327c66622bccb70ec76d |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-692
| MD5 | 2bd73dc89649241ef30122f9e2fa9061 |
| SHA1 | afb256de7a7aad04b3be429172d8402ea1bc30a5 |
| SHA256 | b8267b920cdf10a72a2816cb52ec9e6b13f7bae8f97b1bf0810ef443a935d083 |
| SHA512 | 51659630eceffaede1d83edd9d9b058988673a31975e87148dceffa71faa0657af4a4b04972e93a998bb84415f54c249af3e887fc510856722612118f8206c0d |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-1844
| MD5 | 55c1967db3c6f92886a49eee05c1ca88 |
| SHA1 | b9628b3f9feb6a475c1b2a5c6a8c2dbef8b7ae16 |
| SHA256 | 8f6461d71e98ad0f2ce35fa27a1807c429c7daf784143e5b904f5b91acf596e2 |
| SHA512 | 0aff7e2ebed46ea35b664ea72c2668eefcdda27ffd27b3c8bb9e37cf406a4ade53f33cf039af5ba87187b7917af5cbb565256b887c4a90e2ac13afcc98e1500b |
/storage/emulated/0/GoAdSdk/advert/cacheFile/BaseResponseBean-2072
| MD5 | 0768412b7a0d696e89b44b39458c4caa |
| SHA1 | 25eca16e68b47e1e970de48dc7ab556ff80104c7 |
| SHA256 | a4598ea3763cfecf044114fc69137e0e040e037f37c9e402819dae7ed901ef1e |
| SHA512 | bf94253649b0b89e53b30514762878cf6a0237d78be1763009551823137422f852167ddafa010dd2c37aafa33b07cbe11d20b3d0f2b658b9dfea942cd1f1e98d |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-22 09:52
Reported
2024-05-22 09:55
Platform
android-x86-arm-20240514-en
Max time kernel
3s
Max time network
131s
Command Line
Signatures
Processes
com.jiubang.commerce.chargelockerapk:com.jiubang.commerce.chargelocker
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.67:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-22 09:52
Reported
2024-05-22 09:55
Platform
android-x64-20240514-en
Max time kernel
3s
Max time network
163s
Command Line
Signatures
Processes
com.jiubang.commerce.chargelockerapk:com.jiubang.commerce.chargelocker
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 216.58.204.68:443 | tcp | |
| GB | 216.58.204.68:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 172.217.16.226:443 | tcp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-22 09:52
Reported
2024-05-22 09:55
Platform
android-x64-arm64-20240514-en
Max time kernel
3s
Max time network
167s
Command Line
Signatures
Processes
com.jiubang.commerce.chargelockerapk:com.jiubang.commerce.chargelocker
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 172.217.169.46:443 | tcp | |
| GB | 216.58.213.2:443 | tcp | |
| BE | 64.233.184.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | mdh-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | mdh-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | ugmvhqngkajkfr | udp |
| US | 1.1.1.1:53 | qlhtebrx | udp |
| US | 1.1.1.1:53 | lpapkwaqai | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |