Analysis
-
max time kernel
165s -
max time network
186s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
22-05-2024 11:05
General
-
Target
670b1c2e47887865cb3617fd064f02d7_JaffaCakes118.apk
-
Size
15.6MB
-
MD5
670b1c2e47887865cb3617fd064f02d7
-
SHA1
f0e07cae076e2c3662b123b238512d3fe202aa31
-
SHA256
41adf0d6eae407ffc1fed9a4f3f7b6771f3c437721c6a2a9d62237b54b9c5483
-
SHA512
a5caab32933fbc9e1d0695fee61e3c22495cb5fa111df1198f8010ca49d881cf7e153afbfa2ca7f305add7988bbde573224ebecc7605f35e9904e66c8af88219
-
SSDEEP
393216:AT8ZTMAYm/KfPBlClOg2I4XH18fBLmDW6F1W9L7x2DtYNAp:AuMAYuorOxyXVgk1W7fu
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 1 TTPs 3 IoCs
Uses Android APIs to to get current cell information.
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 6 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 6 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC) 1 TTPs 6 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 6 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 6 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 6 IoCs
Processes
-
com.liaoai1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
-
com.liaoai:ipc1⤵
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
io.rong.push1⤵
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
com.liaoai:KeepService1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.liaoai/cache/__report_impl688403058686410789562749975390.jar --output-vdex-fd=101 --oat-fd=102 --oat-location=/data/user/0/com.liaoai/cache/oat/x86/__report_impl688403058686410789562749975390.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
com.liaoai:remote1⤵
- Requests cell location
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
com.liaoai:bdservice_v11⤵
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.liaoai/app_tbs/share/core_infoFilesize
49B
MD5a8c5a50009c227aa1ae749dfbd5cf918
SHA1b1c76ce4ff6b13a912ed7822a9bb2635516d447a
SHA256cc28b039f3264dad64f7bc98c8156bd78d90434b9facd7925110e9d94aed0eac
SHA512e3afa08bf9e9c42e1c952892179ab27e451367b2eb3ca21fde5d9d71e5a1b880dc2b5f6c538dfc8cc494c6fa91971671ea3f8f1f4dea9d6f8954335c6203e1e5
-
/data/data/com.liaoai/cache/__report_impl688403058686410789562749975390.jarFilesize
32KB
MD579c05fe432b6ffcabe443a072d8204e9
SHA1b0fd0a962e35851a337331b540a625a031825e54
SHA256253dd95af1bf4dd543619ab7611d2d9452bb39dd8dd273155dd42a6b58b257c8
SHA512199e5edf435d6bbe7eb16eb68474798224cc49673ae35df27feb74100db926aea03f148019109dc2e6cdb56523dd39783fdbf44715bfcb8c98cd73d22f1fb20c
-
/data/data/com.liaoai/cache/area.jsonFilesize
4KB
MD59aa5a18970904d87bcc59cdf5d601272
SHA11957896ef2c23e6c95bd219e38bf8738c5efdd93
SHA2563026f13b4752a42b7741acd0919252f3f5ad9103b5818626b728807f655b4863
SHA512c277bb2fbd858f3202ac3c03eafc484f3fed898573959cb8a4eca8d0d8dcf04531cb6fb4578711e70b40ef9fa40be70bd0b9c299cdeb603dff462b9208f1933f
-
/data/data/com.liaoai/cache/area.jsonFilesize
16KB
MD5efb3d55e06f32139381a4e93654e95d8
SHA172470f26339e788a5da9a9ce03d627ee494937d0
SHA2560050fc12dc15c21104f7798dceaf1dfe2cab77e6aff8661e58bd3b69a136bc12
SHA512aa7ede2e25e6658a33d7e2a18cfb536b5f9aa2b9469f31db7461d4e52936c1f2c2a8d462ef6dd9aa4f957a681ad936420cfb86b7d94d91b30fd2bbedeee5a2bb
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
24KB
MD525b8716b986edeb6f2032178bf7307c7
SHA1cfdfcfec79a5fdefdfcb168e128623cf956c6db2
SHA2566db689a49ed94fdbe8fe332946c315f25e4afceb8280b5f8b60f7450d6130214
SHA5126b42bf41d1e808006f09ae6bd4a4ca99c9b556cff0463a855441ca7ea0c25279c6b4425fb0f390bf1fa8de6cd03cab8eb6ba3bbea79beffcac42c995d9887787
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
20KB
MD5f1e360d6e5f896c18cb31c11d8bfea47
SHA17e7c2392f81630534ef0322b43e30ee683ebf881
SHA256678c7fdbddda534c9000ba7abc6547175a3e90a5ee03d25de07b538d195a1fbb
SHA512e236f395c715dca6f51a20781a45de2290bc62c7837b584641bd316013e343bfe53d10f2f2579c577e39f65990e3b5221b046a787475c164b3e38ba6780ce133
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
16KB
MD565e8e1bbd323c44f8949b46eb9657657
SHA19a81b0471576c2190491fa4aa469efdbcc82bdaf
SHA2567cc60d8e29b2ddbde5e53ac42cee52afe6b40a8ed04a29965a6b046d025434ab
SHA51205196fcfd1f9b2aca2774cd7e42472ba7bdfcdf7ef848b26b42169a342315780e726bc64ee41812475548d47fa6d534c71b838a78165a46ee39ed3f1e82ef450
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
16KB
MD50d58933c6f834cd8d8e3fd450dc7bd9f
SHA1491e528440b5b9197786ff1ef9c8e39a770a59f3
SHA256545d190535fdfda86fd0cbb71f3adb67ea07386eebd322a0ea5d4e9bbff5d666
SHA5123c2ddf90ca8b5492c0f94ffb14faac6ce3c181c0e28c459b1be72b8fb335eb3d9aeec96b661fb97d80b1dc51b2764434cdb6e8f9c7cdba900bd1a1e4e7a26d4c
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
16KB
MD5e73dbe1d79310a3f20a6c0e9d113ed17
SHA116e91003c5a2223c1807769dead56af05e48d085
SHA2565641766b28b81590c2f4f6e1ce98e3ca9f55da855648481df1d980e1a208e884
SHA5121376029d1e24d8e24b734c6c1cdc6b455bf1287dfae85777f52638b266edc7e52f1ae339a4df70e67137ce9141cec7dc07ea16113398e3fe25f8c066e89f2500
-
/data/data/com.liaoai/database/pushinfo.dbFilesize
16KB
MD53ea3d1b6f63943dc522cf58c076b03e0
SHA1e8f713fcc92e49924e4163e6df6439012b6e7ec0
SHA256297a72f352524d4e6a0e36eeb388949e18911368625411bad49bfb0aa609b28e
SHA512b3426561e4ec6bf131f2c8c5316a861d3d2dbc5883d06adfb0b66bd46309ad0d631d3ab70f599f7874bcad95c23b1fde905f445d2040115d4551631bb6889e69
-
/data/data/com.liaoai/database/pushinfo.db-journalFilesize
512B
MD5fcc6d14acd35ec3638f901e0737b5218
SHA1244fea455f9a7ff757d168882bbd6f0f4bffe30a
SHA256c58561ec77e052d22e61812f5d26173ba8dc461ff2846d844b2d2b42307d5901
SHA512d4d7dea0ebcc19e10590942aa8fece7a399abf23f82d2cc5d839664ddf7e266f6f180f6181c72a9b3a7952b3420ad951a59c9f3fb79524be9f822eaeb598bac9
-
/data/data/com.liaoai/database/pushinfo.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
36KB
MD528c5eff603aa074de9354c891f169004
SHA146255da2603ce17c92bd8aac1b8d169eb69d2afe
SHA256afcb3fa084d2fe53c81c2baf69d4b1081085a29c0ac80838f550220d74e2e703
SHA5127f31a7162cbce00c17342b4b3adabff7c3b4aa5fbd9bea703135e922bac6b35610877f430d9027405070af3610f39477e291a260a374c148e8260a9b8feac3d2
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
8KB
MD516f20e0a632d6eda71133bab5c737b20
SHA11e7d53d7775cf12e19d74087429f02bd8b8fda39
SHA2561bcd68989ce34f6e9bf663fa5d63d8f11358b6bd2a7e682f256c9623fcabda9e
SHA512f1936471ed65d0336aafea2f929ea4c447b9d18be2cb88eac1545ec6b11eccc97dbe2cf84f66b73c750b60415305e848af7eb5934445ad8c11f25f8501ad8c7e
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
4KB
MD5aa3794cc1ab9b6ea9435c6ea92f5af73
SHA18f462ae9a3acf07e1e32e57ef1398121dc766cc3
SHA2560408daa736914882b7900e1c1810fa5effbb5edf277f495dd76660cac19cca7d
SHA512f72ef1a7b9eb64858b439f30b069287f5cca9f68f052257351885a2110e02ebeb0e42ffd02186b3a875871e56bb5a78117c0701a472dacfec586e158ef588e19
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
4KB
MD5496e4055e4c7302518fbf01b70fb9a68
SHA19333d9476e064ec46fb7f0882885063d46d71bd0
SHA256992b0631bb1b5fdf8221baf7b327c31ea4e5eb310a1ef50ad903ee5a19eb6959
SHA5128be160b05505d9dd70d7600d178d7cfd09c09815d6fb4aff8bc7e4923c0d967aee76ac031aca3ba6bb0c5fb5f35105717be78642195f34f4a01be44aa1f55b37
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
4KB
MD5b4bdaf4d748892f7ba75ece9e71c7f55
SHA15e872c4437d9700292eaf995d750a18e3634401e
SHA2567fdf9f12b805b35bdfb0bbf4a20c521288d07b928970dc2017a80cad76ce5e40
SHA5124d52091d6236a90af008f67256d4efc7ba57124d7349b82a9415a1b2902a51d21f67d67a5dffab72f34d6b356f004f626b75b6e4b7a864333ccba8e7c39166fa
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
4KB
MD5106a1858dd6a1f928a95dde3a151247b
SHA1f3458b1dcbec7b881290ed0375387be1f2008dc8
SHA256ba2d57fe0869ae24194c0411d7e3718a339e8a41702cfc71759ea90fa5d5b240
SHA5125db30d4e067bb7820382b4a63bd3094111d938a8ae75ea8b99911f34f28bbb1b0932ad0b0bfcd4a617ff4fd084e969ba6dfdd151fca4ec3faf962400313f133b
-
/data/data/com.liaoai/database/pushinfo.db-walFilesize
4KB
MD56e179158878ffb75c65ee120262dddd5
SHA11d12ec34aa3c16042873906f52acb72d1723eac0
SHA256caf80a74d1f68843df53a42dfd4db810f5132192825ccf578fa62e30ec678b3e
SHA5121317ae8056f08d1d6c23905f5ece5005f1ad8d69264322aaaa36c91fc54480e9daa7c50f39a1461d358e301145ffd27730a7a5484cfe52b4761fae7a8666e0f4
-
/data/data/com.liaoai/databases/dzForum.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.liaoai/databases/dzForum.db-journalFilesize
512B
MD56d638fded145477a7a9b6ea3694806b5
SHA109026fd8072d08d78aa1c5a32d03ccf6e7fdc436
SHA25635b58f009d927591ea07e80d319e217db59117ed133417bb3272154054358e8c
SHA512a2cae9221812d074fa1b4d7febd882bf553dfe92f3938850d86e1babf3066b8e21d20c6f0c9db3f6caf86a8f0cfad54498fbf888973842e1fb48ce2a5e39e411
-
/data/data/com.liaoai/databases/dzForum.db-walFilesize
136KB
MD5434e27d193c48d53b050d51771e76c01
SHA134c3caad070a9c9b85f40f5a39f9913924d4bd13
SHA256fdd9b92bb1f9c7249753df25ec1a8fce0a8b63d5e71581d4ae2d4dad5ebbb3dc
SHA512cbebfb19f05c6ef9f6aa42016d77eea6fd36f9c79f730b96c0cdab1a401996e5ed19b67a88cea8d8f2ad88fd1bda8ade639dd0ef38130d856f05141264674c0a
-
/data/data/com.liaoai/databases/haveAd.dbFilesize
20KB
MD5351dd88162aa0f4ed878cf2071037259
SHA10df5c926f134f13f27154d46661a21d9ad87fd24
SHA256ad9fddcb5e48fb5baa5bb6cc0b66bec7322f0231822fa997e38fb9abb8098978
SHA512cc42052704ad9d61050c8aec9d0cd89e7b8c2437620bb28ce3a012cb66566f182099c25e2b9b572ffd23a7a8b6202dcec0ccf6f963dc6f387e8924cfa632e0ea
-
/data/data/com.liaoai/databases/haveAd.db-journalFilesize
512B
MD5a1bd81ad7255e36342b42b83fe53493f
SHA1cc3e9c6d9c99aed9495fa387458306425eb40058
SHA256261274f0d5a71ccd9966e9be295bd78e6a611e55737ac23f7e0a0fbf1cc9e71e
SHA5127db3e51b3e68f758d2fbb1db952f4e2d8d47fe454ecedcd07439fd8efb0e80060b9d100cf774bd1b7f9344e5892bb2041ddab61153d716326a4f794fdeaaaa87
-
/data/data/com.liaoai/databases/haveAd.db-walFilesize
36KB
MD5bad1c94ce53758414338d8e791fbbda1
SHA1fe60713fdd5785893f585a161f6b34925c223f4d
SHA2569a8eb7c6ed2cfc238c89dfe8c7a862f55e8514617303e5e6bd33f2722f702a37
SHA5124f05dcd37242a3a62a9131a9f8ca466d172b3e95575afe47d68b1938e2cef8a6bf83944522e2cc32b6b8ac128e60251743bea72dbd9bedd15aa0bff940e42577
-
/data/data/com.liaoai/databases/pushstat_5.5.0.dbFilesize
56KB
MD55f062de6dea4f911b9be594dd84b0fab
SHA1f6d801c770f26bc82a52c50a3ff12d28bd757a34
SHA25645431649563cdb8613fd51e31e652e6d3578948e222566aa83d3e22460c574de
SHA5123f741275ad340a1f6400e71ca8d9c840131d028110d294df315584ab10b2b2f925df9e1c1a543889ebcdf2e0c7edd3d2c4c506d64cc1ccd6d0354407b2985198
-
/data/data/com.liaoai/databases/pushstat_5.5.0.dbFilesize
44KB
MD5ff2f7349c767d9d339a21c28e9f1cd50
SHA18cda2e5a2f4a18ff959ecc56eaf08c982642aa49
SHA256219c1a206215dda1398970da6e288c7dd633586043477158c1b66c22bebe984b
SHA5121a84b75d5a926a327a53e3b303ba58bf06aabf9d3b07f34b33e5582261d7177ff46892338ddf8f0fa3d2a09ad0b6b4a1b820b6e21e961bf1162ffdee57069e8e
-
/data/data/com.liaoai/databases/pushstat_5.5.0.db-journalFilesize
512B
MD5ed58618d3631fd0da05628a0646a55c5
SHA10507449f1a4c7c11b4b919cd471ccd6239dcd648
SHA25682f76023940128ca589a4a72e8e215d27c7c52cabed5f61ba359ad6b84c47fff
SHA51277fedc67a84edb1e8425e7133a08ba949c64f851adf2f008e18ba2b90339e38566d5ef646b1e6cba179a8b536a4baec2cbc1981086ad3337c030789030f8387b
-
/data/data/com.liaoai/databases/pushstat_5.5.0.db-walFilesize
8KB
MD5afe815c52945db19be4699445c1f57d5
SHA133096d878edaccf504e6547d24879a2712e002c9
SHA2566bc0340e397b319732b008d175661c3862f7b11f7aca494370271dbf2b763671
SHA512eda50f4feaa5cf4bd3eb0960bb805517ed46c470955b3f4ea65bc4728448e0b29d33e81967a378e7b4fc622ba3a5a6709dc857c82b2429f0453179488ebff8c2
-
/data/data/com.liaoai/databases/pushstat_5.5.0.db-walFilesize
76KB
MD55cfc931969006d1ccb5b2cf12d1ed3e1
SHA110690c99b5a04f14d58fb87dfbc9cd60cceece06
SHA256a2f11f0637d1966675c2ac66174f625327e9ab0fcd7cc8fe3cc6be6110c576a3
SHA512801ea6cedd1ee1677bb9541af4ce5f531e916b5aba57c54f3a07cbde5433018649adf4a60714c7893f42e156e116593cb6349c7ea5fa4f1862155ed12e2610e0
-
/data/data/com.liaoai/databases/pushstat_5.5.0.db-walFilesize
12KB
MD5fe71e26b1e71d2e831c3b7c62235ae4e
SHA11fca01843021ec2a7dfcc842b79057bdd39e1033
SHA256c41c501851caa2f1be93a64d233acf54e9c60cd8d6cd863fbd8f036b0ebf22be
SHA5124c4eddbea5a41a61c3a02b9b128ba1eb2d7216af3695bfe917b98cc4d9d67b9fb02f6dfaf6c1bfdeb6d35c8021e7e086f498a4cd15931cf373ee232f396f70bb
-
/data/data/com.liaoai/files/TDtcagent.dbFilesize
32KB
MD581fadde62863132ffeb46c42ed4f43c3
SHA16b807a700160c33ee07418d9f84194a75f51836c
SHA2561acbf41655bfdc5e24da90a6172dbd8e454fe22434a3b9703a47a190c32283a3
SHA51208d06163044f31509ade89d6296dbeb0570a0af0f3f5eae168a39ab77722ae8ac9199ed1f50c4a976126e613d59cd176228c668ba20221d932e1cd7ead8aaffd
-
/data/data/com.liaoai/files/TDtcagent.dbFilesize
24KB
MD539d54dca651f2e4ccc9deecc20f5087d
SHA1e6a1d977824ed5b0a873d2ef9e5be3b5bc19f052
SHA2561244d76b6da230fcd6ec7f47f9a80cfef3fa0444361f85020a3b5374b4ea935f
SHA5128b2beb8c51de403cf33ae7943d12638e78c40b283d50b8ea3cd64b53d2da8a17a187e836e1d410e3fbeef619ffc86cad99163641731045b4003eb407db891e06
-
/data/data/com.liaoai/files/TDtcagent.dbFilesize
28KB
MD53ae835f3a5dee77df367d053e06c8a16
SHA108eb56961aec83c0ecc2efeea9b7e102c4de50af
SHA256fd98a28c3b45a1d25c84b4eaf30bc694c8c9a5ab0a1f392be0649ab65fa6411d
SHA512649576328a92850e1242a2f5ac20e8f8fa71d9189841639a147914042aee657a8b55f405b5cfa55244e0f379e51871d8e96f3c3f6f149ef02711be14e1e442a6
-
/data/data/com.liaoai/files/TDtcagent.dbFilesize
28KB
MD559a538a836328e865906f5b4c11ac1fc
SHA1d0e2d0d1ccd978b91e1ae2198f529bc945b8c6db
SHA25689ec6872fc297ddb4b1f2034899e6a52534cbfc8811250b8a3d7664075d58c51
SHA51276a606409a03ad44e1a9d2e5d60d5c28314d8779d910ea3f6d4189d5d35f814b18a8e6b877dd177d9f77ad53648b3b6e4b333eac9cb32705d69d131d825864f8
-
/data/data/com.liaoai/files/TDtcagent.db-journalFilesize
32KB
MD5a90c3d34493a865d4a50cda0a2d36aa5
SHA123ecd1d5105439368c576b9b553673664450dd21
SHA2569bfd87707f832d1a15bfceb616fbd89a17a8e07751bf758e1243e1065bb1e9ab
SHA5128e8fa5e28c14e402a02ebed2daf3138aa8abafff690f006ab67bb4ea7849a09205a6a2fbb67e2d45cfc926ffdae0a2b5e394621a7e07975cb7078981b661fe7c
-
/data/data/com.liaoai/files/TDtcagent.db-shmFilesize
32KB
MD50747464c53f6417d0be226132df23923
SHA1a6ea482aaa61897f3368e45d4ba36d080f02fdfa
SHA25653208b64a062cf879b835196d911a8d4b76b6fe2e9849b6fafa86f63faa7e2ed
SHA512f4ac04c8df86d3c02ae505f3e034f981954aed24624716922e6597b1dc110781e216848d8c53c7471d949f09b234b9943ad642a90252b558d6ad9472489130f3
-
/data/data/com.liaoai/files/TDtcagent.db-shmFilesize
32KB
MD5a8877ad5777ad24740683ce8b0dddbab
SHA1effca7d73442757d9027621ff3b7c45d311b6c6c
SHA25663f898595cc1c24b691818df74225351e2dcef7589c0d91d0e1c8816d05fc9f8
SHA512de3ca3255b557a14fa72f0ae83cf9436b972e609bbd7dfa6c87ac671e03c34e605a1da2e5a3d697f47b7e64fa2e612edb74fb2735e0e58f38e4d6ec7c2931cf8
-
/data/data/com.liaoai/files/TDtcagent.db-walFilesize
72KB
MD5342bbab17df495fff4bc3348e122fe3b
SHA1493654d959afb59cf6c4642caef4e047c56dee17
SHA25660245063ff2d36e07bd7cdf18933fd1e2ed79ff1f1e0e6d160c596b34afc7b45
SHA51285f4e8a6525aa98521bf8fbbf046ee1580e8228b51e82311b9608ba7724b7ec63dd282d1b55c5acd8af808d9aa72b61ccad50333b1ea87cbd0cd65f5df97b16a
-
/data/data/com.liaoai/files/TDtcagent.db-walFilesize
8KB
MD542fa99fb325bd5275b3b3e502383e015
SHA1b9ceb21f572a7b35180d3d0aadfe54cda6db5da2
SHA25680f6cee4068346182c1d8837e678534492471878b2d289bb5ec42c085e50d309
SHA5125fb2b2046a335bc91bb4b53ab874561aad4949956c39d41718440198062bfd4d57004cb7078c01674426493994f368fd948feb3a9d8d94e2f832861576e26ec1
-
/data/data/com.liaoai/files/TDtcagent.db-walFilesize
8KB
MD53d2547164853c922e6fd5a1312173aa0
SHA11654284d1732dad7eebe3a1e7261a92e31c1646e
SHA25644cd3e2c597dc86fc79108ce6b7fcccb921b05072f7d664e26c1bd0b51552e83
SHA5124ad1f53bb73ff64a2d4d2550faad59b6c0c9a4c6e0f02b5eb9676233d8e462702d39deef2ee6021f9da7be1a83b6949a9ada03f38786bd1025b2b9886b841346
-
/data/data/com.liaoai/files/TDtcagent.db-walFilesize
16KB
MD532dc55f231c0c70c75335e366233d15c
SHA18df2a2a9e7897b023e8a824e1bfa47c7729a23dd
SHA256f3159bfe3428761150a7d53885060e5345c5181ffbb16c7266fd699065a02404
SHA5120b2d331c74bf3a9cbc1d241841c779e992d31fe72d42948c1d0618cbc929baaf94ba5d08f55e29466a87e18efd1829545ffcdd3bec56473738280f2e7f9895df
-
/data/data/com.liaoai/files/TDtcagent.db-walFilesize
8KB
MD59de4b16fb735db0c67ee29992ef06b9a
SHA156804aad87c1c10b60c69200f8ca3760b08612c5
SHA256fcdbdf55f15eff4fa09761f1eef6c78b39ac694a65d51837826dee64eaafd678
SHA512cb259d136b8311420e99f2f8d159068e1642b2a18c6c32a0f7c26eaf30474db3fe37ac4f833c859b1a41af9ccefda2a3c164bed8b4810bb539ea7e86e5fb0613
-
/data/data/com.liaoai/files/libcuid.soFilesize
129B
MD51530bcd915168b013e0c7f030a7e042f
SHA115182825afa15d56c807945334014da48249c69c
SHA2562222959b30643b47a1d393227cd001356e2a1822bf861ae7b3968f53bba3f5ca
SHA512f81f1f6ab8fbc08ae3da31d2be7b3679b34b41e8d86e184b8c329ca636075d6472f03dc6595b1cf4ead9798b7a3ad5f94678aace8dc424606fbcfcca7633e57e
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
28KB
MD5d39a2250f303cbe3be2c21c012858220
SHA1a3393c11f9f7bdb357ea3e40025dc628fdfe4ccb
SHA256351afb42a0c36e9676ec0efea69e7e6dc395969110aaf6e2c4996e241efda8bf
SHA5123bd70484b2d5b8ce4d3f48053153761a4d90dd9afe7078f8c56df68ba1eb28bc4eb8ee2c9ff6af83c43bf5c735bf172274bf55891a48083954f45a087df45b19
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
32KB
MD52b382ca823dc24c83ff7ac521469d3a6
SHA12b1fb122f01ad0811961ca6b5c9434ff4150471f
SHA256fe49fb2d98b222978eddffb28d2e5588eddea0b3b114d034c22565a751eb0913
SHA5128941c4993b62627ea50d9ba8b6a724d8de074b70dc34f39875c89c2be6d1a245b09db87752d8da48ba7cb9206adaf8b2249bdeb545993ef68a036b87a6cfc6a5
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
24KB
MD5ba5203ac119e38d03e1eb9f3364d42c6
SHA108f2174e10d315d949681fb1f2362c6a01f77225
SHA2563a24bd7501b6caeb9bad721ac612246f6aa17e249cbbb1c2b6ec7c1ad9e7d194
SHA5120f2a69bb56e569a7bc12f3264bfe05b06342d031fc4364610c5e53e014061dca6380bbf621bd15746916efa24750143a1f85ee9ce63b3189d0f1a2d5e7871279
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
122B
MD55c515fa95df73d9212b9e47967ab4ec2
SHA1f1b61de6337d35401b568c5c9f81554c915fb0c9
SHA256e11ca328a37d6dc5549f2a681ca45f91f27002ac9fa02c4da332ce874f334f61
SHA512c26eed21ff6d5d06a79ab310a0fc3913f01822d24c29ff386fd5d24703c4302b13cfa9e2b8711bc128a7189a619aa1dad3afb985ce0ff69344881f317fa1472e
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
92B
MD59987e50145ec5bcd08b194f688cefc00
SHA1942a30c9f99cd92cac1a5c2cc53d3143844d8bbe
SHA25699eb518f4f39808e5bfd13504b787cd90e32d8599611f6840b2e97e311c37ced
SHA5126ee8d4de86c400e814cbc765193f2cbeb1b8921f7fbb6ccf386f7453b298ef1cfe09032066d6ba277cb6fe0411347a3b1a653d57bade910ab14b9f689125caa6
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
94B
MD5f1ce634c4049c38b6dc2a016e53289b6
SHA189783af772edf04e35723dd577cf20b18a6a5be5
SHA25682a40855bca397f75bae52830d0ae82d9a688b8cc0f2ace038e44458ce32490d
SHA512c7f69cce79cedac2033ae7cf57b6fff10ac04d7aee18cb590826dfbc9f640f2e1b6f8d6fb86848a88f650770d28ab7ba39e1a7543298e347541088eba274594f
-
/data/data/com.liaoai/files/pili_qos_index.jsonFilesize
6KB
MD5a6075d4087c491e7c5f1cd63679dc8be
SHA14cfd446c750f0317760d8bef1d38516bafc50f3f
SHA256567b9e7a40238f6f6ac2da3db6247b78da585c9f29c73aa5facbdc0ec2011bef
SHA5125f9871f166a543f4438c6a90d6297f6d76be330be88b8b0675906cd59b76e071790d9b86c4350f7a55e31ecc87b5b551d8770e5969920d9a2e4f52b067a09bf8
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
94B
MD5ac3f1dcc8b58602726a45413300b51e9
SHA1434fd655db592f87850dce8d69a905cd2ba14b27
SHA2563d8aa29cca5b8210bbf04dbe7d547f4851bc24eda5567ee73e670c95076c3fb2
SHA512a58d4ab3e4aec96cdac36cc7df6ae12a265f36286349d6a9c3d435cdd0f92aaf9ea58d5cd4c14f6990b5ab8c73c49d871db73c963a3cfa3075c5749fa3e6ff72
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
147B
MD513974335af593548a3cc4a3727c3e226
SHA12515f443e5da9b85b9687e5aa93839db4679c1e9
SHA2564622ccc24fca84238deca7a4eb9c23b46e67f3aaa93b80bbc245575ebb4c96d0
SHA51293f1eb560848226740fffe5dd64244aa3f2dd7586dc3f9c8cd85cfa7d58cd1e72bfb287c890e3b60f6bb032a5ae97f76835edba74a59181e121bbbb7a58d40f1
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
91B
MD5d728026f29eafe87463d1298cf1319ea
SHA16e8816fc828a0c583615121de4b370e7fb047466
SHA256d9babe18fdfadd10a9a44e73958505f2e1c933ac54fb458e928fa5922372a76e
SHA512157facb56f79612fc072da09e5b911ada0f7e5ae6c80adef7cb884a8202509cb76c22ecb30a01c90d8f368817eebae4e47d91257fcce31f518fd2eb47fb2e312
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
122B
MD5405b529aaa3805b702f06622be56fbe3
SHA15201365058f9e0ab0213ad4c114d66e862a3daf3
SHA256c028fb42b2940b664dc3827acd867b8e5260d5be3ba20ebd4154863ba21f8490
SHA512329c4cab03b80cc77554eb3af9e6d7a437d846a75934faebc7685dd2f0f9ad71ec06bf8b6c55c3a3fba67d754a66b27bd048803d4fa965b6007eb38b7013cc13
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
122B
MD5d12363d5c188ef08f6bebbc2866ae1c4
SHA145220de5b800c40a9a4181b543625132c17039c3
SHA25619a5a8e67373a9be4fe5e9f9c04681258565df7d3d518d0cfa3a247b4b30f4ee
SHA512f226ad0e333e47fdd29aa4a7268b8d0adbfd9b485159ed9acb24ab27e538c5a871aaf1c6b716617ad273b1a058497461b66b9aa2dc0ad8a8832cf78036d6bfe4
-
/data/data/com.liaoai/files/pili_qos_log.0Filesize
26KB
MD5127311814b5c37475a14e15fd126d700
SHA130977f6452b484022b334ac7d94627c40eac7b2a
SHA25657087f1a759efa2cf0c71a6bdfdc7d62fd7dc0be2914b421f216ba76a1b6e414
SHA51240dbb19134a21fa42de36e71962e562792eb081d6a6c8bcdf3ef8b4c6c48659135e446718ddb029b420015cb227cdd5ff5d17368d07cf94d712755226228b677
-
/data/user/0/com.liaoai/cache/__report_impl688403058686410789562749975390.jarFilesize
11KB
MD55dd69cbc889b52848dd674e248a759a7
SHA140f8f71b6316939385ed49931facde98b9a96edf
SHA25615be352c89955c8582c45f9cb38a2a63d07d21a7a342678fe92c4c7d339b456d
SHA512129872e2e3ba80725cedaad44c908df87c059629c402d463de09280c71f4b1509b6629358ee52d7242711cb6bc7005175ba11c9938f2fe42b563a4855f91407e
-
/data/user/0/com.liaoai/cache/__report_impl688403058686410789562749975390.jarFilesize
11KB
MD5471c4c874572e338649e33dcd5a889ca
SHA1dc3421ed346c8b68d9be7189e24d7d54ce0e368d
SHA256cfa92b29313c366c895b35693921171b87f682f027628d03d155f0a7495c8389
SHA512f2c6eaaef6b27748613c0de70125398226659eae7a02b1496117913d5f7826e236c91a94749bff863e57d1f6a406e7df252e74d59cdf289a267cab9391bd00e4
-
/storage/emulated/0/.tcookieidFilesize
20KB
MD5fe644bf9ae47accfbd71fa1e06969618
SHA12465930b7fdcafce7053a971db30604e0c930d9a
SHA2560679994901623e8a1338396703863fe9945b809980146bd343ab13db096c4776
SHA5127d7ef4767e5b27adf9ffed163ff2eff605934afd40ef04cb07a1e9257e2f9062632c77f8b3045e400dad9dee90db4a849438e6f2b1a17bc185bbcff2996cd886
-
/storage/emulated/0/Android/data/com.liaoai/cache/uil-images/journal.tmpFilesize
71B
MD592f68913a2fdea96315123997f76447c
SHA1aca00093fb2e21fbe459bdab0534e106e18b64c6
SHA2562ac2eac4654972aad3beb821265f65ed5e813fa021b2cab54f571770b91b6c7d
SHA512320818aa6c55ead93606cf5ac01403112ae798eb27ed6a1f708ebeff9890e71be16cd23621b80e375e6f6f455268b41767fc92285b977b24f2514cd440eb2bce
-
/storage/emulated/0/Android/data/com.liaoai/files/tbslog/tbslog.txtFilesize
32KB
MD53dffb4c57bfb461e6d182df466a6c21a
SHA1f1af9a1e686b0ad86167d776ffd3b0502f9aaa33
SHA25672788f1eb20f46017d2dce492ce675977878695a6825ecc63285363d0a36fcfc
SHA51251770efbce66e9f4215194812a82e5914d824f314c9ed6490334710fb93cd92fe3374745670a2c5ca98aab93dafd86933d4222638a78e5c8743096c276140183
-
/storage/emulated/0/backups/.SystemConfig/.cuidFilesize
89B
MD5e7e5537c9e8a91ad6653f97637f4fc83
SHA1343971526131404f400055ec888efe55cb7c81d6
SHA256e4a4b0bef5b61539227560f98b20c02fd1fcddebbd4c9c333ed29273e3af7d74
SHA512aea47ad6ae76c8352898726e4f87b3222d94b17b5fb11093a4d4df1b6ac300c5ca693d49be4a7ab27305163a7ab293590e6518890ff5d843196676cbf1c354a1