Analysis
-
max time kernel
73s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 16:25
Static task
static1
Behavioral task
behavioral1
Sample
67e12f97aef4b6ea0f905ca602bbed80_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
67e12f97aef4b6ea0f905ca602bbed80_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
General
-
Target
67e12f97aef4b6ea0f905ca602bbed80_JaffaCakes118.apk
-
Size
10.1MB
-
MD5
67e12f97aef4b6ea0f905ca602bbed80
-
SHA1
cc302e3186c25de7db60a7c138976b8324b6fc34
-
SHA256
370da4c01d9be7d4ed83415d6e05942c6dc3cb2ccf67c58161124197aae56163
-
SHA512
af1046f75bde34e4b0e5943b9c99ce8782027542f148e4d0a5976c5d41f507ea87248cd7132a16852986893d0832a79cc18a784fe44ab6612e7de27085ebefa1
-
SSDEEP
196608:kchEAN638BGBjPqyq82F2a2a7Pjz1wc5+qDWIrT2Zhe:kC/2jPqyqFP7Pjz1wI+qyZhe
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
Processes:
com.vvise.ygoaioc process /data/local/bin/su com.vvise.ygoa /data/local/xbin/su com.vvise.ygoa /sbin/su com.vvise.ygoa /data/local/su com.vvise.ygoa -
Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
Processes:
com.vvise.ygoadescription ioc process Accessed system property key: ro.bootloader com.vvise.ygoa Accessed system property key: ro.bootmode com.vvise.ygoa Accessed system property key: ro.hardware com.vvise.ygoa Accessed system property key: ro.product.device com.vvise.ygoa Accessed system property key: ro.product.model com.vvise.ygoa Accessed system property key: ro.product.name com.vvise.ygoa Accessed system property key: ro.serialno com.vvise.ygoa -
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks Qemu related system properties. 1 TTPs 7 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
Processes:
com.vvise.ygoadescription ioc process Accessed system property key: qemu.sf.fake_camera com.vvise.ygoa Accessed system property key: ro.kernel.android.qemud com.vvise.ygoa Accessed system property key: ro.kernel.qemu.gles com.vvise.ygoa Accessed system property key: ro.kernel.qemu com.vvise.ygoa Accessed system property key: init.svc.qemud com.vvise.ygoa Accessed system property key: init.svc.qemu-props com.vvise.ygoa Accessed system property key: qemu.hw.mainkeys com.vvise.ygoa -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 5 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.vvise.ygoa/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&ioc pid process /data/data/com.vvise.ygoa/.jiagu/classes.dex 4273 com.vvise.ygoa /data/data/com.vvise.ygoa/.jiagu/classes.dex!classes2.dex 4273 com.vvise.ygoa /data/data/com.vvise.ygoa/.jiagu/tmp.dex 4273 com.vvise.ygoa /data/data/com.vvise.ygoa/.jiagu/tmp.dex 4331 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=& /data/data/com.vvise.ygoa/.jiagu/tmp.dex 4273 com.vvise.ygoa -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.vvise.ygoadescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.vvise.ygoa -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.vvise.ygoadescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.vvise.ygoa -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.vvise.ygoadescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.vvise.ygoa -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.vvise.ygoadescription ioc process Framework API call javax.crypto.Cipher.doFinal com.vvise.ygoa
Processes
-
com.vvise.ygoa1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks CPU information
- Checks Qemu related system properties.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
chmod 755 /data/data/com.vvise.ygoa/.jiagu/libjiagu.so2⤵
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
sh -c ps2⤵
-
ps2⤵
-
ps daemonsu2⤵
-
ps | grep su2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.vvise.ygoa/.jiagu/classes.dexFilesize
3.7MB
MD5f8047e1d051b3eb80c612b52484d5848
SHA1b91a3adc353edb09b3fd2360dc313e9f4a30f437
SHA25649f27d8bcce9178c1be6e06f0400cc2959b5f9e8b67f1fdd82186be65dae62bb
SHA512d4b2003342f5d2a64b3464aebe9013a7b04914e2d171ea86ebb6a186e21e39174f4da7fc0a72525324632aeef3eaedcbb427b0c78094faa97534df721d1c1122
-
/data/data/com.vvise.ygoa/.jiagu/classes.dexFilesize
5.6MB
MD5b2384eedf584cde814305d5d3751a820
SHA12d117aa9d5b736763232d9eddf05e3cba66ae11a
SHA25623c34cdbd91e28b6684d3d293ecb06df454ac3817f72586a58413538dfa10050
SHA512cf01637ea6ebc36990b7b74c0f3a2649eb823aa822f046166f1614439acfbbc6e66ec84d1ffc4f757c37d02a9d1a7856d61af2dc58cfda7149c071ae749c8080
-
/data/data/com.vvise.ygoa/.jiagu/classes.dex!classes2.dexFilesize
3.7MB
MD5a4f6719e426a95d4d51bb3542ea8792a
SHA178ce5475ed37d72539e572e95ca16e8046b18e8f
SHA256308ab0a242f05b37e7e3de9012925b1f5050c478ed9ddf2b998c486ae606e9b5
SHA5121a7176d4c7a77f80e186e5ccad4587cc1be4452501fee0bdb49ef0c07d29abc132656f7bd208da88e5537e6f723daa48c569fdcc4415a4b5a16581f7cf67bc6e
-
/data/data/com.vvise.ygoa/.jiagu/libjiagu.soFilesize
446KB
MD58f55d5deb281d8aa1a0b9f72f7185e58
SHA15ce262af6a74a11931bf4b1e92a59b9acab27f37
SHA256b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944
SHA5124d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6
-
/data/data/com.vvise.ygoa/.jiagu/tmp.dexFilesize
284B
MD5f1771b68f5f9b168b79ff59ae2daabe4
SHA10df6a835559f5c99670214a12700e7d8c28e5a42
SHA2569f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d
-
/data/data/com.vvise.ygoa/databases/cc/cc.dbFilesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
/data/data/com.vvise.ygoa/databases/cc/cc.dbFilesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
/data/data/com.vvise.ygoa/databases/cc/cc.db-journalFilesize
512B
MD5ad1a6acd7e715459342432cbb01fb093
SHA154316a5ea5cbf748338428af1c2924fa921c82f4
SHA256bd872bfba057ec0c1a7940c180f65591c324b5b12dd77c80c09dcce90b1df3a3
SHA51205b8bc032286d2eb860878bfb8a69af000fd4e50cdd1b253b2d87eb9434fee780cf256f618ac4b57c4f154189d4b78f5a7bd290e07fe0c8fb1e507c31d67c3a5
-
/data/data/com.vvise.ygoa/databases/cc/cc.db-walFilesize
48KB
MD594f28e191b97692c540b8cab198fd90a
SHA15396d219aec66e949c988350fd35165d6d46cde9
SHA2562ae5acd38e7d571f7d77f7667e61ba2b29afde741fa209faebba7158b3b068b5
SHA512261b3e4591fe4a4c8b073a656effcf08c0112855ad1deb2fff660f7945023958338855bfb7ef1fbb82ee7eab2ac53b749e065395dc7abf9fe9b9c255d02f5745
-
/data/data/com.vvise.ygoa/databases/cc/cc.db-walFilesize
16KB
MD58e884256846b8570730329d28aead836
SHA1bf0306e2578935fb7c96328570eeef37c7830720
SHA2566c3408a81c4d2509eddbdc0433a07b7be7474e26a8ec70b1c0fb3f152cbe7699
SHA512e52bc464547feaf492ca58a299cf6cf2bf812e73bbfb5b75402033c7ffe7e281112f98fa1d9673a156637836fab705643f9847e501f35cdc3e9f43e79151da2d
-
/data/data/com.vvise.ygoa/databases/ua.dbFilesize
32KB
MD58101590f97e7daccc40a0a69a86740eb
SHA11133006f4b1fec47dfe0d6a6ab6fe5a1205c25c8
SHA256f24f83f7c3b3811624851cf7835248d858663ba57287c0af17a2096ad35cfbd6
SHA5123830ba50ae287a230c8c9b2dbac8d40e342d241e82390ec9cf9de0caac921d9b140df5d948ed95948ef08a7a5baa170225b708467a7ecbfb18f3223433053e2d
-
/data/data/com.vvise.ygoa/databases/ua.dbFilesize
16KB
MD52abe2ae29616c09787d27e2aef64c23d
SHA1a46957886df9191e4fc7b33b115ef4a373bcad64
SHA2566a110a15d77d81b6024718988f862463d61b40677be37b3e84112538ecce2e79
SHA512269bcb590beb51c8150d14ac243bb6317bb1cf6f86806fe6ca96f3ebde15c51733674e68b807508a7453e689fed6329751a5bc2c1d67028f8b9066710bced12a
-
/data/data/com.vvise.ygoa/databases/ua.dbFilesize
16KB
MD5ff267f7a8f9b52d43dbf9e6c613700bb
SHA1dd307d433efa7144637dc9d2f19d885917f0eb59
SHA256ae061a1ccca1a023b62434a12c29e5d2b6f74c2acd4d3a841234aae28e561de1
SHA512560b6821fa42a099e399a267b43b6d6a9bea6804c4b782af4a37180d01fe4de3c14d34f0efa71ce0c38154f6599f897c0de61dd1b9fae49eba925a1a043f6d2f
-
/data/data/com.vvise.ygoa/databases/ua.dbFilesize
32KB
MD5d604a3bf1f8d992cc320ea5b1f7609bd
SHA1247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA51267e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab
-
/data/data/com.vvise.ygoa/databases/ua.db-journalFilesize
512B
MD5cf6ab31d99e40c7e661238e0e49cb6d2
SHA10ab97f6f8feceb5e4a49286b291eb47f6baebd9d
SHA2562b676064f1c24113f83209a340100ac2edab424bc976896b0433a307ed32c521
SHA512e3173088d2cf0c55f2749a4e387ebf2293af54c0b847b3ed2cf6a51137303ca9bb786f0aa7728578474a470030f969f9e6230e96fb7da44af7b2eadbdcc738c2
-
/data/data/com.vvise.ygoa/databases/ua.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.vvise.ygoa/databases/ua.db-walFilesize
56KB
MD586de88c652416d9eb4485d6a8431cbfe
SHA1ec66aeddb995d3be6c8945cc4b3be39974f8fc09
SHA2565df4869e1302deb3efbecc8a659bcb651dbe476f5d56d6ce0b095ecc2a6b390b
SHA5123d3a3c97b4f90a21ffd5c606d90afcebccf233df2241d1c343b2bbcead7fea87007979d6bb7091b1cfdf6e71da45268164a9c7afa728cef87a7aee2ae54edaf5
-
/data/data/com.vvise.ygoa/databases/ua.db-walFilesize
4KB
MD5cb1944e5feec3e4051473681578ebc11
SHA12e0bb5936e3f5a2418a81efb607a13ae5aa84347
SHA256a93f6a986ddf4cc8c440e3a5f5d42a034be6e880c3d0f767f6fa69bb379a93b5
SHA51253e21e8f044998d1febfd243a04fa044e80e495b89f63401a8f49342f7ef859241ca69f8616e74edf00bd489df34bf0ca4030b76cc38642d51cf2f79be50a91d
-
/data/data/com.vvise.ygoa/databases/ua.db-walFilesize
4KB
MD5a50be88135ac4b5add09f38a0b0cc02f
SHA1baa2cf9d99d100c0bb1fc7cef7d722ce5216edad
SHA2569e0d68604aeaf6f71ccaeac0e1968b8cbad407ee8f85e5fb8d6e0ab262ee0055
SHA5127d2ad15ee59382d724dc66a48efb59c983168d8b023a425851021664a60a837900f7fc8965471b31bc5d08983e7badeb868a22960c412dac04d5ac0823b7c39b
-
/data/data/com.vvise.ygoa/databases/ua.db-walFilesize
8KB
MD53ec3027d7963e5ac6540fd0605c9f70f
SHA1a9ed2ec4fe1078ec67ddc6db8b7553453b7a125a
SHA256cf94e3ddb1c58f26afd2214b230d5892f7e0d2b2df4306f3a4bd1ac58253ae51
SHA51262a3956c79a474f6d823463455a87ab7d525302394c18f203274280eac69913c84bde06377e44cc57d4faaabad5780f6ebc8a8bb9b8b292488f4594061eaa5f4
-
/data/data/com.vvise.ygoa/files/.imprintFilesize
991B
MD51157a1665fbd53df3dabddaceb883455
SHA18426f9f8dd15766cb75990d7462016947c78ba59
SHA2563d11ec634286b63cda4720c3d401d5dd55fb8228b03f9ed4d7a0ccc78f9e2077
SHA5129843cc2a1252a537cfb7c45820cfd3ac3e73027564c5209dc503695a8a83d3d607af7d209b1f5e6c0f907e6572fee4887d61be185728810d9ccc20a5c1edf517
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.acFilesize
40B
MD5d74dc80c3c8ee39aa90ebc247823fc29
SHA162efecbbfcad9fbe537b6fa868c15d4d56dd73fa
SHA2562d45c13c1c740108bfd22dccc383167f8c4962e0e34a4a035bebff66ce9bd48f
SHA512e4bd8f2a6e75a092c02c793991c515312170cea678bb6fc6cd3ae471c6033a74ca799a597e91fba1d0da2e7e00817eed3f1fd98c12df4c4224b4e5ae6c4abc9f
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.acFilesize
40B
MD55f17e2b5b8fe3975580eb7461295a700
SHA1a924417d6910c9216b9445625dd175ea2aba37ea
SHA256b1d5ae530a0d2a1347617f6967c6a25f295b187dd45eeed47d93ae8a1a4bf189
SHA51279f1f3ff2a6fa6a4c5359f06bff2751d3aa54720d8a95c63206e3be04db380790d934a4a96cfb3ad5cf86a0c7583fa2007d957f71cebbd0e9fecfa313bebcdfe
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.diFilesize
340B
MD52d8f9d456f2fb182a9956655c6662998
SHA19bff57547dc7bb6d5beaaf326cc4857a3a27fee0
SHA25666ecc7966edc2267b65799469b36e273192e79f2bdc26fceaef899adaa41de2e
SHA5123a52eff51db0214339dde8e0c0a2e830aa12d951f3715d5e0066b57e97b5bf1e2045e291fe2161d1b0970e95546b2f8ba7cfa2c4fa7c920064ee5cfdda01173e
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.diFilesize
340B
MD52ef330ff33089f4a04fbb90f4bc3b59c
SHA109b38c06c902fb1b5af3eead83936b91f84e4a17
SHA2568099015576498af77c8bb0a89313b3ed18c01f623ad7da368d225704ffee573a
SHA512a2686a310ef1e09d62ba2b27a77851f0170bbea9c623b554636e3c0d26555cb2f0a328065de3d53678f9fff2a78cbcf69757e16e32b5881a90fa84c590f9fc95
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.icFilesize
40B
MD50f19b50dede448e0c3b5a645ea1f0e7d
SHA1c70a4d36b4c18e3ab70b1636fe67f2ed3707bbfa
SHA2563bd735b499b6d5a82485cdf1b47b06f7f838366efc2109d4a947b8a32c59c0af
SHA5129aa908607ff91e988831769615ae05a3a4014900598ccfc79cfb29980f71abd25ff5b6754be6b864299804ee30bfa789dce439c213898b0d27047af5266540d8
-
/data/data/com.vvise.ygoa/files/.jglogs/.jg.riFilesize
314B
MD5b995725baee787310664a988ced3536d
SHA17e5f79778cef68fbcf43b440020f84c90ca8889f
SHA2569789ae92bab25b28ee1c074eeb3c8fa62322981629a30189dd9b53b3bf28c2f0
SHA51225313eac63738aa8d0552fa19f780fa5f2709896c65726360e3ad0e52286b9f8a9097bbe34fc8df1eddc8d162c00c4fdc2d71444b5b0ff1bf9d3f838a41cbf16
-
/data/data/com.vvise.ygoa/files/.jiagu.lockFilesize
27B
MD58ef64de25e8399182128b1b150dc6959
SHA178e2656e2a9dd31c47b701cd8c120576dc5b8b71
SHA256e388ee43aea535fffdb50943491999263afc09250ecdd2cefc79aed2d700c6b6
SHA5127eb577fdbf99d896eaf0a999d7a4d4e2f34b37d35efab1d52f11f5cb91d43b0980c75265564825719fdb50cccb5e42f5434968684f51eaa764fa84b36ce17401
-
/data/data/com.vvise.ygoa/files/.umeng/exchangeIdentity.jsonFilesize
162B
MD5dd4f013c7881d11659f86fb9292f5f9a
SHA1401936e6be80afb1812c00ed212987be974966a5
SHA2568951fec2fec4c3d366be420fab62f11c9d9a37d9e807d6ea2c874d3553eec10c
SHA51281ab9e941cb3518249e257e2e82c84884b15b1e6d2d929588d1e690e57fbf58be8cbe7c93a830c034bea7cc1df5a9da57e84b4636989e0e5f53e3242354913f4
-
/data/data/com.vvise.ygoa/files/exid.datFilesize
52B
MD51c56659d115a474a248571a7ae73f741
SHA16745deb0b31ca2b578b5afd9fda48cdf527ad6cb
SHA2564aa78e84c196a0b8d86994b44b0d4d7a6bfec65fa85aebe6cc2affba64bbd77b
SHA512adad9a58a4ff59983127fc162e0b55605b397ae7324dd7cf2089b28b529f5e38492fff5f7bd79c61361a535b70c40c5066fdd4d14c5168298bf68806ae2bbc24
-
/data/data/com.vvise.ygoa/files/umeng_it.cacheFilesize
413B
MD58067cab4cb55ab82e6ac2d3a3322a52d
SHA1986b06e9d5b9e23f480b301773440fb3a75cd6fa
SHA256dcf4874ba3b85644f9c00f15ad795f6ec69fc84d1d6565479721b70b49a20748
SHA512c34d19c26d89cad84d730adf5cb48f294dc977fa45e066824fa0e06413a21948376778f3c1afc42380b396bb2c088ee7bb8f3e340e12d2d3cb99a4fc68027f3c
-
/data/data/com.vvise.ygoa/files/umeng_it.cacheFilesize
210B
MD5bb0ac2cb4ba887f213680055286bb3e2
SHA15d289b6ccc957570202a72999bcdfc0a8dfc62b9
SHA256d4c34b39fd728df5e04eabb81699204d32e101fe2f9b3e42e79622ca3b4215db
SHA51215ea2ae69e11e56f49cb8e23e14c75e1bf3fbe956595b2e76e008827fcf8341f73d78c2df491bd6f5dfcfde2dcf36c6e60f8278520b8d36babad63ab785d7c49
-
/storage/emulated/0/360/.deviceIdFilesize
48B
MD51d8d16c4e3b19ebf18988530d9b9a757
SHA1bc94c1cce05cd848a53271ecb9c5311e27ffebf5
SHA256abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7
SHA5124562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82
-
/storage/emulated/0/360/.iddataFilesize
32B
MD52d18f4fc83e89fb26023af722e744cd8
SHA16b456b4875ae62ce255e50f42d2099dcce07ea89
SHA2569435204bd66bd9369c1792810499385919d303941584d89f66f932f2ba7a118e
SHA512c5df6a3cc516e120f1fd115bb0c3904583d301826ccf9b941ec020a35662f25a001c14c5667c66fb029776081f66e035eb312e193a939d9e02502914f2d40b21