370da4c01d9be7d4ed83415d6e05942c6dc3cb2ccf67c58161124197aae56163

Analysis

max time kernel
73s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 16:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67e12f97aef4b6ea0f905ca602bbed80_JaffaCakes118.apk
Size

10.1MB
MD5

67e12f97aef4b6ea0f905ca602bbed80
SHA1

cc302e3186c25de7db60a7c138976b8324b6fc34
SHA256

370da4c01d9be7d4ed83415d6e05942c6dc3cb2ccf67c58161124197aae56163
SHA512

af1046f75bde34e4b0e5943b9c99ce8782027542f148e4d0a5976c5d41f507ea87248cd7132a16852986893d0832a79cc18a784fe44ab6612e7de27085ebefa1
SSDEEP

196608:kchEAN638BGBjPqyq82F2a2a7Pjz1wc5+qDWIrT2Zhe:kC/2jPqyqFP7Pjz1wI+qyZhe

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 4 IoCs
evasion

T1426

Processes:

com.vvise.ygoa

ioc process

/data/local/bin/su com.vvise.ygoa
/data/local/xbin/su com.vvise.ygoa
/sbin/su com.vvise.ygoa
/data/local/su com.vvise.ygoa

ioc	process
/data/local/bin/su	com.vvise.ygoa
/data/local/xbin/su	com.vvise.ygoa
/sbin/su	com.vvise.ygoa
/data/local/su	com.vvise.ygoa

Checks Android system properties for emulator presence. 1 TTPs 7 IoCs

evasion

T1633.001

Processes:

com.vvise.ygoa

description	ioc	process
Accessed system property	key: ro.bootloader	com.vvise.ygoa
Accessed system property	key: ro.bootmode	com.vvise.ygoa
Accessed system property	key: ro.hardware	com.vvise.ygoa
Accessed system property	key: ro.product.device	com.vvise.ygoa
Accessed system property	key: ro.product.model	com.vvise.ygoa
Accessed system property	key: ro.product.name	com.vvise.ygoa
Accessed system property	key: ro.serialno	com.vvise.ygoa

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.vvise.ygoa

description ioc process

File opened for read /proc/cpuinfo com.vvise.ygoa

description	ioc	process
File opened for read	/proc/cpuinfo	com.vvise.ygoa

Checks Qemu related system properties. 1 TTPs 7 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

evasion

T1633.001

Processes:

com.vvise.ygoa

description	ioc	process
Accessed system property	key: qemu.sf.fake_camera	com.vvise.ygoa
Accessed system property	key: ro.kernel.android.qemud	com.vvise.ygoa
Accessed system property	key: ro.kernel.qemu.gles	com.vvise.ygoa
Accessed system property	key: ro.kernel.qemu	com.vvise.ygoa
Accessed system property	key: init.svc.qemud	com.vvise.ygoa
Accessed system property	key: init.svc.qemu-props	com.vvise.ygoa
Accessed system property	key: qemu.hw.mainkeys	com.vvise.ygoa

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.vvise.ygoa

description ioc process

File opened for read /proc/meminfo com.vvise.ygoa

description	ioc	process
File opened for read	/proc/meminfo	com.vvise.ygoa

Loads dropped Dex/Jar 1 TTPs 5 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.vvise.ygoa/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

ioc	pid	process
/data/data/com.vvise.ygoa/.jiagu/classes.dex	4273	com.vvise.ygoa
/data/data/com.vvise.ygoa/.jiagu/classes.dex!classes2.dex	4273	com.vvise.ygoa
/data/data/com.vvise.ygoa/.jiagu/tmp.dex	4273	com.vvise.ygoa
/data/data/com.vvise.ygoa/.jiagu/tmp.dex	4331	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.vvise.ygoa/.jiagu/tmp.dex	4273	com.vvise.ygoa

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.vvise.ygoa

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.vvise.ygoa
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.vvise.ygoa

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.vvise.ygoa
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.vvise.ygoa

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.vvise.ygoa
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.vvise.ygoa

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.vvise.ygoa

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.vvise.ygoa

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.vvise.ygoa

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.vvise.ygoa

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.vvise.ygoa

com.vvise.ygoa
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks CPU information
- Checks Qemu related system properties.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4273

chmod 755 /data/data/com.vvise.ygoa/.jiagu/libjiagu.so
2⤵
PID:4305

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.vvise.ygoa/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.vvise.ygoa/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4331

sh -c ps
2⤵
PID:4469

ps
2⤵
PID:4469

ps daemonsu
2⤵
PID:4495

ps | grep su
2⤵
PID:4513

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.vvise.ygoa/.jiagu/classes.dex
Filesize
3.7MB

MD5
f8047e1d051b3eb80c612b52484d5848

SHA1
b91a3adc353edb09b3fd2360dc313e9f4a30f437

SHA256
49f27d8bcce9178c1be6e06f0400cc2959b5f9e8b67f1fdd82186be65dae62bb

SHA512
d4b2003342f5d2a64b3464aebe9013a7b04914e2d171ea86ebb6a186e21e39174f4da7fc0a72525324632aeef3eaedcbb427b0c78094faa97534df721d1c1122

Download Submit
/data/data/com.vvise.ygoa/.jiagu/classes.dex
Filesize
5.6MB

MD5
b2384eedf584cde814305d5d3751a820

SHA1
2d117aa9d5b736763232d9eddf05e3cba66ae11a

SHA256
23c34cdbd91e28b6684d3d293ecb06df454ac3817f72586a58413538dfa10050

SHA512
cf01637ea6ebc36990b7b74c0f3a2649eb823aa822f046166f1614439acfbbc6e66ec84d1ffc4f757c37d02a9d1a7856d61af2dc58cfda7149c071ae749c8080

Download Submit
/data/data/com.vvise.ygoa/.jiagu/classes.dex!classes2.dex
Filesize
3.7MB

MD5
a4f6719e426a95d4d51bb3542ea8792a

SHA1
78ce5475ed37d72539e572e95ca16e8046b18e8f

SHA256
308ab0a242f05b37e7e3de9012925b1f5050c478ed9ddf2b998c486ae606e9b5

SHA512
1a7176d4c7a77f80e186e5ccad4587cc1be4452501fee0bdb49ef0c07d29abc132656f7bd208da88e5537e6f723daa48c569fdcc4415a4b5a16581f7cf67bc6e

Download Submit
/data/data/com.vvise.ygoa/.jiagu/libjiagu.so
Filesize
446KB

MD5
8f55d5deb281d8aa1a0b9f72f7185e58

SHA1
5ce262af6a74a11931bf4b1e92a59b9acab27f37

SHA256
b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944

SHA512
4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6

Download Submit
/data/data/com.vvise.ygoa/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.vvise.ygoa/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.vvise.ygoa/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.vvise.ygoa/databases/cc/cc.db-journal
Filesize
512B

MD5
ad1a6acd7e715459342432cbb01fb093

SHA1
54316a5ea5cbf748338428af1c2924fa921c82f4

SHA256
bd872bfba057ec0c1a7940c180f65591c324b5b12dd77c80c09dcce90b1df3a3

SHA512
05b8bc032286d2eb860878bfb8a69af000fd4e50cdd1b253b2d87eb9434fee780cf256f618ac4b57c4f154189d4b78f5a7bd290e07fe0c8fb1e507c31d67c3a5

Download Submit
/data/data/com.vvise.ygoa/databases/cc/cc.db-wal
Filesize
48KB

MD5
94f28e191b97692c540b8cab198fd90a

SHA1
5396d219aec66e949c988350fd35165d6d46cde9

SHA256
2ae5acd38e7d571f7d77f7667e61ba2b29afde741fa209faebba7158b3b068b5

SHA512
261b3e4591fe4a4c8b073a656effcf08c0112855ad1deb2fff660f7945023958338855bfb7ef1fbb82ee7eab2ac53b749e065395dc7abf9fe9b9c255d02f5745

Download Submit
/data/data/com.vvise.ygoa/databases/cc/cc.db-wal
Filesize
16KB

MD5
8e884256846b8570730329d28aead836

SHA1
bf0306e2578935fb7c96328570eeef37c7830720

SHA256
6c3408a81c4d2509eddbdc0433a07b7be7474e26a8ec70b1c0fb3f152cbe7699

SHA512
e52bc464547feaf492ca58a299cf6cf2bf812e73bbfb5b75402033c7ffe7e281112f98fa1d9673a156637836fab705643f9847e501f35cdc3e9f43e79151da2d

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db
Filesize
32KB

MD5
8101590f97e7daccc40a0a69a86740eb

SHA1
1133006f4b1fec47dfe0d6a6ab6fe5a1205c25c8

SHA256
f24f83f7c3b3811624851cf7835248d858663ba57287c0af17a2096ad35cfbd6

SHA512
3830ba50ae287a230c8c9b2dbac8d40e342d241e82390ec9cf9de0caac921d9b140df5d948ed95948ef08a7a5baa170225b708467a7ecbfb18f3223433053e2d

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db
Filesize
16KB

MD5
2abe2ae29616c09787d27e2aef64c23d

SHA1
a46957886df9191e4fc7b33b115ef4a373bcad64

SHA256
6a110a15d77d81b6024718988f862463d61b40677be37b3e84112538ecce2e79

SHA512
269bcb590beb51c8150d14ac243bb6317bb1cf6f86806fe6ca96f3ebde15c51733674e68b807508a7453e689fed6329751a5bc2c1d67028f8b9066710bced12a

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db
Filesize
16KB

MD5
ff267f7a8f9b52d43dbf9e6c613700bb

SHA1
dd307d433efa7144637dc9d2f19d885917f0eb59

SHA256
ae061a1ccca1a023b62434a12c29e5d2b6f74c2acd4d3a841234aae28e561de1

SHA512
560b6821fa42a099e399a267b43b6d6a9bea6804c4b782af4a37180d01fe4de3c14d34f0efa71ce0c38154f6599f897c0de61dd1b9fae49eba925a1a043f6d2f

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-journal
Filesize
512B

MD5
cf6ab31d99e40c7e661238e0e49cb6d2

SHA1
0ab97f6f8feceb5e4a49286b291eb47f6baebd9d

SHA256
2b676064f1c24113f83209a340100ac2edab424bc976896b0433a307ed32c521

SHA512
e3173088d2cf0c55f2749a4e387ebf2293af54c0b847b3ed2cf6a51137303ca9bb786f0aa7728578474a470030f969f9e6230e96fb7da44af7b2eadbdcc738c2

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-wal
Filesize
56KB

MD5
86de88c652416d9eb4485d6a8431cbfe

SHA1
ec66aeddb995d3be6c8945cc4b3be39974f8fc09

SHA256
5df4869e1302deb3efbecc8a659bcb651dbe476f5d56d6ce0b095ecc2a6b390b

SHA512
3d3a3c97b4f90a21ffd5c606d90afcebccf233df2241d1c343b2bbcead7fea87007979d6bb7091b1cfdf6e71da45268164a9c7afa728cef87a7aee2ae54edaf5

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-wal
Filesize
4KB

MD5
cb1944e5feec3e4051473681578ebc11

SHA1
2e0bb5936e3f5a2418a81efb607a13ae5aa84347

SHA256
a93f6a986ddf4cc8c440e3a5f5d42a034be6e880c3d0f767f6fa69bb379a93b5

SHA512
53e21e8f044998d1febfd243a04fa044e80e495b89f63401a8f49342f7ef859241ca69f8616e74edf00bd489df34bf0ca4030b76cc38642d51cf2f79be50a91d

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-wal
Filesize
4KB

MD5
a50be88135ac4b5add09f38a0b0cc02f

SHA1
baa2cf9d99d100c0bb1fc7cef7d722ce5216edad

SHA256
9e0d68604aeaf6f71ccaeac0e1968b8cbad407ee8f85e5fb8d6e0ab262ee0055

SHA512
7d2ad15ee59382d724dc66a48efb59c983168d8b023a425851021664a60a837900f7fc8965471b31bc5d08983e7badeb868a22960c412dac04d5ac0823b7c39b

Download Submit
/data/data/com.vvise.ygoa/databases/ua.db-wal
Filesize
8KB

MD5
3ec3027d7963e5ac6540fd0605c9f70f

SHA1
a9ed2ec4fe1078ec67ddc6db8b7553453b7a125a

SHA256
cf94e3ddb1c58f26afd2214b230d5892f7e0d2b2df4306f3a4bd1ac58253ae51

SHA512
62a3956c79a474f6d823463455a87ab7d525302394c18f203274280eac69913c84bde06377e44cc57d4faaabad5780f6ebc8a8bb9b8b292488f4594061eaa5f4

Download Submit
/data/data/com.vvise.ygoa/files/.imprint
Filesize
991B

MD5
1157a1665fbd53df3dabddaceb883455

SHA1
8426f9f8dd15766cb75990d7462016947c78ba59

SHA256
3d11ec634286b63cda4720c3d401d5dd55fb8228b03f9ed4d7a0ccc78f9e2077

SHA512
9843cc2a1252a537cfb7c45820cfd3ac3e73027564c5209dc503695a8a83d3d607af7d209b1f5e6c0f907e6572fee4887d61be185728810d9ccc20a5c1edf517

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.ac
Filesize
40B

MD5
d74dc80c3c8ee39aa90ebc247823fc29

SHA1
62efecbbfcad9fbe537b6fa868c15d4d56dd73fa

SHA256
2d45c13c1c740108bfd22dccc383167f8c4962e0e34a4a035bebff66ce9bd48f

SHA512
e4bd8f2a6e75a092c02c793991c515312170cea678bb6fc6cd3ae471c6033a74ca799a597e91fba1d0da2e7e00817eed3f1fd98c12df4c4224b4e5ae6c4abc9f

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.ac
Filesize
40B

MD5
5f17e2b5b8fe3975580eb7461295a700

SHA1
a924417d6910c9216b9445625dd175ea2aba37ea

SHA256
b1d5ae530a0d2a1347617f6967c6a25f295b187dd45eeed47d93ae8a1a4bf189

SHA512
79f1f3ff2a6fa6a4c5359f06bff2751d3aa54720d8a95c63206e3be04db380790d934a4a96cfb3ad5cf86a0c7583fa2007d957f71cebbd0e9fecfa313bebcdfe

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.di
Filesize
340B

MD5
2d8f9d456f2fb182a9956655c6662998

SHA1
9bff57547dc7bb6d5beaaf326cc4857a3a27fee0

SHA256
66ecc7966edc2267b65799469b36e273192e79f2bdc26fceaef899adaa41de2e

SHA512
3a52eff51db0214339dde8e0c0a2e830aa12d951f3715d5e0066b57e97b5bf1e2045e291fe2161d1b0970e95546b2f8ba7cfa2c4fa7c920064ee5cfdda01173e

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.di
Filesize
340B

MD5
2ef330ff33089f4a04fbb90f4bc3b59c

SHA1
09b38c06c902fb1b5af3eead83936b91f84e4a17

SHA256
8099015576498af77c8bb0a89313b3ed18c01f623ad7da368d225704ffee573a

SHA512
a2686a310ef1e09d62ba2b27a77851f0170bbea9c623b554636e3c0d26555cb2f0a328065de3d53678f9fff2a78cbcf69757e16e32b5881a90fa84c590f9fc95

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.ic
Filesize
40B

MD5
0f19b50dede448e0c3b5a645ea1f0e7d

SHA1
c70a4d36b4c18e3ab70b1636fe67f2ed3707bbfa

SHA256
3bd735b499b6d5a82485cdf1b47b06f7f838366efc2109d4a947b8a32c59c0af

SHA512
9aa908607ff91e988831769615ae05a3a4014900598ccfc79cfb29980f71abd25ff5b6754be6b864299804ee30bfa789dce439c213898b0d27047af5266540d8

Download Submit
/data/data/com.vvise.ygoa/files/.jglogs/.jg.ri
Filesize
314B

MD5
b995725baee787310664a988ced3536d

SHA1
7e5f79778cef68fbcf43b440020f84c90ca8889f

SHA256
9789ae92bab25b28ee1c074eeb3c8fa62322981629a30189dd9b53b3bf28c2f0

SHA512
25313eac63738aa8d0552fa19f780fa5f2709896c65726360e3ad0e52286b9f8a9097bbe34fc8df1eddc8d162c00c4fdc2d71444b5b0ff1bf9d3f838a41cbf16

Download Submit
/data/data/com.vvise.ygoa/files/.jiagu.lock
Filesize
27B

MD5
8ef64de25e8399182128b1b150dc6959

SHA1
78e2656e2a9dd31c47b701cd8c120576dc5b8b71

SHA256
e388ee43aea535fffdb50943491999263afc09250ecdd2cefc79aed2d700c6b6

SHA512
7eb577fdbf99d896eaf0a999d7a4d4e2f34b37d35efab1d52f11f5cb91d43b0980c75265564825719fdb50cccb5e42f5434968684f51eaa764fa84b36ce17401

Download Submit
/data/data/com.vvise.ygoa/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
dd4f013c7881d11659f86fb9292f5f9a

SHA1
401936e6be80afb1812c00ed212987be974966a5

SHA256
8951fec2fec4c3d366be420fab62f11c9d9a37d9e807d6ea2c874d3553eec10c

SHA512
81ab9e941cb3518249e257e2e82c84884b15b1e6d2d929588d1e690e57fbf58be8cbe7c93a830c034bea7cc1df5a9da57e84b4636989e0e5f53e3242354913f4

Download Submit
/data/data/com.vvise.ygoa/files/exid.dat
Filesize
52B

MD5
1c56659d115a474a248571a7ae73f741

SHA1
6745deb0b31ca2b578b5afd9fda48cdf527ad6cb

SHA256
4aa78e84c196a0b8d86994b44b0d4d7a6bfec65fa85aebe6cc2affba64bbd77b

SHA512
adad9a58a4ff59983127fc162e0b55605b397ae7324dd7cf2089b28b529f5e38492fff5f7bd79c61361a535b70c40c5066fdd4d14c5168298bf68806ae2bbc24

Download Submit
/data/data/com.vvise.ygoa/files/umeng_it.cache
Filesize
413B

MD5
8067cab4cb55ab82e6ac2d3a3322a52d

SHA1
986b06e9d5b9e23f480b301773440fb3a75cd6fa

SHA256
dcf4874ba3b85644f9c00f15ad795f6ec69fc84d1d6565479721b70b49a20748

SHA512
c34d19c26d89cad84d730adf5cb48f294dc977fa45e066824fa0e06413a21948376778f3c1afc42380b396bb2c088ee7bb8f3e340e12d2d3cb99a4fc68027f3c

Download Submit
/data/data/com.vvise.ygoa/files/umeng_it.cache
Filesize
210B

MD5
bb0ac2cb4ba887f213680055286bb3e2

SHA1
5d289b6ccc957570202a72999bcdfc0a8dfc62b9

SHA256
d4c34b39fd728df5e04eabb81699204d32e101fe2f9b3e42e79622ca3b4215db

SHA512
15ea2ae69e11e56f49cb8e23e14c75e1bf3fbe956595b2e76e008827fcf8341f73d78c2df491bd6f5dfcfde2dcf36c6e60f8278520b8d36babad63ab785d7c49

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
1d8d16c4e3b19ebf18988530d9b9a757

SHA1
bc94c1cce05cd848a53271ecb9c5311e27ffebf5

SHA256
abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

SHA512
4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
2d18f4fc83e89fb26023af722e744cd8

SHA1
6b456b4875ae62ce255e50f42d2099dcce07ea89

SHA256
9435204bd66bd9369c1792810499385919d303941584d89f66f932f2ba7a118e

SHA512
c5df6a3cc516e120f1fd115bb0c3904583d301826ccf9b941ec020a35662f25a001c14c5667c66fb029776081f66e035eb312e193a939d9e02502914f2d40b21

Download Submit