23aff9cce8602d4d8a135d84f7fbede235d98b032fa3d5605b3510e8ce46e777

Analysis

max time kernel
176s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 03:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6998b4364eaa07f47aab529162127419_JaffaCakes118.apk
Size

14.6MB
MD5

6998b4364eaa07f47aab529162127419
SHA1

e5633cbcf90af71a69f4206b07a7bd71f474d194
SHA256

23aff9cce8602d4d8a135d84f7fbede235d98b032fa3d5605b3510e8ce46e777
SHA512

8676c03b1fdad2987040b0eb17ffadde90380017b849c8c1185ba9bda635bf668a789e1a3463c27d4c5be5c942b1018a50e884bbabcd2d60c066f613050ed9a2
SSDEEP

393216:dS8NMbXB9DdVa4RvdtwfCbouvFAyJ+G/MnwM4AxM:U8NMjbdk4RVt8iuyJ+G/MnRxM

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.shengzhe.disan.xuetangparent

ioc process

/system/bin/su com.shengzhe.disan.xuetangparent
/system/xbin/su com.shengzhe.disan.xuetangparent
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.shengzhe.disan.xuetangparent

description ioc process

File opened for read /proc/cpuinfo com.shengzhe.disan.xuetangparent
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.shengzhe.disan.xuetangparent

description ioc process

File opened for read /proc/meminfo com.shengzhe.disan.xuetangparent

ioc	process
/system/bin/su	com.shengzhe.disan.xuetangparent
/system/xbin/su	com.shengzhe.disan.xuetangparent

description	ioc	process
File opened for read	/proc/cpuinfo	com.shengzhe.disan.xuetangparent

description	ioc	process
File opened for read	/proc/meminfo	com.shengzhe.disan.xuetangparent

Loads dropped Dex/Jar 1 TTPs 9 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.shengzhe.disan.xuetangparent/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=45 --oat-location=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&com.shengzhe.disan.xuetangparent:pushcore

ioc	pid	process
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex	4283	com.shengzhe.disan.xuetangparent
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex!classes2.dex	4283	com.shengzhe.disan.xuetangparent
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex	4283	com.shengzhe.disan.xuetangparent
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex	4335	/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=45 --oat-location=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex	4283	com.shengzhe.disan.xuetangparent
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex	4402	com.shengzhe.disan.xuetangparent:pushcore
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex!classes2.dex	4402	com.shengzhe.disan.xuetangparent:pushcore
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex	4402	com.shengzhe.disan.xuetangparent:pushcore
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex	4402	com.shengzhe.disan.xuetangparent:pushcore

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.shengzhe.disan.xuetangparentcom.shengzhe.disan.xuetangparent:pushcore

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.shengzhe.disan.xuetangparent
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.shengzhe.disan.xuetangparent:pushcore

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.shengzhe.disan.xuetangparent

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.shengzhe.disan.xuetangparent

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.shengzhe.disan.xuetangparent

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

com.shengzhe.disan.xuetangparentcom.shengzhe.disan.xuetangparent:pushcore

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.shengzhe.disan.xuetangparent
Framework service call	android.app.IActivityManager.registerReceiver	com.shengzhe.disan.xuetangparent:pushcore

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.shengzhe.disan.xuetangparentcom.shengzhe.disan.xuetangparent:pushcore

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.shengzhe.disan.xuetangparent
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.shengzhe.disan.xuetangparent:pushcore

Reads information about phone network operator. 1 TTPs
discovery

T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.shengzhe.disan.xuetangparentcom.shengzhe.disan.xuetangparent:pushcore

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.shengzhe.disan.xuetangparent
Framework API call	javax.crypto.Cipher.doFinal	com.shengzhe.disan.xuetangparent:pushcore

com.shengzhe.disan.xuetangparent
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4283

chmod 755 /data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/libjiagu.so
2⤵
PID:4308

/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=45 --oat-location=/data/data/com.shengzhe.disan.xuetangparent/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4335

sh -c ps
2⤵
PID:4551

ps
2⤵
PID:4551

com.shengzhe.disan.xuetangparent:pushcore
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4402

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex
Filesize
7.3MB

MD5
c18356f23f22499f85604874e79df0c8

SHA1
436f1f801099cf21e0da90da3d74f3f120e388d0

SHA256
e5659abb327f15034cfa60bc6b3fdc8536fa4201e70ed3ba1eeaf3852ddd441b

SHA512
24cc53f877485644a531edd0932072c65f475d7b9efefbdc8b8d714c4268f9ed5cd765dbcf79e199c3b08100d0d3ddad78073dea543c10e964e262135fc0f86c

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/libjiagu.so
Filesize
382KB

MD5
aa01dd97609092ce310e17bf791069ce

SHA1
f000840a8f68ea7beb2e29ea466088daf55609db

SHA256
e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

SHA512
766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/cache/cache/journal.tmp
Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/BXHArea.db
Filesize
288KB

MD5
411d220c5ded63c342a3e6456f25ed29

SHA1
001ae2140f0f32aeb51ff0697f16672f7a4df37e

SHA256
e627b9c089f484e979830b0084eb51d3168eafa6cfdc06fd1db43bb16ed2e3fd

SHA512
8b76584bdc4d72c58319d619b89cf8c872dde942b947df62bc4c9dd4024fe576a4f2a58eb59e49e9b2cf16de5a26119133b2d647fe2733142504dd9def525c42

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/BXHArea.db
Filesize
4KB

MD5
bb2f58b7953dc274d664b3f47cd3fc30

SHA1
a45e8b32d01cb10625cc2df808a3af1ce2ffcf4f

SHA256
0dd28093714c437e56b98c85ddb18eda634392b66b548be86c2ff07ce5d68890

SHA512
50fe8e7be6f38d67472568ade4b6edc7774293b13d21a20a0fee617c18511d3d83fa5797748e4ac9a92bbb732a269a64a69871a7e9d4d8dfdd4717cb7542d883

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/BXHArea.db-journal
Filesize
4KB

MD5
a7c217da185528fb198bc4a189a064b7

SHA1
696bfa70c633f1f1b6ca999f0dab637a6541a18e

SHA256
31999e4b84694bbcd6a7abc56ab3b440678423f5be669e8e5f1bace2898d9e20

SHA512
6206191910317a4961b492ea5d1982b337d67ae5c1588ec77774676d291d2e7e3e426b972414e2ea6a03f91d1b9c6e17b0cd771d74c110459640f403ddcbf287

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/BXHArea.db-wal
Filesize
16KB

MD5
96591dd1566b63daac01dc9554178e66

SHA1
73b4ffdd9d422c917bb1723d343c9035fbc2fd8f

SHA256
999abe272e9d6bdd55c433a42dcfddd3ae76b542f7d5a9bf13d05501444239b7

SHA512
bd2ed71efbbded7c20dced587212ce5ecb512b1c1977f971077524348e879197194bf9cb37310fa2f0562b6d39e3ca0a627ce447c0c6fbd8e196a61514e04b20

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/bxharea.zip
Filesize
63KB

MD5
d39cc8a02bf31bc7d4a4caa41ba4854c

SHA1
6a5b2d15b7342c210a526259ed1128a042975aa6

SHA256
8259db96f870c44c2025d52f01a7aa1a2ccfdb356b0ec58c1aed6da37c6cd545

SHA512
fed7db2821dbcc4de1fe14079e38919d63511451c7fc1e17af656eb367f1b53206c6fe84be6eadb8bfee07b8f4ed6395de82aa703314e1cef1df18a28bfd73e9

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db-journal
Filesize
512B

MD5
ea8efa3dc0f6cf8525e5acee77cc4e04

SHA1
53cd7247edf35f58b6787f68087155f62de35c5c

SHA256
e1fcbe7bde14042867f81094ac5b24246f6a946c86acebe9b00c66118bdf717b

SHA512
af95dcabb006f564fd7d341bf34c42d4d1070e3846fa799bc7ef930b42996e4d34443140ebb55ce93345af3366c165649ef0bded8d7ba259c009338064077116

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db-wal
Filesize
48KB

MD5
21c2614d294e9a1a55f59d293fd2ef42

SHA1
9a56334d039edffb52706fe3c4b3ab6dff992ca4

SHA256
81c8796675851afc19a5ba2a08643b9443420afdec918e65809d7a1b2fe2c683

SHA512
74dfd4f2e5de3fb24eed2f52a0e0156245c32e0b2458b8fc8b183604927cd74d26998ecf8338cbc7481519eb90d2260eaa99808974c7060ee14dd75c44311b42

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db-wal
Filesize
16KB

MD5
d660971367cdd34cb49ae0070e3c3b5b

SHA1
03b6653121e61427e381992843d72561d30605e0

SHA256
2f9888064cb3c0e78813e4955af62d48c6e9dd0251603d1ce71a39a0a9f41ef8

SHA512
1cda968ed2dbf9ce2b5fc80b0ba820aecfc2293704536574c5d03b38c5cfc63a658d9a410a9bc3ad60e8ca2236d0f8d49e79edf28ae1a9496ebedb294531893a

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/cc/cc.db-wal
Filesize
16KB

MD5
f806434dc7f49a307d394f16743cf2e2

SHA1
ba70e237d11cdc9e393908bcb60e21cbc1909112

SHA256
630f98a043e53057da258c166ada85a34feaff6e6b0c9bdc7e67f9bfffa72c71

SHA512
fa5b34f47ed31a146e5e5051d080ca09d144d03632eff4d3ce2f0ada920f5a3c06bab595170467a34e8382683dd040fce4be96d6edbe9147421ba68311cc612a

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db
Filesize
32KB

MD5
a21995ec529849ff3ae140289b912c15

SHA1
a1d559415fb7658a5eb1cf1d95a1342885dffdf3

SHA256
ab0b3d68ede7d5f42d8ad8603773280b312761a65423ba68bbcd15aeaeada555

SHA512
8576a312dd7eeac94e674bd65e7d9fe8ea2352fb3764857b02d7e0afd63f7bbd6f209900c4e9c5025e350ff7d800a74c47446baa8c9e05f615b307cbf379973e

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db-journal
Filesize
512B

MD5
83be8bc1cf76c6c6c55810a1529c968c

SHA1
8923abefc877ce25a2c2769c4fec2442be9e999e

SHA256
646b3b1096d01867c9e3b0af6ffb9d1202ccdb12fa5c9d4c6411538268dfb3ac

SHA512
5648cceded8e5b56f329c59ceb31b0c765a3149ba65f45096657e798950cc257046015e860b17eb09edfc2cddc267b5811aeca441feed196ee8d1fbc6c37f859

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db-wal
Filesize
64KB

MD5
b3f32d078f2345b2661b59acc5dfcf3b

SHA1
3c58de6766e1988201de5526339017602be220ed

SHA256
a9912bca48cda87c682f2a9af56acdfcff95876235af29663518dbc88172c1e7

SHA512
2c7d75bf8484c9e4fa9c89d42f6a3169b7513b95cc756a44481a44ca517c6eeaabf5becfb25290927be5f5a54f0a135adcb8faff7660c54b197f180d4eaebafb

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db-wal
Filesize
8KB

MD5
1ebdd0c2ae8ee5c245852ba522491879

SHA1
db033d40d07f0011eb8ef6f1c1e0fa91be941072

SHA256
307e2ed0fd240a71139269d177fb8475f54fb5177815a8b91d7d2d8fc5441689

SHA512
8ca4616126306cb1f895add5caf91996004f5febd9bb27770a61ca541459364fdf72c68f6ab2ec6bf79d1991f11e8f55292c1c14e3d7196e7aa5c021b638e4ce

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/databases/ua.db-wal
Filesize
8KB

MD5
fba29f410aa5279ec309b471e245ed97

SHA1
b3635937674ed9fdb197e7de6dfa95b99adc82d7

SHA256
b3f850e0eff6bdf0115b12fdae353ae40bf1bd47d574b736fae47d2374cec6c9

SHA512
87357491a73a4a095c286c5af94c3c8f95f78364b780e7549cc8039fd35952987468499340199654f47ce61c8b3cae30db8e7ae1647332ff9b593cace6d9253b

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.imprint
Filesize
1KB

MD5
2a927d5b8a2bca644008dc78f488d02f

SHA1
53208c56fd0b0e65d3e4445377ed24ffb21296ba

SHA256
d44413af54aff29cddb7d0c7be8a812dc0c3b83f4192e044f5448213e4697a15

SHA512
10d26cc528ba81ec9ce5f50c3f910fab5f6f1b55d87b3cfa2596fadd257fb9bd13f36692e35fa84ecbaeb5e983292d212740b1f018cd49b2f096e760d98013a7

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.imprint
Filesize
1KB

MD5
ec239642679ce4d7c2785d5a30cf0c44

SHA1
b4436ac3de5d19e99dbb2cdcd36a93f8a2f8a66f

SHA256
1e76ba3c4882b990afde472504aa4dcadc71b650ea6977fe17c2ae35e380af12

SHA512
1bd6e0a473bd3edb77ecf8af5399f743e4c4b23a77dd6c9c09fef662c2e470ba2504e43e05d03b776e8301f4a883b33132ee380cbbad10e1896ce06e9250c077

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.ac
Filesize
40B

MD5
a2e304a9f812ed199fc81c0aa0eca2cb

SHA1
d0c1e4b19f26d0c8f52015c7cbd6dc6a804597a8

SHA256
6c3e371e6944c93057a005c4a2bf7c9cb4d203c503111e840f2277b6d4d590c5

SHA512
d56f2e2bd904d9fa920b118ae47f222383fcc9c11eac727ea21f5be3e31c9a2692e2e39719ac7efc21aac0990bb3653d63a8ab47ad317f9495b673aabc0cc987

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.ac
Filesize
40B

MD5
03a9ff4a4b6c90594c38ce4cd70acae9

SHA1
2afaf999ecdb842c6e40872fd221e71ed7bba3cc

SHA256
b0c41e351f01ffe22b41a75a78e2597fcb410fc624e45c6beb1090472e3c5f42

SHA512
4ccf606118ff7900219c975303e3d20d21bfdbd833dd7e4895dba3634f6ca913171e4ca3a67e168acc6d5b8ff932230e8f93e8098eacb6f2cba07b5be35ebddf

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.di
Filesize
340B

MD5
127786cd16c229527cb73d054d67a49e

SHA1
b75bf52c7611913abe4cdb82b0687fcb79904c5a

SHA256
804f282f89f7e6b132b0439e9c4f6ec0830186113da4c3501cabb4793956b747

SHA512
317ffa6618cd905916a655b4bc51ed92716d573175077a4748c525da1ebd6a147000c14c9d1977414facb87c281819b84db0214be3fb0e871271f2c0e843e275

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.di
Filesize
340B

MD5
579d1ddf9a9a0630d77f32801578fdfd

SHA1
563e67755caf160a8575638d24d4f5b6df3edd34

SHA256
4b885df4ee7fd9a84dce9a6e0df73ac3b5a6cccd51ebd59b0255c85b6b8f6f56

SHA512
360f0184c1abe6db108e4ce08d833beb1fdd92316f0cbf0c568712a32c5c65b8d88488d5227c46f0653c84b522d586ac2413415c6a2591ade6af891e87dda799

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.ic
Filesize
40B

MD5
d76694e688ae62fe241ab28b7d5a5c40

SHA1
1b737e67799c2e1a02bf5558dc8fb73d4105f3bb

SHA256
084d72c173a7fad9d031f6598b78c3db4061f946becdd377b3a7b9f511780600

SHA512
99c59854a10b71b65c651d71b77abf7fab6108bdda07fd8ad2baa65f9186217cac0e24953d9d69b1d173859cc789897e5c77c4401438cafb36803871ccdfe34f

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jglogs/.jg.ri
Filesize
314B

MD5
6ce15b9fb4ac82c74a667e3153c14cef

SHA1
0b0d27907d5e643591651f67403d13c12265c9e6

SHA256
02fdba838b20e10d838774fbc2ce6545ae9b2f669289b45a88a46aaf127b4d85

SHA512
b38be04bf8b3b9e4407d0cbd261392935e6f5d5b7e7da27e2e4b0a8cc14766fe5cdb8382c1a9bb734a857e4a0cfbec72930d1b9541372e0145e066aedeabe4ce

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.jiagu.lock
Filesize
27B

MD5
d1e6757e11ceb492385d7c08504110d7

SHA1
b291ab69239a9c315d81441a52e99652c548d8f3

SHA256
ace5ca1116f7b1fee0f520859b445f30109af4c9dec9b33934931b9495d40d56

SHA512
d6e6d352b2d2e791be24b72cce3777607df099def4a54221c689d8f36414e3ba09ae3ec0d2f3fae56b40bfd774f42d2f064507bf486e80f4aa7fc4cf1d79ce4d

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
7f38571a1993375acd015f9cc0061c00

SHA1
bccd2ae375722396fedc1ae88ff6a02028da7ab5

SHA256
ec34aa846731fad9f9d59893d9bb73e3483efc6b76c6aa33a747008b18bcd309

SHA512
03bc5e81b45861c6197393beed7f6f7c6896f1e8c710b3056825c32ca74913dbbfa7ae18b530bf0f5405151d601352bedeb492b227b0bfe8bffb4d4e87a43964

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/.umeng/exchangeIdentity.json
Filesize
206B

MD5
51221bfba5d3203eedfe8b202639caf3

SHA1
70993658f5f4c8764fbf96ea6287b02f86dd6c42

SHA256
678fac879cd4b53916c46998d67e97bb788d06d0306f43894f2dec31c2113bd9

SHA512
9cc1b683e1a3950bb8f5c7439cd228deb7a3414388c32625268809bd6f45fa5e442632dc28aa469e0838db604d67e57bfebfba6e26ddea64cfc85f5f660935f2

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/exid.dat
Filesize
71B

MD5
951c09a83ad9a14dc339712acc5578a0

SHA1
22006f9f3e069b500bc4300af4da678241097b10

SHA256
aefe0b4f48974599c3c0bec5611df9d5103c475ab1f9ce175fc064d71be7e597

SHA512
b64dbc318d97b3039f4fddf8c727de45f45a8514242b786c4507679b0a59eebbe1595fea575ea70b4e33202e2a167b18f1b1f522d61e0a689be737ac3c7fc8fe

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/exid.dat
Filesize
110B

MD5
e00a32a27aa7b800192cbb3be3b759ee

SHA1
57de6d8364811096aaeb8bcf40fd276418dee49e

SHA256
59016e05f48c3d6522db349f8f1c6ed75073fdc4d61cd76d33d3ed5e11366f77

SHA512
0aa51cfcaa800732e5994c338a257f367f8706cc4592d00e692a976be1540678f668d7abe9a623bd24c3d5989ab1645e532628e867c48389f24d67f19768d1aa

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/umeng_it.cache
Filesize
496B

MD5
166baf79fc2490600f2e816bba989ab7

SHA1
2271d525ffaf6f057a06c68b22f4f41231108bf2

SHA256
e4d012fff416e965c28c95015bc4154bd4e3ce091022728345a112a70c550cfd

SHA512
67c948959f24171183f37f4afe3bfbe86353719c44c982d031ee7c74c44afb3c94fed84747df6a9bfe47dd9382822ce2d1336380f78922ace8143ec312e9fd9a

Download Submit
/data/data/com.shengzhe.disan.xuetangparent/files/umeng_it.cache
Filesize
252B

MD5
187bdb2b1604b0e07274b6ae495f893e

SHA1
e4ac6120dc3c02fa5c0e052bee4cc2422cc1606f

SHA256
e04c7e8aded6c7cad4d7fc56f90e98cf884cf127ee304a18cb992728d7a6028c

SHA512
d0ce2c32e61cc77509a31a4b711202023240732300ba1a71b85f3bc0e894699d318b328594ad01b50716c80cfa0960c73e411ea25f70af2f9db0d656b6c39d74

Download Submit
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex
Filesize
6.8MB

MD5
adbcfd668e5abe001b3d6e2f18e816b7

SHA1
36ffb57a3c967682d55f4414ad99c6cdd29f4a54

SHA256
196be6a18e7e134b6d969d719fae97a57990ac68e39187e4872a67de10efdeed

SHA512
54182d41d96a272634895d945640cf90439c70e7be70d510f55c019bc12b76ce2da83900c4659330bb4211c4ab7272f738fa2dba17bfd3c53b70784e7d2cb2db

Download Submit
/data/user/0/com.shengzhe.disan.xuetangparent/.jiagu/classes.dex!classes2.dex
Filesize
6.2MB

MD5
bff184e2847ba3fd0ba668c5fa44cc98

SHA1
22b09fc86108e9275b5d3bf495114a3f3f057e6a

SHA256
4afbcd879caac19d9f80727b13fba42756d2866a06c109d75db6efe4d0065da6

SHA512
6c947aa7308e8570e17da6749fa139d41c43e04abdc3d55dd380f715482bf5ae3402464852a9311f72dc258111fc6b7df154b10a0f898bb39d9a42a1289844a6

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
afe5b6fb05753b21c06aa98b2d7269c7

SHA1
29d76f2e41f99f7a69d380823253edc19230a023

SHA256
8c446498b6e86fa92c777d7391717a3bca64c7057cd30485458f6fc90ea8676e

SHA512
7e466fd9139a7796c7a26222ba7e00725c2d6bef644c60d9920c566a7e7e7af3e9a682d6a644ba35903d4a36e128dc6f2e66a8c8b5ce660594c8f987c118a240

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
74979666870a4f733fc2b70e2100a529

SHA1
25f99d3fc3867b5acc7ea3b05a5eed18566e7bd1

SHA256
062bd4ccb98080f7c7050eab761d553e07919d83d4d248fb259624bba9fac908

SHA512
7c83f205cc745609b579aca5be642a93406732cc9d8c2ba32ce057f3ed75aaad20b6b7e920b23329b126dc36a18ced23dc27442a1c0fd39cde3d871f1dfd5943

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
125611192e13e55a353cec87955128bf

SHA1
f6b92fcefd9215c335e517f5ba7857c2b0f4f24c

SHA256
6473d3a103a3efa1dec6ded5ba7526de0323a4773155523adba1512c886e9058

SHA512
4ef9686dcc84f9a8e3ba6312de204f285503bc2a4967fac4d62f4678d1f1a197a9f9bce0eca1cd5bcf14c95562c1a23123b7005b8b4b28cc6b2aca252e7bf8c8

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
ab26cde698e92fa5f5047412d6938b80

SHA1
593f0a32b94b1ff6ad282fd57e5086c2f23c5142

SHA256
ab54e116b59987d3eca58a5daf26b0b0314f3b4ddeeee9558eefaee636f6388b

SHA512
bcbf457dd12a370bc47820eadaf0b163e386e1e317f978ca0e3a7ccb5dfbc4c6c0e36a991501dcf8aa09b88230b733ec8d580310b90111e01c03330037d33d27

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
1d8d16c4e3b19ebf18988530d9b9a757

SHA1
bc94c1cce05cd848a53271ecb9c5311e27ffebf5

SHA256
abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

SHA512
4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
f5e1b28a2f1d731dc09d261cf8f7ca8b

SHA1
115ceb8872a7ad61d95542a1378c647db3d5a89e

SHA256
ee97867877abee8b4fb07891030433d0150d0c06c0984f751334655f7b3c94f7

SHA512
7eb07aecab618de11c33c3bd5dc9e6b6f570231758944cb3fed27e9a9b5002a3d1f529a65f659f02f63b363364d2fe89d22a80911455c3da4f8c296c1313f6b9

Download Submit
/storage/emulated/0/Android/data/com.shengzhe.disan.xuetangparent/files/tbslog/tbslog.txt
Filesize
8KB

MD5
91750a32f9aacd3aee6426e6965e042f

SHA1
65676439abe5fb80dee60e47c30f15c52fdabb71

SHA256
2bbb68d4a83e71956f8442be8746fb526265c7e891bbe543d9d7a2c9987dd7a8

SHA512
f03b9e334f1bf66a8cf909c736b9fa9988235ba7c9dcfdd6879e239b9fb95939fdc7d0060b1005a57106955e555b050fca24aaa111b059740a2d4d0ce74d8b74

Download Submit