f3047a26ce2324eaef32ae0ce75c8ac94c6868b810b12eea838fe864f4b172b0

Analysis

max time kernel
176s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 03:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6987d5d692b94b7e70c5e989b73998f7_JaffaCakes118.apk
Size

14.5MB
MD5

6987d5d692b94b7e70c5e989b73998f7
SHA1

08d0a2d02f7784fd799ab613b8539968bb937d3c
SHA256

f3047a26ce2324eaef32ae0ce75c8ac94c6868b810b12eea838fe864f4b172b0
SHA512

446205947d3cccedcae94b82bdaff9e9f76dbdc6621dc3a838143926c4a8fdfbdd1edf55f7e4dc1ef8731f7ff66156ca590720f8d9bdcb71293a4716eddbbe0e
SSDEEP

196608:AsTQg25hhXAATXIINx+yjqPkO71G+8Lg12VL+fnFuCp9L4jEwPx2Y0H+WB2FNGIW:AsTyhhJT4INTo12VL+duy9LwKe+2ntM

Score

8^/10

banker discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs
evasion

T1426

Processes:

com.xgbuy.xg

ioc process

/system/app/Superuser.apk com.xgbuy.xg
/system/bin/su com.xgbuy.xg
/system/xbin/su com.xgbuy.xg
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.xgbuy.xg

description ioc process

File opened for read /proc/cpuinfo com.xgbuy.xg
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.xgbuy.xg

description ioc process

File opened for read /proc/meminfo com.xgbuy.xg

ioc	process
/system/app/Superuser.apk	com.xgbuy.xg
/system/bin/su	com.xgbuy.xg
/system/xbin/su	com.xgbuy.xg

description	ioc	process
File opened for read	/proc/cpuinfo	com.xgbuy.xg

description	ioc	process
File opened for read	/proc/meminfo	com.xgbuy.xg

Loads dropped Dex/Jar 1 TTPs 9 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.xgbuy.xg/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=46 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&com.xgbuy.xg:pushcore

ioc	pid	process
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex	4262	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex	4262	com.xgbuy.xg
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4262	com.xgbuy.xg
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4317	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=46 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4262	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex	4418	com.xgbuy.xg:pushcore
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex	4418	com.xgbuy.xg:pushcore
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4418	com.xgbuy.xg:pushcore
/data/data/com.xgbuy.xg/.jiagu/tmp.dex	4418	com.xgbuy.xg:pushcore

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.xgbuy.xgcom.xgbuy.xg:pushcore

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.xgbuy.xg
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.xgbuy.xg:pushcore

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.xgbuy.xg

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.xgbuy.xg

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

com.xgbuy.xgcom.xgbuy.xg:pushcore

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.xgbuy.xg
Framework service call	android.app.IActivityManager.registerReceiver	com.xgbuy.xg:pushcore

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.xgbuy.xgcom.xgbuy.xg:pushcore

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.xgbuy.xg
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.xgbuy.xg:pushcore

Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
impact

T1471

Processes:

com.xgbuy.xgcom.xgbuy.xg:pushcore

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.xgbuy.xg
Framework API call javax.crypto.Cipher.doFinal com.xgbuy.xg:pushcore

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.xgbuy.xg
Framework API call	javax.crypto.Cipher.doFinal	com.xgbuy.xg:pushcore

com.xgbuy.xg
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4262

chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
2⤵
PID:4292

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=46 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4317

/system/bin/dex2oat --instruction-set=x86 --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --oat-file=/data/user/0/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
2⤵
PID:4690

sh -c ps
2⤵
PID:4712

ps
2⤵
PID:4712

com.xgbuy.xg:pushcore
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4418

cat /sys/class/net/wlan0/address
2⤵
PID:4611

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xgbuy.xg/.jiagu/classes.dex
Filesize
7.1MB

MD5
7fcbd0da52e4833803951eca0d673744

SHA1
cbe03a6267fc9cbc32cf8b8f36d7b1526d32f814

SHA256
6ce524b736e41d1d63921421f53c2553b8aed981d5ed19887a50c182f4e7bc05

SHA512
1cd79bfb29384683e6ea1915e82598f1600571af453beabceb96fc3f37d26771be1d8a283db9952179c60a292ce74159fb77460264cd9d9b796890e16826fc97

Download Submit
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
Filesize
382KB

MD5
0e2958fb6d7b2ff1d1930d98eecc2362

SHA1
02d543831b4c4b9307aeed15a8bb2bc063a26a4a

SHA256
d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7

SHA512
952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551

Download Submit
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/331608c17f28442e8b7d10f85593e090d1c8b4d3f562b3115ff626e74ce985cd.0.tmp
Filesize
79KB

MD5
3ccf674803e2bcca74d940a369b98a1f

SHA1
b82beb53b74476af3563d05f4b49b4628611c19f

SHA256
897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274

SHA512
b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f

Download Submit
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
Filesize
179B

MD5
0bc1eb3f0b3703cd86492f3149ffcef1

SHA1
df528ffaf5021d7ed7d223c488c4eeef8548c861

SHA256
3682aa482bfd7dd9c22e98c300033c6f26d5de8988c3a35cca34308f30de1a24

SHA512
a5055bc5d4a4a67d73027ede327a1a3f02126f192e9670dc366e6ede78a8195c8c73545b6c7982d543fe57da46ac0b148a0614677aa1be9de705f70d9ec68d6d

Download Submit
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
20KB

MD5
62e902116140b8696237808789c0333a

SHA1
43d656db4a047fe5ab92cf630b6168c1d2e7ed27

SHA256
7030e00489c6c94a3430a734a0718734c081f0e8adb73e0f89f165107627a33e

SHA512
0fd64bd2a2e2ffb9d29aaf2c3aae2d94cdf0f186ebb0c657638ca1d76d2f465618643cc9dab2b3bcab7a5c0475c0eef64340c2698bedacaf63209cf5f0f88794

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
20KB

MD5
f6247825b69626cf43eafab530ef0c56

SHA1
02465083f9f616207feb4d73c18d308d7cb595de

SHA256
6429c3ae636578c70fcc9c01680d18ad8708b869c24334f91c9ba40dd8eb96ec

SHA512
9fb50cf55905240ac686962c66fdc042984249bcfe4bde86362ff5adfbb46d0eb99c451daf98dac3f62f93093bcfffe77ec5c69b9afd9b2c6b96980ed6e37d26

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
20KB

MD5
dbcf0ae5883f2acd97aee5fc3ce4bfe7

SHA1
1ceefbec86e11b6b8ad0dd526915457c483a8ddc

SHA256
5f95b007e7c12a17a6ebef7c92b333a122ba857aa2784e2d25175c329415a955

SHA512
0e2998d65deadd8efa61d8a413d24fb75a0033a3538b190e94d27e8c4921a7313ed85137769504afa853fa8644ce07196d6fc6d2fda0a236722b093cb53717c6

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
20KB

MD5
b5ef3647d23a57db2eb26f1cb4a57f4c

SHA1
5faf7fdcf6c87264067963fc1a2b7bca9dad0a3f

SHA256
60e4775233673fdc965b1bd60f243bb8ecd13399ac03aa24210e15daa00bd156

SHA512
02f9fdd27cdfbb3bac1b461147b7359a22bd6d97208393f53dacc3a194b72d7ac90df3d2981473a4027f281ca4dc2f9873758a90215986a4dc441a529691533c

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
20KB

MD5
69267e6209d01f0bef2ca3256b2d8c4d

SHA1
72e0a89a53fb6278ebd94ee6a4c07b3ddf3b7af6

SHA256
ec2f6624a1da6658ca804201ec0aa1ba5e5d3b1851aaf3dac506a9a7bcb87380

SHA512
e023e7b3faf75e03b0f585549380ffaa7ce4c1bf5193eb75f43c50eca5e370243b5c8d89cf48f268b080f430d46319e0812dd8f18502d40e71023ac41d1c0f76

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db
Filesize
28KB

MD5
9851fcce343508c29f02a2dadd4f59a7

SHA1
b91bf96448571cf154dc55fc11bd03ca3ba58c35

SHA256
2c862e557c66e75c18d5fab4965d8398c3f3a66fa748ed889d3a508464b9357c

SHA512
3d88f5c5ce4a733fd92b2e63c39a499e7ad16e8b1fc0bc6000c1080102188410d2ed1b1cdfc14ab03ad801b4e9661b1811b2f182fac8d6dc35100b4209f9b397

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
Filesize
512B

MD5
3fa1c1402be7046235818342fd5e06a8

SHA1
073b9e87951757fae494c274aeb30760f4fc51a2

SHA256
a349d8619b4db4be83172c736324d577bc6f2e36802c3efb5fdd06c00be70880

SHA512
4d1e08dd9fa977baaee000a0df1a56310abb6d2f7e78526d00035ffa21734c63cbc5a7303a0b7a80b866a2aec0b3c965ead45b9d8f5ddd017b64f499a7e85984

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
44KB

MD5
a8b36c792580451a60a811e9f3d19ca2

SHA1
3c148872ab2560a0e44d0054eab80b119f5d9205

SHA256
2e377e4e0d6578e545b3829db6ae09b0fa7ada91809c451965df5c955aa7f9f4

SHA512
ce9ef85c510863bf5024e4ba0ff1ef8d85bffa0f95febf3be6d0b3f095a8d78f6ec932dcb8d3c114da0c999b61b8f9b218b67a1f9884904735cb21e305b53bbe

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
8KB

MD5
b1126658afd2a844132ffedd90090c37

SHA1
9eeadb3ec35c1cb005089d89c1787391f94f6993

SHA256
0be6d5807e8bafe141a63dc773d98d692dd703aafde9cfbdcd9cc3249c476744

SHA512
fb719fb43f54ae1e322681d398ae4c398cc86890e0ac313f988cd673bb76394330aa71ee3a76982318969140b3bc0310f7fe4467c62bed2b04cf06ee312516af

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
8KB

MD5
fd4ba2f802d0190673f87e6453e2693e

SHA1
67cc7daa163907824aca37f6d0a7a169a07a6db3

SHA256
ec215455dbdbf3e7f7a63e18300fc47c4909e536fe537d8b6c71f09b96c953b2

SHA512
3f5c713fd4e5bcb002bc4d06bb895ffb17eb3e38cecbcf2a5933605030dfa0bcc6518da379b3dcf5182a3ed44cde391bb1bec31d3155c83e2933f1d3d73e6383

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
8KB

MD5
e3cdd1869923948f8bdf7cedd13c673f

SHA1
d33c86eedf87adff67e7cc09cdfdc01a87119f08

SHA256
0bc8bae7e64760cd50e287a43cfd0d86db4376e1a9f9c205c5970635f91d28a2

SHA512
a0370cd366d876cecf0e7294f8a7f26d94cb360ce2bbc2dd67c3abd73647f8308dd41d4a6c711c2e1ed2818a554ca34cfb7019f95c6a8593ac441240542642e6

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
8KB

MD5
18b016edef08bfd21dc19c560fcba9a3

SHA1
8695669efd3d3deca2880fed589611499d23a6cb

SHA256
52c43005174075f793a2a4688c5c978488c5fbe90a728e8e5af7c39ab52af290

SHA512
ad4ea75a48529e0a37b84724d82b71d265a6c37a77a2e946a4b2769a3b97bf0b7213ae94e7bde050e115e8857d6b15d0ebfb586bca4f1ed53307bd586e9a17ea

Download Submit
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
Filesize
24KB

MD5
9dffcd820bb30552c4f7a9f84b29de9a

SHA1
959e11ff7a766367fe13f33e618209725627dca8

SHA256
cab2041019c7d4badcb1193fea1ce60398c038865e6f7b81eb9bad591ca966fa

SHA512
5d0baa653c8dfee63d4f4dfd3f1bb411cfe7c2b3190576ed70e68949ffa7211317af1f10d54b831d87e8a7a9e5955ec8aa9e315221f97f029ce2094a9f60c54c

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
Filesize
512B

MD5
3628ebc1793773f73c0d240af1b581bd

SHA1
2b9fe632a320554979f8bb1f276aad5c9650c17a

SHA256
d46fd10d64979b79193075485d45c3c830f5b1bea0a457382d9df0a86c78de25

SHA512
3fa12706772d442f0b202fcb5fecb6c184835ed45a434a2adad6f65d68d59d8dfb967324b32e54a38fbdecdd64be0f84b503ba3f9c768739ccc82bd8c6f0774a

Download Submit
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
Filesize
140KB

MD5
5e26e361b6188d97a3652f253047e7bf

SHA1
7353d025c55d5f9e3028895d4bfd63b65615f78f

SHA256
6426cfde7d9e288762161a89913198b6b6a8f3d16fe888ae82b75c2cf7e13f38

SHA512
6c0d8beddc6e747626b7c56ea141254377b755967e24ee22d6e81a58f8fe9ac915f06e96474dfd21e83f41cd6e216e62fec1bd2615d77281a9aa5d2cfeb6660e

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-journal
Filesize
512B

MD5
0f180e33ac7f1c44e62914b57d5bbfe1

SHA1
1058ff15574dc3ab41ea54a8b5460131d859b5e2

SHA256
cef80befb96eb16d60c19c3c9bdb0b977166b8442b7314219c64317c690c248e

SHA512
cebf44f6bc6b2fe3aabe2336cad9396cda49eb7b6eae6d5922d93618f2471b3e384fe242a2ee91e3429168c428709fa159e4c2d5c6a2bb918c251d27f93e0a57

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
Filesize
48KB

MD5
8e9b69e78f6a06e00619482a56b57757

SHA1
e4b8b031217fb53a15402e416c3b25b2bf045dce

SHA256
242165bcd11a79bd7c9d3bcf1c6496971818f47836909e31b350502c9393d981

SHA512
bd4e4600d7ec8c1390495e0df5e70e4a1383b8e528bd469a4515a7a0dbbe7c4ce599aafd924456e6512973285050242cbf23f9f04dc9227c9585b40f435b1e0a

Download Submit
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
Filesize
16KB

MD5
9f0df6ec135d60efcfb9db0cefcbe93d

SHA1
f6c790fe42d4292d2cd4d6da2526f64223d53044

SHA256
f9435fc4583e3075181375404bd8e5a7e65645babc82a4c8b36a30ae7c3b7345

SHA512
02bf4fee20732f8893fb6a78c01a0fcf508ee84de78a2aa2c6a1739dbb18c3ca0f4cd5018b7b6c4830269b1708ffc85b3ddfd2546c3dde1b7f2f8ad4c9b386f7

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db
Filesize
32KB

MD5
7be5d99102f8dcff8f0400e0620b80cf

SHA1
2e29f35e8a87b55ada21d800852dcf7f0902a529

SHA256
f0c0b189945aabe96bda46c8e12f454841cb22c48712a44671ab3c471c4bbed0

SHA512
7cf83ce2c83902580e2c93e17d0f17348d01f1d9293afc2b2d67f5588d5927fd799ec3e7104bbc7e5480d1f72d6915f5dcbd4dd347930eb06f40b3669508da1b

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db
Filesize
16KB

MD5
b5285f1d194c09b84d7337453ab1c448

SHA1
a57c54e9104fa3711eb28279b154492056bfcb66

SHA256
317617abeb064eeb836d050e15fe70fff580eb3260e948c08bb7cb2ad76c5417

SHA512
8241f82bf1ca7cf972a9398be2772abd08540b36b9f90179e67a1d1f847885cc6832b769f6a6d7fbd863a0fab6321e97560b05cc8894c2d37b1f7b05837c62cd

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db
Filesize
16KB

MD5
a041574c61f5f342046dafbf0aae512a

SHA1
f84050bacf9d0f2263645d055547c246c770a75f

SHA256
73dda297a65573054a347edeb5975a9a3d31cbe3ca72577a9ed4a3ace339a828

SHA512
a2d6a48e78a32efae28f8b2e1db7d05de98340c883e60a7303f9b985e7f08610acf2574a6a14b1c497ae555f3a329804d72166e4b0e53a18e6ba0d09342a1f2e

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db
Filesize
16KB

MD5
070bb8ec775b057ee8eed9105bbb9088

SHA1
8af1c0f2b28f666c4fa0360e8062f96c92079014

SHA256
4ed96d2fcf9e3b188a3471cbf39c270147b15d20c199331a9cbccc6ac90f8487

SHA512
946191b6e724ccf4932fd29f3caec864714da5f65056859e1089b9c86d2c8c3cedead7581a4e1d9c886039dac3218311b0588e263465959fd96b2836b8a1b89e

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-journal
Filesize
512B

MD5
217d0aff80e09440e90dbf9cc83f2a25

SHA1
1166ceb9f6d65d70ff7570f6a4ba042d7360af59

SHA256
147fcbdaa5333cbf422eaab1b7fd696a8f6b82dc29056f11c98849bd822e85cd

SHA512
20a1d2edba578b886379821b6043d7964274bff53202212ded4856b5942b922b139dd1b859ec1ff926485ced4e6fc35b6a2a2868bd54eb188ab4e37956c4ae38

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal
Filesize
56KB

MD5
246ee0a5cd27e1e381a6db76f3c2a2b7

SHA1
2675a2ca0a947a64e6028feb6d3abc1208dd4414

SHA256
894c24906d2f65b66f8bdec3075fe47fd9a72060bdbda5f3d70881171b4d9215

SHA512
5ff5cd583e98d188b898d40958b37d95f6dfaad5ef1914231068106dced7c6f8e4691949d99f899a245a5fad8e73b7bfe53f70699ba4e7e8c1d5ab2cf63352fb

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal
Filesize
8KB

MD5
4f1553426959dd9ac978f4e36426751c

SHA1
4ab59a372f9038c9366622362aff52b2f54bd0e1

SHA256
0d7b777b764880dc911929994d76a19248462c6ff0145fd6c19a6d73ac340ca5

SHA512
539767dda39b5721538eb51a42714453c2edb80f6dbd958c7c6f432e31ccde8e7d7b2731de6ae7e28f06866707a24a89933f47d1e866584502894a53d2393143

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal
Filesize
4KB

MD5
2aeb9a5efd60e32f18101ade9ee45c72

SHA1
8e3e343717a3ddf1be2ed9f4bd7cd977abb0fb25

SHA256
76e71c0035bfe2624f1e661aeb14db944a5f0348a55cc48085e8cca4708f4790

SHA512
9096f9206849b802ccb4fab38371807bdf0151609f29442c5d930cf4540f825cc72400010a0ba20f58f7fb33e92b188020762546a7ab99b92c01dedf1183c5fb

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal
Filesize
4KB

MD5
d48f87179c787ff4b9aacf3734caea49

SHA1
cfee8fd5917667e895cec289ac03ed696c05bd6c

SHA256
4504b814e3be1ea0c3f3a251ecdede972fb58eef9258d4f5e592b5751782fa34

SHA512
e6698358ce3e52a4a4b3423b9477b03cafc7aae701720506ddd561825b8b6d1227345fec23c99ebadb3e787abf500bbd318543596079152efe415a3fb941b954

Download Submit
/data/data/com.xgbuy.xg/databases/ua.db-wal
Filesize
8KB

MD5
b520d85f84b91431f8c4c2e4f4e1ed15

SHA1
139641074b0a4323500808f6891e2fc2be2f6eac

SHA256
92da7babe307546b70e3f84bc5939cea24e5396e46f9bd4cc0e179722276b506

SHA512
a0fdaed78254294e4eb1a781de8a1835aeced83f4facbf5befaa9e08cf4b5ebbe548b0dcae5e1d45b31ee91e37d9e710359cc738807d0a4a269c23672fdf9ab9

Download Submit
/data/data/com.xgbuy.xg/databases/xinggou
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.xgbuy.xg/databases/xinggou-journal
Filesize
512B

MD5
52a88c09a953222ca536ba56de975af9

SHA1
b11c6e540e20bd337669adff976a1df5c78d3158

SHA256
4582539a8153b5c5183ed20827b2700f51beedcb6a8b2e2a6b3c0ba595de84d4

SHA512
daae9e8ff391b1c14b401e12637b3d0e3314e3af04511510da7c29ea222f960067fcdf3b7bd3ac708fa4e3f5454b7234c1b9d5360caacae64f8dfcfbcf2317d0

Download Submit
/data/data/com.xgbuy.xg/databases/xinggou-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.xgbuy.xg/databases/xinggou-wal
Filesize
48KB

MD5
67b2568803ce4b0afe67738dcf666242

SHA1
ac547b5368c0da35f8b4bfe2eb7f3fbf60200c03

SHA256
d28a322f3dee18d01b63f44855f9fc1e19d85d07e2c9e8dc45b7e35e1f19f475

SHA512
4719321f311375467582b91f4414e176d08ee4bf04d0917d8e256ccd4b9afe2a811c310889c766f688f3592d2a7cf96f569c893da600d55b3bc6d59bfc0d8b20

Download Submit
/data/data/com.xgbuy.xg/files/.imprint
Filesize
1008B

MD5
1cb8a72781ce33b97700715ee34ea0e3

SHA1
d772bfa9e216a18b4e5bc8a14c89d214ce29cad7

SHA256
1f3ec13633672fd7cfc8e50f46027deb5ed1f550bb9bd92f173c02cf06edc980

SHA512
b8d96f20c4def66e00285d6f5109b89728a4cb06d8e687a4e0d3e11f07edecd7eae4cddebbd780995e720e3f738a792ac82cf6c18b81730121d3b52f3ad0566f

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
Filesize
40B

MD5
3911ad10a2d9a4f7ef7a09639a1b8cf3

SHA1
d8d5dae863fe04bef8d987202e25e065efce1e1f

SHA256
0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d

SHA512
d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
Filesize
40B

MD5
81024874f926b0c0c9e613997c9370b1

SHA1
a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

SHA256
da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

SHA512
8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
Filesize
340B

MD5
b822b81b66a2d786488d74d0339cd65d

SHA1
aae92fc550068773f24624dd2cad6e87a5242168

SHA256
bbaedab9ac22e4e3286d71ea6e0a6a7481956f996644b90f1389606db082e163

SHA512
545e09a38235b200af96e1b749dbd8b3eb342811ad1dafe81ed8c9b05ad61bae6ecff561a19d2084f6cc5ca23212310cfc66e78e201ec8859a3c2cc22697b460

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
Filesize
340B

MD5
c59431838c8b8f9fc290f1c2ad945423

SHA1
9cce7fd7e06ac0dcfe944dab154e5e06692a0d0c

SHA256
61a821d8efca52d748925f0b3a43c6c35018534e26dce10ac6922970e5446fa4

SHA512
1d4bbec5822e4ebd3f73f9a099f3cef45a44850e57732fd7bece149bbaab5a0c15fd952c859c7efaa0055bbe97abdef3b740fa66054a39ad0c59895e246889ec

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
Filesize
40B

MD5
1bd86b90e1b355f123e5ce8c93c3de53

SHA1
bee5683d6124650c8be0b3740ad66e771f29b178

SHA256
3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152

SHA512
6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
Filesize
314B

MD5
30330ddf9c0ed37f5067a704d6c518ef

SHA1
d4bd5d038b3e72ab827f38237717f19daef34086

SHA256
f87fbd32dd655bd0898ed37016f99cc5cc595150e1cefed10ae1b221c796a032

SHA512
c5c1119de8c90d25eec728206c23581c1fdbfaea5b9e8cb81b26d6512758d5da498e67ab01f6c7dfa3ee28db55ccd68d5835e128f2f8a33e5117fd8a12c20109

Download Submit
/data/data/com.xgbuy.xg/files/.jiagu.lock
Filesize
66B

MD5
19402718bfb1c685a726b4e1d846ad98

SHA1
02a7e30044a67085f2f1da24e16e4ecfede65b72

SHA256
079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

SHA512
25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

Download Submit
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
095135a3af1028640f2547bcf1f5a67a

SHA1
f00bf5605e2422d24e628d76d02f253d1acc80fd

SHA256
a9f5b8b907a7b7b035a2ad62f2eac9de4878874758aa52dabf1c29fa3832c02a

SHA512
493d24d53a46df8567025a10d044bd66358406f5569326feab56dde352c2d088ec094dfe4eb1885acf5f44dc842f7a6fb1724d4698f77e01c1ba41fb619048c3

Download Submit
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
Filesize
23B

MD5
8e24e79baab91c4d0604eaa9006a0cb3

SHA1
e427afc94a4b957a7096f73e395a10ea404c076b

SHA256
65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

SHA512
45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
Filesize
62B

MD5
903b458e26e9448d962933cab6aaa7ed

SHA1
1bf037cbb7f07eb98fe21a01157cce5dbabe75dd

SHA256
e9dab0a06d3e756a56fff27e3bf0a39983a187111849b0b18afb7f8d71108d77

SHA512
e101527ef22c6c2cce53b7e25d23473703e022a6cc533bf4d39dd556a7a3005f6bb805529015ef110149545468b1b24300a0052f585fbbb44a081f587c89613b

Download Submit
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
Filesize
86B

MD5
af7c3becf7c90318021f851081468338

SHA1
f76b56b3bbfc125100842ba3de5c1546e241bc3e

SHA256
1250a37908fb09c72ad4ce80ad64c5f85c068d0da4059c949542f4982869f2c5

SHA512
3cc2383b14ce131cbe6a63c44453462815167b21df354554f933c524b82566f20997b8ae1d64d0f0e83d482d45fefb2ff5b4b12f21cbbc999411bd1ceee9381e

Download Submit
/data/data/com.xgbuy.xg/files/exid.dat
Filesize
59B

MD5
245ab29565c9075fd59940a9341d3f1f

SHA1
4661cf68893b34ca6c6745ec892dec23f2e45c0e

SHA256
1f07516cd4dbae7f9212aebcd763116d0079f40b173be114977e7c8c16f58a83

SHA512
c2b1036cd8f5ff5fbaf0ee09fcc5e02550f81c0a2f449a8316871a7b2d9af342c6f9f9b5dc6fc01af8032cc3b8acf8e595f6d0127512f5469ed82dbd7cfec3eb

Download Submit
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
Filesize
131B

MD5
5103f29615a9fd732939a8bf23360ce7

SHA1
84a626bee6001e074a11f22d2d1ee69f418726a5

SHA256
42f361bdf969b31b6f5c38ffd4b54c09e0928ec2adabecf15c0e858a8179dff5

SHA512
f7796e1b38cde7058c62959bc65b0feaf5e7d7d76ac7dc66fe50a7a589a4deefba9a70a920dfbcabeb6daa67eec2d5385964fa892421c0a19d90cf1f3610d480

Download Submit
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
Filesize
188B

MD5
9f22640bab50f7c00d136138167d1c63

SHA1
31c13bedbaf026163c8097fecfa8d8f3ee6b1b1f

SHA256
8a23a455423584429149bdc4527c2d61558a83bb5256bb71ada2b6e0eca3ec6c

SHA512
92156c0e0a7871e98334d5fe6e8185b298fc4d927f0eb942b1a2635355680f56d187255c16e98732610a2e38060d0b317ed0a80465ee3d915643c2260b395ddd

Download Submit
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240523_log.txt
Filesize
201B

MD5
e357688eeb64e3d148ecc5e6aea1e34e

SHA1
f6479c3c2048a0c4cc63939107be1d3b0848590a

SHA256
223fb745e424104c28f3964133e0524f82a77ae7a455ee505b9cf89007693a6d

SHA512
9430f4533a03f87c3c7faed7ed443ce2a03d1d97aa5d34b5af9f5e79fc27bc221106a4ee2b78f68f9b737cb471ac6cc8ea83328c3718624a325e3b869fde610b

Download Submit
/data/data/com.xgbuy.xg/files/umeng_it.cache
Filesize
413B

MD5
26931fe05e81f3b28ab09831da8c3bbe

SHA1
1e688b614ff0096f0328cef511c97139f91f1317

SHA256
0ec89477572c4a9470656d9651937c1c13b8df17f8348454911a6fbf2db5fcc2

SHA512
2107dd4f04eff02c3acaad2fb3201df99ffb3b0d74b9c1abedb036e5f48d7830b9192caac8164809a23221276edf10df9328bb639b1ba45941d5c0f77ecb08d9

Download Submit
/data/data/com.xgbuy.xg/files/umeng_it.cache
Filesize
210B

MD5
8a4d9963a9130f69ecdb53690b0fd603

SHA1
e8dfb8b733b526db323aaf1527e9611bb2aff027

SHA256
a6be3ac0065f9274aeeb2997829da314a45dd46eebf9a86cf3bfa083c4b84896

SHA512
6fbaff44fa2f6be0d88b260529c9cc142f82ca8b08b75571b2470ce21fa1c792818ba8bc219611d13227e55661379e4baff20547b9909adc89292c1d09525579

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex
Filesize
6.2MB

MD5
93a02967a53a659c102c7821bcac5ebf

SHA1
35f13019ded790ff2786a89377ab06c6c36c1d7f

SHA256
e54433efae267ba5e31457c6ca8e53ac6f213aa00158d9434399e2b27c4ec2b3

SHA512
1b90bda5c2f24de36890ea177695f900979399319ccc630568646936a50bb87f2f6b15fcf36908ae6d228e9fcfd43a5a7422322cf12554bbbc671eff32c93347

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
Filesize
6.5MB

MD5
4e4094baba4b8b113d791600dcb32e7a

SHA1
5d4fe2fcebf9c0be4835ba82da184f58ae35e016

SHA256
c68e273e8dc70f01e9ef069cc04e1f5ac1041519dea607d244bee4a595637ab7

SHA512
acb25d6a0981ce4982c540826780e93f0d66782369c6bc697777244e27b030a817a2d6827405e0c8a4c687b781f023f910e4279eda7643e650060a2f05afa7b7

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
80KB

MD5
92b4c97f24387ff8158782b51ad07d19

SHA1
738bb5ec98349a93be4a34cec0ed01f654167c25

SHA256
4141a08dfd8e1ac498ec9f9000466bf6f2ec806ca3e1531574c8b64a5db45197

SHA512
03c26e0db4019345ff010e6addfdad630d0b078d55b0139da5961a5a6b7261f34f574e910c9d37167c4f95feb642de774079bae1dbe432aab5e0206ff0ea7bbf

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
5bf85148841d8383d6d7b986208f4e57

SHA1
3ae0cec3700200310342e6fe027dbf002e8dbb87

SHA256
5c84aa5fca03441f84293fdc45f10fe0873daebdee032eb82ffee4ce4bf8654c

SHA512
900486ef249d3e04f5cc092b1203a3a447a80ac84a870cd749fa428e850e13e2290d00262f99ebfc5be55cbd771c9b18eb0e4133cc668b6086fe525ceb1c96fc

Download Submit
/storage/emulated/0/Mob/comm/.di
Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit
/storage/emulated/0/data/.push_deviceid
Filesize
32B

MD5
d4f88059871ea60fb38434e3b8d4b5ee

SHA1
a6e79ba8ee96109d7ea7649d794fc25d8899c837

SHA256
a0c4653f1602a8b1bb5f257247247b722e4f55e14cfc6033234f6d6913c33dad

SHA512
2135b0f2a0163761238e0942b4589a12c53552b08bdbf32c7dbec428757afde8f32997af7727a974deb0435d5a1a1e68334be55131dfdeeb33d9c07f58abd9b5

Download Submit