34eccf24648886931d871b9ee6a4fc5a4e0dec7f7b4231035f08e78c236b8683

Analysis

max time kernel
176s
max time network
186s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

698fc7efc8848ac47447fa84ca44fe20_JaffaCakes118.apk
Size

14.2MB
MD5

698fc7efc8848ac47447fa84ca44fe20
SHA1

c5e6474a37428f9da1fea17a6750317d204c06fb
SHA256

34eccf24648886931d871b9ee6a4fc5a4e0dec7f7b4231035f08e78c236b8683
SHA512

a5bc0318e4f44f0fb9c1f73a7a13215a3bca1887ddd6f9c2ed431188770c50b0cc165e44ad4b23730ee2c77a781eef719c8a05e567403dbe2e7e391e0a2da428
SSDEEP

196608:TGan0bhEAqDS6yCfA27yVMzHliraYUnbppVJ3LLeDfnTO8G65NJyKfHT8aRkW:hiwCEA0/YUntpVJ3feznTO/+vPT8aRN

Score

7^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.sykj.SykjWdtt

description ioc process

File opened for read /proc/cpuinfo com.sykj.SykjWdtt
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.sykj.SykjWdtt

description ioc process

File opened for read /proc/meminfo com.sykj.SykjWdtt

description	ioc	process
File opened for read	/proc/cpuinfo	com.sykj.SykjWdtt

description	ioc	process
File opened for read	/proc/meminfo	com.sykj.SykjWdtt

Loads dropped Dex/Jar 1 TTPs 10 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.sykj.SykjWdtt/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.sykj.SykjWdtt/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&com.sykj.SykjWdtt:channel

ioc	pid	process
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex	4286	com.sykj.SykjWdtt
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex!classes2.dex	4286	com.sykj.SykjWdtt
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex	4286	com.sykj.SykjWdtt
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex	4337	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.sykj.SykjWdtt/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex	4286	com.sykj.SykjWdtt
/data/user/0/com.sykj.SykjWdtt/app_e_qq_com_plugin/gdt_plugin.jar	4286	com.sykj.SykjWdtt
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex	4594	com.sykj.SykjWdtt:channel
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex!classes2.dex	4594	com.sykj.SykjWdtt:channel
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex	4594	com.sykj.SykjWdtt:channel
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex	4594	com.sykj.SykjWdtt:channel

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.sykj.SykjWdttcom.sykj.SykjWdtt:channel

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sykj.SykjWdtt
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sykj.SykjWdtt:channel

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.sykj.SykjWdtt

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sykj.SykjWdtt
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

T1421

Processes:

com.sykj.SykjWdtt

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.sykj.SykjWdtt
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.sykj.SykjWdtt

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.sykj.SykjWdtt

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sykj.SykjWdtt

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.sykj.SykjWdtt

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.sykj.SykjWdtt

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

com.sykj.SykjWdttcom.sykj.SykjWdtt:channel

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.sykj.SykjWdtt
Framework service call	android.app.IActivityManager.registerReceiver	com.sykj.SykjWdtt:channel

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.sykj.SykjWdttcom.sykj.SykjWdtt:channel

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sykj.SykjWdtt
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sykj.SykjWdtt:channel

Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.sykj.SykjWdtt:channel

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.sykj.SykjWdtt:channel

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.sykj.SykjWdtt:channel

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.sykj.SykjWdttcom.sykj.SykjWdtt:channel

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sykj.SykjWdtt
Framework API call	javax.crypto.Cipher.doFinal	com.sykj.SykjWdtt:channel

com.sykj.SykjWdtt
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4286

chmod 755 /data/data/com.sykj.SykjWdtt/.jiagu/libjiagu.so
2⤵
PID:4311

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.sykj.SykjWdtt/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4337

com.sykj.SykjWdtt:channel
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4594

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex
Filesize
5.5MB

MD5
c39cae643037bb258b922e0b26ef5fcf

SHA1
1288e1ddab135b92410facd041885e7eb9a94007

SHA256
83a6e5ccc3cd9c1505772ca0e57471159d4cdb62e9a8b4699f431cd35931df8b

SHA512
a29c24aefc801ebb250ada2f7852d92a733c4a6132cd9521acb10a69b63d914d000b0f633699a581cb1c044daf944d22cef7ab408f48ef6c7d60ec2e8dfef5e0

Download Submit
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex
Filesize
6.3MB

MD5
69fb759521610bf2f30a8bf95ecc9cd1

SHA1
6771dec7f502433a80a41f32c3db412fb1e3ccbe

SHA256
095e91810ea1625d10805de43ba79f57d470b3711b314595b83f6e7c4fc311f6

SHA512
bd3867b255ec34f6fcb484d18891eec5925d45b5363d59ce41ed944cd84ffb99dd39c96579facb1b50a3f3806e41ffdc33dc8c90570979f3320e510803c94238

Download Submit
/data/data/com.sykj.SykjWdtt/.jiagu/classes.dex!classes2.dex
Filesize
4.9MB

MD5
178736b1fef8dd741b181d589a7340e5

SHA1
3e4c71c7359352fdb2c1f72c3951f868519ef0b9

SHA256
74b378aa29f5a4b351bedc78b4a8f28d7d529df8b6ebf46658813b83971e9014

SHA512
249e956ae95ef1f5afd709578570001f9d2eef0e9adab065545464b3345b913a76c8af99ac450d76e9a8130f6600d395df9db1cca8aca8b9acd02eb956656ece

Download Submit
/data/data/com.sykj.SykjWdtt/.jiagu/libjiagu.so
Filesize
446KB

MD5
8f55d5deb281d8aa1a0b9f72f7185e58

SHA1
5ce262af6a74a11931bf4b1e92a59b9acab27f37

SHA256
b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944

SHA512
4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6

Download Submit
/data/data/com.sykj.SykjWdtt/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.sykj.SykjWdtt/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
241KB

MD5
b95166c2f63e536b6fc4b5b811444dec

SHA1
45fc74323bb2e66f4c2a493b65b70e0de2aeb77c

SHA256
2f92b98f55c7d4417dff3fc2af9245c66aad3ab8be65177954ed7a4f13bae20d

SHA512
65eb813d39270d83e6d43956ec139f04779dbea58e517da1727a0f4fad9de32bb4cd49bed1dc1fec31b95a95b1c653c22b327aa38cba1645330c9d256d94c087

Download Submit
/data/data/com.sykj.SykjWdtt/app_e_qq_com_plugin/gdt_plugin.jar.sig
Filesize
180B

MD5
d76981bb850c22bf261d52dd424dd3a5

SHA1
d2b52e926d51927588c2b426836587e63fe68597

SHA256
70ae375f7ebea59b98fc436ff2587d4784dcd83d7e4c94fd059afb49962fa250

SHA512
a3379600f571a7e69cd8b640dcb172f7f0ca0de56ebd4256f65735d2f6053504e02d7756e0ee568489665274c8aa3756d8fb438fea9505d9137dc1216d9874a4

Download Submit
/data/data/com.sykj.SykjWdtt/app_e_qq_com_plugin/update_lc
Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/com.sykj.SykjWdtt/app_e_qq_com_plugin/update_lc
Filesize
1B

MD5
0bcef9c45bd8a48eda1b26eb0c61c869

SHA1
4345cb1fa27885a8fbfe7c0c830a592cc76a552b

SHA256
bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec

SHA512
91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

Download Submit
/data/data/com.sykj.SykjWdtt/cache/HttpCache/journal.tmp
Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MessageStore.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MessageStore.db-journal
Filesize
512B

MD5
04faabf80fd357299ea7e2022ce8f29a

SHA1
42f45fa9a43d8169f205baee63dc5f4a3c67c5e8

SHA256
eea57351ce391616518f13eb224b1ab14e97c9f8e05884e4605eb9773fcd7574

SHA512
6f111e2b412ab2c37428a55415e06b771278025d47b78aff8597998b88cc8d1ed56e602f42e8985933e1d40bc61ab9cc1b86f48dac1528abe9b0bb650d967073

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MessageStore.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MessageStore.db-wal
Filesize
80KB

MD5
47358cd5471cbbaae41c13e95557a791

SHA1
7a7e5dbf14b39827b28fb51fddf947c441f33353

SHA256
7a86911daf86368b730eefe094194e9dd1ebbd163e934df501cbf64da1920878

SHA512
1ebfdafd8c4178e9fdfd37b620331629d33c4938d135703a1104967917aee9cdfc109ff42073e9a62f2de67016616f4a5661e333d6d11d6dd69dfce783cdc1cd

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MsgLogStore.db-journal
Filesize
512B

MD5
bf1d3d89484ac074436aa8383258dc60

SHA1
e4168002da94b1e629b7144872fcd914416ab408

SHA256
0e8fe082d10d6ba20fa9920b2c236c474faeb6c3f307b9155ef40615208a6289

SHA512
3f18270592134215c221a9f9b625be033e8853588ab1c5c7f97cd744fd0db9da0a160cd2896445b01d7b890526922d6e9f4ef1c65a76939021dca4611cff4614

Download Submit
/data/data/com.sykj.SykjWdtt/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
a6d174f2a1f88307ee1576ca0cab9ec0

SHA1
3384086ecf42b25ef4207ffba906e8b92c5b2d15

SHA256
441373b92d64e950603dbdda274b8e3694b39e8c55c4c6c8856c6288f912c09c

SHA512
6eb98e55a3f137592b150e3bb9da0e5bba6ebd7f6554f4b3fcb87a4d033abaeb45901ef030975d064f0d32b9e1d4c8a888aeaac9c92985c36a8fa45ac71ae2b2

Download Submit
/data/data/com.sykj.SykjWdtt/databases/accs.db-journal
Filesize
512B

MD5
695173a9d03d9acfae97adae4ef75ba8

SHA1
51c030a90e5461513f7a2350e56e8063d4ff96ff

SHA256
6eaf9571dca2fca9bc2c876ccba00fb784aab07d6518d0520d82f91591ae8d6c

SHA512
7f6416eec11d8e0bd57280834baf56b40ba2fe97b69ad1f8ce2d24163da225b2c720d140a488f5872376c3b9c8b68efb13279de0cf51c24ea740edff2af133ff

Download Submit
/data/data/com.sykj.SykjWdtt/databases/accs.db-wal
Filesize
32KB

MD5
0ff68d309520513bcf63d46252466cf8

SHA1
ace17f7b7b4c2605386f67c7b8a6e435f669b014

SHA256
537391f0f2bf4cd9679003117da569bfed9a681e1febb2425e20a11172375744

SHA512
112af0bd9d65f8dcb77baea3ce2c4837f57c8cb2bdf03d7c3aaab221155fda52bed6927ff49845b47754df02d7470bcc98a6e85320e4bc3de3287eaf6ac6b910

Download Submit
/data/data/com.sykj.SykjWdtt/databases/ua.db
Filesize
32KB

MD5
790741494e0158f7fd606aef81b9c7fb

SHA1
8b780838d5c98b637400022293e42f5e1832e77e

SHA256
812e994656d1c749cac9359f9b1c6187184dd3d4bc87a1e05f16189d234f6e77

SHA512
7c75c958c6638bb467f954fd6564e1e7c36fc560b5d7885585785548919a4c791a2de5e14b02b5495d35ac5ef21d47e809e4e3fdae18a02d706f546003b57d6b

Download Submit
/data/data/com.sykj.SykjWdtt/databases/ua.db-journal
Filesize
512B

MD5
e2f4624e8ee7a215710f473f0ea8a1dc

SHA1
6c44a8f83d5104db7bb0e1132f79ba20768b4567

SHA256
4adce27aca0111ed4b211be7924067344d35fac3de6424e9a18c3afa60e00f37

SHA512
267d42631c762e1f90c04537a8dc7f6a04c93fede811cda456a7dbfa662b86c154f7c7f6f7b5b0fa726b99a7afd84e45b4641bf032435e6e90fa389a110f8462

Download Submit
/data/data/com.sykj.SykjWdtt/databases/ua.db-wal
Filesize
56KB

MD5
c2015eae256172fdf52fe0436256a9b6

SHA1
02eefcee2f28c43433a80d80af397faf6aeba176

SHA256
5478a00d0549b594f460d874e206081d6b173427c5a76ac7272be83f28beb7f9

SHA512
e7d7eddfc0dc50ce3753646459dc1cce38a57f090fe744580ebc0e78e126a5449434f8b07b0fe78e30b283d6bc1f2806b72244c7b3f8b16447ddba5f829468b8

Download Submit
/data/data/com.sykj.SykjWdtt/files/.jglogs/.jg.ac
Filesize
48KB

MD5
1e2c7ed1be525e69b1c6cb11d5b6d22d

SHA1
b56d4a4ef9f91502914c589f8af150803142e165

SHA256
166969c1ee990539bffd40d602db916f84c41ea8dc5c20f1a7ad1723eb16155c

SHA512
98304e8c3accb47fbdd7b91265e650b33d7e130efc72698007966fd940ecdabee7cdce2e88ae4aec620f697a4e61b7ba9ac21035329b0e8386371780da0cbbdc

Download Submit
/data/data/com.sykj.SykjWdtt/files/.jglogs/.jg.di
Filesize
340B

MD5
0165038df789a1383704643628ec9e19

SHA1
fdb54aa666276a6af6b87f6399d86dfbd5649d96

SHA256
a387957cf72e92bd38bde853f45dd78d6d7f9079cec14b27eb19e165a945c2e9

SHA512
83f7e77ffb29864ca00bbdbe80b89dc7ff6d9c359127aef7b8808ea305f4f4eedc595c02f6a263a3886e497927062c2332f66b9c90cbd86615e7dca5db99bab7

Download Submit
/data/data/com.sykj.SykjWdtt/files/.jglogs/.jg.ic
Filesize
32KB

MD5
9c4c011a7fa1299137c7a31013bd3d73

SHA1
84a29f748aede4bf5fce5d6489bed7a9f169aabd

SHA256
8fa7ae774324d643659a442efdec7467c7259d96fa2be3185b2e0c9f630610b5

SHA512
e73391b98a2c84898e765089dc6f215d4e6dde9d76a398f858ffd73a61798270804c88b41ed7d5f9df3f7c3840bafc0f6382470490aef2696a0d532e535dd365

Download Submit
/data/data/com.sykj.SykjWdtt/files/.jglogs/.jg.ri
Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/com.sykj.SykjWdtt/files/.jiagu.lock
Filesize
512B

MD5
517c0792eb9762c2d8e54decd80e40c8

SHA1
b716d015c36694a2197af8337710c0c76ab179cc

SHA256
b838372b38a37166a1b2c6c2e2143949f45863936366e5d2d1e0e33b9a7a2c9b

SHA512
933feeccfc13990da799b9103e0a0bdb5dbfc20a2760d43e2448ab8ec6a3bcfd13498b73b2fd04e0531fe7adb10e452999cc779692136b7617da00f9b157c89c

Download Submit
/data/data/com.sykj.SykjWdtt/files/agoo.pid
Filesize
4B

MD5
28659414dab9eca0219dd592b8136434

SHA1
1dac581bea06b92fea45ff1a5b5201dc6c5f4d45

SHA256
d96e16834162dac297cedadeb970e46e492429c0fead666cfbf2eb1bc832398b

SHA512
813f31bffd3fd4d207cb7fbddc6650d0d9ecfe91a2e3e1a5295f090f44f5242a2b60855f07cfc8ea4df95f3ee6f8b46c4300245e36cd1316d4d8b47c80181689

Download Submit
/data/data/com.sykj.SykjWdtt/files/gdt_database/GDTSDK.db
Filesize
24KB

MD5
755d1d1b0599d7be973031b5a9ed3373

SHA1
3b13cffb97005729fc20cd9b9a8547e0fa32632d

SHA256
90bc14445f887f7dbff548bdcc44145362d7fd20cc8ad8568b4d5c9372ee9b46

SHA512
afbd3a1c76a41015b2d4523d1c08dc14a3a75dfea3a5082b5e0552d750a498fd316bc98055b9f0ad2992f28b820ef15254461fb5df4cd6c21573a96f17b24ae2

Download Submit
/data/data/com.sykj.SykjWdtt/files/gdt_database/GDTSDK.db-journal
Filesize
512B

MD5
42e22aeef71ca590a41418978a6f8aae

SHA1
87b5aa50ee3f1a62ca7ff5473fd3ebf0be0cb008

SHA256
c7df0611aeeb9a4f7e36214abf245a89ba6a83d9f94e6d15758993a567396a3d

SHA512
c66d5a152571aa1f7d75e260382cd4263bcd1dd49c9ab0f2407bcbd66a9cf8652df95582ae721eba93c886d493f5b5bdc6283196f00fc9fbfc5917b838dfe76e

Download Submit
/data/data/com.sykj.SykjWdtt/files/gdt_database/GDTSDK.db-wal
Filesize
36KB

MD5
5b89116b3986f86111810a999dc6cfc7

SHA1
3626d6ea2738a2920ed85528534a40c2b379e5f5

SHA256
365a494c5946a7fb46b31f119082159cd72192dfa6c7117d3bb137da03760cb0

SHA512
5e2f6ec9c9a15d22d360d5900e0bf06ca9cbb5ea76c420297758fbc6751c0f262af7a3bea8182aa68356733a7e33094088a65960475d85191355368309df9f29

Download Submit
/data/user/0/com.sykj.SykjWdtt/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
561KB

MD5
0b5784570f9310b17137d6541b329ec1

SHA1
6d5f66ef2c8da7aa69644020011bdda95ee1676b

SHA256
96451b883d3234465a050ae836f23469de5cc555252c82d5970e1bfe10d3b83f

SHA512
e826e7bbc5dc7f362ead69ea39d8846574a1c578110138ee5769a96842880fabd1f4f19f3fcfcc6de0f775956761f3c651b2a970427b7a048a02b5d0deb19f75

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
f26a9dc67f8fc43212647bb553becea7

SHA1
1838c8d38e38c60815c35a8b8bcb196cbb238822

SHA256
87a8c9c87cd7b8448877655155870ef4ec5882148cf252025ce7be1a778979e5

SHA512
26c69fb4e1f9629cd49e4c526dc74a892be4c34343c23ccac6c12e2087d8a7a9346a8696315f1d34f22121e5301dbd5cfea2e7263c9fe06061a9e0bc5d2e1e1f

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
6dc82a18c1c373d2396493c0029074d5

SHA1
ed6f03108e05d24e53d88f81a3575efaac19ed80

SHA256
eefb22f036806b06dd1995e22b5ba73e38bb1d9f4871a9b9c86e7f26f045470d

SHA512
ac301246203fee7177a64db5956ca9206383d13482be2fd967180649fe8d0529599d9355c0f5d94a100a9722a74282ec66f84bc4a733232b7c3902e5b480bbe6

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
497a793a3ef27999a9ca1402bd0c13f0

SHA1
99c127b396116ea49043dc96ff28198953c65f0a

SHA256
05c400512704d673e5b4fb9d84e4d475d19c5181262688381af1dd0653f08770

SHA512
f74eb8ff65a328304e40fcd3929879abce370d4cd96589e19675141c08a566b746e7e4f9278af147c960113637d68938dade303728256cb923c75f085056ded8

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
1f77859f6452180050b864644c72e819

SHA1
238bf4e06756c1595a25dd3c07a4b321b29c3ea4

SHA256
532214edf8bda7536085341cf1e704e8faccab2d00c9050ae6aeec879a759ee7

SHA512
72d1591ecd8fce134a863b5528b3488fb1c8cdd994fd24a9c0ee6f169a9188d9758f4e52e880510a3759f086d2fdff93fb6237ea80e372daa9292277bf27c395

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
1d8d16c4e3b19ebf18988530d9b9a757

SHA1
bc94c1cce05cd848a53271ecb9c5311e27ffebf5

SHA256
abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

SHA512
4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
7d5b99367035ede4de7200f9038caf8d

SHA1
6fd078ed5df58ad0f1eace35d9af075776867b97

SHA256
57461cc07b9dfce771c5ef4b1aba78b0cfeccbd4e1232b87723ebf44fab3ed3b

SHA512
a1ce1d3d0e402498e9f08817952788be99ea2ddb9bdf4054ef4efbb1a5ccdca0db21fc853280df9770b33ff0c4c94ab2cf64cd1eefc1ca3c7fd94bf6966d62f0

Download Submit
/storage/emulated/0/Android/data/com.sykj.SykjWdtt/files/deviceToken
Filesize
44B

MD5
f12cbf297b7e59e55963df1a8adb1e99

SHA1
7d838120a9321392cbb9ee8175a56668fcd4f3fe

SHA256
1c13981a025da0139a6b6f0bf20b35ee5cb9f7f3cd9ab2ffe75c60bb0ca06151

SHA512
3dabc15c5ce3643adf0a9c2ff20073f553bce8426d183934703be62b7f4fcd26ec968ea73a98feaf76fcec7b5f21b83ae77cb02b63f4b5e3af0da32ea0104feb

Download Submit
/storage/emulated/0/tbs/tbslog/tbslog.txt
Filesize
1KB

MD5
a5f3510d32cfd74e9234bfe3dad6be34

SHA1
2b023870d5c9383cde2361bb467237f73a91e264

SHA256
e7176ea0e91389e28aa7087a62dd25b7c9cb41bf7e00bc62474a0ed2b641dfe9

SHA512
52e9a7a15667bc9ff550fb9a77d26f89478823e591568f8b5231cbcb8802a1cd17aadfea0783ac0906b3994bbb4ee554a2a5e1b6dee2dcec943d60495c29d590

Download Submit