Analysis
-
max time kernel
36s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
23-05-2024 03:54
Static task
static1
Behavioral task
behavioral1
Sample
69a5ff6d5d3d4cd32a607d546149e021_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
69a5ff6d5d3d4cd32a607d546149e021_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
69a5ff6d5d3d4cd32a607d546149e021_JaffaCakes118.apk
-
Size
28.3MB
-
MD5
69a5ff6d5d3d4cd32a607d546149e021
-
SHA1
1c64a7dd4b895d4a21ddfaf7c84160ead62c9260
-
SHA256
c70e97e740f619efb27e356edfc7bc44479db50a2f702fc50d8877c3e6b1ee58
-
SHA512
76588e5d1b399bfa7e2907019293bdadb36b80f2c208692d11c9870f6f024d3ef67e17fda491e1d6842c603b6f5e686a3ec8e5f1ed77c2c77145fed68f831139
-
SSDEEP
393216:ojkKoTs+T43hx0apTN4ft6wYdXk8H225X63L25X8DCz99nE0aJIWLHXwCCmlHTEe:ojkK76K2F6/dbxX6eXkCz9ZubXwCCkEe
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 11 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.kingdee.zhihuiji/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.kingdee.zhihuiji/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&com.kingdee.zhihuiji:remoteioc pid process /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex 4316 com.kingdee.zhihuiji /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes2.dex 4316 com.kingdee.zhihuiji /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes3.dex 4316 com.kingdee.zhihuiji /data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex 4316 com.kingdee.zhihuiji /data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex 4316 com.kingdee.zhihuiji /data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex 4370 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.kingdee.zhihuiji/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=& /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex 4503 com.kingdee.zhihuiji:remote /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes2.dex 4503 com.kingdee.zhihuiji:remote /data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes3.dex 4503 com.kingdee.zhihuiji:remote /data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex 4503 com.kingdee.zhihuiji:remote /data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex 4503 com.kingdee.zhihuiji:remote -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.kingdee.zhihuiji:remotedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.kingdee.zhihuiji:remote -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.kingdee.zhihuijicom.kingdee.zhihuiji:remotedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.kingdee.zhihuiji Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.kingdee.zhihuiji:remote -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.kingdee.zhihuiji:remotedescription ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.kingdee.zhihuiji:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
Processes:
com.kingdee.zhihuijicom.kingdee.zhihuiji:remotedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.kingdee.zhihuiji Framework service call android.app.IActivityManager.registerReceiver com.kingdee.zhihuiji:remote -
Checks if the internet connection is available 1 TTPs 2 IoCs
Processes:
com.kingdee.zhihuijicom.kingdee.zhihuiji:remotedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.kingdee.zhihuiji Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.kingdee.zhihuiji:remote -
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
Processes:
com.kingdee.zhihuiji:remotedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.kingdee.zhihuiji:remote -
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes:
com.kingdee.zhihuiji:remotedescription ioc process Framework API call android.hardware.SensorManager.registerListener com.kingdee.zhihuiji:remote -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.kingdee.zhihuiji:remotedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.kingdee.zhihuiji:remote
Processes
-
com.kingdee.zhihuiji1⤵
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
chmod 755 /data/data/com.kingdee.zhihuiji/.jiagu/libjiagu.so2⤵
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.kingdee.zhihuiji/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.kingdee.zhihuiji/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
com.kingdee.zhihuiji:remote1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.kingdee.zhihuiji/.jiagu/classes.dexFilesize
8.3MB
MD58695aac83cd9bcbe3ae77ab4fd61da6c
SHA187679f83337947a023fc17d7bb022ee13e26d36d
SHA25672e2798f553540e334502c8c612397f528af0d59253329807eba23b55a006de7
SHA512862243b21d90e27b46d4017d9dfdd8d8e98263213c383730181ed8cb4bbbe27993f14acc3b686a73defc1f3ead6e83fcf5af9b1bbc3a952b17b3b5b438f2e95d
-
/data/data/com.kingdee.zhihuiji/.jiagu/classes.dexFilesize
6.4MB
MD53808c9f925b5eb0cd7cfc11a399ba7eb
SHA10b13b2d59171040fa061fc0d9e9c5cea12927a31
SHA256854c262308f1b56bf0321d09d7a724bd7bd001877d29d34f8c92b404e1d35b0f
SHA512a8a45b7c92dd63a0744d922f2d7814dd71e314046acb590744795e9a9e12b9b08d406ea215fe2bda7526d326ea5012cf631b7fd638ded2aa946e3c3d9032b71f
-
/data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes2.dexFilesize
6.6MB
MD5209fc6a1185c0a9736abe81fea2a625e
SHA1406d12821cdb26129c4847381c93a8a9eea7b19e
SHA256463535b2c6ff6be7a30773bdc13a57d8514c0ab29595923d4759f8fb2fbbbdbd
SHA512b784676173b81bac2af12c901ceab21c908d564eefc10f5a002db1012a0fed3075eae188f6f21ad5d7da0c36428ebb2d8a1d071a045510dc4f34d0fab6bb55d2
-
/data/data/com.kingdee.zhihuiji/.jiagu/classes.dex!classes3.dexFilesize
3.1MB
MD55c7fdbe07e945cb9ad70c1022453fcd4
SHA1c3be5ea2a079043c40c7e9138a6a0f8a6ee29660
SHA256e6606c23fea953e5aa79896a91926ebcf2d4073f10b0eb2d524f113dcb42f09c
SHA51216f4097fe0728121ae4c20e3c94d441e6b260a2d04e10db973dd3c52c29493724be5078b88a50b67d52aca138f784c5995c510eb8ebb245a7106b4e33c147707
-
/data/data/com.kingdee.zhihuiji/.jiagu/libjiagu.soFilesize
455KB
MD5e5a53000766ebc433b27d6a66ec4f555
SHA12c8f53f1c03aec2005bcad67d731f07261dabde0
SHA25678e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e
SHA512370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d
-
/data/data/com.kingdee.zhihuiji/.jiagu/tmp.dexFilesize
284B
MD5f1771b68f5f9b168b79ff59ae2daabe4
SHA10df6a835559f5c99670214a12700e7d8c28e5a42
SHA2569f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d
-
/data/data/com.kingdee.zhihuiji/databases/com.kingdee.zhihuijiFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.kingdee.zhihuiji/databases/com.kingdee.zhihuiji-journalFilesize
36KB
MD569474aa535cff2fef3778e49adb17006
SHA11f43c3b216d37311b5a6cf6ab09dea18b6d34c67
SHA256acb7eacac38e18814434bdd4143685b0dd69babf08f9a431d4990050ca5fa24c
SHA51202db054f4d962e4da5afdd5b8efd5155dc7f7af7decb83e3e4a3132114cec50ab0975d2f1126a2a6ac3dc6997807a638a38b01ce345fa71938e928846571f26c
-
/data/data/com.kingdee.zhihuiji/databases/com.kingdee.zhihuiji-walFilesize
32KB
MD550723033afcd822438b98ccf085fdb79
SHA148047d3ceb60c41f3a042faf3abd4fcd0e5b1d43
SHA256033021a372c60e17c89c7f14b1e7cefa4e04d23ec11216783af78e249e23898c
SHA512e1568642a9f45c9a129b945b393f1fc59acfa175dde38499e3d2d95c9a169711e359f9dc27f623ad03daea4556c610b116c8d4a03df5aad2675bbff0ac600c26
-
/data/data/com.kingdee.zhihuiji/files/.jglogs/.jg.diFilesize
28KB
MD50d3e99204c6401ea499fe9e6d9855497
SHA109829f00ca458eab7374d5079393a2cd69a2348a
SHA25663ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca
SHA5128d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68
-
/data/data/com.kingdee.zhihuiji/files/.jglogs/.jg.icFilesize
512B
MD5fe9650651a939a1da02c2befa45659a1
SHA14af62942b8bc311ab9a5350234d936ede3078b53
SHA2568568788e7255c62ea973e596ad407afd3fa4995eff0e5022b4354cbd662c73bb
SHA512fef99309d12bc2a2c3c551ad7e9a8323385aa5aa0c013b24f09d21cc9b200598f72e23a64117f1c8a47ccf0a46402c163afa85f505a1a97c2b102a05d86c05ec
-
/data/data/com.kingdee.zhihuiji/files/.jglogs/.jg.riFilesize
36KB
MD579aa0108c3dfd09e02bf4ef3eb256141
SHA10bcb3bd9518709bc2ea25fe70048046d75adc24e
SHA256ef9d241cca5aabcbc426ff1c0a2f326d7f22c514b99b4b2ace351404cc8da59f
SHA5125c7560824e913ddcc8ba32e9d0f5182931c04016a2f9b4328343da8fdd137b593a0b2923b78219b354626c161381f26d1264a14606b2fe1a8fb63bfcee69ed68
-
/data/data/com.kingdee.zhihuiji/files/.jiagu.lockFilesize
32KB
MD5c6186b8cf8bd5628efef2442398bfbab
SHA14b8a4b71485a7dcf2e4fb5af40d6e7cd36eaf7fe
SHA256d259dd13332c9bddca4befd35c68af1132778580d2700ebede60be5d3fa81e4b
SHA5126eef34c8880b6de3a6380bf0baf1dc7794df745cb1934080e14b18a9959d17d709b81481fc6d889105eb1dab45fb3694cec859d6581b3c6f57a9e97f0072e555
-
/data/data/com.kingdee.zhihuiji/files/lldt/firll.datFilesize
76B
MD5b80e0559b631dd44e0e9568ba5cde360
SHA19d15d01187102e5546169817dd2b4110e66497cf
SHA256ff5834af6c2d4124eee289fafc8e62daf17697ba1ac677514a0958cc77064b0c
SHA512c65ee07a2f4db306fcd7e30ecfb6f7c1397c60f74d0782ae00a6a1f9e8289ecde4ff101c90554f53abbbb37c4a8b355d37fac577db48ebaf0f3bea274b205d18
-
/data/data/com.kingdee.zhihuiji/files/lldt/firll.datFilesize
16B
MD5c86794a3429a98324504ee05c2896266
SHA16e1d3744f3d24992b8e63cce10937a892afc9560
SHA2568a5ddef5050d2cda14f7ba53c5f79e122ca96a687a6156a03aecf7ef9b1fe831
SHA512184038640d3ff479557b0f335add3c6bd7d479036bd3801ff527f0dab87abdda2e951af44b359a538830e7d5ddc2eca40e573c2bffda1732b28365716af9391e
-
/data/data/com.kingdee.zhihuiji/files/lldt/firll.datFilesize
16B
MD5ea872c7a35088fbaca805e4c2691c94b
SHA18ee75c480109cdaa93d0beb85273023626e0ab61
SHA2563fd66ad41c543a37793f28bd765ce7ad1a079029736548cf9629aca622b8cb28
SHA51251ce2bde7c34fe950d9e5c4db5cac850b8ae1c464068b626c2bea80fcbcac66e0092d067b280c264328e2fd0c84380683c46863a00695781ce18df842db8260c
-
/data/data/com.kingdee.zhihuiji/files/lldt/gal.db-journalFilesize
512B
MD5f820435da7220516e6c11c5d5b82c9ae
SHA17a1d8232f1121da539c9b99fa66a65a5978081dc
SHA2567564273013c8b81a64b45cba381e30ae9232b0b01c5bdd01b839dc60d1371995
SHA5125c228ef38c5c8be3d6ae655a6b73c6a2b0510b4d24348ac56657c82335d72612024031d6328ffa2f618f19fa2653b210582aa25b802c5291415672d620f87e19
-
/data/data/com.kingdee.zhihuiji/files/lldt/grtcfrsa.datFilesize
801B
MD57c366ea8f849e91e3f0f3093867b5c33
SHA188bb005e5643134f8719895233047017afe39800
SHA256d759d062f4eff809dc55ecf5cf8693b0e062bc1bf3301f11d907f555852b20e9
SHA5124575109c6e7330735b5421dc6f32abec26c5e9a92fc6ceb5b0b0f360ff97ab42f6001e52ebe63199d17ad27c053deb04b26e18af0025c0462886c9576c1d63a6
-
/data/data/com.kingdee.zhihuiji/files/lldt/grtcfrsa.datFilesize
206B
MD56d613136def26031e18f3f404299bb7e
SHA114a7a4a3309b932512dad59dbdb35503845e60c0
SHA25658e28d4defb46364dd0057354a4a89f8cb726d3b696c632de04b1a707803be18
SHA51289ac70f36ec3117b631a56d43700b4d034d6d269d4632933fdaa8cd9675c57af1df95f15271d0b45b796f56b4f89ec3d6bd4c9114d7cdd24e3a25d30e24e7ca0
-
/data/data/com.kingdee.zhihuiji/files/lldt/hst.db-journalFilesize
512B
MD5a29cb83895cba2c6a4a99165800f548c
SHA1b72c774328d92a2b6ab51d116ad03c27aeac85d9
SHA25638a4e7cfb3fe3c0e932972f122d82534c9001fb3d092b8892723a9fc07cc91d2
SHA512574b620efd2f1f8a09f1bf494a067579e9ca0d51aa0b3842068fb68222fbb65856dab3835a92391d8171a6d4becb60201d81d86b2e32eda8a8e8177d46389f57
-
/data/data/com.kingdee.zhihuiji/files/ofld/ofl_location.db-journalFilesize
512B
MD51b67355e61929074be82fa5546d34253
SHA1fa6793307e29846393c1eef60a82a0bba1fa939f
SHA25611db8b553daac05a89da18fae3972c4b68f43face1deaeedd40a5c0c6d19faf3
SHA5128c57968f3689343ea00acdbcad171b72ec92b26871b5c277adbaf505c50fb22e52b68b734a286af6afdb2794b3029ae58888973f1fdde6a515eae2ea4de53b90
-
/data/data/com.kingdee.zhihuiji/files/ofld/ofl_location.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.kingdee.zhihuiji/files/ofld/ofl_location.db-walFilesize
48KB
MD58165ba1e13fb4eaffd9390d065c14825
SHA197cb3b617ad4a660d4af95ece8755878466439e0
SHA2568e6e78edb12196ac0ece7b9d0c649b536c7d133d72a0649541d31f154828343a
SHA51272e3bd18fadf86c3ba00ca8bc5c6c610085ff2a445c72da57d0ffdb66c3f4c6b235a32eccdf7980d7e44bd2efb770e2523559e8f933f7485bed86349a1c8641d
-
/data/data/com.kingdee.zhihuiji/files/ofld/ofl_statistics.db-journalFilesize
512B
MD5cbc63513c8c6d19ae9e3a09acb7ee4f2
SHA174b6202a388a5ac42cc6f19c1358e746645efa8f
SHA25665c2e8852fc346168215f3718a48216459ace3ae998d4f057ce77ed9428443ac
SHA512f9cc4f0fc476f96a65a848d9295fdc32e2d043efcba3c9cf8668b05262335379264e007f48aaf1a86044c2016405c6e647434590876a9703476b1bf7ded5c42c
-
/data/data/com.kingdee.zhihuiji/files/ofld/ofl_statistics.db-walFilesize
156KB
MD5a6b9e1beeab06d24ddba4b6673bd59e5
SHA1e581352444970a57025f4f8e7a109650864fb51c
SHA256474034d4a29ebbbb935088228be323b97cbd20cf5aa4297191e3e984f67e5a3a
SHA512c88ed0277afaca84783b533cbac23eabc127df1db43966d8699c38462164efbb14ea8fc3306fcdfd6e61028529b660956f593b87ea0d4525786e4ed4f6951025
-
/storage/emulated/0/360/.deviceIdFilesize
32KB
MD51c56df0a0870ed1c3273c17e476a6f03
SHA1865db3b9119dd6dc82187d525c8b6be494484a99
SHA2567c6359bd9670bf186ea39c6e8f08f4120d033077a6167ce7d1e76f3dca6bca5c
SHA512f07447e0c243df2dcf050b93609f339a1d5cb61cd7a240b5bcc02a2bfd160a5783e1a69ada604c72ac6fded56a9607c4624f92794a052e9f2cabbf2c334cc246
-
/storage/emulated/0/360/.iddataFilesize
52KB
MD5ae99660bb01a88a126476cca3441a910
SHA11f7bd034dd17e589eae814aedd4b16fb5395c672
SHA2563a1da681f173d187b69f1f0d1b8194c0c764edc008487f6ed543e57bc895c5ee
SHA512f0b9f874a7374201f2fe95f3e1169797c6da61b848fa791283d1db75428476f8e41c8df8dc5165b05387459eb9eb5b36aff742a0c7140e09c9b0e6a4a99a18d8
-
/storage/emulated/0/Android/data/com.kingdee.zhihuiji/files/tbslog/tbslog.txtFilesize
1KB
MD5b28824025aa7d9a7aa50f27a228b1986
SHA102661409fe8ad166724fec9e5650ef45f9d73a63
SHA256f029cd87dc363e878b9031396ca84719767a2b27a6673d7354158afdcb766445
SHA512dc79e917b685bcd014649e3bbe12c4261aad8f07933c3007a3277c7ee03d75fcdb52f6e873048d2e5d16b3033e3bafc042278b420d7e1f063231b4b3217ccbff
-
/storage/emulated/0/baidu/tempdata/conlts.datFilesize
12B
MD58d80bc8ea90e9cac010d3ddf97bda5f5
SHA1f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07
SHA256f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93
SHA5129ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7
-
/storage/emulated/0/baidu/tempdata/conlts.datFilesize
157B
MD584c2c0757045864df185fb5c18efe372
SHA1b2cae9724e1d1a1256a6e40c97129849220d4d17
SHA2566b8643e0560b1acd352aafb10791f2e3b609610a1375a1c411a13fb1be827caf
SHA5121fada34309e1f358d549a00ba373e84ea850a4876b992e0e526cb29b241ab3b420aa748bb7da9e13fae67a2913af24fce913df2f44cc8fcd7c1a72043b4d0850
-
/storage/emulated/0/baidu/tempdata/lcvif.datFilesize
96B
MD5e4e0fde96fe225d983b0d9d950ce2faa
SHA1050c0d110a5fd9c928df5e5433aefb2e207b22b4
SHA256e8cfc9c46120a4fb4e030570935f000e4579cbd6f89c68da30d4aa3669c5ec85
SHA512f2a6ff1146c8e886cac10674913075d23330cb5837acd3af95d5e71b29c1234816cf8304657f14e25414c1163f2af09a6b9b0872f50e1bf002a269e23424661c