Malware Analysis Report

2025-01-19 06:56

Sample ID 240523-fcxq9aeb99
Target 69c24f2e4289da05265224f3c414a4a8_JaffaCakes118
SHA256 0b433950b1ea44be899d030e3f7f41cccf9eaa3aa37e7e7227092ffd35a8252a
Tags
collection discovery evasion impact persistence credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

0b433950b1ea44be899d030e3f7f41cccf9eaa3aa37e7e7227092ffd35a8252a

Threat Level: Likely malicious

The file 69c24f2e4289da05265224f3c414a4a8_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion impact persistence credential_access

Requests cell location

Checks if the Android device is rooted.

Queries information about running processes on the device

Checks Android system properties for emulator presence.

Checks CPU information

Queries the mobile country code (MCC)

Queries information about the current nearby Wi-Fi networks

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Checks memory information

Requests dangerous framework permissions

Queries the unique device ID (IMEI, MEID, IMSI)

Checks if the internet connection is available

Listens for changes in the sensor environment (might be used to detect emulation)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-23 04:44

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 04:44

Reported

2024-05-23 04:47

Platform

android-x86-arm-20240514-en

Max time kernel

134s

Max time network

170s

Command Line

com.huijieiou

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /data/local/su N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.huijieiou/.jiagu/classes.dex N/A N/A
N/A /data/data/com.huijieiou/.jiagu/classes.dex!classes2.dex N/A N/A
N/A /data/data/com.huijieiou/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.huijieiou/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.huijieiou/.jiagu/tmp.dex N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.huijieiou

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.huijieiou/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.huijieiou/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq

sh -c ps

ps

Network

Country Destination Domain Proto
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 sensordataprod.huijieapp.com udp
CN 118.178.30.95:8016 sensordataprod.huijieapp.com tcp
GB 216.58.204.67:443 tcp
US 1.1.1.1:53 crescent.api.huizhifintech.com udp
US 1.1.1.1:53 plbslog.umeng.com udp
CN 36.156.202.68:443 plbslog.umeng.com tcp
US 1.1.1.1:53 ulogs.umeng.com udp
DE 8.211.36.31:443 ulogs.umeng.com tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
FR 172.217.18.206:443 android.apis.google.com tcp
DE 8.211.36.31:443 ulogs.umeng.com tcp
US 1.1.1.1:53 s.appjiagu.com udp
US 104.192.110.60:80 s.appjiagu.com tcp
CN 36.156.202.68:443 plbslog.umeng.com tcp
US 1.1.1.1:53 b.appjiagu.com udp
CN 180.163.249.208:80 b.appjiagu.com tcp
CN 106.63.25.33:80 b.appjiagu.com tcp
CN 118.178.30.95:8016 sensordataprod.huijieapp.com tcp

Files

/data/data/com.huijieiou/.jiagu/libjiagu.so

MD5 50750315eef281575611bc425174b939
SHA1 acaff02526d7b4c257e00002ed09af364f66a401
SHA256 c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef
SHA512 60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9

/data/data/com.huijieiou/.jiagu/classes.dex

MD5 3094a88f7f607dbde03c0f31368c3873
SHA1 324a36a1e2619fd0a308d5c3e2c5f7439f8b6b07
SHA256 41ab7cfe1b4d30a92a94b250f2140f47791347e4a0c3e3cb2718784fad6ce86a
SHA512 b8c40c671e81d90a10bdf72b5d3d7f731de5bd900c866a679a987c48394082641961a2b2b91125c8ba325e7749e50e4265d67134e5b2be6a3bb3c671cf4fb0f7

/data/data/com.huijieiou/.jiagu/classes.dex!classes2.dex

MD5 15bf847ffb63e3f5bb529f358ac74754
SHA1 e9ef2ebf90dc7892054ab34cd500a8b05f34077b
SHA256 d5ff271a5ec4d6c784316c9d261e546a592c96a1f3c020b155ef37054cef1a4f
SHA512 96148c780c18af6447259baa82b21440cdaa671e2cb29052ae9a29922902b7b1b24ae602b5caf990368f48e989a0dcab36e16cbcdb4ef708e2a66838546e880d

/data/data/com.huijieiou/.jiagu/tmp.dex

MD5 f1771b68f5f9b168b79ff59ae2daabe4
SHA1 0df6a835559f5c99670214a12700e7d8c28e5a42
SHA256 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512 dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

/data/data/com.huijieiou/files/.jglogs/.jg.ri

MD5 aff539ee8e87fa160bae0341a7624d7a
SHA1 4df85e7d0e9f07bca204f435682174fa7e8a5de4
SHA256 8676bbf0d12599f45a3af3de551be46688e036f2adf697f832bbc724e244793d
SHA512 1983a7d19e6a19d8cb7df24a4195a0913e5c2b4b52022a8e994c87d4df9df2809ba0b916e35dc9913240a37002223df99dcea295b1f144959e4164bd79afe885

/data/data/com.huijieiou/files/.jiagu.lock

MD5 25b4275d204c66bc0e675f76e64c569a
SHA1 7f8bde7790d8be855fedb982a14e85ba8eeb6a0b
SHA256 5c9966e1e36e484a13767dd47d2bc2cec75a2b45048d31db2ff6b9c89d433d14
SHA512 59603dbf6f4231b35daf1cd52ad98476f12a14eafd7649d4633232914944a53e3727d3ed8c90a13ac236fdc421a43b08d9f48590522366dc52d4e679e5e867de

/data/data/com.huijieiou/files/.jglogs/.jg.rd

MD5 9745eef9011e900c4f0951f86eb9e922
SHA1 2812d27380e1e0a1828c9fd4a7affc6cd88771e3
SHA256 b698e0b81586e9ced6924db83623f006400668ced1ebedb17c3a9c2fab6ebd2b
SHA512 7441544eb9b6eb7ff15c00cf41282ce167d6f7bf66a68a7e4425ed00ef8a350709cac260939fc9c23e64391897ed2b72cf424c290f4fc749e78fd6365cb80a48

/data/data/com.huijieiou/files/.jglogs/.jg.ac

MD5 555276dcf8f77ea8c17e1bc7cff0e261
SHA1 ccda7f4adb2552b856edb0b03285ec8b315d0534
SHA256 27f406567e901aeda627746ee873d1783807287a5af8a47cc79bbd9eec641adb
SHA512 113c54278d2c5e84e506ab402adfa137c7b01e67c43badc4d9691123233d4983795101dbd26fd78b39b02aed71a6879b96121adc7c04dfa7f96dc7791e4cfd16

/data/data/com.huijieiou/files/.jglogs/.jg.ic

MD5 b41386f0420d66ae9a48dfd9c7d2da01
SHA1 b6bf788c0ac3e2a0faa74dcc8a2079361cd7bbc9
SHA256 41c5d4089c355d75b1e9f6c82f9e79dc6e5a5db0b5bf53098c1de664a56d6608
SHA512 8851ecb2e23a8f8ccc411b764f39a4533f0cef32465e15047b5f30699d871e58c6b254f496e1f381dc5e034d03a06d10fe2af6e57f43e6bc032a634fc4f3d40a

/data/data/com.huijieiou/files/.jglogs/.jg.di

MD5 0216ba76ee213621afee5fe804aae28a
SHA1 f173c98b9052a134c08707b9dadff229c58c493f
SHA256 27daf5f12e5b873334be977ea7feb7656eda682f695c8b312b6001bcf885babc
SHA512 f9c26c5c458c3b40e46bc87cd7a04837ead3c3b6e593eb316549d1d0c358fdfe734aec40de57400925ddd43d15dc60cc20212614e9a39304e5e33191d3ffd80d

/storage/emulated/0/360/.iddata

MD5 30e09ab4be9ce301afb3c13da1c9915f
SHA1 3ed61c622979edb1505e3c0ed2d1d8a42845819a
SHA256 4ce537bda231e59ec152d49b41d212c65a035ffcbf5915a9180468792d5df6be
SHA512 a76bef4ae888507db30730bb1df870d178973aee2c40fcd5ab669cab85d010971fa795b13b826cc2fe1f94dd902a3aedef5c5dc97895c11bb1c9c1deb1196c49

/storage/emulated/0/360/.deviceId

MD5 1d8d16c4e3b19ebf18988530d9b9a757
SHA1 bc94c1cce05cd848a53271ecb9c5311e27ffebf5
SHA256 abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7
SHA512 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 eb934df2f7dab044ea17e3c9f3485f3f
SHA1 aee82ef340445ce1ff6743d79ed99d5127e779d5
SHA256 8afc8993b0c0a451501081a7b6ef05978a8a952e37923fd3b695f1b79c4d67ef
SHA512 4e8b0d26c29a4e6e39a169b78c4d563eb1ff816d9eeee14d22513b81a6846e8b1770aa2e8ee2943f661fadc3d1f44e9593f5b22e7595232947955eb059350257

/data/data/com.huijieiou/databases/com.huijieiou

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.huijieiou/databases/com.huijieiou-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.huijieiou/databases/com.huijieiou-wal

MD5 571bc53c4571f092706d676ab51c4968
SHA1 295b65d1b4fef9129829702fbd3fad326b7de99e
SHA256 555d3d3a70202b43e97483650601a08bb86b4fc1d79cf224dd723c35176c9e09
SHA512 f231d4252034ddda346b96bcc7040d16a65f822c4d42e3db793adcf6bb4204873a978caaca507fd2d0a58d7751e737661919bf0adc0d966ef38ca6b237bfca6f

/data/data/com.huijieiou/files/.jglogs/.jg.li

MD5 e054027bacaf720187ada1ed11d79514
SHA1 d3535d15ff33e9a7a0a85d674ead38fbbf042eda
SHA256 478a60e122e09168d3f426194f49d14f1ae26220c206e00389c064c16ce02916
SHA512 709e39309ca2c2457ba395be5b2aeb03ca9447f1ff31868c4123ad394d9c760906a9bd81f7785669eac204f83f8ac906144b05c0bf4025bd7defc38ed123a626

/data/data/com.huijieiou/files/umeng_it.cache

MD5 0f09699a2c06ab2d690db0fc12cec797
SHA1 0b8fc96ab83518a33237988a5ee638738187b0e1
SHA256 3f4143930abad892347e9dc671daff3634d4598641a76797e2c5e66dfce45d32
SHA512 a1c6dbc9fa944a93fb3bc9166ea747b9a21a1efd382f74e0600d1e5214a0dc93edf11b0d4dba8c4d42464b8eb302daaff3fd9712771716d987ea3d171b29b62f

/data/data/com.huijieiou/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDM5NDcyNzU1

MD5 0e8b2165bccfb84f9977e5578c44b4af
SHA1 1bfb3f5c0e436d6dbd676b86dac706b1bcaa326f
SHA256 b8849677e63fa2862b9aebc0536fa1955c059a14044abb9d6e2ee590a234e640
SHA512 a31ed12f65d89428adfcb63e1cc06d6ff33ece35dfd645f6b18ddca44c43f6e884dd19e6c870d956f6f3c86a3f9790a0f3080df768179f5ce46152e7336e2b09

/data/data/com.huijieiou/files/.umeng/exchangeIdentity.json

MD5 52d4539cb9216f5b3e4a42fc7d631197
SHA1 9bd7dd207d105766afd48f3dd7ef8ea825f4663d
SHA256 ff2e135a1a50268636d96763c8a9f359366231a8664e97464c9b1e3b32e3c057
SHA512 87ba890dc40e234d16e52b40da8d55ee12bbce5f035441192dc797852cd141620c19d8765936b3bcac67d3ce16ef33dd2be2ed1a1cc32808fd1ed2615965abd7

/data/data/com.huijieiou/files/exid.dat

MD5 d7983373e67a7c49d54c853898e3ecd2
SHA1 f2395d6b317967e2150783bcd0f1dcacdf93eaff
SHA256 b1a765b2da3a3c910338cbae4b3941afb7c85325896046659c108d9b4c445342
SHA512 102c22388d39264c348807cd948b861374244bf3183ff778ecea0715d27d1bb4c40a74ad52807853299c211552c4656f3e13ea75db778b4b31f14a70be772555

/data/data/com.huijieiou/files/.envelope/i==1.2.0&&3.0.0_1716439479325_envelope.log

MD5 21d6919a071f94bcc4ef7006331988cb
SHA1 0ea073e8c97a0f284da625fd19578921701e74ac
SHA256 ff06bfa6aae7ed4b285928db03d8de5857188688016de4dfdd9567e0e4a8a5c7
SHA512 683ae5be3032b549ab0555c5391805315cc883fdd44b49841351293de2db7596c91236a357d1ed6e7129d4f84affbe912859d973ac46ace2b8e6e534fabb804e

/data/data/com.huijieiou/databases/ua.db-journal

MD5 cf5445a36ad7150ea61d7584946d392e
SHA1 51f7f620b9b0a3212f786c7c814a5527c6034498
SHA256 913defbbf20363a81ea8c16812727b7144be8c49f5e0eef2eed6d28e7d921568
SHA512 7b8cb162df465e2c51b66e25f2c0582a2d56b49073c474c762727d5a12d335aedc8f992b8b3c75872e25203de79ad8751f6edf84746b87fd17e6998805582a96

/data/data/com.huijieiou/databases/ua.db

MD5 0adda9c85a5e4808f5b1b74c0a8591a5
SHA1 5048107883ab1e345af9cf2e6849ce46e0e612bf
SHA256 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1
SHA512 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

/data/data/com.huijieiou/databases/ua.db-wal

MD5 577127118c07d11ecf526abecadb3a68
SHA1 007a6ec242c79db4b9c2f651c1365addedf1b1f6
SHA256 ead614df98a0e048d23410a69f8bf34240d08b6341b3cc415c96076ce44c8daf
SHA512 aa8ceef71ab4850e63b1eea57852dfcb4809158dd12ce5fba0d60b450eb1ce1159e807c1b61e4d393d6af886f2afc68d98dc96162e5be49b0caf8613fa90d453

/data/data/com.huijieiou/files/.imprint

MD5 5051806962d1050a6445e8e2aace472d
SHA1 76f76f9d825fbd9590734fafde20f2ad8931c703
SHA256 bcab25a43fd90f10db4cf2e1babc1919db377de35c3cf3f273d4c817cbc62778
SHA512 2ea54f2ca704e3616015317299664585f2bff7cc8a2874bc6632c0891e30947640d7c5a81182f39dc1c870cad5aeda3c317ba42ad520f10b49b301b5401cd454

/data/data/com.huijieiou/files/umeng_it.cache

MD5 4f4697956be885d38f933a5d72a655f2
SHA1 d46621b4dd1395f1fbae2af1aa20f7566d0a8b6e
SHA256 ed215e4327384934f3bedea1ecf1edfe0156cded12943185a35c7151528107b8
SHA512 5dafd6519fca3735c4321f459cb6aff9561b8ce519d6d80cf87dda882dd5574a44cafc794eb636650b307ca209f450fbf880f50f7e5956958bc0fed2bf77aab2

/data/data/com.huijieiou/databases/ua.db-wal

MD5 4311af300f48d80e5d9d3e2490305f00
SHA1 7445a98a119a6a9f79d56503b074819eb1c4fd36
SHA256 adc7627cba25aa6af680d018d788e52ada4a40032b4b678f5344dab88e66fd24
SHA512 af743b75a9403f504046c0fb060e47d12f3363fee5312661f58a6bcf47d391616ff330250491cd634ada30e08ad5150c4100df155eb69e426d6cb2e5fb56e335

/data/data/com.huijieiou/databases/ua.db

MD5 d5930bb1cc20f13d66fd9991b28b30b9
SHA1 ec28b8fcd39bb56b5c90b64014ae1c1bbcc3dfd0
SHA256 37f44a6ae1227fc7d4473656930be1c2d14c896f66a41590a203e0337b02fc72
SHA512 536c5c7b8279455d13383435d545713f8de647f041056d94402ef0b43aa1c6b97e8e00310872f58f9c29b1f0b4721cf8280a316006bc44eda723bb84c67b15e0

/data/data/com.huijieiou/files/.umeng/exchangeIdentity.json

MD5 3d63f3ecf5de85b2db69ceda8fd72025
SHA1 5b9ed3bc271ae8a03468f2c4993c90580ef80ec0
SHA256 4c50c678be25098f9fb311bce5dfd0b9cb0048b2cd1dc34a87f99528a2cd1225
SHA512 66d8216ea77a0555d642cd979296a1eaea482dc71ce2391867e9cb23deac7692375e64ab79eb743e725868ff1c59295b6df569ac241dfdc889f4b467e994719d

/data/data/com.huijieiou/files/exid.dat

MD5 d230eb9dca42df686ccf51ef31216356
SHA1 4dbb27c7ce24761d9119081039989039b413f042
SHA256 06221483fbef9ca9bc1ed47473d857cf8c0cc3f1425efa178467f44aa685c309
SHA512 e35563aa86b7a6cdac4e715a12548797a5cf002c596d81337cb975b669a4685c51fe7fc89cd757737b86432a8656890f2771ef0984e28ab31105dd12a5c7e1fc

/data/data/com.huijieiou/files/.envelope/a==7.5.0&&3.0.0_1716439481548_envelope.log

MD5 6a1c1b865b2dbb4ede5e919feae00ad0
SHA1 2ac076753be3a6bf6d23d37836a35288c61fb0dd
SHA256 8e25a15a7b1a49abf3d61db7ab2f99c8999ef0721104f0ca0ab0c91f860fbdc7
SHA512 dbe2415c0f0c3180a7f6f3790482ec1cbca9ed85af71719ec8b46a4b6e2c3992a390ad093421f6a21bd03fe750cc66a435ca9d937aeef688f0eb54430a4b7814

/data/data/com.huijieiou/databases/ua.db-wal

MD5 c0cb0c16c897f83fa6c055b3d0373428
SHA1 a0af785a02ebffb7bbd9f59ff7e1297039a39916
SHA256 507ed8a0bf87b5c788af831bf9a74508e1fa59cdcd87c37315a1491bd0ceba17
SHA512 3803dbb1112b8f6f70297544b789af3dd1005c592f815e6012c4e539be51817f3957fa207fa8907a2f82a831780878a6e215fbf65ef696d6deebdc60359e3b21

/data/data/com.huijieiou/databases/ua.db

MD5 36abc74026bca0aec741ce9bd9a77c8c
SHA1 09f2814986296a92da7d4f66d4b8363175c4d026
SHA256 ee3684597fe21a35498a7a8965bf683bcf700f98040c7e2055930ed82ebcbfc9
SHA512 5784d01ef37eb4ae07443abffafe8a982f294eb9d744a7d987058d0d7b4dcef77fd442c5e63e021911eeb8310784b14edc9b6dda6fbd0939030b2fb178f0c9a0

/data/data/com.huijieiou/databases/ua.db-wal

MD5 0cacd20ed06a671c3702e0605a52e208
SHA1 92167af1c05f4111f9facb1f2578db931e4dec97
SHA256 211a5aa5eb2d4f470ea365c9e1cf42ef2077a9469ecd21808304e527b8731e3c
SHA512 afb27a140608c96192ccec79baab65359cf67a8193c5fae21da64a38e797ec474d6ba58212d5402f3b5d5f59cfe3c14762c04cca5acce3cb8530a5a71ef028ab

/data/data/com.huijieiou/databases/ua.db

MD5 cddf3aa528be2c02531d3621a271f7e2
SHA1 18cc083d8b455def3beb3d42b9709a013935efd0
SHA256 4a59f47eb332dd5f97bc9c4d4b0e2948e0772d732b171a42ed2ae35ed3e13cf7
SHA512 39abd602266e7e45ea1db37ef36486a6ed538bcddf2c82f4124292840ab8b30f4d2e7e9e23247637be78cfdb38752113258659962d5f365b90c27f2512ae6999

/data/data/com.huijieiou/files/.imprint

MD5 9c4f18ed8022f6adf75455a3d34a6608
SHA1 e0ea595d30f2bbbc81025ff89ba52bbd975d0273
SHA256 bf17280bde7339e3a7218ad8e84a2a0718dfbdd8c2da3f8211b5261d81a18565
SHA512 65c92674327533097f4d495d1eed0ec5f08e4ae069cffdf33304f0d1da946ba7070da9e01970da5eb0ad306ed58c539763d5b81353d675db6cd498e8832916eb

/data/data/com.huijieiou/files/.jglogs/.jg.di

MD5 f0d22fc3bd32b79e738df09e545e865f
SHA1 b442274b99f2e90349e6ee0bc2b7fca31bba931d
SHA256 2dd470305025c46e33cd79ab5ce527b67d327933b48198a8e9559bbf8958107a
SHA512 bd6ea5ec146587dc4ed152a73ddb857515aac5664ed5987f31d8eea7a297a772d518843498d2a2f87315f92f242e14dfef6f330f0a1ef5a2f59caf93f5de1e7e

/data/data/com.huijieiou/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDM5NTA0Mzk3

MD5 5b0abedee26e9bc82a8b8956c4f9c338
SHA1 875896af4d2c365eae3c0a004051130b75c48911
SHA256 6668696081111f6c58aeaf2947e6bf361ebdf990d7783e4d123b51a19b1e8a70
SHA512 519513d64adc02d239b8c24ee518fe8253d9a238bdf3ef2bdfa3f3fb7af86adeddec4ef0aafe5de5c7d8afea892cb71446245fd6d699008c25739d867098704e

/data/data/com.huijieiou/files/.jglogs/.jg.ac

MD5 7f91ee19265f9aaf1a0c662d114a8ff7
SHA1 5ab4e80162823b573863b8ac6f607004915888c2
SHA256 b99ffb7a54ea3b834ea793cb0841a4c92fc258ee1215a1d56e04b29b04c8a754
SHA512 7d2f97d684649596db70a0996f0131ab57ca13cc33a0a3593b6b38b5b40711a48dcc0956a06a7be4a2b06008612ecd1812f63608d98f6333498ca8ce1355da96

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-23 04:44

Reported

2024-05-23 04:47

Platform

android-x64-20240514-en

Max time kernel

139s

Max time network

179s

Command Line

com.huijieiou

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.huijieiou/[email protected] N/A N/A
N/A /data/user/0/com.huijieiou/[email protected]!classes2.dex N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.huijieiou

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 sensordataprod.huijieapp.com udp
CN 118.178.30.95:8016 sensordataprod.huijieapp.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 crescent.api.huizhifintech.com udp
FR 172.217.20.168:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
FR 216.58.214.174:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 plbslog.umeng.com udp
CN 36.156.202.73:443 plbslog.umeng.com tcp
US 1.1.1.1:53 ulogs.umeng.com udp
DE 8.211.35.113:443 ulogs.umeng.com tcp
DE 8.211.35.113:443 ulogs.umeng.com tcp
US 1.1.1.1:53 s.appjiagu.com udp
US 104.192.110.60:80 s.appjiagu.com tcp
CN 36.156.202.73:443 plbslog.umeng.com tcp
CN 36.156.202.73:443 plbslog.umeng.com tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
US 1.1.1.1:53 b.appjiagu.com udp
CN 180.163.249.208:80 b.appjiagu.com tcp
CN 106.63.25.33:80 b.appjiagu.com tcp
GB 172.217.169.42:443 tcp
GB 172.217.169.42:443 tcp
CN 118.178.30.95:8016 sensordataprod.huijieapp.com tcp

Files

/data/data/com.huijieiou/.jiagu/libjiagu.so

MD5 50750315eef281575611bc425174b939
SHA1 acaff02526d7b4c257e00002ed09af364f66a401
SHA256 c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef
SHA512 60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9

/data/data/com.huijieiou/.jiagu/libjiagu_64.so

MD5 32a8cba7e6fac645ea3d1fca87cba90f
SHA1 6b01347c0d6777ea644c9859214decf5a00431b3
SHA256 ec2270b007c53f33ec3ae7c49e78fde28a64bf2eaf4309ce60abf9e03035227f
SHA512 018c9c65ed954c48b98d6a42e28f6b2e5850179079497367bca849667fdd69a96a2182b43c2a865ebcbfd8548d6973d9b0d2f9570644a36bc7549b1a420557d4

/data/user/0/com.huijieiou/[email protected]

MD5 3094a88f7f607dbde03c0f31368c3873
SHA1 324a36a1e2619fd0a308d5c3e2c5f7439f8b6b07
SHA256 41ab7cfe1b4d30a92a94b250f2140f47791347e4a0c3e3cb2718784fad6ce86a
SHA512 b8c40c671e81d90a10bdf72b5d3d7f731de5bd900c866a679a987c48394082641961a2b2b91125c8ba325e7749e50e4265d67134e5b2be6a3bb3c671cf4fb0f7

/data/user/0/com.huijieiou/[email protected]!classes2.dex

MD5 15bf847ffb63e3f5bb529f358ac74754
SHA1 e9ef2ebf90dc7892054ab34cd500a8b05f34077b
SHA256 d5ff271a5ec4d6c784316c9d261e546a592c96a1f3c020b155ef37054cef1a4f
SHA512 96148c780c18af6447259baa82b21440cdaa671e2cb29052ae9a29922902b7b1b24ae602b5caf990368f48e989a0dcab36e16cbcdb4ef708e2a66838546e880d

/data/data/com.huijieiou/files/.jglogs/.jg.ri

MD5 7895882c3698e3a6f23332ef4c79978b
SHA1 7273d936ef4508e62a00812c3037ca2ace279e24
SHA256 e0bc87d584f2ce6fdfbc789a0e689e371f5df6d38e0280ad23b6f3b5fff06216
SHA512 fee2d92460b34ea74ecdbf00b9bd64405e801af4d3dd83b5ad2e73288eb93d7868403475ab65436f302c80729496ae102bfb96a2cb9554c8076d456c48aaebde

/data/data/com.huijieiou/files/.jiagu.lock

MD5 e06a97a783a2ea69c120fe2169ee5f9d
SHA1 aab431635a2c44a8dc07302f7bd8a35533095918
SHA256 6e24fd8a2291ff2e1f89dc6a0c01ed0e39423c40aaf01e5f1cfe9f3634df9c72
SHA512 621eedc46f9945a2a5a37904622bc2ec80d1020c27811dc1338d5df67168b2646e04c881585b59ae0569aeeb65a9151233813bcce3e5e4ae49ca44d141988e68

/data/data/com.huijieiou/files/.jglogs/.jg.rd

MD5 6cee9d9a45af0208d5c7a3bd8f98614e
SHA1 8e80fab999a8e169069941c9ccdd4bd242e160b9
SHA256 3038435dab571a6f82e9e409d442e1002b7d22e99d7ee784cc2ac4c08f7cb751
SHA512 5fc15b86cf4fb7f3d18a1ffb5f0166bfc5ed4247e2bf590eee11d229e9c0ab1541e471a705d34d950d71d93767f9ed2f41a1e3c5c236b3650dd6af375624afb6

/data/data/com.huijieiou/files/.jglogs/.jg.ac

MD5 555276dcf8f77ea8c17e1bc7cff0e261
SHA1 ccda7f4adb2552b856edb0b03285ec8b315d0534
SHA256 27f406567e901aeda627746ee873d1783807287a5af8a47cc79bbd9eec641adb
SHA512 113c54278d2c5e84e506ab402adfa137c7b01e67c43badc4d9691123233d4983795101dbd26fd78b39b02aed71a6879b96121adc7c04dfa7f96dc7791e4cfd16

/data/data/com.huijieiou/files/.jglogs/.jg.ic

MD5 b41386f0420d66ae9a48dfd9c7d2da01
SHA1 b6bf788c0ac3e2a0faa74dcc8a2079361cd7bbc9
SHA256 41c5d4089c355d75b1e9f6c82f9e79dc6e5a5db0b5bf53098c1de664a56d6608
SHA512 8851ecb2e23a8f8ccc411b764f39a4533f0cef32465e15047b5f30699d871e58c6b254f496e1f381dc5e034d03a06d10fe2af6e57f43e6bc032a634fc4f3d40a

/data/data/com.huijieiou/files/.jglogs/.jg.di

MD5 6f58b3a5e0759aa88dd2c6aff78d4c2c
SHA1 cc38f690d7f2f7d9e5053b248a45f76032465363
SHA256 2485abcc44836e25fdb6b539c06571edee3bf74b36f38467fbc36c0f70f73f12
SHA512 78d1eeb3187e25c828812be184519976670504b50f396ca8d99c50a9cacf671bdf9db131d58424860091962085d35b06e8ab5a387dea15f3a85255476443d31b

/storage/emulated/0/360/.iddata

MD5 ed80e12c63163ca68c81023286bd7533
SHA1 d79164e4bc936e9a185b2adfe38018d89fedec00
SHA256 046007a0808d7275676604c471398125b8b3bc6f5e2e48c7bcb0a8d73c327fa2
SHA512 20822c5b9ccf50895036ca193371e4c4e381ab2728ed5b8ce0fd2cafccadfded0bd8206146810c3c3202cab6ab1e85347b9c480f3ae3019fd26f10348ac3729e

/storage/emulated/0/360/.deviceId

MD5 4c4c5285293d5141f582aefa4e038669
SHA1 e01852a72e5a8e6f7d63a21426b515118196047b
SHA256 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731
SHA512 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 1c5c8c96a2f4f5e5dea0f877316ee778
SHA1 550a0c5e37e5378a821794b71f6ff3604203f4e2
SHA256 3452a2014b28c6aa298318b17337b83e42a02bb14572535d3e660b018dcd5a29
SHA512 d34d703f54160f2629785224f96c82f727c516f7e7c1f8c0eab3bc5164e5118e4bcd004c010f1ac70572f0d4cd96dfc1ec5c4b569a01f0441a65f37f7a6a8266

/data/data/com.huijieiou/databases/com.huijieiou

MD5 e1012fcd79876da0dd491f8babd18ef4
SHA1 dcfd47271c32c80cb2028222c8b751f780e8d34e
SHA256 f58070f05c3bde49b64788e3b7952c9ae7a4a8f90cb4ed714d6c7cf5c6f9dc93
SHA512 22b350f9f77c7a79363386feabddce987b66b36def498044921da0e215584b11465bf3628bde15253c0d43b6241ac5fe02e295b6a2a075700427672a129ac9d4

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 08f1c50cc793e9646cd4decfa87a16fb
SHA1 b5ba9df1b7ed3aa76ce17d842087f1e037671e13
SHA256 44f7b3489f08a6ebe6e57a3a66e77cbb4f63c2b2c360d0ff8d2517175963c924
SHA512 74461fd3a60fc4a855466b2da41c62badbf2d13cdf095c40518bbe4a5bc0370c174d496b7be19986405a4dfc30e2755d213cf3ee06f5de8cf8c99633281d3282

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 86071cb214f1ff441c8684d2efc78838
SHA1 04762a017a6043e962d6c4588d5ebf7f7eaa74b2
SHA256 c27a52b9728ceb668a5aacf7a70f4d046e531b1e58bf84540bfa285abc1c5ebb
SHA512 0cf88f6e7950fc6b4819844162ad86b29c8602489a9d8cad4a94823e740da445d16767f88ad00a16f93ac7bb17269b8b5e8a265d10a5854f5dc8f10cb9fb9d53

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 0e22690bdfe4e9440416530ab53deb9c
SHA1 32cfaf16f5a9d1a5db8663b5aaf6f633aeb2190b
SHA256 45e1c48c141ec26a3ef305896511ea13c298ba87ddce41653baa1a41c106d88a
SHA512 ce685d0f93c9d901854810ca0c49adca3421d7939b262011dfde7aa602dac7d16455b4249690e6062875a8c8ae99ac9c9993b80e8903dbeb4ff3ba1c0c2a2302

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 40e6543105e5d6be73f0c15c55472c34
SHA1 9b67a290f7e17b41f349f80cd631a471066a4831
SHA256 05a789dad8f648e287e6816a22510e827825b5717eb270c4bc0eecd2211da458
SHA512 a305be8ee926cc51fbeb657ac2677472bfb12206642aa90dcdb6790d03335df3f9f53eea1b4b402894091fe9eab3e17c797e4170fbf40049f4cf6bdf5deb5584

/data/data/com.huijieiou/databases/ua.db-journal

MD5 2a30fbb74d230286b56388a48c3d169e
SHA1 141605e0820d0048a737aa1278194ff0396addb1
SHA256 e7169480a95ed056c192f1793747613de9d10a9871b05270eeb706cbec76ee39
SHA512 50bde34cbae959dcc8852507468da7b25b4c32bf8c585916b6ff5ec54e7d4c27a133c52d800918f2181aaf4f5854c3e066770be669dd92f5de68ddb6d7ce14de

/data/data/com.huijieiou/databases/ua.db

MD5 b7036131b84bdf2b66c67fde18d62308
SHA1 18b1e5a358d68c846495cab5cfef7c6679659093
SHA256 c2c0bc8842203ccf1665dbb5b3333b22ae5a6ae3ef8eafe83e7f43adf32d0295
SHA512 256bc83e1a516a58f5d1d024d27dad3c26723df0f96e0deca6baac86d84518000212570b06996a14bcbeadff05fed05125862aba2d4aa08c15a6999563dac067

/data/data/com.huijieiou/databases/ua.db-journal

MD5 3f2c221d61b0fbb79ab5ad128d588c9b
SHA1 576aead4e59432d53dd45748ac901b4ef03d146c
SHA256 bf5a844368b874e60a2b7a0c8ac0de8940f93a28f562b3751fd461c2109eb4c5
SHA512 86d0cbf7b24554e494b45b89b02d833ca54959ce6cd4f13751007689923e976c393cefc3f356c2570e572d8189550ad3db012cfc1d93117e3b710878d69d85c1

/data/data/com.huijieiou/databases/ua.db-journal

MD5 1e6b00c21a49e927e22e049d61046ded
SHA1 02d70224fc2ecec72431b6f65f180f1be3ee811e
SHA256 1889fa83a48575660aa6e731a4dd1ab7da13af83d2b854470c72f8018555d5f6
SHA512 b2fdd7b0658a2c2ab8abd7b29ede58bddc6649a99f2b0cca437fc68fc81a308c9fa849dd8739b051e9a5f487dbd5d445957c81e7a71b7fb8d15fb7b29e3179b0

/data/data/com.huijieiou/databases/com.huijieiou-journal

MD5 1ce87f81e9f9e5c9610c649e9fe637fb
SHA1 f8348e6d46f601ac4aab453cf2d2c2d803cd31c2
SHA256 403d4c450fd256fee917a4d4c8fb3c62fbcc84e4fd743c5e1ae6c4da150b047b
SHA512 bf43e9dfeb979380c124300ff3524ab7b4d84bd876a220b7c71d3e5ad5d163b739bd3507770a7d26b4d81a9858fb038029612565d48b8900112ae644fa1f0ff9

/data/data/com.huijieiou/databases/ua.db-journal

MD5 3f036d4ddfabddf80089c13b4dc445d0
SHA1 8398bd33d1274c0ad12cdfc33283f4a59fae1e14
SHA256 de8b24f0a9a1ac69f491cbc4cd452404a6d41e66bd236df568f8c3bf28fe623d
SHA512 eafe9f89737df8977d6df64074a0363055aa91c0bb62391d262a28c73012a208990d521014d200cda59e8428d27a58cb17984d34d1ca420ce0aea99cc4ac1eed

/data/data/com.huijieiou/databases/ua.db

MD5 7b4a15b1396e430f8a5a05b97d3590a2
SHA1 be44ec3cd2de08d7038bfbaf2cf5809bab00ef09
SHA256 a8f3f2ffa4d75a1fdac3236ea6ecbafccbbdc6ead7a0b42773fdc52689b25888
SHA512 0be45532609710ed3afaea991b5ac7a3feaa81bb9c0d1067b7c4663f70158e6d3e274d0f0c8a58cc35cc06b7b8f65437d7a5c7355d49c0a5466ff633b724a0cf

/data/data/com.huijieiou/files/umeng_it.cache

MD5 ea2efc374165015e8cbf0ab804a7b21c
SHA1 fb5da370b4dcef5d4446365d478b2152176e3713
SHA256 a93f607de22e56d77ee429df0e7b44e1aae3c30ebbd5a4ebefa7341738fa68ba
SHA512 554aebd913ea960f7f8823d7ed1dfe7f8d6fc93cc5f784a183fdbcf47ab102f69492c255161c841515b846f033c4eda3879f5d28933deead64c2150f817526a5

/data/data/com.huijieiou/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDM5NDc3NDk2

MD5 60e3723cab7f4028bc1d8dcf46eaf417
SHA1 9fdc8787df5d6d1f6f044f5c0d09640a53a5ae8d
SHA256 f39f37942701a8a20b01a1a70c82cdd7fa3e5c1b1a9887bbe6fb01cc271caf81
SHA512 2a468315dfd300919f5c408b89ab3b2a30f5b077672b977d1184df4bc8bed1e8a5b72f658c24c40b635e6c9ff2b280d81689cce0cb7eb3ce0b2a84997ce81fe9

/data/data/com.huijieiou/files/.umeng/exchangeIdentity.json

MD5 b36574d70d1b10dfdc293d34fddb9a56
SHA1 607d5433893a13a2b1da06c811ee82579067d528
SHA256 3b7004d9d1b325681d1e85bb400dda8ebd15f0d104e50c46bee584110846acd8
SHA512 089a39781607e144966a1e324ead4e0fa0d0a01a535931522b2baca1f8b67f77c73213264bf16e0a30863bddc23f3c3725fc26c348ef702a3a84caf61e0f0f3c

/data/data/com.huijieiou/files/exid.dat

MD5 d7983373e67a7c49d54c853898e3ecd2
SHA1 f2395d6b317967e2150783bcd0f1dcacdf93eaff
SHA256 b1a765b2da3a3c910338cbae4b3941afb7c85325896046659c108d9b4c445342
SHA512 102c22388d39264c348807cd948b861374244bf3183ff778ecea0715d27d1bb4c40a74ad52807853299c211552c4656f3e13ea75db778b4b31f14a70be772555

/data/data/com.huijieiou/files/.envelope/a==7.5.0&&3.0.0_1716439477758_envelope.log

MD5 c875493ad233706271ed179f18c395c8
SHA1 8403c0c9160752a1f384734cadb2b66df68bc268
SHA256 e20242f50dbe357c8b72958d30f8817aa7537838203249e9157a3335b430578c
SHA512 7733b111f1a69275fef2aceafc25a9d4f3cf35a0c56cb72f3c610dc569e7afc9bdff877bd8deea33d783b0b85c41fb69875b96291f75c33b0c7d09ff3053fb44

/data/data/com.huijieiou/files/.imprint

MD5 fb8b395514124462749feef644a65868
SHA1 43440a5a91892980657c494786346d4295028669
SHA256 f2dca7845ff7797c7d1640ab0128f7127f4376d9156e040b0ce381576275a655
SHA512 0d64e1d9921e1cdb53f4f2b6808fbce1eefe7c4eb1d694621a58fe11e34309c6bbb5b13f83e3ad202d3167f513ceb307770a7d12fdb66f2e207a04a48c590048

/data/data/com.huijieiou/files/umeng_it.cache

MD5 66da68f32817f3743a6da2a0aef148cd
SHA1 5801704ef196821b1a56ec74504460b07b09e526
SHA256 78212a1521025dacc6d95afa1570fca928cfcde774c7d8ac9c1d2fe57719de6e
SHA512 44b862432445f4313730e631576c973b222f05f6713f476f3aa5a32b3c269af370159f984c72ca8e6ab539bdc9d39683d147e6db1062fce79a82eae3d1b39c80

/data/data/com.huijieiou/files/.umeng/exchangeIdentity.json

MD5 02a07775993286b27e273e9090d25e2a
SHA1 86da79f1d28e87185b2b180c56fc44abba03716a
SHA256 0ffac7b2428a6014a07690a784456da05d3e375c83037d49476f4e3cf2f3426f
SHA512 c32a4f7c28e8f15700cde0d44533b2f2a498c22133c194203ffcca04888929abea6e4185a688dbf7f848c81f00924a3967d7c565c79733dd37d05042388af73e

/data/data/com.huijieiou/files/exid.dat

MD5 74a41779c2dbf53cfe168e7f62c82c65
SHA1 39d5f6e6d9ad1c14f7333562b71cd4a26f6144e6
SHA256 e5bd6994db0dd1821c20be29c097f3c01150ced4c33e86129efc05ece1f2f504
SHA512 9b4e4253bf2adefe33fe8d52aa85beec6769330e1409fd29e27f7c8d7230e41082356ce3d60c9089ed41efd83516b56b16b5f3dc094613520f4acdac9b8af485

/data/data/com.huijieiou/files/.envelope/i==1.2.0&&3.0.0_1716439480482_envelope.log

MD5 2ac787637d52563c71531242c5ebfb70
SHA1 e8401562628f7947bee8eb8804c75973e524540c
SHA256 f74a17f052c382d1b0a9df5da29de05aef6a40b07f98a5bbfedd5fab8ab0854e
SHA512 2805104938cac2e7b0119e121d785835e8b8dd7b8b95807d8bf776c85188ad61a0f4e2163ab9bafa89bba78ae86c12515bae0c26673ae7348027e80b0c5054f3

/data/data/com.huijieiou/databases/ua.db-journal

MD5 4f3354eb288fc69f8d303491f788ff8d
SHA1 30f9176ea908381161e79217bf8ea65be9295ab3
SHA256 9c64d6190d0a6b9b2a93ef5811a74649771f010582fa0c855fb1c63af66464b7
SHA512 381cd6ce66790e04ca659f30819fb004421f3bb10de0841f6a4f8e01ab4b4a06362168d638ec08390846bd855f95c5a729acde042e115107be9b1bd4ce01292a

/data/data/com.huijieiou/databases/ua.db

MD5 6f5a79d005ab0c68a9f829bc92f2d288
SHA1 d378114c8d671d6d8ec2ce47df53160df730f4b7
SHA256 c30cae290f8ea5c057bf1e04f4145c2e3b140a28d59b949c1b382ccdd22060bb
SHA512 ff36f0f62c1b63574c96ddc3ac7e228c27ced22f0c79d8c0422badd2838c12fcd772477f04d27798043970e343384ddcbd032383fd5404174f4b20f47f0e040d

/data/data/com.huijieiou/databases/ua.db-journal

MD5 5ed59451a326b13aea47486bf73602e8
SHA1 7df5053497f4accc554d4ad2d0b6e7e4857d12b4
SHA256 815ee3958d6720614019e0e2055bac4a2e1e5f4e44d15ec3023e9a07c9d885e1
SHA512 3738665086378d367d08fb253e5542bcb0945bb237dbe505fa16e9d890a2636205588dcec4f518624b2c1a790a68a614dc5871dcea1b01bd5c547cf79ffd651d

/data/data/com.huijieiou/databases/ua.db

MD5 9f46526bcff2d4339e806c00d7212ae5
SHA1 c84c666ad1bf60239966fcd5badde701ac68ed76
SHA256 f4e3ab1b226582229746b321dcb5af54e45ae0d7c8ccb0f2e9baa024870f3cc7
SHA512 f11b4e2c8e33c964f1536a78abc32ae3d0d3b84b954197e180dd4a88d674f39e6750e962d86795d1b5f1582351a59fc47dbfb8e40b1be5d6154043d286cf996e

/data/data/com.huijieiou/files/.jglogs/.jg.di

MD5 74061382c78cfd928203d1ba0cb4ce0c
SHA1 83274996218f3c10df8c02008fc5eaaa13a01441
SHA256 c6e85bebc5f790e02c901ad3b7a6eabbf57f04f0a8bc5658efae868f49b71976
SHA512 38e2f2688f971b65c11793cd37d9b70825c46ebf0f739fd2ec1528101ef46db43a488264698675da1acc99565fb9164718a0d9f92bb59fa80466caea90c66009

/data/data/com.huijieiou/files/.jglogs/.jg.ac

MD5 7f91ee19265f9aaf1a0c662d114a8ff7
SHA1 5ab4e80162823b573863b8ac6f607004915888c2
SHA256 b99ffb7a54ea3b834ea793cb0841a4c92fc258ee1215a1d56e04b29b04c8a754
SHA512 7d2f97d684649596db70a0996f0131ab57ca13cc33a0a3593b6b38b5b40711a48dcc0956a06a7be4a2b06008612ecd1812f63608d98f6333498ca8ce1355da96

/data/data/com.huijieiou/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDM5NTA4MDM1

MD5 9da07bb0f467c973c398e1ed329196ea
SHA1 589dae80fe1fa5aea14b202875b0790aa22c3347
SHA256 fc2462fcefa41cfb4d84d6d573154d497146c0d26b0fd50abe5143d0cdb1b89c
SHA512 34e99b35e5cd93a2c3aaad99d9491f0c4d4d102314b2a8616d133bb2a07dc2790a6dd811dfb674197faff4e85de1d434fc1a97741a823fbb87c5ac8d59454e6e