d3bbf017c654aaa7a6f118a0f62dcfe223c0ed70657b860164322e34e47a0acd

Analysis

max time kernel
158s
max time network
187s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 08:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6a699952a7b1cdac2d7f714169296862_JaffaCakes118.apk
Size

20.7MB
MD5

6a699952a7b1cdac2d7f714169296862
SHA1

e500cc70c4e91c4ee6b0d86b601a40a1e463019c
SHA256

d3bbf017c654aaa7a6f118a0f62dcfe223c0ed70657b860164322e34e47a0acd
SHA512

642db8236da250c71dfa62c05d8305392eda5c8dabdfd236e9f136990fbe12329b0a7021840b445705391bb8e14abc01da9ca403f43c6c546caf95b40f75ac54
SSDEEP

393216:4jYkyOqnxInfZRO41TL7vVG/SdpMM8H/Dbb5+UT2t3X62XH+6RvwtxSuljH:4RynxIBwS3vVG6dpMM+/Dbca2XeyZkH

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs
evasion

T1426

Processes:

com.ygtoutiao.news

ioc process

/system/app/Superuser.apk com.ygtoutiao.news
/system/bin/su com.ygtoutiao.news
/system/xbin/su com.ygtoutiao.news
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.ygtoutiao.news

description ioc process

File opened for read /proc/cpuinfo com.ygtoutiao.news

ioc	process
/system/app/Superuser.apk	com.ygtoutiao.news
/system/bin/su	com.ygtoutiao.news
/system/xbin/su	com.ygtoutiao.news

description	ioc	process
File opened for read	/proc/cpuinfo	com.ygtoutiao.news

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.ygtoutiao.news:channelcom.ygtoutiao.news

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ygtoutiao.news:channel
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ygtoutiao.news

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.ygtoutiao.news

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ygtoutiao.news
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

T1421

Processes:

com.ygtoutiao.news

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.ygtoutiao.news

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ygtoutiao.news

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.ygtoutiao.news

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

com.ygtoutiao.news:channelcom.ygtoutiao.news

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.ygtoutiao.news:channel
Framework service call	android.app.IActivityManager.registerReceiver	com.ygtoutiao.news

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.ygtoutiao.newscom.ygtoutiao.news:channel

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ygtoutiao.news
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ygtoutiao.news:channel

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.ygtoutiao.news:channel

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.ygtoutiao.news:channel
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.ygtoutiao.news

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.ygtoutiao.news

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.ygtoutiao.news:channel

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.ygtoutiao.news

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.ygtoutiao.newscom.ygtoutiao.news:channel

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.ygtoutiao.news
Framework API call	javax.crypto.Cipher.doFinal	com.ygtoutiao.news:channel

com.ygtoutiao.news
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4313

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4467

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
2⤵
PID:4489

com.ygtoutiao.news:channel
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ygtoutiao.news/databases/MessageStore.db
Filesize
4KB

MD5
d6c212ec73e58b3597b77ad130523418

SHA1
ceeb863c6f01d96c15424d4ccdb4b61b0fb89383

SHA256
0ed0f3cc86d7eb9fa299f59abae61be70b015b0011ed11d183c330f25c4a6fa4

SHA512
5f4136ba3d022d0de2ed6fe0ca8aebd2370ef968b430843853bde0b2b8aa66d4ae5a1da45bfd43ce98dc0253d69fa4e0a57f864d63faa283b7e9983a6913c46b

Download Submit
/data/data/com.ygtoutiao.news/databases/MessageStore.db-journal
Filesize
512B

MD5
32123d877a2d1025ebcfdba2de79bdc8

SHA1
55e14f0bd4eb4db425f7bdf6c9e4dd26454ab574

SHA256
83a8a5fc1f584c61c483da932726fc35497d1ac6bd10a397b1afcef9745abd2a

SHA512
54b1c858d5009551e4800287cad4ad96c90ca6145382b47ba9470e07160c7d30a19846f4ab9246baeb19219b3d3a7cdfc5861deb9ab24021eeafe12daaf344be

Download Submit
/data/data/com.ygtoutiao.news/databases/MessageStore.db-shm
Filesize
32KB

MD5
bd5d268aa71f003625c08e0ec32bb88f

SHA1
05826ec9823c6f3cc48cd9b47c0a93f307106d6a

SHA256
b55b15929815048b66758badac8ea9a19298d21a1e20e42b90d41436839d745d

SHA512
bf282da47ea17c774918bc607faf530527dc250ee6bbc932956fe39b9c9a9c0d0e0b37226da5df4e3e8ad10eea5ca91e2aa1bcad08f36f07a181feda9e7abe2f

Download Submit
/data/data/com.ygtoutiao.news/databases/MessageStore.db-wal
Filesize
48KB

MD5
1b65831d68ee8bc9154d88ceec402e17

SHA1
893c706db6dc755605e6e1a5aa5c963dbb6dcb4c

SHA256
bead325197474fd68e48f7b977d8e26eebf77a7a678701ac8e60ab641cd4224a

SHA512
5853c8cf888840ebd5b4348dcf6bfcc3bef383d64e14f91650b5d6ca6830e0b801d446fa29516b7ac09cb7bf00bb9d07ba7ca692bb7f4f5a2a38f1a05e6c19d4

Download Submit
/data/data/com.ygtoutiao.news/databases/MsgLogStore.db
Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/com.ygtoutiao.news/databases/MsgLogStore.db-journal
Filesize
512B

MD5
1e4e7ab38d5633c8b63b6d73d594fd8a

SHA1
4ac5c18a625c423aefcd2ca804d04692bb182ac9

SHA256
b2ca5b38163ce934fe8667370bdba26ed6ed872d031390c1d60f81d056cfa202

SHA512
22fb2eaea785657dde7073b519756393b6b39fc80d42c0a76bb9416bce1cdcc0f5a3927e0557893f14ea8c07ecc7f36ecdf3dbcd2ad5111dede9ab837b6497fb

Download Submit
/data/data/com.ygtoutiao.news/databases/MsgLogStore.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ygtoutiao.news/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
1a1c66d8b5013fe98af3d506f5ef3088

SHA1
3c26a51fc17c5ff8c60cd20159faaa06dd98d578

SHA256
5c2d957236b1599b570189a6e0e80717d8b741e85daa178c2316bbbde8c0663e

SHA512
fe392a28bf495c75471cb126007ac4f5b650da900b398f2d6c8bd1afe2725ec3dfbe4cfbea68b82e46e33bd28ba5ac4efee301a0bb6673c31fbb85741bef7151

Download Submit
/data/data/com.ygtoutiao.news/databases/accs.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ygtoutiao.news/databases/accs.db-journal
Filesize
512B

MD5
7e474585a8ef8e16a6c1b1b29296da1a

SHA1
88d31509a7aa9f6ca9437d6f52edff9ba0e8d557

SHA256
e76fc559637a41468bb8be43b4acbbba2a44dbcffaf081e4f09963a74c935886

SHA512
1117c75cdc60aa57aafc45a54e942f57585dfd5736e29376d6895d00e498d8d24ec9c01a80c0036523eaa728118444dcbd939d60c6d1955ceb89b0c1550ec413

Download Submit
/data/data/com.ygtoutiao.news/databases/accs.db-wal
Filesize
32KB

MD5
9aeae7f5e3595d4e13d0ec23ae1f84fb

SHA1
067a5633cea3eb77d29c58cf82f47b4348fc81a9

SHA256
63c6b7b39dae6cfbc2a4bbe340027da2cd5176491f97ceeeda2e5fe6f793074b

SHA512
4a8fe1ebbce4b1f7f51e7e9dcfce5bffd725dbb2c7ceb53ad077207fbd76120d790a0a4f4b94119333136070bb400923c528bc767dc1e49d0571d39043687fd7

Download Submit
/data/data/com.ygtoutiao.news/databases/okgo.db-journal
Filesize
512B

MD5
826f3701ca9f063b7945df6cb46b862c

SHA1
ba70e7b93461aaa872d471825d32d326c8c2d0fe

SHA256
17c109164f5d8496f6c1de19e0823aaab9cc7fbb6e3a7911a7c77de2f58abd61

SHA512
cbb16c0b24d96c98fbea78814523a244632bcf6f57707d43dc3bd59f2dd42784091ef6334ef6c1aa6151c161d7547f929ba9834a43109e0128fbfaca2f46b78b

Download Submit
/data/data/com.ygtoutiao.news/databases/okgo.db-wal
Filesize
56KB

MD5
c543bbfb4615bf6b460fde56a342267e

SHA1
eaea103d614817640a77890f11e5cd9db6847722

SHA256
071024ea2845a9b79b655246bff2a6c408a69a39b915effa2cbbc860f1a8d33d

SHA512
b017f6d04d672d7da89cd1b5bde8b8780cfa170ace9cc61003f5d5b0a15e8328ecd9b7f882778e52ff5f1e1a73f2d4e1cac2fc45399809b378a21adf0b6d62e5

Download Submit
/data/data/com.ygtoutiao.news/databases/ua.db
Filesize
36KB

MD5
0adda9c85a5e4808f5b1b74c0a8591a5

SHA1
5048107883ab1e345af9cf2e6849ce46e0e612bf

SHA256
1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

SHA512
646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

Download Submit
/data/data/com.ygtoutiao.news/databases/ua.db
Filesize
24KB

MD5
53e6674516c1b05c40e6b24a3bf87bb8

SHA1
05e0f7658afc466710c6af6144846c1b04b1a03c

SHA256
a4a56484af47a10caa950af77a0ce4747ba0e2179ebce562b5d49660be2b0ee3

SHA512
e2c920336b7d7cd418066a45c5ce058df3141f9a26456ee4c6572baf756e9dfdf7bf94b715ed4109d494d6e63ee7317df63c4a7742a26785341af2faa8672ad3

Download Submit
/data/data/com.ygtoutiao.news/databases/ua.db-journal
Filesize
512B

MD5
49efaa084aed6cb104630ef2d3124419

SHA1
ca2c685b4cfe0ac5dbe0101570e2d0d2e07842e5

SHA256
63554958c2ba28af401fff6be2787e9addff14fc89e4166f0c4db0bf21427578

SHA512
52d6567ee75396756262e8975bfa635f5f1d190a9d547bb030d814a7b3f9bba12a8250999c798e44f8b9197f76a7aca76a89bad8060d5155533ca4edfa097dbe

Download Submit
/data/data/com.ygtoutiao.news/databases/ua.db-wal
Filesize
48KB

MD5
5bb459a93d808b587023562a8921617b

SHA1
5063812f47dfac5b3f5c4702e5b010e0383ffbde

SHA256
f48bcfc0f6da73d91b5f9dfffda21a88ec649822951fa0e1b8f5826e8d216188

SHA512
5e8fa634394987b878519e820a5eac3f25caf487df392c484d9e2ef37d8e82f7a7563c2263fe2732e654b680206ad3abd0ad3d123b2b5de13e076cf8c7578189

Download Submit
/data/data/com.ygtoutiao.news/databases/ua.db-wal
Filesize
12KB

MD5
6919a1b2edb4421814ab000bfcc7f2a9

SHA1
5c2e02a87d6ea8a9b4ced40fbb2aa1eb738b0b20

SHA256
b67c7d8dafe0163317a91045a8c5c079964ef186550771b17c258a18c4a45e25

SHA512
18e208873c9bbde563af6677fa9539143cf012eb1298d9c5062330f03b8314708ec427da5f4fe5ca9125ebe662079778a4e568d26245cc711232bfcf3ad2901f

Download Submit
/data/data/com.ygtoutiao.news/files/.envelope/a==7.5.3&&1.0.1_1716454748036_envelope.log
Filesize
1KB

MD5
9c93919389e5793d8ca442bc862e9ff3

SHA1
d64ee62d97aa3c70427709ee50b451f50ee8c183

SHA256
4bf39e93fd30c086602837476eab5d4728e8430863dd6274f24314bc0547d9ae

SHA512
4ad4235dac9566d3517b1a3a4db00c02cdf3c23d9b76e38e7a05312b8bde026eba8a93381d077815d42f756c92759872a349fd67111a4f03cbdd38215b6ba297

Download Submit
/data/data/com.ygtoutiao.news/files/.envelope/i==1.2.0&&1.0.1_1716454746450_envelope.log
Filesize
2KB

MD5
0719acf0be2b67ccf667717c2f061ffb

SHA1
e579bf48c6ff6af8492e771ac3219363a5cf92ec

SHA256
a644dbcc7c7102541e594da1ddef3075b118897ab1fa98be29739644b0915f27

SHA512
cbd6b5b18a13c4c491d4c100ea453443dea7cde999799c7e2139d51a1bb6c142093c91c0bb6ce3fd535599293d87f8b47d203d37766331becb4813da56553a9d

Download Submit
/data/data/com.ygtoutiao.news/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
634de27abf07b57fa056b665cb3753eb

SHA1
91ea3f730b50d146fa0c1ded20c4f7b3530ea8c9

SHA256
7630dd453b6c3ca3eb4c782ebd47a6f4eb159199c3b246b80e12026ac2d43ac6

SHA512
7cdf2161e171412cfed56c9c5fe0b7ece4d0e4911a7f82fcb3aa87357885320396a6bc52a95d031302f13c19e5959ac4c8267a0bf9c093ad5740d190a06bce24

Download Submit
/data/data/com.ygtoutiao.news/files/exid.dat
Filesize
55B

MD5
2bd4fe5d9194d9595af3026f9259043f

SHA1
4a1250be491f31cc0186be423dcbdadce8a8a4be

SHA256
caf7a873a6fb56fd7bbcede8d3b23d207a54192f7437008ef68c2cfd63e3d9cc

SHA512
8d4062d1f904dcae481f8ee04b69d9834918dd0d5eb6be470a9c0a1fe6ef1ee95f9f0d36846a3adc7171dd4dbc8a46687be8ebf7e9d1ee56815dc494dd7d20ab

Download Submit
/data/data/com.ygtoutiao.news/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDU0NzQ0Nzg2
Filesize
1KB

MD5
7a6f0ea91b34cec7f2bea69b0adb8fed

SHA1
746faecee687dabaea6bdcdde66c5fdad016c6cb

SHA256
c6458e76830cfb2162c5835c95c528bc40440f13d3f22165881ecc62d9160170

SHA512
016ec492ac06469c4c22db09b479824f0d04a60430cb8c34a57c887f98e164b3462aed5b789e0342cc0d24d12dda5292998509538cbc5f79c561c4283a4bddb8

Download Submit
/data/data/com.ygtoutiao.news/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE2NDU0Nzc1ODk5
Filesize
1KB

MD5
551b5f7528176d379839771b50082413

SHA1
3bf142393767995de985a3ef5c9c47fa53e9e7c2

SHA256
570f48b7c254ca3a62cc7b612f97649e388e6236c219a1cfdb5137aad073ee53

SHA512
03740dc931918db25568b3996f918d4200c5357f42748371a2b616f6610f55b17ae10f533365f0ec5c0ceebdce893006ea841d4e943b1c7b37a3601d0df39498

Download Submit
/data/data/com.ygtoutiao.news/files/sun_db.realm
Filesize
4KB

MD5
6254469ee7c013378b88a5ebe948de0a

SHA1
1908ce3b378e475d880ef201036165e226962265

SHA256
46cdb298382695da9fca0276bdc8e65d38ef414ad1853f6f57899711e38f7295

SHA512
de120c30ca13f3ad069f37a3d83f50fa82d3e68d7eb6912879e06e28ccd08835830d157462ca602ca8d82f616152ac137dcaddc10924a2679d1f4d2ba0e71ffe

Download Submit
/data/data/com.ygtoutiao.news/files/sun_db.realm.lock
Filesize
1KB

MD5
f22d17ec898e5ea052a09517ea0e3190

SHA1
5ed49b734f5fd0a986ad35f5e015384c1852d229

SHA256
d0be9e4963d7b27d1e138c17b2c1726169bfd5d450dc9c06df167a9c8b535ade

SHA512
2447ee6592950b91eeca9be2445fe6115d99a162afbf69073c213b63aee9ee65086b907f8e59fa8a7db22f4b3902e10516824381260d39febf364599f6aa1cdd

Download Submit
/data/data/com.ygtoutiao.news/files/umeng_it.cache
Filesize
498B

MD5
03e77b536be5417055e899f808f644e7

SHA1
b355fd187cd83224c7b684dc69f3f54bebff4a45

SHA256
e15173fa304c01dd19930e6e60836f97f012c91428c59ef110019aee67e3fd62

SHA512
e72d3bb64f6f9acc812e3bae73700b869e5304d874c4b761cb7500cab983adbe2965cd4b816d4b16135812d90021d9c5a8b0d5e15662ce76edbc5def9d4e9f73

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
b4a37f5ae870bd3b0e31f9dc42d3d691

SHA1
a6f3a49f2f68aa0cf5349c3206609b41d8ec2598

SHA256
2c212c2f4c43978c6dec46fbe8ac825fa7a0ab5a6696c85f88fe08c2952e35b9

SHA512
197653efa1227c08ca039203c3611fdbc7119c4085ad09949e8a0609d97559e3cf53aacc2391b77f211a0f283e95513d179c0d383a9c565198478b947d037285

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
f7645cd02a2bc76b4c1ca27cba6884b4

SHA1
46beae79d39f3de1a9dbae3a71c8e41f550d37de

SHA256
ae339b09eda2933a9264d2179fc1965ea6e8de7562d501292a0a42257c683d69

SHA512
e0343135d51fd398849833864c90e6f09bbd780d9d290bd1a0c60e07c3445a98ed63dc6c9a6032c926c725f2bba3c4f94b4c249ea7cbdc89071875893cfa9c9e

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
0bb899ac665abaecca33550e9073fb66

SHA1
8597d7e0368b2ba8c7e1c80dcd21fb5c7f1188f0

SHA256
2f70425ae184e3d5e844976d1049420b4e7edf19d327f7d8041beeefea538f38

SHA512
2cffb74defb276a0f0f7e6a44ff0fdc63fa0457422b27f0b59c88cf4e35bd1a20aa43e471a7d28e05ed4634d1a202e7c3ea89326a85139af2d86abdecf6f0309

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
d1b236a07a1a873b6fcdd726036d6dde

SHA1
c8021a15e331c06b61d5ea84c94d11def62a3844

SHA256
81bc835b78d1bff8fdbb10a2911f979c38889eaa58e6488469a5c8ffc1d520db

SHA512
1a27207a2e9efa7d0158059856596e92103d9f4831b6a7097e03e9368f45595a06e5214c0b4436be1a15aae00b52fd47b106386a7e91d18e95bc0e95f26aa708

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit