Malware Analysis Report

2025-01-19 06:56

Sample ID 240523-n5ys1sfg73
Target pda.apk
SHA256 cbf10c793219adf26ce3c9a69df26b467d326e31d857c49e4c964000a3c84e3c
Tags
discovery evasion impact persistence collection credential_access
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

cbf10c793219adf26ce3c9a69df26b467d326e31d857c49e4c964000a3c84e3c

Threat Level: Shows suspicious behavior

The file pda.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion impact persistence collection credential_access

Queries the mobile country code (MCC)

Checks memory information

Registers a broadcast receiver at runtime (usually for listening for system events)

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Checks CPU information

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-23 11:59

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES N/A N/A
Allows an application to read video files from external storage. android.permission.READ_MEDIA_VIDEO N/A N/A
Allows an application to read image or video files from external storage that a user has selected via the permission prompt photo picker. android.permission.READ_MEDIA_VISUAL_USER_SELECTED N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 11:59

Reported

2024-05-23 12:04

Platform

android-x86-arm-20240514-en

Max time kernel

125s

Max time network

150s

Command Line

plus.H58EF5770

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

plus.H58EF5770

Network

Country Destination Domain Proto
GB 142.250.200.42:443 tcp
GB 142.250.178.10:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
GB 142.250.200.42:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ac1.dcloud.net.cn udp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
US 1.1.1.1:53 er.dcloud.net.cn udp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
US 1.1.1.1:53 s1.dcloud.net.cn udp
CN 121.40.119.209:443 s1.dcloud.net.cn tcp
N/A 192.168.110.15:7000 tcp
N/A 192.168.110.15:7000 tcp
US 1.1.1.1:53 ac2.dcloud.net.cn udp
CN 150.158.175.11:443 ac2.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
CN 124.221.14.222:443 s1.dcloud.net.cn tcp
CN 42.192.51.127:443 ac2.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
CN 118.89.133.90:443 s1.dcloud.net.cn tcp
CN 49.234.20.60:443 ac2.dcloud.net.cn tcp
US 1.1.1.1:53 s2.dcloud.net.cn udp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
GB 142.250.200.42:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 bac1.dcloud.net.cn udp
CN 122.51.57.179:443 bac1.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
US 1.1.1.1:53 bs1.dcloud.net.cn udp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
GB 172.217.169.66:443 tcp
GB 142.250.179.238:443 tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp

Files

/data/data/plus.H58EF5770/files/.DC4278477faeb9.txt

MD5 f5b45aacbef0aec9d4448d18679cd6b9
SHA1 f9867568bcf4ff03ffe002518e5c45ff95b94132
SHA256 9e5b1b98c8adf852e42df0bf58740dd12a26f4885cbba9e837eb1861dea51ca8
SHA512 dfdb76c5ae3f32cae7c837685cbd64993456c29c6c92e5e05a18c4585cbf4bd297d8768db40c55b9ce582bfe5c7a230f9fafde19cbc57cf87572ecd5262aa98e

/data/data/plus.H58EF5770/files/cnc3ejE6/eje3cnc

MD5 762298b93820a5cd8b6d8ec469078f7f
SHA1 d5b02a2ff3b235cd2b61ceff53a1d88b8984477d
SHA256 dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db
SHA512 70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/horn.app.css

MD5 39a4827fe734b74c53209ba1f9d3f4b8
SHA1 0d6eb39289ba7736339cbb80598be7ec4b490232
SHA256 c290cfd06e568b52a6179b9799e2d710299b5082ccc566082dfacc133e4ee881
SHA512 f05507e120266dc8a9b316484033286f4bfbeff9f0ac67ad05ed07d0625e7f47e881bc9e43af3ae87ee2524fd18a8bbfed81bd298315d19ac79087121a5c77be

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/iconfont.css

MD5 bbb3ec646999b30aa2c80431441de316
SHA1 0fd41813ce499ac96689716c68fe6889ae53584b
SHA256 79119d22b98a1e110ffcf8db50e74b500e2be6df815661fbd4308dc06f4040d5
SHA512 30a8a1045aa33565c2c5f4cb838125d37f7a775f422fbfba3aa1216f8761d509a7bc341badc443fdd0b5c68f3d33b8cbfaf7024120355de83392a26a2ae802c3

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/jquery.dataTables.css

MD5 e15066a8d7a9c01e113f639cad9d356d
SHA1 8883ab2a9aca27e0eaca5192b728b2ebce4547d6
SHA256 ddcdf1bdb6db588c79b14a72c39b60b422f64f5c631aa1fbfe788029100ae61f
SHA512 600e190bd19e604da4741044d77f06120ff1e83f800c6f51ddace4f25dac7c96d4104f13db4de70cd3d095cbaad2989149f00a4b353485f47176d6d1d05c0c6f

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.css

MD5 5836f3f57e3a06a6aebf0475a81d6b16
SHA1 668b1b1d96f9c914b8a546bb6abd03242b082cd4
SHA256 bd7c4f0a849da629ee5ec336e69f9e19d490893c3653630ec7eaac73877a4fd5
SHA512 75c123d8d88f08698325e1486ee3a968ef9fa43c0437cd0738313343187e1d553f662dd96b60cf9c593ef719232a958b2b8c3c05fd71b67f21ceacd0edf367a0

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.min.css

MD5 3ae39756b0c6e5a8bf9f7f297d4bdf23
SHA1 09aabd7e2c807f81e5a384d98d02669310f63996
SHA256 d76f633aed9520f7970796ac29faeb767e5f79b2869907aa1dbcfc7bbcfdb3e2
SHA512 43803f0d6358498847d1702993a21d9838736ad6b61b6829b00f38afb4c603f08a51ab5032c46f5f1fba9771779bb974eb925dd3395557756b11a29a3928f8d4

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.picker.css

MD5 d4e0f601944f00f63c8a8709d5132005
SHA1 2c5062c122bf2cb2cdc1912f4a136da895a0679e
SHA256 d3d8693144929eafecf0adf50ed0e22c126ab3f3def0ee194678f77421ad7951
SHA512 acf83bf6931dd4e69951d0cd7b19edd7939696004651b197e4d45ed728614e70c173f25bbe5fa20d7ba688730c971103ead4189ccbf871ba2340745a359b75f5

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.poppicker.css

MD5 8986825478a283ede35ab1a3093ca1cf
SHA1 401c99664d466840263479bc8213b9ee777be2ea
SHA256 e2199909e67d2185bbe27bcc3fae8abd4ec4dbe3cdc8cd02d381eb10d40b1252
SHA512 3911ee47d8432d6f641bc3af2bfed9fde7423939af01e84a1eebf4e27cc276f9e560f3c928f6907ab4468192ecf558a8d0f0b9ae5598bc5398b62bb3a094dd39

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/fonts/iconfont.ttf

MD5 269c694b50f4cbad843a16b0f01708fd
SHA1 93ab16da88d7eeb8f096015258433b0e0d18b611
SHA256 f05cd6d093b94ad9e60e60a498c4d6a5091bcbc8e94aa1969c073d7df7985611
SHA512 60dc1b7ed4985aa8ccb944a1b43315b1f3d1fc53f5f6e3ddc541313231d8f257aa264a3d3d89baf812ea91cd6fe54169ddefd81f660c3b7296cd511db482d9a4

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/fonts/mui.ttf

MD5 8820b7f6582a3c45b7527ae6b183dd2f
SHA1 653442b2b482c577d07a631859ef5a76896d53e1
SHA256 b327c8e38b68245dac1fb9a8b5bf7f19fee0b2c656219b8dfeb3c906c1514ea0
SHA512 758a17a3881de1b8caa7fcbacec7279518909b4c667e3e12a498d29bec3b833c3279f69da07caebc25c4b940545aa1240cce1cce618e5ab939841b8bdb7c2564

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/0.png

MD5 231a688f422ee52a8eae2039a84f7ba5
SHA1 048179403c6721ba84fbcdcb9a3973c7ffc16801
SHA256 84a96043f24c794ac83c2a5bc1ff4dec5874cee859e4d35c4a68f6600c4628e0
SHA512 3292ded47da1c018765d1ea315b6773240898ab0c00a8b5403b83acdc2418e5115656a2aac420ccb1bd1b883868d6f02ebcff10804c0a4e17d5427a0e31fa5af

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/1.png

MD5 932f099d1caca3803bedc7b6dffcf3f6
SHA1 fe17a8f85537432fed7c7081cbbcb15136709b44
SHA256 d3a0a49d718d872b83d97414807dedf0b6231b7b4fbae22d945d9cbb1105a080
SHA512 6230d3e9d62ee98e51f02f0cdcdf22369a0da0c33720e8d686930d335c3dc38eb785e6d66a8d2f8b075cf76bd4904562dede34e1c7c89ece36f7bf72eb31f1b3

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/3.png

MD5 8efa6d4b3ca15f1389cde03dbbf805fe
SHA1 d03e01520c2859f6b515d712bae1a346aeebccbc
SHA256 88a4fbcc6c3fbe1c286fc00d869048b14854a1765a3d1e80bee9ff8fe0f1d7b9
SHA512 d4ab67e0c7ba0abbdef73f855a83825e2ccdec920cfe0f3630d49d0f963c791d4abc0bb37fe9373073fc67867b598be4ebed79fcf87d25a4e3aa04e229fbbb87

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/APP-startpage.png

MD5 7933a081600c45001688550339b3b646
SHA1 fe8cb857e90b0fed5592e916e9cb2b5fc9f0f8c4
SHA256 32e5570f559dbd7f25a7797dea34403505e9515bf6d9d878475f3de323096105
SHA512 7beaecbc129ceb09dc7415886a43ba01ad6391e86c99992e7c681abedb5977e523c16bddb14bd27014058b297d249f2f8c337081ffa60fe3a26619eb2d315f69

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/home-bg.png

MD5 bd08f469b59a839f4d21b3e7e30d7388
SHA1 176688ba513e42efa8f2be6d90680ac2c23b000b
SHA256 896883a20e757b616f7db2f388b9c5dc6c8da4d15f8656feb6159bc1adeacbb8
SHA512 e01b5d5dfd26776170b399d6248013dff8c9df172b12098d4fb5c9e63744fa570d3a8bf8f49130da0a5f81a0a07951a3ea2c6092de7c608429539252e71c5da8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/index.html

MD5 3c46dec252ed51321ca16d99cd667109
SHA1 948efd70bd1e2bf76185d2e4f9ce923d45ca73bc
SHA256 cd518861b24042aa6dacd50aef11fd48c91420a962cddd729a633baee6e3facc
SHA512 5ba660d37385e8212f5f121af7264320df883d70f3e17d82255f306901bd435d2c55f8a33088de7b8cd5d77f1c1cb9cfa22371c82c30c079efb63d9a834193dc

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/jquery.dataTables.js

MD5 7f5cd6b9c6681190aba4bd63f2742d67
SHA1 e00ad6afc8671bd335fe918974b604e795ae2d53
SHA256 5623556e883f70af025fd2fc11c7726ae7d9f008110690f8291463fbb263cea1
SHA512 4f5a7e24a25091aee7a2ffa42a52de1ad23790e46932d0a1248ec62ca8492d9f29d927e26d3adc365823f4cc55e326f4a207ceac6fe2e4edd24e3e584f637286

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/jquery.min.js

MD5 91cc3b6309b63c1aeef33513d06f2ad1
SHA1 fb6a8e9e34f2ae00df682a9b8050287d5d0cb1f5
SHA256 a0e405cbc2cb17d67bc0e67b248ff15340df3ff2ee5516ae9a70fd3f6887c363
SHA512 67f70868e66a8183608cd497bf613d5a2c5b96bae6ed8b2d0acda77a3dccf581c3c700323d1add876d3a89bd9549f79b95075e03eb31902222a1dde08e58eb42

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.js

MD5 e0e87339768fe3272600b66ce641b07e
SHA1 e3e7310ab409e1d20e28b7552933979ed5f3d91a
SHA256 57c0d35408afd62475aa889ab6d56adf5431a0d98276a7405f5551c2eb64d5ac
SHA512 9450f6db095dd51515a54e9c0faa5bf3066b99d7f3416c23eec38a2c6e3abe3eac31456d934981277e5fbe0f8e0b812dbd0b1c6c2a4646514e66ae903028b09b

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.min.js

MD5 a7809980709ff1b270b27a39941421b2
SHA1 a8a0e5ba079c6200db0c21e226fab35d6277a3f8
SHA256 52ad62101ff628db5e1c87bdb6eabd5e3eda7f53c26a737693165d064a5f9d61
SHA512 eda7141fe4ac53e54d53f3f6b3b8ba5529e0b411803dc4d6b5c0f94b2c5c992a65b5d6d36b8c6066c1e426b720a55fe79f66adb07a573cc76223031e772dc024

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.picker.js

MD5 81933de9951cedc9c3f1b9bb292f9beb
SHA1 b322280ec932e2879b859803f3027992125f9f3b
SHA256 e25ca3040739dadcfbe8bbd7c8260f0534c60f37f4bbc02b090d426782af53bd
SHA512 f66540ceec49f852c1dcfa86bbcd4e2a52a0d2b01f90af7a3faa2b97e59715fb5dbbe8596911e0082494b5e00f31140b284de6b2ab26996d909a52298e7bb3d7

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.poppicker.js

MD5 bffdd65098158478eea76fbec10bf850
SHA1 cd7a180a544252e844ec5bd6a492b322140517bb
SHA256 9e4ca2479040f0721f93f875adabdd58d518f9a2665ea2749b6d6264f7c12e98
SHA512 6bfcf0c3673554d7041b9e0d2297291d28148017f94b5bfef1aed3595ac8303463edf220f230ed30198c52f65bc899678dc6e6d5ad1f96d48ef1afc250610805

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/login.html

MD5 a4bfef93b13cdeaccae35a316ed4ebc1
SHA1 4bdbbe0286006d914c51305466ef37fc205b6d02
SHA256 173179f42742c42e9e0bbe87a58d253b268e5be8469b7df518fd54d3cfe2e424
SHA512 4f782cdc6b44181eadf6995dc59113343607dfbd1e454660084ff4c599a3f9f2b92ebbab2fd32f504bc7d30c7f0d6c43e6501587a08a2ccc13d1fa0e1f1fba75

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/manifest.json

MD5 49900792e77940e59d0025b5bb89184b
SHA1 ee18b183c49d5ffc2c1e0de94e09aa56a9b1e7d1
SHA256 c5b59bc14a8787997aba9f5639913f6976df7effc86f7ee9fc31e9faaa132844
SHA512 343f08c1a2a8ebe564f565c2ceaa0fc815d963c3b89ad678f32da9adf9a80db325f49ca3c8c9d3d9ba733ce868c787a461260883551d77f25ce8a5ad1366afac

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/DCJRWQD/index.html

MD5 d228c5103955f1bf69235c813d7bec63
SHA1 a4925ea944eaf44f21bef2289a3c64617491d7ee
SHA256 462e4d3fb34820aa51992a2e2cf81941cc298711a858b035913271fe737a019d
SHA512 890ece571b565d02c088f11d0539d60e600fc5c760004fcbbfaf32877e538f4e16a71f253bf53db8a97226f2df5ac969843acd668980198986f733b78d285170

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/DJQKWBD/index.html

MD5 d232dc841e9866a72ef72e8212f0e085
SHA1 682abc343ecd10bd5e5d84ea839a4460ee6827da
SHA256 491e7a1fa82788a394e37f5b2de658ee14b252afc0be6b4a52425226d9f9b717
SHA512 8e058a7763a7d3ff2c76229aa73d2e13e0c42f0b1ffbb0574d80ed56d63c4466e56666a041d13883e9c0c490ef270ca632c22d89e0261283c110170b66f35746

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/FLSH/SHQR.html

MD5 7df3024ad0fcd01d84cc2050a25f32c2
SHA1 a4c17fae7973424c447ffc4e9df9bbe274f20f75
SHA256 f9b84ce116e3b0a92cd051a1feaf83cd23f1e1231d475a50838177ce373a9bf2
SHA512 bb5e6dd8e0e3a71cdebd4af581c5f08d6a3d985a941ec10aa6e78308a036f8083921ea1fd3bee27ce7f3240ee1a116d8e6198cbe846e8248eed0ae6158fff01a

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/FLSH/index.html

MD5 ee8cfcfd2ee0ec686b5793b418bccfc5
SHA1 789ae8c38465a709578ed29bfad4057883989818
SHA256 e3530ee4b92579b8d63f2d53988688dde3dce54572b5d49ebc4646b1ef5475a0
SHA512 d7ca93fe4c9ad6f835b1880a35c7ce355277e7085afc3bf32fb4811927165d4961b1fd9afa6f859b95a2ea787f1045887a20c88ee3ed69d731808b2dd49218b8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/HQTM/index.html

MD5 26f172da84fb8483fb65e3fa227cc9b7
SHA1 f100d4508f5e11a21fb0d71d8fd9375858dacafa
SHA256 90df6c90193979aabc3045b4f0751c2f0f687e2471edda71749764a08f72d0da
SHA512 a7312074fbea4346078586213705b2ccd470285ad0193bf61cbfdf5800d6e7336375e2ae85b42fe7aac47605249c3b6e451cc06e60fe3fa764399e3ef59a9f48

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHDFH/index.html

MD5 fc0187188d8de4d5a07723101cd379b5
SHA1 347b457195f898365272da2bb689f2d8c30e294d
SHA256 bbc149e5e92c90c0149a91ad4339c71e246a8577f40fcea6204b4b82f30967a2
SHA512 7cba9e8fc2254da0ca41fe806b9bee28bd404299a9fec1a293784e3734ff535a50ffe9e14008222a26ac5669de4871be9d96e5c535e0d08147f51e787bbc6d06

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/SHQR.html

MD5 cde497b720d7bbf4dd85837447e9aae3
SHA1 f2feb7f777f9c41eba519bbdf54ca348f44ea02e
SHA256 cfeb285a0fdba6bed03fd9198d907e8b04fc6cc39032ddeddc2b951a6359a863
SHA512 f3e6109729f8058c68f98d6336ecfd016b45759ffff54e8cc05a8908dc2e793e35a2ab1e5b3148cb76792ff943e7623402b50c76a50d4b079103079196b18592

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/index-bg.html

MD5 9befce71c8cec497600ad3e386e3f1ed
SHA1 524a54028dded4d6e32eeccfe1d270d1ff231ea6
SHA256 b53e82888cd18af78384f81eacb538597e8decec4ee456669e983c4ef2035158
SHA512 56dfaa9332e860d9de8c2f9ac3cc49628f9eae370e7a6497b2395e7c1e438d0ba15dfd42721c83df31b299268d45df630ef797cf14efe75885b0dbae5b429cf8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/index.html

MD5 fc34ad42a0e4ed2b7ab9cc7b631aec00
SHA1 7793b0b27c98984fe8bc6b2ba4f6956c4553ab54
SHA256 bd3cc2420958564f6ade3efd637b4e271d07059c17154ca951aa2944c1ccaa91
SHA512 832414c3bbe7485556ea8c3d670d07a626f28d5e286ad2988ae5240d67ef51585f8348df07f8a3675d6ecd4d25875f6afe00c84c7880243836f974dd4da7ae47

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/WWCSHQD/index.html

MD5 be25b606d99c4cdad23f2d33d4c71b50
SHA1 47672b56b21e96a0e005e805616d9246d2e16932
SHA256 9d044bbb626ab7eb150bc6fc85a61ac1858c04e275afac3e9cfdd791c7865f2f
SHA512 c0b89f22d32c7cc8610e7c9f7e49934b742bc70f362f3afc9d7ff9447a71c9165b2f604768cb901bcdc628b8ee7ccd1cb43ef86d51b32020a54ec03e91ac054f

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/ZXJBRWQD/index.html

MD5 e41d5c987a9b8c016dc546f484697b53
SHA1 763744661a5a0a5d2a00b49e32d505ce51fc20a3
SHA256 d51965c11ec74c4c4047f8679d594e65a21dbc42dd340602fa7077751df3b9cd
SHA512 fcd4b9da9d5498f3f757e4e4a096beaf70197c93520496fd60e5c1462a99a004c55eed830cc85b106b9e1a7cf9570295327967deb7cd73dd150081ec870f2416

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/tab-webview-1.html

MD5 6afbbee379b0bf6c5c362bd1f794a96f
SHA1 c747fc679ad619d6edb033d25460dae7418f86cb
SHA256 7d0853d716a62ed031df0ba756667d9df2e15a36c0faf2f41860438b72ffc0b3
SHA512 b076ca2fb9f8e6b909f9f2e77a7b3b9e3992ff211271857c2f66a050e2edd3bdab6731dc2438d1e30525b56338bfd11972f522007e66d21ce6ba1eaae7006a38

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/tab-webview-2.html

MD5 e1b6c5843a5b5ee1f570ef51956f476e
SHA1 fea58b4f92a67dda6c4a1da6fe7d2b28043f2675
SHA256 16d91c69b298d1e99edce25fd7c07ec95a873fe524a538d1238d4f3955ab2206
SHA512 321b3ef2b37918938074e126a409bde4413c122e763bcf81ddf77fb5c77902027654e349a5b80c3d2107e0f4f4fb4abfb44ab62ea93aa8b35f072c254f827865

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-23 11:59

Reported

2024-05-23 12:03

Platform

android-x64-20240514-en

Max time kernel

156s

Max time network

148s

Command Line

plus.H58EF5770

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/plus.H58EF5770/[email protected] N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

plus.H58EF5770

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.api.oaid.wocloud.cn udp
US 1.1.1.1:53 ac1.dcloud.net.cn udp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
US 1.1.1.1:53 er.dcloud.net.cn udp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
N/A 192.168.110.15:7000 tcp
US 1.1.1.1:53 s1.dcloud.net.cn udp
N/A 192.168.110.15:7000 tcp
CN 124.221.14.222:443 s1.dcloud.net.cn tcp
US 1.1.1.1:53 ac2.dcloud.net.cn udp
CN 150.158.175.11:443 ac2.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
CN 118.89.133.90:443 s1.dcloud.net.cn tcp
GB 142.250.200.46:443 tcp
GB 142.250.187.194:443 tcp
CN 42.192.51.127:443 ac2.dcloud.net.cn tcp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
CN 121.40.119.209:443 s1.dcloud.net.cn tcp
CN 49.234.20.60:443 ac2.dcloud.net.cn tcp
US 1.1.1.1:53 s2.dcloud.net.cn udp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
US 1.1.1.1:53 bac1.dcloud.net.cn udp
CN 122.51.57.179:443 bac1.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
US 1.1.1.1:53 bs1.dcloud.net.cn udp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp

Files

/data/data/plus.H58EF5770/.00000000000/39285EFA.dex

MD5 75a8168e7080b90fc2956592c268371f
SHA1 3702da56d31f381525473364f031dc884e37076d
SHA256 0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701
SHA512 33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

/data/data/plus.H58EF5770/.00000000000/39285EFA.dex

MD5 02f69eb4fe05ebc6c9f736d83e5f7e26
SHA1 777d75e14a73f5721fc4ae34f49a9a4b82311373
SHA256 13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042
SHA512 7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

/data/data/plus.H58EF5770/files/.DC4278477faeb9.txt

MD5 d7409f268e12bb25f05e263228d3e9e9
SHA1 b7cde301a619c9018ecd8378079d412c63185869
SHA256 09ef2b71b937d99952c0920eee24ad09babdb79697f6c7ad9118adc29120fc1d
SHA512 870dd6b4e50abca228c0789cf24eae96534120acd27baf6742e9aff888bb3fd8da354f0e5c7991169ebc6357739b2d2c734a3ee8a9ae38932d32c28f9db81468

/data/data/plus.H58EF5770/files/cnc3ejE6/eje3cnc

MD5 762298b93820a5cd8b6d8ec469078f7f
SHA1 d5b02a2ff3b235cd2b61ceff53a1d88b8984477d
SHA256 dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db
SHA512 70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/horn.app.css

MD5 39a4827fe734b74c53209ba1f9d3f4b8
SHA1 0d6eb39289ba7736339cbb80598be7ec4b490232
SHA256 c290cfd06e568b52a6179b9799e2d710299b5082ccc566082dfacc133e4ee881
SHA512 f05507e120266dc8a9b316484033286f4bfbeff9f0ac67ad05ed07d0625e7f47e881bc9e43af3ae87ee2524fd18a8bbfed81bd298315d19ac79087121a5c77be

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/iconfont.css

MD5 bbb3ec646999b30aa2c80431441de316
SHA1 0fd41813ce499ac96689716c68fe6889ae53584b
SHA256 79119d22b98a1e110ffcf8db50e74b500e2be6df815661fbd4308dc06f4040d5
SHA512 30a8a1045aa33565c2c5f4cb838125d37f7a775f422fbfba3aa1216f8761d509a7bc341badc443fdd0b5c68f3d33b8cbfaf7024120355de83392a26a2ae802c3

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/jquery.dataTables.css

MD5 e15066a8d7a9c01e113f639cad9d356d
SHA1 8883ab2a9aca27e0eaca5192b728b2ebce4547d6
SHA256 ddcdf1bdb6db588c79b14a72c39b60b422f64f5c631aa1fbfe788029100ae61f
SHA512 600e190bd19e604da4741044d77f06120ff1e83f800c6f51ddace4f25dac7c96d4104f13db4de70cd3d095cbaad2989149f00a4b353485f47176d6d1d05c0c6f

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.css

MD5 5836f3f57e3a06a6aebf0475a81d6b16
SHA1 668b1b1d96f9c914b8a546bb6abd03242b082cd4
SHA256 bd7c4f0a849da629ee5ec336e69f9e19d490893c3653630ec7eaac73877a4fd5
SHA512 75c123d8d88f08698325e1486ee3a968ef9fa43c0437cd0738313343187e1d553f662dd96b60cf9c593ef719232a958b2b8c3c05fd71b67f21ceacd0edf367a0

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.min.css

MD5 3ae39756b0c6e5a8bf9f7f297d4bdf23
SHA1 09aabd7e2c807f81e5a384d98d02669310f63996
SHA256 d76f633aed9520f7970796ac29faeb767e5f79b2869907aa1dbcfc7bbcfdb3e2
SHA512 43803f0d6358498847d1702993a21d9838736ad6b61b6829b00f38afb4c603f08a51ab5032c46f5f1fba9771779bb974eb925dd3395557756b11a29a3928f8d4

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.picker.css

MD5 d4e0f601944f00f63c8a8709d5132005
SHA1 2c5062c122bf2cb2cdc1912f4a136da895a0679e
SHA256 d3d8693144929eafecf0adf50ed0e22c126ab3f3def0ee194678f77421ad7951
SHA512 acf83bf6931dd4e69951d0cd7b19edd7939696004651b197e4d45ed728614e70c173f25bbe5fa20d7ba688730c971103ead4189ccbf871ba2340745a359b75f5

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/css/mui.poppicker.css

MD5 8986825478a283ede35ab1a3093ca1cf
SHA1 401c99664d466840263479bc8213b9ee777be2ea
SHA256 e2199909e67d2185bbe27bcc3fae8abd4ec4dbe3cdc8cd02d381eb10d40b1252
SHA512 3911ee47d8432d6f641bc3af2bfed9fde7423939af01e84a1eebf4e27cc276f9e560f3c928f6907ab4468192ecf558a8d0f0b9ae5598bc5398b62bb3a094dd39

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/fonts/iconfont.ttf

MD5 269c694b50f4cbad843a16b0f01708fd
SHA1 93ab16da88d7eeb8f096015258433b0e0d18b611
SHA256 f05cd6d093b94ad9e60e60a498c4d6a5091bcbc8e94aa1969c073d7df7985611
SHA512 60dc1b7ed4985aa8ccb944a1b43315b1f3d1fc53f5f6e3ddc541313231d8f257aa264a3d3d89baf812ea91cd6fe54169ddefd81f660c3b7296cd511db482d9a4

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/fonts/mui.ttf

MD5 8820b7f6582a3c45b7527ae6b183dd2f
SHA1 653442b2b482c577d07a631859ef5a76896d53e1
SHA256 b327c8e38b68245dac1fb9a8b5bf7f19fee0b2c656219b8dfeb3c906c1514ea0
SHA512 758a17a3881de1b8caa7fcbacec7279518909b4c667e3e12a498d29bec3b833c3279f69da07caebc25c4b940545aa1240cce1cce618e5ab939841b8bdb7c2564

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/0.png

MD5 231a688f422ee52a8eae2039a84f7ba5
SHA1 048179403c6721ba84fbcdcb9a3973c7ffc16801
SHA256 84a96043f24c794ac83c2a5bc1ff4dec5874cee859e4d35c4a68f6600c4628e0
SHA512 3292ded47da1c018765d1ea315b6773240898ab0c00a8b5403b83acdc2418e5115656a2aac420ccb1bd1b883868d6f02ebcff10804c0a4e17d5427a0e31fa5af

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/1.png

MD5 932f099d1caca3803bedc7b6dffcf3f6
SHA1 fe17a8f85537432fed7c7081cbbcb15136709b44
SHA256 d3a0a49d718d872b83d97414807dedf0b6231b7b4fbae22d945d9cbb1105a080
SHA512 6230d3e9d62ee98e51f02f0cdcdf22369a0da0c33720e8d686930d335c3dc38eb785e6d66a8d2f8b075cf76bd4904562dede34e1c7c89ece36f7bf72eb31f1b3

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/3.png

MD5 8efa6d4b3ca15f1389cde03dbbf805fe
SHA1 d03e01520c2859f6b515d712bae1a346aeebccbc
SHA256 88a4fbcc6c3fbe1c286fc00d869048b14854a1765a3d1e80bee9ff8fe0f1d7b9
SHA512 d4ab67e0c7ba0abbdef73f855a83825e2ccdec920cfe0f3630d49d0f963c791d4abc0bb37fe9373073fc67867b598be4ebed79fcf87d25a4e3aa04e229fbbb87

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/APP-startpage.png

MD5 7933a081600c45001688550339b3b646
SHA1 fe8cb857e90b0fed5592e916e9cb2b5fc9f0f8c4
SHA256 32e5570f559dbd7f25a7797dea34403505e9515bf6d9d878475f3de323096105
SHA512 7beaecbc129ceb09dc7415886a43ba01ad6391e86c99992e7c681abedb5977e523c16bddb14bd27014058b297d249f2f8c337081ffa60fe3a26619eb2d315f69

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/images/home-bg.png

MD5 bd08f469b59a839f4d21b3e7e30d7388
SHA1 176688ba513e42efa8f2be6d90680ac2c23b000b
SHA256 896883a20e757b616f7db2f388b9c5dc6c8da4d15f8656feb6159bc1adeacbb8
SHA512 e01b5d5dfd26776170b399d6248013dff8c9df172b12098d4fb5c9e63744fa570d3a8bf8f49130da0a5f81a0a07951a3ea2c6092de7c608429539252e71c5da8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/index.html

MD5 3c46dec252ed51321ca16d99cd667109
SHA1 948efd70bd1e2bf76185d2e4f9ce923d45ca73bc
SHA256 cd518861b24042aa6dacd50aef11fd48c91420a962cddd729a633baee6e3facc
SHA512 5ba660d37385e8212f5f121af7264320df883d70f3e17d82255f306901bd435d2c55f8a33088de7b8cd5d77f1c1cb9cfa22371c82c30c079efb63d9a834193dc

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/jquery.dataTables.js

MD5 7f5cd6b9c6681190aba4bd63f2742d67
SHA1 e00ad6afc8671bd335fe918974b604e795ae2d53
SHA256 5623556e883f70af025fd2fc11c7726ae7d9f008110690f8291463fbb263cea1
SHA512 4f5a7e24a25091aee7a2ffa42a52de1ad23790e46932d0a1248ec62ca8492d9f29d927e26d3adc365823f4cc55e326f4a207ceac6fe2e4edd24e3e584f637286

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/jquery.min.js

MD5 91cc3b6309b63c1aeef33513d06f2ad1
SHA1 fb6a8e9e34f2ae00df682a9b8050287d5d0cb1f5
SHA256 a0e405cbc2cb17d67bc0e67b248ff15340df3ff2ee5516ae9a70fd3f6887c363
SHA512 67f70868e66a8183608cd497bf613d5a2c5b96bae6ed8b2d0acda77a3dccf581c3c700323d1add876d3a89bd9549f79b95075e03eb31902222a1dde08e58eb42

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.js

MD5 e0e87339768fe3272600b66ce641b07e
SHA1 e3e7310ab409e1d20e28b7552933979ed5f3d91a
SHA256 57c0d35408afd62475aa889ab6d56adf5431a0d98276a7405f5551c2eb64d5ac
SHA512 9450f6db095dd51515a54e9c0faa5bf3066b99d7f3416c23eec38a2c6e3abe3eac31456d934981277e5fbe0f8e0b812dbd0b1c6c2a4646514e66ae903028b09b

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.min.js

MD5 a7809980709ff1b270b27a39941421b2
SHA1 a8a0e5ba079c6200db0c21e226fab35d6277a3f8
SHA256 52ad62101ff628db5e1c87bdb6eabd5e3eda7f53c26a737693165d064a5f9d61
SHA512 eda7141fe4ac53e54d53f3f6b3b8ba5529e0b411803dc4d6b5c0f94b2c5c992a65b5d6d36b8c6066c1e426b720a55fe79f66adb07a573cc76223031e772dc024

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.picker.js

MD5 81933de9951cedc9c3f1b9bb292f9beb
SHA1 b322280ec932e2879b859803f3027992125f9f3b
SHA256 e25ca3040739dadcfbe8bbd7c8260f0534c60f37f4bbc02b090d426782af53bd
SHA512 f66540ceec49f852c1dcfa86bbcd4e2a52a0d2b01f90af7a3faa2b97e59715fb5dbbe8596911e0082494b5e00f31140b284de6b2ab26996d909a52298e7bb3d7

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/js/mui.poppicker.js

MD5 bffdd65098158478eea76fbec10bf850
SHA1 cd7a180a544252e844ec5bd6a492b322140517bb
SHA256 9e4ca2479040f0721f93f875adabdd58d518f9a2665ea2749b6d6264f7c12e98
SHA512 6bfcf0c3673554d7041b9e0d2297291d28148017f94b5bfef1aed3595ac8303463edf220f230ed30198c52f65bc899678dc6e6d5ad1f96d48ef1afc250610805

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/login.html

MD5 a4bfef93b13cdeaccae35a316ed4ebc1
SHA1 4bdbbe0286006d914c51305466ef37fc205b6d02
SHA256 173179f42742c42e9e0bbe87a58d253b268e5be8469b7df518fd54d3cfe2e424
SHA512 4f782cdc6b44181eadf6995dc59113343607dfbd1e454660084ff4c599a3f9f2b92ebbab2fd32f504bc7d30c7f0d6c43e6501587a08a2ccc13d1fa0e1f1fba75

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/manifest.json

MD5 49900792e77940e59d0025b5bb89184b
SHA1 ee18b183c49d5ffc2c1e0de94e09aa56a9b1e7d1
SHA256 c5b59bc14a8787997aba9f5639913f6976df7effc86f7ee9fc31e9faaa132844
SHA512 343f08c1a2a8ebe564f565c2ceaa0fc815d963c3b89ad678f32da9adf9a80db325f49ca3c8c9d3d9ba733ce868c787a461260883551d77f25ce8a5ad1366afac

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/DCJRWQD/index.html

MD5 d228c5103955f1bf69235c813d7bec63
SHA1 a4925ea944eaf44f21bef2289a3c64617491d7ee
SHA256 462e4d3fb34820aa51992a2e2cf81941cc298711a858b035913271fe737a019d
SHA512 890ece571b565d02c088f11d0539d60e600fc5c760004fcbbfaf32877e538f4e16a71f253bf53db8a97226f2df5ac969843acd668980198986f733b78d285170

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/DJQKWBD/index.html

MD5 d232dc841e9866a72ef72e8212f0e085
SHA1 682abc343ecd10bd5e5d84ea839a4460ee6827da
SHA256 491e7a1fa82788a394e37f5b2de658ee14b252afc0be6b4a52425226d9f9b717
SHA512 8e058a7763a7d3ff2c76229aa73d2e13e0c42f0b1ffbb0574d80ed56d63c4466e56666a041d13883e9c0c490ef270ca632c22d89e0261283c110170b66f35746

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/FLSH/SHQR.html

MD5 7df3024ad0fcd01d84cc2050a25f32c2
SHA1 a4c17fae7973424c447ffc4e9df9bbe274f20f75
SHA256 f9b84ce116e3b0a92cd051a1feaf83cd23f1e1231d475a50838177ce373a9bf2
SHA512 bb5e6dd8e0e3a71cdebd4af581c5f08d6a3d985a941ec10aa6e78308a036f8083921ea1fd3bee27ce7f3240ee1a116d8e6198cbe846e8248eed0ae6158fff01a

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/FLSH/index.html

MD5 ee8cfcfd2ee0ec686b5793b418bccfc5
SHA1 789ae8c38465a709578ed29bfad4057883989818
SHA256 e3530ee4b92579b8d63f2d53988688dde3dce54572b5d49ebc4646b1ef5475a0
SHA512 d7ca93fe4c9ad6f835b1880a35c7ce355277e7085afc3bf32fb4811927165d4961b1fd9afa6f859b95a2ea787f1045887a20c88ee3ed69d731808b2dd49218b8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/HQTM/index.html

MD5 26f172da84fb8483fb65e3fa227cc9b7
SHA1 f100d4508f5e11a21fb0d71d8fd9375858dacafa
SHA256 90df6c90193979aabc3045b4f0751c2f0f687e2471edda71749764a08f72d0da
SHA512 a7312074fbea4346078586213705b2ccd470285ad0193bf61cbfdf5800d6e7336375e2ae85b42fe7aac47605249c3b6e451cc06e60fe3fa764399e3ef59a9f48

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHDFH/index.html

MD5 fc0187188d8de4d5a07723101cd379b5
SHA1 347b457195f898365272da2bb689f2d8c30e294d
SHA256 bbc149e5e92c90c0149a91ad4339c71e246a8577f40fcea6204b4b82f30967a2
SHA512 7cba9e8fc2254da0ca41fe806b9bee28bd404299a9fec1a293784e3734ff535a50ffe9e14008222a26ac5669de4871be9d96e5c535e0d08147f51e787bbc6d06

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/SHQR.html

MD5 cde497b720d7bbf4dd85837447e9aae3
SHA1 f2feb7f777f9c41eba519bbdf54ca348f44ea02e
SHA256 cfeb285a0fdba6bed03fd9198d907e8b04fc6cc39032ddeddc2b951a6359a863
SHA512 f3e6109729f8058c68f98d6336ecfd016b45759ffff54e8cc05a8908dc2e793e35a2ab1e5b3148cb76792ff943e7623402b50c76a50d4b079103079196b18592

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/index-bg.html

MD5 9befce71c8cec497600ad3e386e3f1ed
SHA1 524a54028dded4d6e32eeccfe1d270d1ff231ea6
SHA256 b53e82888cd18af78384f81eacb538597e8decec4ee456669e983c4ef2035158
SHA512 56dfaa9332e860d9de8c2f9ac3cc49628f9eae370e7a6497b2395e7c1e438d0ba15dfd42721c83df31b299268d45df630ef797cf14efe75885b0dbae5b429cf8

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/SHSH/index.html

MD5 fc34ad42a0e4ed2b7ab9cc7b631aec00
SHA1 7793b0b27c98984fe8bc6b2ba4f6956c4553ab54
SHA256 bd3cc2420958564f6ade3efd637b4e271d07059c17154ca951aa2944c1ccaa91
SHA512 832414c3bbe7485556ea8c3d670d07a626f28d5e286ad2988ae5240d67ef51585f8348df07f8a3675d6ecd4d25875f6afe00c84c7880243836f974dd4da7ae47

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/WWCSHQD/index.html

MD5 be25b606d99c4cdad23f2d33d4c71b50
SHA1 47672b56b21e96a0e005e805616d9246d2e16932
SHA256 9d044bbb626ab7eb150bc6fc85a61ac1858c04e275afac3e9cfdd791c7865f2f
SHA512 c0b89f22d32c7cc8610e7c9f7e49934b742bc70f362f3afc9d7ff9447a71c9165b2f604768cb901bcdc628b8ee7ccd1cb43ef86d51b32020a54ec03e91ac054f

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/modules/ZXJBRWQD/index.html

MD5 e41d5c987a9b8c016dc546f484697b53
SHA1 763744661a5a0a5d2a00b49e32d505ce51fc20a3
SHA256 d51965c11ec74c4c4047f8679d594e65a21dbc42dd340602fa7077751df3b9cd
SHA512 fcd4b9da9d5498f3f757e4e4a096beaf70197c93520496fd60e5c1462a99a004c55eed830cc85b106b9e1a7cf9570295327967deb7cd73dd150081ec870f2416

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/tab-webview-1.html

MD5 6afbbee379b0bf6c5c362bd1f794a96f
SHA1 c747fc679ad619d6edb033d25460dae7418f86cb
SHA256 7d0853d716a62ed031df0ba756667d9df2e15a36c0faf2f41860438b72ffc0b3
SHA512 b076ca2fb9f8e6b909f9f2e77a7b3b9e3992ff211271857c2f66a050e2edd3bdab6731dc2438d1e30525b56338bfd11972f522007e66d21ce6ba1eaae7006a38

/data/data/plus.H58EF5770/files/apps/H58EF5770/www/tab-webview-2.html

MD5 e1b6c5843a5b5ee1f570ef51956f476e
SHA1 fea58b4f92a67dda6c4a1da6fe7d2b28043f2675
SHA256 16d91c69b298d1e99edce25fd7c07ec95a873fe524a538d1238d4f3955ab2206
SHA512 321b3ef2b37918938074e126a409bde4413c122e763bcf81ddf77fb5c77902027654e349a5b80c3d2107e0f4f4fb4abfb44ab62ea93aa8b35f072c254f827865