4ec6547626b74087d05fe305798994c3e5f65046df012d40efe670b373b7c592

Analysis

max time kernel
161s
max time network
189s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 09:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e190697a8bfbd23a8bab1ddd44e6955_JaffaCakes118.apk
Size

22.6MB
MD5

6e190697a8bfbd23a8bab1ddd44e6955
SHA1

c78cf857dea2e75dc67a762309283adebb944525
SHA256

4ec6547626b74087d05fe305798994c3e5f65046df012d40efe670b373b7c592
SHA512

2598086fc109760ef111adf89d653729f2c5beeead4d0a7ea5afaf6e9c5a688ecb39ee3e208a334e610f63fe42d6debcc8ffcb76fc13da9ffe52f04c8e5045ad
SSDEEP

393216:zz1zzO1dhgH0Dmdo74Bx2nEdFM+ZWdr+1xsIxjQyVX1a+CrdkuS:PSmdo74gUpSi1xjQyd12g

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.cnlive.movie:channel

ioc process

/system/bin/su com.cnlive.movie:channel
/system/xbin/su com.cnlive.movie:channel

ioc	process
/system/bin/su	com.cnlive.movie:channel
/system/xbin/su	com.cnlive.movie:channel

Checks CPU information 2 TTPs 5 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:channelcom.cnlive.movie:CNLiveProbe

description	ioc	process
File opened for read	/proc/cpuinfo	com.cnlive.movie:ipc
File opened for read	/proc/cpuinfo	com.cnlive.movie:CNLiveProbe
File opened for read	/proc/cpuinfo	com.cnlive.movie:ipc
File opened for read	/proc/cpuinfo	com.cnlive.movie:channel
File opened for read	/proc/cpuinfo	com.cnlive.movie:CNLiveProbe

Checks known Qemu files. 1 TTPs 5 IoCs

Checks for known Qemu files that exist on Android virtual device images.

evasion

System Checks

T1633.001

Processes:

com.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:channel

ioc	process
/sys/qemu_trace	com.cnlive.movie:CNLiveProbe
/sys/qemu_trace	com.cnlive.movie:ipc
/sys/qemu_trace	com.cnlive.movie:CNLiveProbe
/sys/qemu_trace	com.cnlive.movie:ipc
/sys/qemu_trace	com.cnlive.movie:channel

Checks known Qemu pipes. 1 TTPs 5 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

Processes:

com.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:channelcom.cnlive.movie:CNLiveProbe

ioc	process
/dev/qemu_pipe	com.cnlive.movie:ipc
/dev/qemu_pipe	com.cnlive.movie:CNLiveProbe
/dev/qemu_pipe	com.cnlive.movie:ipc
/dev/qemu_pipe	com.cnlive.movie:channel
/dev/qemu_pipe	com.cnlive.movie:CNLiveProbe

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.cnlive.movie:channel

description ioc process

File opened for read /proc/meminfo com.cnlive.movie:channel

description	ioc	process
File opened for read	/proc/meminfo	com.cnlive.movie:channel

Loads dropped Dex/Jar 1 TTPs 7 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.cnlive.movie:ipccom.cnlive.movie:channelcom.cnlive.movie:CNLiveProbecom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipc

ioc	pid	process
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	4384	com.cnlive.movie:ipc
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	4417	com.cnlive.movie:channel
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	4664	com.cnlive.movie:CNLiveProbe
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	5139	com.cnlive.movie:CNLiveProbe
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	5268	com.cnlive.movie:ipc
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	5387	com.cnlive.movie:CNLiveProbe
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip	5598	com.cnlive.movie:ipc

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

Foreground Persistence
T1541

Processes:

com.cnlive.movie:channel

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground com.cnlive.movie:channel

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	com.cnlive.movie:channel

Queries information about running processes on the device 1 TTPs 9 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.moviecom.cnlive.movie:ipccom.cnlive.movie:channelcom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipc

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:CNLiveProbe
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:CNLiveProbe
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:channel
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:CNLiveProbe
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cnlive.movie:ipc

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.cnlive.movie:channel

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cnlive.movie:channel
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.cnlive.movie:channel

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.cnlive.movie:channel
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.cnlive.movie:channel

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.cnlive.movie:channel

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cnlive.movie:channel

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.cnlive.movie:channel

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.cnlive.movie:channel

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 9 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.cnlive.movie:ipccom.cnlive.movie:channelcom.cnlive.movie:ipccom.cnlive.moviecom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbe

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:channel
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:CNLiveProbe
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:CNLiveProbe
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.cnlive.movie:CNLiveProbe

Checks if the internet connection is available 1 TTPs 9 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.cnlive.movie:channelcom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.moviecom.cnlive.movie:ipccom.cnlive.movie:ipccom.cnlive.movie:CNLiveProbecom.cnlive.movie:ipc

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:channel
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:CNLiveProbe
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:ipc
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:CNLiveProbe
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:ipc
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:ipc
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:CNLiveProbe
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cnlive.movie:ipc

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.cnlive.movie
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4274

com.cnlive.movie:ipc
1⤵
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4384

com.cnlive.movie:channel
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Checks memory information
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4417

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:5005

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
2⤵
PID:5052

com.cnlive.movie:CNLiveProbe
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4664

com.cnlive.movie:ipc
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4822

com.cnlive.movie:CNLiveProbe
1⤵
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5139

com.cnlive.movie:ipc
1⤵
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5268

com.cnlive.movie:CNLiveProbe
1⤵
- Checks CPU information
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5387

com.cnlive.movie:ipc
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5598

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cnlive.movie/app_SGLib/libsgmainso-5.1.103.so.tmp.4274
Filesize
128KB

MD5
73c06dd3a30d4c352baff5aa05003547

SHA1
1d7caea689260fa37d7c5ff6931c21e10d71362d

SHA256
afaf1925580f0ad7596e6117686f23dbe3f86224f23e1a6878b438d0e76ffffe

SHA512
fe56e0993a3cc0e6c44e0395ce870f2078bd184c15971a1acc9029b6d4b6edfbbc165cd93847a28b07bb1f2dd37a5daad7fdf4fd6cc83446431831b164c15329

Download Submit
/data/data/com.cnlive.movie/databases/MessageStore.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.cnlive.movie/databases/MessageStore.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.cnlive.movie/databases/MessageStore.db-wal
Filesize
60KB

MD5
496e81b93d83a9afc9cc37b0021b6c12

SHA1
dbb1719f010d7833d4e47c0cc1a026ba9d98c352

SHA256
88633a7f3cc71d4e60fe809aacde702908a046b586b3fa383999b564b9df5878

SHA512
31e98bb851aab01a71ef1f346226058c4f89e535c6ab8f4397bae9c12428c2a85931601d0a75c029272c7a0efaec7e89dcc380acec07438a53b4cc2dfdc9178a

Download Submit
/data/data/com.cnlive.movie/databases/pri_tencent_analysis.db_com.cnlive.movie:channel-journal
Filesize
512B

MD5
b07c2abf3dc4870bfe1ed71645dc8883

SHA1
80d0817bcfba0506611142b5329d336631303551

SHA256
daa85ab3fe50b96c9a4078322fb3dd36476b2ea56b8b791cf6d2e99c689fbd53

SHA512
a8e289ac871bfd0503e4ecdd1687d0b682d1491603890fd2172257d854a81a6ecd36f78f130577af67d8abaac7d96f4215210c5337b82d1a6b5c257c8432a9dc

Download Submit
/data/data/com.cnlive.movie/databases/pri_tencent_analysis.db_com.cnlive.movie:channel-wal
Filesize
64KB

MD5
786bd2e8882f96074019f3425867b259

SHA1
4f38df091d62a76da8555f902d9d4c2146113664

SHA256
4c319be3a33965dde20148a9aee35b35ba864494c50e6f53b81d58e51bd5171b

SHA512
29089c53e6d3c7e5d69aa66c664e0346f3043c70a63a41514dcc57c4e5d7b61b50e00dc7283e7759963ea5a3c9eb6f56ae3ef3c87fbb1f4514315ac88e8c8d21

Download Submit
/data/data/com.cnlive.movie/databases/tencent_analysis.db_com.cnlive.movie:channel-journal
Filesize
512B

MD5
88179dec5d17df19129be9b0494936e9

SHA1
a36b8efd13aec99e140ba14f394914e1c6c7464f

SHA256
13adf2601fdf6b2261da969cec2289be16332c30d2aea70d6db6f373fe9cad6f

SHA512
7501db54be6f7762f31a04efd5bf32fe91292d3f53f944ea5219af9189fc57e3d694343a9ad4cfc92b653a06c1bd81537337002e9385b643368cbf2bd7e56407

Download Submit
/data/data/com.cnlive.movie/databases/tencent_analysis.db_com.cnlive.movie:channel-wal
Filesize
88KB

MD5
f21bf7498eca541ea589555549571786

SHA1
d2e2ff8b1aef6a14af7d8cae97a4e48d7a2609f5

SHA256
d6e59dcb559a782b7c2f6abfec6eff743c1b453ba3829b01eb47600763692167

SHA512
f42415e0b9379f36d68124c86cc75a8ce29934ddb88654094bb53a6fa76c92025ac80ea95732578de9b85ee6cab1dc3badc2391eccd16d26bf513b44fb67fdf2

Download Submit
/data/data/com.cnlive.movie/databases/ut.db
Filesize
20KB

MD5
2d51fe891852b06f269fde881b2963e1

SHA1
080ff50c87d444ada07f293bf6879dc6d7693c04

SHA256
12efb907769de7f7d434eb73d96ec7bc4f6f0b76460d6d5a9c0705e0f850c91a

SHA512
417c3c0b69b18a01d5a48ca6935d7ecb114561c2b5bc24180e608e1ca8d6ff15f6fc2164b4a58539c0fe934ba7d91eee6006b7964d847d702ca173ecab332492

Download Submit
/data/data/com.cnlive.movie/databases/ut.db
Filesize
20KB

MD5
fdd6c769be14fb4c9d3d74a4d8550b54

SHA1
d8e533fcd7b6ba4299e102f7722366f017d900da

SHA256
ea1561981e25a7e8c8085c9eaf3736c6556d17e94090ef42af6ecfc1b72c1b26

SHA512
0bf54e0882013718ff97b105513473fc6c6603c6d436c21d53e6dac884da5f84d6b3fe097a1cd2c305ed2a0ab8ac07e56756a5d8d004206e45f7e72df5d4e28f

Download Submit
/data/data/com.cnlive.movie/databases/ut.db-wal
Filesize
8KB

MD5
8b1a0e8dbc611bf709618ccb73c58c91

SHA1
ad0ff42f4f5162d90a02e2a2915b67c1e6b3630b

SHA256
3645c4922b508d7070734ba3d629f549a1113e96d32dd47fdf3955d2afb40797

SHA512
29c62d48d1571f077153222f51d1ea60fe562ba9fe7e351efcdebe0bb66d8a49cef6146c8a074999cf8ba83007a1544a33cb3be5e0e8e1d3e0f5f039646c92b8

Download Submit
/data/data/com.cnlive.movie/databases/ut.db-wal
Filesize
8KB

MD5
aedad0749cf924a2853f2e614c333917

SHA1
31d5841c637c009b2c9dd6f856a2c8a3afe0a51f

SHA256
5b4d7124bc862936eb97bbc6250e9b1049191bd32785c64cc3424a2ed1e6ae64

SHA512
67fa7cee5ec1563e4f21006a057948fb756ce39a75a95fbd3269dd93d49164b8513a8a9545d20c7b4727c375be50c4a1eab8dfeb852a9073a3532872edaafadc

Download Submit
/data/data/com.cnlive.movie/files/0a231bd8575dcf72.txt
Filesize
40B

MD5
d5296c90289c00fadbac5a161cd4e083

SHA1
bc809706e525b42ac18f0a9991499da2a2e3e65d

SHA256
452f1f10f7b6c36906f6d8d1ab0053c3bcd86eefba0dddc29f291f249e7e02bf

SHA512
caa8c6866c064b331e8a2d8d9edcab30b7744a2cc2cf43aa46a40b4f635758c09623e41ddf7424c2f14e195241c1903a45db7046c1c60618851e775674be7132

Download Submit
/data/data/com.cnlive.movie/files/21c22f492aba3de8.lock
Filesize
16B

MD5
2ae0d329d059b027fe5f5a6a5711d09b

SHA1
8be7f4b7263a3988dc7e5222489bf943505cd60e

SHA256
aaa9905d3ce4cce75de47386afa696b405a3d7daefee0925c7f56a70e677160e

SHA512
b6e76d62489e09e864b94d2f3e64376d8613c6f4bfe9b034e9a3a72285c11b3ee26f3f3a0bf03acc6aaf640f16bd07c1165e34be6b26c18e144bc4f0b0a847d5

Download Submit
/data/data/com.cnlive.movie/files/SGMANAGER_DATA2.tmp
Filesize
414B

MD5
7149a25d2845758bc3b8613054adc64a

SHA1
b19561d453e7939a0f5f8ebe2ac31e6624dbbd3f

SHA256
4ddc3a8b325220b13555c6adde5b4d60650850980f2f9f802d0de42f479767da

SHA512
93e8b202ef3339e9d95c2ffb75d0a66a38a78f3e704c986c0fe56695812b3e80e81cd3b9fc3d1e9f6a1eb112368ae81d8313b4f4ffe41007983393bcf6aaa385

Download Submit
/data/data/com.cnlive.movie/files/SGMANAGER_DATA2.tmp
Filesize
529B

MD5
ca3c3c898f3f811869039243701d0bac

SHA1
be0961cc1625cda9eaa7fc2bbe8b0d3f111c0dc0

SHA256
fbc6923b4c14fa5a5a6c3e98be6aa7b381b9c004cb0d79d77d3ae46fb1e62ec5

SHA512
d335a131fa604711dd6332b88708b39810d535d1b252ffd4c9ac446911f61972c0ab3a293cc60d856db297e03b63a4ceffe13f32ab3c2aaca52bc1681fd541c0

Download Submit
/data/data/com.cnlive.movie/files/SGMANAGER_DATA2.tmp
Filesize
576B

MD5
74797b02cabd3bcb51b211d3e5bf4df7

SHA1
fedbe895ae4021d1d856a438171ec645c0ed739f

SHA256
9855127be6f097e9887f34e64ce12eda1f6ec71d2982c025488e02c9f654c299

SHA512
9a7f3aa2e8986b74c079ed0e8cae66160f49a07b0bddb5864bf22d5af017419ba9924eaa1744e8292ba004d4ad70d3f56cbe443bfb5f72ccb272686c98275f1e

Download Submit
/data/data/com.cnlive.movie/files/SGMANAGER_DATA2.tmp
Filesize
910B

MD5
d170aac6ffddf02dbc2ee6cd90674f4c

SHA1
0ad32ab0d91c2bb2a43a39e03c4ab26b248143e7

SHA256
e8ee9a10f3246570412ad69b69fd17f68d5010830b3f015e02bc299d3f305896

SHA512
e4625e68733b9b94ebfbcc431b8c7eb9a5d9c73bf8ae68a18c0b2db5ce07c3a8679999ff2873852d2950a0c83afbd16e833e9d08c3a9e418d3174f81b9bb45d8

Download Submit
/data/data/com.cnlive.movie/files/agoo.pid
Filesize
4B

MD5
dc2208f9bbd11486d5dbbb9218e03017

SHA1
08ba9591ddd8b97bcbaa1a39760c09b46a22ccc9

SHA256
392e98bd37203b489ec2d73030efddd156949035a1dffede8c328ad3e9a69c22

SHA512
b596d08ce00408dd858c1c25c7e8252e8f43955e113a59d5ddd17e23d8a9cca15965d4ae4abc746a0f9483eeda87e72f526219933f78a187275660867d357c76

Download Submit
/data/user/0/com.cnlive.movie/app_SGLib/libsgmain_1204281226000.zip
Filesize
66KB

MD5
da70e151d9d446a3251c2fec0d7ccf97

SHA1
cb5e957582c36766294cfa765d5d926ed8fd733c

SHA256
66e8d6a2eb99135625f7b4b07db04610d26f0215103e65e0e3d004e2228d4ed5

SHA512
f9e4f88cc9f5c622010b212f01206f4b8bc98fe8c2e66d948454fa1799eb939a5905f20961b06a6731d0ce246fccec4f4ba3336d280f46ab65876c8820c713b6

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
9b939be843ee20a3dc32665c0ebd2009

SHA1
a23f35b9dbb8fd1fc929ae6c7e134156ffd5f783

SHA256
14a3c0619f437d30868b1216b3bc86d6042c98b38ac259932e8e8211404aa6f0

SHA512
28a4316d8a04df7496d6ef4b69f6e9d40dd7573779a067ecbf1ad5f13552efed907ebba284c39bafc901a1d99113db117a1012960ddf2e01d45450b13d6065f9

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
381B

MD5
0b659fdcad971dc83aefe6bc0b52e6b1

SHA1
574adb85c091860cdee5a41e569a7d21e0568b50

SHA256
b7dbc2c4ad1f65f7e00318dcd1ffcc5d41ebbeecc4ed78f898fc0ff08f229420

SHA512
ab5dac94e17e629f75e49c0657954b34723478c2128d5f948fcc87d95718c1f1e1e51ff4d6c5b234bced67a4dd76b80f44f2b9dbe78be150a8850646df271486

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
381B

MD5
4c17cf50884fa7cb3bc4465ad42fe189

SHA1
2590168cd91b10f6dd152adc6e4d0e24c86ad8cd

SHA256
a4e5a8e599cb6f0b664dfc859c9a39badebe5ab931c9bfad0cfb17e03d463c56

SHA512
c0dd2a129016da848f670ab021143a96cab8ebcd538b5429cdd985628e9d452dab386c2dc97e91c7493fdb8963b1440ef20b79f98789dc96fcb0640cb7e04472

Download Submit
/storage/emulated/0/.com.taobao.dp/dd7893586a493dc3
Filesize
512B

MD5
85cf6e8f8ffd77676a5ac09056085656

SHA1
75483a52c6f93b4160379d65fefb6148098f34c0

SHA256
1b6b5b180bcede72be85bf102ff58b4227bf03e41ec4b7001dff8abd36f1e10e

SHA512
87740509765e09e0b695764aa47cac8ee3213548248d31e9cc6bc6bec2d96b9013854949606f37c7aa8ec044b97ad6477db25946a73734557c147333f6d69a26

Download Submit