d6eb30788ec37866a3b9251ed5a2014476b13b487f1f1b992454be4927b584ac

Analysis

max time kernel
177s
max time network
188s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24-05-2024 15:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6ef0f189db953491fa9e2adf735ef50a_JaffaCakes118.apk
Size

18.4MB
MD5

6ef0f189db953491fa9e2adf735ef50a
SHA1

60cf47212f5d3b843492d0af660b587ab6adcc8a
SHA256

d6eb30788ec37866a3b9251ed5a2014476b13b487f1f1b992454be4927b584ac
SHA512

5c7416113bb266823057ac64464a4b552aaa327800381d354bb16fd7decb505983703c4ff3c23281cbf52d2ca03eb5dc7ad3f3f69563570c1fbbee08265c24ac
SSDEEP

393216:oaG2rFXJEnS6br+DofqGzrgnp7c0+oqNhpaGXZ7:oM5ES6brEoffUNc0+owaGXN

Score

8^/10

banker collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

an.app925.text

description ioc process

File opened for read /proc/cpuinfo an.app925.text
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

an.app925.text

description ioc process

File opened for read /proc/meminfo an.app925.text
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

an.app925.text

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener an.app925.text

description	ioc	process
File opened for read	/proc/cpuinfo	an.app925.text

description	ioc	process
File opened for read	/proc/meminfo	an.app925.text

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	an.app925.text

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

an.app925.textan.app925.text:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	an.app925.text
Framework service call	android.app.IActivityManager.getRunningAppProcesses	an.app925.text:pushservice

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

an.app925.textan.app925.text:pushservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	an.app925.text
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	an.app925.text:pushservice

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

an.app925.text:pushservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults an.app925.text:pushservice
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

an.app925.text

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone an.app925.text
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	an.app925.text:pushservice

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	an.app925.text

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

an.app925.textan.app925.text:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	an.app925.text
Framework service call	android.app.IActivityManager.registerReceiver	an.app925.text:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

an.app925.textan.app925.text:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	an.app925.text
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	an.app925.text:pushservice

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

18 alog.umeng.com
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

flow	ioc
18	alog.umeng.com

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

an.app925.textan.app925.text:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	an.app925.text
Framework API call	javax.crypto.Cipher.doFinal	an.app925.text:pushservice

an.app925.text
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5112

an.app925.text:pushservice
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5295

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/an.app925.text/cache/jsb.version
Filesize
8KB

MD5
de8d30b31493cac91f543e48e214c283

SHA1
f682570c08c76d3de494fe7352e9143754fc094a

SHA256
f723a18f3e7093e60784229e23fd714351f0a1768545308461f1d948b3a21ce8

SHA512
696c908fbeb22d27c430a0cdf6a8082eafa00f9eecd447ad95f042bf1958c251c32519b72a2ca6333185c047cd89edb34c48a5a8e2b34c08d66ab500b0bfcb16

Download Submit
/data/data/an.app925.text/cache/libweexjsb.so
Filesize
32KB

MD5
3fe0527a488f80be515e5b2c5ecaefdf

SHA1
83debd3af72779eccb97df3670f761eed8c4fb12

SHA256
c223ec6471791b89740909857d74467ce16f7cbeb396bc32072dfc0df095c17c

SHA512
f9416fcd4a46e9bdbcf5279debdf47393986863e11c9fb66896c54cfb5e97356d9b6cb4a17094680a7f8995523a7a4a8d9ff0a142067cdef0fb9689f3bba68ea

Download Submit
/data/data/an.app925.text/databases/cc/cc.db
Filesize
36KB

MD5
0908e924aa236931dc7166fef6e00862

SHA1
7782648d6d8f6e835bd47058d4852932c096a467

SHA256
38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

SHA512
3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

Download Submit
/data/data/an.app925.text/databases/cc/cc.db
Filesize
36KB

MD5
67c12933d1e0e63d9801a6aa43092ce7

SHA1
b6936908554e4a1986b8eb08289e2d3545e8ff74

SHA256
abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

SHA512
db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
512B

MD5
f5cea43a10432a44a8a1f100619f2d8e

SHA1
2e52298c37fc6853c8e6b3d5dbe36af9fbf2b27e

SHA256
dbbf96d731ff9fe60ffa24fba6fa0d33ece7075be6f53a569ba21ecb57a10318

SHA512
8daf03eca984210b2d2f31504c264d6dbbcb6085ec5036e646fcc71ab55204e07d29de5879368bf7070ac9f410fd93a0a929f059146ea90685557f6bc2e84c39

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
8KB

MD5
755e261c6c664dd70989c938b6ffd0f4

SHA1
64188530ff590bb6806833502f9c83cd0e087f5d

SHA256
5fc0d82133caef88f1ea579b0b9babeb23c85db7dad5ce234e1d42820982fc3a

SHA512
301bd34596fbef7f252792aa0f883f8f6db31fbb40fc9efb0cf27bcb03dceb300519ac65adc4c198af521520eb576f0fe0be3ee2594e9d86039797bd3c48d46b

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
8KB

MD5
fb33dc3e5268613641f8d0b727eab66b

SHA1
6d18ffbc9f84bb9c96e4b4717adfb9f2b1b372c0

SHA256
6ceaab0ae160b1d8957fe4c4ce1ffafe2172e356bef958385f859cacfcfd4f40

SHA512
191e5bd213dddcf4af2b268bd1fcc3962906bf6c7958099a098708368a8726835d441fba6ca19b0f332f27b5d0a180727d915e41bc700637faac18749dea2a36

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
8KB

MD5
212f49bd5fc0b4862f3e9fa5a031decf

SHA1
700c49573bf7b739a0b60fe4eef20586dc183bc3

SHA256
fd6ee37b1ec2708d00e79f2df453614720dc60ae673b2375255462fab49ddc82

SHA512
7f74f94b9573f80c1582f13b7d41fc24ddd39f71cfacbe56324adb170f801f2447f0a926504dd487361ab9d0a66e3c056a57dd38934a059ea6bf4293ef918e35

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
8KB

MD5
0628f07d4867f3e616293aba9ebd396a

SHA1
0c41aafeba30d8d80df411f9e81f2e146de601d6

SHA256
b60c0b444daeccc9ff66efb0f8a27c86ec5111617d84d2985b8d5bcb8fc487b4

SHA512
d7cc3b55f7ee6a669a9d528ed3603cdea74c48f5e688256ac73e1e364ccd7722163595419e9d47cddde95d855b6c18e84ba5e10f089e1f2821d4c5bbf31c5d41

Download Submit
/data/data/an.app925.text/databases/cc/cc.db-journal
Filesize
12KB

MD5
45fbb2d143cb7fb6f09b73862b001b2c

SHA1
3dd1030b4ca5be526b1dce094476556680409d82

SHA256
6c9ecb5dea5c98f12f5200b4ed3f03ff3ed797411220738ea68f48359ed4126a

SHA512
5b53ae24ab9f5f06e3ebafc3a2ce5629847552fee13b2128e1ad91674357b54663ebac7405b0c1bcb40908775481af780cc34282ce9519788d4d04b837de8aef

Download Submit
/data/data/an.app925.text/databases/pushext.db-journal
Filesize
512B

MD5
c5e7335bffdd9a7df93c37458bbaabce

SHA1
c7e286040d8165b9ef5480d318124066ba7fdbf5

SHA256
623d68ef493fb3318f3839f88cdc59448d960c592d122f3aaa9fb0ea8f2f4454

SHA512
20dedfa6e9c54679367ec2eaf64c97773b19fe0459bcbaab994a6672d4854f3f463f8d5190bb51b25120aaa56617784895747fcef2a87516d0b570265fbe033e

Download Submit
/data/data/an.app925.text/databases/pushext.db-journal
Filesize
8KB

MD5
3b3dc8fbd7f3817b57d8e92545cfa4db

SHA1
343710d42170ab8de97b84afe236a8887e89245b

SHA256
7d88811e342c12c156ed27a6d23e681d037c902a5d63beb8f5454ef4ca372a07

SHA512
bd4504cf3751744dc141ab960bcf72e7934b490e4ecf5b0d06c6570a1ab4f19a2c7f8881ee03800cc4c892ba13f9a77a17738fab0448d8655922df5773a567ad

Download Submit
/data/data/an.app925.text/databases/pushg.db-journal
Filesize
512B

MD5
e7e2c5c1d336aadbac612354fd69306b

SHA1
5f6958d8ab657871fbbb498ec9ac6be1219308d5

SHA256
8c2dceb717cdf7e42e0d0a5b0920572cfbab230b5be5e896cc426d02adda0281

SHA512
207b5fbd1eac1c00d8fa15fe65da44bcbd2158e31220dbee8280355eb0ca0cbbf837c371e57f97996828168eae1c907fd9ccb0a93d6589840eaf27144f4031c3

Download Submit
/data/data/an.app925.text/databases/pushsdk.db
Filesize
48KB

MD5
a86b9e1740237725e8c13d4fe1318d74

SHA1
f3112fbd41851bfa4f0b906a27a4dffad2744eed

SHA256
accaedca18e6628c1bc57ba72b91f12ead46967a1f6fe83cde2130d767162547

SHA512
e28cc2209f4072516df340274504d4998406787a75c6091d889c5789c1e6ec13cefc8eb80b3838fd23ee4b1bf59d8e8b03220496e5c9cf5de70a74b52de7fceb

Download Submit
/data/data/an.app925.text/databases/pushsdk.db-journal
Filesize
512B

MD5
31498a3875f9cf328158cf4f4c7fc136

SHA1
913a91e1f29acc81b0b020343d10c4208bab207d

SHA256
6fc11986da0a550368f7b26848a5e56490ae0fd51ef668d0ff82a4ef9fe3b44e

SHA512
bc3f20ac34015b80f07f952abc89d8f5fefe4c8eb8da0eeee6722b60d7ab149084c4dd92b1c13cac98001fd6e993ce8323d24047e7e84034b626b768dc264133

Download Submit
/data/data/an.app925.text/databases/pushsdk.db-journal
Filesize
8KB

MD5
19875659dd4c8f68b376077d6c346b5c

SHA1
aab58af147751785fd4261edbfe203fd0592f958

SHA256
4c6519283cf993f34f809d83a0ccfe7b1bac17182f301c2bebc033d5a803c488

SHA512
94e4e25e040383745c41d0699cff929ce68fa00abf6df73168e2a19215b63c97904d3e6cc626a20cfd4c276831eec67edfdb640084a24714cb51d6c31aabc0ab

Download Submit
/data/data/an.app925.text/files/.imei.txt
Filesize
36KB

MD5
24a824b7228e44548550474dfa7b5bbd

SHA1
5e914938d608b10d83540d4a80b0f1b3a70ad243

SHA256
a0fdf33590d73c724b7e642c90caa0f47bd2a308b9e72e2b1479614f0ca825fb

SHA512
bbd41bd384b9aed9390c6a338fe844af7cbbfc05231a5c44b65c5fc5b63dd4c6772b1f2f375148ddd94e6197ae8e6967c8bc4ac1a510e7f1eba3259752e1b14b

Download Submit
/data/data/an.app925.text/files/.um/um_cache_1716563679580.env
Filesize
1KB

MD5
a5d38b4fab281ebfa5fb2603db1a65a2

SHA1
95032d6e947eaab93cad6ab58924fa398b8aea2f

SHA256
8c4e7cf558ea3ce60143350fe2769f3c960f41779a769860bd6f6df1b49f6c44

SHA512
500185cd1b196914eeb023f802f7527a951dfe04e733f0f95b658c1d0a5ac9f52c51b31d50e4551062e117e1a8d5fd1abbeb69df564a4e708e45cbf7d81f3625

Download Submit
/data/data/an.app925.text/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
f91cb746a1d8e08c89348ddd5f4932d3

SHA1
71ef6869dcfb0c33e778a88a7fc09b063287b6fa

SHA256
6859b38d700fe09df1460a96ca2058079e84f050534c8b3418b49b327608eb6d

SHA512
87ecad67e60c4f4d69d4ee12b045d76b631cd0ea265a6708fa709eda3a5554209101c948865c361c4f2748479c06cbd7a20d5f6dc4b99b305cb8284ecd9ae10d

Download Submit
/data/data/an.app925.text/files/cnc3ejE6/eje3cnc
Filesize
8KB

MD5
47dada357b00b1475fa42f8dfd3f79e8

SHA1
839c380544e45e26e8be033cb9bbaa551d66d1df

SHA256
9ff454a0cc3e2f0aad1ca7d5fbab62f4df18e9cc4a941530163b8e2cf97bce33

SHA512
994a5df913e9436874024bc22a2e2a04fec6df92f5501e426ea014fe55a65f5f84354693bfe2350469841c7287220509409643312b5ee9aa27409c4b5e06d67b

Download Submit
/data/data/an.app925.text/files/init_c1.pid
Filesize
14B

MD5
1c89dffe5d4436f09fea220ef6e908ac

SHA1
97d17218bf4097055bb6fb5d74d1a4c05d7c467c

SHA256
2a6170cc4c07491cb0c7e6d3fade5e05a2c81cf385b5014706dfce22847cee12

SHA512
cdafe0d768de2283bcf93457abf31cd4619b60ed54ef40078d8568b24d67836ef4fab955aea6c8f514fedc5496cf2a44b0d41947704c981619cfd600896e40fa

Download Submit
/data/data/an.app925.text/files/umeng_it.cache
Filesize
431B

MD5
5cbd4199e0b642d6e212949a7b63d02e

SHA1
7741413f181db85f5c87727880226cd7a007435e

SHA256
d61d37c7c2ddc9c146ff0b781bb3e74a0ab4305ddffb3241576b1865935292b0

SHA512
fcfe5b5e3ff313a0b82c7ee34a6e961786b0253ceccedcecceccd3e2df67f0be97ff93753f4ac440928a2e94922e3179a4de9ac5835efc05e1923edc7c9f059c

Download Submit
/data/data/an.app925.text/lib-main/dso_deps
Filesize
4KB

MD5
4331fa9f2a9d21c43b689d280626f671

SHA1
828cfddc36bbd947fe6afbe39bce71b5e8d9ff8a

SHA256
0769e2d73b556455099a5e74ec01c4ad91997dc97cffd22fc5fb5fdbff30425b

SHA512
b569f9e64fc9e54f909ae4371647c9d1e500bdda9e8ae5a28ee56c1e5e4574519f1b6165cc301a8a259eec68b560e82986ef3d274936da8f0193e3030092b5c9

Download Submit
/data/data/an.app925.text/lib-main/dso_manifest
Filesize
8KB

MD5
ac6866f113f8b3de267efd3a87147950

SHA1
18932c6c721a0dc0799c20acd3a46de1b6fa2f51

SHA256
e9d8ca09bdb1589b9ff30db99b459a722d6febede64052d0ac4d7f7bdbcd6692

SHA512
9556d10bce76d62252bd1eb9dbc1306894232b9c6c8158667e9c5c1a16234da8f2b64e9750c79240e85aad34617df77a3f31422f424e1af3bc00b68edd768d1c

Download Submit
/data/data/an.app925.text/lib-main/dso_state
Filesize
8KB

MD5
b9c45a670c6eccc50260a9642532b19d

SHA1
4e9d45700511f5f4be2ebfa51d0cbf90c0805d03

SHA256
ae94c3965d5a21d7ae8cc7d1b97b1bfcf9eab0bb938f1da83ee555cd6fdcad2d

SHA512
c6b49b33e61e96b94ddc55f5eb5573048c5623d7954e0621a6b5214269d8d53f1dda3b03afc229bb843f7bf89e28370aa102715c51f73ec06a03b2016886d4bf

Download Submit
/data/data/an.app925.text/lib-main/dso_state
Filesize
8KB

MD5
01c40606d8eb2f70ccd58b88d1a839e4

SHA1
fbddf5ffb4abf9239c678ad98a9a8db355f2180e

SHA256
f8253b232bfc12852d0937a9e09b6453d0eaea9db15624743260e694dc223b1d

SHA512
3aa9cc9a6bec0f99ee25d63ccccc68b612e221f56e85896b21e6192b0ab53faa0bff2902038a6c399665257b6fa54774dd7bf155b0a5e1af8dbda277a5b60b52

Download Submit
/data/data/an.app925.text/shared_prefs_ext/test_app
Filesize
8KB

MD5
8f8548d60bd01f781e692ba62bb28ce5

SHA1
7037fdfdc09855e8c3987fb367a437816a65a464

SHA256
bc82376172ad67ba6b52d748e9a648543d36c8e888fade6fcc68a9811578b159

SHA512
6e6ffd8d66f8cefb053d2575862f08f7d433a1828dd6d968723f255fe9e7f5201dd4428184b98c0b3a36c541630bb0145ab86869296f63a55c230e6bdbaa0315

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
8KB

MD5
633386bc313ba592868fc8a090406b4a

SHA1
dfef222d29e9fb1fa21a2e15a0d422475c9c7e4a

SHA256
f824f7104f61ea3a6b42c2316933801fd5d7348162cde6c3bbda941b320bf49f

SHA512
9f1a9548f1fcc819de2dfd83bdeb4f04fc7768a74259b413bfc13e5f2e74e9a227053c8873fb01ae6e514fd3ad850214ddddaa8fd04b6a6101a1b7e6d27d30f0

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
49743b5fd377432bd4b36d2935f235cc

SHA1
86fd20c8857421f91515880ce59b1217af32db27

SHA256
f5582bff152c5a0f0d3bb56596c78233e22714eb10a9161c5b1ab68fc25ecf57

SHA512
7282f0f4e7835bfe15ed442910572781f8576583cc07cb73c044d9cf701534273aea383d6dbb1c7798cd6f8bcf501614800eda8efda7ca7383cfd00ef1f497c4

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
16KB

MD5
46ceb3e0829b96bc3a5c5b3b09034456

SHA1
ae3e7f376c97f741044f704351ad908de8df0fe1

SHA256
b5dbec02792ec2c6863611e1b6ae4f995cfe4149d637e769e84aa11970e3f040

SHA512
1d739049ab6f39e1d560b20217fe5ccb6d7bc4d9aa924ff9d7bb926840746b7799bf22c5824ee9d59f2472bb900ab31d551648eeb2f6548198c470e1c43c6650

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
8KB

MD5
bbf044e8e3dd300ae3e1ad5ec918b7cf

SHA1
fad3d30a59a622913a610c34db6625822b6149ed

SHA256
42e9e681516c5e849a7d8ebd39b83f3ce52a9934e9fc131b92e94c770d76276a

SHA512
c5fe30320a8938d4754f1fc40695356cca802be65ad18b95f5eec2c4d6f9bcc02e745c31c3801c8a8576b33da9763400e154663f13c6adaf04746435dbdabe1c

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
1KB

MD5
52f4d896d8f08f590898e40f7cd24f6d

SHA1
17381156d384db41e995655ff7422bbf00595ec4

SHA256
651ededef62f5f292564a35a3b1ad365daa49520a5c406b21bc251d5a529d547

SHA512
4951c1453cec34baf4ab249b2afbd1b2ec0e5d174ca31ad6690685663f01720c427a2efcd37ebc5771ff4044525d7874a0a7931496c07a2729a3b6b2e965f933

Download Submit
/storage/emulated/0/.imei.txt
Filesize
8KB

MD5
8a35ffb6f15907c40f13fb21eb880fd2

SHA1
d8a2df850d82c0359c40d36a6b1a6b4db4833d19

SHA256
45f1eb13e88b757263c9931265a7ab351e11569ff690641c207d95a6783c64d3

SHA512
1fbe3b15ed089c8e8426bf107b9624755513d8aa03ee996a28e7ff851c934acd470cd970cfb10d844d634c86f4082a73ef8f915440c630f2e1a10acf54d5b12d

Download Submit
/storage/emulated/0/Android/data/an.app925.text/apps/__UNI__999E9D7/temp/1716563616071
Filesize
491KB

MD5
cc4dfc5c465f56ec95b51405029a0959

SHA1
b2cc7fb49f2c94f20819e7d6e24637a9fb715aed

SHA256
827bad6753237994a89a74d92dd66e52b7cc6a50648f61ea934b55909599bc26

SHA512
da8c4c5ec5c591072fecafa1491ba0faff0686e555e5d6d973783302fe1e500175ce49816f6c7dba9d01fe397bb367b61b302cb8ffbd10cc13c3e5916156eac9

Download Submit