Analysis Overview
SHA256
49d9b0a60319f31db9f0709819d2944e79916c0898da57325bf8bcba850d4507
Threat Level: Likely malicious
The file 897dd3f8e6091e400062e99b788fe824_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks if the Android device is rooted.
Requests cell location
Queries information about running processes on the device
Registers a broadcast receiver at runtime (usually for listening for system events)
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Checks if the internet connection is available
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-01 05:32
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-01 05:32
Reported
2024-06-01 05:35
Platform
android-x86-arm-20240514-en
Max time kernel
13s
Max time network
150s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.ear.oin/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.ear.oin/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.ear.oin/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.ear.oin/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.ear.oin/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.ear.oin/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.ear.oin
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ear.oin/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.ear.oin/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
ls /sys/class/thermal
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 216.58.204.67:443 | tcp | |
| US | 1.1.1.1:53 | app-router.leancloud.cn | udp |
| CN | 106.75.100.17:443 | app-router.leancloud.cn | tcp |
| US | 1.1.1.1:53 | open-vip.bmob.cn | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 203.107.1.97:443 | tcp | |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | itoslaj5.api.lncld.net | udp |
| SG | 119.29.29.29:80 | 119.29.29.29 | tcp |
| US | 1.1.1.1:53 | blog.csdn.net | udp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | umengacs.m.taobao.com | udp |
| CN | 220.185.184.16:443 | blog.csdn.net | tcp |
| CN | 111.63.206.54:443 | umengacs.m.taobao.com | tcp |
| US | 1.1.1.1:53 | amdcopen.m.taobao.com | udp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/com.ear.oin/.jiagu/libjiagu.so
| MD5 | f380717bd1e3916c7b697fab8d46c5d8 |
| SHA1 | 04f51f0d16097214e38be517d93be44cb0603a88 |
| SHA256 | 8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc |
| SHA512 | b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e |
/data/data/com.ear.oin/.jiagu/classes.dex
| MD5 | 0bffe934f17d69d17a4c3af20daa532d |
| SHA1 | c8c28bb38d8bf904c2e59bf1145c343711f7b45c |
| SHA256 | 4790c6399df247aeec39a5277aedec9736d5259aa46d26f4ed301ec45d7b25a0 |
| SHA512 | 623a89a5e4a3082c94286b4cd7abaf8de5038b91f802e9c7f354be4a8f729e8daceea139173b9e924299abdef95abdc2ef48a0d17a4cca0e931eea7663905cf5 |
/data/data/com.ear.oin/.jiagu/classes.dex!classes2.dex
| MD5 | 6b2c832d95a59bcc47934e09a0345078 |
| SHA1 | 44a1539f46006d2ca49853cde054ef727f7c306d |
| SHA256 | 2f7677e3d5e8d2af290c22e1fad6da141020183f772a30cf5ef0898988dbdc5c |
| SHA512 | 7ba7a7180e4da0b7c782548c7fa60feab2e755c19cb7c54303e86abc9b92e3087cde80e6f7e5534aa36d39f49e3d4b586952b99ed7fe67a2a2af6de55bca44ed |
/data/data/com.ear.oin/.jiagu/classes.dex!classes3.dex
| MD5 | 06c0dcd62e2516179f0c5b6a8d84db00 |
| SHA1 | e54f7f1a7cc3897c1bfa13e41e052ed9b8373046 |
| SHA256 | cd617a382aa40ee0b55a4aeee924126fdb027e61b8ef55668f07ccd36c08f2e8 |
| SHA512 | 1e4dfed4fd6dc986cbecb47748e89a27bd4b7c06f6dd44d55d095e07e35a5823f50247f232b118198cc566f570207bd299a9fc2216fc4f67021061497c2d0580 |
/data/data/com.ear.oin/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.ear.oin/files/.jglogs/.jg.ri
| MD5 | 8e442c3f9ba56c423447d1e65f09f7a2 |
| SHA1 | 3eee6e053ccbeb8e2bd06f73915bcf5395c2a457 |
| SHA256 | a396cdc76e79560f443f55214b153ae3fbbce0fa6ba2b52de23421084b124542 |
| SHA512 | 767b8cb73c85d3daa26d391d9395e955823d8319d34dae1418f93f94f1af4394bf33c7a16a37aa94d791952b6eb70aea1221d5c373480066cf44d3192014e0db |
/data/data/com.ear.oin/files/.jiagu.lock
| MD5 | ab4d72f208a9965cf9b5f933a665c694 |
| SHA1 | 32dc83588bb0a8ed43e920d7ba9fd828e77573da |
| SHA256 | 8fc0301b68552fd8c9b93a94575b15e1b7e77e90f14717f7f74311202672779c |
| SHA512 | 742e1cfa6bc42de2dee2e5ad351789c8becc201e355eaf457c1525d5a914122c042e3fcd7a8fdc699489d2c5afcbaf61e383d6cf925573f7b728e802af6d8df5 |
/data/data/com.ear.oin/files/.jglogs/.jg.rd
| MD5 | ed4f7ecd96e4c0c0040d03646431a2d7 |
| SHA1 | 296035957d016ab23127fb93b71adb3b1f304d3f |
| SHA256 | 1d0191507c806d6a9bc9e87a7556802a8658a72fa6ac422a38e00ec311223306 |
| SHA512 | ada7cc9e65abb9de59213e4f63756e02ce647bab86124f32a06981ecddef367997aacf042e507324ea0b9e35146520a61d6172476d7f9bfadafbc180eb9e4487 |
/data/data/com.ear.oin/files/.jglogs/.jg.store
| MD5 | 448e391c59eef34ee1defbe4dee4c41f |
| SHA1 | df1f890987371d7d8e6963c68b787856e42bc146 |
| SHA256 | 55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549 |
| SHA512 | ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7 |
/data/data/com.ear.oin/files/.jglogs/.jg.ac
| MD5 | 3fe2a1cc86f5a067cdbef8ad75faf8f6 |
| SHA1 | b51a178df57a5e15e77d500267d2362c4153dead |
| SHA256 | 10d1a17fe0ac056b174781532207fe0c127d3bc37767c6e411287eaae9e750bf |
| SHA512 | a68a55c6a4eca881103aea153ad2fc68428de22bc11fe0766004cda7de61c519d0faadfa327d9c9f30a95335e02384357316b60ebbe3919ac5953e55f615163f |
/data/data/com.ear.oin/files/.jglogs/.jg.ic
| MD5 | 1b88ede812913759b23c93b8ac2d1249 |
| SHA1 | d8b5669bc6d6b5c5289cc3a74b1e083eec17204c |
| SHA256 | edee19b5ef0b1ee1c6e8ee80d0925a91d055851bffa4feb62ae9c404ad0cef9c |
| SHA512 | 6fee5619722d72ebab717a229f6d64dfd42bbfb38238725dd735530ce56916f447f6d414586f36d240a88eb5485408d9bc505bdd518dc164333b0a0aebef90af |
/data/data/com.ear.oin/databases/MessageStore.db-journal
| MD5 | b011d59b4c656e857c3e8b440c7e1055 |
| SHA1 | 0b6969499114de5094b5e21dc98e493ae9b156d5 |
| SHA256 | 0bcab7a2bf4150a60ed2e8329e8385c37ddc14c43d8e5a5b607e2dbdd2a96299 |
| SHA512 | 0c85631fdef20af6fb6e0e95ff94a72643f214c7f1ce91632fb2cf715c38d2cc7e69d57353d19939cccdacc4f7062618600436080562cd94d7fe5e86b6743628 |
/data/data/com.ear.oin/files/.jglogs/.jg.di
| MD5 | 87d0408ac70cf3b63e29426c6bb3c3c8 |
| SHA1 | d99e726fb1b9d93c64c65c6699a2915ef0de887f |
| SHA256 | 8d4815436c5c81c6dff3cb6d65711327b0d59087f97614469b2350abf2b44cd7 |
| SHA512 | b9ae7e65df8942ab8e0b0ee6782f154f99b1a40b6709bb9f8cd9e1fb7111a47d040a318ce52726a6422c49f62c36ad4c514346a77e441219f6b1e82aad0e57d0 |
/data/data/com.ear.oin/databases/MessageStore.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/storage/emulated/0/360/.iddata
| MD5 | e1c24dc8e95355ee188d5fc809c79731 |
| SHA1 | 0ed197568a024dfd2eeb698d9c73601dea6015ed |
| SHA256 | 83b2d83566be4e74c816b5357be27167397ad0a3eaf93585d1286616884c6543 |
| SHA512 | 96712b3e3570e735c42b1397e5e699abf2f6711418c48181d0880e0b1c966e55b6fe63d42fc5d8684afd7d74dbeded9ad223ce26ebba554071c38048de2ce730 |
/data/data/com.ear.oin/databases/MessageStore.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.ear.oin/databases/MessageStore.db-wal
| MD5 | 632acf1157f0065c9209113ef63eec2e |
| SHA1 | 05c00326d35b9a7ad2f7906b837a633ef1524aee |
| SHA256 | 9f481a0c7ae5b42a5d6fd83e908032daca0465bfd551d0d1d6904d7ef1a8766b |
| SHA512 | a39e4d63db0dc39b7c20ec799907fafe0070c6cd712ed38a7e2ac489cb2a9d6771a362f054d006105631683d6c45492acfaa67dea07a9b16bee4711cdb68e581 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/data/data/com.ear.oin/databases/MsgLogStore.db-journal
| MD5 | 4c96193c00bf81dfe095676de5963a5c |
| SHA1 | aa8ba5efb394b4dad07515eb69835d6a1d0811c4 |
| SHA256 | 5e878727dcc48b65438db4e6cc2ef76472009551e0cc6bf5005b3a39c060866e |
| SHA512 | 3da3a18e3c6c0a24915bebb8e2c7fb61261728b07c781a27a262f3e5c52fe1f028da55d2dd8bd6cce26319830a25df68982a4b8b80e2cef9356e021ead7eb088 |
/data/data/com.ear.oin/databases/MsgLogStore.db-wal
| MD5 | 3e1a0801db92bd691723ebceabe76515 |
| SHA1 | 8b7d90d0166fb14b0fa0100c84010ff9c1ffc7a9 |
| SHA256 | 0861309dd7c0f8ee419a6d5cdda8ce300aa0c853816c124edd7ba52bb0782979 |
| SHA512 | 3f86dfd5c47f2dba34c918e2feb4b2e2ad38b8100f7358b1b94d5c2fc0b9711839031532780ae7f1e7b3251a012942fa7c5679882b4743bacf55a18ca08d37e8 |
/data/data/com.ear.oin/databases/bmob_provider.db-journal
| MD5 | 4d74e90602dc1bc88e2905a594891eee |
| SHA1 | cce9cb88021525aca0af883495abff69a3e40349 |
| SHA256 | 481aea7cd4299a86dfe398ec772c68d0b114fcc69f9b938f53d0e4f57d5cf807 |
| SHA512 | b785c898c9c69c26b296c2a4a5f15157d0d25d01f492526918559f4db704c1f3ec3a0aa86c89815d7028f44a83f37456d908438c414403b6b3d6e94f40f527df |
/data/data/com.ear.oin/databases/bmob_provider.db-wal
| MD5 | 3a8aed97a279a91cfc07dcb2fe623381 |
| SHA1 | 5190cdc584f5bb6b85646859ed7bc451c6381a3a |
| SHA256 | c4fa991a8b08e36a492cc1192736052790e2278c7c2c0af2ef2a0813b4f5a885 |
| SHA512 | dca483de75c50a7c1613240e6e679d72d1c2baa70e1052787260ed405b8450390fc31cca8b78432443baf852b9f0eae5e1539c55d94d021ac950447000b3ca49 |
/data/data/com.ear.oin/databases/notes-db-journal
| MD5 | bccce26d3bf12064e5c4db2c18d0c657 |
| SHA1 | ea1da2d31cdf4396e70615727515213df50bef2c |
| SHA256 | d019d10ebc8d9327c1fc5f32711ca7b9851e111b45a7b480e752e74ce210d243 |
| SHA512 | 8d89d83742e58944e4aae4a59cc53b5f3545287d6d6e95e3c277a398eed43ba18a6bd04bbdb259b740fe7e2073d572fe265d78ab0fd8dedb38d474b520ee4f0f |
/data/data/com.ear.oin/databases/notes-db-wal
| MD5 | 5cb285ed0f52744ba6a163c160af28fa |
| SHA1 | 12bc6f085e6f431cceb76336a8e9d747d604f9af |
| SHA256 | 0271a99b81bbd4a7110af34bd3b021347e06f97dc56caa040164c8287e8aa64d |
| SHA512 | ad01c7ebed9f9f2878ecf3235b56d9c623b21a964f5902b9362b79cfa8deef7ab6a57b6c4b634f585cbaef817c062ee2dfb85b285c3039fe130d7e5524622ade |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 06c51c4dc81e21bc9b98285f4559af5b |
| SHA1 | f1da7720df4a82afe0754774aab1ab080b025b3f |
| SHA256 | f2d1830f2bc7da7498d89ae83147ec8ff2f0ba60910da9eb032a3aa0b12733b4 |
| SHA512 | 77232e03bee1ead941084be2d93a3cba20069be530844502ef3b669ec0d324c5569c1466a9cc52036c708dbe68e768a88a96edd966d7c3e31818d90ef5be9b3b |
/data/data/com.ear.oin/databases/accs.db-journal
| MD5 | fa1448d3f7a07c0fde648908ae1e3781 |
| SHA1 | f5a8fdafe7c11c7f8903bacf8e62bad2c2961e2c |
| SHA256 | 35f763d45212c42015a996637af1b93255a7c6f5433ea5a853498d15806b67c6 |
| SHA512 | e6cb0aa1694940b0418803fec6af9b6469f7eda246821329dce1c5ba433649c9fd4a731363b6701c45262682abfa8f74b984c4ee739e01fa62556db85dd047b6 |
/data/data/com.ear.oin/databases/accs.db-wal
| MD5 | 213673c73c488583643fba822c99890c |
| SHA1 | 89823d973b14bed798dc311aef19a092a8080ff9 |
| SHA256 | b4adab233438a73fc36ccec23e4e984655244cdf24570bd499328a4056c337ad |
| SHA512 | 002f5a81e49acc8d8efa834111fe73fa6b8ac73625dfb81ea9db9e134e4c2e3cff6ad76cc4104c13df8987d23d8e2b2fc89d3517ad6c9766df8701e3d158338d |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 1d605811ccdadda7865075a73dc4250e |
| SHA1 | 6e548eb85e2031bcf8b5a72e31f854181a4b5d36 |
| SHA256 | 9072d52d30fe36cb260a051cb4d262d72975aa887fbcf88180599cd52a70ac64 |
| SHA512 | a9e0ddb1978e08a06471c9e078dd42e378cfd7821a9d3e8c4b4803c9e5f402754b38105bbb8956e80d948f14429d8670e688656860c017f9b4a9138a7f2ae9a5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-01 05:32
Reported
2024-06-01 05:35
Platform
android-x64-arm64-20240514-en
Max time kernel
3s
Max time network
132s
Command Line
Signatures
Processes
com.ear.oin
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.232:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/user/0/com.ear.oin/.jiagu/libjiagu.so
| MD5 | f380717bd1e3916c7b697fab8d46c5d8 |
| SHA1 | 04f51f0d16097214e38be517d93be44cb0603a88 |
| SHA256 | 8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc |
| SHA512 | b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e |
/data/user/0/com.ear.oin/.jiagu/libjiagu_64.so
| MD5 | 585208a50849d74967be092bf41ab7ce |
| SHA1 | 7b7105bc642c01784e7a301c5008f82fc3d4ec44 |
| SHA256 | 38cc9d02e42be8f2e0dcd69a0a826f9517b3381b4ca24eb1769c2880e7460a37 |
| SHA512 | 9f8b659e91f2c40eba6bd82a2d3ecdf0dffaa9a211f0a64fd52ae8f8fa713d2ff9dfa48a94e654d5797e0304ecf53546d828085d9b96b6d3a4c42131405de7f2 |