Malware Analysis Report

2024-10-19 13:18

Sample ID 240602-kz5slagf9v
Target 8d8cbd5a3c59fc9c852558ca0f993c47_JaffaCakes118
SHA256 1826e25f4ebdaddd4b8c8bfa2389290b5b10ea2000357e4ef339bea171c10e33
Tags
discovery upx collection credential_access evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

1826e25f4ebdaddd4b8c8bfa2389290b5b10ea2000357e4ef339bea171c10e33

Threat Level: Likely malicious

The file 8d8cbd5a3c59fc9c852558ca0f993c47_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery upx collection credential_access evasion impact persistence

Patched UPX-packed file

Checks if the Android device is rooted.

Requests cell location

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Checks memory information

UPX packed file

Queries information about running processes on the device

Queries the mobile country code (MCC)

Checks Android system properties for emulator presence.

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Declares broadcast receivers with permission to handle system events

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 09:03

Signatures

Patched UPX-packed file

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x64-20240514-en

Max time kernel

15s

Max time network

159s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
GB 142.250.200.46:443 tcp
GB 142.250.187.194:443 tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x64-20240514-en

Max time kernel

5s

Max time network

171s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 pandahome.ifjing.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 142.250.200.46:443 tcp
GB 172.217.16.226:443 tcp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp

Files

/storage/emulated/0/PandaHome2/caches/navigation/navi_card_site.txt

MD5 14adace71e0e91482a993c6bf1698756
SHA1 614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256 eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512 b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:03

Platform

android-x64-arm64-20240514-en

Max time network

10s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x64-arm64-20240514-en

Max time kernel

47s

Max time network

170s

Command Line

com.nd.android.pandahome2

Signatures

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.nd.android.pandahome2

com.nd.android.pandahome2:hilauncherex_start

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 stat.ifjing.com udp
CN 103.27.6.115:80 stat.ifjing.com tcp
CN 103.27.6.115:80 stat.ifjing.com tcp
US 1.1.1.1:53 log.tbs.qq.com udp
HK 129.226.107.80:80 log.tbs.qq.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 172.217.169.46:443 tcp
GB 216.58.213.2:443 tcp

Files

/data/user/0/com.nd.android.pandahome2/files/channel.ini

MD5 07e580fd8334a4492b256f3cb2e2fc52
SHA1 0017c973a14c921c20739b41342a108de599407f
SHA256 a0c22e7b40e7056c4f59d33e4ecbdee1b501ed348b239a43ff437a29317e5b42
SHA512 566cf172e9b36a1b1dad36153bad7735506192340cd576efa5a1c656587776b842b053bb0f1e6e70802f33d5c58587faf5c76afe3028199b3fe5de2959714fe8

/data/user/0/com.nd.android.pandahome2/databases/91analytics_v4.db-journal

MD5 4bf84364e64a000fe77f22d9e51be0d7
SHA1 f793e114ef8d04bf44cd5065849a5f68e544cc58
SHA256 8be1fa3027b4d122c4df15c48ea98898b63187f7e071e687141593d0e4a242e3
SHA512 70d97fdbb99d1350895415cdf17e1c112809c15e0f1d54284b169814b25bf8868d10e9940cd689bc806bee3f2035863516e454f8b1db330a9b065ac95b39951d

/data/user/0/com.nd.android.pandahome2/databases/91analytics_v4.db

MD5 29f909caad59c8ca003d67b4087b2d6e
SHA1 706457650854189cc7cbeaf0f759959d5fb742d9
SHA256 f116b7d7971124fc4aebd4be5bc533169f12abb2491804201fe7c8cf4684c613
SHA512 49ce1ffcf604042caca081f2bcfb4be1dca328e28d35ec1cfed76402e79e1e3a9346d6f7bfbc91416f7930e930b0c7aa7a84467278219391b94ac87f3980d59e

/data/user/0/com.nd.android.pandahome2/databases/91analytics_v4.db-journal

MD5 de34a1a7bd1a02816f9fd951c42467dd
SHA1 f5bb69e1a542f271a4e86868fe6043361bb8af02
SHA256 65c6e5d686d135184b3a57fe4876eb7936481ab953d3eb59cd723607fcca984b
SHA512 5d6452a6645e0e1a6660521567126aba36518ccc0ea997e9003cab803e335d49d110da4cd0c77a150ced576f4e82cd3fdc40d18e49e9aabb92c3e179f0cdc227

/data/user/0/com.nd.android.pandahome2/databases/91analytics_v4.db-journal

MD5 055824cdcd0d62c422cb30820be63329
SHA1 0e003af5a7e3cb5c085d9838284ee5af2b7c5afe
SHA256 874115fd4dbe40fb3b466266077fac2b654a9a30481783a398ae09827be52aec
SHA512 7000c4f7dc5b9a3cf621e8c2f59164cc5dd5d892840a08b9d7eb71f2c224df64c30259d5caa5ba37c75644494ca92d7b706388a43a823d44977c8b8f62a96c8c

/data/user/0/com.nd.android.pandahome2/databases/trafficmonestats_v4.db-journal

MD5 9d1312c0ff319ed45f00ba8260aa79fc
SHA1 4897e486994509f9ae214fa98fd8a10f3f419151
SHA256 2840db6e2c5d8226388fc5e207c9e1a450c28cda21dcf3ae7bdb869234d395f8
SHA512 47dbe1ff8d0fc8eb5d6cbb421acd43cd3047245821e5efdfaea1d77dd6c63f3f15e3d459f673ba97dbdc27eb94bfddddb37ccab5f58f2a55c527a4d1f9d1dcb0

/data/user/0/com.nd.android.pandahome2/databases/trafficmonestats_v4.db

MD5 efbd8318fceccb8a876207bde580384a
SHA1 dc9346491e960c8dc5684c595d9dbf0d9d7b232a
SHA256 c153cef89e9986e0707472894fb2426de87c2536ef49a90280dcbec6b3af65c1
SHA512 9eb97ebfe38063d138b23c874b1d3d4ad31df0bcfc378de84ad27ad79359465e08be071cb597daecac4824e566b162659e500ae9a8a19dea815b51a571012ee1

/data/user/0/com.nd.android.pandahome2/databases/trafficmonestats_v4.db-journal

MD5 fadad1dadb32c264da4dcda52695501a
SHA1 7090d6d4450661d167dfb3dcf874d3dcc1d7b58f
SHA256 87f8e12f1f25a3eb52ac51df3e4101f63e84155d0b62db7cb110af8b956c432e
SHA512 a454a2cd3822e28d24c287770d1cc098e8ff2d5d0c7b7adabbb2d8b8a5edef3a462e02762b4261fdc1da11d74ca706c80501dc550f273e06cfd1827ea162842e

/data/user/0/com.nd.android.pandahome2/databases/app.db-journal

MD5 4a997eb8b00935a001f3d4deb7ac1edb
SHA1 0f08425113a8d023af4dbccb29c5f8e012e9d70c
SHA256 2d26e7c2ee94c5efee52718c6685cf1c8c1da05f90ca13670e6bfb8935c68c2e
SHA512 f18a6f7142885820321af8baaa44fe3f9c440f9eec6bc8b195e5e26295016b4a6f208aaf9702dab233b4085ae9c7ff646a307b94017df712ad699611585f3636

/data/user/0/com.nd.android.pandahome2/databases/app.db

MD5 2c0b2c7b7a59fd8912c26391637c1e96
SHA1 7f12b354e2d13c543bf97c5bbcc4aed99485a74f
SHA256 647994a14dcc350e6cb09bd7164828529a468344485cd3b9affa03e6cc32caea
SHA512 4dd2594f7820317c50f85a0cc2765bd690fe2408615bfc3eddf8a7c45b6c9742279525f3d9f6928babfc6b61b7562fd5e6b412d9a9a7395c44f41ab5c91dda78

/data/user/0/com.nd.android.pandahome2/databases/app.db-journal

MD5 f577dcd832d332037e1ef399ccc92d26
SHA1 82eeec70dcfede79cc53765d974d94505df0fcef
SHA256 e1eda47d24485258887d15c5ceb38b2ff0b7df1cd6204ee53177b53a1e79ef97
SHA512 a15c3c6674ca55e6910b7c4db3110a4f171f8fa24ab8087d6a71f8bd20eb39907027eaaea3b395a961cf667580b8ee33b917bb694c444ffd1392b372b8f6e4a8

/data/user/0/com.nd.android.pandahome2/databases/app.db-journal

MD5 09c45bc98b77c4caec780a42abeaf8ca
SHA1 d2a6eabea5008a5fd2ee495b5d3e729c42f60d89
SHA256 1d9e37354fcd4df4fef68d32429d4389ba5bde1fecdf5a793f4312197ff453f3
SHA512 18d0e2c32dbcd4cb58fd55191d86a3e943f7baa55da795369a47f295a7b703e1b87d127d97a501732ec717990cc2b1676268d2e830010bd80c0828e9a71a42de

/data/user/0/com.nd.android.pandahome2/databases/trafficmonestats_v4.db-journal

MD5 e7f9d8bb37ee74a85ae080d95c3cd873
SHA1 9837c128b06d447cec3ac19f1f9418046a23c98e
SHA256 0bebef486e65bd14692800642713063dead49d63dade638de416d70911a48413
SHA512 104d79668cd0fe52d1da6aa32e00dfd439ee50706ca3c5cbe2ad7f2a3623a2e9385461d39d9b5ab64cf1437b9d69b1922d3fb45e15b6b8fd60badec785f80012

/data/user/0/com.nd.android.pandahome2/databases/app.db-journal

MD5 c0a003c6c12a5bccc66aea00d387dc51
SHA1 f750a23f6645fd42dc33e1649389c169db580067
SHA256 86230738bc69b4591cb9fd0c9e7e46f1cb5c54a3094c7b7b8f1e47389a9ebaba
SHA512 98c3fab8f9043d23f73429e7196c896ef5c2a3de84de0bd2130996d38d8c1c2db8a700ebfc8b3b549f3d515190e0e5ae5589c6c1219b0a994f54d903bd88770c

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 ba364b48e5f3588f3aa1fd9883e095c8
SHA1 68ae766a712a305e1472f2dc5e2b099f486288b2
SHA256 35b2a405e487946324396c1f2b7aaff0221a86e689f17284a5650271ae4a5c69
SHA512 07100d916936e875c97be5ba832192ac68d53037c3a3be22ec2e5b6a633d12bd945d2d78aae417277bcd2698b34d1f5c7ddfecbe1b6e10015aba6d81e4f7171f

/data/user/0/com.nd.android.pandahome2/databases/config.db

MD5 4a14fbd315636cca10abe3ff9f9298dc
SHA1 00e0a534c074b962ed19c13553e797d4f2c4e5b5
SHA256 1941c863e79d3e1713cef820d7fe8137ecceb8c44d1ac84a25b250c6e9d3b4e3
SHA512 0217dcb512a654dc04f89410bbeb57444b0e49dcf7078ef5d65ef221d243b1997b05706724e390ddf72c2139c7fedc5f11c12312bfe8fd5ee2c3b36020d09a9a

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 7dcd6664fd8696ea6dfbe0485a192b1a
SHA1 0a3d3747ddead60019802fcc5b85ee38c7a93a97
SHA256 20686edbc2f3d7914573b3e7a5e0bc1a9ea7a6736c50d96882e32cbcc66cdcf3
SHA512 062593e4d56c93243d6f9453f8574f43ab7c3103fe4e025c57791f56b070c9d0d06247a841d6c5880ad923636ab35a2bd0f4c8d983dbc2510c871b1c5a918a94

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 09251780cb4765adf1c7c64be8d9fd38
SHA1 7ecc3e9bb0b22c9e4b0e56770890db06540e19ae
SHA256 0222c24ca39b5c76d27fde76e079ce95ed1053517373c253867c5d9723e2d6f9
SHA512 28d32ff7737a0fa47b7d3ad3fc63aa7e1bfcc531a4f9b6bf95013b1fb06a28187f28919e14117220318d3ddbbc3c6eaaf681512460783b800322284be834cd83

/data/user/0/com.nd.android.pandahome2/databases/scene.db-journal

MD5 c8c2a96f5faa8b6d2d1794aab597517e
SHA1 216ce573a15aa73ed6fc4e118065c90120d70304
SHA256 42cbfc83460f1c6ad3d7ce5f5846a35a96bcd72231fac5ec29245b3d54b9d202
SHA512 8f1f91736d41aeb38bbb28f84584834062dced59483204f5f7fa20cde8f2f4b9809138d5101340ec4832df74215a3cb27e7fba3db9b96bee69612fc15b17dfea

/data/user/0/com.nd.android.pandahome2/databases/scene.db

MD5 7dd05d244094d89bd06325ad0794d921
SHA1 586331e47694337ee705e127e24e77cc7a2451bb
SHA256 0c6a35f1ebf009e6e44ef82555ccc51d6c2b7e3fa23320906f892a1859a57e10
SHA512 088b05c3df037dbdd6cded8d3f544318feb92e4e63a2cdd64ad0f03ecbccd8c0b61cd3e4026dfae7be5be3a52f7c0aa0f7b29db7b5183ad9e1e45d2de776274b

/data/user/0/com.nd.android.pandahome2/databases/scene.db-journal

MD5 63ec5e3b85c2e7c75d7e1fbb3d9ec707
SHA1 99f6e6646a70ddf2f4f74587dbbb65add7978da3
SHA256 ad5d46547f3db4a5c31d8f7d21df8f5999c8b4adb718c13c9190c760f40da0ec
SHA512 531f7833b7a1d12759db9748ca4308cdb0151cba8622353ff6e7d294e0cf22eb2acfa79fa5c72982b18495331e3e9aa66ce7d2bf8dd35eec929a0a238f0ebf24

/data/user/0/com.nd.android.pandahome2/databases/scene.db-journal

MD5 8beba70b7e762e307ba80840ba8743e5
SHA1 10096bb1ff8ed008ccbd2e18b7bb2d3b200b1b5e
SHA256 ae19170f829f8d1bc55a1ad5e56d7bfee312e9be2f6ffd4578eefc81ae12ef87
SHA512 949ee70eab1d0fd8eb7b276c45218660eeb361f58f4a1a4c6d457f3c4667e4278c1f4ba3851cb0cc83f629b70f13901816d2b1c6261cff17125f4c70fb8fc559

/storage/emulated/0/PandaHome2/myphone/wallpaper/Pictures/default_wallpaper.jpg

MD5 2ea8ac898c52482fc5b44a459935222e
SHA1 5f3e1d8593e346e3ebc4cbbc83cba3324d2d4516
SHA256 e1239d5bef4984d8f4f45312c157c4e261367593802e019fb15907140e10fe61
SHA512 1ed56610eb3e9e87d8ac827007b3ae21ac9c7ead12b556d8115ecc96b46a7bde9fec7b4ae06f1863c4ab158faf988ff5ba0cceeb6204d8e56993413f5ca1b65f

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 34ffc8e953233bbd2b366c55b2297c15
SHA1 4e63ae2e721b3d7867df6bbc2d955bf8755fda3b
SHA256 c4d5d736c7c2b48712ab30df9447e7d7e03c69eea38b110817e90fe98188a554
SHA512 cbf80d1141020e956e1453e093aabee770e1b05f52b7cd9b77984962f475a5243d5c05b4b16fd7bfed9334ded844524a34280c59b15a706f41d1a8eff94f22d1

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 5f19642b413d31ab5d635a3691b6cd9c
SHA1 c458d0f53ccb42a2237be915f8f61fa28cdf4066
SHA256 e4ae0fc73b487b238fe7ed62d5204fb0752f8f1fddb42aed33d145edd6a7c0b8
SHA512 41dac5fa054d63a9647b4635681f273518fd35e3292d3710ea5eb3e6fb7146aaad28fb0ec72af932d30351da30d36e09684587024503a922f7252c01581e427a

/data/user/0/com.nd.android.pandahome2/databases/themes.db-journal

MD5 4f264dc0a4875a89ceee749262b3d067
SHA1 bbea97f970b4059dda01677a008335ddd802dac7
SHA256 da6b7a8816f3ffa7092864846767a7388737fafe5b00d3821dc60ebe6e5bceba
SHA512 7293a0c192bd8716cf4468b15ea3c9efc398ecff04504f4495d8274f4b85d355c109e8b0aa27926e178416a4678ad15a7b53fb03c7078c8b299df759bfb47450

/data/user/0/com.nd.android.pandahome2/databases/themes.db

MD5 f9cefbf77dacd84c867ccf51a19ec5d8
SHA1 593faf693122d87c3db48f4c5f1c82c39a01f90c
SHA256 9a5db59de7e32023406adb68fd84e0d2d980f0e9cb985ca576039080cc4fd9ae
SHA512 133384e3f0cd76a27376d4c78ec58f7042cc73e65c2089817b48d003c01062d824e9e36a26502bc28ce606473e4c7e143e3a283d12fd8a1cd08cd6796e32c2b8

/data/user/0/com.nd.android.pandahome2/databases/themes.db-journal

MD5 4b8b04682a06bde835f37b68678ca2fd
SHA1 40d91ff042ab6d7e92a040f93439966df462f96f
SHA256 5ef32280ee40847a0943d3dd4c12eb2663363c182807611146cccbe1a71fb117
SHA512 fc79bd599f7650a79d56531a9ba4c2ec490fa01fa09bef2da5020d059ac76bb4044ec8600b15b80f2ba37726886f3ab48fcf47a0912490f30197bb408768e4de

/data/user/0/com.nd.android.pandahome2/databases/themes.db-journal

MD5 19837126aec49e72b4bb8b2182175fd4
SHA1 fdc2147a30dc7a97263ac2cc1a67c4fe472fbf5b
SHA256 7b90762594f3aa4509e1f4cb842512c5bb9a1f30549d27fcea542e3810b5af74
SHA512 48ca2d0dfc1d8e0b7bad74904b231e0ed9b0357fbfac6cf43ed97b09e711b7e37b831b5976a9d777af5bbb3a7a3e4064faef4365876ed4802622136de7151a8b

/storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 71b8f242f585a1c1593c6bcfb03c8569
SHA1 9ca9d3ee4090be4049a72004e29af229bcc18fa9
SHA256 24fee497ed88adc422e4ba9a31903731a2d2197ac8068fdda212a09a65c12e1a
SHA512 c8814d0e6c810cc83c1a5b043ba5246a427af73a4f14a3aa1c151c98f947525d571fc1fa4898cfdb19e1a945895f0b4a6905cccd39824416e4d19884c07e66a8

/storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 27ff769ff34ac44784e59445b9c6e24e
SHA1 58478491ed6dda5045dca6de6cd58d17488c1d9d
SHA256 64eec62827a1d0b21abde9da8de662107705091625eee63b469f79753d4372f0
SHA512 94d40f8b8b5b87a2dfae4b4fd94be82e718be4c52209cea5c5c95b5959d72748be0f6a4ede5028e88fb6bb4965b48283c00a1e96a80f14c1f84205bf4506ee7b

/storage/emulated/0/PandaHome2/caches/imageloader/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/storage/emulated/0/Android/data/com.nd.android.pandahome2/files/tbslog/tbslog.txt (deleted)

MD5 edabfc82d10e30c717d0836bbd41ec51
SHA1 9616db81c615bcaf1ac624966376a2a28fcfe40d
SHA256 68597603c28d73f897f80c0fe88e2021d038f079a3c8595df63124868b834e76
SHA512 30815721b7991220e2128a34e11f3b606686f57439fc3d290133760e758c35fa13138eea1bf485a0d29215a482ee6e4de5f2bffb9d3ad19f1fb6f455c59a660d

/data/user/0/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 432ab08712c05039a42fed52bb0a71f3
SHA1 e56c0742426dcf7904eefa8fe838c8f79b04b350
SHA256 c26cc188fe5e74c0ff45d4902c4416e8ab2498650fe190d7e6cd6b15ef944dca
SHA512 45b117b6343ac9a8a3d2924c5f134a1b99345daf1bfd0d7e8ba8766675562f6afa9a964d3d9f242d8d710b465c5f7c8b1078553a582db552540ab6dfb2ff8a33

/data/user/0/com.nd.android.pandahome2/databases/launcher.db

MD5 72fd5cba967461f21b74491b1e6ee9ee
SHA1 57672242bba20aca3550379003d4296f288fbf37
SHA256 4cfb5f95aaadce1868d2f11ca9f061081dea5c21db403180649e9e1338352ad2
SHA512 32c4e270e6e4565bb03e802012cebb12aa7fafc0ad7411010cd0bf2954ca65c9b97b3d42a38c99b5f1ed9ae1d84384851ea8ffdc28052b4990e0c13ddf4a8646

/data/user/0/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 f59f7baa7c8c95399185157bd0f55736
SHA1 e9b34de2c8f03520223917e92fdf3c5c81d91170
SHA256 173f82a3087c3c1fd245d76a3dc153b478cbc154a4e1cd6a22545f1bf066493b
SHA512 37cfc01667cd4a22c5e62108e5b3e46bf66c4aaa8dee3cbd0a86262c82e09cd42214b9e3fd3b1390e71d8efd887f43e93acbdff5e675fb2562343fa75469b7e4

/data/user/0/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 1ada0c288694866b0c4e0cb2c90908c8
SHA1 e7744c5e2531bab45f59f5d11e14bfa1e0274c20
SHA256 df1452ffb5b50c95936536a1563c5b2000dc67a558a4e22bc594e0da4d0fde6b
SHA512 3a92ee6d766d9e840147a7e6309a52dfaa1bfce8e3bb8a7cb0bf94a353e6fba873df613376d23a7ba0131f2bad39686b464515ec813e91d2452f20c0903d5639

/storage/emulated/0/PandaHome2/crash/crash-2024-06-02-09-03-48-1717319028664.log

MD5 caa1f0f2250f1fa26ed2a0f032941bcf
SHA1 bf2ed65123d3610394355a09fe0b243511f631bf
SHA256 5e0f2810822f528c4b97f42f4072add8a1725686ef4175b2cf31dd4b2015e54e
SHA512 d656ddc552a4ab0f7dab2ae4348bfbda20b9ca7d765bbe03f60847bdc6e41e451533cc721ae7a7e923b1a143d9f7ad8c12e2f9d4bc692f4e2991c279ec90009e

/data/user/0/com.nd.android.pandahome2/databases/config.db-journal

MD5 3eaa431c9c705515e2efa5a2c0ee1889
SHA1 240e85d564a6f8e64706a94f2d70317f1e3a7482
SHA256 d55e074f665496c9012d3822c5f8521cdeb7dad3d4606d1d21a5d817e4af38dc
SHA512 1739f745bcc11f06749e25c5e4506a477ddeb5603bef327fbcee54602c4fa0a788f885c98c627853925a474cf08219b709a65bec026c79867c5a5769f56a2a02

/data/user/0/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 ee2d0865f02b20f3f8a751ee5bb3597b
SHA1 755d480d1f35b2a514cb4903aa7eb2767d92b2b4
SHA256 a35fc38e0f2982694197599e3c51e8fee94cafab4eb209153d336ba57682a435
SHA512 4f99beb968744c1bfc917134f4b25f3dcdbc3acb6dc65d3c136a6db59d4fff0421e71e5307e7e8965268bc566f81c541e9e74a8dc8c80f1793b17fec164b450b

/data/user/0/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 494db8fe545e4d4e55638ad2ad9e0272
SHA1 c3740167985f4648e2156d37989b3ed7c80ba289
SHA256 72fc6e267d8634f93b40d7eec1d66cc54a4b8afa375049a20598534a05a1e0e8
SHA512 216b3fe142983d401e36277f8b1ac3399aab296b766cd895e75d73a645020fd7541d814dea410d30cd82bd9527c9941ff8af4fd8ca70bc74fce4aaab33147e27

/data/user/0/com.nd.android.pandahome2/databases/app.db-journal

MD5 83c3a48eda204235eb276e8a95512997
SHA1 1037c12bb8af36875dda0ea2cad766aae932d717
SHA256 f9b92f6958e5964257398e4e991e048410462ef61c1474b7c1a8e2768d29f8e0
SHA512 e9e32738132fb8a8947e987cc082dbdd3df4e6e31c33f75361de47ea4eeefc6026eac012b8cee9c9160714e47aeb5cf35dc9dcdffecf819df711191903b76bc2

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x86-arm-20240514-en

Max time kernel

14s

Max time network

155s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.3:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 142.250.187.206:443 tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x64-arm64-20240514-en

Max time kernel

14s

Max time network

135s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x86-arm-20240514-en

Max time kernel

4s

Max time network

135s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

N/A

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.178.3:443 tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp

Files

/storage/emulated/0/PandaHome2/caches/navigation/navi_card_site.txt

MD5 14adace71e0e91482a993c6bf1698756
SHA1 614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256 eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512 b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x64-arm64-20240514-en

Max time kernel

4s

Max time network

165s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

N/A

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
GB 172.217.169.42:443 tcp
GB 172.217.169.42:443 tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.200:443 ssl.google-analytics.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 142.250.187.206:443 tcp
GB 216.58.201.98:443 tcp

Files

/storage/emulated/0/PandaHome2/caches/navigation/navi_card_site.txt

MD5 14adace71e0e91482a993c6bf1698756
SHA1 614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256 eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512 b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:03

Platform

android-x86-arm-20240514-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.42:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:03

Platform

android-x64-20240514-en

Max time network

10s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 09:03

Reported

2024-06-02 09:06

Platform

android-x86-arm-20240514-en

Max time kernel

168s

Max time network

195s

Command Line

com.nd.android.pandahome2

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.nd.android.pandahome2

com.nd.android.pandahome2:hilauncherex_start

com.nd.weather.widget.WidgetService

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 stat.ifjing.com udp
CN 103.27.6.115:80 stat.ifjing.com tcp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
CN 103.27.6.115:80 stat.ifjing.com tcp
US 1.1.1.1:53 log.tbs.qq.com udp
HK 129.226.107.80:80 log.tbs.qq.com tcp
US 1.1.1.1:53 ad.ifjing.com udp
US 1.1.1.1:53 pandahome.ifjing.com udp
US 1.1.1.1:53 appuse.ifjing.com udp
CN 103.27.6.115:80 appuse.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 appuse.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 appuse.ifjing.com tcp
US 1.1.1.1:53 hltq.ifjing.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:80 www.google.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 log.tbs.qq.com udp
HK 129.226.106.211:80 log.tbs.qq.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 tq.ifjing.com udp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 tq.ifjing.com udp
CN 221.204.43.57:80 tq.ifjing.com tcp
CN 112.84.131.63:80 tq.ifjing.com tcp
CN 112.84.131.73:80 tq.ifjing.com tcp
CN 112.84.131.73:80 tq.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 113.201.158.118:80 tq.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 60.221.73.220:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 42.7.60.191:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 221.204.43.57:80 pandahome.ifjing.com tcp
CN 221.204.209.105:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 60.221.73.196:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 60.221.71.245:80 pandahome.ifjing.com tcp
CN 221.204.209.103:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 60.221.71.194:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp

Files

/data/data/com.nd.android.pandahome2/files/channel.ini

MD5 07e580fd8334a4492b256f3cb2e2fc52
SHA1 0017c973a14c921c20739b41342a108de599407f
SHA256 a0c22e7b40e7056c4f59d33e4ecbdee1b501ed348b239a43ff437a29317e5b42
SHA512 566cf172e9b36a1b1dad36153bad7735506192340cd576efa5a1c656587776b842b053bb0f1e6e70802f33d5c58587faf5c76afe3028199b3fe5de2959714fe8

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db-journal

MD5 65179f7dc7b8d6a474e08db59da0ee2c
SHA1 37780f162014f6a2c1e49feaa04cab3305e9a15a
SHA256 2dec0ce386de2a3d934d7fb23ad4077bfcfd6fc3d5c924e5f0d11bc605b68894
SHA512 f8b3a1b2319c19626c116921a12fc1c6ac70c096b44434892f701727f85b0c1064e80627ebf364680c76239f4ec046add557b0ab957545fcda3535231bf2e4a9

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db

MD5 20e523680a1cf04b16b2744d43ec4c9c
SHA1 5dda87ec0599338973d2d49ecb82cbaefe90eba2
SHA256 3f37f8dadb9e9a002438d78f64a6df53567cbfc7e9e0384348bf3d8e212b1df5
SHA512 7085d65a99ae3b115d17804d57cd574d84a8144cf18e8bbd3c6c5d39929cf52502a9ddef616814f441e1fe36081b33c660962433a8f65fec872a63d98b4d21e4

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db-wal

MD5 b0b9b32ffd3e215d30a0aabaf17624d0
SHA1 1257b247d42440ef1c3f776d678f532eaa2c220b
SHA256 3972a3dacefd65a68a47ccd0edf3beb17504e895d98ad80c792e247c1a4767cf
SHA512 c9ddbf576c820a29c5d8607ded4eb7f3f8a7e01ff674628d3e46f24f781022302d2d189127454cebec863bb1dbda648c632bd4fdd336e465ee6f911281d729fd

/data/data/com.nd.android.pandahome2/databases/trafficmonestats_v4.db-journal

MD5 0f97ba468cde077e0422f0894b6cd445
SHA1 61d6caf9ea2ccfb37b5336d5a2bc3949b0f43598
SHA256 ada446fad6d27ec1db7aacc1a697c7af887fb0ee16286425a83749df93c427d3
SHA512 39942b5143fa126700d551d6950c5d5a5fc133e0311aacca2db75868d0cf4037368f713517d338eb777751181b8378512196aa1cec82c53db247b7d47d45c575

/data/data/com.nd.android.pandahome2/databases/trafficmonestats_v4.db

MD5 1c4274aa7a9a5cac8c6d1df71e4588c6
SHA1 abaecd685e01cc68801292e3dc7085654a22feba
SHA256 3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be
SHA512 1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c

/data/data/com.nd.android.pandahome2/databases/trafficmonestats_v4.db-wal

MD5 7471b386d48d976740ba319acd6e9d10
SHA1 86b849422cf2f7039369968c7afd4fb35ffbcc9a
SHA256 b3e65275f78b00014fab7604b4e1c843819ad3d7dd13dd72f4dc039402393912
SHA512 916540e1653c5529c58e41a971517e26cd882c45f23cd00ce7f47314876494f558435c408a1c9580aa43cd6f1d3324787a14ffd61cabebc80db6318052df2722

/data/data/com.nd.android.pandahome2/databases/app.db-journal

MD5 59fd37f81fcc49a7e5832cc1a839caf7
SHA1 b38880f5a3fc97c11940c486340c31b58139b132
SHA256 03d9eac64a0385dcb4f4bf766d12c9320aaa3065bf44c9c4d9824406122d26ae
SHA512 10d1b231636ff17498b7faee84fe6b6e10cdf80abecf260761389dbe748826cc89abc7fae64e8d3173816f069289202b2bc602c2940956a71cf2258e4e5cbe7d

/data/data/com.nd.android.pandahome2/databases/app.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.nd.android.pandahome2/databases/app.db-wal

MD5 fe7dce10265b2d92c6eab2f9eb25490b
SHA1 9941062dbf71408f5d42606e43595a441f99d824
SHA256 3e4c839bddf8b174267a6e3dae61851f348b120754ce942869d60289519b3f6d
SHA512 a1fc792a65716e647707d6b90a0293945adc0e0b1a3cf92525ed27a9d351988029d29a56e8addca3c53457844465af2d9cec79ce84870720b1c21b4feec10407

/storage/emulated/0/baidu/.cuid

MD5 39527d3a9b7f1ac412c42cc2123706e4
SHA1 66a1eaa2378f4c726f3d9184bb1f1d481795974f
SHA256 6292ea21aee83d4cff539bcaa2cc442ca606f7f91fee61fdb890f610ccbde3ee
SHA512 8ebe1955c869d3b51e222da50928edad6dadc5331b1efaac91f7e6bb93aa1926f5d44950b25bdab9c6cfa09fb0acadb46e9bb116720ebc94427d0453c41ac55f

/data/data/com.nd.android.pandahome2/databases/config.db-journal

MD5 3cefe0322ffab3f66864106706d151ef
SHA1 64472834d2b4994be16ff5b8b697fcfea9841417
SHA256 f76b5156fec86c371849fc8adaa347a1990d3fd58d171b0f1446404ed435fcd7
SHA512 6e059794a680f2851f22a32b2882f78d3014f58110f9d4eba0ec9738cf722d6001b9da1a3cc0ca931700a608cfb9f1ca1ceb98d1d6f5b86f0144cb2922f05319

/data/data/com.nd.android.pandahome2/databases/config.db-wal

MD5 0e4ccb81e58bcdaa28cd4d0cf09838e3
SHA1 1d3c82d37a9b5e3f57571ed92d642a25e79b6acf
SHA256 3570802fc36c62d09fba7cf456eac7d1256147fb8c5d22b9818a7d7e6602a75a
SHA512 00771ce3c4b93553c1b67d2a6b20ea31da9128e9f6cc6a4a9a9fc95444abc7ff71d3de23942811b7e55a389cc658eea214d9cc98662f2b2ce3700bf879eb4fda

/data/data/com.nd.android.pandahome2/databases/scene.db-journal

MD5 a5a0571b93c439a0cfa6db2bf31a66df
SHA1 a892f346c57befa00da12f91f3da4b910ac7e67a
SHA256 b3fd75f69155905c619ee80cac41fb60cc1091379894cf3fd4074ebf6acfc190
SHA512 171f9f101c753e90097f7773794762a18efe6ab542eb5cf660e73672ea264f79bd70d956c1bd6d6947a0a0059cc0e3b11ec7509560df03e48da357439217eac5

/data/data/com.nd.android.pandahome2/databases/scene.db-wal

MD5 9c17fe183ee00c616bde2108173e050f
SHA1 73f6ef0e703dfb5ab04906109b6b5a0f2268214f
SHA256 84e032f3f032ef16233522a0a6b4e8fd1ab98755de2ad0220f138f097796ee6f
SHA512 085ee592a31c7e115224d6a6b30635665c6836fd721831f440d4a6cc88995406c06133dedf81e379a044ff88b55ae652f246bb307dff07bbff0b9bb52cfd8711

/storage/emulated/0/PandaHome2/myphone/wallpaper/Pictures/default_wallpaper.jpg

MD5 2ea8ac898c52482fc5b44a459935222e
SHA1 5f3e1d8593e346e3ebc4cbbc83cba3324d2d4516
SHA256 e1239d5bef4984d8f4f45312c157c4e261367593802e019fb15907140e10fe61
SHA512 1ed56610eb3e9e87d8ac827007b3ae21ac9c7ead12b556d8115ecc96b46a7bde9fec7b4ae06f1863c4ab158faf988ff5ba0cceeb6204d8e56993413f5ca1b65f

/data/data/com.nd.android.pandahome2/databases/themes.db-journal

MD5 271f428366af228e4d36ba015d6b7dff
SHA1 893b7e83bace7b7e74affaf0acb41cd5ab4664ab
SHA256 813f5a6845c182b9d17eb64ab867b3173fb21dd6370752952222af7784bcaf35
SHA512 b675dc1441321f026cecf77029a5d3e73ce937f891a3d7da9dc9457951661d1cd441d75608297fc8c274a52983e03ea538b22fbad7b5ba482af15a3838576c10

/data/data/com.nd.android.pandahome2/databases/themes.db-wal

MD5 7aaee8b83115f2cc3d3d5ccdd845ea4d
SHA1 27698aa7f247aff89dba7e34949a235cb3e33812
SHA256 86704cd63db6448633057178379e8f3b87eae8201e5b6c8a340d606b2e11f549
SHA512 9356d8116103f7727a87622bbe7a8783157a93c92adc03b1e421bf7677d429c7fdba9e8d95d6122100486159488564798348077bcc74d98878aa3f72a13d128f

/storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 71b8f242f585a1c1593c6bcfb03c8569
SHA1 9ca9d3ee4090be4049a72004e29af229bcc18fa9
SHA256 24fee497ed88adc422e4ba9a31903731a2d2197ac8068fdda212a09a65c12e1a
SHA512 c8814d0e6c810cc83c1a5b043ba5246a427af73a4f14a3aa1c151c98f947525d571fc1fa4898cfdb19e1a945895f0b4a6905cccd39824416e4d19884c07e66a8

/storage/emulated/0/PandaHome2/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 27ff769ff34ac44784e59445b9c6e24e
SHA1 58478491ed6dda5045dca6de6cd58d17488c1d9d
SHA256 64eec62827a1d0b21abde9da8de662107705091625eee63b469f79753d4372f0
SHA512 94d40f8b8b5b87a2dfae4b4fd94be82e718be4c52209cea5c5c95b5959d72748be0f6a4ede5028e88fb6bb4965b48283c00a1e96a80f14c1f84205bf4506ee7b

/storage/emulated/0/PandaHome2/caches/imageloader/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/storage/emulated/0/Android/data/com.nd.android.pandahome2/files/tbslog/tbslog.txt

MD5 f0ff12a8f32c6b074eca735c1c2e207b
SHA1 32046599c78989cf0bbc24a1c37fe6c5c70b646e
SHA256 79ff76da5782e3f9b1a9b0b9bc439d6179ab066138248298b68d61e105418fe3
SHA512 2f5d9fc9a8346209ecfcd293f82c8e6b38b68955e8b059f5ffe489f0e78caed0c55e8d6e23de3ae0d3abfc843d891bf7f59c1fd0f680524c99b347167b3f75a8

/data/data/com.nd.android.pandahome2/databases/launcher.db-journal

MD5 5d3ea0f87583f950c9bd05abbc061b1e
SHA1 157102ebdacfcb81d88f9bffb7fe47e2cd04a41d
SHA256 1b3eddf3f28a54014f94d01c40b0257ab8368bdb05d4e996ed553879982db4fb
SHA512 af91ecae93b60d2d3802f829bd03f3aac18bce4348cc01eadf96e10f003500e6afecdc9c68bb2564cba6126185253a7545f3f3b380ae4d826f81a8be9202fad2

/storage/emulated/0/PandaHome2/crash/crash-2024-06-02-09-03-52-1717319032163.log

MD5 2ed0f4bb63da7b0d8d28380275e82af5
SHA1 0b63584b10e60e27eb79308775f96f4f2367c98d
SHA256 300f8c80c1150f43c62f0f015800a20175cf1889f6942eef862bc5e32c3efa3d
SHA512 087edfc391ce36fd5d3568bd21a52c32a0603224952574edc302f0390d48e1a4bd4535ed8e99110b6541533cee0042c37cb2d8bc9c244bb4b9024e8a32e3fb17

/data/data/com.nd.android.pandahome2/databases/launcher.db-wal

MD5 bc31f530cccba47723317af061577419
SHA1 f2a4022ba17f62a3b1608b871a94c0b81e0b5054
SHA256 87ab9e961170f11e5a15752b1e87baa80a063abd2ad7954c7b3df5b3954c8824
SHA512 2a6eabaa4d56390af41f3527c2c95688f98626bc3da8cd039952d1f8471dddd1e5b99cdd60008b95f4c59c197b7869d1fc56bbf542694124ae207c078973c89c

/data/data/com.nd.android.pandahome2/databases/User.db-journal

MD5 74e735aeb85ea3496341de4faa3a89bc
SHA1 4c2138c8feee3deca6a71b348062e924b969325f
SHA256 ca3fb31e4dec4920b7a9080fcbfa80be9257c0e6062d229bcf7e60f4353bfeff
SHA512 42852dae54521c8f95384f54d63dd4406b4446e11b0070faaddfb851339afae394c86cb2d1936bcb4206bfd08d6899926dfddfd8c9340d717f1e796fe2c963aa

/data/data/com.nd.android.pandahome2/databases/User.db-wal

MD5 cae046da49dab6c08f5be72a2bbcd502
SHA1 6f14a6e573a766885caea63635fc95620568416f
SHA256 4f89b10f3cf167b6e233413fdc5c67e512f832586d37707734a7403306d5ceb2
SHA512 f3f49b31b0bb201218e5ddd967be16f2d7c9f89009edc5bf06edf81b5416bc30c88d82991c0f1622420fdde6abf8cf5a0e921c85ab53da351c98634ee96c768e

/data/data/com.nd.android.pandahome2/databases/myphone.db-journal

MD5 0e52353ff60aca2c73bb908295f0024d
SHA1 3a311e319ce364e9a40fb05f830cd716dfad6257
SHA256 4f569c0701454aaf7a8faa6ade2040ce82b82b0b229192949d5a12d7f89827b4
SHA512 a374f8ebc9a642ced4295c147924cb3add7a0bb257f6833fb343ef217abe6b71fb83b6a5702ba932893fe8f17e7d02cac42a75bfd44b667b80042c64519ffbf0

/data/data/com.nd.android.pandahome2/databases/myphone.db-wal

MD5 c0e12772a58e068dca0253e4521fbdd0
SHA1 ab775b173207d060f2d57acd34a321f86b7889da
SHA256 b7ee108173257692c82701909ac7d7377e3eda8c11ef07e120f476661bcf4b8a
SHA512 6753319186d30865fff8cea4ee9f787cebcd27fabf7beb0e3357e14a88ca383b727456958d9c6b17f9d75a98c1b87085ee49961318675aa0d777fa518a330a2b

/data/data/com.nd.android.pandahome2/files/plugin_upgrade_new.json

MD5 60a819a71f1d30b9a58c46bc4e4eb5e4
SHA1 d4e7f5dce67df01a51f37a0b024758976b575a91
SHA256 8da21d10de8266e6e2072d7a86ae37f9ef24e19cd19c73c3de9699a56ab3e28a
SHA512 2141318a790402575fd6a7871205240eb558aec3269a85d9f1e439cab590bea21364e5c1b4d506eb00f86c630e474dbf354512cec4cc087138fa1736591d4439

/data/data/com.nd.android.pandahome2/databases/mode_db-journal

MD5 b2154c7f74de15565083fea647d780d6
SHA1 ea1fa0432a8b872b5380326cc4599263a0a4f12c
SHA256 97644f0f4ea2ccae16b2e16f036f5c7e03d196f92bf6137b2a0029997c2bebd4
SHA512 556b622c0e9c73368d4bcaeacf55ce4455feb5b122002b5d9cd3a7e38f9ffd9c8a171c0e278c0089eab19ca80567f451f68ec609dc071d1aa1ad092f826945f0

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.apps.photos_.home.HomeActivity

MD5 4b414b7110310af12dfa98f70ff0bdce
SHA1 b9e3976328142fe3fc7e016f490e94e45b42ac75
SHA256 661276b46e451e3ecb605f1a27d3788babfa3e9b759bc4332ccc9c0618c856de
SHA512 88949cf538855edfc2db880086c0ca2ec43db1b944f843ff5adb8b4374702342d4ab188065c621c3af96c3389bd417d93d03849c31406838b218583a81b492ee

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.videos_com.google.android.youtube.videos.EntryPoint

MD5 e4428df83ced1f8c14fbee13b289e7fe
SHA1 ff784cb1513938d677a76dbfc95ccf0ccd79c51e
SHA256 9e329d3891dfcc91b00a8c1c5688430fd2d3d5309b27487ceb92bc33b19e3216
SHA512 b5f27045a6d08458e91dc86a6a8efd041a3a01fb2f10fd040816609eb5acd0a26f9118e91bdcfd6875a3bbb7f3213c713f510c99d12b4c199814753c2db483af

/data/data/com.nd.android.pandahome2/databases/mode_db-wal

MD5 c3b290d398423c6f288b341b817c10f0
SHA1 9aa0fe04dec1d3ec894b2455a7a122c08c062d5d
SHA256 0b390d501a2df9b6264ef4af1955f36b252b25b33245eaae4e611277149305bd
SHA512 8d90d8296658a34702b16fc1bc39e18c59ad2e76cfddc75c4564a148c0306c4f3950b3b90dc677dffec696fc9851e712fbd7eedf042d68066e6ac477a23e918c

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.apps.docs_.app.NewMainProxyActivity

MD5 f21be8d08f7b09daa54ce27fbafbe07a
SHA1 63ee2be5875563f5b382073516a5b52c3e7895f8
SHA256 a08552f6837f132540ea62036a214ed24aed258c68989e20004e6e23429afd98
SHA512 dcd5c92611ed976dcf0f6435b8b94bb3d4fc08dafe3fa2500396a9b9082eba5ece645a5f1006fbcc674865dd845e4ec95931386f777873f557975a6f37dd395d

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.apps.messaging_.ui.ConversationListActivity

MD5 07cb15f04308089fdcf7f7fd0dd9170c
SHA1 715d19eb4ab18c6e7a952e3f7c3e78606ad95dec
SHA256 693d8ed094f9e511fee3e6b1d7527428397fc62ca0d4205a49c62cbacd2eb1a8
SHA512 f57dbbf37f8f68143ca6e8985ea2abaa2ba9f4b69a1fe81e3ffba8e75d9e5aeb64ea8d59c5f4adb1c41333fa21cf18450b9d4adcc7b3b0eb871045ea0071fa84

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/org.chromium.webview_shell_.WebViewBrowserActivity

MD5 c1ce3d8d628e4c42947b4f0831299b35
SHA1 d1b4ab2b3dd15245260fc42610069cbf59547553
SHA256 e28ab2924d3bd71268a145b38a2797a4f6be74399a0c422b80a05e89fe809fbc
SHA512 7cd4605d8d4b91c62eae1530b042b9e5385accfc85f8ad779d1f14f08a004a7a05561a6e4b5d87debe6f3e1a7b9c7f2f8eb3b90d31d496f01b9014b619a44925

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.apps.wallpaper_.picker.CategoryPickerActivity

MD5 db917e5af038cf662e47ba090acc4c56
SHA1 49e2b40bbfc5fb5a2f431c0a268f573326a9eb93
SHA256 4c1802f8ba6b63a4eccddf1b1387240c94dd0b46c876d5155953d9c915208cd5
SHA512 b1bd3429fde18ece2a010b1835867cbd4cc9148f370523ce22c48c3cb9afcbf3d3ba3b72c90f8be1619648ff30579be501274d3d113a19c6d6dae0b309fc45ac

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.nd.android.pandahome2_com.nd.hilauncherdev.launcher.Launcher

MD5 3aa6ce5b9beb928a77f32e4fbf059792
SHA1 2767cc115d5d8116e9d591bcaed314c0a89dd6c0
SHA256 7ccff1e3618c5617906c820bbcd9a8b756dcc21d22d0e97c5e67008bc0964685
SHA512 fa84ce6cc85ec284a2c9913e1919e80b1ad516e0e8666430542a3ef58a56012cf7476e9a133e52a316774ee0e7da9d0fbb8903cb46cd4b7a4256cdb74ccad381

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.dialer_.extensions.GoogleDialtactsActivity

MD5 31ee3d1d5e5681ac38b48f64a591bd88
SHA1 ef0ea7f2bb40547a27e30f57e672c22532c93e18
SHA256 a81b277d1f673d23b6c78198a7ec8a69fb64a6141c566cdefd92ba8f071e102e
SHA512 f31c1274b3c4aa0e54145f70b5710c6b5e1f6725680a9664429b70118cbccb95c6dba95e3c1e48286593316793e87c165e1a9f4278cb96e69e1d298f460b96db

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.youtube_.app.honeycomb.Shell$HomeActivity

MD5 34cecbd6d15a07cca5953b2a25d1a813
SHA1 230c9d4d9c7c7efbd22403858697ca2263c25850
SHA256 6612f96a1dabab17d14ca141e49f61eb4e713ce9ff04d0fd11c9f0bb44fa1b4f
SHA512 9b11b092378dda893bde39b84a0e0c3dd35456035b4d7b490a5d6674c322ec76d7fa779db4ae9b0843c0ea55e5ff3c38949ef354cdc40f44409f617f007c6eca

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.android.documentsui_.LauncherActivity

MD5 ffb030886425a18dbc606da9576cf3c6
SHA1 15419d19aef876f7a3a72296d497ab62c1692ea9
SHA256 01b6afd0e04baa43d0c7bbd543ef7434f3b91b11be55c4576647375f7c554a41
SHA512 b78d594f19ad3bc7bff0605a371fba99f3028164e467c76dcee707621ac46c4d1a019d30e8824283f0029edcd60e5163713dd7a61d5491ff5414a78c5d1c663e

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.android.chrome_com.google.android.apps.chrome.Main

MD5 cfe05b70af90cd5418a9c03efdcb63db
SHA1 147df5c75ca07979be77127d06813a4d96fa6024
SHA256 c9201a5f45856c83e227140ea0882453e79836a3860ed60f4f85c73c3214b71c
SHA512 e134e6149b1ff313a89e566a0f1ec2208e144c385bb91987ecd5b428a19df220827507ac980f4701523b8e86d7b699f564bcabd9b2c98f8cc9b1fec0baaa0403

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.googlequicksearchbox_.SearchActivity

MD5 c9e529b83590463ea20d4145f97792d8
SHA1 af7d82ff7185682dc040e737fb451268c3e78c28
SHA256 98ab480276d73b0d60964bbfe112bdbed4788f2aa7d3a704655956bc59733789
SHA512 508e428a41f55beded5a0bf9a6594abc27a57d4fb5eb64fba0997d569f9c27bf53fa19bf07ec63ac11c5ed419115d63559634fc04caa0335b181b35b387f6208

/storage/emulated/0/PandaHome2/.cache/icons/v8_small/com.google.android.gm_.ConversationListActivityGmail

MD5 6bb9385ecae9f975daa2bceb50781128
SHA1 864fcc2ff497244c74f8f4b4573070fbaccdde6e
SHA256 cf80d02937bf0a58748e240b83512889ab0a3823560f4df716eddb18618b2306
SHA512 f87a3dceccc24c606e3ef4267bb5e13fb4ce5f370b07d9b423f14cbfa492993919d123cb1d28c578172b1eb458edd3b1e0ba6cb7184dd60cce6788d9ee00a250

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db-wal

MD5 dcd1acb04ea378ef9e86f935b5bbecd9
SHA1 2c182745608a5ae6a4188dc67ccc7197581dbec8
SHA256 6cb4f86b7cbf89c54ca9a69ff60fd7664054756cd399ab9dad5b0291eb1174be
SHA512 33b8ddda24e756f635a07721d4b706d155f0f474c2872a653ccba16a6a092b337f249d3de104da772ef1029ce8aaf62bc8f44bf4f582c184de12671c2fc1d383

/data/data/com.nd.android.pandahome2/databases/91analytics_v4.db

MD5 3d2ea4cf15269a8d131f15ed135e8e32
SHA1 9403428714583cf7b5c95601634fa78685d98e55
SHA256 3e3052b26a44e0d20e4574c89164cf880c268adf2b1b1af9c3bf30ef62d8d754
SHA512 b6d454f3f82851628b3176c926c42c963cf2c68ee7b9673b8efd89dfb8f4469c1913a9c0acb218cd66eb277b5ad051a5b6fa2bf94cda81547cb390e1ff6f04ae