Malware Analysis Report

2024-10-19 13:17

Sample ID 240602-wppjeabb34
Target 8ef36f3e79357bddbe8d1d9ac5235dfd_JaffaCakes118
SHA256 44d3e7b47b0a0e1bbd1b30f999e4ecfa1a5cd5d1ab7ba921d0c88b641d349a65
Tags
banker discovery evasion impact persistence collection credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

44d3e7b47b0a0e1bbd1b30f999e4ecfa1a5cd5d1ab7ba921d0c88b641d349a65

Threat Level: Likely malicious

The file 8ef36f3e79357bddbe8d1d9ac5235dfd_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence collection credential_access

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Obtains sensitive information copied to the device clipboard

Registers a broadcast receiver at runtime (usually for listening for system events)

Loads dropped Dex/Jar

Checks memory information

Queries information about running processes on the device

Checks CPU information

Queries the mobile country code (MCC)

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Checks if the internet connection is available

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 18:06

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 18:06

Reported

2024-06-02 18:11

Platform

android-x86-arm-20240514-en

Max time kernel

175s

Max time network

186s

Command Line

com.bugoo.yunteng.cdy

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.bugoo.yunteng.cdy

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 service.dcloud.net.cn udp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
GB 142.250.178.3:443 tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp

Files

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_state

MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512 b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_deps

MD5 8249ddd7908b997618c39e8186261ad7
SHA1 ba1cbda1e21e59f0968464b59830ff5bf5a1127e
SHA256 84f2744e7020718f59b77c3e743dba2d0ec71809f60a5af9e9890c0f517f6fef
SHA512 3c65fcaa1dd6fcabf03218d9567cb3ce9395ba3bf95c90e6787e95d9de22c669b60ecaab591c8ae5fa4f8b6466937b3755b158ad4a50bce32433fc66ab865a0c

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_manifest

MD5 c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1 c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256 957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA512 29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_state

MD5 55a54008ad1ba589aa210d2629c1df41
SHA1 bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA256 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA512 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

/data/data/com.bugoo.yunteng.cdy/cache/weex/libs/weexjsb/x86/libweexjsb.so

MD5 9bb067cd33b490d30f2c88054c732574
SHA1 d95a11e2be5c7a1fab9820e34cdd9e482523ea86
SHA256 fb993dc086feddf19af9700c7428386e3e4a5c67f273711c371ff4460a830ae9
SHA512 0b721c51332313c50ae466fff1b4bdb48a71791bca67ee83d2882a19e8abb59dc1406ed15d6dabbcd3ba922167fbf68a3828fd82edf4b2270ff0191b8fed0dbc

/data/data/com.bugoo.yunteng.cdy/files/.imei.txt

MD5 98e00d5f679bcca52fea61ed45567ea9
SHA1 112f5e2d77a598849ea438333e71c86b02c4bf2f
SHA256 c4bef45b1b649b14ba683dbee833182eeb24e742b297cb68cf99941c817573ab
SHA512 efb1e4fd647ae09593e0f378317f82d6bdd97250580392701e2b7893d2e4045ce69ca1195f6d1f6a33daadc7628cc1f92419aea5be37399c4395d3d7e85bec52

/data/data/com.bugoo.yunteng.cdy/shared_prefs_ext/test_app

MD5 cb9c58b6b78fc3d79b27ba6c0b3180ff
SHA1 146538d3121e9356da8a548cc2f7585c52542bc8
SHA256 3c2fe5b2e1e625f65329a1c9cf35f0b62f52eb8cbf59f823d91fd744491550ec
SHA512 b8911ca6a1bb8479572c2fd4b6927089a9c8bd3eac306bc4e3b00e4be35cb27eaff48c905b4ccfa691e9ea98500e0d85830c9414cc0949b86c7eafecc5a2531c

/data/data/com.bugoo.yunteng.cdy/files/cnc3ejE6/eje3cnc

MD5 7769d4507985f59116153463f09235a2
SHA1 b081e84d14300ac7a7947aade9c025fa83bc17fb
SHA256 5ba33c69421ad27727832442cb5939d5bc853acecd0d8162d7c10a6b96757dcf
SHA512 ce5bb431a31eaba24c0cf467bedb1abee2205b74c4533067058b09ce7e8f9480b8baa01866e3dc89d1800d07da6007f36c1b4fea811e3da164b187903480d29f

/storage/emulated/0/Android/data/com.bugoo.yunteng.cdy/apps/__UNI__5392035/temp/1717351702555

MD5 e878d508cbb0b4e47e4a8020a18848da
SHA1 40595bf801997103a9833c0a29894045a35f28a5
SHA256 3d48ad0f7f9e33ebc13b786b4d6d78ec3814691b112ded671d031acf650b73b9
SHA512 0f55bfe150bb3e31e60aab39277762a80834df757f556d1a7db801b65893bdedf008eb38a529a6441e87b5cd43810a26528f67a6ede595d51bcb7f6dfea01c20

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/journal

MD5 c1011a7e858ed70da4878c6056bb6357
SHA1 70aeac98e98c7633432ce66c0b08436f0ed5a6b9
SHA256 e0f85dd8afb12b2632e96f793d26d1746a55a586d206585c8cb4c52f152db8ac
SHA512 d5440cf43241bf0e71dec0f533824d6cbc8f25531dff84b625fa4eac03183d471d5fddf9b803aea8919c25db47f72aa37f6a3747ad3f7f806a9fce7a0f63ba29

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/32325592ed3a7d02295948dc9c8bb523974a179e4e6b05a5622059505386402b.0.tmp

MD5 918c720dbbf2a8c0141d69f0fc13275e
SHA1 050bccf62aef97559edbd94d514d9d3f72501312
SHA256 30f672b90006e8cfc2e806f5c0096b09c51f4ba6efa90b3c7b6976d8c5b6eed6
SHA512 2fa580a86f21fe6273ac3ad1b350a3ce1aa4e26c3fcbccfde50547f10ff2399945f678e6da8a45d7f278a3aa559d374fb06c7efbff3d848598be4520f9bf50a2

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/36f6c6aa0cc826f90b89c8209b143e7367d17ab62b6b6675e26318277421e46c.0.tmp

MD5 208cc2f0d28fcf65756d8678c330f676
SHA1 12cc60f62f03d0e4c4e498d70504ae6e41b23a9a
SHA256 8646b007e99c79d3d3b7f359be84b61dbf00fd122386b9a2fbfbe6d32157e7fb
SHA512 c6b4b6e712fd9e3a6a5358a851d6a03911baffb262daf2228875bc190464f3b7aaa3b2eeca95dc62333b133ca4d034695058fd24733c912d0aa78e1d7f8a35ca

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/f35eb1b0119dc55c80901171252a50890c4629cfe9f4cf35d53d12d55bb96ee5.0.tmp

MD5 1b01b5706c6d6c04845667e00a18f1b7
SHA1 57537f59b2ddd2b89278cbbf7853f5766508c2c6
SHA256 24992d017899951047518d244785d157c27c60aaec9b8af6de6af971769a10af
SHA512 fec9e3d4cbf8114f84aaff28643ff91d6ba989eb60b38c4b0faa2fa7593fc29602fc491f9cf77e445ad0f30f086cae2d8e78b2f787c6814d08d2b94493857357

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 18:06

Reported

2024-06-02 18:10

Platform

android-x64-20240514-en

Max time kernel

179s

Max time network

192s

Command Line

com.bugoo.yunteng.cdy

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.bugoo.yunteng.cdy/[email protected] N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.bugoo.yunteng.cdy

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 service.dcloud.net.cn udp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 www.swiftlylink.com udp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
GB 216.58.213.14:443 tcp
GB 142.250.200.2:443 tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
HK 156.235.136.158:8443 www.swiftlylink.com tcp
HK 156.245.216.94:8443 www.swiftlylink.com tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp
CN 110.40.181.119:443 service.dcloud.net.cn tcp
CN 111.229.199.57:443 service.dcloud.net.cn tcp
CN 115.159.204.155:443 service.dcloud.net.cn tcp
CN 124.220.57.196:443 service.dcloud.net.cn tcp
CN 110.40.169.99:443 service.dcloud.net.cn tcp

Files

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_state

MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512 b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_deps

MD5 09437b4d24515ec8cdeb70adeb45c5f4
SHA1 0a41a57bb80098a4437e28fdc8812d1fde37da47
SHA256 074b1bf78831a69b6a5a3bdbac30c3e46026d0cda272aa41772ae6ebd91e107a
SHA512 8b5dda70bf78e480623394c71d6b1e7af1cfb4da3c01ef1989c0e8ce011a3091ffdb7e991ca6ca5373e1938f49cabcd5a7186dcdd64c12330d29b346938ab994

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_manifest

MD5 c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1 c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256 957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA512 29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

/data/data/com.bugoo.yunteng.cdy/lib-main/dso_state

MD5 55a54008ad1ba589aa210d2629c1df41
SHA1 bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA256 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA512 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

/data/data/com.bugoo.yunteng.cdy/cache/weex/libs/weexjsb/x86/libweexjsb.so

MD5 9bb067cd33b490d30f2c88054c732574
SHA1 d95a11e2be5c7a1fab9820e34cdd9e482523ea86
SHA256 fb993dc086feddf19af9700c7428386e3e4a5c67f273711c371ff4460a830ae9
SHA512 0b721c51332313c50ae466fff1b4bdb48a71791bca67ee83d2882a19e8abb59dc1406ed15d6dabbcd3ba922167fbf68a3828fd82edf4b2270ff0191b8fed0dbc

/data/data/com.bugoo.yunteng.cdy/.00000000000/A3AEECD8.dex

MD5 ed73a80eb949bacc52428b8d5a087fa5
SHA1 07e973549a2cee61ffeeb6439abc419cd8a489a9
SHA256 f0ead1ad60e0cc310c1a40685c28fc7a69aa346604552816c51dd3c1718a1e76
SHA512 4bc26c18ca3a2edfe38ca1e14ad1e1415268b4a69cdff3c0f8e2b8fa910c67c2e4bc4f32c21274e586e8e139122ea3dbde7ec507c4722b4a9a778ee2598090b8

/data/data/com.bugoo.yunteng.cdy/.00000000000/A3AEECD8.dex

MD5 5061e4948844f7d366972ac8005e9f13
SHA1 a2b79a1c79afb095ddebf0f16a1f9db64482bcaf
SHA256 3aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45
SHA512 223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299

/data/data/com.bugoo.yunteng.cdy/files/.imei.txt

MD5 355be6a2773ab277177db84250d7964c
SHA1 f3f8f1cbca4a0b2fa847e2d6f0ec83311974ac36
SHA256 0d7b4b231cc01aa81087ce7d3c11a0a72a860dcf5adde5dc87a8c7073f803ddd
SHA512 17fe3e3f523675abd87eb340ba3b2f9f5e7e47db23898fcb96a7d287197425acb6b3702c5ef61ba267f54d843442392f14cdc92bba533600e7f7dc45c2007a2b

/data/data/com.bugoo.yunteng.cdy/shared_prefs_ext/test_app

MD5 cb9c58b6b78fc3d79b27ba6c0b3180ff
SHA1 146538d3121e9356da8a548cc2f7585c52542bc8
SHA256 3c2fe5b2e1e625f65329a1c9cf35f0b62f52eb8cbf59f823d91fd744491550ec
SHA512 b8911ca6a1bb8479572c2fd4b6927089a9c8bd3eac306bc4e3b00e4be35cb27eaff48c905b4ccfa691e9ea98500e0d85830c9414cc0949b86c7eafecc5a2531c

/data/data/com.bugoo.yunteng.cdy/files/cnc3ejE6/eje3cnc

MD5 7769d4507985f59116153463f09235a2
SHA1 b081e84d14300ac7a7947aade9c025fa83bc17fb
SHA256 5ba33c69421ad27727832442cb5939d5bc853acecd0d8162d7c10a6b96757dcf
SHA512 ce5bb431a31eaba24c0cf467bedb1abee2205b74c4533067058b09ce7e8f9480b8baa01866e3dc89d1800d07da6007f36c1b4fea811e3da164b187903480d29f

/storage/emulated/0/Android/data/com.bugoo.yunteng.cdy/apps/__UNI__5392035/temp/1717351622979

MD5 e878d508cbb0b4e47e4a8020a18848da
SHA1 40595bf801997103a9833c0a29894045a35f28a5
SHA256 3d48ad0f7f9e33ebc13b786b4d6d78ec3814691b112ded671d031acf650b73b9
SHA512 0f55bfe150bb3e31e60aab39277762a80834df757f556d1a7db801b65893bdedf008eb38a529a6441e87b5cd43810a26528f67a6ede595d51bcb7f6dfea01c20

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/journal

MD5 ad90fdfd8ff963d81f01d91bfb0df706
SHA1 1a689f8d50199f29bc160b3baaae8122eec4d430
SHA256 e3c42e0a0b0047a49745ab13d3cc28934bfdf547f031aa5e6f6840c35953ba0d
SHA512 e80b88ebf3af98bf2307f44d8e047bd876186cafd5842570563602544df76990e77893350d6f3f938c6ec71fdfd851f9956faab36bd9876cdd9c8c21374a79e9

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/f35eb1b0119dc55c80901171252a50890c4629cfe9f4cf35d53d12d55bb96ee5.0.tmp

MD5 f3806ecd61bdc82ffaee0238d0b4fb38
SHA1 95ade2fd2971447409e169d917d14d44822292bb
SHA256 5892ef52918a88e5508d5b921362a35977079d17cf83feea3eaf00b69443d8d5
SHA512 9bc22530f2a9e5615875e9cdf948c4a9016997fb26ef823f7aa7829ec5dd42b190c242e7c8257873d725edee1e396108db2ad574c9196c73f43a074824a8dfbc

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/32325592ed3a7d02295948dc9c8bb523974a179e4e6b05a5622059505386402b.0.tmp

MD5 a8a221664a2164e228c0a37b053947ab
SHA1 6b29f44709f48368dd74adcb7ef6e881a003562e
SHA256 8242734a2574d31ce9d15798aa1b399e9bfe08e44cdf01cbec5fbe901fb98770
SHA512 6f16661bebf9f2e81a779f807fe0bcfa5332303b36240114ff30eba5bd38a78b5822bfc3d7e0574a8dc4160a1b04eb4fb6c449d48a844542dc78585d0f7250d4

/data/data/com.bugoo.yunteng.cdy/cache/image_manager_disk_cache/36f6c6aa0cc826f90b89c8209b143e7367d17ab62b6b6675e26318277421e46c.0.tmp

MD5 fdf6c41ba1224cba26bb1063d377c1b4
SHA1 0a9e967d4013b9d78ebb449f0ddbcfc0c2213f0e
SHA256 dbdb646ef91fd50829e1ace47bef44924397fcfb7b20fd3983d92a52c5432ae8
SHA512 c365eb97ba1276f2a5dfddb9b36e9fa58425de6b4dbad699e0e5d6b02ddf9fa877b6567b1397a15b45b44c17ca55a55f2bc194a3df46978da2d15b556fc2d9a4