Analysis Overview
SHA256
c5dc5f69df98c947622482c6f427cb947385e0736a3d3892d763fc6108a853e6
Threat Level: Likely malicious
The file 8f0777fa51f297002fb0a616e5e43edf_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Requests cell location
Registers a broadcast receiver at runtime (usually for listening for system events)
Queries information about the current Wi-Fi connection
Checks memory information
Queries information about the current nearby Wi-Fi networks
Checks CPU information
Queries information about running processes on the device
Obtains sensitive information copied to the device clipboard
Loads dropped Dex/Jar
Requests dangerous framework permissions
Checks if the internet connection is available
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-02 18:39
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-02 18:38
Reported
2024-06-02 18:42
Platform
android-x86-arm-20240514-en
Max time kernel
80s
Max time network
182s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.zongxueguan.naochanle_android
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.zongxueguan.naochanle_android/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.zongxueguan.naochanle_android:pushcore
com.zongxueguan.naochanle_android:core
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.3:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | api.lishizg.online | udp |
| US | 1.1.1.1:53 | wanproxy.127.net | udp |
| HK | 103.129.255.21:443 | wanproxy.127.net | tcp |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | lbs.netease.im | udp |
| IE | 54.73.57.121:443 | lbs.netease.im | tcp |
| GB | 142.250.187.234:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | q.tinkerpatch.com | udp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 120.46.84.108:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
Files
/data/data/com.zongxueguan.naochanle_android/.jiagu/libjiagu.so
| MD5 | 610a895c4a71bbeeaea16eddb1422bbf |
| SHA1 | 9f919de42ed1e80bfadfef48f8202b202166f869 |
| SHA256 | baa349e9b5a47be21b6ea00ef2e0c0c5dc203c0e4c391dac46df07ca9d333217 |
| SHA512 | ef4173ba32309ef1257b75bcff28fd44ab14398577b4fb3b6b95323035c964201ed39546cda3b7115ba5025781f3b9c018443e7932edd50a25b1be60359f80f2 |
/data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex
| MD5 | f0cd5bd2022286ce34c3ce4ce82dc629 |
| SHA1 | fd304dda0545d8fbf1221266f9049054ed9f4895 |
| SHA256 | f4b7c7202afbd6c88c772ef964e636e896736d2af10b1e281a76d190f858ff05 |
| SHA512 | 0e2905d04e59611fd3bd033af6c0ae1f4c6c392a99c69019445a7e84c6d4de90b62af62dca55b1f57f7ed3f330507e2b21e8865b15369b4028993df29fea22b2 |
/data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex
| MD5 | 36ace6020c58cfbc4e5f57438f2a8c63 |
| SHA1 | 345c013037bfc0da6bde5603643bf9d8b208b301 |
| SHA256 | 616ce3d84ea7b4424d04ca98f5bcd1b4453b19c768e258d00f7c3a9847932cae |
| SHA512 | 493b58c6d93412c614a1d10401a58f8c9b26d67987dfa4b67bd8441d428b315ba40eae4adcd090fa27afe4e19f327c0625e46a490012edb099f2f105c4510090 |
/data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex
| MD5 | d032bdc646cc63c2c6a2a4db02d9a07c |
| SHA1 | 59af272d29990751f998998db2493536b3c0fdef |
| SHA256 | 8e23a93bc9469594efd7ac506f28991f4089154364168ae4f0b752d7edbade8a |
| SHA512 | 06c554f1017be1bc1f75a2b3d72a33188ab4d6f9dd77a0df40e2573944003611aafcc51874aac4465ef3d10c72f2e4244fd7be7fed5ab57e79bade765d5f5794 |
/data/data/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex
| MD5 | 6442450755d6ceeb065a34956e06d22f |
| SHA1 | c02ea6834719dda4f0296acf90a3f4dbd272be09 |
| SHA256 | e127dd108290cad9d6178f70ebf74aaa4dee1f211fa734db93fa8ddd9fdd4b4b |
| SHA512 | b68b38d4340ec9535a7e5d161bf1fbb9e1dfca65ad43224d89b0bf1be311d5efd945b1e7df257a5656cef57789a98451195f61fb80c85c8238c400ed55be991d |
/data/data/com.zongxueguan.naochanle_android/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.ri
| MD5 | ef1b7bf68d290c31426bb73ffca011c6 |
| SHA1 | 57d5699cae48d2b7a15873f6212f2c08dc53d771 |
| SHA256 | dc6c140df650de370fcf1a1072329793366b85352a063fac9cc92b00b2aeeb87 |
| SHA512 | 6703d349bb7dbc7960b5b721d1080ccedb997277d14e4ce07c7188c17354632fdac2fe25079e2e305bdfef936c3e812f6fd3d0ae9b2352f707b160b63b175081 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_cf
| MD5 | 25a0f3995cdfd2364fe0552d6a9255f8 |
| SHA1 | 86f5e34f6d3655e757f9e6df19dccc7705039bca |
| SHA256 | cdb5043d53c97753e2f1177dabea6c662447d9de9e127f642e6755803b78c82d |
| SHA512 | dde0c5f79f31d98ed8c38b9a5fa7a0c8ad5656acc2990e6f1b03ae02d38818006fdd8fe9faf6595b05dcf5f9d2c9817a7df08825e8387dfc12878d2f626eb1d0 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_pid
| MD5 | 309e86d7037fd16a8817721868aa2bfa |
| SHA1 | b687a24e54e907a5854de46e24ff00167dab0ed8 |
| SHA256 | e1353e8366260760ec427718a27ac80906b64613f556522976e2037342bf4e22 |
| SHA512 | be6aa251ef30eddd7ffca2632e9c6db3a1464b398d8dae12350945944bfc40239e9842641c9cd2efbea4b96b0ebb03f63609f2ece4ad3e701a596879740db741 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 6a8479e8dfca7d3a358c074d4337a365 |
| SHA1 | 49ac1ed8702b1232c0ffe894b906fa8df8cc89c7 |
| SHA256 | 019fcfefebf70c88f9237882c05dfd4fb7ef4f46755ac38429bea7e240784b0d |
| SHA512 | ef9de30363b1a14483a8088c9b690babbdec8e2a0c37670d317d04a4173f6b755cd16e5a2e3d7845158fb0d64dc104c3ce018b8f09cc5ee235fa476ba4c1760f |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 8dfd1f56b03c5257c1c91e72378d543e |
| SHA1 | f76565bda4a56824cf751ebde5c00e46899f93e5 |
| SHA256 | 96147644330fcf76b7fe3a4d629583b2e38de5c1115a66c92233d98f125a0ae6 |
| SHA512 | c664195b91bf153766fa49043b300094383f00642215d4158aac0822937daffb211d981d673358630ec9363a0eb5779e2a644b77e62e6e3e8ae989dc9e2e62a4 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 5297153f27100669a6d617eaf059836d |
| SHA1 | 4cf42dd8a86de806f8f63e277e108517d830b576 |
| SHA256 | 54967fddcb94520d53c0d82bef4f3c4d72c5057ed12e76fc606f2e0e99e8dcb8 |
| SHA512 | ff652ef2287b4b8efac353e6a9ef64334b41d5bf2407af82f6ac436b9b098a48e99403663aa617a0cc64bed94cb1ee3fbb13ff9af79e94ee4c0a0c6e738f7fca |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 7040d13353f8ffe1f52315f25484df10 |
| SHA1 | 1ac1369816e356210c03fae7482b1aeee36be1f0 |
| SHA256 | d87efd1e0004d824eea00d9e0723745a62d7d87eaa7d5160ce37632b6b36b206 |
| SHA512 | a4014df26beca4a49feb90b2d6feaab7e2c2eceb67daf448891cec9c109166f648b548ebaf7d8d4824b69ff719e2daabf4b9d46628e7de4897570c82351803ac |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | aa1f4e0a90efa7a66d1527d730e2e790 |
| SHA1 | b5e79e3770c152397563ff6c0bfb8671755c58dc |
| SHA256 | 600d0c57a34b02b715c818f8b9d47ce7119e9dcbb17647ea96b998054978c0d2 |
| SHA512 | a4ad44f39836e75d12c588b5e637c5054161847f72380ef74dcb84d22dee430c720068d6a48bb527296a9f77ab536c5b4aceeac192ec422a29625526dd54eb49 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | fb0177fd85eadd6ce89ff09b3dfd1c6b |
| SHA1 | 25dcd0a075e4e381d46d7005944c8db9817cb830 |
| SHA256 | fc2cc7d0942650b59fcaf665404dedc730d039ff78293e93cc59b9dda6e9d03e |
| SHA512 | 1dd03f46982c642eb58e60511416be41cfce44888e671d7209bf1cd54593fa14aa60981ec3d75f473ed7d2f39889f2cc04d311fbad52273d79e88f3810fa7acd |
/storage/emulated/0/com.zongxueguan.naochanle_android/log/demo_20240602.log
| MD5 | 9f282669c6e7468a989bfcde26077779 |
| SHA1 | 7eb5ac0c6a1270d2c03fbd3799a4f7a769f9e76f |
| SHA256 | 41a39be58cdbbf8dd29d0f2ec27314f310679dde168a789f4c415f615d0d2746 |
| SHA512 | a1107c938dea49c414aa16a77aee22bcac759c0719fc2ff32f91693e89a86ad8d33cf7a92dc27aadad6529bb6670061deb5ebbd5dd0f05a0523e858eea736a19 |
/storage/emulated/0/com.zongxueguan.naochanle_android/log/demo_20240602.log
| MD5 | 23c91d3d090ea40ab522f6296d9fe527 |
| SHA1 | d52f83df020cacbb3ba9bbb2c83cf9a3acb8823a |
| SHA256 | d2d67fd8aa704cc6ad97ad7a423551ef06cdcd944d7ef1eec781853511a14c82 |
| SHA512 | 6d4b30061df02715142490ce9a5e5bc02605f57566035c5f3a090ce730489f2f9886435b2ad9994dc91debc6c0a79769d5f33f99fc787c980ef98de3f62a84a3 |
/data/data/com.zongxueguan.naochanle_android/tinker_server/0f751a5a5fdc5dd9_version.info
| MD5 | 5df841e5901ace0a5332e46df239dbdd |
| SHA1 | 11f31fd6f98cd837f2201000472acb0107facabc |
| SHA256 | 380b7185e9671402423c8b34d05c7493f1ca60058869383fd2c413e6430b0b50 |
| SHA512 | 84f973fa9fff23321e7a7d004b27dbe1d45201cfe0fc550f5086640883d5a8e536ce6e7d4a7b6cecbccf47b38979d0f1c1f24f020b45b8f105451ba83f6ec46c |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | d0ea0f61c216a82bad03152e185a00dd |
| SHA1 | 21e236ba52bda42f54965a4ec665624c8ab916f7 |
| SHA256 | a8d959e11d0f9c19a238873f85cd11041df9b08841808c6a2a0ed00280096c0a |
| SHA512 | 6748034c4cb0a6b883c328eb944c924f1a5d533e88ce2bf3de0251c4fdeebd39c87f626a33993d225f623328bab7544f0e43dd5f2a2e6275eae044ed2fcead19 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 26f9c81816b3aff7db827eb48ce7ab40 |
| SHA1 | 4818f5533350e0cab029bbb0da0e24c09445e4aa |
| SHA256 | 09ee8069f117a7304f2760eef390c77c718d4ab6a65d0e220d802b87c06ab1e2 |
| SHA512 | 6f45fcc9b67b15e044598e4ae6c4d6230433f26ce51c9025d413f435ba60e0197dc1d88f591fbdbd0aa0cafe936ed3d1c5fe001c541e79408076ac8ab11bc298 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | ebcde6b689a7ba9cd42f64b1aec1915b |
| SHA1 | 00c51dbeb2ada1bbe6b1b6fa95ee9f0ef5c7e4d6 |
| SHA256 | e832e45d8dc85512b96b0a47d8087e877be3253bea1f17e6a33e36a9a5e95531 |
| SHA512 | 2278750ceb5a40a93d792eb920fbcfcb3d2b45e0c5af910f49384609e89593217e09265ddf1d68c8927f730ddb5bbcb27b3336eea60d78403d7f1ef5aa483ff9 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-02 18:38
Reported
2024-06-02 18:42
Platform
android-x64-arm64-20240514-en
Max time kernel
116s
Max time network
187s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.zongxueguan.naochanle_android
com.zongxueguan.naochanle_android:pushcore
com.zongxueguan.naochanle_android:core
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | api.lishizg.online | udp |
| US | 1.1.1.1:53 | wanproxy.127.net | udp |
| HK | 103.129.255.21:443 | wanproxy.127.net | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| US | 1.1.1.1:53 | q.tinkerpatch.com | udp |
| US | 1.1.1.1:53 | lbs.netease.im | udp |
| IE | 54.73.57.121:443 | lbs.netease.im | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 123.60.89.60:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| CN | 182.92.204.122:443 | api.lishizg.online | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | ebjvu.cn | udp |
| CN | 112.65.70.244:80 | ebjvu.cn | tcp |
| GB | 142.250.187.206:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 59.82.112.112:80 | log.umsns.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
Files
/data/user/0/com.zongxueguan.naochanle_android/.jiagu/libjiagu.so
| MD5 | 610a895c4a71bbeeaea16eddb1422bbf |
| SHA1 | 9f919de42ed1e80bfadfef48f8202b202166f869 |
| SHA256 | baa349e9b5a47be21b6ea00ef2e0c0c5dc203c0e4c391dac46df07ca9d333217 |
| SHA512 | ef4173ba32309ef1257b75bcff28fd44ab14398577b4fb3b6b95323035c964201ed39546cda3b7115ba5025781f3b9c018443e7932edd50a25b1be60359f80f2 |
/data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex
| MD5 | f0cd5bd2022286ce34c3ce4ce82dc629 |
| SHA1 | fd304dda0545d8fbf1221266f9049054ed9f4895 |
| SHA256 | f4b7c7202afbd6c88c772ef964e636e896736d2af10b1e281a76d190f858ff05 |
| SHA512 | 0e2905d04e59611fd3bd033af6c0ae1f4c6c392a99c69019445a7e84c6d4de90b62af62dca55b1f57f7ed3f330507e2b21e8865b15369b4028993df29fea22b2 |
/data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes2.dex
| MD5 | 36ace6020c58cfbc4e5f57438f2a8c63 |
| SHA1 | 345c013037bfc0da6bde5603643bf9d8b208b301 |
| SHA256 | 616ce3d84ea7b4424d04ca98f5bcd1b4453b19c768e258d00f7c3a9847932cae |
| SHA512 | 493b58c6d93412c614a1d10401a58f8c9b26d67987dfa4b67bd8441d428b315ba40eae4adcd090fa27afe4e19f327c0625e46a490012edb099f2f105c4510090 |
/data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes3.dex
| MD5 | d032bdc646cc63c2c6a2a4db02d9a07c |
| SHA1 | 59af272d29990751f998998db2493536b3c0fdef |
| SHA256 | 8e23a93bc9469594efd7ac506f28991f4089154364168ae4f0b752d7edbade8a |
| SHA512 | 06c554f1017be1bc1f75a2b3d72a33188ab4d6f9dd77a0df40e2573944003611aafcc51874aac4465ef3d10c72f2e4244fd7be7fed5ab57e79bade765d5f5794 |
/data/user/0/com.zongxueguan.naochanle_android/.jiagu/classes.dex!classes4.dex
| MD5 | 6442450755d6ceeb065a34956e06d22f |
| SHA1 | c02ea6834719dda4f0296acf90a3f4dbd272be09 |
| SHA256 | e127dd108290cad9d6178f70ebf74aaa4dee1f211fa734db93fa8ddd9fdd4b4b |
| SHA512 | b68b38d4340ec9535a7e5d161bf1fbb9e1dfca65ad43224d89b0bf1be311d5efd945b1e7df257a5656cef57789a98451195f61fb80c85c8238c400ed55be991d |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.ri
| MD5 | 98072fa1d5ea6061086f937e019f5aa7 |
| SHA1 | 283bd6a0a0f51079d390b502a50b03f98bed3004 |
| SHA256 | 2dac1c4cba5818ca84e6b070cccb12c6a369dacb34f8250fda2451ee01ea0e67 |
| SHA512 | 71cdba2538009a874f3fcd104a53b020a2d5ef0b4b0db3f8320a4bae537a58deae4d490c6f9f8119f9cf7e20bd6a10d625911edbcab0781f6a2600156eea24a9 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_cf
| MD5 | 2e086ad23cb423283774df5c88e92851 |
| SHA1 | 148697ce4ca168de4a9da834a0e48ea2a8dee3f6 |
| SHA256 | 971e1d34a12587a048c64a7f7a2fd3c9b93dc9b90d2e121729b6de48b36a898f |
| SHA512 | e04cc859036ad2d16a8a753e24aeac4b4b871b6a7af75e5e918e6b004df09245d90d64e103473278455e31834d0d0d727cebf25c4c1911b0144499aaaaed23bf |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_pid
| MD5 | e08772f1bafd5fff9e3624f38f8ef3f6 |
| SHA1 | 4c1ed55fd7e8de142643de62c35fa58ef687e40c |
| SHA256 | 33ffe2bab692a433adb47988f20db5080d0c08c8a101e3fa9aa08f633e111ba8 |
| SHA512 | e42f6695025d41704d265c2dace05bddbc00478d19008e62de7f7a7df3653c0066edfad933e89c50899d710296490b8ca691a527208e23751de7fa56f0ee7567 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 1ec404b7af4186ae6def743368043ed0 |
| SHA1 | a1a7d258b759475822330093a6f960c8cc244f32 |
| SHA256 | e5b4d5e68028e4f44b7d7f73a37321ad6257c83ad53b4f5e9e3ce12d682028b9 |
| SHA512 | 534268b209acdb6d78a05d7d760e9a43f9973f8ffb409e994776aa0757da1ab1bd834592e21534529caba31bb27d8a8d039464694e76973923e3a305316fd51c |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | da27e4264e2d8d248a82937b59dbe5ef |
| SHA1 | 60f2fdd49b078c21261830024ef5dfcfd39c4936 |
| SHA256 | d029f51139a398fce48a2987a245fad6c49410d2e31763ccbc731c686fd3e525 |
| SHA512 | 0b2a3d82f97e86c7e252377a4829a754d16997794f65d8a924a2bfebb4b24c66f91c3b5580d9b04ca9fc070f296dcc20b459a9647a94311569f025d6a7380e6c |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | aefcac1051efeb61c391b16c8f708313 |
| SHA1 | b574aa8dae489759aab0e0f15df519ced738c895 |
| SHA256 | b3a10299ac88e59595730781cfb08e4b75f74e2748f3bcf0983d04757d5e9e56 |
| SHA512 | bc8f71af6d1e170c98a745e2c1062e79e685ef0ac796b2ec55e44d314d84b8711d56adaebae8e509a0451d4acc22fce1e8abfedd9f284a8e2df62f74a98ae60c |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | c444739bd1dcc593ff53fb1644d53fd8 |
| SHA1 | 5361a91ed1aad787102036dea9b9fac7578d77f4 |
| SHA256 | dddf54fa6677a5e9935a3a29f70c72374444bd8814f28d341f6f749dfada7bed |
| SHA512 | 724094bc54a72506f429490588571233b8c89ede771de86144d9d2b7cae882fec52ad170efb784776ec0a8899a8fb4982ebfd2fdcc6749eb00e36e441425aa46 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 42cc81f831ed8777f4d52b1157a24556 |
| SHA1 | 0e478a5a2a45757cb949e6ef6f81e5d357e261c8 |
| SHA256 | 18a9ce0178e65c852d33b864df54bd9b71ca45159501d85a101e2eb1efa5bcb5 |
| SHA512 | ee990d579ad65ad01dfd61c926ca6bcca37295268f574ee379d47e7910aca6d24eda4ce2640e84bae752973998f2b2e508ec5e2532a9813ec3668c8c436dc4b8 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | beffb61e467977f532e4e4f9b473afad |
| SHA1 | 5e2575cf24c64053e0b2a768ce1d8d77a98f632f |
| SHA256 | 09801162e2e9026f8b2768b1fae9bbca6c80732402fef3ac0d4e3f410a2955c5 |
| SHA512 | 7de2b0b6510f925e2b16e174fdeedc192c6feef74eb11de4a4afb5d65dda5c044f3b0eaa3ffffcbdc52f0290d2208b02b34668334b082a9ea50fc3d0496ce896 |
/storage/emulated/0/com.zongxueguan.naochanle_android/log/demo_20240602.log
| MD5 | 31f24f062925acb07dc8e240780e880d |
| SHA1 | 56a3ba3a21e711779b4241a7016a45d6fb3aa167 |
| SHA256 | 9331fcc61b7dc1b9dc01024bc05133fcaa7f503b6273c0be5244c11a6111a770 |
| SHA512 | 278d3db06ba3257eb7a99aacbab7ef062ee769aeaff1c4178c378815083d370fd9158288141ca24ca7e00ce276ea306ff93442d4bbfa76db745795d07db741e0 |
/storage/emulated/0/com.zongxueguan.naochanle_android/log/demo_20240602.log
| MD5 | 13a0f634ae9185cbe0be134f85a50c45 |
| SHA1 | 191857286fa6e88a62fc2095acaf5a5acca18eb2 |
| SHA256 | ed3ad60dd3a011caadf3e9cb0fab17237e18ca8d0e7e7fef6f4bee6831d5d50c |
| SHA512 | ff4c807370a3e0b21aa0e8e21e7be27d0ae62230bad71196512b18ae25e5029413d8d8b45edae24e773b5d8ddbb7052ca0123173f18acafde45836297c019a6e |
/data/user/0/com.zongxueguan.naochanle_android/tinker_server/0f751a5a5fdc5dd9_version.info
| MD5 | 6d687da5da2f8c4532ff875d52ee22dd |
| SHA1 | 9f074714cd802a6e0c9c7580d7092c7ae3a6ca65 |
| SHA256 | 2a7788b606b2cfe848a3dd63287c2c12804a42720a816c147b2880a222fd745f |
| SHA512 | b45540ba69c6936e4e16b6f45e092d700050df91f5aabe3f9807c9ff23989ee5aedee02136f68f4de790f9decb33ae4b6250ffcb36909be91af4b0331bdda548 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.ac
| MD5 | 278d132fbf02b48eed829b9d947293de |
| SHA1 | a77054e53709aaf5d63db33c727508dda6a05e13 |
| SHA256 | 9be07d516400491134aea4c011852f883e73134c700a829ab02695cce9b78742 |
| SHA512 | 1d0eb0ebcb3deb4ae8c3378f1da372afc2e9737534470f2c2c174cb4f1f090f3f5d7140ad744b95354fe23b134e60372230bd96d45ed4a75ada58564c061c77d |
/storage/emulated/0/data/.push_deviceid
| MD5 | a7471a3c597b3138b932751dc3b183ba |
| SHA1 | 1b4ebde41dba7d8a1d5b4a192a9e27cbd718860c |
| SHA256 | cb564c80e29b85779cda893850fc356b1d7fe495b045771660dbe4dc175ec5cb |
| SHA512 | 863004a038ea209edd16ff560c4268d7030691b3c1013d8c486a6814098480cb0883868f508ceb008170acc7e0a71607a7d00fa5e937c1fb5a7443abb61a36d9 |
/data/user/0/com.zongxueguan.naochanle_android/files/jpush_stat_cache_history.json
| MD5 | c79d1eaf180e92e6b4217f8292af1def |
| SHA1 | 63996442ca9612c628cf0f5f3ed4b1cac323b96f |
| SHA256 | d63b5e9da7f386873b209fda12ee94f5ba9fddf52c322ebda8e368c963c05ab4 |
| SHA512 | ace02f58b0f0e9b56dc4c1ba14afcfbfa378fcae40899afb94fdeb4505b086eea113154094a796b30e7faa7e0188fdbe92582b7f8211fee14f17b8fe39da0bc0 |
/data/user/0/com.zongxueguan.naochanle_android/files/umeng_it.cache
| MD5 | a1f5b252324617d47e2e6d591a6542ff |
| SHA1 | ea8ba6cdbe6bc212006ef4a5cca9ff8064757a97 |
| SHA256 | 29adf5254057bd05cbf23c0b55d61807326ee63f14f124eb3bbfdc93320cfba9 |
| SHA512 | 9fce769790c3a3ba845f755a9bf4ac14c7ff743a5240a98dd1fd1e26bfa9f0a96168b7e66188ff4c1eeb05d19594d6c3c7b0108a1513848ac3ae75e1fbaa5c4f |
/data/user/0/com.zongxueguan.naochanle_android/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3MzUzNTYyMjE4
| MD5 | f2d033713016fbbded34d20084730447 |
| SHA1 | d5d33039a3fa0dbd3192944a6c569a84f9d45d5e |
| SHA256 | 46800db9bf8b20b7435d50a10379a764ae75c8d29e04d288e5da6c8c965c1fc0 |
| SHA512 | a054e66bc5d07f96ccd892a6fbf287f8e1cfbdec7bb331ddbe279489d9f76540204c7b3282887ccec81098869213e3f6215c0cb34c95c5a6b00e208f98d76888 |
/data/user/0/com.zongxueguan.naochanle_android/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3MzUzNTYyMjIx
| MD5 | b02c0a26bf92e7db53fc6a65409cf8d1 |
| SHA1 | 658bc0ea605e489478bfbf44990b57da167a028a |
| SHA256 | 2d427aa97c09364646bba81eda0e39fa3ba4c775bb2767564668893f776aad90 |
| SHA512 | 808c1dd447beae9f1e9c8da979c67bb1278bb11d9c8e02e18e7e3d353e322853304daf3e260f8a416c07ef7516943f98c5294e0214fbe45670d3bdc3d407c6b9 |
/data/user/0/com.zongxueguan.naochanle_android/files/.umeng/exchangeIdentity.json
| MD5 | 3b09f70a4682969e7083cbea13509b27 |
| SHA1 | 94b6f47ce338f04393c606d78a9786c568bbedf6 |
| SHA256 | cb987463e394aa1ca7d3f7cc0078c9c93f6ee8d847509eee365c22b587b8768b |
| SHA512 | 51fa5106ac345769a233c28ce6968a8cc692b27de330c4647f267674b4fa846cc8ed13ba9312ee5d3c61bf7e6845ec2e22d61154fea4fbcdb15eb9041b845ed6 |
/data/user/0/com.zongxueguan.naochanle_android/files/exid.dat
| MD5 | 857015742fcf8ef93cb7a131f8bb31cc |
| SHA1 | b720c02c7828905e5235429194e0b8c3b554398d |
| SHA256 | 6c23f21710c82e66c870727a99b8e2ccce0e2c90f2dc9193e5fbcea4230491c7 |
| SHA512 | 87c5be3d6530f5a0e857b338f93e726676c0d0044c8ae2bca48b52e541c706b42e94ad30499404edbece176cb09dc59a6c0c5cb2e37945ec548f840fc4d3f325 |
/data/user/0/com.zongxueguan.naochanle_android/files/.envelope/i==1.2.0&&1.6.1_1717353563417_envelope.log
| MD5 | b4847db97c42773c9e20299ac6efdd4c |
| SHA1 | 0147686a9c0d2d2f4d54afc878fb580703fd6185 |
| SHA256 | 9c96db040cd8b55bc6092d07c10d33bae8a560754779550ab3c764ca3960613f |
| SHA512 | 1921086760cc1bbb967da8f0137ffa64983cba648796f78212c204ff8c2fbddc77d5ab53f6f726c0e67964ecb85c3e1c639547f6615b9b7ac5cc3d94df498205 |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | 87b929b521ebed6da93a98dd62d2afde |
| SHA1 | 64aa568402618a8cfeeceb2484cb533feb6af470 |
| SHA256 | fe7e75f25c84ef9c35e1a1c474b0844d240f8b3ba0a82813c6481a58e20b9459 |
| SHA512 | 83c0239b3fd471b488d84fd007a2bfbbf3c4fb341e9970d4b64aa66bda8d09caa210b0a93a6aa8a9bae0b6077d287e281763e44b136f0598488355cf366b3bd4 |
/data/user/0/com.zongxueguan.naochanle_android/files/jpush_stat_cache.json
| MD5 | 6c7bb1f0af79f8d1a0cb0c5002e4523d |
| SHA1 | 6720fab3a3c560e84ed160aede9395a99f013eca |
| SHA256 | 641190a2257d6c759c15ea2b5a852c8b9001bd0ef5780e37206858727f133106 |
| SHA512 | 59bf0b3c7043dd324c760261cb8835d7cea0a45e55bb7e48f5276dea33cf5766dc0153ed4e2bac523dbdd4c2715fbfe61769e3ec16dd6a0742293edbc69ce54a |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db
| MD5 | 4a8120c91e3143b2db43971dbc77cf8d |
| SHA1 | 37c5700d35059c4e0a718ced73b3d73ba5d2b277 |
| SHA256 | 1fa1b6e6bd75bcef64d35785e2fd6f2e73dcdf92dce73c8b2a8fed49746d53bb |
| SHA512 | 465cd282927e30a0a894a75ad261feddde5a31869c8cea6b548362afce08fbb7cff7a784bd1d62c3e4c95916ce30e758d3919dd4cdc13176f29d68c2620c185c |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | bb2a6b65947c330c1d8cc7c423311a8f |
| SHA1 | 2178838e7c10db77d916952247bfa78021c8384e |
| SHA256 | e32879dbdef4d3a71262c4ad2e0710bbacac7471456357ab09d100a877674723 |
| SHA512 | 9abbbb7a14cc6be964d199cd0839f053ab5e4ea6b9f3d7f5dbbd13f2dbb8bd01751bdc8fccd6097a3321b806bef4195f0400e3e04ef37b5c18d4d0022b19a9ae |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | 4ec80f05f00f45da8ed8fbe29308df17 |
| SHA1 | f39e5dd3a2d42dc6ee75ebe6488c2682d4bebe58 |
| SHA256 | 6aaddfc89531f4612d82886befeca964adb6616a365f8d34511af4f68c00e03a |
| SHA512 | 773fb3b8a237f8fe420d7126f635579ead695898fc134d202aa3f3befedde15659eaef2c7fd1a8ad56e4e1badea518cd6371b6c258f4361ebe00f9a2a6331a90 |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | bb608cff1807018186467d23a5c65340 |
| SHA1 | cb2f6bfedbeab306e5d1f7ddd7518733928cb19b |
| SHA256 | 65b5ce5a9ecef54e00b2bbcd362bcf604fdf491aa234ffd97e77199307e22fc9 |
| SHA512 | 62842205416f4b7a56ded70c4c4dfe197a42bf76a31b6d777477c68107692695d26ff806c71608fa48e9c0648e1a297eefcc22d3c1fb3a0f8a7f1a9d64e951fc |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db
| MD5 | 010e9592ebb1f64ba552c227dbe30a53 |
| SHA1 | 5b4ef5a644890b0acff4d5222d42278b52b21b05 |
| SHA256 | 1e787a9a8c93fc0c24df3ca113a229803ef90f178119339c5b8d503b6665c692 |
| SHA512 | 0dd4ccde185a2bcbedcd6fe703ea4ef393706f88b02506a79d8918d856a33f8351007e223084504175add76ad9a9fc9b373018cb5a7b93336fe90f13c26a8c50 |
/data/user/0/com.zongxueguan.naochanle_android/files/.envelope/a==7.4.0&&1.6.1_1717353566423_envelope.log
| MD5 | 6ab248137395a56fc7cf20c4a9a80cca |
| SHA1 | aed0014538ca87de0bd4caf96f0a77f97658d089 |
| SHA256 | ea7f1b880ce6e10c492e143556c96bbf7556a3d19fb578b3290e928da6b63388 |
| SHA512 | dade08cd35b31d62fbff50083335a971d31fcca1a1d2aa3761788437a1276ccf109381ac02ab795829a46543b9f7d8794f009559b55f06766b3bc3da1031d375 |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | 12e76b17fb77f4b5ec8bb19d4f24ca96 |
| SHA1 | f9d822875495d94b9d961637c695c105e201952d |
| SHA256 | 39fa1f383cf43fc58e569f5f457c90bd5924c460575142bb2e13a9f9c265ff80 |
| SHA512 | f6cfdf67da1c37beaef7468c146fa66347e77ec164bb1dad7c4efab75b59b27098ba9278873e7b40e9983a3d65a9e6df80bbe5e806c16edc573c72b2283bee08 |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db
| MD5 | 52f91f671c304303b6f92eada934319a |
| SHA1 | 2c601988be7e00cffec199cc3dcb8ec2f619630b |
| SHA256 | e01635ae96c540012420a63051408cb13871ffcf0b2267a7a2c108f6da25fee6 |
| SHA512 | e65b95009d502c81c908cc593556d3bbef3c5dc6b334cbcfebe06eb7f41c2c3adbae12a08cb46cf357e2ecc126264971af143d0299c7e6d8d4c90ee51631f67d |
/data/user/0/com.zongxueguan.naochanle_android/files/jpush_stat_cache.json
| MD5 | 21437c29cbe62ba9bddbd90b89646054 |
| SHA1 | e96b8ac0c93b5ab363ffbb1386711062d3b14cbb |
| SHA256 | d723967dd103527842491f676049ab69c57017a376a1db54800d8f460567b5db |
| SHA512 | d888d81e2bf1d0bfcdc9f7ba57689d5e68ce7ce6f2c559e5226e21ce4fd460bdfda72a4d39c9bde510cc466378756c3999cb07566afa2a5f8d3035704b702ccd |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db-journal
| MD5 | bf64be5cee9fabf8f3b8c0e57da6402e |
| SHA1 | 62649c0e2e7449430f04869e8ca9f11f58b7b2b1 |
| SHA256 | daff79b2eea476584a03959370a13f5c2fbdc2c0392d7f7c9c187c5fb2b89f2a |
| SHA512 | 38d8bc2aca174bb13fa54f8708b55dce4f26f3f387ac125534195cb66b22d6e8c3b101c99fc230e3c82f62335421fe724bfa0b9c6916751406ab98f3964aa9f3 |
/data/data/com.zongxueguan.naochanle_android/databases/ua.db
| MD5 | 7a2e1a38be856bfaf092909e248801e3 |
| SHA1 | 12051b0c5e089589a49edba0e6cb4aa72165c8fb |
| SHA256 | 8c250ac4b4ebb3cb4b4472307c597eddcf890793d01242923177131be88982c2 |
| SHA512 | 087c754d96de91959e4556b043818b2e14b39fa3929153da9bd404b6bbefd54068c4194cd7dafe54f244897f419784e0ba164210b823a4f730a5b272028934b9 |
/data/user/0/com.zongxueguan.naochanle_android/files/jpush_stat_cache_history.json
| MD5 | 77e2c7c5da944187424827782178e16a |
| SHA1 | b5f07558c8306a7d2f7090b799a44bfb338b6b4d |
| SHA256 | 1cf4a7fee0b62d90e5a88dcc8f00bb19d9816aa27b8b4386a5e61cffcec10bd3 |
| SHA512 | 9bd6e137bfd3a065ac4464f79cd05b459eaad2834d26aea4e7e5a44e9109b9cb5efd2815531b5c392d56ff17ca6b4387111a8b48dbc6034c69a91ad038e85997 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | 4c4594b9eb3e4eeff6ffcf11035829ea |
| SHA1 | 45cbb31d51b18661502a2190f588ad61805c5938 |
| SHA256 | 8da030d89f256baf65fb6a938f896665efa03c5d91de207941d1761917459b35 |
| SHA512 | 56137b6ca9e75c07547bbb0cabbbc2f54f96a765ef2d508c9f2203fdb39dc013b48b14fff1510599de1040b3b5fc98a18f6bbaf4206a1faaa954374ff328d103 |
/storage/emulated/0/com.zongxueguan.naochanle_android/nim/log/nim_sdk.log
| MD5 | abafd6d1f0bd159802061202b4e4251d |
| SHA1 | fc5144914d98bcbbed7e6862f07c3362fe92dcfd |
| SHA256 | 9a385fe3cdbca3fe6d7e111d403b83e9cb321c32e647406e6238f9b25ccdc534 |
| SHA512 | 17e9487e5be4678534c76bb405580c65eb26927cf4e30148cdebc6740bf63bf2e564b8f20e462d13f93628b412fa60a0427819bb06bde86da47f0ac66902059d |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_cf
| MD5 | 35621f298bf0c1aca1a8996b4cab61ee |
| SHA1 | 0d8f0628c75489ee2401451b26dba2ed7d9b8659 |
| SHA256 | ba266929372b28919271b5ea5f18a04d41f32cbce0353aaccae12fd612e27b43 |
| SHA512 | c94c97011a6edc9ad644bc637104b0fd8271ca57f484eb7dd1757a75b6b450b996c9cc436b747f21c73adf95a9f27a82510947de945dc1b4253f5111730e7983 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.ri
| MD5 | eaac3b8faf97c059aeaace00853a46e9 |
| SHA1 | 2b8bea2bb637428773c08eb9933e98690efee7a9 |
| SHA256 | 96af534f8a0fd0eecd3a9525b45b3dd9715a31c5054e2d80764da0430350a7a8 |
| SHA512 | 410f1322aa31786cfeb34d91666b39396bb6fcd27d075cad2f18052f51aa4c3a630e914acf487a749350447c3208bbd3e863edefce0bec9f061c7f182a30d3b1 |
/data/data/com.zongxueguan.naochanle_android/files/.jiagu.lock
| MD5 | 0a504e4d2ff86716fbe4af8e37544797 |
| SHA1 | b997c7d03a33a45d1fe9762d0d4b602496e72c69 |
| SHA256 | 5f1959ff100563946c69e33a34a7f69b403c962c3b211cb70bbeb05ff3e48e15 |
| SHA512 | d30a626eeb36a860826156e97da8edb7d151c44dc8284df13716b00b0200aacff6d55baedfbf1d4fa2d2e1dc54ae299b2a9bb328e7414e5ca3bb64919bc61612 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.rd
| MD5 | 102019fc82a91236c70821e1e7a8afe6 |
| SHA1 | a4573bb59ed9e6fe00b042478a9054fd23d0642c |
| SHA256 | 9d3b9b5a064159e808d4969ac5d16cd8e7c2d7b6afce3819b399b0e4b7009f34 |
| SHA512 | c46ce7066ee3294ad729a0e7f4aa55a68296ceeb1384a9c7a0170330f74a6bd8ef67ad64ab240ecc15a3fd33cd0d8a23fa17f0b358e6aba63c9e645dbd151a64 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.store.report_pid
| MD5 | 8163917a3f7b68df08ad723c13570559 |
| SHA1 | 196dc7d718a63ced3cb5ab9413e0319979a8d0f3 |
| SHA256 | b5472820718d46c668d70f7f5e2f1062817c5233e08c04add178789dcabd3e40 |
| SHA512 | 220e7921acb00a436baea337a250da136c4442e7938338cdecb32f49702098a9bc13ce295672cc496f58a8680d299f6725274561f687dc2da7be019e520fbae3 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.pk.h
| MD5 | af85a9343a5af31fc75ce305f5210e80 |
| SHA1 | 7a6a94f6916367f04d4fd3e46d792f8659d49377 |
| SHA256 | 806132c038beb14d8794ab800ce0bdf843e6f75891f7f96b8aba5aefd0cd0ac6 |
| SHA512 | e64144427d8a83bb2090d6e5f17c68de882062ec4eb15d524f97a0dc98d213d976bb79531b014633b812cceca1c5e3e7509990744023998ba0fcc6f649d8fcc8 |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.pk
| MD5 | 7ba62aad66cc6f0bd3bf01857f2985b4 |
| SHA1 | 688af059ace0aab0079edf1be791f9b3cbe9aad4 |
| SHA256 | 7609edfb9a2175b202718e5f99a95f6a9bf72eb6e7acf39abe14033caa0a2d03 |
| SHA512 | ead656c4876de8717c26c336b3ed729daa0436d4f9ce446c69bfeb7c52dcf9f6dd5f06598630a2bad62e864ed26f04254151a010240642d25a15ea70b40738fe |
/data/data/com.zongxueguan.naochanle_android/files/.jglogs/.jg.ic
| MD5 | 8bcb97eb87b75b254b82b833dc91139b |
| SHA1 | 1cd15581403fa9ba800a50de8f29b68f34033fdd |
| SHA256 | e0cd9b873e57a2c7af805c28c121f35e2cb02306c7fe397a26dc1dd82dbea54c |
| SHA512 | 7c65f7934296d717bc0c78e566f8d6cf67992c993b3552d4c54ba647cb873c352c18aaf50a35f196c7d9606f5bfce487f41cbab8dc79ebdcd3f7fee3630f75f9 |
/data/user/0/com.zongxueguan.naochanle_android/databases/mingbai.db-journal
| MD5 | c35817a539f4464e0d2a82fb3b4f2c1d |
| SHA1 | d91e1bf7a2ae892ce8bc94c649ccd05b9a0eb4c3 |
| SHA256 | 03b6f35b9d4fafb42a4bcef371aa1a93f87eb23a2e8afde4fb09146467cbd416 |
| SHA512 | 535c3238bdbd1b37e038c9cfdf50fb608094e10c5b4dc59158af1ad1541f140afdade3961d8740a8b160b003716f28c94b87fa4231c2b6672d2d6425db035a50 |
/data/user/0/com.zongxueguan.naochanle_android/databases/mingbai.db
| MD5 | 94e3a259bc1c5d8bd6d80dffce195c2f |
| SHA1 | b01d49f2e52ebd04266ad46f23137a7aca935a22 |
| SHA256 | afb0d20028f6af6cf977489362810d51d45007bb2987b83187eb9ec56d05aaa4 |
| SHA512 | 9b1682465013e22d59163e24aa1efc8766af88bb3c6c312c8f8bb6a32d30be085980b54416b782352de9075662869de38bccdf8669bda988e0841b10535efb5e |
/data/user/0/com.zongxueguan.naochanle_android/databases/mingbai.db-journal
| MD5 | ba8002e75a519f580a6143107a1ec834 |
| SHA1 | db7b22f50dda2b55f7a42d3e387246b5e584e687 |
| SHA256 | 2f378f552cd22c927b5f16d20118c91c430cf37ef2071094dfd958afe5d2a0a0 |
| SHA512 | 9ed083966412f4f55a8fae563520a16ffce90206c4b621d18830a69578fbaec88454d6932acb13e0c4ed53ea0a88bb8cc04d673a6a3f66b7ec3d43e0c517d657 |
/data/user/0/com.zongxueguan.naochanle_android/databases/mingbai.db-journal
| MD5 | 90cf650c8a19d953148942fab2164ad1 |
| SHA1 | 340718b513844df30088bcc2f388abbbcb178112 |
| SHA256 | 234cda6e84ac46f4a1552cf553702c3256d9a81962e5985d27f5c55d3207ff25 |
| SHA512 | 6995325321c245b454bbf2910193b4d323042b34b60ea7cc357add0202ae55e578c79773ef565ec24c99717720a3a7e277e6c0e25384b19a45b1433b14d16c5b |