Malware Analysis Report

2025-01-06 11:51

Sample ID 240603-ef8ggsad4y
Target 9074748031e1707cd5ea2f2d5b1f9db0_JaffaCakes118
SHA256 09dc3f524fd188735c473f88caa3e92e963ffb5b22670f784f7a07ac0bc56a63
Tags
discovery evasion impact persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

09dc3f524fd188735c473f88caa3e92e963ffb5b22670f784f7a07ac0bc56a63

Threat Level: Shows suspicious behavior

The file 9074748031e1707cd5ea2f2d5b1f9db0_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion impact persistence

Checks CPU information

Checks memory information

Queries information about the current Wi-Fi connection

Queries information about running processes on the device

Registers a broadcast receiver at runtime (usually for listening for system events)

Reads information about phone network operator.

Requests dangerous framework permissions

Acquires the wake lock

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Checks if the internet connection is available

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 03:54

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 03:54

Reported

2024-06-03 03:57

Platform

android-x64-arm64-20240514-en

Max time kernel

168s

Max time network

187s

Command Line

com.android.okehomepartner

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.android.okehomepartner

com.android.okehomepartner:ipc

io.rong.push

com.android.okehomepartner:channel

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 stats.cn.ronghub.com udp
US 1.1.1.1:53 eco-api.meiqia.com udp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
CN 203.107.60.151:443 eco-api.meiqia.com tcp
US 1.1.1.1:53 log.umsns.com udp
CN 59.82.29.162:443 log.umsns.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
US 1.1.1.1:53 umengacs.m.taobao.com udp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 nav.cn.ronghub.com udp
GB 8.208.102.120:80 nav.cn.ronghub.com tcp
US 1.1.1.1:53 api.okejia.com udp
KR 103.199.103.92:80 api.okejia.com tcp
KR 103.199.103.92:80 api.okejia.com tcp
KR 103.199.103.92:80 api.okejia.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 amdc.m.taobao.com udp
HK 47.246.103.9:443 amdc.m.taobao.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 111.63.206.54:443 umengjmacs.m.taobao.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
HK 47.246.103.9:443 amdc.m.taobao.com tcp
HK 47.246.103.9:443 amdc.m.taobao.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 59.82.29.163:443 log.umsns.com tcp
CN 59.82.29.163:443 log.umsns.com tcp
CN 59.82.29.163:443 log.umsns.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 59.82.29.163:443 log.umsns.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 111.63.206.54:443 umengjmacs.m.taobao.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.228:443 www.google.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 110.253.188.241:443 umengacs.m.taobao.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 110.253.189.166:443 umengjmacs.m.taobao.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
GB 142.250.187.228:443 www.google.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
CN 110.253.189.166:80 umengjmacs.m.taobao.com tcp
HK 47.246.103.10:80 amdc.m.taobao.com tcp
CN 59.82.31.160:443 log.umsns.com tcp

Files

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 283c19477488bbc65d54f644c6cf255a
SHA1 8fbdcbb6e3fd5c941f41de1d1bb85e40d4b9fcda
SHA256 261653d782886247409b1cdfb08940fea74d31da88e38947e79a19732f456d41
SHA512 0df5929f7765821d7fd16f9a10eb96d53b4b22d7aee073824c6d3c3812228aeca30e8f6f56f1d080a9957a77765e97db8a9c3c863144234f97cecd93277ae4db

/data/user/0/com.android.okehomepartner/databases/MessageStore.db

MD5 89cea6c1705c46d47b6b2399feac5036
SHA1 83cfcaa4333354f09688a82614f6644d71cb6ac2
SHA256 78b075b2dbcdad20550d212dd4436d6e2b544a8b26dbf9999423fb35a6732dbc
SHA512 5a36e31ace9dc6807233306485d7b3264876358f3dee075c38cf1654ad0365f01ef5cf0cf629c9ca7f3902d306d5e1877c3d777fca8ff069d64fadf7047b0e06

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 4602f2ac991ca36987f8befd2570090c
SHA1 9a57c30523c121f6870ac292057aeab945b2560c
SHA256 e92646cfdfea8b2c59387d47d9e3e1cbd40537ff1e2f1ee3e655a9a3f49f6964
SHA512 48c1bfbdb00315c556927a60c634a15c812fcdc4871a221edaf5baa6e3dc5b482c81450ef3663ef94c37dbc084cb967359b566333479df89cdc17f4759044308

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 a811448c4c9256240041232ae82fcafb
SHA1 19def804a0f502866eca5aa6219a7e27fa201bae
SHA256 e76721f38e5663f4fc3e27cc14f6bf2f046e6b90e626a00f789c44c91b5d9b9d
SHA512 4e5ddf3282aac0e685a1362df879bc447db99eca70aa7ef433410df21421874e7410f18b8ded399ebc0140407fed2f75528236780ea68438218502af6158a38a

/data/user/0/com.android.okehomepartner/databases/MsgLogStore.db-journal

MD5 238b6d8930312dca5bc7c867952a6ca8
SHA1 08f3bdeab006f2e086e1dc8af683cef80b93d0d6
SHA256 52bbd4729492259e35ffe552954e9b096a6d9b4102ed4948d46c1ed5b9c21093
SHA512 8d9706d49f3fbe4de0a0bb49e2e35aa0c9a9c31ab7bb669605aee55039d48068e59de5bbb5afe764b796823dd7e01bdb4f8f8254fc1b1c18bf667285b701775a

/data/user/0/com.android.okehomepartner/databases/MsgLogStore.db

MD5 6ec80610e45fb0145240e74399fb2108
SHA1 7630ae558b6b41999bd08a280823780ece06fb10
SHA256 26580c1c92e141a7ca682ceb5dcbda760ec6bd59fca00033edeafe85a2062249
SHA512 dd8b42662dab4e2bb87de00e3e13658c80b46904ddf472bfe8b39cf2cc2240ab8a86035fd0b522ffe7a0a571368651f85d88da2ed2a97c5e1860e530027101f0

/data/user/0/com.android.okehomepartner/databases/MsgLogStore.db-journal

MD5 7c0b5c6d1120bf3635cb815eb5e29f28
SHA1 cbb58092e164d3d098e750a608f3833f85a06476
SHA256 f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b
SHA512 151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36

/data/user/0/com.android.okehomepartner/databases/MsgLogStore.db-journal

MD5 2163125ad993eb6c4de083c3cc84f339
SHA1 f2d92d8dc6aefa6ea28b75c22301aa36b3f39ce2
SHA256 3c3089decc5b8ea97a95d119ef138b4b6947d463e2006d17c682926b20626376
SHA512 b7f7161daac46c488a151b2af82cd19f470839e2cd959919c2b03f9365a5ef3985f5a68e74c9a6a2cd2fdf8d4938618d7cfcfbdb3b3ff6cf550b388130fef769

/data/user/0/com.android.okehomepartner/cache/image/journal.tmp

MD5 bdf7c9b4ab66d0d726dc513f5b7a98d6
SHA1 2029737493c5747a996d75b19693f008bfb250b5
SHA256 a4609937c6f423a2158051010892e8f6e943df5a97ffa87eb56b77ab54a3916a
SHA512 ab77ce837777c8c1104c01ab2e55bb42b3810c05f2dbefdee1ca37d082d0f3bb0c28af1c178e9a8a8dd0d74fb985606123e5a680d472e3d2a1480bad88f0690c

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 865bfae62e506041eab6bb03123c765a
SHA1 f9ae14dcf1caf3dc9c9a273120557a5d2436124b
SHA256 6bda994d0715dbbe0d5df48c94c5d874b4c2b63b62c8e0776028da9a21ef5d7a
SHA512 29169abfc9b40166f346d313ad67a4ecbe67b71641bbc5bc0750477b368570ceb3396cca29f4faa8824316189c0212daf324080564a036a1b8b4ecc901d8de44

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 05da4be57c57d0c9b3e3c87575ad4222
SHA1 574a86086ca2ee51951f5840c8919c0bcd6d1512
SHA256 d30f9875974fcaf812556b0191a2d72b71b0c025ed53244fe2699e2bbf32513e
SHA512 5853596052b5c5c53edae28c946d156b630b498fd9f2b6cd3e5bd34d11dbbe12a7b59df951570543bfa26e83ededdf745670c23684ec34b19afcfed43466cfed

/data/user/0/com.android.okehomepartner/databases/accs.db-journal

MD5 abfb0c4bfe5b502021079afd8dfdbf7d
SHA1 ad7f0e1f2aeae422a404bd11c7cdb4a15869f5f0
SHA256 dbb9d0db8107e0447d4481951d7aa13d1806bdbd75e0ea35bac2e83ec0529071
SHA512 1087925f1583d50cf2bc63111c1ae5aa073c9b88dfb984fb071b4c83334f994ecb9b18fbe17e625fc31c54ced1a78c675476d0358a44c7bc480cb8fa7c3bec67

/data/user/0/com.android.okehomepartner/databases/accs.db

MD5 d84bcbde4c76d6f0fd51af17845de222
SHA1 d5fbdcb176bfb93e2a54137b5c8c2fdb2c3ba4c0
SHA256 935c39b923fc689a641226f8aa7d928a2474dc9cc36d38bbab213bc72ed73b8a
SHA512 1f500ad781de0d2a429377c5c5c24cfbebe0c6cab9606f7d5ae93a770396a1ab77b587b292d9a65cb7dc4c496ff471bdd45032851c01415d9f9f2cedb75880da

/data/user/0/com.android.okehomepartner/databases/accs.db-journal

MD5 4a4b09be6e5f21d89f206f408f0b097a
SHA1 8acd2f4d6bd4bd1f96db9bfec07bff208397a692
SHA256 d6228bca14e155cf71b3a2da53c889da3bb7418428352e6845c5a78c484cf086
SHA512 9aea108485ceb7a3b1782eb51b84e9604942a1d2f063b08439e17c367bb9e75bfda92b0693660fd1798602ee53dda10b17d80eb45c802890de2e3e1e5ae81a4e

/data/user/0/com.android.okehomepartner/databases/accs.db-journal

MD5 a20c157e167ee9bf2405167244adc11f
SHA1 46f8392e6718132437b768e3d9bbcd05d3449592
SHA256 2112960fac08cd7ba130d927b31a1734f82026da7512a99e9119e0199e2dd109
SHA512 eeec526e56bdfce0e8abd662452a0a446a1d04f6316036cc136644d8b286156ff71a8ef821f4e0098d3189594504175368932ad483daed4597d463f7f6e30dde

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 dab1fa35a105a22f59e42a6717aec85d
SHA1 3ccd16e561554cbd3eaf7ba7bef5630368e829c5
SHA256 26b18c2ffa593a853c6e62268d3b4b6a7fa46bf8e9051f9005341abbd9929478
SHA512 e87148d15f69a098811573d9b17aa234d00209766a8cf26bd042cdf2a84f0d98dff93010ebcf6b734cec43ae03cc68000f835b9165af6691e9c79a520d009236

/data/user/0/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 5cf32ef0d6653fbfa1bc7cc2c3a1fc80
SHA1 ac7884059898933f3a6ca78e1bac00c5b5cef9df
SHA256 5528d434caa469d1f44c2c6aba8cfaa1c3c23b55ef057f021ca4ae89e2496d04
SHA512 7a0535f2fd42e70b1ee76f9f36cc89410a364af7d961745b03e4d651365a7b5feef4e9e604a8da4d2e351a92026b8c246852286a2c7653402762104ad66dc27b

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 aac17818b985b5b3b3a0351cea5e17b4
SHA1 9529b12281488035538fef5c9a76418061aac31e
SHA256 cdefca27acaa1da04c70b3b346d81f185c90b67d059a97e1df8a97de606c4e78
SHA512 89ceb8a510edfe102a438fe824073b120adac4a51f2125892f368138cbbf2c51d2d56db9924a61dba827bd851a5bfec94cbb519aad82188cb4b85190849398e7

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 c2b008c14195e7cdef44d06e2e5d01d4
SHA1 0a3b12db9c7167db679e493b2102d4ce4ea92445
SHA256 f4c0cac370abcd6c7ceb652d2532d86cefeec5e02d8e19cb3ac8ed722898acb2
SHA512 098509f3a8da6c2899cd21c224fa082f80377a765920286ce203f49b02709245019c1ba66d8d2fbf9d22306e21024fe9d8af70c219cd4ff95e25d9f9d6c4cce6

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 641d2881455bf6ebb3db085a65eb32e0
SHA1 59678642a818edeaa874a492c0750e544a85e93d
SHA256 04967bdf91b581d6ae263c7a30bd1ab9f077209729515fcd98491b9d53961498
SHA512 179e91b86fd52ba45dcce793eb97ac8603444d95c8fc2ee78ab500e17b3754f37193099d901d0b79fc5a90dd2e7206e930e4c6e46edc02f2d24548cc8ed4cf0c

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 657d3f9cc3eeb02a39af696815044f50
SHA1 b07cdba5d332f9649572ff778fa644c02fc21aad
SHA256 9887c545e11ec3f201a3b98a17e65f7d76d790531f8ace29b4c125e019d9f345
SHA512 d8e4ec88a32a57bcc57c74d2823124982bd9fdcdc9a43e0296f83b99f80d36103e158b09686d2574ab593549d56dd698be9707c84e3d467be23cd1eb5fdb2396

/data/data/com.android.okehomepartner/databases/cc/cc.db

MD5 4cfe777c9f6e7859f5efe2197401d8e5
SHA1 bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a
SHA256 c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231
SHA512 6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 17556a0714ecba75692d6081eb0e52a5
SHA1 982c963052749689fd12b60c6d1cfa9b6cb3fdd0
SHA256 d8942330973bb2a29870aee025e5a87a481d4e7317a31a1e404b284c2a89c7ac
SHA512 04a90c6e582eae94c1fa28fe66da7456b1c5cc8bb8a899d8c19ddfcef5b5115bbe53c0f45d97402053ee29f0d48b74f96171433ad4f51b10b674160bf7f2e26b

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 83369cb3da0c966767e58cec80bdf759
SHA1 1418a0d0253cf6d20b4b39b16fdef333dd957aa6
SHA256 d0442b9c477327977bbad8fd1e0091b2265fd3d5866c26fb6fac56ef7e13895e
SHA512 436c3f26cfc059b7382462c2c308ec37b7c2f2c0252b62df56e5f6efac77b045b739f99f008fa01100901ab4e733ec89079e3dff94162d63f4747a434bcc851d

/storage/emulated/0/Android/data/com.android.okehomepartner/files/tnetlogs/inapp_20240603.log (deleted)

MD5 462aaaef847372b9d191ce1609c0a4a4
SHA1 892693c0bdb76b99e09c57819d1c32c39885ad27
SHA256 b6a6292172ac022bc777f46e12d0bd6c0c6427db314a97683fab31ab8da72731
SHA512 e5c89ad61ba9298f6258c92cba041e6dca0cf02eb4e8e3019aa0d87d1f01b011350174b814425dc2a9af1f3e2bcdde6bbbecaa88cc94fb2907e31ff80d984095

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/uil-images/journal.tmp (deleted)

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/user/0/com.android.okehomepartner/files/umeng_it.cache

MD5 8b84090e58c768b5592fb96f2380f49a
SHA1 7af586f9b2586ce77af7e9795b5e825db47443e6
SHA256 21d4ce8e9aeb5944bb3762c636bd37301b35996240f3b2ddfad727d323c90ac8
SHA512 a2a9973124128ee855bfb748bcc3a3311081620cb974fc8c50ffb3372f8d65479f854ddd637d1686046b70704596eb4a2c1d054ce29f02ea9662518ceddaa508

/data/user/0/com.android.okehomepartner/files/.umeng/exchangeIdentity.json

MD5 071a06c2dd2b9d210fc1ade5be6526b5
SHA1 fda9ffd3de911983c34dc030424702fe2e26625b
SHA256 9e6d6682b0259f5be78d56ec9a56e96eeeec02d870f7eb64ed819ff1a3cd4f73
SHA512 9ea81d75858adc6e0827310caf1873bebb0aae05dd6d3da7da3ab08f3f238d54527e676e5e7871346e692e5b6406570fff685403c9a9b2ba042ca1324f83ecd5

/data/user/0/com.android.okehomepartner/files/exid.dat

MD5 2f78dd6d1127be0442566eb6fb61f67e
SHA1 4e3ec0804ecf1f214d4806b48600612a722d7685
SHA256 1585c4515a886c6840fb18c346177c53b9c07713f2dea97af73823cf5b5d14af
SHA512 89d51afab5e3978043a84ca7a266be246bb172b321c986acac0bebb611b806f6fb206221efbe49a545e0736710d08022308df786f924eb8ce0b37ffdcd7fa852

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 bb1fb4b6ab2f41438d4fc331995695a5
SHA1 6a3839a5551f532ea9ad1eb34915cc211b3b23f8
SHA256 cfefe01eb1601e73d10eaaf0a98e02fc8a212942e438f9807101dd72a47eb7ee
SHA512 62b2e905137e3880effb776d93e994f875e63c4338d574d86bc020ca79b06673b57bd1b7d15a26e5f0f6ed67f504a430b4dca58b5641f7731bacf7d3722db3ca

/data/data/com.android.okehomepartner/databases/cc/cc.db

MD5 86752a4be6564d8370f2f0e403995003
SHA1 29f7d50675f6e59f3b808eb6dcc8619384412115
SHA256 50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c
SHA512 79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 7644bdcec2824e412053f9b50221baa0
SHA1 32a61cc72c448372c21cac8b8a88628de89f5058
SHA256 3fdafb71b0c264c7987de8935be7be818008799c24cab846724b9fed7c59fb63
SHA512 ba5ec37c73f51f6515d15c3aeb13ba8d12b9f74190e4f12ceb5abbf998f033eba030f1f533d65b123af4dc87e6b6b4f64640bdfe0db33bccba894c2f07efe564

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 690d6dafe5a2f447d698d75bdfdcde32
SHA1 9167d08e8ecd318866aa9a7891a84b105044712c
SHA256 d1199bc9b66240f010f3d829cae03d6dd3a8bbc9fb9e4a2cb0933e117c861c7e
SHA512 38b0eba0683aff19fae2769bd7b77547b8d48fade56110cdc10ffaab22a953263f965e574afe1924281381fa4b72594f4a576d124f9fa5cd20517dd49d7f15fb

/data/user/0/com.android.okehomepartner/databases/message_accs_db-journal

MD5 f755edf2599faf3be6059f95d8fba389
SHA1 6652a27f067fedf8df5b6aa1a96d12fc33977b28
SHA256 1657fb73fdb6b29375ac4fb1f9a01d619c697f7e6ff9d4e92200c98f13cdd719
SHA512 ad877d779cba2ec07cbd57d04027dfcfe154fe40b623f5835910632ea4026d14a29bd695a7cc6cd85b93212f1c47430921ee2bdd5bd6c898b006d7e0d7df577d

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/28854d2bdefa4a8190e3d1daa8994d3b

MD5 55c19da5968fa50bb70d5835210e264d
SHA1 5c1719ed6f1586f7f9cbac730ab6d56f0fa0498e
SHA256 48841d2ae52e22a7dd564565c7cdba1dfb9cc44ccc7463437ec4d1abb33383b3
SHA512 710b6d7e49c240ea675f7ff4be6df574616178b0215d69f3665f36338b2a5db5ef994b35446d3d11bd11ec3c82edd0fd7cf032e76132e1bb900c28ce63380e54

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/a5c50bb647254dc99474c66177b013a6

MD5 4013f922d6e2b5127df7532c533abfa3
SHA1 d2c113e1b1527a8525d50ac571499d2cfb04eb1e
SHA256 8592bbbcb58d5d04cd7358acbda5fe0488fcb60a101ca6a36e9f7f0f2f0ec00e
SHA512 99103ad0ed45dceae56810e570ffc612d69a7713fbd85208301fdd0cca77dcb12e4d61699b9431836e6cc239375eb22d5499fcd16802e60d2ac0c49c168709d4

/data/user/0/com.android.okehomepartner/files/.um/um_cache_1717386991580.env

MD5 62ba94749dc6cc9c67beda0304e35d32
SHA1 b861d7f73eec763918a79cd09bb13633c19518a1
SHA256 b82ceecd5c4ba42a44dcec7a8732018a3300afb382d2f251e949274100637644
SHA512 7e39c4a029ec5bcc8c008297ad9a46e88c9335eda2d61ed98db8c75b5946613d0f1179ecdd1981d122cb6cd7f9b81e9e672c07820b21846bc54a9caf39ca1f9f

/data/user/0/com.android.okehomepartner/files/mobclick_agent_cached_com.android.okehomepartner29

MD5 849fbafb7750b000ae0198c4cfce4c5a
SHA1 c5dc4ff227582ccfc76f1be7b9664713572111d3
SHA256 0d38c20f7a324e4f78e05e12105193594d9fd211df1c834dd16304e02893794b
SHA512 2d2a3ba251212b3b68282422b05b48231132a7eebd26bf084f7484ce0a35908b49dc28894ee1caf38729be5f13feace873696c5a0f8c3e725bb1bbbed43052f9

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 03:54

Reported

2024-06-03 03:57

Platform

android-x86-arm-20240514-en

Max time kernel

163s

Max time network

183s

Command Line

com.android.okehomepartner

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.android.okehomepartner

com.android.okehomepartner:ipc

io.rong.push

com.android.okehomepartner:channel

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.204.68:443 www.google.com tcp
GB 142.250.178.3:443 tcp
US 1.1.1.1:53 stats.cn.ronghub.com udp
US 1.1.1.1:53 eco-api.meiqia.com udp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
US 1.1.1.1:53 log.umsns.com udp
CN 203.107.60.151:443 eco-api.meiqia.com tcp
US 1.1.1.1:53 umengacs.m.taobao.com udp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 nav.cn.ronghub.com udp
GB 8.208.102.120:80 nav.cn.ronghub.com tcp
US 1.1.1.1:53 api.okejia.com udp
US 1.1.1.1:53 alog.umeng.com udp
KR 103.199.103.92:80 api.okejia.com tcp
KR 103.199.103.92:80 api.okejia.com tcp
KR 103.199.103.92:80 api.okejia.com tcp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
CN 59.82.29.162:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
US 1.1.1.1:53 amdc.m.taobao.com udp
HK 47.246.103.10:443 amdc.m.taobao.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 111.63.206.54:443 umengjmacs.m.taobao.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
HK 47.246.103.10:443 amdc.m.taobao.com tcp
HK 47.246.103.10:443 amdc.m.taobao.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 59.82.112.112:443 log.umsns.com tcp
CN 59.82.112.112:443 log.umsns.com tcp
CN 59.82.112.112:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 59.82.112.112:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 111.63.206.54:443 umengjmacs.m.taobao.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 59.82.29.248:443 log.umsns.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
CN 110.253.189.166:443 umengacs.m.taobao.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 59.82.29.249:443 log.umsns.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 111.63.206.54:80 umengjmacs.m.taobao.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 59.82.31.154:443 log.umsns.com tcp
CN 111.63.206.54:80 umengjmacs.m.taobao.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
CN 59.82.31.160:443 log.umsns.com tcp
HK 47.246.103.10:80 amdc.m.taobao.com tcp
CN 59.82.31.160:443 log.umsns.com tcp

Files

/data/data/com.android.okehomepartner/databases/MessageStore.db-journal

MD5 2261ebf1bc6fe681d72003cbfd450139
SHA1 d4b1954f066d2b5e50227c897ee0b10198ba1267
SHA256 a69c26538f2c93957c0393b6c91ed1f9c6f05c6724c863579d7349e826f2ce90
SHA512 3f137e78605cc7ed4abfb99ed1ff72ea2e69e0670cb7d438de45acbce4bd5734ea73c73870c07afb3beded0153c21ca9b9b7d781e25b1dce73d0a4a0700d09c0

/data/data/com.android.okehomepartner/databases/MessageStore.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.android.okehomepartner/databases/MessageStore.db-shm

MD5 afd741d8ec4662c1b1b2f23536cb21d5
SHA1 a4b7d144c0121b4f0786f309af78866aade6d9d1
SHA256 669e1d1fe2eed836844b6ca57f82a74b6ab6b272dae6ffd706e20e9f4c7ff501
SHA512 82348387a08e2a72ac28b263a49f9a2b1206935cc840a5deeeca0c4a0f16643ced385efd28c283dfb10c4d98bf487a8136ce614242ccaf6bdc7f2c42b08b8f13

/data/data/com.android.okehomepartner/databases/MessageStore.db-wal

MD5 f58a503ac1fd0898b22067e875c4997a
SHA1 5e2f384daa80c1d90e75b6f4eab73ef2a3f1af5c
SHA256 4590db681073f4a5f388571e52de41406d347777dc9c11c5797101d76c6d29d1
SHA512 febb4bcad21db00aa16578ed54d79f0eeaa3a70c5420b0a501287f4063a5f4ce56116de97b79145e4c9b88e3a45f8caa5eeb58d0e50a391a250f0d383b4280e6

/data/data/com.android.okehomepartner/databases/MsgLogStore.db-journal

MD5 79f5caef83568e223245fc33a91c349e
SHA1 1c587dbbc2a5439c05d34db63c02e69efdb24cc3
SHA256 d0e18cbf06eb719cfa77099c8736d07336625eef9eb55ed1ee34cb1e5fe3b1b7
SHA512 cbd3493525a4438a86f6fef7bcd2ad3bae0c88fb6b6c276912177b946f35e6e85969c1154fd56ba511121e59b1bb35d35dc359623f7e55f0f021911dd63e319c

/data/data/com.android.okehomepartner/databases/MsgLogStore.db

MD5 911ee82f0925bfe32a96a1dba29707af
SHA1 ef9f395418dee15472425274f6f5c4858e074421
SHA256 c6442081397400c71ea6568ee437f13f3458de118a7968c0b73aa1106f0ac5b5
SHA512 a90ba1bed18040855e965e1df9662d6e89c094e9330a9b013a51433e6231b6624ab7ac41a367c8dd18a5f3ec641e4dca419cfd72039099784d6a22c31ba81cb3

/data/data/com.android.okehomepartner/databases/MsgLogStore.db-shm

MD5 e69e2181c99ce4dfb99176f6fcc0e8eb
SHA1 174383fd93bdd45c5a649abcf989db8a449d80fc
SHA256 90bec8f5cb2683a5f1ad73fba797a3085a5dc5cbff1b105a3b17ac7caab28364
SHA512 091668cd3566ee91f64e76a3782e62752f8760b5144513e45f0223e80c4cd7a12a404ad5351da5a63fed72ad4b2c6b759cf015831adf2c260ee196ea18deb677

/data/data/com.android.okehomepartner/databases/MsgLogStore.db-wal

MD5 ddfc7ef45302ba7c1d300e900089f0d8
SHA1 f665bb59e2c8b4a4ac89fd126dceafb80da2395e
SHA256 6ace0b8ce2c00773d56e5841d9175f5bb2e9f68c2ace65d64cce60351de80ded
SHA512 f92755730d1adf3ce76692ae54c6d2c7ca3e87c787adb32933583710e66c04c7cb435b2ffd0b52a32e94c5a02769e6b7cb8e6e0d8473711a8543b4bf7349795f

/data/data/com.android.okehomepartner/cache/image/journal.tmp

MD5 486e2bac2b3e9e1cb411d2838a4854bd
SHA1 81dd0a7537f4af319b830ae834908986be85da8b
SHA256 5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57
SHA512 c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

/data/data/com.android.okehomepartner/databases/accs.db-journal

MD5 36c70bb3bcb65077414c7362a9223753
SHA1 81604bf0d377d7453e0cc67334670d58f5b2dc60
SHA256 7c07d89ccccb89eb0576f8cbac26f3ab20bb372c7cd58cc6ea13550f82f26ccb
SHA512 334563cd4d8aca90499a110a3a855b14bb701faea11b90406ad69274b7d42b2a83c9c25e6673f23567cc900622b8e74cf74699adf8f6cc3fdf81ea903db6e5a5

/data/data/com.android.okehomepartner/databases/accs.db

MD5 27354ed481321b6672a4e0dd527e6a55
SHA1 ccd0ac1df12f98e32818e545a15db79a07a97b24
SHA256 1b166361da5ba63006dd23971a0ae1b72f058f6826e65a166327490ec6392e27
SHA512 34da4fad4d8e53d0b2cf830078993ed31b50a2b5c0e647b9b6df2bc1625ce8a7185d8521de70a60798e538ef7273861bff31f8470661629360740cc88703f538

/data/data/com.android.okehomepartner/databases/accs.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.android.okehomepartner/databases/accs.db-wal

MD5 5f1ae1aea9b06bb052c676c85ded27c9
SHA1 7050b8fdc72496f5d35384ad608465c7d91e492a
SHA256 25e044735a8d976085e94c3a9b819c1d91d1682366421ad7c59d3310f6428e7d
SHA512 2bbad12458a8563aee6eeeddd0e66a622989cf36e301105b3a2d1d876f21f1f2c453cbba5f5fe1a481ffb8ffad5318223b560cb3bd6bd8856dd9c1c23cf73af1

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 7e053b9ff60cae27ae8ad21d21632932
SHA1 674652aeea091ccc87e35cbe782b4c597c5e305f
SHA256 9573c317dab83c2c53eb65fe9b054b7888c116aa35f487ab26746e3ec383c9b3
SHA512 75dafacaf80780cb0140f5320234af957ed75a3af837069b52b1dbc44e67bb2e08f14dfafe1c3ca276e75b228c47b39f62a5d482fbdfb943d99f7e22ce5f4c8e

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 74e2b00af8d47dce221c84d6e54de0be
SHA1 28e842b15c156b9800730a78756a9a444b9e2e5e
SHA256 0a2d326c1d4c1fa721231d04e6fe1f4c39040e65e77d9ed040153bf95a945ecc
SHA512 793f646d231ff75befea0dc204e5a90435a2da8007e4fd809c99c90624fa674e9fc6a0dbd7b35e0b19d7a706e397befd2bcd316173dcc02cf5855e83de6be04c

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 29e5397d2a197abef4897cc9f2fdd68c
SHA1 0b657e70a2b0068a10d77a07a6a995cb54264442
SHA256 b0cc9aea33f5442c9a84252c02f68b1e13d1ac2295762f5fa337d1212384308e
SHA512 b05018f71805a48fa753a6c3c0e7e3f837cee94967c6f1bf30e6f50061ff1e9c1833911d702c6c385090e29c7eb71570c5d4c5c651762ec5d58ec87d9e713b95

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 35a745ce4c2e03dfb7bd58a0298e7291
SHA1 ab58441d3506bcc1774c37c25c73b0baa48797e1
SHA256 b0c16674bb4bda54f50d341f69d1165905c84f0a329b9cb5dd6f306c9ff80759
SHA512 17efd72a932871dd2d69c00db0355822aca4ce75bca92209a6669e2bdc1ee488053e97a073c26ab8c186cf23c8c97b0194d342070423f072e4215dbbccf61871

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 c34df8847ca9078c39ebabfe47d3932b
SHA1 1434477710a9b79aa38c1f91720bae148e0f93a2
SHA256 c2839f842f1df9112f527910c607011fd6cac8b35e64dac3d495797dccf5eea3
SHA512 471bbb1a23ccf42bd6ecef3e7e2828210e847f8ae4ab4ce4d57376be85dbb323bbe1548ba53ace7ed91a86687b1516a5251eba4acbc051d52836fb4f91e493a1

/data/data/com.android.okehomepartner/databases/cc/cc.db-journal

MD5 b49e3b93782692a13e6c300e9c219345
SHA1 eb885e0a7e12d614d6b840ed8477d855e10508ea
SHA256 2e895ff36ebbb77442a44035d865d6333943010d9d27bcd70bae29c553dbcd94
SHA512 d2b267ce0cf9bbce49a2b189e7e4dbc6bfb4ee09f029e5186e88c85592250f4079e279f9b3304fe703bdf9ca6c2623a1adecd580025fb28fcf8d85e0d8186d5a

/data/data/com.android.okehomepartner/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.android.okehomepartner/databases/cc/cc.db-wal

MD5 52c956dad0d19ee2e740327288a21403
SHA1 c996365c19b1ab1d785814cf30a5caa63dec0cb6
SHA256 7a37aac796e30c457b7927bcaa19c7931eb8e29f239f9eb0d8a1894ad851b384
SHA512 664114a28a1a780fda688c7c8fbde899b6bb31402a8300889e4a0c5e18f250f4e020042933b88403b04647512d338a25d2e694849ac568423f513eaa9c8031f0

/storage/emulated/0/Android/data/com.android.okehomepartner/files/tnetlogs/inapp_20240603.log

MD5 a473c5d2dd51009631adb3b29096cf73
SHA1 0f3bb2f0a872f5d81bbef7afb104012437e75501
SHA256 22080fab56ad62b55c6443aef9b6055ddf68dbde9affccca9799c3196b1524eb
SHA512 2fa461dc59da7bf0794c652c51db8fdd448f16667f3bd43769af6d0910f9589f32e45a9a8a4ac8721ef754eaac93b1f0c5715387d593e17bb9cf244a6d9cbfa6

/data/data/com.android.okehomepartner/files/umeng_it.cache

MD5 53da4bf8b791766eb457260896c5cf9d
SHA1 3ad697d7adabd105e9b73680a4d804ea1976e853
SHA256 5ee76f07bf853b4e92f1527fc8676835b0fea04271974f01601347cc1a25e115
SHA512 6c7fbe939ab0dad7f254c16ba03c55d139c148a0f22c8272a62c835bfedd2461dceef40b8da419c58baa7519f11e2ca653e48c6944b0130834ede3f4fd66b0db

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/uil-images/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.android.okehomepartner/files/.umeng/exchangeIdentity.json

MD5 de9e18a9153a3aeb2f6fad1fe5fcf017
SHA1 f5ad354f1d4e2939001b603cf7aa3a4e9e1aaad1
SHA256 0cbea1b4a6e8db50a75cfb66ff5ae71e2263ee3093f929b43179daefb936e33b
SHA512 9458c1b421edfc9f12fe762c68f55cfb7741bb78c1b2be16df00bd781e3f2537519d4e006fff2137788bb4bc35a7d44edc31a950dd772264f1327a67b0febe4a

/data/data/com.android.okehomepartner/files/exid.dat

MD5 2f78dd6d1127be0442566eb6fb61f67e
SHA1 4e3ec0804ecf1f214d4806b48600612a722d7685
SHA256 1585c4515a886c6840fb18c346177c53b9c07713f2dea97af73823cf5b5d14af
SHA512 89d51afab5e3978043a84ca7a266be246bb172b321c986acac0bebb611b806f6fb206221efbe49a545e0736710d08022308df786f924eb8ce0b37ffdcd7fa852

/data/data/com.android.okehomepartner/databases/cc/cc.db-wal

MD5 ffba48698d0d57efd2886d1361216ccc
SHA1 e05f21c706598bfb03090724bbffe31c67247e3a
SHA256 d439fb633ec99ec51cb4a9f136bf371fd20c3e7265541075af344ab7e470542b
SHA512 ef15617f5af2523085c106b72d5c630a1ef9b90e32a6f29da7c5d2ce13c0805dded60a674e58e36ed127d0a646bd01f5d88a35971558767ed212480985439829

/data/data/com.android.okehomepartner/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.android.okehomepartner/databases/message_accs_db-journal

MD5 42303c7c5bfa85834632790334324917
SHA1 107e4e67afce1d2f1254f682e797cd6bdacf908a
SHA256 11d90b5125a5c29b759124cec1a1492640078f503afd1804567a7d44b51f98a3
SHA512 e6ada411d58ac6c7b6a4b7e05c3ec56ff348a0fe7118a2d7be0d36bebc6835dce452aa01a88aae765228684b6ea72e33b1a8e64aee03ac479651d65ec292cad6

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/64d06a93394c40b291652e02502f4bf6

MD5 a8457ad79453c49a046866d20758e044
SHA1 1383bebeab827406ba84a705988ebbf433d40925
SHA256 03151bdd2915f2f9a35c5619d3ca59d370bd51c1bec4f938f585bd6215216b05
SHA512 5dc51046893bced0ba123901976af4e248807ffaaf7b380132f7c594f8b979aed987066a8a2bace86ed5e3fdfc0ae416a00fb96a39a8b3fd8b6a1a74feee5194

/storage/emulated/0/Android/data/com.android.okehomepartner/cache/fcf99f3edd17434b986936ebfd937dc4

MD5 4013f922d6e2b5127df7532c533abfa3
SHA1 d2c113e1b1527a8525d50ac571499d2cfb04eb1e
SHA256 8592bbbcb58d5d04cd7358acbda5fe0488fcb60a101ca6a36e9f7f0f2f0ec00e
SHA512 99103ad0ed45dceae56810e570ffc612d69a7713fbd85208301fdd0cca77dcb12e4d61699b9431836e6cc239375eb22d5499fcd16802e60d2ac0c49c168709d4

/data/data/com.android.okehomepartner/files/.um/um_cache_1717386991689.env

MD5 434b89bf2f56ac35b72a249284705467
SHA1 10f55bc044e93de4b7fda76b04fc6e088f0e2302
SHA256 977392027464affa86bd4f2db507d3062e21904796f19bc33fe8d2f6451d6f05
SHA512 b8616fc8c6a27b587213ea029e08d107e3faaa5bd19ac484288f8f8ffa58a80a176e666ea4f9ea4ce926f067679894c8005fc955771cd59c18b1c0f3d40c5810

/data/data/com.android.okehomepartner/files/mobclick_agent_cached_com.android.okehomepartner29

MD5 d2693345d4773d2e0486a346ac6a91f1
SHA1 1d8c18b2439fd5beebf47924e6781db9c441bebc
SHA256 5ceed7f1fbd16c32b3d7da3bfc8bad8de3a44f66b1704aec78c978bd9351e62b
SHA512 a28a28953769db82883e74fe2eba98e68eeb3521cac1c53316cc77c61424a19dbcf867f6fdb2d305512ab7b13baee91a7828cbfc6602cbea9d14261b256dd49c