Malware Analysis Report

2024-11-16 10:46

Sample ID 240603-j24gwaaa82
Target 9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118
SHA256 cbd688dbe049aa0cf1c70179bc44a5dba0b7fb86c4cbf1d8805c1e4bed67aad2
Tags
discovery evasion impact persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

cbd688dbe049aa0cf1c70179bc44a5dba0b7fb86c4cbf1d8805c1e4bed67aad2

Threat Level: Shows suspicious behavior

The file 9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion impact persistence

Registers a broadcast receiver at runtime (usually for listening for system events)

Queries information about the current Wi-Fi connection

Checks CPU information

Queries information about running processes on the device

Declares services with permission to bind to the system

Queries the unique device ID (IMEI, MEID, IMSI)

Checks if the internet connection is available

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Reads information about phone network operator.

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 08:10

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 08:10

Reported

2024-06-03 08:14

Platform

android-x86-arm-20240514-en

Max time kernel

67s

Max time network

155s

Command Line

com.lx.launcher

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.lx.launcher

getprop ro.miui.ui.version.name

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.179:80 alog.umeng.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.212.232:443 ssl.google-analytics.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umeng.co udp
GB 216.58.204.78:443 tcp
GB 216.58.201.98:443 tcp

Files

/data/data/com.lx.launcher/databases/anallLauncher.db-journal

MD5 1ca6e0915e3d483d8593b79109673e8a
SHA1 d2aef389eb2b862174e987c1c1f141003fba679c
SHA256 c40a97511da67dc029ecafc1a54ef4436d8b516b4e034d70b309fa3a0f931af3
SHA512 0ca408f28bc784290cdde6be1e1362ce65057d26973496e476e587e0ccde58d57ad7764133e5be567b7eeceb16fb1f7a72dd8350ccf8093571d07eaacb4199be

/data/data/com.lx.launcher/databases/anallLauncher.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.lx.launcher/databases/anallLauncher.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.lx.launcher/databases/anallLauncher.db-wal

MD5 7a982d84a3b1c3126f72bc75f12dcb32
SHA1 5b062de1a1ccdd02fbfa543ade16d7be3f64f19f
SHA256 4f4800388eb2aeaebd8d68650908e9bdc0dbb4a155dbf0bdd1d50da168f7346b
SHA512 1c24f17cd29033d385a18fbab7c4ed35ad93a19db466d85ffd587f150919163b033060c674ca199e237632e95957edf25db0b25b234bae7f6b1eda03869c567f

/data/data/com.lx.launcher/databases/download_status.db-journal

MD5 031a59e2c419507332d820c4ca5cc641
SHA1 3a3809f947d1d1d128bbec0f89b151fb4ea78af4
SHA256 8b46625ed386a228a78e786ce16454bfd321b46d38d479eacc9fbe1dcf5453d8
SHA512 2a41b648985f3df7cb879d3998d5aaa5e9f2015a2c2d12106b896186893dc8d6d3c6bf888a089adc27f398debe46dd25bc8281d79d28781441682109edb64047

/data/data/com.lx.launcher/databases/download_status.db-wal

MD5 261d01525bc27cdb05a3dc11ae1f0b1c
SHA1 7b200697d0def402b0ebc85de2afec3208e830da
SHA256 9fe74eb416a7b5692de21ade26623d0e777247bc6a475866452d5fc33e93a4d4
SHA512 b0af1ee287d06e76db01f217a051769488acc9a1526e6635453c3bda648802402f9816faa4e8e60d3f3f3824c1f03f9d76b4b4917aa285ce80f1b0e70b81509f

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

MD5 3f94e6f24f85bd68c819d25c8894b491
SHA1 7856b77bac0479e775fb3f4618416a48fdf75f25
SHA256 e75e10b347fafa1cec7b722f0156fe073a09d277693586fa67ea1bca28f66348
SHA512 3ee5abdcaeefedf8fabd0da0e34d89f39bb67c289bed3740cc43ce033059016a3bcd7b4c90fddc7ed14df992d19fcef75726c42e53f651345744386ac48fa89c

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-wal

MD5 bad5278facc2912ae0b27a7ce8d0ca84
SHA1 3669a3187ef4cd346d0647e577a9611c7eeaf169
SHA256 0e840e5e582f23541170c9c99eae6556fd4935209ac884f17beecb632f838a0f
SHA512 c4c15e767b33fe94fb561836eeaf41b628cb7b4d5b6e9d9f6e23cdba7412923980aa57e752d0b7e123599e7125a06af6fa549542690b4dec77d97b13826aeafc

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 e9c34ca7e1d5fe2ae4d1e922be6c253c
SHA1 6de502f499a64d8bf9576de285f27eb68fb8a440
SHA256 6637a16a540f975f3a1c8cb0fff3bd708f84fe6b998c611f204cd54c6c084c77
SHA512 36a567cdc4061cf19bf8583a604e4c471158023e0f56e8c8cb5515600e2e0e6ecbeff521981e6df7043e2c1dd701e5cdd675abc67713fea2bb25899cf3c6c5ad

/data/data/com.lx.launcher/databases/google_analytics_v4.db-wal

MD5 ab993d5c95dbb75fbfbe98d67c5477a6
SHA1 e2c2b5e912a9906e6cd613496a04b751f0ec09bd
SHA256 9e133e6bbd97c14dd6980d906e0950959cc8adef1842f6b80193c8761e2c7c99
SHA512 87bc3b38d23a0fb5b1053a746d3e3f8c155e6ffd917f209c29a240ab90108492535976bc981256a838ece650ff3b963f22591b56441719bb737d55f00f8be8fb

/data/data/com.lx.launcher/files/gaClientId

MD5 aaee8bc1cd08c501c86f5c3b936a65b7
SHA1 88e99b1f04c749418867ddb5d0ab5f6f6a563923
SHA256 99f16e0da8bb1aaa5fa55dffc41adc55341f5d95738ff7abf622fa64774516fb
SHA512 c6608d0eda9d0a7f23d7471231fc506e8cb2417954fb69d6db945315fcbd544a1fc371247bdf1e194d65e7f096380c58e7c9a2b65c2cc8e037f0faa76e1d915b

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 dab162612117b8cccec923a4e8914ed1
SHA1 01f1f4c4f6bde051e6b9f354443270981f1d303e
SHA256 b8441316756469037fe6708fba56e936a23c2558b9fdb0f16305e6ce7cb56590
SHA512 2d4798d82558ca5d1b61023d63f071ce0ae85e01ffca5752ff505cd71ebf091e9f7c535180e9ab731082653474eac104f74700afec567c6f49bb72204d5eb322

/data/data/com.lx.launcher/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.lx.launcher/databases/cc/cc.db-wal

MD5 795055a84e2c2c264e6b4cd40681ee32
SHA1 cbf906718a37302260a9c8987a08931b1025df11
SHA256 c46a430e4e5d909bc1bf623df678a87f641f47e30bf374fcc9ead761de14c938
SHA512 c8d4062c66d4e5ff4ca87881db66b80b4456241cfd47780e06df09062e99ee9846881ddc5d45a9a227ceacec89199896e5e0d119bc0adb0d135a8ad6e2b31b4b

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 18545da5725bb504097f51b527d28fb8
SHA1 4ebaf9c2cb71301814594873bc519c334c17aa4f
SHA256 5ae59883d5ef7a437cc7b3b382dafeca7cb238e79938b5c3c5822b3276e7cec6
SHA512 d0d57f9e720fa55ccecbadc614f9c6ddc5f9a43c93c5fb80cae3a0c481fdf2246af37f3ec8167c0ae584bb1d1e2bfa471cc5cde81aee7b521b969864c4fd1518

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 b86273c4a3c67ec1a6877bf3419eb02a
SHA1 f7a1169c72e876d5825bbb09d4bdb7515e258e83
SHA256 0f4fb2b7fdb89aceb661d3bfe60e07cf9cade2453961eb52f0233c825d1094c7
SHA512 63de6b67843ff984d57c847d76dcb09fc31465ee68b7e5183a7a39e3fe2fc75a90d53c1be5a3aa81be880aff7300f847c136270628079b91ce5806c02977f927

/data/data/com.lx.launcher/files/gaClientIdData

MD5 0cef9b6a71689b689261f3ec988b04e3
SHA1 1cf53c2de227b532de01725766e33c0d1b1a7a2e
SHA256 90eaceffa52914a3bd158ecc8e6f893da8527002bd6365fec113a44e9e34967d
SHA512 d50d46ece58800fb8f9084f937e2b78e1bdeb23bbb368f8d927cd74aa29dc02529dd1d6122c42845ef95026408f62eda471623fb050d7e2ece85af770bfe4997

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 cae2ff31888d20bb1cb1156dbf93872b
SHA1 16b7200bb4e8386f012352a1995638cbe041aa90
SHA256 e9c3d1432c1f52aee50911c830804d6e8fd42a2a43118609d79699e9fa57c9d5
SHA512 e6468fb1544a4ea8da1bc671f78fabe9d391d01129d7d09b2251eaa6c70f42e64cb0e6e98a0742fc46b368bbc54cdece8c1806a245225029b5f858f162d9f54b

/data/data/com.lx.launcher/files/umeng_it.cache

MD5 601597c867e7f5216e45a7b5ddacf7ef
SHA1 22011d9c854d2d1e8280f4a729ea50d4ff83c33f
SHA256 aedd962e65000574265007148d20b19329dfe805f68fc6812c4641c2e9062014
SHA512 9c329657ea9b02ded3697c6bd18d8b9ea06c9c4f430dfbc0e356f97902eb15a69f374199fab789b4b0df695bf4f5059a6177f5ee757ebce744a7e7e0fb542864

/data/data/com.lx.launcher/files/.umeng/exchangeIdentity.json

MD5 0f76cc1f7616d6f39fd45a2e070ef194
SHA1 715c5c3881b4c872c5286114a751d9099bee66dd
SHA256 ed74c67df90aff7f4ef0b4f6c7b19f2f2ed9ac5210dd1b0632b8cc5eee7b6c20
SHA512 c3a34ff32661e8cdfd5423f4ce7df00a3b09aefa27a0731ed139964c081ddc13facf044ad346413caebdc8a150b80816bcd44718ede5e599c16f7841c9787f3d

/data/data/com.lx.launcher/databases/cc/cc.db-wal

MD5 e833cfdaca0d017b9709bdbd0ce8c4f0
SHA1 e2d686831624879c493d396c236575da8e3b9a30
SHA256 440378b145796f9527818b15613b56e2f5ac9a2e54241da491fdf1c267d8e1b1
SHA512 ee16899a14554c2008cc53d10a813d910e32428b72a78fc15499b64f95b076c53c1188f1615f0556f287eec26f383057abc4f64eb72fa770da9797f7a0208cbc

/data/data/com.lx.launcher/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.lx.launcher/files/.um/um_cache_1717402325929.env

MD5 60cf4d727e07ea549405d13c122f1963
SHA1 3bad05371e31c47918d365857baa9fda788cac5d
SHA256 1c7985130e287033484405570097545e3cb9ec9742aeef5de090d609eff01fa7
SHA512 887756f8ca88a44b2ae9aa95be14c6689747b11694e57584ad9bd199205e7953fea4157bad0c009a91b18a71320f87a8b0638ba2e952b70cdc204a30a43c59e0

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 08:10

Reported

2024-06-03 08:14

Platform

android-x64-20240514-en

Max time kernel

19s

Max time network

134s

Command Line

com.lx.launcher

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.lx.launcher

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 216.58.213.14:443 tcp
US 1.1.1.1:53 alog.umeng.com udp
SG 47.246.109.109:80 alog.umeng.com tcp
GB 216.58.212.194:443 tcp
GB 142.250.180.14:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp

Files

/data/data/com.lx.launcher/databases/anallLauncher.db-journal

MD5 12eca19ff9357513025477147654dcf7
SHA1 91dc4c3c26b668098ae9a3312a0883dd01edbc60
SHA256 719ced89883e508ca93323a89320d86708d4628c1e2b0af763c08b329a998455
SHA512 da6951a84d90aa9233ff9f9968b580677ada26451381f0791e02375d4f100d9df2fed73283aef95a51def5d7ffc114d08801ca7147ada345f5848b352c9ed807

/data/data/com.lx.launcher/databases/anallLauncher.db

MD5 a0117ac537c6079fd449b8a1fff77ffc
SHA1 ded1598951a9b90375d9cc0c9f260539452187b7
SHA256 7156b4a7e81123b2d005ad6ab60ff8a3805b398c3dda2ec0df1ca03399383e5f
SHA512 f21b207641ed377ff9ead38702bb736d6aec3be1832446a2ec55431f2236d311484683aba18b17a5a9d1174ba71f9d0bb28147b7fa075555e334574367dcdeef

/data/data/com.lx.launcher/databases/anallLauncher.db-journal

MD5 f01eef68a102308c20b3c4944b7da331
SHA1 7f81f534c99ab64bb036337e5356814dffe7d4de
SHA256 4d49306849c3f835eddbdcc15a427b189c0698bd089c8e1a7d11931ecd669a0f
SHA512 ceba4dbfefb9a7d8103079d8a00a832ee1b3e392f45b93f2fd133a54e1710e94849e4f28978ac8302a4efbd357b80cb19eb566321c4236edf312978a74c826d0

/data/data/com.lx.launcher/databases/anallLauncher.db-journal

MD5 23b4128a9ad29040d3c9d8f9f5a4ff71
SHA1 a6dca97ac43b93f7999a5438b20918b4eb190182
SHA256 b4fd5cfe29a66b4d9adc482e12cba8236d149c039d7729d252e08697825322ef
SHA512 9fe9583d7973f3955f8abf1e34e1075cd5bf3a181e29b229eb8c23052223849cff70ce70a699f1214c26f5f6d6c21127458203ebb26aee6dad3a13b24ce7dcba

/data/data/com.lx.launcher/databases/download_status.db-journal

MD5 2cbbd3ea34dea4294d09775438c912a2
SHA1 15401618478ef5762ecd99c2413fe6fb2dd7e223
SHA256 7e7c804a9031fc3dacbf7ab8658b27041ccea877a06dc05facd83f032e16f5ee
SHA512 7f1c0783525e71e074e879db8d6df1603a413282f6163fe4626e28abb78562fa97c1e3d492666611fe296dbd4f76928a9efe81b1426b40f991ce272852e04d9b

/data/data/com.lx.launcher/databases/download_status.db

MD5 fa63b36e30f8cc2030a74a9ff1baea30
SHA1 689a1c3cc70c5a4e933e0f39b233e602580832c7
SHA256 62c616369b05deef0a22c4ee8014e78d8f7564106d0feb580bf65ab4cd0a62b1
SHA512 ba6f0f445236f103800134f8fa47d283f03f30fbef9f19c0809e17edd568b89d143d32f6277de169a0d07037f072ad9b5463395ab081b8713bdd292ef0c32ca2

/data/data/com.lx.launcher/databases/download_status.db-journal

MD5 6c9ae4adb58462c6c0cefc89e69bc235
SHA1 77800b80a75759515c506b05f5b3fdb4364f06a7
SHA256 f011b98a11aadab5e51883566f9ca08112cbb0977f30f110672a0bcb7ed77e51
SHA512 cff0c10e01b90b73a3b1424e4e39f8728dd49fab93588baa17093f5cc6c75b57d4d3e3beca6bd37940961dd5cce341cbcac8b33dceeceb92b7dc728ab968675e

/data/data/com.lx.launcher/databases/download_status.db-journal

MD5 ec47d6e19144792e83ee2a6071fcf744
SHA1 d63a1fe483a770801934cf4c721af9af2556d2dd
SHA256 44c1af2b8107336dd923f7738b9e217097644feb582500f1a90021e3a5e94131
SHA512 a036e174968f9adae75b905f68a016eb1155c0bff6fb065182683d06594f43aa50b89a210a72c3ac1d70a39bb43eb3efd6d9729310c8a2feb31eb5f0e137df0c

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

MD5 447805fd5defae7b48dbac05844b655c
SHA1 2ac3b10325835df93e7acc0bc6bcc30c10f5f0e0
SHA256 db39e11693950ed0e9dbc56f5c18753cb566a6a71f09da72cc128c046bd48472
SHA512 fdfd555c3b35a0847dcabbbe9678cbf6d8dcfefadfb6e713c5b68fe16287fa0f7c8e8444451981cdb29f70e496dbff7ebc6810586fb217ce0bdc9a17920d836b

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db

MD5 000875e1a2106f82b0f0ead4e052747e
SHA1 5cf90b842489c3e12c9faef7ddbdf20d009a4291
SHA256 f338cd34759dc56064be9758b8f028b0013f70bb2e14baa81de9b1085842062c
SHA512 1dfdd9f99426e7592ba7958b5f37cd95c2cecd45bbcfd8823506718e5a48b73f691f5f5755618994d8fbe7118caf6c45fadecdac26763530b405be6fc39d4eba

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

MD5 64ddbefc1ccc564cc23d5fa638f45c80
SHA1 92fc76bee68d7365da76ef86e629a842e2e5c0b4
SHA256 64c0c9c21765c7b996e9db38348a73f2e4f7ed7f1b4c6f5a8d9413fd8a30e382
SHA512 aef6fb336c63ee67a294f24787bae43c116d7473908de59a89102d63533dccf4959fa67781b07396f957e6806cede2edc3a5cb471d4ef9d2b5ffb97047fd7178

/data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

MD5 4711ad2869ec3c32629b8dc309838cce
SHA1 d38aa5e64c65a25d8a5c6c24716e222a0000dbc2
SHA256 6bafc4af9d8a3e9b9162c050aed24e38055df0ba31b7c76b4d2651c5e9cc3af2
SHA512 32696645c6a5ac6f55a0810956879160ae29416c17c9cc4a6d4e33b4896228f29440edf98264191e0e0306f2c00b8d031b1027182861572f8ad5fba76806b896

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 c942030a7f8a13f0dfd55fe68755f47b
SHA1 6a33bb74f4148d67b6a540eb10f79d43b035bae0
SHA256 bcfd2367ea38837216391ab4f07e840191e03a5652fb7956df6248d9301da6b5
SHA512 2b5a9c7cf3159a1e8b48d4478f9d1bc3999f02b0303ef294015b393c56b5fd461b46857b3bf402144a102151c326e79ee1a0b42a6535f0f16e5dafb62dbdfae9

/data/data/com.lx.launcher/databases/google_analytics_v4.db

MD5 cc380f910524fadd875e200a16fed776
SHA1 47d0c2f01d12d67b4850552b2062f2a1578c8a4d
SHA256 23e77ad339ef36b604643bab90d5ec657a167357c4af5ce5b67df4232581c262
SHA512 f7246f90f50f487e19f83b8c8d9847cc58d1368267874db59bf7ea74631f4b1d87fa4b08695864a269f116a8b1db9a64852f3b030fc468749edcc03956f062e7

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 f2a33de06661b82dfe44a55782e9637e
SHA1 ea8ed2c9259b0fb7a467c349e34f2fb904267a72
SHA256 3d73f747d3222690f85939f66a3552af9286f6eb3e28ee89a0d896824a84441c
SHA512 06c409c1782d69f6ac7b7c2c7e8780d3420391915124a801ec78b62a4540ba98a8a0fd28e949f5ed9f344288ac3568ac5e1aa0397c42fcc52102c8e297df9339

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 be760208cc485c2316de193497c6bd89
SHA1 43bf1ba3c72bfb9b13ffe09555df10bfe938e0e4
SHA256 2e4317c9f464137931440327690f2eb3235141c6de40c28cebd5f2f5b3971f5e
SHA512 df68706814673e6f265e4a66d576c5383df97ee90543796d61ce12d9f27b68b0b498715bed955ae667b6c83eddfddaaa8d7ca3ecee89a41c608dcd868fbd3614

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 e6fd2936375839b2b992ff001906db2f
SHA1 797939dac3d3d7317499deb57ce6d81513adab1f
SHA256 917416cbbb738d891e3ff0e130dcb91a82c5c657134460102535beb9dcaefc89
SHA512 fe4f1628eec3483fcc3dd3841a229ee3dfed1555196dc75e032dfb15f6fbd88278f2d4d39661c424009054b6758547acf17dba43002d0b623edf6b9fb4f4ce54

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 99cc5c57768a53b15851541de631bff3
SHA1 0a09390ac5add1c3647d1fbfbd680fa8c389e57c
SHA256 afad49304f7388498ae418684c6ae8fa2ed7e3af3f65430975cf49dd88298dfa
SHA512 9351b787a36024e62f8488f8035cb8f921a98c428a845eb16eb1f09bbe504cd4bae677bcb921159ac0555e6707d1ae872239dcfed00999723a7afe42be852176

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 8cdcc9c438979ec60427c0b0859ef9e3
SHA1 a477091a29bb69b2e22f02ba42604f1b50db8999
SHA256 d03925cf7cef14d41c29d07fda88c1c983f1faa12ff852c5dfd036ad6a93130c
SHA512 9c24a3b754d2808e5be89c0ed6bdf06f8271d5840baf99901f60048036e4aa807d3adcf21f7fc14b27c1c2eefad2ae0f325610abd8ad526789124155bc87fded

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9bbd650b32aa7bf6c3d4e420bfd946e7
SHA1 5a0d1ce616e986137bb64f398efa6cc00156c974
SHA256 54c26fcc386a0591621837a92f8d7098908aad151906e05a27a80be3fa2547fc
SHA512 5ecb71dd2c8bb904ebe1432b066bd7ea2a9b9acc47c5e4b9756aca148d910bfbe6c9c0a519a4bd8cee2962623cbbfb3eaa7bef8cd6c8b71f7813d13e632fdea5

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 e582bca57a0de45fefc5f5711bf466b0
SHA1 3d097827440e65d9e96d8b7e7da4cc2a67221417
SHA256 21fdbbcc8f727d135b9836b97b542235cd3061d70c07c4ef08ec6b4de5963961
SHA512 8bd341b8465b754a4d08ca526554cf7e32ac8b2bb5c4b321cd6ab49296d9ca7028f2244875730b2ce9864c82a3de8f265a3b002e00a6c165a76806ebe13f2184

/data/data/com.lx.launcher/databases/cc/cc.db

MD5 0908e924aa236931dc7166fef6e00862
SHA1 7782648d6d8f6e835bd47058d4852932c096a467
SHA256 38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f
SHA512 3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 fefa0dd79b1dde99d976c6b40ec40709
SHA1 c1da5eb179b221f58ff1985c3c2c7d6019ba33a6
SHA256 c4961ce1195229a95fbcb33db7bd4af87f26129c90255a1ac3249a2d497225ea
SHA512 739b716dee667bedb27d61174ac798babaece0fdaaeb1361c5fd1f1ab77327429524f6addd3821eaf4a852f924c14dba408c6ea91d24a4135642cdfaddc387d4

/data/data/com.lx.launcher/files/gaClientId

MD5 7ca749e971d85a5c69e475c9b7f8ffdd
SHA1 eeb7e27e4f70f265f30bea634e887be3a65c6db7
SHA256 d15e9fd46ab2d3703a8dc930b4de18ae96c3dccc0c6841a84f3d591549d885fa
SHA512 0de84d91832c137d5a862e7ee0baeee935682c4c3b3d6e4c6c5f0f98702c40620536582aefb6e6714150b401a3badcfc075e310d3285cdb2bb4c8cc0c775ddfa

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 c86a69e984b6af6710abce7186b0e291
SHA1 21c7158ada0024d5e8ea0a68299c23afb0cd5010
SHA256 197453676c4862eb2bd02b1916d018921de9a5ad1364b3d8da3f8172440b49de
SHA512 a805b2c388bbb87754bbf648749133e2b6f273228e2e6f38eb4b12b35efe1b832941f751e78c28fead84e6e05d3d549c6d8eb323030d05e82141e63b0e8cbe34

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 eb05265bc02b51f61e5879d72154f862
SHA1 d1ea2815f09ded34c70edcac0cd5d8e132391f04
SHA256 7313b395e63f3b382825cd21afdb3aa53b1106d68f3719865c9d0292e88a2f98
SHA512 336fd51292f62d219dcc96e3934d1a356256e15dd3964668d6f7ee6c828cf60f5e818e9112173438e9f08ce29e025c61ed8ec156bac6cec284bb438f7b20dadf

/data/data/com.lx.launcher/files/gaClientIdData

MD5 f00c8b899a5d730ce979cbd564aa4bf1
SHA1 43f4b34f8a60a06ab28d71f380e8a7d3a42d08f0
SHA256 4b5f73e206acf87b0ef70b8cbe20f10bfef2e45126312de3d70f07a6f527b61a
SHA512 21c4cae00a2da266e5b4da782d3d0e39559d9caacf285e3110e65baa95fc5f8644cc27ab8c1d2c8c9702d4087ade771be7b2638372ad0753426002dd9d025ec9

/data/data/com.lx.launcher/files/umeng_it.cache

MD5 66ba5cbbecd7259356caf2814d741db1
SHA1 e1489ecd81f600c7f447df3d463e853c07c7d2c6
SHA256 3325e7506479aed323847044510b4c995b174f783d10040f249627557ab510ea
SHA512 ae6e7e94680f2b19a5d3fd0b8a868271d1368f7ca7c75788f9827df7fa38ecb12d980f330a86d1d176274d6564f9e2e25351e958f65a75c181764146bcee289c

/data/data/com.lx.launcher/files/.umeng/exchangeIdentity.json

MD5 283805e9b29702ee04958ac8d7ce7567
SHA1 19f3e9af44b4658795d9464f6b53ee1eb5171752
SHA256 b94ed822af57bf4d23d97a2136a76fee877c436b58d8bb2785f16824a4425dd2
SHA512 b882d9a55a19e0513013082406a3dab452100b9555d9d505a84b0151ab3110ba6ff3bcfaaaa28b3f651019d20f6a05c386f495a2ec16732a8251753fc98fea05

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 ac19127ff6df37b061f8dc8f496ed7df
SHA1 eeb09986f9c20ac82fdbdced1240e23b7c0d38b4
SHA256 dadec2cba4241360753aeda73f4d173fc3935814fcaa92885bcaa4ada7f15340
SHA512 a5efb1ae50b2dcbad0e70155afb7dd89b420c57b274c09c22da9aabfd98106a21bb882f7e3715871a98226f97b920b389d1846be1cc1fff51ec7a94efab35b49

/data/data/com.lx.launcher/databases/cc/cc.db

MD5 67c12933d1e0e63d9801a6aa43092ce7
SHA1 b6936908554e4a1986b8eb08289e2d3545e8ff74
SHA256 abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40
SHA512 db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 9300e92f7ab2a97fa0674eb357b1663f
SHA1 2c5f16de5dbd2110880418dba555b7e37bbf4f2d
SHA256 43adb8b6eb01645b54d1746420f4fe55efe9b88dc0ce51544c7e624231f8d7aa
SHA512 ca31bf7ede9656d1e3eb72b7ebfe408aa6ca11593d4b50148e461bf4431134981b45fcc2952226a61f9066e1cca2ef6b3f7d5e4e77c31245d61859ee7d8b93af

/data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

MD5 03c783fae46e46e96de890935b49d844
SHA1 5ba77ceb63a0c375df38782ff56407cb741030b9
SHA256 c1ef94528a50edb93da5867b0dee1361c928b73f7bc29f8cca7d20231e4e2a89
SHA512 59a8b93a17ba176b341eeb6d860ca0ce0ea8c3c10ab63b1360bc6fcec7b149b1cb84e3c2fc785060d81c72e272e40cd646af3d6b2e8dd0c3663896e41d72a0dd

/data/data/com.lx.launcher/databases/cc/cc.db-journal

MD5 93c1f64efbfbbaf175a8ef11fa85fbdb
SHA1 6de354d460fe5b9d1314ca8823b052728b79aacd
SHA256 5a3dfc812586949b60dd288172d12f17187a67f4ecbeb08b6a357bdf5258c871
SHA512 a31f1b48be2cd66256d1224a5e57125811f8af000f7bd50863410d5fc4027ea48e0b9bd15e15a1b8741b46044e68ccfd87245953e9c4ae02d742421a19c5030e

/data/data/com.lx.launcher/files/.imprint

MD5 36935e088ba23db063b2c847957e2797
SHA1 dea980ca1db4c91e66d6d00c99cb560ab851e0e6
SHA256 6d33ac4c84bf292bdfa606d480349105e1db746fa6bd3e62fbb89daca316bfbd
SHA512 72b8e9770c668369ca6b586d3c554b5793e31302c3a618e5420bcde578cee69b621e26f46281602e5a3487434ffc672714f77778ae4c73c40fb1f4f4e2470f86

/data/data/com.lx.launcher/files/umeng_it.cache

MD5 3e92976797d5eae740fe3446e04a4fbc
SHA1 b5ded9803d14a82dac82b3f5050b8602d42d79bf
SHA256 5b57253a3d26a975fef5971108d99d94a4d9226326c27fd778680148e02711e8
SHA512 0632d51adb65af3c77a078ecbf997c71007355da6c4be142c6c97dffdf2d0304fb4baace22592e05cdede2092938b5d5ea22be36726704281917ebc02e0f3408