Analysis Overview
SHA256
cc89cb15619530b86f12b1354514b236fd3fc64800ec8661571320ed9f6ae0d5
Threat Level: Likely malicious
The file 912b8d9404c90161b43e3f7172630047_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Queries information about running processes on the device
Queries information about the current Wi-Fi connection
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Checks if the internet connection is available
Reads information about phone network operator.
Requests dangerous framework permissions
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 08:46
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 08:46
Reported
2024-06-03 08:49
Platform
android-x64-arm64-20240514-en
Max time kernel
70s
Max time network
176s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.sinyee.babybus.recommendapp
com.sinyee.babybus.recommendapp:push
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | papp-api.babybus.org | udp |
| US | 1.1.1.1:53 | papp-api-ex.babybus.org | udp |
| US | 1.1.1.1:53 | openapi.iqiyi.com | udp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| US | 1.1.1.1:53 | norns.babybus.org | udp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| CN | 123.125.111.69:443 | openapi.iqiyi.com | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| US | 1.1.1.1:53 | api.m.taobao.com | udp |
| CN | 140.205.162.6:80 | api.m.taobao.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 142.250.200.4:443 | tcp | |
| GB | 142.250.200.4:443 | tcp | |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.187.194:443 | tcp | |
| GB | 172.217.169.78:443 | tcp |
Files
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 138cc80fe9cf150957462b13d254dd56 |
| SHA1 | a1b47a819ff50dd3f74d32ac414a76315dcf07cf |
| SHA256 | f13d8aa29d780f3173c43002efaf135fc8f8a7a59efdf3bd06431b9739db739e |
| SHA512 | 5e433d6686251a169b0c7dc57b6122806a3e62d34a57a52cd0bf63ef28232e55fb0a40b862a12fdc84583a4013f9ef3a57b67b1b3142fbf4701815f77316da2f |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 2f28d2c5e870896134e8d6ca071de959 |
| SHA1 | 5852c13f1ff8c69fd8835362eb8211f3baeaf217 |
| SHA256 | 444d68c45e58c55c0c48817ac48b9100d0fc01b4a43a7738f461d0723958c8e2 |
| SHA512 | 2545fb4b48fd66e15907b075291df634b1b79cf3302af036a87b1395bb2d9324ab82f4788f838d4cef93d75d8326e81a91d6cf2aa3ddb38cd8ff9a3b835cac19 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | f7284522fca4ae069e5e5dfe3aca3ef5 |
| SHA1 | e864859dfd1137b96969bcafdfbfad40936d9dec |
| SHA256 | ac9698613b22f657da05f9f8984d1a461d138b8e101588c570ee9b13acc40df3 |
| SHA512 | f429de24c84eb513076b0788aaf93433983d995d7787786f79e43aee80b58feee2515ee519e52f9a6d50754c58b485899806ab312a15f64d9da4a6809e5b3ba5 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 00ada22c4bc19ff326d99b4e6ad83b93 |
| SHA1 | 4de25cd5371d2b4e45209798a098bd44608d95ef |
| SHA256 | 31cd17cfe9d5ecc7eb98780d888c1ca7f8977d06ab721ce8c359571dc5465816 |
| SHA512 | d7a91893a8a8e240813ed9f256dd14dde5887df3af3af87734129fe7365f5656378e500474326ea350f4ff9045e5b955b8f18e758672416cbeeae299e49de015 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db
| MD5 | a7e64191500ebcff6b3a2b323c1c96a5 |
| SHA1 | aa884da653c994c866458ed248fe192942052994 |
| SHA256 | efa83c4f08cdd5c4d9bdc9c28946e557e883e6b7e3ad2e004b75880234f98ab5 |
| SHA512 | a501a233185c6eef7bd896c36b277a22d54d273b332bc878d68cc171c91c601c7b9dd124ca7f19ec1cce08d2d81b0dac6e1d632323862b826620e233d35ca9b0 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 3972f469946c8be8ef887b343366c6d6 |
| SHA1 | 5684b5ebadcd050771813ac70d0bb502816273c9 |
| SHA256 | 4a6e83a1e46f01edcf782a5dff74988082116c14685dac11ffe660c45dd3fe91 |
| SHA512 | b58ea8af13ba4e941a1d1a7c0a3e2d1b525bee5f989ded4adcc338dc54ab373ec347baad112b7e0f731ff5c7ab643576e276151eabb8b55e22a4b7ed6a56b130 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 5af05fe4cae912e7f51abb0a5776be26 |
| SHA1 | 5cc7fb6b773425ad2be71e37ae8c647b027caf67 |
| SHA256 | 1b9db0bdc8b47b7879fc3e4fd98398830f89384e9101c6c0f74191235a30e9c1 |
| SHA512 | 4b1142bec4411434b3408a771b9144a7ba0edc8305470e94b489dfc52a4be2341f527f3489b1be515349a5080a6aa3de3136024761d0f15682e712348faf81f4 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/xUtils.db-journal
| MD5 | 81f1d285bbf575c9a1db6184ef8cd60e |
| SHA1 | 778be3756576dc426dafa189a1b11b09b3b467d9 |
| SHA256 | 2666993789124f18d71ff69d5e25635ece71f96f92b0407b40af448ff30592fb |
| SHA512 | b593c38212b1181f06d7a742d0b604971137fb5dd266d3b87c2f30ac04f3b9522b38b77806a1fa8382c5c230ba986a635cc58f14280ab699618bf7fe25d7f908 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/xUtils.db
| MD5 | 2e8d2b7e3b1a8758ee427d301314b7ef |
| SHA1 | 32bcf7c03fd4934e1224feaf2114df2ae56d0551 |
| SHA256 | 67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d |
| SHA512 | 2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f |
/data/user/0/com.sinyee.babybus.recommendapp/databases/xUtils.db-journal
| MD5 | 9c639e297498222f78c4b0f3aa1cd1ca |
| SHA1 | 8d65f02ba9eb9328bb174d6ac3ac8cea2ea5b382 |
| SHA256 | b506d59e93b72f8b22860efb34541007a58746431494e20293332b98fbf15172 |
| SHA512 | c28e44155913ee79989cf4a06717f3c3c8b1d1df8550e90f5a45a133a542c29042ed06a8369fc22f2e4cd19444bccb67893a631508c1deaa7aa0bfc920a85e5b |
/data/user/0/com.sinyee.babybus.recommendapp/databases/xUtils.db-journal
| MD5 | 010ec2c95fe4164b06b3f530c7f50ce4 |
| SHA1 | 39acdfcf4d878b7a76164a370bd146d3a948e02e |
| SHA256 | 2ff07fb756f88f33b3b6f98590f47ae449d9596054218edb5d045e15ad0d044c |
| SHA512 | 187aeef666bc27f515215cd105d280fc2d73b159b90efef9a4a8efa4c9a5d487cb83c93a5f1bbf9caef96be31d1ba62165464bfaea3b95276d88511aa24bd7ac |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | fa4889af292167be625180f5da3bf931 |
| SHA1 | 796cf04a2372b4a082ebe0c10d185c3cb5fdd381 |
| SHA256 | 70920616e9beb56ea44341d56774923bfba4ccc499be4fb34ac10b5e8fca26b5 |
| SHA512 | 192b5750e3bf42f36df98f24ebc15e5eec588bf37795289f32e7e5f6634f67bc383d6981ec15849a3f540595c21b60fce0f8ee485c8c6c4add4b98409a1d1480 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | d710d1d5c3360dabdbf10310ae7f67d6 |
| SHA1 | 5255a96e4df23d99e1110f19f3bc89392f09f66f |
| SHA256 | 4e596e1c353c0a4168ec5a393fd881e3b539b33d584adac18146c331b92db9a9 |
| SHA512 | 3f0c67c8990b95655e1668974ac8958b75c18b6a4cc47751c5a2edeb21514f7caf865d5a08449897614e931f6585d5e33257a60ec57ca48058aab2db22d8b2a7 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | f0f5a03af6050c364accefcce672a0f6 |
| SHA1 | 06ba73315b5f42c629d7318573a7658777554a0b |
| SHA256 | fc7bf5cc024ad7b7a0cc79bb9737ceb5deddc6aa913f487a434a6b1bf802a090 |
| SHA512 | 64a03d09d04bf0d3c4e087d1375cec935db01115ea748081f8bd2aea8e0f318c2eb602b3ab0b3b2b11612cc9f6ade80446f9b140eb22e0d6d7e26da356e43ad2 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | a83a64cbcb1560cd6712961188f59794 |
| SHA1 | c0d0ecee23ca1c71377de005a6e330199eff587e |
| SHA256 | 9f3be5e5c7c18fedf991378c73cb9c902fdc744dc5aa7ce1a83fd8566250143c |
| SHA512 | e004b3a4d080a6f7cb7cc9dc1e40f8f2e31ddefb57b0bb6880e247005198c43410745fddb2bf7db9dcbb378d7433c535d1fe726b165ce2539c22475b48cf5669 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db-journal
| MD5 | f07965658546b5a9b1b7187744dc16bd |
| SHA1 | 84ecaec36d26df56173d86f9757ffb9cfad341f5 |
| SHA256 | 0c9bfb843c30c41ac6f6dbf22d626db9935665d83c0ceafbefe61f1f1ac1bd8d |
| SHA512 | 3f8e08fd42997a6d2ce60f9f582ec0b7fd4a0fef726a6ec8bba9582d31f2add3c56c10801595e0a382669428090a1c386c6b760586b5ede7236b567f5d8687d2 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | 0f5603494531509dfeea5fdd07939df7 |
| SHA1 | f3f519a8576477c171a8c1676b6093e7ce311df8 |
| SHA256 | 17a807c1f44061183899d452b8dbba425f8ef63a01642fe0d895ff07dd1a3f78 |
| SHA512 | b84577f02e1af18b99c78da5c7a7fe89a480416959510cf51e78f14a011aa7a8d7e9dab5a807e753ead17894567a0023a1c817ffe43c65d95d36d7764a4cec95 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db
| MD5 | 10f8ef8c6cd206127ddc67b48854a613 |
| SHA1 | 8624b3791b3a4129f33cb5990d343b40c8a3c32c |
| SHA256 | dedc5a592efd506995d3d076f80943561b24d5657ac1563ac78206137a25de84 |
| SHA512 | e0a74999bab1c92110af7ee84733c620679fe55c2dc8bd0d154f28886221b3c64bef1a5738f29bea3f07ac163dc3c7133037a0ab1252efd7155788c3b0dda143 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db-journal
| MD5 | 829035e03a0134ddf9ed77a19f04d116 |
| SHA1 | 3be4fb1e5f970c7071eaddfb7c8fc8ae8e85d62e |
| SHA256 | 31f342e07ca2955f6f21d0ecc20c2ab381a59c06409bac3400069b6e2a81202e |
| SHA512 | 4bbc2849fc91bfa6b414e749dacac5545842e018b3b4d60911268c7cc684f020641a5c4f5bdcc6aea9a3ad6e4399cbe9bc08f4b749d1847f6715e76bb0ec7e6d |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | 88b2b10df8caa627a61f913f0c9a49da |
| SHA1 | 2a287f763c5479fa5c1f6d8fb7bd1ed88e5bc5d8 |
| SHA256 | 3f1ca7b8443a1271769c4ea086980536876ab37a9ad53ec737c55358b0c5c8d4 |
| SHA512 | 81b7c82a59d2cb2af73c437b511c3b77cf30c407c682d5c0c412668bb16ba079b90c4f39414536c6c32eab4557a4222803637a933ce1102a1191769ed3e90b9c |
/data/user/0/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db-journal
| MD5 | aed968272bcb0d97587efbd2086edbc9 |
| SHA1 | e74e84cd7a76a9223627d17fe982f6a76e2a29f8 |
| SHA256 | bbebbe62ed10d78ac55f0b31a468a6bbc66e622f46c06147c4ee0c0afbe78de2 |
| SHA512 | e2f99ff2163ba851175b0d1df6e96e721caad2342e29f98164ac0288842a19e2d047b423e5746f80c49359cc9f5f7f3bf099148c63d8c9e098bdd033b331d9e4 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | a0f75a5d05b3e86e284f5bc9d48ed377 |
| SHA1 | 9c4e16cb9822eb3413121774fd6d57339238d813 |
| SHA256 | 7ec57b7b547e862c4c16038a16f748115bf26077e7eae9fcda8f63ff8403b79a |
| SHA512 | 33cd09f767d0976182bb69ca7c76f887dc5da024d52a416d134f5774cd47ef3d59a5903ecaeb0cb00c6e6830ce1289c0308936ff14b54124727be7969149c31b |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | 456f9ba99ff7ac823e550bc06455c89d |
| SHA1 | 61c6eb961c71f3e450cbe81cb11d3a904f36fda0 |
| SHA256 | eb99d08295ee5af1dafcd64f8c8f22582c35579135d59edb61a1a0b7e47a4c72 |
| SHA512 | 8ad7666a06b986e0719c02612624edbcf018a61df9bdab485e6935a7e6987ef714c0cfee2898968c9dd4e9f4d21622074b3c62f566fdff3ec85d03ae5745d6ad |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db
| MD5 | 4cfe777c9f6e7859f5efe2197401d8e5 |
| SHA1 | bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a |
| SHA256 | c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231 |
| SHA512 | 6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | b28fd5d6ee639bd0b2c9b59d749f2c67 |
| SHA1 | 24ffd5b4157637e2990ddbe4da30916a2be18168 |
| SHA256 | 84095333a0925b919ebd3f19dc9f90ee648f0e1cd19b248a79813a8abf59d2b2 |
| SHA512 | 0b43887b28ca4bf89fe49e31836d7668b80f861cbfb3141156a7edcd76ea301c595b1c81958eff57e2a6ffd54e73e9c4dc65a6116922ef74db8bbaa160967d03 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | ecf5a3846496ebf39a588a49344ff65d |
| SHA1 | c07e2d2946a9a8872266cb1bef68e0071211563e |
| SHA256 | b02022dd0d9bb53543bb462961be15c04a86a704b1d9efdfcfb0c9d171ca1706 |
| SHA512 | 3d9f96e1c44644ac12404eeb2ef9b4ee31ff8b1461b71bb8a6fe31b178b8c964fd16c98cdc8ea7756db71c90b4951037ab0a21c5ef332edddba2be0dbc79f982 |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | 40f9d801d99f5a076fc863723ccd15ba |
| SHA1 | a756b56e223cc9d1f16ebfcfa4b353cd710932bd |
| SHA256 | 2fb785ffff55b43ffe970ff34fc67bd15e6f55e32732cce6f32b27048b255ead |
| SHA512 | 97e3e47130635ae8fad28a19b53a304a7a9278eb97cf8e8f7f490cb676c3d05614c5242acab3599bc8b23f320545c3bc7a6c737987670661abebf2dfc6876265 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/okgo_cache.db-journal
| MD5 | 261179c41ba49dc657f2b775eab73e10 |
| SHA1 | 6f5fade72f75078352de90e4006f92d7d58769fe |
| SHA256 | 0afd878ad1c79439381cfdfb4122371f1e54acc11cfedd491ef21ba5df02932a |
| SHA512 | 827488b7f3c1db172093ec5f1b6a3730b17ce0b3350b6fa62d7d04d7105caf7eab4df2ad855fabf1994d8a9fd028c7ad6151945ad71871946ed949928cad6b9e |
/data/user/0/com.sinyee.babybus.recommendapp/databases/okgo_cache.db
| MD5 | b110412564728498bb1612f2c3d54dab |
| SHA1 | ff630280da80b8919ae60f593d703a5db1efd709 |
| SHA256 | 197ae88100eafa1d23278b83b699c4a56c7ae30eed8843babca07642449d2bda |
| SHA512 | 0d79e56721b4799158219f5e7b960a922e5fabf184199766fff06da058cd661f45e4e3e07918c4f19c132a03a3f8af420d894bf3ed847870aaf5083cd4229592 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/okgo_cache.db-journal
| MD5 | 908e5e00e9bb6e377c56929d714e8a78 |
| SHA1 | e3b46896ff9e914347c22a5f10397031d80f2131 |
| SHA256 | 602e67497f61ab5017b203580b5a9c8719b393b48ca72efae527f6060f8f87d6 |
| SHA512 | c5538baeee1038319423d2083046712a46b19ceb1b8954d078543f780f8d54d8edadbb269ef7666bde9ce9f05f108b90e25ec00651803246a587b1a65b08a367 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 7888b9c3d3f14a303d6c3696704c158d |
| SHA1 | c4d38df268892462d729b499282f2437ae6beda5 |
| SHA256 | d26cfd4eafca58afa01d711e2b8f4ab5a37333b25b8ca94daae458f50c7fce32 |
| SHA512 | ae9efba6b70ddcbe9901322702a16082b614c4e067b8fb687af9fb90c62c1175e1c9de76af6480d6d7d56ad253c9df67494df9942870ab1644fc68519eb7d81b |
/data/user/0/com.sinyee.babybus.recommendapp/databases/okgo_cache.db-journal
| MD5 | eddb539cc15f68a10ab4660e0544a4f4 |
| SHA1 | 9df60362a6402c096b3c3866e2cc111a30bae3da |
| SHA256 | 47783e81da8578bd431a36eaec749b1af2a10806f9c2186f00c7c59d5abb451e |
| SHA512 | 49bd0c9f20aec8fb9f98fe7ec0d07ee2e16084f9280a1e0741dc0c9c15bb3d116af85edca2ed0536eda86539b85b99fe9d62f544db7ab2bd84d062ad0dc59c8b |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 6495bbcdab68d3b8c95d0d749505bb99 |
| SHA1 | d8433ce5fe25d73e26fa9361b20b724ad90a7332 |
| SHA256 | a198bb101c935775b11182f94b1bff9104623f056b681defe9f097d7c4a47e38 |
| SHA512 | 488ca871efb362ffdc9b8ce36a39693b13a6a37260921f9ff37bcf2b8e02f2a94598813bea9174ae7c0a96ffc687f63e498d6c1fe8f4fe3bf08752d97191d89c |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | ee1f89563d8431396fa5797a724d9aa1 |
| SHA1 | c30d9d1a7aff2980b63b36f8f6d30f802002eefe |
| SHA256 | 4bb5d2c1f68b8b427e0dfff0f7706ae8cb8e823668b4848f1ee7e2f82f3b4aae |
| SHA512 | 44c9dc0d58f8da8968419c77ddcfcaddabd7726951e99492695a6f6c7528f68157fbab56f869d0abc745692b25d4b27a4311a3db01d816dac2d3b1b40ebf4519 |
/data/user/0/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 4037762a37cf6c38c465e5767d2c3818 |
| SHA1 | 46d7df6a5079839f3215d9b56e1892da88f02653 |
| SHA256 | 28365df77f83e80b1dff0c376da09b43f973667fc536ecb5f966543da9c49140 |
| SHA512 | 5535d98c7ac5714bd224d91298231f73f9636b85d7a4dbd6af1c559b54b2dcde89b5cbf0d237ac69dbc79d9d28fcecc73f28ecdc2c3ecbe7ea77ba4369a4dff6 |
/data/user/0/com.sinyee.babybus.recommendapp/files/umeng_it.cache
| MD5 | 1bcb8c0f83571a792b10707949983b8c |
| SHA1 | 9fb384c10484e112909345e3e81e00a620bc2889 |
| SHA256 | cfee91cdaf3f6e96548a5e370055ded9a66ef88e165ec5230b64543216e3e575 |
| SHA512 | 01434a8dcff2b3094e4c0a84daf577bb08af47a660136e466b97946be587999dcabcac73c9bb8bea91616aec64a001232ac4ae42556e75b03a9274202234baf0 |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 72efc7a93af9b7f889d5a12fe5925e6a |
| SHA1 | ab3cea416e4fd14a3b3c5d872273a3c182261d8c |
| SHA256 | 98e0145c4c7cd6fe38535e8e3f3e7e556446db628aea10283c83ef18813d4bc0 |
| SHA512 | 32ae5c4003cb376522dd484a71651d686ba5c43b8e38e7b4ea7b9eaa88eae182de25873a5f965d3132476691ae7117a1e52293aa1dd511753d83916c03c54217 |
/data/user/0/com.sinyee.babybus.recommendapp/files/.umeng/exchangeIdentity.json
| MD5 | c50526397d3fba81abcb24d38f8dc312 |
| SHA1 | 794f7eee0d95669dd7ffb501db75c149f1ff5235 |
| SHA256 | 731fb0dca87d0bf8d052129de09831ff455dc4eb0e5c94727d0e4f2e69d2abf7 |
| SHA512 | 0dcc866fdf82f5e7e575db0810fe938dcc085ce8032aa9703a01fc1e1bba6af917051228c111a739823c4706251d574218baecebff55675da717fd0a1f49e8aa |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | 05c15a7ec78e92fe340e7c33eb9ac0f2 |
| SHA1 | 19fdba44032974f9f5cd78f557626d350519a23f |
| SHA256 | 96331ea44ce33430ffc18aa29a41d81ace56517c2e69342941db7887cc993980 |
| SHA512 | 7f07439d55130ec0f2c4f6ae9815401393f57745190cdd7881446223e778a447ede84d30dca09708f8ca3838b70de97c54e1f7a2629452c5a03b3e85dfc7c7c3 |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db
| MD5 | 86752a4be6564d8370f2f0e403995003 |
| SHA1 | 29f7d50675f6e59f3b808eb6dcc8619384412115 |
| SHA256 | 50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c |
| SHA512 | 79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | 75a71888578b08efd9dd38d049155d2b |
| SHA1 | ea15c52572e6e7fc54c6e4f109c76d9ba83ee186 |
| SHA256 | 9a561e09f9ce2652b674cda0b703773ea594fc380ae331c7aba09a667891edd4 |
| SHA512 | baab26516b72656274f6dc9bf2814c135e5a65ef261415f33d9d863a831b1e9fcacba2963c76069b1d2cc41d4df18ef6c4d0358500e0769237fe96bfdf79476f |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | f84f76f21c0f35a4c0d969a52b0f82a6 |
| SHA1 | bef9839c6436a3e6e45a4f41cccafb584d520e41 |
| SHA256 | 1ce164da46ce16fa5466281a1276b849856f88d550595b46c7cabdae86b9fe88 |
| SHA512 | dd1eac0c5974b8adfcd29be64248cb3b2a959024a5cb5f4c20e1932dfac7b183e5c88d94062fa50d74baf417459d519edfe85851b296740ca9c36ce6cccb292e |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | cc08a95a1412f0bffd01b004ed628296 |
| SHA1 | 33a14c57f7e977c0ea2d95efef8dc24774506fb4 |
| SHA256 | 1d8227937b93e731b6c3d844546829bc1615fb2a11839c5e182982ac20a8d58e |
| SHA512 | f621048a822c3c98791edf70801e7e3f910670895f6423cc03d66ef5ba6ec880a7ef08b09c2504a212e9d113e4c5ce0857ea0859d2cd1ce3d39623e9774003bc |
/data/user/0/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | cdc3864f3f54bd99220460c158427361 |
| SHA1 | f5684537b495a1c71bbe0a861a00d4064fa18a8d |
| SHA256 | f5ce41443a3e7797eb05f8e2a0989fab420a2cd64fa8c05daff170fdb48322db |
| SHA512 | fb433a0c8eec9f91420732415dd0890c80e43389a7a3829f17d0b4c8e09b3fbf09b356860d3be381b6ebd162ee710cce0a30a82056c2a26dd645967c2fc82ac0 |
/data/user/0/com.sinyee.babybus.recommendapp/files/.um/um_cache_1717404463259.env
| MD5 | 6e9c0bac9e3f1f268fb8b4e3804a7b1e |
| SHA1 | abbd9966c483148febb2238e00aa2216b4ef57ce |
| SHA256 | 7edffe2ce4371ac662545f6ebebb65f48ccfb40fb961eae779df7eb18ce39995 |
| SHA512 | 0ee6a829d51f9e247683254b6581c8115c5f55964989e856b8887237549eaeffbd6590b4b96cd55eca113c96a7c4ba1f0d9ccc7ed4d0458c22536c752658bf2b |
/data/user/0/com.sinyee.babybus.recommendapp/files/mobclick_agent_cached_com.sinyee.babybus.recommendapp331
| MD5 | bad366d2d8c5250d23268438cf4f14d4 |
| SHA1 | 6b161e5d1252458e8eb7f6b747c8b8f04391a49c |
| SHA256 | b8167d2b38e800a657d7cb731b602874f5d21dffc2a013768a01cfa99bdd2f07 |
| SHA512 | e7680c6595ff8b1cb31c1dfac3d9bff4a05160cfec3d88d41baa1d2c177bc12f2a660dc5ecd7c2c5f2e4a13f3295e49c6c0b4b3cd3e900ded4e3d510cb74b196 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 08:46
Reported
2024-06-03 08:49
Platform
android-x86-arm-20240514-en
Max time kernel
71s
Max time network
131s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.sinyee.babybus.recommendapp
cat /sys/class/net/wlan0/address
cat /sys/class/net/wlan0/address
cat /sys/class/net/wlan0/address
cat /sys/class/net/wlan0/address
com.sinyee.babybus.recommendapp:push
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.3:443 | tcp | |
| US | 1.1.1.1:53 | papp-api.babybus.org | udp |
| US | 1.1.1.1:53 | papp-api-ex.babybus.org | udp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| US | 1.1.1.1:53 | openapi.iqiyi.com | udp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| US | 1.1.1.1:53 | norns.babybus.org | udp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 123.125.111.69:443 | openapi.iqiyi.com | tcp |
| US | 1.1.1.1:53 | api.m.taobao.com | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 140.205.162.6:80 | api.m.taobao.com | tcp |
| HK | 45.249.244.139:80 | papp-api-ex.babybus.org | tcp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 117.27.152.114:80 | norns.babybus.org | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
| GB | 216.58.212.202:443 | tcp |
Files
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 248968ad44dd95a37278b569894fe323 |
| SHA1 | f78ae9064d121d6de90844d6c8a60955bf2d205c |
| SHA256 | bb42819e34eb3bbc590941cccf4fdeaf14b53101e7dbc517cb7486c9ac7c62fb |
| SHA512 | bd64514e1a29ddb169a75447640c4de7e91904fa89eb5768c7441ef05050561dca53133c1b3fb76b772da33310d40005903d3cd3027255263e51e0f61bffeda2 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 7ad7c0d298cc8dcd176f3028110f5f09 |
| SHA1 | 902b3cb5633b80438ba5bedcf9bafd1e4dfa494d |
| SHA256 | a087f50ab04981b87172ca54b494c567ad98c7339ed699f6b3f67851b5e51c22 |
| SHA512 | 56a56157df306aa0eefd56aa37a7c0aef66b03590847c1225e8f159b934005fbe0a407a7da3f95dd113e1dc05e68afdba405a6daba5277dbc903b4948ab2179c |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 20e3449f6415e389106e60d43577d86a |
| SHA1 | c2d94c0cfef5f03d88f5e6d93769c017cce81bcf |
| SHA256 | ce273f5db6c9d1045546f1c2fab69c6e046cd5a0a827f59b14312a688385831c |
| SHA512 | b8174acb5a7fe77f860d0621f44e246ddfd8d38cc2dbf02f6a985f7b2874a80df41d431812774df094f17cd45ac86f68b95504dad1338a802c43956c25b84bcd |
/data/data/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-journal
| MD5 | 66f4f54a5fd12648cb058437acc542b9 |
| SHA1 | 30499c6e0feb7c4c0c6aeab36f77db9a27dc8c41 |
| SHA256 | 1a9ba972463eca26c7f929a78e780c92b82df44da33fca31683fb8bb9ef4a542 |
| SHA512 | e3cf50243f9b192ecdbac4c5bb3bc8906a68e09cc7b29a61d5d0ed43b60a79c3efc517fb195e37bb651a06a72ecb3a920cc82a3b38000433f3ac52db10d00e04 |
/data/data/com.sinyee.babybus.recommendapp/databases/RecommendApp.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.sinyee.babybus.recommendapp/databases/RecommendApp.db-wal
| MD5 | 6ec5414bedde0276297621a338c94c45 |
| SHA1 | 08e1fc0431722ce7cac19f4f73793f00bf211077 |
| SHA256 | 74b99403006adc367ecdfb4472142b22aa643ef9ab27a1bc63c28883a4e8df9d |
| SHA512 | c36a8afdcbba0828ea56823e37a2bafecf8477dfd7ed0c6a42e11d4ce7947f3c3067fb27317986cf72745007e22b433641683e60fe60ee30c0f6c0934e1f3d91 |
/data/data/com.sinyee.babybus.recommendapp/databases/xUtils.db-journal
| MD5 | ca6e47893ea4cd4cca428f5a9dbb9e72 |
| SHA1 | 4bd1852e7e9c5be96a82e17b6c9841cbc7d9b531 |
| SHA256 | 639f581871d86ad613b1b6ada1a4a5cedb88d24e0510026b96bd3cbc73808238 |
| SHA512 | 6cd5b2f757340f8161974567f5347a7d2766188eed40aa28d212864cdcd537dae385c66afe0db8b2d0c947a828a17ab93febb1d6cea7aea2c099e2d145298eb8 |
/data/data/com.sinyee.babybus.recommendapp/databases/xUtils.db-wal
| MD5 | 7388fd6a8be536e738c8430c8be57cce |
| SHA1 | 4532a51347b877dcf2cc066f85d9bdcc80ddcaf8 |
| SHA256 | 91bccf52239ad7554797fb1c49dd7b32f912268ad21e31c0fa527b4f822451e8 |
| SHA512 | 0bff97b84feebf3afe27bb4d395e0fec2f3acf70ca8c347abda45a5533a2c2fc7e399f6a7fd76bf8aaf13eaa4671d6ade1bea78e2ddab2229a202f4e0d64b909 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-journal
| MD5 | 6d3dfd5b52330ad628c795c697b776c5 |
| SHA1 | 864570636b4ed3b70c8eb36e331e2604a86fd299 |
| SHA256 | 960f3e83d2ee4bd3dbe5f8d6bdf48b9cd7d8cd6d0041df463ae361fbf8313f9e |
| SHA512 | 1cc0330227a928baca0eed80cf6d475d7e7ef82260b15025fb242e713c9a70b78361d9b843987ef702ce784043018ba8559a6554cce236fb54e91b8a8f15aefc |
/data/data/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db-journal
| MD5 | e34b361e4bf840124380bc7dce45122e |
| SHA1 | dfa2720566509a34abba143360d985bc2ac00f5f |
| SHA256 | 58adc0d43d51299e3d41e5de9e3771bd011e806f8c7aba9e0adedcf62e05d070 |
| SHA512 | 48d7ebad4253fc7fcf701a2deda5ac279a78a93ec6b2d699199878f2bfff3dfc2e7ea189c23f1203b73a6c1de42b2f88751b3345d9e3b266782bed00586dfdb2 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 0fcb31920c258bcb52a89d3acddf2d4a |
| SHA1 | dd764d611e087ef4e43f0a5cd3f3be85e062eb17 |
| SHA256 | b455bb6d9ca4b802054f6f1e72d66184b37897ba60a1e5b5de456454ddd07828 |
| SHA512 | 009f5d30aedf58e5c88835cee9a6b87a073660627beda8a09070eeb9139be05f78d11677ce31152f57a988ff132a469d9231140fea3f4c7cb078d39fa55509a3 |
/data/data/com.sinyee.babybus.recommendapp/databases/UmengLocalNotificationStore.db-wal
| MD5 | d67457137d94689397e43394ecde8acb |
| SHA1 | 13bfbef16e8e167f29edc27dedeba576118d49de |
| SHA256 | 6fccba3bd849c30fdb32e02e56c4251cc89933bedd7e16ba0560ae60cafda65e |
| SHA512 | 31ddb3c7bb425379a35238eb3f43a04eece218645242e8ad234f3b893141aaa6750c93060d84c6ea58f15697bb5b519bab0f8d9ac83a6ed2c0d9940881991293 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | 4f3e6255470c690fef7556c3056ff449 |
| SHA1 | 01f7c207d153e17e3d49c5b7985aa2e8f98f1d6c |
| SHA256 | 73341206c172fef6b8c7c9a3bbebf5040da0341a7c168cdaf9309a455ff284b9 |
| SHA512 | 30f70a4f3b0caefa1f7e8c556c71fa6ceaefedc3faa4c2d994bb5db165309693bad89a420a4e5e500a5989b10d805adec733abf10edb6c5cf596bf962eaa23f9 |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-journal
| MD5 | 306a1cd618f58686c2e7df219258aad5 |
| SHA1 | 55cf50330e7ce56d93168c93b7dfac937eac1fa8 |
| SHA256 | 9a87a66dfae6acae1d5f11596e634e028c75b5250f7825e4891a7454c5843042 |
| SHA512 | d62c6539dfff3e114f29977d7eb5800df1fc68b01c3257f30fdca3f7827edb32b96f9f514d09b9ff4cd4bc654dee2146911a07bbd5e83c77c01e476c1f4bbe6c |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-wal
| MD5 | ac37d27c433cc9e7ffdefc93cae1bcb6 |
| SHA1 | f80351f0aee8f650de03cc8f0f5a9651eee797ed |
| SHA256 | e546d43d9f5d528604a29b2a373a6f544e4dc87dcbae1ee28079b3faabdae676 |
| SHA512 | 95172e5a074a6ccde17c93944306cf091876a7bce3508914a274d2aea9cce7e263fc2421e6cf717296b6ac886d5237d86404667b28e090de90ef153daa6cb8e7 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | c3913f8c861994e195691b8888b4f35a |
| SHA1 | 230a1b74ade344f1e214d8d23e856d8686baa20f |
| SHA256 | 22e4a38b570da4c4edb88bc2a0ce8662fb67f6e12744ba400f969d616b891f92 |
| SHA512 | 7330bc24c1c221bff856a0ae7381db8747bea75f0c98ed757313f1e6ac1a959e8f153a62da4a78d60739b9a7b36a96b7745d86198ec7930111f136b5159e39d0 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 20d375596471555efecc02bc64039f8e |
| SHA1 | a3c36822657d21825175dda8959241659726641c |
| SHA256 | ad03901970eb4178fa2ee0a7f683e13312518d0dd888ac909ac742134530c3a3 |
| SHA512 | cfd09c84abfeab94261b2fb9a837ce9cd4e5a1b1f6e85f9b6f283e11578f5825867a67106a7bb2aa56d20cf57070bc1146fab6bebfa0aa845c4f50e299e7408a |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | 1ccf83dcde8b06c79c254de73874766c |
| SHA1 | 9063b63ff7713e6b4604a4398f065529f71d4af2 |
| SHA256 | 179abef12f97bd4b4438a0d258dfb96625e864c15fa425ec607c6a453100d301 |
| SHA512 | fbc8f205ce5083d902db4907be29dfcb1ebf7cad0b015655769532db9e559cb02cd666d47e0b6a98fab78537e147db6311f149f45de34a3143e42eee9aaa7a00 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | af772beaf2d202a9b6caaf2b86ba2e42 |
| SHA1 | 91f9304b650c0f7628c117a3e7e32555fbe40c35 |
| SHA256 | 924a81c982529fccbe1c505de55a66d6186442610492e9d7633a3061687c1e30 |
| SHA512 | 7ac9c9ac8aaff2de6d2b67b7899e1212b7fcbfb0af8d3c433512b15502b65d23cc5b631b41a48879cd0c48140bd2a851cce4e8d1d6b8556caa3a5d825953941b |
/data/data/com.sinyee.babybus.recommendapp/databases/okgo_cache.db-journal
| MD5 | 66ca2b6d95b63198b80c35efc3ac3390 |
| SHA1 | 94fb674427f48ceb27c878766726ce561b4e9714 |
| SHA256 | 35a0448fee277585d11cbec11958e47cdc06a9f06f9cd4462048d9e8bd2e9c81 |
| SHA512 | 5fd521dde58451e1c5d82be82061b017b412aa6cd928018c5100092fa07837b1bac763107239d1eafba8bc14fd801d564145a8470f51219ab220c1456ad253fa |
/data/data/com.sinyee.babybus.recommendapp/databases/okgo_cache.db
| MD5 | 406ff9ea400432901f2da83a56637bac |
| SHA1 | 20b129c04ae642a637dd596e938ff5fac0f4b82d |
| SHA256 | 7abc04088e008647e17eda7ea16cd27201b5fb3813ec5b350f478aaebc17e9a9 |
| SHA512 | 6a1c095db2f814387e9cc0905143902c639e58f4897c08016c8b46978cd873d063230389853e6319c5d8f46bdcf25f8d43160c7f204f9db66a3c103884d4f299 |
/data/data/com.sinyee.babybus.recommendapp/databases/okgo_cache.db-wal
| MD5 | 1a78c290ccc3bf36b96a0c730e044c2a |
| SHA1 | 351a6b0ac9f58e0b0c5610d1c0273bbb688dac44 |
| SHA256 | 33d2acd551d9fb5c6210a1d0c52e9b2ce4f0284925d723d0b1ba077c1a75d6e3 |
| SHA512 | ac6700dfebb158584ffde494c0a92dddf1e7f99fc82d2cd7f21d0c7dec3fde963334d640ac52bbf608d74e9e405db14e5d2e5227257538be5cc25cf03a4d9746 |
/data/data/com.sinyee.babybus.recommendapp/files/umeng_it.cache
| MD5 | 528cd9cc2f1b44ec2a6c544dc68242e9 |
| SHA1 | d9e08340e9d67128174a2c46ff3e660dbb37f252 |
| SHA256 | 3e83e9f6321bbe50f6af84a265f0fb1d47526d681dff592f898790a80aa3c1c5 |
| SHA512 | 4964c44090f19658441d10ed268e4882772d6e95c250fcbdb2a17227fe1ee3b2b25f6ef6fc5d94f48eeb7efdc94b6888f77e801eede4b4159aa5e85888dcc62e |
/data/data/com.sinyee.babybus.recommendapp/files/.umeng/exchangeIdentity.json
| MD5 | e5716106de1a3c7a1c1819fc44a0deee |
| SHA1 | 55d1935be032a4591fbc4d5e3714952d5c105b14 |
| SHA256 | 2a0ce830488c9ff98a13e2867c4822ceb898efbc577e539872cf820b7afc79e4 |
| SHA512 | 56971b391d63851c25ccce282be3748e83efd65061879094ba8844aaa11341f4c4c54034afb196f48149c5e72cd9a691ace96af4f1d8f1fb7f965d036cd8fd55 |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db-wal
| MD5 | 1d626f2ddc7e72574cd21c665f765ef7 |
| SHA1 | b25d1e6f2bd382fffca0334b68eaa82fa84bc03d |
| SHA256 | e0865b360d061480337788ccaafe2a2a82a8b763c89d5c14bb2048d7dcfd918b |
| SHA512 | ac4b6a1863178ad444b2f7f326bd4d5d878862fd517bf409f469bf11c0c8dbc996e0d8ef78836ee2ba4b4bf1eb207bf8caca31cde64e5178dc03016b01b6fe8c |
/data/data/com.sinyee.babybus.recommendapp/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | ced6f568431d55825784e004136334e1 |
| SHA1 | 555486cdbcdc4a733073a9bdcecac47c425c28e8 |
| SHA256 | db0048402355c00c141e335c0f6da5aead7e1ee4ff3d71f0464662bd4ee4bed3 |
| SHA512 | c647b2a3756112c0979a50138cdbc0f80db051aeb8aae12b066d7305c49113a148bfea2be03d95b1cb3b28965b262271015c24b36ebd734cba1495898267aee5 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 6c79326de9a4c3ae2687a9db1af97de1 |
| SHA1 | 6aa3c230366786debc753fc739ea4c980ff48ca4 |
| SHA256 | bf1db0849ecf588a56200833fa4c7fc0aee2dfe8f2540482062c37a58160c3b0 |
| SHA512 | be66d67c1a8b221c8556421fc5a6395019ac473b49a42606adf96e5bfb3b380a03146671239ceb9e841de8fa00613751467a3cb4ed939f853ae9dafd6a86bf00 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | 3ef0921c47d7ccb0763151a41a5475c1 |
| SHA1 | 20de0ce40978e21582d987612ae7f6a2f9a8c658 |
| SHA256 | 5b7f008b012b31f8ad36d22982c603a0b69764c421ac18252225c082896be395 |
| SHA512 | 53f0448ffc0a121d1c64227086f2926333d16b2ad2c78fc80c164e37c5b40b011118b9ff83aa62ecb27aa204ce59ca17de4d6a7e159eeacde0782dd2d8becf9e |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 4dff460753c975833bb2a6ec28c427fe |
| SHA1 | 4497a46c90b4ff9dbb296da9a2aa9507592b3521 |
| SHA256 | 6d6f4a2e374c5a889defb1452c9942a43d2270fc33cb3e7d07aab6b7351e58ad |
| SHA512 | 17f84bf7a59393f4605a314d80deea3774a520dd64d3df70edcb2b89c8714a3aa4cd18a45a387b8f12a66a6498db2db6b5ee60bbe831d490af1cfdb1bfe6cb20 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db-wal
| MD5 | 18442603211ac97c8acab76eb0d227a0 |
| SHA1 | 9b8da7bb24f1f703343df57becf1facc6561f077 |
| SHA256 | 56d3bb0292b9019ca95abb4431447c8572c2e41b5ceec693b877c4e0c349b1d2 |
| SHA512 | 410689d3c55580c935e47ea1bc8fe1d7e6cd963d8ead3ab7bec6c0eca2054890215a3dfd308f10dc5bac6d5ea92c292001b8d866ffc4fa4e9c754675e4b3a096 |
/data/data/com.sinyee.babybus.recommendapp/files/TDtcagent.db
| MD5 | 5662bc21e479d0af8982215b04402a3c |
| SHA1 | dbf02862c7004fe450340791fcc15868426eb3c5 |
| SHA256 | 00e332cf8ea513b11130f94e1719a8119e416be96416b25beae1a0f28ce60146 |
| SHA512 | a543335580fe9f3bc65665c8a359a51e84b4f14381c862b911d00c0f618bbae3ebd1b015e449c32a190ce1f1576202100b5f08c00f961fb89078beb85778481c |
/data/data/com.sinyee.babybus.recommendapp/files/.um/um_cache_1717404466119.env
| MD5 | d6e634de8b806a947bdd4f4b0972ced0 |
| SHA1 | d58a0c2edbd7f66762eec3599a143c98f57a282c |
| SHA256 | 6defb70984309abb910f4c7980371986dc6fc0fd0aaa80090de4abebd5289f8a |
| SHA512 | 10d3e76989b9291c38689d2cf5068446b6c44a9e99af77074d6d83847ce38f9ce5c3d1454dc3acbc3fbf75680ec85428c9f848bd7454937a90e63c48c2cf89be |
/data/data/com.sinyee.babybus.recommendapp/files/mobclick_agent_cached_com.sinyee.babybus.recommendapp331
| MD5 | 7a66cb67bdaf919bfac27f1d81995c7b |
| SHA1 | 39933ccb0d5f8aac2b5058ca5bba9596d87818f9 |
| SHA256 | 0d01cef1d142f0fdd14b92dd9cdfe5c3548af7d05238b2b4a15df9b2174ac965 |
| SHA512 | 131f4f609af2c9474ae343bf4913cd5c9d437f560022b42d2538534590408b9e40c13d44782b4ba99d818fb9948b2ef4ffb8774eb4d919c53e58dbe95803ffae |