Analysis Overview
SHA256
c6e14cfd666835b9237f5ac742566d6cf84982c1a9498aa9c518c5a16f21a7ed
Threat Level: Likely malicious
The file 916cb2ab47e60c3ff43a67ef49c99d0e_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Requests cell location
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Registers a broadcast receiver at runtime (usually for listening for system events)
Loads dropped Dex/Jar
Queries information about running processes on the device
Checks CPU information
Queries information about the current nearby Wi-Fi networks
Checks memory information
Queries information about the current Wi-Fi connection
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Checks if the internet connection is available
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 10:19
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 10:19
Reported
2024-06-03 10:22
Platform
android-x86-arm-20240514-en
Max time kernel
171s
Max time network
182s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.xgbuy.xg
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.xgbuy.xg:pushcore
cat /sys/class/net/wlan0/address
sh -c ps
ps
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.200.3:443 | tcp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 139.159.137.254:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| CN | 139.159.137.254:19000 | s.jpush.cn | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.92.210:19000 | sis.jpush.io | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 123.60.92.210:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.75:443 | plbslog.umeng.com | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.222.166.108:80 | log.reyun.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 54.222.254.29:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 120.46.131.222:19000 | sis.jpush.io | udp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 120.46.131.222:19000 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 113.31.17.106:7000 | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | 015df5724b50b4fbc6dd0caf7ccb817c |
| SHA1 | 980780e98c9958aec97ab7a0de8d28a4c5fd9429 |
| SHA256 | 183990718a96d742bc6f1bb04c313e04db6dc62d445ecb294a7f15babd3281c6 |
| SHA512 | fda8f5343cac8102aade5f1aeac7c5b028ea5d8c92e3d12de92e1ffce30bab47a446f215c9cff7dd1e1bb88980ee0d27b5241e856719fcc1f6a5c25e062e9d40 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | bc7b7cec4c2313b65f6d767a77164dd0 |
| SHA1 | f0a2fb5db284bc60f424c2084984c830cf4d2ca1 |
| SHA256 | 84906c5a9b057b44e0df1fb8030d13110748ba30ef7a8017abdd3157ef349ffb |
| SHA512 | 379bec4a7a82a83c32e93cb3d5d0e0622d78ec79a5e17861f9600069283ffeac13340003fd2323c884a114bd45102034b3e5e609b3390ce099db6ef71a144432 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | f1e1513c1caa393fe8e9a3f9fff03e7c |
| SHA1 | db053d40d0ead70c10b229d129359601a8b5debd |
| SHA256 | 4e81f36348e9d21ea9121450a9c68817efadedf40bf365af9d54a6033b363934 |
| SHA512 | e9c0cb206d14c55f3bf375fddd0d1edcf2e4540c24ac5df6e1c4884e87be9861a87b4fa5a49162fd054bafac7ed223e6f79686ffd71224f64f7336173298c03b |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | e0cdaf1a37a325beb335128a913ce71e |
| SHA1 | 1b4f9eda9ff72406032655f7a7f97e361d90bb2f |
| SHA256 | 444121cbd8f09a2461d84bcdecea5c61c0a5bc7b0fd3671d6a1ba5a91281cbba |
| SHA512 | 2f24d69d48c4cf889db9b6d2d5c867b8ea758663e0e83ce1e7ecf650a6b5850669d35d46df3355a643bb2732b590d4609eabbe4aa74d4a4b076c3bb8e8a17d8b |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | da1ee384869b18f8741df2fea7d300c9 |
| SHA1 | 3d89f96be9958b1baa535bae15ae07ed683f4dcd |
| SHA256 | 081ff7debb9d7675708bf72c6c4b758669ddcd63c808a677e04aba10f32b12e7 |
| SHA512 | ab39a0ea58a24def8670aad24ecbb49df3e3c0a00d1a9f3c5ca0bff60c437ab508b82bcfaf8444d96f73a0b602db1dca8bbc49a5fad6b4a0949d6d3f95855824 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | fcae1d15d3f5d972f42b1952c4e1a68b |
| SHA1 | 4929e835d5079d0e7ee0e20f149787dde60c1d1a |
| SHA256 | 42df170a6944c543fedebcece8a26f43c9e986fc4c2cd74a86343579e88dcfd0 |
| SHA512 | d7d826ee96b68341e86a8647aec75a24a1c08440bbfa863b786be9bdf1bcfd5135411a6f363734429dd439f30d57b9f9aa881e649c295451744fe36cae00e140 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.rd
| MD5 | 7cef4bf7b995564773e94229541dfd48 |
| SHA1 | 4270195392562f55dabae96238b59d535f5d35f5 |
| SHA256 | b599c40c0ae5855d3ebfb7b876a0390274d0432e41e5d58b4f347e941f2bbb1f |
| SHA512 | 74c9fdcf8183f798bfc0eaff0bf1b0950a72bce6689e2c00ecba8e98d975a4e0e872f8ea406f400de8f6941fcd56bf75820e044585ddb52df1d9b851cdedceb3 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 46c7a3c0004f15ed66fae7917cf02459 |
| SHA1 | 8b9e502e201cb9a38680406b53e6b9d563d161b0 |
| SHA256 | 62ded4545adbc4d2227296ccc92293830f9bbb2b00adda3734ce5879c9192517 |
| SHA512 | cbf444b650193ede5f99717ee5e01d9785f9c2bfd4df669d3a4c47969a7f2d447e5083e11ed932793f613d4b808f428437fa6a2be7e302601bb773077a3c9fc2 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | aa41c465aad17300ae4088aad2109e61 |
| SHA1 | f313f99fcd78c7d28d13e84a1f79fe617eb44d71 |
| SHA256 | 3526976bf7f0b38ac3304c05638c892da74f2cb9ad8f3435d2048a0d4b424102 |
| SHA512 | c6dcac9be3ba2e6194b657bd38738380033d5809c0f4f487eb4ac2ccad70a6eb5985ad40cf49e2aa5da70fd526a14c4f66655fef851b8ff3f450d49637c3dbcf |
/storage/emulated/0/360/.iddata
| MD5 | 5bf85148841d8383d6d7b986208f4e57 |
| SHA1 | 3ae0cec3700200310342e6fe027dbf002e8dbb87 |
| SHA256 | 5c84aa5fca03441f84293fdc45f10fe0873daebdee032eb82ffee4ce4bf8654c |
| SHA512 | 900486ef249d3e04f5cc092b1203a3a447a80ac84a870cd749fa428e850e13e2290d00262f99ebfc5be55cbd771c9b18eb0e4133cc668b6086fe525ceb1c96fc |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | acc2a2f5cb76c41d2e97e0d409b53bdd |
| SHA1 | ed06f22ff10e0912f50d53bc775ed2ae70f85d5a |
| SHA256 | 12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448 |
| SHA512 | faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.li
| MD5 | 94851c29f2c9c53834cc76234c7e1252 |
| SHA1 | b116d2a9aa614305bc29d50935795dc8d26d72b8 |
| SHA256 | bbcab80618b51ddb1c14fcdaa78d331d37702eb12e10dba445b25771661fd4c5 |
| SHA512 | a7953f979f4e0035581aab7eda228157baed9fc34fe9e6573682e4ce67cc817421b3eaea3509e6c5aaafb8078edf006fbc880f7a39d942badf4f291e6a42c607 |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | b01be4fca1ab221be2fb0e68545644cc |
| SHA1 | fa904c5b9df93723bd3e83131a9186c10780a14b |
| SHA256 | cd660f7b6bcda0f7cdd5aed9d6bb36df5d66dbc2f68e404a6dcb12c30a8aefa0 |
| SHA512 | 05238e236d31f8716d39dc0c76f09f9787badd8a365e277970153648a2f4fd6579bb12e3cc5163076c49736b6fd77554c29153adcbf9b8113837fcd94c438aec |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | 3d18fce26a306b45efc160c225b5113c |
| SHA1 | 4e27e7158267ba1a42c87d80ca2d9fe47c0f2b36 |
| SHA256 | 7ef983fcbe31888c588626b87d8ea7f6448f7bdded04abdc5e66a3411f5368aa |
| SHA512 | 4d43f2f628a006732f76e87a0e583fa4f084a16394bb86c39ef63b25595f7cbbb513a1f993b86c55fd7270455e49e7e5d040f7bd7c5c4e45c3a726f1b6138a4a |
/storage/emulated/0/data/.push_deviceid
| MD5 | dc6bead3f51f99d3fa11560e8ae37950 |
| SHA1 | 4a71449362c2f928b2326061518d8c826a7c65e7 |
| SHA256 | 3aefd5bebb16447f33cc05cf49d46e55fe9db3011b7c7fe68ce37794ec388d8d |
| SHA512 | 1a4359b370536c57b67f3a8c6fad00985ae0890ed56ba5963492b1b3acf71d5a8b3c762e179881aa5351f34dd6cb4c337d7d4fffd35eb597bee0c0916bb44986 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 321524811d8fdf42fa90ab72c7c1d3a4 |
| SHA1 | 5b5ea3eab351ff8d0cb7decbd0ce707a2e90f757 |
| SHA256 | c0ff456bf89c7afc6aa4b8137eaad6cc45edaaad23683856bac865a0ee04a9fe |
| SHA512 | ea4e1bb71075c1df7644a5b7cb9da389367258b9b93b214f53db9266ee353621ccf84cd66453a98f9af76f8d77a166d82b7bd1a2e75381bc6cfe81b51698f3b6 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3NDA5OTg1MTI0
| MD5 | 05db3af91090e3df03b29b8d316b10e2 |
| SHA1 | 64e6f845b2b3f75dd1ba85811c342f1c566e9d77 |
| SHA256 | 0769db7b51cd2843e43064492e7c69fc9f5679e9785151f4b553253bbc9a2b4a |
| SHA512 | 16f76cca6a241451452d63792f552781dc167e331913d5800a863c616888fdd80c18f68fca7501979037c1405d61eef2ab0a68c25751c64e8e8cc57de91b6c88 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | 37063fe243e9f0c0f014f25134b1fc00 |
| SHA1 | 21d2f46acd1389325f9d3802807689f712f28a10 |
| SHA256 | a45f75c5ecf2ad7f9c8c66b70a6a719abdeb7ec73e80550f9e313bda34c305c9 |
| SHA512 | 371dcd1f2d607836de0c7d6155bfd8188a292dbad5f4091edd34c81059f2f3bc2547f9ed73f77227f2e6e88ca133a9d51a2b50ea85da02514153592cf73dabe0 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/1b980bbc765294097260c5501e33520cf79efb2e8ca5547693e262f223514bf9.0.tmp
| MD5 | 66c0c680753df4ee0641951b8cb1d613 |
| SHA1 | 9573fb478fdd97f871e9019c3b88f27adb879a29 |
| SHA256 | 97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b |
| SHA512 | 0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | c34c6a488a892fff4d7e4251fac1e677 |
| SHA1 | 36a44cbcdfcc5e7575ee9b585b673f6c49239d4b |
| SHA256 | 3f59c37546fbfed36526c308a6aff087fe8467486553eb07525714cf5ec0dc77 |
| SHA512 | 12291757b5abf4533f7450aef77966abd9ca12b9baf61abcbf82dcda4eb09060e9a76a95ddf1436e4e900c2c26cb12444e8adf50d28372329be37121f675d033 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest45676496311916982778320515625189199630-journal
| MD5 | 56d57e850f29f48f6141064e194c4b71 |
| SHA1 | 8f261773985a1c83a99b4352631bff1086776051 |
| SHA256 | 200acba1bb1f6a04b0499161b542b5b831dfda74902d7cec45f2a1ab3b398f0d |
| SHA512 | 11dd2d40d473c8f5910b6b6eafbc88e6db5af7e0ec92ff96402bb738b10589164234b4ffb6d79305de87d7eafe8b1246bff476f9b1d0cfbe391a49ee75f428ee |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest45676496311916982778320515625189199630-wal
| MD5 | 0b491d800ac7a516ddb9ec8d37f8a575 |
| SHA1 | 006a2d54ac2b55b7a23b2394f6c1cca4f38bff42 |
| SHA256 | 182a7c465211c1d1e721bd396e61faaf8b2e8ab9c51120f253f2a270bb23940c |
| SHA512 | 4a8c346fe278802b58db9aa5ea937ea917e94a92ff0f809a1428e17628a3a4415022b3efb6777e60aafe6810aa23a343d278e73b905849b8b4cccda7b1fcc04c |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | d8a4dd69857f8252b9f7e8f4300aef96 |
| SHA1 | e3bbb7963cb87824eea3e5dee75feed19d6ae163 |
| SHA256 | a0ef1b9b79def6769ec8a0b08e2cee18015d0adab82988a8a655784970e3c7a7 |
| SHA512 | 58d16a032d3faecda1129b0dbe3e0b9deed14353f5141d7b48d0f260cc88869d0c33e0da5f7c527a4fd64d5017978e05f500a2f8ed352887b3242d0a61fed75c |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | b4c439c593c26e5ac8061901e6ef6f58 |
| SHA1 | 9854ec11606f32cd33464bcbb950424ee49e7b27 |
| SHA256 | 045a0978f4c7fab9a1a96fb6fda8bf2fc5896093936bb325c8539927a21945cf |
| SHA512 | 33a8854ff119cbc7199ae026374dd241773c6e54e621c408249c15a76eaa9a70f2e76febdd5d9278e0c8d06ad0bf63aa05f7341557795414c104b81b70daca11 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 027813d2b1d5f3aca3e5db9c7472d6dd |
| SHA1 | d56cf3dc7db8105fd0b50ccc8576589b080c24c6 |
| SHA256 | a006219c8ca994e74652093d1adcceebb44c26ca4ebf46edf9cc6d62baf63fbd |
| SHA512 | 340cf58df2a1255ba2b508abca7401480bdcbb1c48f747f0c4b81b02aee697f4bc2e8a3cfff5bd868088fbd4462288d9b3e0f78aa682e623cb82210936935aa7 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | af2bbdfe1e2bfe5b10e098d2b5bf11b4 |
| SHA1 | 941e286a4cbdc79cf8506a03a46e7049af08e01a |
| SHA256 | fed4438bda19384b2020d992c5e32215f5aada55bf1384222c1b1c77e2faa66c |
| SHA512 | 6c5a972b1f31a171a8a93f4923a766bf7e905299119a532dbe68b4291f01c51e4e13654901707ddb579218bada17b059d3c3a8ddb124cbeeb3adaf3e3920323b |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 1fe18ea75be1cabd6a77e01525b7516f |
| SHA1 | 60e993992a5ca07f281bc77398db6bfe05c68a5b |
| SHA256 | 23fd3dce57d8413256e5ac1aba4eac6996a5ff718d0cfb605af7f1463d0a847e |
| SHA512 | 89538d03b70c844a3313ae7cc1eddc0551b61ead01e51c2bf48137d8da24d756d2594d2dbb5bd0e3ce308ae66cbfde10209306349f8cd78124cade12826f6b90 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | a96150a3ca80e87268152eece6312590 |
| SHA1 | 4158ed5e5ac06068c7d4cbe29c5d38d6f2bd9642 |
| SHA256 | 7a665f79636e3440bd2431819e4d9a89f1ea67bf9dcd7f4b5d53981feb561fdd |
| SHA512 | 8e57873059c7bec15f125db5c067dabc6c5b552bf2547523845b53e4e7ac3fe03300e2af2434f47712b8088a3753cb69a71e24a2f494012837db8c1219100a1e |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 6eb2f8d13bcd4adc4c6c16ec206aebca |
| SHA1 | d3868453107a365de812e74ebb033aa2c99eca3d |
| SHA256 | 9c182d69b509e1cc191c284c6fba42bf310fa14b56d7f291f7acaecdb5c49ecd |
| SHA512 | ae0490ed231c747d7fb7afda55d9a6447888b534b3309b769cdd7316a1884dc31fc83b6ff963f2fae90f328ea7c141f6f3d4f240226fc244416324e96d83d2aa |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | a59f4037c378c5e31bbb7ba9125af97c |
| SHA1 | 2baf69cfc6f2aea4e35c45214676866f742be704 |
| SHA256 | 8932e4036bcab3f76901a47e9e93448c34fb477a1360c95d2fccc581456405c6 |
| SHA512 | b6aec8c811d9ee7ab1fcb49852ed56a59417961dcdb78dae98c635d0555b60f7ce527631e6757024641f2d5b9f238610f5dbed15ddf738fb3efbe84fd7bb1e10 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 442b629877ac8ae34d28e8c5fc83c11a |
| SHA1 | 52d82d5bafc1363417d6b8d662428c34c5f7a87b |
| SHA256 | 71a3976d8316cff2fc7f064e2f266893775b42409d501e1821253985b4474a64 |
| SHA512 | 2c3e57bbf423cd74eae6dc266960ba50dd372357ee59ae2927a84a9af8d8588ed1960ab1524a595fdc7a94e64803d6fee4348b8e4aa6c33a9ae4d3e049258702 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | ddae606cd3efbeaabafccd78236296f5 |
| SHA1 | 2f0c7c5368ec8923feea31e305742b9b29432f72 |
| SHA256 | 9d3aa1b5978addc6ea90ef1fc7e3797330c9bee0de53da8b970bff0d5ba3543f |
| SHA512 | 9a779b30ec9181ae9effc4c558691ff454f4b8400abdd7dd31ab0b4389d7fa8299a95cfdc8363d4872b9d15055a36e59ec12b0f8379956571068476d7da18352 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 0b478ff77266a56aff346ea52ad29994 |
| SHA1 | 8d492438961591a9a8b393285522669a1d4d1aa1 |
| SHA256 | 20805245256a86b9820765d2f2adad79ebdb7b6f0aae1c2159f00e4372ea9470 |
| SHA512 | b80820ced48204839de8f347e257de23c847c47887a339e08b116535964d7a2df7a5ff913bbd40f9a00b529768aeab59af9bf15e28a06a9f5db24d42b1e899fa |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | fdc41ab0d737dcab6eedbc15abc5cc92 |
| SHA1 | bf8bb7d0fa8319c636a56b673211be7a31ece128 |
| SHA256 | e74abf5714c19abda65261726fdb38afdada46e680c23b993051d487bc25c9c9 |
| SHA512 | bd1cd0341db8fa9b0816fc2797c4362634ad6481080e27b0bc88af4387d39114e6bbef310d37da23fea685db86ef986e59207680c4c113a4be174d032f534a39 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 6459b6c0d8f2e34fbc2a1cb7d1bdd17f |
| SHA1 | b925c24c59309ff7358f2ef7d9a832dc62e7c90a |
| SHA256 | e2ec2084173a63f311bafc410bb706ab63a9116699718a65893c0930a9613439 |
| SHA512 | 4b0891a99cade17af4921f6f06c687796eb1bd49fc68cf809ce9d976670bc4880a95ca4b6038f4aa5f54f77b3c4b006c20d031f0568319783e3812fc3cb37439 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 602d6fa4079c3ef2f04f5288b973c11a |
| SHA1 | 134a2f8fead88251998a0513e3fc15aa3e140129 |
| SHA256 | 9b69109c86ea608be6c5c40968bc8e983c20ddb0fc9db852fab8182a05accc71 |
| SHA512 | f5ad3cd1318ac8905be469de268b2f141cba5f519d20b801963b4bb61b9f0f183b7de3976aaa56ed15cbb7f9117a3b5f82a505d4d4b9fd16aa2e843cb15333f1 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 8773bf4df9b6dcb599578c4ddfee4e13 |
| SHA1 | 2864649265e62b184df6540e37c14397bf169d86 |
| SHA256 | bb92a9d77c249181732aa2377fbf5b5f48168913784a886d5868cadd6e9029fd |
| SHA512 | 8f963ad7e39944480e2e87f6bcd9d248dae735b6e3763e68706d65bd7d2b656861bb6e7adbfd6f56baa5abb59ca89081a8d23495a569ff328878bfc1aed902a3 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | a45666c4beb68a071f0067ea619df637 |
| SHA1 | 52618f0c8f961d27ffb1a89019c08c87a09d3386 |
| SHA256 | f22a581db6a50879005693e5cbbf9701d0595d5684beac19b47cf069579bfc64 |
| SHA512 | 93c6dad6f25db559ff661fc42b815be1936774ec9d952110a21be84ce845c7b2e21c075a4d2afdbb1df915e1f07dfe780aa6100409ae3d31ddb00fc697aa5b90 |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | 0ed3d3c63deb5f472aeb817511216376 |
| SHA1 | d66661a80871d87419a68efb3e4721029264b60c |
| SHA256 | dcb4ae6b59499ba1157e9ebd439e7f28cafd0fb91b8593638a253e4e4ee32b99 |
| SHA512 | f92cca74ad695ee05c68d718ad07c19196425a7284862ef647a0fe8612fac7f827c81c5b23762f33972ad6d9f8c4d8fbccca9a71af6b4de33505384f20d656bd |
/data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.5.3_1717409993724_envelope.log
| MD5 | 877d8a6b153c02829df3b1c5efc36c93 |
| SHA1 | 2afdd004e22daff07c5aaca93ca6b6fca256313a |
| SHA256 | 7888b73ff9c52c00ae9016d1013cf9f77bf4fafe126bd9a11917e8d12ce9a370 |
| SHA512 | 5b79d2169bb5aff0fbd834eaffb9e778a2b10e830bdcb0394e2c4d220738ce2086e6b300577dffb7ba8557945e0a873ee16128f7fd4f92c07aa91c2a8fafc318 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | e20447cafddec67684810a9e60f286ca |
| SHA1 | 71e0a54f45b293bdeedff4d2da27616cc6b25dd9 |
| SHA256 | e4d7c475a01f314e149a1ee942e61f07fbf8413c3a45667517f1adc2d727a4b0 |
| SHA512 | e616ad6501add1cef4fcbac41777e2b2ffba6d9b3f3c3fe9f56d63ca9eeaa7ff97da97856ba33d1b6675c27c6c121ec19307696ba07f318338dd6cb70e67f59b |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 0adda9c85a5e4808f5b1b74c0a8591a5 |
| SHA1 | 5048107883ab1e345af9cf2e6849ce46e0e612bf |
| SHA256 | 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1 |
| SHA512 | 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 1fcafb542c39c675681eb2ade52b7d49 |
| SHA1 | c15a4a4f03514b77d31e02632cc4f03458958066 |
| SHA256 | f5c90101491d8495afa9786b3c448b6c82c40b8424f931197fac75cc2f7af196 |
| SHA512 | c2920ee77e09770c5cf54443ae28fc677574174eb37730b5de042d6922a83099ac5377bd5b94e9bbc120199260d5ba22f5f552b2548197da70d2d7303c59d2a3 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 261f053d7d2852d94a2e255c6fba6b84 |
| SHA1 | 21e6afeff789b077dea11f17566f3bd62bdcab81 |
| SHA256 | 3e04b4410ce1ba7cff4ad024f9b84bedfef54866827f7d555bd855ec245aa6fa |
| SHA512 | 6335436e4731024bebdcdb24b24b537d082ed3514919bec79dd2969d36dcaf1c23b084e86fdee7780b20a699d99948a4c3ee55a9d3af6faeb831bd366e03680e |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 034da429c2837509918d82f179caf1dd |
| SHA1 | 899e96f3f4ff8743bfcd20f7a2d09665411c0a52 |
| SHA256 | 7adf9558b4321a344a78e7475cf761641373a9b2ce622398c2228d25d8d816d8 |
| SHA512 | 03cadaac626d344fe0b4d698b76c1e4f1720361a836fef75ec080233ed84bc7b8f8c84e6e93be360054ee412dde41e8dbac4819b86f58eb62229316c1d3e5f47 |
/data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.5.3_1717409995979_envelope.log
| MD5 | 9de407a0d4e11dae335c5df6254a3a51 |
| SHA1 | 1782b3cd1771f9724f09bc6544f0a8e14e45916c |
| SHA256 | 786446472184b4309f5c5c9296a8fb4e3b23dfa965f3c58a1598da2c106d2661 |
| SHA512 | d2c071ead26f67c06b1bda02da6a30a87ae754018106adcadf27983ac3fbf5efb9e0227e135f1831346e9b9b9bb8969d90fffbf9a0ca52f4e92013cdab0cda66 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 7174b594c0b520a3b8540826412690ae |
| SHA1 | d7905a87766202999b686dadca080c587891cd1e |
| SHA256 | 14860252561dee9dbc249bce4b86fa569b038c0de350f510c37e60ec9d6e494b |
| SHA512 | 1c7dfb760dad2b90fb75d9f3f1376d87addd16cff06e1f3a248134fbf01f74c90316dae4a7ebc322f93a5e34ca636312543eef58166a3edcb9cc75d8b40c6613 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 1838f4d835fd01f3b67e3508a49a7bf2 |
| SHA1 | 7e8331fb713f9bc51604de36001349f88b1ba45d |
| SHA256 | 4fc25f4c6bfba8d461092ff2ff7dfcf19eab4b5abd084677447a02f393a921c9 |
| SHA512 | 7362673a5971edeae7bbdf80b023f1c5a4666109722a169e565e3a31e2af8bff482102ee478cdc59c445fa592215cfce086a4a097eb063ffbf3077e5608e7bfd |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 29f18322f68b1f89a4d2701bbbae64c9 |
| SHA1 | a0d6aafe69cbad56be357b0fd99fedc47ae66e2e |
| SHA256 | 823dce3586532f8d232fdb67723a106855b86650d798e3c04520cf205d3f07dd |
| SHA512 | 7f1bd9633f8865eebab5530ecf46db715b7c0098a89f12cec1152cd24fdf69d645c575d7725688169260b40eb405a48c18692346cd5fe846089e0c6f5bfbc3e8 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 90f8d79af4ca863e37b7c866b0961c47 |
| SHA1 | 3d476c95cc39ad5ffd8b1d51a696e0fad188c8c6 |
| SHA256 | 3d978653addd5094306f01ad120bad5e261e9db0fad58a8b9dd6303c4f72417e |
| SHA512 | 2e2daf8e26b936b9e6d782c868a83bb3e352e509d1f7df3d4e37210cefa41553090c7faddaa95b250e0d2dba74893cc3e270123ed685e67a61d35075c4a7afa5 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | a0454dce06bf70ee993fa0f5715a22f0 |
| SHA1 | a5cafcf28b57b6a1ae4bfa47536a8f6b8e9c797f |
| SHA256 | 4c48482b727fb20980262373a93511eac5e33f3cf8cef966774c13b0134710b0 |
| SHA512 | d9e08f64d6f6d497b9ed4284baf23d43a0c4eedc6398cfeb7b60e74ab6db67d7c71d9ef9252d4c0b59546a8992f03c140bbf7dce89b56a07f4599b8235dcf08f |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 547033afc8b23be544f83cf71d321818 |
| SHA1 | 4d5b5818cdd5cfcb58c29ca77480571aebf5f51a |
| SHA256 | a71ced06965023494a3e560e9c16c12970d6baa7a7acb140d72b8db8e438c967 |
| SHA512 | e53b315f11184bf56e21d5dc6687a9b721f197592b7f634f222cec3b347b74a77512ed3068102fb89d14a64a388a78e34b382817082354e7e0175acfc120946f |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | c5aa3817edc8dadf8931e3f02238b6ad |
| SHA1 | 7006aabd0ea0cb2520b043772b01013c48971896 |
| SHA256 | afc29f8be302b2dc85693ecc1744c62ac083cd9e47053b4eaa10fc730aa47f6c |
| SHA512 | 1a957f5c9671808c1afbd4d528ed99863da63c55d2a15631d39ca84e2296eeaec5e8e58285ca1242fb628247d36309783d6477f344ec3af7c5a92d673fd1a690 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | eb76a809c3edf608f36c109630f96474 |
| SHA1 | a3f31b8e47ee59ab6838e88b74540999a1b7b73d |
| SHA256 | a1c6be046dee62807f6de3cdc058823872c67f97e373fd6d69910bd2b27f6bb2 |
| SHA512 | 3fb0541b0b3addce9cc7ba24b2e646e4844c413234f7257aff6a2f7f28a93d931edc0766c79033323ebbde7134988f2fdce3d954bf2e9411cfbdc967450cf5ad |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 7b7067983d9f5cebdd7de671898f5b43 |
| SHA1 | 92e511ac4a12a2370a59b0c7f212e9d0c6c7f822 |
| SHA256 | a300c000c967b2be1d1b3236384b947b35d37ab783dd34ca6d11de7939a5b988 |
| SHA512 | bffe8359cf35fc751cda237dd904f2c7b14c7e81688bbc2f0f6bbd232c2a4b6c8e62cd63716e66254a5644d6fcbb004e6ca7cc692ed87fc6ba5e7b190dfe4543 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 22c9e8c138c85f13432f51b7e87318cb |
| SHA1 | c813d48e91c64e4d7fbb92f653ced4e29dcae2c0 |
| SHA256 | e13410ddace5b4febcb02ded1d76d5e6a82806c634c606ae8f8e034767f7a556 |
| SHA512 | 0f25e0e16cde052971cd4c61faae58fc05e4932f222976dbf72dbf4d9b882624c2da40de051a0391a875c0963347d4b71e1a78eb4d47d6c30e53b646b0f30b73 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | f7a9c0cf3017560a73fe0bb5456c79a4 |
| SHA1 | 3186e9077ae62a90c8ef39fbd0addfebe1a6b164 |
| SHA256 | 631a32f6c8c45784bb6a527c4b2393f99350d94322ebd8c4556af8e2198ed29d |
| SHA512 | 366aa14ba91b584e395f9c58d5bf1a803e36b5cbaeb66d25a268f20137048f3bdd0164002354eee3dc7e3b6ec519c14c5a636466188a60bd414a93ead6ed7cc7 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 24a57199ba920d1b1b8adf7dc7acf8de |
| SHA1 | bb642a760488bf86738eae7bab0ff0ef352188a1 |
| SHA256 | bb499bd6875e7139a2bc85b09f5b23905fcf6128f4e7ceab2df2e2071ec7d469 |
| SHA512 | 2e5040d901c8b98caf52f80596e9b79b6b6de7b8ae62e5569b4cce8605bad7a7bac02bcd785790f2bf1c4cc6a7bd83513f52c2247439c2f53a22a86e868aec78 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3NDEwMDE1NDgx
| MD5 | 082c9cc53ea2ce97aef7e18d7e19286c |
| SHA1 | 99aad7c65cef9083c2c82f2c48695433718e3ec5 |
| SHA256 | 5ef7e8c74dfdb7db1d462d76a3849149cd8aa8752a29dc13aeadfb3d8273518c |
| SHA512 | a0b9d22b6fe661cfa576e5c48f684e7ff2c47036bae4a9ebb5cdd4da26c0b15a0c032cc7a699222c171b6daec7317d037d0f82125edd7988aa3416dc7424929d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | bfe9e25af42ebe6b6b831eac9976712e |
| SHA1 | 2a714a1b6c656fb8f15253f9be7ffb0e00e25efa |
| SHA256 | 473c5395e4a68011ac554a0260da164c562eac5f555a742d9283d5ec9a36b1cc |
| SHA512 | 07955e10a82eb738f8483dcd402df4f48c6fa89ccfde454684b4dc2b2fc148c12ea9d83066ac13d8bff27355957a971b9829c2567091d9dd19f45bfc365ceb2d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 10:19
Reported
2024-06-03 10:19
Platform
android-33-x64-arm64-20240514-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.228:443 | udp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.228:443 | udp |