Analysis Overview
score
10/10
SHA256
e254bc298968fc362fe0af3598f7ef436dcb51354752759b2138648920f19384
Threat Level: Known bad
The file 939fc9ed2ee5b0c23bbfbb036c37a38d_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
Irata payload
Irata family
Checks if the Android device is rooted.
Makes use of the framework's foreground persistence service
Checks CPU information
Queries information about running processes on the device
Queries information about the current Wi-Fi connection
Registers a broadcast receiver at runtime (usually for listening for system events)
Requests dangerous framework permissions
Checks if the internet connection is available
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-04 04:30
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x86-arm-20240603-en
Max time network
4s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x64-20240603-en
Max time network
5s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x64-arm64-20240603-en
Max time network
6s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x86-arm-20240603-en
Max time network
4s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x64-20240603-en
Max time network
5s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:31
Platform
android-x64-arm64-20240603-en
Max time network
7s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-04 04:30
Reported
2024-06-04 04:34
Platform
android-x86-arm-20240603-en
Max time kernel
177s
Max time network
186s
Command Line
com.nvsip.temp
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.nvsip.temp
com.spiny.ma.widerouter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.jovetech.com | udp |
| US | 1.1.1.1:53 | int.dpool.sina.com.cn | udp |
| N/A | 10.79.217.129:80 | int.dpool.sina.com.cn | tcp |
| US | 172.233.148.133:80 | www.jovetech.com | tcp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 1.1.1.1:53 | octopus.cloudseetech.com | udp |
| US | 1.1.1.1:53 | octopus.jovcloud.com | udp |
| US | 1.1.1.1:53 | octopus.cloudseetech.com | udp |
| US | 1.1.1.1:53 | octopus.jovcloud.com | udp |
| US | 47.254.93.223:35553 | octopus.jovcloud.com | tcp |
| US | 1.1.1.1:53 | xwmediasvr.cloudsee.com | udp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| US | 1.1.1.1:53 | www.afdvr.com | udp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| US | 172.233.148.217:8090 | www.afdvr.com | tcp |
| CN | 117.78.28.232:35553 | tcp | |
| US | 1.1.1.1:53 | acct-cn.jovcloud.com | udp |
| US | 1.1.1.1:53 | acct-cn.jovcloud.com | udp |
| FR | 2.2.2.2:6798 | acct-cn.jovcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| CN | 117.78.32.201:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| CN | 117.78.28.232:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| CN | 117.78.32.201:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| CN | 117.78.28.232:35553 | tcp | |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| CN | 117.78.32.201:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| CN | 117.78.28.232:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| CN | 117.78.32.201:35553 | tcp | |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| CN | 117.78.28.232:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 117.78.32.201:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 47.254.23.195:35553 | 47.254.23.195 | tcp |
| DE | 139.162.158.81:35553 | 139.162.158.81 | tcp |
| CN | 139.9.64.89:35553 | tcp | |
| CN | 117.78.28.232:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| CN | 114.115.164.163:35553 | tcp | |
| CN | 117.78.32.201:35553 | tcp | |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
| US | 1.1.1.1:53 | octopus.cloudseeplus.com | udp |
| US | 172.233.148.133:80 | www.afdvr.com | tcp |
Files
/storage/emulated/0/Android/data/com.nvsip.temp/cache/uil-images/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.nvsip.temp/files/login_guide_video.mp4
| MD5 | cc900eb425262c17bbbbb45e7eada97b |
| SHA1 | fd5161ea13d197b1f3e729ce76c2883c5ccd0ee5 |
| SHA256 | d9f529e466d69f86bd46a22d333054f7170896fbfb5468b77b787998e72c3de4 |
| SHA512 | a1c2d254ba932d66d1209d6310b4aa345e660c79db183549489c84e08eba1e75caf9d0a8b6e9e2d1653d7c4ca8c15114f31199820e4259066f1807138252d83e |
/data/data/com.nvsip.temp/databases/ua.db-journal
| MD5 | f4bbe4f323d1dd8fbaa8fe93737ce986 |
| SHA1 | aeea220ad47c541d1f447dad424751e18a045f02 |
| SHA256 | 881bef4f3ea3261043ff9f4c8643aadaa7973096ffae407c504924ea9d02fa7e |
| SHA512 | 261ee910ad8a33bb58a2f7df4a8678339803f615ccf1d7d7cb2d59ec387286b5e948841ff3e1d373359039762be4b010aa5cc0526732f8fa051a4279e90b7238 |
/data/data/com.nvsip.temp/databases/ua.db
| MD5 | c27f603ba6050f43586a2c01522ef3f0 |
| SHA1 | 351bdc7abda3eb5fc461331169d5afcdaa3aeda2 |
| SHA256 | 93cc3822ae3e9ce9b96deec730e2238a3ac004cefae39fbb0e01c3f090add7ca |
| SHA512 | 303a7fdffbccfc7e4de7373080a97668f7a57c282999de942f892e6a67608ab128790acdb897fbb300ded6e381bf4b3e22cfe4ae1c71b3683ac6d32b401a55b9 |
/data/data/com.nvsip.temp/databases/ua.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.nvsip.temp/databases/ua.db-wal
| MD5 | 201208ca80b370f82487c002b0fec5c8 |
| SHA1 | 4d24b071465317c1da86725998ca8da3f147eb88 |
| SHA256 | 7ed40e2aba814d3c36391dce32d22b014bd22e379802277d5bed70d528b1ebcd |
| SHA512 | e880d85e848529b289436ab61dbf462dc18e26808dcd02b632efd0e029690c40fd2501cefb05438348cd44159ac3fdfc90a506ba4a7adc3458f7f33e5706c6c9 |
/data/data/com.nvsip.temp/databases/tencent_analysis.db_com.nvsip.temp-journal
| MD5 | 218b7524fc4ec3eb2be836dc381a8c26 |
| SHA1 | 9f2189d3d6102559f67baa9f91b38a758a1eba5f |
| SHA256 | 55e1996a91e7b21627af6b4890ff91366b97a72ce9dda6dc8b8e8e2d0b2d8f69 |
| SHA512 | 8879d8d442b02d96c8d206ef1ffa2f59a9634e69d3b89ab6e826817bcc3ad5a088caeaa4ec83537a1a4bd345346d3aca7919f66517eefc22fb9aba6a03a7812a |
/data/data/com.nvsip.temp/databases/tencent_analysis.db_com.nvsip.temp
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.nvsip.temp/databases/tencent_analysis.db_com.nvsip.temp-wal
| MD5 | 4c464bd0a5decb2bf00fc0d1e26bb8a1 |
| SHA1 | dc92453b717a427351ed1bc2f0dfa898a23d91ca |
| SHA256 | 98b98ad2dc447a92ba933721665d1496cd6a2fee4647ffd5fe6954ed1bf6a1fd |
| SHA512 | 543873b50761b3f1eb39e167e94705c1c350c5765a1e0f8b2ccfdce979b5a58a93e4083d7be5e807abcf6bd73fe76564ea6853d9741f9d84bd531c0538736da7 |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | 96c0c67618a53aedceccb2865c5d9522 |
| SHA1 | d22875d94a4feaf747a0a0530aa54a392db6ca6d |
| SHA256 | 57996c1039abcace37f479ca2c793b603e642992c4037eb915ab9d1b7159aeb8 |
| SHA512 | 042bee3ddf16f75482dd3fdda88292b7ce122de06a40a14a975f550b724b492c855e0504e5936d8e27deeb5a6c493883978fffd2b1170108e3cceeba9e054a00 |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | 0fd121e26bd811e853c319aafdb64e50 |
| SHA1 | 41ac7b2cf9befee4318b2c2cd9c78cecb70ca537 |
| SHA256 | d8ce76437763bda1a3d7f2ed7f44d664f8ad4c48b13b3e341cb96a5251e8703d |
| SHA512 | 3b03d8cda4fcf9f84c933f9605029e6ba4b4b17bcf12eac07774722f0fa07837a265441d80149b1083c37eb732d11fabe927d30710fca577c33671754cb3b75b |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | a2d32c9d573ddcfb99499ae0b0e68d90 |
| SHA1 | 2a303a4f81443fb683ec4cb712267d4c37c0945e |
| SHA256 | 5bc0d59937003ff703effe7fc0c493ef80972b316c831eaf448696d7d008c16f |
| SHA512 | 84eeae2a4cfc4842cc55b91c5b9c3dd68a99985eea0e5f9cdebd92526053f537ee0e170d180aedd5aff59d3be3dd7d953b0ec3027cb655ebbfb94edffcac8bd0 |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | 5076fda96295deeb3803fcde46d79748 |
| SHA1 | 8f70426f0d90b16922f5a5753e778c26cd3581c5 |
| SHA256 | 15cf5f117467c7b2beb30b4350f2f6dc5d8adec4d69d456b9c520aed98dc399d |
| SHA512 | 8c67b0c1d1f728dc06c43bcb809c59fc6b97231e2f9946ee25218f7e0175b7b3905028acee09df660a78536ffd26485ce41c108a3379ec88dc115311e0ba5634 |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | 62eec68943678ce434c53906a7802b4e |
| SHA1 | 7ce8711c169ee8dbd8a79309a52ca6026aaa8b68 |
| SHA256 | 0db0003599f3f17af513ec4bca05caa6646b94ab12fc68f158f3721f2c5c45d5 |
| SHA512 | 3593364e4649715d946f54375fb3eff9f1198d9cfa730050d6d8bc86cde74e465836b481c77dd45812ac7c1bf49bab551d357051d7b4adb5adef483de3c4747e |
/storage/emulated/0/NVSIP/log_cloud/2024-06-04.txt
| MD5 | f268da2565f99a9e9ec2b002e3e60f2c |
| SHA1 | a87b31a16f51bdca6dc9bde1c6d2a4c334dcde5e |
| SHA256 | fcded2af86581414f2b2a7d9117cd9ac5ce28a15c26606950a57c33570b9c62f |
| SHA512 | d3b9fae05b038ef7673509a4a9044708af81bccf85dc19b70412e834d5e1e921d07c588af3d1541c391c3ee2842aea6c47770ccf472f997a94c1fbfd18d1b8eb |
/data/data/com.nvsip.temp/databases/pri_tencent_analysis.db_com.nvsip.temp-journal
| MD5 | fdd6cfd2d197200c5202ac17b6f5cd59 |
| SHA1 | d12cd9981e3e5e2733ab6c18145df61e19da5957 |
| SHA256 | e3489936bcf1aea2f800913280944118eaaf5c72db65d33a120bdba3aae2ff8e |
| SHA512 | 340d10867677e367c06e16de8adf482545b2b93a99de35e5ca1e523e63507aedc1629316b14433c45b771326f21435f2769fe2131d31fb672d2ca02bbba7c7f8 |
/data/data/com.nvsip.temp/databases/pri_tencent_analysis.db_com.nvsip.temp-wal
| MD5 | a2493922ca173cb6b5af6d5f34b7c053 |
| SHA1 | 580465560d77e0f7ae997f6d99ce4d052aff0edc |
| SHA256 | f54a841e6b10a6e1753bf12a18f3fbd940242e8ce748116d11c0c09604857b0a |
| SHA512 | a1edd1d2dae4a3bc9a052efc513a049788d89be63593dc3e4ca664edc1e8477af57317e7497104f79cc5bf174b7959ea62f6a0657783afe13c9d2fa97ebf32b4 |
/storage/emulated/0/NVSIP/log_cloud/dl.log
| MD5 | e19a27e605ce4e244542a1132c145cb6 |
| SHA1 | 231c12a2a8799ab12c2dd809dd864f03f6fef184 |
| SHA256 | 7e83e5f94c06a86946e6b41ba99cef581695753d945a261eb88392f28ef31e57 |
| SHA512 | 6f0fd9b01b37e7dc1115f5bbe643077db4ca940b2d22b9e86db099017d919214541f3e4e3ffca4321ce7957cdb2775dbda4b527b5ddd27c0ce099d43c441e287 |
/storage/emulated/0/NVSIP/log_cloud/css_cache
| MD5 | 44d63a302181320e146a447321b5ae89 |
| SHA1 | 9923c94d960719f322d57d5827214ea4ae3cc5d4 |
| SHA256 | f21e1ee4d6665aec8560c6b3fcc15085441bcefd8941ffd8511c07f1423ff61b |
| SHA512 | 8380a609593f327288a6789037a46accd1f445ee442f377cc87b63daf8c7b255afee8a90e51fb578dc444954df3404551e4073db088c02a083f286d41dafea2a |
/storage/emulated/0/NVSIP/log_cloud/yst_connect_log_20240604.txt
| MD5 | fb31ae8addebec6c508b585b2d6d70c9 |
| SHA1 | b4e7280c3e0e00464efe72bdeb5e2ca53fabe590 |
| SHA256 | 057002d6c2fd3dee5be9ff6b086af7579e7a0f4eb0a106193207c11cd46eb976 |
| SHA512 | c959340588fb93c736aed804e717ecfbb8f075c93976af31e5bad67d14414d0a55d9ae8fa03307d4e6ce06badf4fd14ef03a2608729f57d6df1cfeb0248e96ac |
/data/data/com.nvsip.temp/databases/cc/cc.db-journal
| MD5 | 3b154b459f9813742a26457d3c7b7d11 |
| SHA1 | 3b4bf8d247cbc801f920131f92e334cbcbefe5c3 |
| SHA256 | 2ff0b32ea9765df1fc6ec38bcd3ce5425e2650b0c89f6116a58fb76932ebfe5c |
| SHA512 | 0531f9a5d4a39636377ab77a67604843827a32fc636f90225df4fcf27dbbf28cf110c771873c7e18a694508ee4762206b6748e648209a26b05722a31278cc774 |
/data/data/com.nvsip.temp/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.nvsip.temp/databases/cc/cc.db-wal
| MD5 | cc09f3a2b03856475c59ec8b19c211d4 |
| SHA1 | 9e879cc2bbb27364927359ba5f65472e4f7852cc |
| SHA256 | 72314fceb91a91f66e82be84d85011dc4fcf9e5096353f726237872885104e65 |
| SHA512 | cb05383b5b2b493b6b37edd8a69a9b2d5a5b34ae8753da69f5e5976cbc4a43315834507262b3496accdd075cc1d2fc8353837c2cdecf0b96764631689299466d |
/storage/emulated/0/NVSIP/log_cloud/yst_connect_log_20240604.txt
| MD5 | 5f54b8500007180f6fd248e9c6eccf48 |
| SHA1 | b50f4ca4634ac4397a72a9d6f1d162abb23ba811 |
| SHA256 | 17237689854ec1fffd2d065ca34c5d38b0129bcd2e07496b632b19036e1a5f3e |
| SHA512 | ee3d3ae4c3a405e77d2d9ae46a051b29a45df0697f6296a87e2bb0793cba152925e5278339e12210bc708c063b810d4a63e7710a246fbe7dfed0ec8ac0d419e9 |
/data/data/com.nvsip.temp/databases/ua.db-wal
| MD5 | 74342b6c41852f5c641be54a6c9aea22 |
| SHA1 | 68341bdf505b6a455be9215cb8ac28da152f620a |
| SHA256 | 1dae3c6b9a3c70be67e7890b607cd450962eafe5fe36afc35dc5b0985a893ad1 |
| SHA512 | 1658bbe831977e4b9e845d5e66058a6e6a26f97de3075f34c422d92a9ef115ea0a475e46b074cd9b91c06946a3bfa323626c8702fb2dc5d8bf59192b829a32b5 |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | 83148d166b3c6e650ff43e0b3e8812fa |
| SHA1 | 2220e5f692a5575670b46ade8c7769e6b8cc84d4 |
| SHA256 | d92239e3cb9a1062c51c6cf0ec4643a534f6142a16871332630eb5b1d1d2837d |
| SHA512 | bea602eb5bd426a5c12b6beaeaad0ac60caf3981995dabe12995d9c0f7c2fa4c18a9291b8dbc45940fb15bbc2c4745eaf678e8acac1494a91a65425d8b934055 |
/data/data/com.nvsip.temp/databases/ua.db
| MD5 | bd3761f1dce208299807f0c6ba521f88 |
| SHA1 | b9793ec43bb2e3e4ea07348f52220f5c17cfc985 |
| SHA256 | d96707716c66218a2368af6d1f618184364804087a35480d1d9a8b928032fc91 |
| SHA512 | d699275c4765237b9ce1ee0b231634618eeb0de642db5be6d9dba075590dc969bc28d46e506dfe28cd4b92363626c3dae657d9a6388b068e040c107b7f287fba |
/data/data/com.nvsip.temp/databases/ua.db-wal
| MD5 | 2d892f4c82b7ec06b53b42a1b66f7ef3 |
| SHA1 | 5f83bc40118b65f7d654a1727d5957d5c4799a44 |
| SHA256 | 96d33d8a105b5ea1842595cc0aecf5f659091e0de1960a260fd7234529abfec8 |
| SHA512 | c1dd79be874dccd669d4990854b7e09bcdcffb0f106e473804ef0a4db5662b96b057de3a3bda6210963bc96802b6d06bf49d8cd3cb0adaefb9400ac713c02b33 |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | d54bfbfff4296661f441500cbb7d9fe6 |
| SHA1 | b99a174465bb84bf6a75852ad001cd97c724af72 |
| SHA256 | 58d0ac35022e01cc48acf26737f090d6dae69c6ec270df5e81fbae4959e1a711 |
| SHA512 | d5cceef99199e3830c9ef3f358f1f76b8654ccb12f547da14df63c4c8b914e38d63eb008ca8f79ee56eef5b5aded7e27669c86422331c46aac5f4605008f188f |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | 64ba0dc34e252cd789d7d9c1f898ee76 |
| SHA1 | 04235e9f3f071f71ae295b41da2a2d63eedc0285 |
| SHA256 | c3d4422602aceddb4a33c8ad7ea6d7ba13d8ac73b213f9304d34683101675a49 |
| SHA512 | 16f0bc1b2410cdf10abdfa0dd3ad897362a9f31d58b8a4aebad887b1e34a596cbfb1aa18ed818630560ade4fca3b917d007de4d8d67a833b16b785bead10fb17 |
/data/data/com.nvsip.temp/databases/ua.db
| MD5 | 2fb96e8f0341222a53e5223f8a6bb592 |
| SHA1 | 755b82aa5448ba00a2a33e14c8ef3c1618532efb |
| SHA256 | a0029facba207aa52a1841ceca9edffb21c3d59e525d6b2816b32e13a713f0bb |
| SHA512 | ec7d37f025ef88dc067c385814a57e1f3c9cfab14811012b6ff88e8b733d86b9841a9d590e27bfd838563f9b72fe3264c2b95c8e70039f4ece4baaf9ab986531 |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | 8b74dbc8cb75820fbf81873cd0ea4bd6 |
| SHA1 | 5553e8f644ee3eb5c4668b25447f4939fd928207 |
| SHA256 | 23a4ce953bf14db1d0006e112f106750ba991efb5d57612df5b5022d2d5bb9cd |
| SHA512 | ca9a54e2879b15750a5b68065156322364b8421f0276efce7e687b614202da2aee539b505d0ac31e25942de84e9e20ee7919e38ac0fb4526af58a2dc16bde25d |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | d657924a672c9a439c74362d055708bc |
| SHA1 | 41f32b24952771759b28d455159b578a507d1ccf |
| SHA256 | d2f0cdb69cb7a29f39402234182c8172b1448c9d8c3678350e9fa804539a1944 |
| SHA512 | 89d6279d4bf01a87310187e7e52478a944e6adebee74b3e6f5bb2974af108150dba782dd3190544a6138f9dd7e7594a8cb6da6e093cb370459433ff5fee0abc3 |
/storage/emulated/0/NVSIP/log_accout/2024-06-04.log
| MD5 | 660f077c367d1548b92f59b362a0ff73 |
| SHA1 | 666abce7a9b549762009306f3f53095b65aa0c18 |
| SHA256 | 60ab0a29340e4d57c7a4b142fc4db2b9ba7c2bd590b076528d38e4d36be9ab4a |
| SHA512 | c82dfdca29f98f98cb4af835ac2f015e2a2e967bfc4a41046ee93838adac1db95ba479035c2747cd9694bffaa8c651d8e5fa0cf51c2a084af22896ee70ed51d9 |
/storage/emulated/0/NVSIP/log_cloud/A_index.dat
| MD5 | 96ec69eef4fe04cda7eb0dbbcfabcb8c |
| SHA1 | 60e1e6ab3d3c017159f2550966389d5de33bca1b |
| SHA256 | 83cde305e37ad1deb17d86f23a39bd2434d6719e30b307adebe5a189a78ff6fb |
| SHA512 | a8bc5a95767b3cadba530f1a5c6201519a6df25a969f86bfca1a46a86641f8bce1d2983f51322314bae5aa841d1db774adf1093a5a3464e0d64eb94b1269ac7b |
/data/data/com.nvsip.temp/files/umeng_it.cache
| MD5 | 95d50ad1324301f88bc80c53e77b4683 |
| SHA1 | 9263d499c6cb7ab1ba82ef8edebc0cbc2cfd4711 |
| SHA256 | 05aa6cb49b7cf9998a34cfccf22a5fcdb943c1431eb6f2116021a5c518faff82 |
| SHA512 | a18575ecead1389c621cf1d0e6ff9850714c3a07e7e64fb34d024ccfc31b4e2ac002568c398941f5bff1d1b05401a355865c1e47f6984d6c3a8b15cf9a281463 |
/data/data/com.nvsip.temp/files/.umeng/exchangeIdentity.json
| MD5 | b9158d074ef1fd2decb176e092827996 |
| SHA1 | 4540eed99d677a5b5a4d3c866ab236934ab7be58 |
| SHA256 | 7553ed5bef3eab02ce71dd095214164d52faa5ece99d2afe87a82d0f9707544c |
| SHA512 | 97b6f7b79eee01a3f9fc385037f96c174686387cc2e73a444c64812fbaf5784a7862b2f5cc7b22c67a2364738a508cbc8052eb2c7d36dc76e382b7a5f58fda1c |
/data/data/com.nvsip.temp/files/exid.dat
| MD5 | 590263ca7f3ad65770682176bc14d208 |
| SHA1 | 76c042f5e7c6a871d2aed73c6c6221e95ca5a2d4 |
| SHA256 | 541808c1b79c2d45a04a4e2a30aa6efa37894dae0818c253e90ea3fcb2599d39 |
| SHA512 | e0fa14bd0f343294798462444ab5db9f4f2b43954408ccade13f7c0d19b4a1896be60c842b977202a50e85f5ff7710c69d8805e9be0909d11ac7985934547a38 |
/data/data/com.nvsip.temp/databases/ua.db-wal
| MD5 | d93bb0ca71374289b9189f11a5a1162e |
| SHA1 | 4541f9574c6c4bc50ba024a5176133f2060eb770 |
| SHA256 | 0b29445e6aa4b6c87671df75fdc5fef6f2eefc3ac5176739964169e2535e589d |
| SHA512 | 4fa370ad4de1188d5d5ee8d8f7d591647d57c9fd495a357bfaa7ff219c71d7a07e4ce59e1d067c7ef3c9a3f8922932904be0c0f7fb9396537ed841a894b5e8cc |
/data/data/com.nvsip.temp/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.nvsip.temp/databases/cc/cc.db-wal
| MD5 | 7f08b736945aaed9f6cc440b65b42957 |
| SHA1 | 0fadec6f767019010f9d8c24f3bf50d7fec7a8b1 |
| SHA256 | d325bb6bfd55d9005d5aeb5fb97375ee175bad3f4b95a6225552b89baa434fff |
| SHA512 | b21aaca735ba0c893fde7e9359df0eb971211ef100a7567cb4149cb01da1ca40efd086c6e0e775d01411e1812b7a494cde4c71971c2c3daa1a366f98a56d4dc0 |
/data/data/com.nvsip.temp/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/storage/emulated/0/NVSIP/log_cloud/A_yst.dat
| MD5 | d52328159d40f287fad5b08a3f77aea0 |
| SHA1 | 04295973e685bf2cc031df99acb4204093fefd15 |
| SHA256 | dbec904ed2ad1756e8d468a35b4c7344c8401346005a6e1390abad64357a8318 |
| SHA512 | 94a647eff08b7c9b5630bbb25515a5a2fcd8c97d75b2acdc5c046f9800195ffe45dc1a7a64e8a5fd21b3ebd8185a307221b47116a3ef1941a7f992ce22d06b2f |
/storage/emulated/0/NVSIP/log_cloud/B_yst.dat
| MD5 | 972aa3e942f0cca4c4efd9dab978dfe8 |
| SHA1 | c6faae3aeec9ae5650a7decd932ca76edf647505 |
| SHA256 | d88ef8a8e5659ea38dee587780ef25d515d58910a2f6743a47fc3c81e37fafba |
| SHA512 | 3bd7e64a64d86bf474a686845f3ad93113e2317b6e395200b4e18bb1ce2ea67fdcb29b14cb29f81a94ab7d84dd5c377fbd62d8d86d67fae6b029a2e1da71dd4b |
/storage/emulated/0/NVSIP/log_cloud/S_yst.dat
| MD5 | f0ce11a35f0bcf1a7207e854512ed68d |
| SHA1 | e47e024165b7f8a48e77cb253e1b502050b4b208 |
| SHA256 | 73c6aca2c9cba7b3f6d1dfe9d933d0a832fa8e54f9fb17ed33ead46084d891df |
| SHA512 | 1ac9ed426fcb1f49af8a1029043fc2fb365bf45f725ad09e50bb162bb1a50bb0ae6dc2b33465bcec791810996b811da26eb6bdac6e791d89dc80779390b30015 |
/storage/emulated/0/NVSIP/log_cloud/SC_yst.dat
| MD5 | b7e00a0a7607fd25626807581e269b1b |
| SHA1 | 3be37d8ebda4a93c3b4c85b7e1185f0b8caf3801 |
| SHA256 | 495adc5eb4bc69f3cba964aab12c8a4fb59173fb9b07ce7b6ba8d50bf2aceb57 |
| SHA512 | 49aeeec05e697f9fa0ec461e6599aeeecc266e6903c6589b7d5ce5243426fef443e5d4ef05c4c2cb38e5348dd439672ef4e6063aca0faf305396678740074bad |
/storage/emulated/0/NVSIP/log_cloud/SD_yst.dat
| MD5 | 8d501032f2a737ead767b47ef349bc12 |
| SHA1 | 057aed8d9123459911eba655eceebaaa177a9111 |
| SHA256 | d730b29223e1ce9a4b09abc8c20febfbbaea497f7cf649cff6df2495ba78945a |
| SHA512 | 7407da024025cd734676838576d4ad2acab0487e27543c117522d914a0efa8d7304871acc1eadcbc42775f06febbda05d2590c4c6a4b7353f33075417ce8d422 |
/storage/emulated/0/NVSIP/log_cloud/SE_yst.dat
| MD5 | 6b81d6b4add127e8ce151364d174a9e0 |
| SHA1 | 29d21797f0d2f08e9ec4f9868319e72335fff0fe |
| SHA256 | 5910486ea88ba324955b97b06d825860671522857a8702ccf14beb65ccb19f5e |
| SHA512 | 3336fffe6bc329766a1c4366d461dba9feed6841c1c033c9c0de6249550e4355dc02915c1e7e7ffc5288e2558dbf8addddf23b17cdac00a0904f0bb581a08b07 |
/data/data/com.nvsip.temp/files/.um/um_cache_1717475603232.env
| MD5 | abb466872fd0d57ca1c13144bc9fba35 |
| SHA1 | 7e37bba11bd72051ccd3839881302f64be1f6bc0 |
| SHA256 | 5a23d30641fd0c4644f837faf68801ea47dd92e6b185c8385ba600e6dc298053 |
| SHA512 | 6deb0ad4fb1a9b55b0c2481579a89f6be3e44a115bf82fe03227c1c7fbac248988c6fa1811bcde0e1c080bc83cf55277ea7d082af430a4256ee3562d5aa2edac |
/storage/emulated/0/NVSIP/log_cloud/SF_yst.dat
| MD5 | 8689b2b3b03512ae64a38dabb9e53431 |
| SHA1 | f74240c7e15f3d7b3ae235e1eaef8b928e6de517 |
| SHA256 | 2ada6f28b0cd386731f470728548619246541d38bc6a7e64e6235232e09ad5c9 |
| SHA512 | ee596d46bb69982576a75220a2e6f647d50fd15df9cb7f097d45973d026486f5ce23c54c55f992392b9520f9ce7ba3a09ef53721e54f1d89131f1576ac022236 |
/storage/emulated/0/NVSIP/log_cloud/SH_yst.dat
| MD5 | d6eb7fa0f605c689f254bcf0c4c7753f |
| SHA1 | de81d61641ab292dfe41840efc96b352bdff600e |
| SHA256 | e389fe050ddb56fc5a2d1678461e1860c3feaa1691ffacb07081b6593453b79c |
| SHA512 | 9148ec07cb12f757c4f11bee12211981590ef45a7f23bd52cb23e163b1bf73e771b5a76cb4a8874fa205503d500ec4ba23372cce148df52ff9302c7392b9de16 |
/storage/emulated/0/NVSIP/log_cloud/ST_yst.dat
| MD5 | 78a58ff056bbeca2333dc557dc94acc9 |
| SHA1 | 4062636cc15a4157dae1c1661f24585fdff1ccb2 |
| SHA256 | 87ceeb884dc096d6ebea5794e1a774eea87a82367b662cded80d55000978bcbc |
| SHA512 | 341008d78b99368926c297305af0919b2f0818a29f76f26e1061f7b32af848276475f8add59743d6b235984c09df89648b50099d0e84582ae47757925049b377 |
/storage/emulated/0/NVSIP/log_cloud/SK_yst.dat
| MD5 | b8069b1cb006e99ffb51f352dd0be1ac |
| SHA1 | 693e948708b0fa3472a96c318fd4ced18efdda56 |
| SHA256 | 80e2a35dfeada46720d943b8842a53e339158f36446950eb1ffe0c8e3d2fb67a |
| SHA512 | f257b94b6e103f1e1a345d0e546fc07261ee5c5c561a9f2638cb7cbd6da6b01cd6516c0cbe47d36c916c298bfbab505ee9643baffc9e92ab15163cd53fee9a28 |
/storage/emulated/0/NVSIP/log_cloud/SL_yst.dat
| MD5 | 83ff3c4794e65dc84c93684dd5578821 |
| SHA1 | f6ba7baf664b7ca0f94e54b15c98fb59c59003f6 |
| SHA256 | 58b8d7703a456c6ba593d569036fff133df498186e39d69c9e2d43d26b830505 |
| SHA512 | 15842e16e469407bd4ef433ab624bcc65aec6ee40f80529ffa6ffa9acb5170247e714dbcdcc8c0ee85039d7663530f811595a75546b592267b79ca8afec891b5 |
/storage/emulated/0/NVSIP/log_cloud/SN_yst.dat
| MD5 | a88d7980fb5f983219dce1dfe26fea5d |
| SHA1 | 1b8d44565dd415688eeb9ae3621460e2db763318 |
| SHA256 | 77fab904a1239385ba87968094349e16ed977543d0d1e8a0b4da40dbf5ecc736 |
| SHA512 | 72adb306a42dd5a2f5c5a5b7ab67e308228d8a032967813b0a33d7046699af8de5d6cf785dd8c35bd6066b59afa7e3f9a2d7b208cb59f4f9a9821fcf822e4b03 |
/storage/emulated/0/NVSIP/log_cloud/SP_yst.dat
| MD5 | 6e9221b33c23aa4f860769408279b42b |
| SHA1 | c9d384c282ae709690b853e164f6627ea53a6e2d |
| SHA256 | c51f6ec37fb8ebd2535907b34af607224b75ce56cc832388518598a44acba191 |
| SHA512 | 73e08104217324e4ac80b3eafb2d495ba726361eb34636aa74e8fed3dc62566ee3571bab3fc0f3f2accb885d7b7c3359bdc1aced9b4f70f3e36a2c6f4b434539 |
/storage/emulated/0/NVSIP/log_cloud/SW_yst.dat
| MD5 | e74de2579fb73c5636dae6480ff6720c |
| SHA1 | cf05e31cbe6668422af237dd39fa8b528d7c5ca3 |
| SHA256 | 81e3bc339051e009fea926f6035e89496a472509a6d0c7d36938df53dd2fcbf3 |
| SHA512 | 7216bb6c320afd5b264b6b9fa6770238e36272fa6c43f99fc03e5f6f5356d2639a87fbca29da25b7a795fce63224d18d9288270e2b17c6ad6e9a7f1177b7f2be |
/storage/emulated/0/NVSIP/log_cloud/N_yst.dat
| MD5 | 89fafcbe46950b587c0329a4b74ec20a |
| SHA1 | b9e5922ee41508479d08059c2446cc11a8b55bf3 |
| SHA256 | af3ae003f6e71212b1bc58685280005f6976c2b8553840cc31b798a4c980cf4d |
| SHA512 | 65f82157166620e38e93058a0483bc0c8dc9b60c3f9ff44f9035d2c9fbf9c4c1f881845f72e9c28438c09aceea2c1e0331f07c58f7a8420b1d3e2460916acc9a |
/storage/emulated/0/NVSIP/log_cloud/SV_yst.dat
| MD5 | b9fbd989fe9460d89fb919d2b3dd1636 |
| SHA1 | baf03b21d462d29a215c669c82ae2543cb0058c2 |
| SHA256 | b84a46f3065fcef418994022bed7aa1a6163f976683771a56a727ad901abf93c |
| SHA512 | d4844f9cfc3a17c5fcfcdb28d1031ceddf3fcc8db6204db19a6d39facf3769514475682334046d0fd4b37d47e49d54ba10aee139300a6768f4149d7e47e88df0 |