Analysis Overview
SHA256
60815ff0818b32c789864d72bda2bb194514c79eaf12e211524820d6193ff1e7
Threat Level: Likely malicious
The file 99544ecb7f197bf2a4fbe3f2bd915eab_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about running processes on the device
Requests dangerous framework permissions
Queries information about the current Wi-Fi connection
Queries information about active data network
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-05 21:51
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-05 21:45
Reported
2024-06-05 22:14
Platform
android-x86-arm-20240603-en
Max time kernel
179s
Max time network
187s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.zipingfang.wzx
/system/bin/sh -c getprop ro.board.platform
sh -c getprop ro.yunos.version
getprop ro.board.platform
getprop ro.yunos.version
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.zipingfang.wzx/mix.dex --output-vdex-fd=54 --oat-fd=62 --oat-location=/data/data/com.zipingfang.wzx/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
com.zipingfang.wzx:pushcore
sh -c getprop ro.yunos.version
getprop ro.yunos.version
com.zipingfang.wzx:pushcore
/system/bin/sh -c getprop ro.board.platform
getprop ro.board.platform
sh -c getprop ro.yunos.version
getprop ro.yunos.version
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| US | 1.1.1.1:53 | rs.easemob.com | udp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| GB | 193.118.32.52:80 | rs.easemob.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| GB | 193.118.32.52:80 | rs.easemob.com | tcp |
| US | 1.1.1.1:53 | a2-v2.easemob.com | udp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 47.95.246.247:443 | a2-v2.easemob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 124.71.170.130:19000 | s.jpush.cn | udp |
| GB | 142.250.187.206:443 | tcp | |
| GB | 216.58.213.2:443 | tcp | |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.92.70.140:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.135.156:7005 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7009 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7006 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7007 | im64.jpush.cn | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 101.201.233.110:443 | a2-v2.easemob.com | tcp |
| CN | 139.9.135.156:7008 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7004 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | a4-v2.easemob.com | udp |
| CN | 101.201.233.110:443 | a4-v2.easemob.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 139.9.135.156:7005 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7004 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7009 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7007 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 139.9.135.156:7008 | im64.jpush.cn | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 47.95.246.247:443 | a4-v2.easemob.com | tcp |
| CN | 139.9.135.156:7006 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 116.205.165.66:19000 | s.jpush.cn | udp |
| CN | 1.92.70.140:19000 | s.jpush.cn | udp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 139.9.135.156:7007 | im64.jpush.cn | tcp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | a1.easemob.com | udp |
| CN | 47.95.246.247:443 | a1.easemob.com | tcp |
| CN | 139.9.135.156:7009 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7004 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 139.9.135.156:7008 | im64.jpush.cn | tcp |
Files
/data/data/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | e86237de96160ed1bc2e411fbcdd766d |
| SHA1 | cbedb9af2842993bebf01248e2b14201136cd6ee |
| SHA256 | 2d8dca057d64fcdd2e33c0ce2de006918d8bd85119c9e4174168846d471838d8 |
| SHA512 | 373d2ba535cc016523eac796a184f0d2b3f7896f000c4715e08527e884dc405faed93439f132c2dbadbf07aa6bf1878ad60dbc058856bc21b6bd6322208f85d5 |
/data/data/com.zipingfang.wzx/databases/bugly_db_legu
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.zipingfang.wzx/databases/bugly_db_legu-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.zipingfang.wzx/databases/bugly_db_legu-wal
| MD5 | e67afa97e987883c246a853cba0ed47e |
| SHA1 | b7ec35dbf00e97b6ab7e18b66219337f023043ab |
| SHA256 | 91bd7cedae804283678d7acdd31977d3ab2de8c4baa265cbcf41f3c98f4fc812 |
| SHA512 | 699a0aac8a99a9ec3b93c1f162fb4bbb1b8787ffd29cf392623e63af4f28f56c28ce98d5a8fec830e897ad0d98ee6d6d36c282b3192ff75b3926f0353c53a3ce |
/data/data/com.zipingfang.wzx/mix.dex
| MD5 | 63f77f99bd2c2b772a479923bde11974 |
| SHA1 | c7632e7d301e4463fafce85f84e9c3d7da3fdbbe |
| SHA256 | 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615 |
| SHA512 | 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c |
/data/data/com.zipingfang.wzx/files/jpush_stat_cache_history.json
| MD5 | 4a5c4d7f999448a87419da32944d0e3a |
| SHA1 | f75d0d6cb4e67576fbab907b79fc89057f24e278 |
| SHA256 | 3c4e3364a14710889cc3b0dfbc4ba42b3b45fbf5b0b034ef423138bc7f9ba3e4 |
| SHA512 | 3a6ccd0cf26bfe08e3106d452ebb7f713ea30d9b0c33f5543e4aa77583468f4bf77736de83005cebb12440ca30d530d6e0624ec4324e1b6cf6a295703b4693d7 |
/data/data/com.zipingfang.wzx/files/jpush_stat_cache_history.json
| MD5 | d9f17421e6f8993f55862e713cf7c492 |
| SHA1 | e82f34d59719ca62d58ebc294ae777360447a4c7 |
| SHA256 | a7fdf35225b038e17781f26778e6d0b543fa713dce8f36529c45c784f5be2559 |
| SHA512 | 5bce076eea4fe87c6d39f2b68542caf64f169aeebbede4cb0f24997dcbcaba30c7801fa116300ec83813ea2663442cc8091fecc1ac4f34e79f4ec8d964a057f1 |
/storage/emulated/0/data/.push_deviceid
| MD5 | d9e2f06061846cb3b49e75b5bcbb5875 |
| SHA1 | b33da80602d2509048a09f8689be0780311ac82f |
| SHA256 | b61a2f5f715aadaa9e0815848218671d31072b6635d37c762fb389bcae1a8578 |
| SHA512 | 2dc62bae0ca088740c8d8a49d4c06e94ed771233d46b1068b7044b9ff020bd6e4666024881e93e48896d862f56c970e95ee5ad73ba92707b2d1057b046bd673e |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-05 21:45
Reported
2024-06-05 22:13
Platform
android-x64-arm64-20240603-en
Max time kernel
20s
Max time network
132s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
| N/A | /data/data/com.zipingfang.wzx/mix.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.zipingfang.wzx
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.78:443 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.212.196:443 | tcp | |
| GB | 216.58.212.196:443 | tcp |
Files
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | a1f566ec8b2907cc01aa507ba0322677 |
| SHA1 | 8ecc700cfaa20cc07bfe976005633053cc591f86 |
| SHA256 | bd3356dee1f1dbbdaa93d9781802c81dd8fdb7a423cbfa4c7b6e4af5692682b3 |
| SHA512 | 3526db8043a98071ef96d7def3de725cdaf018f3ea13ab521d9be38f0a98c756c36e9a551ad12a0d4fa18ee1189ed7793b62f7f84ef8514b34d08edac24fa094 |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu
| MD5 | 3f5ff936ddd604001a7229ee5cfe8696 |
| SHA1 | 6e4de4b54167b05e8e7ea5b969fcac19369ee2be |
| SHA256 | b5a6b67a2487df066fa9ec37544c4c35d581886b4e56461f935c7664b680fe1b |
| SHA512 | cc229c19c32947b24995b9919fa0f41d9b5d09b095726f853d6f673c81fcd3a789a6144d4b0f8140f3ce8bf6a7661a2621061bdc4a37b9c20c38ecc65308fe96 |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | 2fd7d27b1658513176285c5eac394b9c |
| SHA1 | 2b1e7a9655d4aeea13819905077898c471669f98 |
| SHA256 | 65fa9c1a67f4adc4d65f05078585da9c39a5d943d9bceedd0ba836b06dee70f0 |
| SHA512 | 4989db65f632ba1af6ce03fddff89ac96b1c50dd83dbe033d77ec09e36d5cfd01ae0086aca45b61e8571c28847ff6038fd08dae6c91631194ba48609892dcc75 |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | 62457b83cf1b09843b65b3feaa758eb7 |
| SHA1 | ec561a7c8a25cfd145205e5e05cfb9a7805955ae |
| SHA256 | 22223efcf6a686e88b36433530c469569859bc338a64c0c733af0078a5fe81ec |
| SHA512 | 1d6ad7b35e917a3001e72fb0b5740e44208361f253cff0b431de2d364a2ccb97f27eb05a5056b263ef62e3144079e2e469c7777e90e58b8903d3665ede007740 |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | da5c9924849ced888ae0cb46d945490e |
| SHA1 | aa3d6f2145a6785fa3f3bb9d6da43971ac57a82a |
| SHA256 | ce49f3812ec9463dfb2a3804cb681189c09cb13b5b542151fcafa84016f22ef2 |
| SHA512 | e93e720ed30d6266de8772a28c69a2a8924c4dab93dfdb22cd83c174d58f48cad040f62f6a2435aed8e8ab12920d5fdda9506ae85fb7f4de97cdceef6341bd77 |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | 6ae7157c9a41460580a669584dd118e4 |
| SHA1 | fece9a5cfbbb00e780c445066291e0dc9d752955 |
| SHA256 | 1162619503e0d3161932c65bb08eb9c3c49a03140c97111c53f7d69c3b010d83 |
| SHA512 | 9e2d75144b8c5074d38960501d01c8bef072265576db2c5fc6e0434bd2b76378da185d657dff40e41c43163df4addcf83f79ae864d3733ea158f6a7eb16c105e |
/data/user/0/com.zipingfang.wzx/databases/bugly_db_legu-journal
| MD5 | 895b7d96b4a2a510e302b6fef64a9765 |
| SHA1 | 47525b4dc2e01d093c4c59533a0b0edc1e0f944c |
| SHA256 | a84883a39804c817a8d2d790e0ddf8431b89cfc36351b91d0a89bbf4fb033c91 |
| SHA512 | bc10a670f8ef128bb78440621ce19baa443807045bd2293ef122fe2397dcc3a094a0f883b1436eb2ebccb6970ab7ddb5f41f725715e1380612df5fe969efc519 |
/data/data/com.zipingfang.wzx/mix.dex
| MD5 | 63f77f99bd2c2b772a479923bde11974 |
| SHA1 | c7632e7d301e4463fafce85f84e9c3d7da3fdbbe |
| SHA256 | 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615 |
| SHA512 | 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c |
/data/user/0/com.zipingfang.wzx/app_bugly/tomb_1717625466270.txt
| MD5 | 273325efc8791cb219aa5731fa4fc6ea |
| SHA1 | 22cdad094f6877eb8c7b252ff59f49081b748240 |
| SHA256 | 8c642a0f9d15467239894d0afd51545188288b6cb8c3e5a68fe2aa2e1960463c |
| SHA512 | eb9b0f69cc8028165c4cd276ce7537b00f04c60dd2428697ab8b01ad4ae6c56e9ff82e6dc5a31e594c418c3bfbf1bedd78921a041a7ec855860445e7e1cdd589 |
/data/user/0/com.zipingfang.wzx/app_bugly/rqd_record.eup
| MD5 | 858bbad0449afc0137cab6bc09f25f0b |
| SHA1 | 43d922071f1a4a92e5d87c04caaccfe5fb50edb7 |
| SHA256 | 4308e36be335c956727e55e2f478d80143c5cd8cda3f005b2867bcbfbac1fc2e |
| SHA512 | 9d616066bb0176eaca04afc925526da73873da367a13b3b9cb7ee42856faf04d95624289dd6a5639ecc59d3988bab2cb527ddfc8e76f41356085d349d83621fc |
/data/user/0/com.zipingfang.wzx/app_bugly/rqd_record.eup
| MD5 | 5ac1de230e31c8dc7853fe4111bc911e |
| SHA1 | 857af0e14e60618fd09741af204347f2ecda9bff |
| SHA256 | 324f390faa5c41d350871ec1d5dfa406cd3b90c0417ff0a604a1d474e52cd44c |
| SHA512 | 616fbb5e86cf13053d907486c19f38f6bc38829209a411356d0e652a4873522eb6b751e1a3543b6aa1d00bd941e158070dc1bb0e8eb1ef649c99ef97663f14c0 |
/data/user/0/com.zipingfang.wzx/cache/tomb.zip
| MD5 | 4829f226beebb3070e793d1a143ce59b |
| SHA1 | 2f1037f88183cb7f28596f3c98a152c39989665c |
| SHA256 | 94a0b703f14c5185ec2f717c1aab400da052a1e73a700f5d3743ad13f83d8765 |
| SHA512 | fe832f0f5c32e21f42b46c0ff732b849c6e2cee6935ad60f43e7f191892ba6e64f0e034ae6734c4d5a7d60d4d6e9be7a8f917ca9fede0630b65bd294c533667b |