Analysis Overview
SHA256
d7fe6e93853f841d6782b75903204d66507a781d5f19ebe1735447bc056bb0d4
Threat Level: Shows suspicious behavior
The file 9888cc8aa1b49d30e608427d4d445e4f_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Queries information about running processes on the device
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-05 15:44
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-05 15:44
Reported
2024-06-05 15:47
Platform
android-x86-arm-20240603-en
Max time kernel
137s
Max time network
139s
Command Line
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.fanshu.info.xinfanioew
com.fanshu.info.xinfanioew:ESS_RM
com.fanshu.info.xinfanioew:ESS_RS
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | fb.umeng.com | udp |
| US | 1.1.1.1:53 | fanshuapp.com | udp |
| US | 107.148.16.236:80 | fanshuapp.com | tcp |
| US | 1.1.1.1:53 | www.fanshuapp.com | udp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
Files
/storage/emulated/0/Android/data/com.fanshu.info.xinfanioew/cache/cube-image/journal.tmp
| MD5 | 366e8ab79a6ef9add751ab61cc943362 |
| SHA1 | e1963629c1440fef95fe5fa9ee7707e3e7b6b732 |
| SHA256 | 2c421b01b77802ff02f990d5ce05b4a28b18290f4bc87c553803bb2fb8bb92a8 |
| SHA512 | b70246e253a9c3a99a5be449d7adacdd83d9385d7688d875b6d94818389a8c94a159e61c2aed9cd9864039691095b11572a8b073658e47d6e65224022bfebe26 |
/storage/emulated/0/Android/data/com.fanshu.info.xinfanioew/cache/extramaterial/frame_base.png
| MD5 | 1708aa5b8f265a4de86a37f615c667e2 |
| SHA1 | 5cfd822dd287a876fe3fe8b80b5ef0fad85d455f |
| SHA256 | 91914102b942e0892868197fbf5a2ecea83b385b4eab2ec0c18ca3ee44078b09 |
| SHA512 | 45bdb4390624a97a57fdac82ae9425d3f21bcf799f0637f317751dfdc7d73c80625e507add9a8628f369eee86f076b6a40121ba6382480a11576e540c8cee316 |
/data/data/com.fanshu.info.xinfanioew/files/umeng_it.cache
| MD5 | 4e604e4386edca23635f59393857a616 |
| SHA1 | 2a0e1e5a749360f224041fde624da568559a4f2d |
| SHA256 | 8dcf0276c6c24e792d3d7c77a30289a2b4433d6288574018b62fac62ff15ab2a |
| SHA512 | a1543356965a24f5e9e1430e5b65d87b3f16d2acf3fc05c324f88c46b572c73f861ec9d107155a3c5110917fdb1d1e796838d7c7c63fa98243a172e7ad603df1 |
/data/data/com.fanshu.info.xinfanioew/files/.umeng/exchangeIdentity.json
| MD5 | 87a8a6782d6dd09b3319c3eb0504b9c3 |
| SHA1 | ed5db09843ca052c8943793e573ce272bcfc7b59 |
| SHA256 | 884769e1492cfb386090dc6142370b2101a42f8dbac46a16ed11c3e677aa6def |
| SHA512 | c74bca3708d2b29cae48e2dd5cacfc49351657ee2f65f72325f6e760028d78bac4904c720d6d0330d25c8cd5f6817d9f2e4176b71fb587b889e04945d219dafb |
/data/data/com.fanshu.info.xinfanioew/files/.umeng/exchangeIdentity.json
| MD5 | 8c372f6890c15f660c96c87f74f17222 |
| SHA1 | 9fc87529f1b9a0f69435025e4d092e014ccb141f |
| SHA256 | a01dcec2c3168377f67b4e565e6d2e52a7cd7ef5b406784a166027ff043f4234 |
| SHA512 | 1de39d3e252cb20b979362b6267780c252dd739fd9b6da93b012b9cc9a5c74459099e3e762b4e243c48050e5e0ae237e84b1dadf909582a2324d9654c26ff148 |
/data/data/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-journal
| MD5 | 76bd0dbea8205a80c8be89f34fd98cb4 |
| SHA1 | 91b708c5f278bf9479f71b0d9891d3463e116b45 |
| SHA256 | 2fa942084b68eadaff5e327d8547d6e4729f62fe17ea23dc3e9a4d5db0dca8ca |
| SHA512 | b50248b805bb5d1e7aee88a8be201b18be44846fe4fc9bee640233ccd90e8297c1e8419a84258a011bff9ffcbbd41b414f7f4710e1e28b0bc77eb3253c2d3072 |
/data/data/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-wal
| MD5 | b92ae992976e6f3ce1d57977d64b6884 |
| SHA1 | 881c3468ddedaca2bbc0c1e391929b2622a9b778 |
| SHA256 | da308751f96f26e7f0b6d5a73d6f2f489fa4818a6a7ab93df3ac8015ec2fb6e9 |
| SHA512 | 2812075d033d4289d017cff80b80663f1c1662a7b30731777606045caa72b9b5fbc527ec3059d8b78d7ac5077e05dc09f959baa0fd965313fb9d9b4a1ebe395b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 28c423efd2e47772f8d532b5405f64d1 |
| SHA1 | b8cdb0a506e27d22da7412744a0fc61610f56da6 |
| SHA256 | 30bfea8380d305bcc562d6585ab1936f10c95e57991596f5b10d6e15608df541 |
| SHA512 | fc128aa022f4a16b71c5a36609d18595aba97c945a751ec5a03efbf7fe5deda82dbf01356d2944413505ff0c66ff92dc2a1695b001f4c1a383ba9319e3594930 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 0b3a1986785e8fd832d63a01d3c0f06c |
| SHA1 | 1d3e080cb3c43162f6455d2fba1ffddf644fae38 |
| SHA256 | 018de538577367fa058784f7cff2a93abe033e455a663c133490878ea66eb10d |
| SHA512 | b38d78a35caded6898587ab5062e65da69b8edd9095eab8757cfa173bff746b818e5344c5b8fffb1f91aae32c8d31d04f3b51c7b5dbe858b7335f02ac4832a6b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 77eb16c881d1ae79702073f569feabd2 |
| SHA1 | 8275897e3a84bfc1ddef521bbfc52efb3ee021f8 |
| SHA256 | cc333d0d5aaaf461088e68610dbf6589573925cbbda18c83b635f04bad1e31cc |
| SHA512 | a08d43d93e969194cff75868811699b7bffeb7d8644b281a4999667d9f5135557f158077617d24e222c7cd6517f6ce35db33b1d83f1da233f948b21e5dbf3493 |
/data/data/com.fanshu.info.xinfanioew/files/.um/um_cache_1717602346230.env
| MD5 | 2ed26b72bd0a423b82558a7dec879cc1 |
| SHA1 | 19c2667f2869c668abc177bec563b3068a8e7f45 |
| SHA256 | 80b7f7d205981654a1d22823e0f3f2c57c9a0ef4c793db7477b19896fe27f492 |
| SHA512 | c20590f0fa6ecb8aa4293c9620bc716b43d352a317751fbbc6073afc3b7823dc3e2c82a0b781c702d43d782df7eb57f9b5cb6cdef113b1c95f4e33bf4e3b6791 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-05 15:44
Reported
2024-06-05 15:47
Platform
android-33-x64-arm64-20240603-en
Max time kernel
137s
Max time network
170s
Command Line
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.fanshu.info.xinfanioew
com.fanshu.info.xinfanioew:ESS_RM
com.fanshu.info.xinfanioew:ESS_RS
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.4:443 | udp | |
| GB | 216.58.213.4:443 | udp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | fb.umeng.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | fanshuapp.com | udp |
| US | 107.148.16.236:80 | fanshuapp.com | tcp |
| US | 107.148.16.236:80 | fanshuapp.com | tcp |
| US | 1.1.1.1:53 | www.fanshuapp.com | udp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| US | 107.148.16.236:80 | www.fanshuapp.com | tcp |
| GB | 216.58.204.67:443 | tcp | |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| GB | 216.58.204.67:443 | tcp | |
| US | 172.64.41.3:443 | udp | |
| GB | 216.58.204.67:443 | udp | |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| GB | 216.58.213.4:443 | udp | |
| GB | 216.58.213.4:443 | tcp | |
| GB | 216.58.213.4:443 | tcp | |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
| GB | 142.250.179.228:443 | tcp |
Files
/storage/emulated/0/Android/data/com.fanshu.info.xinfanioew/cache/cube-image/journal.tmp (deleted)
| MD5 | 366e8ab79a6ef9add751ab61cc943362 |
| SHA1 | e1963629c1440fef95fe5fa9ee7707e3e7b6b732 |
| SHA256 | 2c421b01b77802ff02f990d5ce05b4a28b18290f4bc87c553803bb2fb8bb92a8 |
| SHA512 | b70246e253a9c3a99a5be449d7adacdd83d9385d7688d875b6d94818389a8c94a159e61c2aed9cd9864039691095b11572a8b073658e47d6e65224022bfebe26 |
/storage/emulated/0/Android/data/com.fanshu.info.xinfanioew/cache/extramaterial/frame_base.png
| MD5 | fbbdf893d5bc7b433e7e1f02b405aa4a |
| SHA1 | 0b56e3ecb76d12a300413dad747bdc38364cb024 |
| SHA256 | 07ed12889ea5dbcf3522858a94fafd8f13623252af2a20c1630aba52956fb824 |
| SHA512 | d8be38bf6da1c7b7e5c8e78db2c43b95167a6ec44ff13de2c14a4508bfea63b5495ca8f02fffe604c826edbcc4e2b0029dc4d7f9ed18ec973210d08295347033 |
/data/user/0/com.fanshu.info.xinfanioew/files/umeng_it.cache
| MD5 | d9cc3abde63578f9267df4e7fd0748bc |
| SHA1 | ebb74503728e2afa3f58fbbd7ae4d19371f5496d |
| SHA256 | c82baa326d055ff7d3edeaf7130cd06b41f257c902237672f3400028ba90ad72 |
| SHA512 | 72d41ddde3ed8668873168bbb8d7beac6b119fcb01b1b379eba8b48f5596db3c60ed6808f902bb9fc04d1078a84cd453019b3b016d2baac3ef8de954a5e2a934 |
/data/user/0/com.fanshu.info.xinfanioew/files/.umeng/exchangeIdentity.json
| MD5 | a5f86b9272e480d312fedbd33dabd0f3 |
| SHA1 | 499cc678228534d206a94bc417933121e3c2451b |
| SHA256 | 1750e9ac378c6fd0b5e821774ea66620e30cffbc469d53b15f01bdbeb173c629 |
| SHA512 | c9205d5594c3a213ef4164c711d3db37b75a84c178ef4f5e52283701ae6930a8668b82fb4bf17f99219dfe1c34900e6821e836938eed63f659c197524a35c6e8 |
/data/user/0/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-journal
| MD5 | c6cec9a3786701a5f893803d5133a6b9 |
| SHA1 | cafa00a989bf54ef88bb58da72f059a7610bf134 |
| SHA256 | 79d87952faf217f4b424e6495fd4b62ac7aed8b5acb5221c41ce86e9b72e2afc |
| SHA512 | bbae504becf54c9955239a388986ebbef4bceef83e83db42f283e380096d659c83b228ae0100fcc30351d5dc93d1b0ae1f5ffd95b876633c45e2a42f7f7f2726 |
/data/user/0/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db
| MD5 | d9b41a7a9910678760cc526a3a7d4a38 |
| SHA1 | 7c9c4e69c2dbf701cf7f83393e52e97066a4ffbf |
| SHA256 | 5ff0ffbbd6d3f7183082c6c8d575d1753ba6bf81196fc3b952108ed87b851c0e |
| SHA512 | 48a061dced72de8d3688ef320e54a08e993a8ce9321a06c466e46dfb551cd5ab665970a533433da750cb989b647e3b8fda45e9fdd0d85ed1857565135161dfdc |
/data/user/0/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-journal
| MD5 | c2414f0bf4f4ee2ea5365cb074cd11c3 |
| SHA1 | 6f2ab83b1d88c56b1b4fbf6ecaa05e293f0dfb98 |
| SHA256 | 1a1299fb4d4e0629ba543ab5e9aa2d13f628f0e9ddf6f2154197c8c018989269 |
| SHA512 | 6b57bed4155dcdd2ba1e9aeaf80fc156bc57781cb1e5be1366f46dbfacca0465a6f6fe25527d2c3a40a3734390854d13efaa0aac4611bd7b268b7c3601f67b36 |
/data/user/0/com.fanshu.info.xinfanioew/databases/UmengLocalNotificationStore.db-journal
| MD5 | 33fe8c3e25ff51c473f016bef8b660a0 |
| SHA1 | f35dda5cd5dcb06c20071f617f58c27b563b568b |
| SHA256 | 9413a3236afe35e28d88c10a240f55795f589bc015897b8f0005eee532051358 |
| SHA512 | 6b19da07fcdb7f097b57ecb8b207ad9aa4642b8d089f4033a7f0866157f43986570f5c578e42d6a749389f7c165d4c0079590dc1d3a4f184b77638a6215a1fba |
/data/user/0/com.fanshu.info.xinfanioew/files/.umeng/exchangeIdentity.json
| MD5 | be285c6d20c21c92e89c65901f155231 |
| SHA1 | 55811ec02b22185da0f672fe3d5519b10182170f |
| SHA256 | 88a10f4826565673dce4f150877fc981e02299c87e4a8e28070dd545d92fcc5e |
| SHA512 | 656741e6b4f8ab092d07b1261acbfd0fe74f4701dc703ef34782595c6630b7d7182cce64ad86dadd99cb48db57b23b18b0ccbf2c35c7ebfed28a9519fd2fdd7b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 91f33d80332c344b04e5e352d42b1845 |
| SHA1 | adf2efdf520304eb09f58036dc7bbf5460dd8d57 |
| SHA256 | 8bf2cf1b5cb905bc52cc743cecac33b0daa5e578338bf8878fe7c5cf343b74de |
| SHA512 | 8f050ff7214ff72805969ae07ca2218cd396a7c4b1449912e396b8300517fef60a4ee217845b107538cf3fee214e2b3d4fc2efacda728b994446b6c1447ace50 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 283c3587cf8000fad26fda92f4a5ebb7 |
| SHA1 | b97d5d7feef06c56fd83f6f26579b35cad3f4038 |
| SHA256 | a30be8133d41cb28ff69ddd473e84dabd3f5e94acdcfb0c1b414317249192e9e |
| SHA512 | 5a3b6b8380136a66cb52ec97dc16fbff1eb4dc9ba434735b161b91d0d1617f75bdb5acecf3dfea4a613653c11321ff03f8d424338974d715ed87880b8cef7afd |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 5b840323fc93b14df8b883995c632060 |
| SHA1 | 6d0c03d640dad9bd2c0a6d5c6521c4c91c04938a |
| SHA256 | 90eea6002a73c9b7c24eeba21e211a4318d09352d62a3067ce37cc4c9f857550 |
| SHA512 | 7e13b700910db7185665cd4cb35a4c78cc36e6d7d7463831fa8fa8d65e429d52b1219df23f3d3d810f5c99067846de31d01feed43e8922e43298b5cfc11e3a1f |
/data/user/0/com.fanshu.info.xinfanioew/files/config_using_extra_setting.ser
| MD5 | 872da7256d7874e985088f598c3fa822 |
| SHA1 | 52bd8d89c6bb8d1c824f3fc6160c67b6977cfb9e |
| SHA256 | 3a9211c61885aebfc97fc31f6803100945302c038939b5574e7f177e1a7bee29 |
| SHA512 | 1a30fd3b083c7ffb52298af055fa8512a15a3313c1d0a4f52d9be4e7afad6920f50bcf721217943f722066bd87c3e2db2c997ab97aaffadadfd8671a5b920793 |
/data/user/0/com.fanshu.info.xinfanioew/files/.um/um_cache_1717602348047.env
| MD5 | 8c9d0a6f36680b7cf5a0c19d6845d69b |
| SHA1 | 50d0d33f0c82b3ed50bd365a56830934440d19c7 |
| SHA256 | cac6dc90be9f8e8fcc7457e3a1458f4fa03f4de3a0b14c3ed2fb0f337fe03f67 |
| SHA512 | 6708be87ca6f9b89320c23c77b39e42ed2d2a12deb4842b42d638f34f652ef4f51cb7bfa9037a491026513b095ffd15fa5f6c95e7bd550774c37a65377ac27ad |