Malware Analysis Report

2025-01-19 05:01

Sample ID 240606-b378fseh79
Target 99bb2fd8bc509aef435544c506eb036e_JaffaCakes118
SHA256 d64f0e62f47f519b45c86f91228d800f780cc8c3b86ac1fc8b14f53290038d6b
Tags
banker collection discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

d64f0e62f47f519b45c86f91228d800f780cc8c3b86ac1fc8b14f53290038d6b

Threat Level: Likely malicious

The file 99bb2fd8bc509aef435544c506eb036e_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker collection discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks known Qemu files.

Queries information about the current nearby Wi-Fi networks

Queries information about running processes on the device

Queries account information for other applications stored on the device

Loads dropped Dex/Jar

Requests cell location

Queries information about active data network

Queries information about the current Wi-Fi connection

Makes use of the framework's foreground persistence service

Declares services with permission to bind to the system

Requests dangerous framework permissions

Reads information about phone network operator.

Acquires the wake lock

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 01:41

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A
Required by VPN services to bind with the system. Allows apps to provision VPN services. android.permission.BIND_VPN_SERVICE N/A N/A
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards). android.permission.BIND_INPUT_METHOD N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an application to read the user's calendar data. android.permission.READ_CALENDAR N/A N/A
Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:51

Platform

android-x86-arm-20240603-en

Max time kernel

173s

Max time network

185s

Command Line

com.qihoo.appstore

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.qihoo.appstore/files/sllak/opt/4240/finalcore.jar N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries account information for other applications stored on the device

collection
Description Indicator Process Target
Framework service call android.accounts.IAccountManager.getAccountsAsUser N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.qihoo.appstore

com.qihoo.daemon

/system/bin/sh

com.qihoo.appstore:critical

app_process32 / com.qihoo.appstore.rootcommand.persistent.CoreDaemon --nice-name=com.qihoo.appstore_CoreDaemon --daemon

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/sh /system/bin/pm list packages

cmd package list packages

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 show-m.mediav.com udp
US 1.1.1.1:53 openbox.mobilem.360.cn udp
US 1.1.1.1:53 sdk.look.360.cn udp
CN 180.163.247.134:443 show-m.mediav.com tcp
HK 101.198.192.67:80 sdk.look.360.cn tcp
HK 101.198.192.67:80 sdk.look.360.cn tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
US 1.1.1.1:53 sdk.mediav.com udp
US 1.1.1.1:53 m.irs01.com udp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
US 1.1.1.1:53 p.s.360.cn udp
DE 47.254.149.104:80 p.s.360.cn tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:80 www.google.com tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 s.360.cn udp
CN 180.163.251.231:80 s.360.cn tcp
US 1.1.1.1:53 api.kuaidi.360.cn udp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
US 1.1.1.1:53 sdk.s.360.cn udp
US 1.1.1.1:53 update.api.sj.360.cn udp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
US 104.192.110.245:80 sdk.s.360.cn tcp
DE 47.254.149.104:80 p.s.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 125.88.193.234:80 tcp
DE 47.254.149.104:80 p.s.360.cn tcp
US 1.1.1.1:53 recommend.api.sj.360.cn udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
US 1.1.1.1:53 profile.sj.360.cn udp
DE 47.254.149.104:80 p.s.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 125.88.193.234:80 tcp
GB 216.58.201.100:80 www.google.com tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
GB 216.58.201.110:443 tcp
GB 142.250.187.194:443 tcp
CN 221.130.199.88:7 tcp
US 1.1.1.1:53 track.mediav.com udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:7 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 125.88.193.234:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 123.125.82.206:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 218.30.118.222:80 tcp
CN 218.30.118.222:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
US 1.1.1.1:53 md.openapi.360.cn udp
US 104.192.110.235:80 md.openapi.360.cn tcp
CN 125.88.193.234:80 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 101.198.2.147:80 s.360.cn tcp
CN 221.130.199.88:80 221.130.199.88 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp

Files

/data/data/com.qihoo.appstore/databases/filelist.db-journal

MD5 ff29f56e793a3ceccef7038f006cb3b8
SHA1 d47a50aba9bbe6ee3009aebd309b9af91e1f02e2
SHA256 ff6ffad1e4c85d80e0049ccd4d237676a3843356f071545606f6e0c906635602
SHA512 d86943fc854318ea5b73a64ec6f4cc9d8f990d269c3b65d30fc0ebe70b4ec489c788a0976734ec5067a558b6a30d1a34a0ffbd76a4435fc6906b73cbd105fd1e

/data/data/com.qihoo.appstore/files/sllak/opt/4240/finalcore.jar

MD5 c14c8a2f5d3a7c47eb2ca8c1b6e69adb
SHA1 4e57b3c0f34427aba8a5be40c2e9b627172a89c8
SHA256 7d7ada76ea057847b5c47ed0f16a6d0e52cdbebbbdb08c1a9519acf70a1a4107
SHA512 2be420b849c0fa84d3c594ab6bc85255eb54915e05aac5fd3d711e8dc93f484c5a2add2c662a858d4c2ce316a716c9e930122e9cb1047be7482c495242d766e4

/data/data/com.qihoo.appstore/databases/filelist.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.qihoo.appstore/files/sllak/opt/4240/finalcore.jar.tmp

MD5 e31f1d8351eeaa41d4ee88d8b98ce192
SHA1 a146b797588b83804300a40d6080c020aaa3d7a9
SHA256 0010187dc1d26e9fcb47363f8c65f5d6c95dd8cad0dd51254709641b2999cc64
SHA512 cf00b28a1067aaa9b52e19b5b9e6530e018da404566c7343fb0df12de42e86af5f76567e6ca0d8f2c7d8c7abe02dfed78749850f59519b3deb7c6d16e408b311

/data/user/0/com.qihoo.appstore/files/sllak/opt/4240/finalcore.jar

MD5 b667ca71e42bbeb899566c8834ed085e
SHA1 053a3f889e326efdfa0d3ae7e5b2655f0b7376d2
SHA256 536678202267f95d80480f15065e784d7ec609922a0963d935e9c5a4b0f62bef
SHA512 52255d3d7066d01bd47a9da788f86c707af14e7666a918737fa5ffb4bb003e97b28dd84a7cead3439ee39e10b568c97e80174a80bf776c7dd58335b06656f8f2

/data/data/com.qihoo.appstore/databases/filelist.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.qihoo.appstore/databases/filelist.db-wal

MD5 d8ccd8f18af100535120da33fea29fb6
SHA1 f7e33d7ce6d9e91d368d5dad43c3d62a2dc3ee6a
SHA256 b030ff64d84417fbfb4091021f960faf7d1f27e1da51a65574b6b74e92ecb634
SHA512 18edad5fda0943150885e9fa8ed1a1c567d4ef7491e024a8995cf8571d280a49e6112ee96534defff1e191c4d8e2aa779c1ddd37cac3c27e457fa6017943e154

/storage/emulated/0/.sfp/.sfp

MD5 0653482899a7f069cb31a95bb50bd2d3
SHA1 dbd4a45c26ca3cab9b6004c83b2c6f55d3e9394b
SHA256 42c3fa7002928a29eb16ca98d0745a54c6e61e77f70617f88e8f0aff1e76276c
SHA512 3705eb7439a7ba28c84321dac40cc0d48b70b437e1ddc7b04316513256bc2c0483fff5d40c8b1a987bd7d9174e8e8ed29a1c48f347f3b901beac84dbdbcee4a5

/data/data/com.qihoo.appstore/databases/download5.db-journal

MD5 ae37ff33f5ba77d10981257572f1c0a4
SHA1 ef66dff7c81ecba93317173d7b73e84b3c388775
SHA256 72e21ae819d0fb3e46aba0bad3bf83f6fdc8d0f335269bd317973f81128b23fb
SHA512 ceb76ea75f046c782458da678bc9dcb8a83e196b216d93cacea489003f992691c4b0c3cd6e2c6d49a197b9850887f26c1517b43fea581e1c223fa094d9dbdf7e

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 926def950b3fd5404372d09901f8bfce
SHA1 b01a4257a54bc87cea973703edf6106429d1e191
SHA256 29154d17fcdc2ee8e21e4d40fa7a378a59b9e3f7d8e4f1060a0ce191b857b80b
SHA512 820e3d168a222858667bbf75838cf041f70e34a15002d80c08409849b41b71e744f314432af317b3c58a06dee6afa89d30280031e2595d3850924346c57d1a99

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 3fe30614d7e0d11db870b4624f6c50e0
SHA1 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA256 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512 c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 97c4f7c0879a08f6e9844935106b54b7
SHA1 43651cb5015e3e41df132b6b623c8fc69cd8c144
SHA256 9fa8daec9c565715119d199634ec7be3b29d0f21e1090f92293c6e22420aeca7
SHA512 d687acde107b25e06700daf2f61578b2c56119585ceb7e90daedccab3b36794594d8fcf08712e89eaf876731f488594e148fc35f25bb16185f2fd10a93913d1d

/data/data/com.qihoo.appstore/databases/download5.db-wal

MD5 6e488a9f037664f27d8666446f364980
SHA1 4e90f2e34f2ffd66980fac46e7b290ea72a258c7
SHA256 08dcb5f2ddfeeaca71d9c98a64e16ba72ea8da4351c712fa454e129187855973
SHA512 b485ed2ddf4fd142483e7993c96e9f4482cbddba15a00727dddd6dd4dcc8b99e2b038ecaa69fce38d1a5c9e3ee35fb7a712791003a88522ca0ceb63900f08e0f

/data/data/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 4b8ee49e3f18ef651e8602798d7cc743
SHA1 60ca3fcdbf5a84150f6170030e7dad3342c825b8
SHA256 e0ef86b7c335aa529cdb40b5066b45a836d0de05b26280294f796055b1cd5e17
SHA512 88a6d32ea6137ca41f0ee66b72f8ca3676cdd63a15722d5826b024b0c2fdd770b309466faa7d9ba28d201a35442e181117790389ca9b0191c7d4bb20d93b39d8

/data/data/com.qihoo.appstore/databases/new_downloads.db-wal

MD5 7434143878f9a85db651e1e502c4b135
SHA1 4bb77704490c449c70976676ef173d4b903dd49d
SHA256 4742d2d77b16dcd0a71ff9162803cc071675cfab7b0d6cd4ea7de371ba54199e
SHA512 577efa498a9d8c9f20295fbd60b297da1e280dd14562bef0f0c19526a3ad70e36c0231a40bbc9293ce3fea943d2effba970ecd5ed64f647e42dc441ca54f2ada

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 e5d781c8378aac6ec3357b98f9493ee2
SHA1 cbe0f5d30d3b7001cb3f6a8b21c9f7eefa08451d
SHA256 860514869a6d1fab4df1f54da8a0dd5fc1ef257f968fe25911fc179f0ec756ea
SHA512 c1cfd6fc3c2f0ca03b63d57ab98dccae1ff7a69d3306f41f6a354c01594ed214a96c66ac06f9811682dc353cbd8689861f7286fd98be5c3790f5cf3af21a7a0e

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 60e4cf217e77c56efd3707b603797c5b
SHA1 816247b4883d3adb30c4db39fda16d2288e27de0
SHA256 8e2b8343f703045fb8596dee1888f65fc66b64d10304a4a49fd4ad1f63bd67ea
SHA512 22a8cd2974663e8caa220177e7bc64aaf35735dc8abc3870a7e47ea86b02d8b06b041000e5505039b3116290aee67e9645ad2d9c26218749f5b5b2e332712af2

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 389b03bd831907bad3d5ddf397a34abb
SHA1 634fcdd74115673b9bf6d5057fbcea803490d207
SHA256 faa1b284a74f4887478caed14195b1946a8f62d533deb634382340444c2670db
SHA512 2c14b6963e24f614bef9bc6b1f8520d2e66d83de49ce19a07ad8e2b7f4c0a7b2feecf1688c8bf5d277efc136d1918534026d5196c9010233795059bd96f85f08

/data/data/com.qihoo.appstore/databases/_ire-journal

MD5 1401bad6050191ff90664c090b6298e9
SHA1 19ce901cc075c593c851abbf45b42c1622a0a075
SHA256 b69085af51eaab4c8b8e7cb8e2c28afc4da46ed62551cbc86fad3bd810f1b9d3
SHA512 6c37c40d972379a6578b4855be3c00e90a01abf56efe0c8e8a99d8f3aaa78bc145c18b03e8522d074b8031c570160103e01cd621e4e54325266c6c9ee4bd24b7

/data/data/com.qihoo.appstore/databases/_ire-wal

MD5 16e859cbfef708cd0e634e792ff2c0b3
SHA1 c75e6b81e3e53db2d113cbd6816ce6c03ecf07b6
SHA256 e450bf9fa0281a6e5aa9c04a81c172bb0f10160020cc55671aa6af530efd21db
SHA512 b03fe7feab78f9916afab92d6c59a8ac0159f56b6b5d16ac05e39b230f1a767d7cbd7a6899d653d160ddd0b84fec96fc0ea05897add7233a221e34d1d4abbe68

/data/data/com.qihoo.appstore/databases/update_history.db-journal

MD5 421a825ffd04da01b02708127cb5f38b
SHA1 11d93cda0363df8d49b677d09127656aa97578e1
SHA256 cdd43a66bc0514f7b22633d626cb8adf9d72cf45dc590bad889278ed7e78abc5
SHA512 cdf34298071e0896708fcae10ca755c62b1a183c155eb2befeebe0615bf9254af561385e02d7f61c0fb3e913d80b0bd148525a7faa0e06c517876b8255f3e7d3

/data/data/com.qihoo.appstore/databases/update_history.db

MD5 e0ddc29dccfd6312689ea105cf0434a8
SHA1 59191210f5a80bc047f8155ea92544f4095c38c5
SHA256 3079b5c02af6b7ddced940086bf7095b1205bf0f396b87da0d5c5f6d8b5b6143
SHA512 d5ec8a2bd21928c07ada4ab4df8e72b6905872533d01afe4eb243ef06674e630a9834a03dc5fc2f8d487c3cee8aa3b3117e73379ae64e6f4dcf3f8dd0145fdb5

/data/data/com.qihoo.appstore/databases/update_history.db-wal

MD5 d249d7bb6c603e3fc73fdf71e264b36d
SHA1 dbf872e26efdf0db1ab9e3c242b43b3ca319e5b2
SHA256 72cdaa9fa5a60a03b9a1b765964cd161bc5c1bd34fff3a0f5b7ece370ac7b5e8
SHA512 6e84d022719e5880058fadecdbf36d90e8af25efcc0c024551e90dbc2774b5ffba7cf90e5a500f41345423a6edcb152ec522a2fef31d46822fca9c649197ffe3

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 a64c5e779806e6d47e7b2d08ad2db0a2
SHA1 4eef92884da762faaae556fec5f93c7a2046ac5b
SHA256 514adba9acfd84aff755791b1b2ac16d5a07fbf3d79cf7c25240cbac12950bd9
SHA512 8182cde090bd262040a643c3dd1c2e987c090d28e06503893536a88c974c985070aa7049f32f0e9b655881c506dbee9d0adf3b981b48747044d2872c3e5093aa

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 f9ea87ee64de7f006a04e4688f671cba
SHA1 7486d57286c8b4ec8d617f07558d736ba6138765
SHA256 ae1868104634638f9e368d6b1c63df0f241bf0a275bafaa9fb250e1be6328b95
SHA512 7e3782cc337fe1a4cbacdfa763a6086a9614e5e2a08df96694d0fb342d368e94170874890f54672a757196e07e4a469194faefc861e83bd2e569ff2607b4a5d0

/data/data/com.qihoo.appstore/files/360/sdk/persistence/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 c81e728d9d4c2f636f067f89cc14862c
SHA1 da4b9237bacccdf19c0760cab7aec4a8359010b0
SHA256 d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
SHA512 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

/data/data/com.qihoo.appstore/localApkInfo.json

MD5 62770e634821208693fc9db6facfb90d
SHA1 43c03c22a69693f3688f642b28d0dc00e404e8e5
SHA256 380088b78888f0d75877efc5d5ae724777fa2f80d968de9ca5407a5ff3ce24c0
SHA512 cf70be1f65ec459829ac593e9eed3d96d44c2a282431b10c3cb9a1634d589cc6a7a7517b11c8a70e9c5f15f86c7878707e239e1a1d92014523327a03f95a5a47

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 2b706e101e975605ee1ad76b968386c9
SHA1 ceaf8e58c7a74817035dc2520a3e3c14728a2131
SHA256 d0670c608dca9bc8228faec9fb52e06f4b38d90511622b17f3d66f05cf77e88a
SHA512 d44187e5577ee89722469a1b2031c02812e489a5d10e66467fe8b0b7ae4dbc858e49cb4b718a9d67744fe19b8da6ab268c365a58100a46441bae9fee3ad81b25

/data/data/com.qihoo.appstore/files/360/sdk/persistence/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 eccbc87e4b5ce2fe28308fd9f2a7baf3
SHA1 77de68daecd823babbb58edb1c8e14d7106e83bb
SHA256 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
SHA512 3bafbf08882a2d10133093a1b8433f50563b93c14acd05b79028eb1d12799027241450980651994501423a66c276ae26c43b739bc65c4e16b10c3af6c202aebb

/data/data/com.qihoo.appstore/databases/account.db-journal

MD5 3c99daccff73f88c03ebafa30a5b042e
SHA1 0b41a6567aaabc2ee340f375ba89ef8b101c9033
SHA256 b50300cba9e234592e70faa1eada4cc9cd2fa6c96b8f3d6ccfb01f88e7409928
SHA512 6370106868768e9dc4ca736987de98f6c7ec47e4c4bb76556ee31a84da0fb8ba0f75d5d329e1f0693e0e5638f5d3094e64074c2c33c23d55d7c59ec315c5d7da

/data/data/com.qihoo.appstore/databases/account.db

MD5 924e8d876830616bfc401ee5a5e64225
SHA1 1caaa4b15e0e9bdb7bb540c37f5518ceadf80214
SHA256 6a912b040955c84b13cd3b7224673d8cf96746689840d2b3bbe6d5dbdb8c63b9
SHA512 974f9e4d4bd724308a2a066bb8ccdd8355c69c327dc034f8a742d0cdb012e5f4d8544aae43ad8a2ede8e3d41c942262de3dd1c13399677447882fb394b168c1a

/data/data/com.qihoo.appstore/databases/account.db-wal

MD5 a62f3cff5cfed9a25358f0da37d063b6
SHA1 3b3354687e67f367d3994f30affbefd0f1aa5d3c
SHA256 2759a962c24c8d07d3dcfafd295affdc04183fadfc03e687a40a3e45c815f6ee
SHA512 342245f312a66360c0c3a7a8a109e53b9ef3a0c89c8c6e45e46013935f6eb1d8d9561fc0358c9cc04c0b61fc0a653758057a33ca8149baa1f1acc9f129759ff8

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 315feed4ad757b26cf4c9880560dd679
SHA1 299a806e20344890802215bec60cd3f63213de5c
SHA256 8adef7ee7ab286042fcb8f60f5596d57f1c59616b8cb72aa11d6edc9b025fb65
SHA512 9544c57eadedafb88729a4d65e1495a98cc4a1a4fb3b8baccd289e9e2a353c40aec5b3b1e0563bb3a60af10ff7035ead0081c5ff9e8c0bea95308ffed0348903

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 826456c1f88d2a7980f2c933f8dd4347
SHA1 6df71c91496f1998a5efa332bea8a93483cd5a37
SHA256 12b28848776471522088329e986b97d8a72b9393ad280608fdd4914869459c38
SHA512 d3633ca972f6a6baf7fd1762678fae09d5c67d10e48582b9b31353c54ed3a183c6e94360ddf56e5cb21d36bc58a50cd7f9b5c046442f6483408f1186bac34cfe

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 2304dd698be3705c85ca097304ce7de2
SHA1 325882522ae26bc42927f6e46c489b93799aaab1
SHA256 740e5bd0953670bcc14c80bc032c828420f9460dd3ae0f165774c5ec71584e3a
SHA512 eaab8bda28fd30544fb9d413695cbfe42d3f2f184a77e6c73ec5fbad3621127a01b27f1a5675439a5314d2640ebbdf118f58bc90ae864a2923055ef9f10a31bf

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-wal

MD5 032e7bf36ad8d86596cc7aac6a73e8f9
SHA1 72261247eccb3468ddd3f15b6cde90b76da16f18
SHA256 5d16b80308d8927c762b8767cc511c5b4c9fcabbccbfb4b5676c737fb1eabfc1
SHA512 1c54a9bba721177c30c7f5d49668b272d5175df08fafc72c2dbe2dd55fd41dda81a191d052464b6154a66f66129ea53bdd3a1045b73ace593779609456cfdfe1

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-wal

MD5 fe41167dee2faee391ef54315657dd7d
SHA1 e616066e1fb7bb3623f6858b099ee5fad159ea54
SHA256 bbedc23ced112b0595a3a02043cad965f94292b1487e4c77a5099b4f144c7b34
SHA512 d8d8ffdbf11617d124d8a72aa77d35ac70b071de97137fc4f7ea4ca1089b9a7d067dc9c744450e021f2214d7051395375078b01eb1a33462da800bef71817cec

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 04183d28d08d24a5b03704e8a44f1e0e
SHA1 3710a7d4f4a50e9a8a14d1cd312291d99fadf7ff
SHA256 cbcd94a175e1689d50dc1d42f20d9238dc71ff218539f8eab55da964e5190695
SHA512 817f91475b63f1e8feb1a11cf55f0409b6728bfe8db1b6fc6db63a7dbb091a144c607b2f339993d79b0a7ab338d02c9612af63296624a1ba1f6de03b96fc245d

/data/data/com.qihoo.appstore/files/sllak/opt/4240/oat/finalcore.jar.cur.prof

MD5 e4ba2658c8047570b8507bfff38deb38
SHA1 685020dd79c548af8c9be057c1f247986ade24ee
SHA256 cca74ccc54d06daaf97fee6132f2f07e517084d70ce3dc03e55649168ff83750
SHA512 fe072e901cfe3e6c364c26eae429ee8eea681990075cde662a71d27f3f2198b5f185b0aed287b56c185bad37da9d2da003ace7e9c3d24cbeef26136ebf7ca5a1

/data/data/com.qihoo.appstore/files/sllak/logcache/log1717638500817

MD5 cda3d6b5f76e47aa7b10c672578fc62a
SHA1 4f4b12bec1d917e099dea9044e218a9356122776
SHA256 ed7ec2195dda4042d695d7255cfe28a605dce0e1e45f76945c68fa670a6a9716
SHA512 8f4e025fe4af7e12c066ce58d176c2714e98a390d29eef78b8af77b1c70555401c3b945914732720381954efcb3417ddc6569594ac8344a96c71a20c2ce86633

/data/data/com.qihoo.appstore/files/sllak/logcache/log1717638501110

MD5 b8d25af9bdcea3f0afba7485ec8b190c
SHA1 484730c6a5f05639da4a89aadbafdfb11dd210f5
SHA256 8fe8431d060479611bbfdaf769390174de2874405a52974b988340d6a2b956b2
SHA512 ff0bb8ac4ecdd9c616a55411ce359ce94e471f0c2548ed346150fe4a9a1ec5c53e4723d24d39460f8d218f3413c2b427067813a696d99f9cfb68049f9c3cb3ce

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 2f3c5741417f9f7ca5548cf4b3a87e27
SHA1 12b648e16242fad06e15e4b1c253c6a026274824
SHA256 e8cada8d99538cbb04fba5969e085d77f54b2c11c689646c528f574e010ed9b2
SHA512 fc68c35537f5bbffd5a3cb2a5361a3ee6c832e9c129d4922b32df2087a1387faf6f818f73bf33bcc0d31cb093e09c993c4a5b5ec335f2e651a2af02783fe4354

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 b9f55c15910e4bba99e050f1d8c14a2c
SHA1 7060e189f7cb9c25b8584b80df6851ca1037c6c8
SHA256 af68e876e362b6f408e278fc59115cd62b07419056b591fe6e91b2daa53ddf9b
SHA512 5dbae89d514545b3e49118b97b3dc675ac2c134c5cf0476815d413b7c906709a39b7418d0c14900634fa494d743bc0ca64e212f4dd0ad9cd77770bc20b423384

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:51

Platform

android-x86-arm-20240603-en

Max time network

135s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x64-arm64-20240603-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:51

Platform

android-x64-20240603-en

Max time network

185s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
GB 142.250.179.238:443 tcp
GB 142.250.200.34:443 tcp
GB 142.250.179.228:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 1.1.1.1:53 g.tenor.com udp
GB 216.58.212.234:443 g.tenor.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 142.250.200.10:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 1.1.1.1:53 mdh-pa.googleapis.com udp
GB 142.250.187.234:443 mdh-pa.googleapis.com tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.167.84:443 accounts.google.com tcp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:51

Platform

android-x64-arm64-20240603-en

Max time network

193s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.180.4:443 tcp
GB 172.217.169.78:443 tcp
BE 66.102.1.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x86-arm-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x64-20240603-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:51

Platform

android-x64-arm64-20240603-en

Max time kernel

127s

Max time network

184s

Command Line

com.qihoo.appstore

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.qihoo.appstore/files/sllak/opt/4569/finalcore.jar N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries account information for other applications stored on the device

collection
Description Indicator Process Target
Framework service call android.accounts.IAccountManager.getAccountsAsUser N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.qihoo.appstore

com.qihoo.daemon

com.qihoo.appstore:critical

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
GB 142.250.178.10:443 tcp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 sdk.look.360.cn udp
US 1.1.1.1:53 show-m.mediav.com udp
HK 101.198.192.67:80 sdk.look.360.cn tcp
HK 101.198.192.67:80 sdk.look.360.cn tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 openbox.mobilem.360.cn udp
CN 180.163.247.134:443 show-m.mediav.com tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
US 1.1.1.1:53 m.irs01.com udp
US 1.1.1.1:53 p.s.360.cn udp
US 1.1.1.1:53 www.google.com udp
CN 180.163.251.224:80 p.s.360.cn tcp
GB 216.58.212.196:80 www.google.com tcp
US 1.1.1.1:53 sdk.mediav.com udp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
US 1.1.1.1:53 s.360.cn udp
CN 101.198.2.147:80 s.360.cn tcp
US 1.1.1.1:53 api.kuaidi.360.cn udp
CN 180.163.251.224:80 p.s.360.cn tcp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
US 1.1.1.1:53 sdk.s.360.cn udp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
US 104.192.108.192:80 sdk.s.360.cn tcp
US 1.1.1.1:53 update.api.sj.360.cn udp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 180.163.251.224:80 p.s.360.cn tcp
US 1.1.1.1:53 recommend.api.sj.360.cn udp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
GB 216.58.212.196:80 www.google.com tcp
CN 123.125.82.206:80 tcp
CN 218.30.118.222:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.249.138:80 p.s.360.cn tcp
GB 216.58.212.196:443 www.google.com tcp
US 1.1.1.1:53 track.mediav.com udp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 218.30.118.222:80 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
GB 216.58.212.196:443 www.google.com tcp
GB 216.58.212.196:443 www.google.com tcp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
CN 125.88.193.234:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.247.134:443 track.mediav.com tcp
US 1.1.1.1:53 profile.sj.360.cn udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 218.30.118.222:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 125.88.193.234:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
GB 216.58.212.196:443 www.google.com tcp
US 1.1.1.1:53 md.openapi.360.cn udp
US 104.192.110.235:80 md.openapi.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:80 tcp
CN 171.8.167.89:80 s.360.cn tcp
CN 171.8.167.69:80 p.s.360.cn tcp

Files

/data/user/0/com.qihoo.appstore/files/sllak/opt/4569/finalcore.jar

MD5 15e9ecd4297aa34adbceef92f96189bc
SHA1 9988719dccafc8a55ca68ccb8ceb6ba83599e94f
SHA256 ebfe2efdd2667dd6cf9547959844b4e1843ed07eab8283b556ca07b605de75bb
SHA512 d873262b98c99d5d905786bad0c51b2da7defd9a511a56fb2329ca1fb017243c0fc9361c02487218dc1df911e894f32d9921d89bc91025dc0e15a2aa74777fa1

/data/user/0/com.qihoo.appstore/files/sllak/opt/4569/finalcore.jar.tmp

MD5 94e5d30660bdeb4ea8727f3914d30d1a
SHA1 1380ca467d098b41607e83dece4b92710c632c02
SHA256 5f37106fab4f07b26d488fcc7d88eafa82902305d4b667d689f70463b596706c
SHA512 a5c13c16be5dd4d4454a7f64760d117c221afdd05074adc3d4a395caffe268abb60f36af25529ed915687911fbd52adece253a7e4ffa26790de3c276350c7cb4

/data/user/0/com.qihoo.appstore/databases/filelist.db-journal

MD5 8f1cf8e7d4a53f6761724d0e217a8634
SHA1 2702a86beb116f8bcf69f4e007f3dda933b2de77
SHA256 a34a748ca19c0e7e0f41434c98963a0cc4e4a73b978ccbc3404a13c99e403930
SHA512 4fb02afea334bd487c7aa8fc22beb92057ebdfa959232051fb0e76ff038f0f3ea90168077dcf99260bb92f66e109f703768ec33127d6184298a9059de2b53e33

/data/user/0/com.qihoo.appstore/files/sllak/opt/4569/finalcore.jar

MD5 b667ca71e42bbeb899566c8834ed085e
SHA1 053a3f889e326efdfa0d3ae7e5b2655f0b7376d2
SHA256 536678202267f95d80480f15065e784d7ec609922a0963d935e9c5a4b0f62bef
SHA512 52255d3d7066d01bd47a9da788f86c707af14e7666a918737fa5ffb4bb003e97b28dd84a7cead3439ee39e10b568c97e80174a80bf776c7dd58335b06656f8f2

/data/user/0/com.qihoo.appstore/databases/filelist.db

MD5 60bc6c2badd85474a357f9ba27704afa
SHA1 38a012950405a78659c10f386892d81cc8742265
SHA256 2be19a6dcf3cc68fcf46bd3d151a1afc013eda100fa2f399017be19d79c314f4
SHA512 7ec6ae92b4d817f7590fccf1e3945aa99b74dacaa6c377e8c46d4c8ee21b5fa33ee97861328004fa5d4223fc5b1e606889934cf6503922693239d7ce077a8d05

/data/user/0/com.qihoo.appstore/databases/filelist.db-journal

MD5 56bc899e2e091bf3db95e6b4d8224b42
SHA1 c211f5732aae808a11799f174636b56b8248611c
SHA256 e0048fadac7c45182637e2fb781f25103095d759641f61a1af3edf635a021b76
SHA512 f2494c9a25fa6d5aec545207e5fe6023640813f3d7f469acde47ee555543c9a05db95f7a614ed003e7b963cad6721f4d339e28a2fcddc87bb23dda5ddbe5d4da

/data/user/0/com.qihoo.appstore/databases/filelist.db-journal

MD5 06205573a1d385739b07e2936112d45b
SHA1 7933bbd044a2c40f8f05d5121b3fcc9c0a5a88ff
SHA256 2756f331a16015091948afe89a7d41fef1ef3a78d1503769d76fa94b811c67ff
SHA512 8dbd8c256acbe05f8eeeabcc937909c446c729b85ab7d7a94fc7adf306c536c73206ee52a5d60d67efd9d22e923e4a154bbff053574dcc2b47bb4f94001d8ec3

/storage/emulated/0/.sfp/.sfp

MD5 7d92dbe5f00e2532cc87b72672949f08
SHA1 0dbaa07f5cef31042f1704bb5eb34dc7406c9a3f
SHA256 925a7a06cacd5c39c2f028e3f642a46b62719e194b67c66bba4e27fe7deabb4b
SHA512 84b51be3fb0e85e020663a68ccfd801e7fb27d87346dff1cf50976eefda8d7541c1f232e53a971ae1a764d046db64df0504bf3e83abda74f8e5edd2796a060f9

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 2acf3fd5bf991e214de523d905a24350
SHA1 bdc629c1f7a4d5f84c5e138bc70fb0fc9c5fd2c4
SHA256 5e5ebcf329c05ce8e620079df403af7f74bf0fda7c096a10f6426efbe936bba6
SHA512 483fad6ed3bb5ea0db2800ac48c1ff323589912d7d3bbf244b7a1c3ae6ca0a48fec7a643dd1071b2700743d352089a7e9beb31930b57a4a59661b8be80873402

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/com.qihoo.appstore/databases/download5.db-journal

MD5 f22ebbb15ee3e48158cbe5f66dab0df8
SHA1 cb2a7270e54bfe35febc106568800398e4875e74
SHA256 ba220e263ac9545ae02e39bb0a5a998162bb71b623bd88f75cc5c5e5d3513b7f
SHA512 9546d4c1cc61ab40a77b61f02b7c178cab4717a6db0c93110cbc8db4f7990a4f5d971774f807c1a0571bfb49e301d80388e376e743f5cc2a6e0d9f48a7300886

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 6aee7a26b33e5b41d627ac2750a93e8e
SHA1 34b1950b6d52a4150184d8a164dc7082c30417d3
SHA256 5ba42c3436be18739d1a2390883a760cf46627c4486c2caec636f5b2e0d0d1bf
SHA512 1c2877ac8753bc73c8963da2aedf2c723c18008e962d43eb539de3f4d390e67c964f05cb320b4850670dc014799d06d6bb3164a473bee75e6ff1e1c36dde9027

/data/user/0/com.qihoo.appstore/databases/download5.db

MD5 abc7b5005b98dc5bb218a59ee98bb99f
SHA1 d08cc7cb870cf653cdbba7797fc25e9efbc9de58
SHA256 4fa428f67556731442b5e5de1783b0be4a56d178f52da67db539866892ca00d8
SHA512 f0e4c4e12db33b486f97a5c774db1ec4766700bb62cda67fead56504f95c88c96a8c6b3391d1f1304a4b9ce5aaa7588efdd8333e3f29cdab2f3ada0615d60e4b

/data/user/0/com.qihoo.appstore/databases/download5.db-journal

MD5 96621d60ffe0afdb0064d4579184ac69
SHA1 ab3128b6de1d31c37c815c848c58f8ad0d12b18c
SHA256 caed4642c49a6cd67caae10568acd8d895d50a4101a23469343e52ee5598fa42
SHA512 77c6f19612fbd87ba454eda636a9f58f5f0df67a7d05f84a085c2b73261f011923829038d8b4267be33d042847d22fa03ca177d19f2c78738332aa7b0b108b09

/data/user/0/com.qihoo.appstore/databases/download5.db-journal

MD5 17112efd7f5ae5b0b0490953ebed09c4
SHA1 c4ce5954d867b9e7d601b37465c0201013d82bc2
SHA256 b1e4c6422c11e5373572f106275d1fa7c8a036842f5c91d1cefcab2b6ab5489c
SHA512 1ed651b656fa12dc5cf9141f4cf22a93897d73e13476311cedc501bc2c011cc4b4a463276e8ddd5e92199b8a3d2045f9756c474ef365b0ac502a2535941339fb

/data/user/0/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 00dddec6d417b6d1e98f959a9e310602
SHA1 d7b7a37e919c91adfd9705650681d70df145e914
SHA256 f5a4e5b8f2d8836a7fcd83350f0f971a8cfc1ff475f93507f90c285483395f9d
SHA512 3e2ce9c0ebc472103be81eeedaf2ce5cd49869e80c164e243b3002adf9330759b649ec070985e16628533f15be0b3fc707fc744f12e0a61ff4a513583b9bd6eb

/data/user/0/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 7d36305e65447fe54c383a6aec58adc8
SHA1 5857d8ab295f4376167b5494095433ac0ae2ae4b
SHA256 c5beadbaefd6c5c685e8ab187f709d1914194b50b2dc3a507c0a34be8c5ad5ee
SHA512 d7bcf4145309ebaec7e195cceb534954f9cc368778ff23a866116e98afed95aa747d158ad4b49da8b68e3967aedbea25d760a91994b7e42fc0feb3db213cbab0

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 0f2bbfa82392ba3481b5f352e0c43f1c
SHA1 4c2eb87696c237fa496a4509620e14aff1645c6a
SHA256 fe9c5aff634d899cdd90b441fb45f8d399e379161337190c579fe241bd646168
SHA512 eafa9ac7564489a4a3e20adac387bc90c42c1a5b90abc8d1bb4ff675c0d09c8803933a20699e53ee905d6638ff46866dc4f1412eabb07ce9c4d388a71cdd6c25

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 5b8c1dcf057a68205287484c9396d28c
SHA1 3d9adce9ef4241685710cf40afb78b8c9ec89607
SHA256 c7697eef33212f41e3bcffe8434f3fd01700db4717bf1ea60cc0826604e13589
SHA512 2bf7977cc261b7385004e50c137222f73965ca19585a41525243f02f4eca7e6a571d73e7be670ceae7649ad0c6dc6a128664d010174a6b727125480602c31ff1

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 58b7b1c5cc08d3dbb584263be2dea50d
SHA1 2e53fb884f57f1a8cb7917e263b69f6eb56d74e7
SHA256 e3ef162b1c387282b3a3b581868cb14756ca81e3ae2ca29315aaf791d08362e9
SHA512 42a4ebb6767db9956aa9534a427938968fa4c67b247da9f148305ad92c209feeee485721fb359a8b07d9b69cbf970b3f8edbabfb994e724ac0e151b34effb0ea

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 05df5a80d8354002cc819d50cf3f99ef
SHA1 33a5e2de25d0c78ccf2daef485243be690150816
SHA256 03109d6c1cd5f660b223067bec7c9de3041669062377e0936b4e2637a41237d0
SHA512 521f7e86a2fdb8cd516172b87c7eb74b7db0af057c5ad014fe00e6daafae43199ba28a534af80ca4d842603271e9e0f36f45008af14d25679cfb6d03c18bc35f

/data/user/0/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 0f2f4e066d2715d160223674a2f3e357
SHA1 dbe4dd0ba15d056b5af61676eee51067d1aa4c43
SHA256 f788fa93ee15080a627598c189caff36a90ddede8510bf2d3b5496c028d98773
SHA512 b90bc2eb1c7ac330b12b2f8cc02e1d04f19bf86490a24d7d4be1a21fcfb7768a1a1e030355f3e78da8ac247d77f18a6bd3df065575aea990e27beb9a1d069abc

/data/user/0/com.qihoo.appstore/databases/_ire-journal

MD5 27874a1fcc45d765a07a2496c60ab605
SHA1 1fa10bfb859c05a74eff32eb7a60d1001e7fc1b6
SHA256 791efac0479c2065dea95c1bac15fdc294ed40afebac6264beaf38299e12f8af
SHA512 9e3e6255e3771e88a32f02dbe87226262a7c75ba3de77ec1f6bf512924f1f22dab33095204198424b94aafcdb21757e922a887deb0500b683256c57bba1808b4

/data/user/0/com.qihoo.appstore/databases/_ire

MD5 2e8d2b7e3b1a8758ee427d301314b7ef
SHA1 32bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA256 67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA512 2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f

/data/user/0/com.qihoo.appstore/databases/_ire-journal

MD5 aaf7ab61e33d7f0ad54623cebad74cb5
SHA1 7171536aca9e40948ac2b400d53ef89e0fea543c
SHA256 21ba0efd32b8d8a0049b588ee0ac141c9042af115ac31038b5370825ee9156e9
SHA512 826ac1decc12c5a5cf88d7a1881e00f2ff53e735d672c44172cd5f0f8c34d2ecf8da58202f3a7882142748d9287a9b98f6807d42c21740b66c0dabd4552fa2dd

/data/user/0/com.qihoo.appstore/databases/_ire-journal

MD5 ce90c6dfb9121c8f91487073a37788eb
SHA1 671931165134cc6c00448b29201cc2f746726ed2
SHA256 8386b6240fe24dbec26525eb56a3b215c1aad891584379049570a2f6754cf98c
SHA512 d06bf2c61155720b006fa9b9730c01b21337aa087fc4224359fbc92a71c65f3c801479d633a0a2024e9e3914cb765e8d59d2fcc0e942ed2b7da6559977ab5c14

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 c1150aeaa9b406faf2f4fc7cc0ea370e
SHA1 5870191407314cf68c96ae0a28706a5738bdff7f
SHA256 7d1c3f367ec7e9945552bb78e4e320c16636eaa0babe49a89dc628e0894ead56
SHA512 1527b0bfe5e801b925fc2bec765c09aad880ff373eb76d684ab4feefeec41ba18571fa35fab98ab71feb2b9a3ee4d08989ec0cf525c9d39249a64009c0cbd2b0

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 f6502d1238f0694289cc2576e6f307af
SHA1 be9df92fd6d5691e058fd9f70eb947bbd05635a2
SHA256 847126ec2de2eaa1fa6310924ecc0d74e9c8789cbbb6800599792a002e905b0c
SHA512 c765000ffe9a67902965abee521aa2cd2609f31840c95f57426dff4df9e63c5ea3d8970b0d5c353eae250939f24471104f74a73da58fd8eb02b066edc74b83dc

/data/user/0/com.qihoo.appstore/databases/update_history.db-journal

MD5 cb1032b00b8e24f2fb9e1dddaeaaa735
SHA1 bff4ec57672e855684d04ed980fb121113fd806f
SHA256 70a64ae6b632b7cce3d693dec5774b33a38723f80c6cd8a6652ac927d09623ee
SHA512 19cb7cee6e16194885973d5ac66330f7b982cf19eb80465f659234c565345dd06d957b406aa52c89cb89395fe45a1014450abe35cbf00b0eeabe3c890762f009

/data/user/0/com.qihoo.appstore/databases/update_history.db

MD5 2252653e7b771e27d34816586139005f
SHA1 b2a9bdee7ba880cbe52d0a41f4a03190d48c0f06
SHA256 cedf5ce8e27874c3b635b7ecb3c9c404aa00f6924b45e8901e4c723f8b76b52f
SHA512 697d53afaab836022a9a7842f7b4b3db08f0645273b6ae1948387ddfae3b2fa97a2b3cadd6727d3a50ba1873b9dc01b8f5b68d299cda1d2943e71735ec1e20d8

/data/user/0/com.qihoo.appstore/databases/update_history.db-journal

MD5 99bd6e0a19cb4a8552f4a613ba5d9ac4
SHA1 08e204dca1fa0a5c923887969d8a1264bd7fe439
SHA256 268d96ce6a79b502c7629e77cc858568275b1314891b9d64139d8d6425c6e945
SHA512 68aa86421886f85d2a1bb0020c444e8668c8f3d9e43e00da293e6f362924d6744a0de955804e084541f70b3464966d71daa59b8865fccac7265b357e180591c3

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 2f97f05bea7b91d7108920eef41ef69a
SHA1 f55101f75121a0d3bfcf97ea3591042f6b9d4d97
SHA256 dac27754ea836e41af17e9a03e22f3d3e4a78c38eaff9f3ac1264ca9faccd733
SHA512 485d1e695231ae5e8ece81f9345e8a5a23a421c4c5764d236b3feae5b940a4961b0ad1fa4aee2a08caa9a0fc842313f4192613ca1bb6376d1e06c5409d466aed

/data/user/0/com.qihoo.appstore/databases/update_history.db-journal

MD5 1d7ab60d12a2ac105c290833657ee6df
SHA1 e32c552007cda97692a1b909500b2b14088657ad
SHA256 6d18846c000d615d2e85dff572e05f5532091fa0fcd84cdfb143987808383e3b
SHA512 9c94d9c7576f2141f48ea32b7cb2070b8c5b1d3f92f7b4eedda8f130fed37c1cb1db144c6766c940f4c6741a5f5cf730ec2cbcf88b0c9d5f9c649ddbeff27f45

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 1870e6fefbbc54849a419f1cc8fa5d0e
SHA1 03b9b544ee5cb3216c6a309c85e60568e552db05
SHA256 cb9e1e47ed6ae3465441e060cb4d716a10de31564972caeab5fad41616e571fe
SHA512 ea73d5a6f899135097e7a06d314ed5dcb3fce2b3e1f08636944851ab3201396fcffcf9637d90cf6d4931d4b6a9784eee0e1b861737c8f88e02f9a47952e64a08

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 4bf84e2f4d06c62e0966d31d7ed59c62
SHA1 08fff562bf01d717b3c7009b0a35102347f898d1
SHA256 0ebfdcd28c29dd515f40eb873c46653a5854881e89cc02c48a5cda971c00eeab
SHA512 5b5878ec89728d008871b9dee033d36d0a69655432699ccac71625c0a36b716f2547f00fd4670641f9d2b26e81ef1bd3e6d14d63011db966a4eeb572e89f8000

/data/user/0/com.qihoo.appstore/databases/account.db-journal

MD5 1d2195e2ed3d7ef9f2e8df06a53d74c0
SHA1 90ae69faa1a10f045576ed3a891871f9a140b710
SHA256 08c846461758b73a0d055742bc4344b959716feaef5195d9ea5ffa1ab9e9bca7
SHA512 5f032a19126c10c9a8f5fd4a9b32f3c550fc187a7f9567ffe51af5b374f64328594660645063f1d4733e0dd8576af501ba24986f0e50a280f974cebe3e8a5f9a

/data/user/0/com.qihoo.appstore/databases/account.db

MD5 223b095c5100b3f36d13f2922801d6b5
SHA1 247df4a9847dcfa7a42b649bda66126412c279ff
SHA256 dc0c24c777a762b585f1f5213b8c021d30be608bb38d823271d9eea42d60f5b5
SHA512 3edff39a607c3309e4f2a921d6ae1b3fc1b8e7328d57c2e6b9a4e9825cb1d9487a16cbb4b0147cc1707fac8249253b687524e18f2184ed86a457729e9f5d9494

/data/user/0/com.qihoo.appstore/databases/account.db-journal

MD5 e896e9e0df3fea9fc3e050aaa868374b
SHA1 7c981eebfa93a2de0a7fd36d15dd9c58c65eedf9
SHA256 22ba58bb5b420b5ee7e55a8a2ddd197b05eecb0f795961ec49458666068ac7e8
SHA512 0302550188431f264285bc912d5d04ae4757189e5a22b1160027896a66e2c0a25739d03ee3f6b12b8b2f3f645374405f5cb6e726d58510056e1e4a42f0b347b9

/data/user/0/com.qihoo.appstore/databases/account.db-journal

MD5 9539670841c174a1015547d3e00ca3b6
SHA1 8e757d0c474d341f46df42766cb5a2a75ebc9b61
SHA256 8815f5a5768f60da24ad15dac3bb6665065d136350d792dca7156676f94318e2
SHA512 88590d1f2bcb2019749a5570333feb8d26d7265130d5299bf6cb10c235b497699839c579fe35e9db5b2a5f8c019e6856f744e2ba6b837f467df3c0bbb7fea10f

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 69fbfd61dcb3299da0f8c5f3f1330359
SHA1 ccb8b34f37838bba01b92a737167e0e0d970e3a7
SHA256 c5e3304a767c74575765953dddf082ddf50bfdfd7c3b73b2fa6273c82d97e5c4
SHA512 d78b40194e656db790e1b92653906544e27e207e4d6a47da078479c82b5364979cf8c31b7f13c1a541097a0495e15090fa53f881a1508c1c9ffe68f1ea2c7a15

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 a31563405e098eb4a58064d30228c1ce
SHA1 38ae0817bd2a8d105cb1ea0005a2e6cee01ba4c4
SHA256 b742a951d4d6b51a377df3ea47d1d3bddb3a4def69972ba6634c4a596f69de6a
SHA512 252ceb38c8a015f9feeb3d5c283ce0900a3bac8b213202d1efe5fcf7880152f89bf6b164078e52b423766a7c0d7abf18610811f1181e12d4f6526c28b04783b2

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 c61303b02e060857308cde5514e08a1c
SHA1 9ad74aa36272e332cc27a7432b7b7e739136afc6
SHA256 8b7c89cb3a969d6dd2bd30e05ef5dd2fab3ee87facd48a90057aff12b9c57f3c
SHA512 6d4c2e3e3cebe852a8f2955c50bf2c407d6a21831516df787763ae75c7cd50899075b06ab6ac2f4108f2a369073fdb99ec1461bb2c784186e43b7a8f123244ec

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 15083b92c73b17c471514fd6216d2c9d
SHA1 cb341e4abdee088f4b3526edba369cac9cb173d9
SHA256 93b0b9dacd7a7138b2f65fde8524a65638edf9653e15b9ada0ac96f14c977fda
SHA512 68cdccb968c9a5fd248fe4e3909d3d3e8dd87c248c0f744b537ab70b4de4340b68b285c49c35d8bb8d6b8e13b8ae133d1fe5cd4a7c4f9bb6f9c187ba973de193

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 13ba9690571ad7195b1d3d64a83cfddc
SHA1 db583dd40edb521ca3ceafc9906e6dfe77949846
SHA256 fcf40b3409d56275ccd098bc63488829be8aa9a01ef67eb758b7ad6172e8fb1b
SHA512 43656f4c3f1ff16a467f9dafb885fe7181b1e05981a117d08ec36816bcb11e63779a63166ae8ec6ce9bedda14b0a44a9e1b6d9ee1be0bfce532e2c15488bdc85

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 9d3323c2362723ccfea4ec15bb0ad0aa
SHA1 5852dcca496eb5390a6997174328eaf1c31de7cb
SHA256 106d448e0fcb1a38ab3bd44d5f2e59b9f30baf5c0ccef3193731baa036f490ee
SHA512 102ff592615500119381a1b406a754cce1bba49165161d57f3fa03262ccbe3fde7697861fa94b8b4944d85263d23f9b9fd4f07b356b202d43cfc426ebec07541

/data/user/0/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 bdc38f2e827574ac4fc7123dcd14dff6
SHA1 3f4f5052b344776de8585abd2142ce94f14cc4fc
SHA256 7da57948c092aebf9ec6d31137293dfb969a2e378b059e2ee21f5955d2cb366f
SHA512 c82df30416d1d479aa2aa5eb07fa959716be8cd66d6083c1124220ca78be42ddf653d63f485fe1ee6babf76cde4cbe71d78a7123e816d0ef6411c83fecba25ec

/data/user/0/com.qihoo.appstore/localApkInfo.json

MD5 08d96ffa7d8665add498d263568c95dd
SHA1 c0ec4c457b8322d6e859f16694a69181a5e5eedc
SHA256 61ecc602e8a036f96ab0148b5d95193317ba6d614ee40459c0106189af7dac99
SHA512 bde90b25f46c30c87854fe0e0d71a50bfb4e5c9551568e1f2eaf90bb811a15c0abf17e4e1724c4def1f00a5d58aae1978994a9f052f6f2f69af04207f873599b

/data/user/0/com.qihoo.appstore/files/sllak/opt/4569/oat/finalcore.jar.cur.prof

MD5 aca09954cad31635e967fa7ea4ad0b84
SHA1 679dee2790896d338557bf9dc77b5dd327c8fcc1
SHA256 360e0d42bdb9984e0a57d67d7c5835e421756bb80a8a2201ee5c326f88f75c10
SHA512 93ec6dd424b9194b9da18c346ee46939697f4d259cc2479d9c72f42aa297e660d4b5fd56d30ab6523e6f5f41bf840653b1bdcf3ae638c5a4635eb549fe329384

/data/user/0/com.qihoo.appstore/files/sllak/logcache/log1717638495961

MD5 0045598b90def3bcac054b8f140c5c1f
SHA1 8fcb67f289be39dfb3306d279abb7fd08867ac7e
SHA256 27b955f28fe77a92ded32891f760263ce6e70ee0b94c8854832d0e4054291094
SHA512 54b6343c37451afa04e3a8770b8d92c93f5af4e62f6cef853b44d44ebd08c390887ef0a3155cdc697ea11543b0092ac62929bdfbf9cca41d846a67ce23af324c

/data/user/0/com.qihoo.appstore/files/sllak/logcache/log1717638496031

MD5 b16dac705b90e9e0b48c803340a81da7
SHA1 deb63df282a171093f7f96cc502f0b01b194ed63
SHA256 c49e3c21d9acb9fcb41467d98fc70784cd33a2cc4ab6de1777fae3050403c902
SHA512 8cf868bc2b46a23c608f6cc8d7fe7a0f64ba19153af1ca533a1c20aff341bff58e8f155eb23937fcd61dddfa0fcfa62bb51ecdc25d0745ce96b8653c6d0abe1d

/data/user/0/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 317e41701a014f8b69f786d0ebb32c69
SHA1 4e4740b24169d6771a78ecf988fea3aac5a96cf6
SHA256 88ce6b818e6345c0f6eb127c13e6b399e9cda659cbfbc15df6be267c546ab6f3
SHA512 0df911cc65f363d188cdd97cb72de2156b4a78f3d0b11d66c07be0a61decf65d22d2e308a90438a6775ee71014aa358e0dd68a2fdd2e2b3087df8ce603b4b287

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x86-arm-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x64-20240603-en

Max time network

10s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-06 01:41

Reported

2024-06-06 01:48

Platform

android-x64-arm64-20240603-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
GB 172.217.16.238:443 tcp

Files

N/A