Analysis Overview
SHA256
50506cf771853f33a540bc6dd947f494409f656d8e10363562b0b9fd2c01e791
Threat Level: Likely malicious
The file 99d2c029c018e5bb8ca76a7c01692b92_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about the current Wi-Fi connection
Queries information about active data network
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 02:39
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 02:39
Reported
2024-06-06 02:42
Platform
android-x86-arm-20240603-en
Max time kernel
127s
Max time network
180s
Command Line
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.netease.ic
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
Files
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | a2b7b107aa21ab95b1557cd143117bf8 |
| SHA1 | 27fba1b202c3e56d48163f2ed8d3a43048854631 |
| SHA256 | b8732641def97d71b35633b591a55b61159d71eb66c1244c32d7ee6a61880a08 |
| SHA512 | 8ae3c464bed3e207752e3048df67b357c1a1b693ebff183eb31d52e71f51c0269a2c3b0f6eb0d859bd1c41095c8ab3fdac6af5d8a9dd7492fa15f5ccf3371363 |
/data/data/com.netease.ic/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.netease.ic/app_crashrecord/1004
| MD5 | 8234efa2f38416937ffd834f9d2b518c |
| SHA1 | 5cb0aad243e6212fe89242544133a59de58c5c16 |
| SHA256 | 079c0f45e2ae3163677198737c56a0d5232c7412f17b93d3b57e67d666f66506 |
| SHA512 | 8e9c7faa4cfe5286a1b0e70e83ea133456e1175be84091b1949c693206381e8c1ac07fe57d6db5db1f40899ee5858c2d02ac52f51741bcb501c7c801e306026d |
/data/data/com.netease.ic/databases/bugly_db_-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.netease.ic/databases/bugly_db_-wal
| MD5 | 9cf09b10fd8633a8504dc9f1ae96cd83 |
| SHA1 | e9ff7bbbd4db9e4a2d3c853c5fcc1dd16f6da835 |
| SHA256 | 5e6a99834a8450aec103778fc66f5948a4cc548e229f5c50da72931532ea9472 |
| SHA512 | ebd72f311230c29b1cc7563a4c52964b01d703e58ac48ec7e33807594e7450809d57c0d4d5e31af53918c144909657840d3b15f57fe9e582477ff1fb0fa56ae8 |
/data/data/com.netease.ic/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.netease.ic/app_crashrecord/1002
| MD5 | d13e19ff50b16db6112a203e1117a066 |
| SHA1 | 460253571714be0dda41b31c91b3f80cf8d5e08e |
| SHA256 | 6cf245969b37c6b64b3f51c5a149cd86d2e8c447b59795478c33ddb36e573a7c |
| SHA512 | 9e448d15c368a85df9d9d92a4ca9b6024f001ab967cad1e57196a59ddb4793b98e0c3d5bc515c59d0e910c4f5fb910f95d362a92113c9bcbad04424d2920c4d4 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 8c6326e73725ac8fa85b0290b2c7d6b0 |
| SHA1 | ab927d7a94bafb84aebbd7b104a7cb7100a2edda |
| SHA256 | 7919b39c19e04c52e5f12cb47a66828917a01c5febd3d16c65cb71e67395cdb2 |
| SHA512 | de942938a5acb1df140a10789e03557ef4048b3155a26dc68949e43d7df50cc836847e33d3a10595006835b5d60713a7191d472bd48ee10e3ba5663c22df56cf |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.netease.ic/databases/cc/cc.db-wal
| MD5 | 07bcf9a4965b28de734346a3d979945c |
| SHA1 | 0f4254e2b18294a4c7a46ea9d7cda992c4815e8b |
| SHA256 | ddac73902f1cbee3fc86054564077b794cbd219bf7bb53238acbc40ec56dc533 |
| SHA512 | 04bcef5ced6f2fe1a45940e8251e0c733ab113e616926d9a8b54cfec57b34897a3434eb0b85a66758f8334cf0bfe157ab7f6083bd684669ccaee958e65797439 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | adf9e114749916823800c09532b78bf0 |
| SHA1 | 99bb0712c27fd5ddbe1d5a54017b654f05e9b858 |
| SHA256 | 98160469757824ffee68ff0d57494942c6fa433e3b82aac56d7a779d03a502a8 |
| SHA512 | 7572fa6c2f356d76f469e2ad318a8a81daa01e2fa3c1698584bc907b0e6d9ec94cf8a6339b88ec7b3d078f8c39b9ac8eff08d4528255985907b69dff1a954329 |
/data/data/com.netease.ic/databases/ua.db
| MD5 | bf224f1cf27a9747c829d7197d0aef2f |
| SHA1 | 86d88d8c0e5e70d5ba7c37de77d283c99296c03f |
| SHA256 | 54f943cc972942a3f8fc661a1d30f13cbfffbab494314a7df5080ae27059aa62 |
| SHA512 | c6894578a281a6042d67ad001444e7980829b542dae6d47abf9dcfeeebf74b3d2db786c443b26ba4677df0099258ec9d95cfdd6bf59c688c836d0d0786ef5c57 |
/data/data/com.netease.ic/databases/ua.db-wal
| MD5 | e25b8c32d3ac72c3815bfd88bfecf209 |
| SHA1 | 9f29d927378160f62dc1a1e27c92ff21ca9c6e35 |
| SHA256 | 94c764a1c70cbd063109b51190387e8077b5eb0cfd63746cec961c7e6081cfc2 |
| SHA512 | 0769c439d7180fb2669c2cff26a77b38414d29bea246c585513a0677b5ffc54837db46f11551bb8134788f8cfedf4ca5189ee4c82b5777ef2c9be63d97918f06 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | ef568104805377d0e18d6fa0378472a6 |
| SHA1 | 5ae15ad7c9e1f917e10cd983e9e6e7d37445c8b6 |
| SHA256 | a17596a511c7490918204d362ee0a57ce12f53d447036fdfe676bfb1401fd9cc |
| SHA512 | ee278711237389a6a080109de7088695144e3240aece8ed7976925e25431ba8d315f71ac9519a90af6b21e92342afba51f95d6e1ef874814cf18e08d513d294e |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | a47db71cebff60b2b7f09fb540925755 |
| SHA1 | 912348cddbba052d0be36ff48e89cf6f5a332f87 |
| SHA256 | 45d0922769b8c3eaaf4c4044c019984959d7b396db9fb1c9d5c2e92ee46eb68d |
| SHA512 | 1b4af3fdab91120dc328d6abd563a81ad09000b6c270d29867a94114152fbcd384db0c53cdbb581264c475c5d7e5ebbc183c7381e0528c8a857edb8cf9603cf3 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 8cc4ec9f41a590fe8ff7c09f73690e46 |
| SHA1 | 740277b0ffefeb1f353c67bf2faec210756806ff |
| SHA256 | 8e76ce58e7ca8e2e3de2dbea1f8c4faa10d54bd661790cf1ef0ae496421df8c8 |
| SHA512 | a7757931c441028d387597852ae38c6e04d910143eeaf4614985fd610e09815533d81e3568befc22f970e41f38901a0978ae9172b2e3f622ad5aba124a64bb80 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 0f149b3b0db03a56d06aea66c47686db |
| SHA1 | 521a368a56d339d5036bb7f1e2e46508dc9b3f11 |
| SHA256 | 227ffdb0db22ab87078496a8729b7a7c8dc1861ec9ba05226f4e38ac9b14ea28 |
| SHA512 | c94b2519e8dc7dbfd6a7632724b449221d7d2a9c8ccdd93f92dcefb85568b1ae0f692ac4b275fc129f0ff409f87069f1ed9e983103456b6594a399e899de97d3 |
/data/data/com.netease.ic/files/umeng_it.cache
| MD5 | 9b4d1cb54e9b355171b8ade0889a1057 |
| SHA1 | 3889aac09a281b6b9181516c1abf459da56d0adb |
| SHA256 | d1ccd3e66acff4c72b92de1a4e3a854207b54ed0e342a65c34530b27709af7fc |
| SHA512 | 8bc841bffc88723e9382f2ebec9b0d52c4a162359e27eb80220c2c72ec0dc86ca60ee453e06c035e2dfac5f37baf8b09c708687c7efae0505b446a9862a85e07 |
/data/data/com.netease.ic/files/.umeng/exchangeIdentity.json
| MD5 | 2d0b89494244ac080a9463d934ba5637 |
| SHA1 | 905643a168b44ce0fb0e85d8d5418c0c6302cd77 |
| SHA256 | 3fae20b693c2d66811d220f46b0b04c2bb2c9ff0564485b31c69d177ab7cf891 |
| SHA512 | 468760a512e334f38bfab639509306995eca70e06ede813c01104c6a6f5d8f97e25bb3de83df95f2c7586f34204b8e479f7a3fbc2416bb47244418a0dcc921f9 |
/data/data/com.netease.ic/files/exid.dat
| MD5 | 41bbc0164d1b3c2e2b523e15c5113558 |
| SHA1 | 9f3a78ba3d1d60319c31c670fdd876c43970b485 |
| SHA256 | eac351a9e2a5d08e17294ba4e4961fd38cb264a773efa95753a5dd2bcbb47313 |
| SHA512 | 830ba9e35bfb5f9622c5ba7800a0d101586aef2a90e2e8ea36a8098dbfcf60d97b6c861cc6449e831cb7eff461a63ca905e6dae96b02ddb1255e27675e6db59e |
/data/data/com.netease.ic/databases/ua.db-wal
| MD5 | 88991eed020296dcc101ba3493305af1 |
| SHA1 | 54520b4157d3fd759e8607c21e736ac0aa1b4ba1 |
| SHA256 | d06c8af1f05b012c757fa6303f460c29e7c8dac4b6bee25f2e11ee2c002ed369 |
| SHA512 | 562f944d9268fac9ccb284565471e9d3ecfd60d10e79e6bb9a63789dea79680ef8f2c1c6864ff42f610b8e323c29c6405721e675fdc0ba2ea55d99cdfc0da24a |
/data/data/com.netease.ic/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.netease.ic/databases/cc/cc.db-wal
| MD5 | 92db12cf0c1faba5792ad47d9bbdc78f |
| SHA1 | e4d3777a561c94ddbd49755b021b140a6073c735 |
| SHA256 | 277bed6c737bef817d5d9cc3fbfd555bec33bdb801473feb9964221dd1a2764b |
| SHA512 | 533331c4d7c8a744d28a1547c9822903736668d4b5d138772be7a3dd7e907c596ce50157273c56ff1ba6469d29fefd89df051820a5a0f5f6823ac117c5712c0d |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.netease.ic/databases/ua.db-wal
| MD5 | ca098c144d0e82ca54084eef097f2244 |
| SHA1 | a2e8f27124d63914d951c13f364dcd8eefd5ac70 |
| SHA256 | ecb40e927d59ff0931e0b44ad877b6549878f5444683a5b41bf7cbd816441acf |
| SHA512 | 2295375fdfa16b6a053bff0ae6fddcad811e082754036225e7dd792e613370f96bf68b005f55175d078fc04b4cb0d2b237ee78ae04177186d45416591c7afccf |
/data/data/com.netease.ic/databases/ua.db
| MD5 | c1face5a59622698a50f1abc0eaca913 |
| SHA1 | 263a71eaab22e716f2d1261c8b25de18fb3d03c8 |
| SHA256 | 3a3673600ec2f7e472e8a046ab953b8b765252f4f32fe4351e5c1cba6536737b |
| SHA512 | 4b0d19bfa2797ca7b93bbdc6861c0cff687a34512ff1c500b19ca53a5a93fd99abbbf0372b5423c41dd7d9fc424fcc7f4919745007df4d0f999ccfa605f9c75d |
/data/data/com.netease.ic/files/.imprint
| MD5 | 116ead44a9bf29401bae7e4e247f632e |
| SHA1 | d9daa3118ee59211f495a7ab11a0ea989be0084e |
| SHA256 | 8803300ee9f422c316e548c354e48e5a4b6afdeec676f52634501850c82555a1 |
| SHA512 | dfb182cbf9664257517f7286b23481118d4e6b97a2c72a989ffee32a94bbd36f8ca42dfa22ba2c39e142529c284cd9e6f59f62601ac6babc5ea5332e14b2d83d |
/data/data/com.netease.ic/files/umeng_it.cache
| MD5 | b7ba7189734f673aeaee2fe02c5a04ae |
| SHA1 | b0b1370e98e03db3cac214ca53f1c44f166ab823 |
| SHA256 | d8995ef096ef026a3a15b377442de782835126df5165038d01457b2985520eaf |
| SHA512 | 8dc41c3da17b1f6805ef7807676eb1cf95a5b2e437717ba93157e23170813e9a519dc68e4fdb3b773ba2e15233d71fc17ccbf2b6d4f74fc1a266a15bcbe6f3a0 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 02:39
Reported
2024-06-06 02:42
Platform
android-x64-20240603-en
Max time kernel
129s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.netease.ic
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.226:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| GB | 216.58.212.206:443 | tcp | |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| SG | 47.246.109.109:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
Files
/data/data/com.netease.ic/app_crashrecord/1004
| MD5 | fc9d5e702530d0deb077413af6946aec |
| SHA1 | 73710c915207e891c63cd24c36f20b119ea71a00 |
| SHA256 | a18fdf94f14c4f2ce9ab8d2032f1fcb7c4a4e2b9d7b1c4f71cd3ce1934fe4a9f |
| SHA512 | 6ca490c6235d186e142471141e97df192fc5603654d0704f1e0103056a2dd441af8808a80a58d9940d510a7d8845b3929004d127d543034d575e1b2d170ef14f |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | 4a8bc9ff585faa7f52efb655b1e48d83 |
| SHA1 | efe42d75b5de08d4d9a3f139992bf06b3364d88c |
| SHA256 | 03939c4d6225a249f1625b59bb1e179d150dd506784c6be5d234da6c89ec6208 |
| SHA512 | 58de9393f673a8774f026671a86727b64f7bd9b5625639acb998f43852c46aa1255b5e6f0e5794e2785a4be834135a555bb3ff819ca897549b532da5a79a600c |
/data/data/com.netease.ic/databases/bugly_db_
| MD5 | c0affdfebc250f6e1ca4fe14a979041e |
| SHA1 | 2fc7425b8fb89a87ade9a76c6b47dfd7a3d1e5f2 |
| SHA256 | f01cf2d37321bd4d0fbce700bb1ed5afe702a2e67ef502b5b714827ea322c4a7 |
| SHA512 | 656d8c30f59414032b052a3e5949c57fb6c9751e0ed5f9c7586a80e047f79c7e3f08915e7d71b5ba8f93519149741cb6722375d0b67c6792e37d06a60a8fa586 |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | 4c98e3f2a074420cc3ad56cbd44ddaa8 |
| SHA1 | cfe1a9763f5b658c8981c91287c2e142fac3afd0 |
| SHA256 | 8fe6b0429a535a10335d85879e53c6cef15aacb8faf6b2c379bb8144d96b80a9 |
| SHA512 | 609fd63422c8ba995c9973314d43d97aa3ddeb4ed46429c6f9840ed3a96b844f6e7405b9d720aa7050c8a99765005e5a2f11bf8a711a7917a13e2b1f39358bdc |
/data/data/com.netease.ic/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | 10c24303dded875965ed04e736516a9f |
| SHA1 | 60b2fa1f39b6e0a302c820721bb1ad0a50ee407f |
| SHA256 | 5ff708d6e257c7375f8c692309aea0f872366e02864e4dd8e2cced910691e67d |
| SHA512 | 61d57e2b9e826c8bb7384e0d0b49bf8490d06535e23779cf3a169857597505d7c8418009c492625898674c122450c500e3f8db236f00d8e2390cd19bc35a0dab |
/data/data/com.netease.ic/app_crashrecord/1002
| MD5 | a24f1cc303c49b39a940b78a330a29be |
| SHA1 | 7e4701573989cb3a33a8508431d289368ca292a3 |
| SHA256 | 48b5a43cd4389edcccdcf4361b7e4d6700113c1da83c6f7453c3a7bacfd0b503 |
| SHA512 | 1614338fbb190dd9db56c970ebeea5f15ab43143bc0c7103631eb0b822f8323f3c5d1819ce488e7bc652e4a7bae1e0d53a78b9098f313f805be30c7b9d1ba16e |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | a5f13f6bc6d75a685257af697ed9fb8b |
| SHA1 | 9fefb3591e4fe5c2f99cd3144da0591e4c1f9711 |
| SHA256 | 44497dfbcf02600156793b66a27579be95276f46d791181ba59743d062b9e543 |
| SHA512 | d6453eb34c408d048c0fbe366b94542aa5c610fabd9af2485e862cfae62b348cacead9c30b4ae0826944a779f0e9f1f128fb694a6534607a5f4b0b935740fa9e |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | a21da4497ad49073874a7f25105d2625 |
| SHA1 | f2052739f2d34f6d3393bd6eb5dbaa207903c4b9 |
| SHA256 | cbedd441fbf5ef712e7a2e4107816e422d46f42df95df9086068a49a86685d02 |
| SHA512 | 8734b26eaef8ea1e89de1c39fd471564ebf6df023225b9409ada00588270efedcaa4ce8dbef33ba96484a3e1a6b4662c28cae6b5292eb520413b3c7bf9ae62d5 |
/data/data/com.netease.ic/databases/bugly_db_-journal
| MD5 | 2ff5c391bab40c6d5cff6f5bba2440ef |
| SHA1 | ac8f56b2f0af5e993d0b34a54a028858f19d7647 |
| SHA256 | 4a4f826d2f93ca4c48adc181b4f163a58f2fcf0b20e8abcbbe080581f54eb488 |
| SHA512 | 1aa26cbc2d69373e63cf315155027f205b6c1bb003e81b4ba046b2cd20c0303dd9611113235eba4bdcc23f394b434b28485df4d4a81b36871be5dd28fedd732b |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | bd5ebb8870f15da0c70b2cd429d6f2b2 |
| SHA1 | 972f3094e92e5da747a419edfbe009bb5acc5ebe |
| SHA256 | 77dfe2c038e084da2d17920960cf975f25fbab5334a5c419cdb79c5509194a6d |
| SHA512 | 66415e9d60adb1bc1c3175a0f892f55beab7fa70114cc085075a018577c2038dc9fdf524efa1187dbd3fb55d3744976440c6d822c132c6078f9da7c23ed6e9c7 |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | 0908e924aa236931dc7166fef6e00862 |
| SHA1 | 7782648d6d8f6e835bd47058d4852932c096a467 |
| SHA256 | 38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f |
| SHA512 | 3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 22794a4700c9d25506e8e21802e4d11b |
| SHA1 | 915e19f9abba9cdec63add69de34ab5509d1af38 |
| SHA256 | 00ee9c4372dae808070b03ca577086b1b2fdf8bae40c7ed15a8356bc48e802f7 |
| SHA512 | 8f44acdfb9435239d668cb492ace8d8ab06194fba78d5e345c154133daf45096f03f8ce345a7d2ae2df08c50d61840014fbd9d6e68e644dd8a3baa122c3b2f93 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 8acb9fd18fd7ab5e3800d531940fb2ef |
| SHA1 | 01a241835f29be256cc453e3b372009f48413cc8 |
| SHA256 | b2fbf41dc03bc99db3fb5d54f5e608ec023de43a902badb8116891d0b4ee38c9 |
| SHA512 | b28eb03f8808333a5e6ceae31ebbfe1531e40b6739123f9e392f517441f2c361019b8fe30d7a3be2b576c0280151938f683c8b10b3d566ebb9817427cd3049dc |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 3074fe4e61be5a92d427f325d1cb74c5 |
| SHA1 | 2161572f3e0d5912a45f09e4835317d8597db84e |
| SHA256 | e7082147f4270849e3f2564a45da9e1fadf0920471e0de69825e14ed471b8c3c |
| SHA512 | ca5a1609fbcd95f5f2fc839ce1d4db4ef1ed68356202a0373528593fe1c33223d4132bfddc8a3dee68d7b0746e1c09c023452b2bce8e949f9f6c4e307fd2cc29 |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 8643476a608fa8133f678d43527aa8fd |
| SHA1 | 4ac41ac15951160161b2ee2c252fba1f784f4253 |
| SHA256 | a5480790c4a570651e76977506dd05dca5b6aaa51f407845df64891f95d23d84 |
| SHA512 | d69f7dcdc712cf97e5d190826e534cb55f8b527681fc7c6063a64950859f8acc1e6b1258bfb1c8662af99de0a0d6edb2f0f2e050391ad270f339dc21d35ec15f |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | ea015f6f9420e947af35e94604c6bb1b |
| SHA1 | 598848adb2dc1abc6612a33e27743a19f4b12588 |
| SHA256 | a91daed9654b009d1b2d1b5c389ee339c06039183aebd793f65afbbee4f0bd19 |
| SHA512 | 950d1f3f1cbd464da9a4ce609bab8dd0c426277fc7980dbcb7e08ba1b1f65796a25a496fc08074047e9376d1fe949182010da1e4820e15912cae3a6d7f4b0ff1 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | df108bb8e7eb727948038e1b6b3b4b01 |
| SHA1 | 5d4c09095105977ecce74ac469e3211d9aafed07 |
| SHA256 | 1996db587e61cd898fe6c1ddc280d0c0dbd58c0401c6b03de9b3215de01a41ca |
| SHA512 | d97d0a7084aa25891837b61a6db2114d478e7077e264ed9bbe9dacf4ea7a4aa30dd35e504dea4473e2d55d622f8548a8c9b16e06eeb8c35ffc295f820043e06c |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 8076f6b320d7a78b2b03a197f685b378 |
| SHA1 | f984b7a84e67bb7f9a759617f06df0f357d49639 |
| SHA256 | 664032c8473517e2a4e830c72379cfbbbff0d81f7eceaddf341b7f0b720cafad |
| SHA512 | ac3f711f64f9becbcc3878c270113b8ea8d78ffc64e8d3d1f72d878d5731fead9d31437541e3d659bbcc05e161ec67b59327a29cae1256c62c3de99cef94463c |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | d561d447315b28e246eefb77bfb32a38 |
| SHA1 | 1c445a68d19018ca55c5240f18b701fd30e89b50 |
| SHA256 | f50f66cff8f232423472fc46a83c3d7be6bfe47833715117450fd0f4fe7c9b92 |
| SHA512 | 10e79ea2337536aa68efdec63ce0d17e1d72b23120e9ef57bfe7aff4a0b96f5869aeb41fe0b871194c9c22fbcb5d8973021f6dc04c4051e4a80a0aebd3e6ab46 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 135c96429f1cda07299fb2879c6a2e7b |
| SHA1 | e32d9f27bd4abf0b1c6a8d697fdfa1827c63a111 |
| SHA256 | 776310903decab129ca9027931d23c46514b1ca3dfc7ac61d58ae31e9901551c |
| SHA512 | 943e12f7e99411136daa130ebd376342d9087b5f25690a14ddc7204d4cb75d6cd0e276f4c822bb32d46725393c647c00769a78200587acf90094c4815560e472 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 911431f4d9cfabcaa1397c5f1c346765 |
| SHA1 | 78baaf7ffe88dfe4b9c1384d83d9f8e76aee25e6 |
| SHA256 | 74e73a0d3cec90b789f9426b2b3f9a3426c99425b12a7f1c5e8a4989a623d623 |
| SHA512 | ba92613e764ee1176dc7db262e781b29ce9edaebab54c09554c458ab53e2ebd33c7b99092e4507c306d1dcdff1424921e463028acedbb3f81a39d25e31f247da |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | e3edf3ab9af730a3071798d3477370e5 |
| SHA1 | c116393d6a3dab4b59d6fc7d5ae40b0ff59c5248 |
| SHA256 | 3b0284d3cfff1d6f3ce9fe080e9810eec30a2e26882f5653bdd7ea1d631f27d0 |
| SHA512 | 9be6bc9e1cf3d007617501851ac85b2d0ddd1bcf096c0ec6142bea100b9349e542e456f3a55b54c7d10d26c88016e9177991732670dcbb181f80d249af0d34a6 |
/data/data/com.netease.ic/files/umeng_it.cache
| MD5 | cbc1ea2eb480defe5393283eca08285f |
| SHA1 | 47cbd5682ae837f74ccc61f5a6f67f5e296f0fcf |
| SHA256 | 818a7969ba62626e5f2dc160c0b59988b1679cf59e8ec69781c756accf4ca203 |
| SHA512 | 282874e8a93455a4a824ff7ee957afe3625cefc638f9ca6222152d6b9b4237e9a772bf01962b9ebcc593ba2ffe408fa593309ad74499badd56f1c4fe16497167 |
/data/data/com.netease.ic/files/.umeng/exchangeIdentity.json
| MD5 | 825b3fb1fc63ec4eff767ae7b076ca65 |
| SHA1 | 07c8b3ef274a1baf0844d3d281ca920a85f67a5f |
| SHA256 | 962c5eb2eccadd23aa69b38d363e5b1b8b2244e0ca20dd9c93068b71b1b7e35f |
| SHA512 | a0859b990fad00b874960d984f3520e0c87c396c0ad9d2517c326b3d6a08e74edf435f093ce5a97d4193333fb6d152c091271c15df76e49a7a2c8867b7229e3a |
/data/data/com.netease.ic/files/exid.dat
| MD5 | 41bbc0164d1b3c2e2b523e15c5113558 |
| SHA1 | 9f3a78ba3d1d60319c31c670fdd876c43970b485 |
| SHA256 | eac351a9e2a5d08e17294ba4e4961fd38cb264a773efa95753a5dd2bcbb47313 |
| SHA512 | 830ba9e35bfb5f9622c5ba7800a0d101586aef2a90e2e8ea36a8098dbfcf60d97b6c861cc6449e831cb7eff461a63ca905e6dae96b02ddb1255e27675e6db59e |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 5d6706c68fc980bac751d1f6e88232ae |
| SHA1 | a035cb30cfb9ed23c2a3f42b20a7518ab1557b93 |
| SHA256 | db3e239157011b8f35a8e7d9f0ed1b789850133c304a38a7c1c6366fdcdac7e3 |
| SHA512 | 5f4d40fd682ad2211814ef43c222655de0422c361eac9cb14e1e9069508ab8f0bb120fb881ad9775be4e930c8e3b642ed1cd98a841750ffc56641d3a7d280c94 |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 38564ad4c73e5619bc2264b0c44997a5 |
| SHA1 | e55f6fe1b20347ad4cd58d77af0b0feb149f63d0 |
| SHA256 | 1820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8 |
| SHA512 | 30d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 54f02c96555628dd2ae0ad53fe066e65 |
| SHA1 | bef63501b21c788de64bc5d820c8087547c64e64 |
| SHA256 | 07ef03d3459c53716c977ad6defb25429a522544a97aedfadee2554ae8e94214 |
| SHA512 | 4ee17ffc3dfe1b9b7246ea12f0f33f2edab8c3f01c94fc23445b4483c9e99d29316c4cb64bca7b421a01df00b5c694bee89e8c0f35ab2f9802c8b6f06052f4dd |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | 67c12933d1e0e63d9801a6aa43092ce7 |
| SHA1 | b6936908554e4a1986b8eb08289e2d3545e8ff74 |
| SHA256 | abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40 |
| SHA512 | db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 209a2cfa08ed09c971b421d59dfb86fe |
| SHA1 | 2a231a7d9739625d2126d27a1758bd1fdfb4909f |
| SHA256 | abd00d4d4564f938cc47060310776a6d7d91035b670e6de712270aae415bc96f |
| SHA512 | 047a319dd496f70e62f51145ab863eeec942cb8dd700d904f5ba9fed507ada0df0488b7061f73b70ed2a885fb5a7f34b214b4546cf87dea84b42a212feaf2578 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 821b74fc55ac10e7344815b14bab46e6 |
| SHA1 | 79f311be4d4ef66f029812747c65a8727f9ae379 |
| SHA256 | f6a34407429a498b71ea5271b48d8c9a41c28d1970329bb4fe4db48d43ef6f0c |
| SHA512 | 8aa221f451cbec42bf2038404b81ee3c689ebc60145a031f3dd673ba2e67e6e4061c6660abefe8bd170fe716907104890ad1ac838f60cb91d98c3a3de23a1a67 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | e2abe6809ccc2708e96eb27a98f8b68d |
| SHA1 | 4bcba3043d11e067028602822167d4c9bf6521f1 |
| SHA256 | c0bf87e3943be2180a1283d3c8f46cbcb83262e168a75941d9be8a400c3482f8 |
| SHA512 | fbf13b4d7825bc088d2293c5c1682706bd3c124fbfa5a8fbd9f9780ccb141a01bc9563e91a20ca5e63ffb5bc1169449babb6a9e96bb76c6266b4216c037b5d2e |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 212af7b762eedf10380b906328a11193 |
| SHA1 | 6ac74dff3f850c67eeff8e33abea665e5d54f039 |
| SHA256 | 0d6b9c399bae2beb9f27a704ea59ce4fac031a41de2e59498101866326d61cbb |
| SHA512 | 61258f38f7164fea60cd8f4213ed79cc96b152c958aac628f145cdd2adf845fb356c605671fbc575fa448dee43166372c1dca190ccd24e95b7218ddcf6be7350 |
/data/data/com.netease.ic/files/.imprint
| MD5 | 8207ad80f63e35e035bc0bc8544a2466 |
| SHA1 | e3bab4e7c2994e81bd3fa58bb67e3849dff50cbc |
| SHA256 | 623fff635768f8f9d3a1eb549ed7996c0d48e0afe1a19f018f7a3f503375bf16 |
| SHA512 | 38f417fb6977d1f49ea96f54bd44f7f1ad75278183fa4faf28df9c6d7d18cc344c7c3469c41082bb57ddba81bc7b942b1d3e1917eff53c740f3bfd991e0a2096 |
/data/data/com.netease.ic/files/umeng_it.cache
| MD5 | 45ba9252862d2706a6bccd0073048929 |
| SHA1 | 4289bb0f5f7490398bc9909211f91a89db215738 |
| SHA256 | 17e5658e716eca1664daba77b371dadc0a58ef7c465d4c4de993dbdbc6efa558 |
| SHA512 | 0339a405a60e88b2e812aaa7fc59a461e674c9c68becec3d3e75049d00ffed2706f44926a9979dad718f24e131d14432a05317fe903dcf48750104f1467a1662 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-06 02:39
Reported
2024-06-06 02:42
Platform
android-x64-arm64-20240603-en
Max time kernel
126s
Max time network
180s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.netease.ic
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| GB | 142.250.200.10:443 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 119.29.128.145:8080 | tcp | |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
Files
/data/user/0/com.netease.ic/app_crashrecord/1004
| MD5 | 4d791b08bb0637a6a966969f7080e17a |
| SHA1 | be0a087b66ac2010aec7f83e8618b6b41d449044 |
| SHA256 | 31635c9ba5ff1d77cbb0df3f678b9fb4f625200649beb0efffe1c847d8a72e86 |
| SHA512 | 6b363c1ed911619ec57bf6611a550ceba1c356d5c14261312e098a368e6ef9446dee679e3f4ab53345b811a43e816851684ad357a7c39066f64909b67e87da28 |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | 1bbd66d92d2c25e5030f66204be0cb90 |
| SHA1 | 5a3480f53188e2350273b42ea6d44b64a7266a09 |
| SHA256 | 54c308a8a2ba080069924a0734604635dc5d1bb3c56dc8640dfff30ac7faa71c |
| SHA512 | f98878cf9b220327daf4786110301e5a8eaef4b224dc69f6825e09ea7d21c0b9c0796eb30a62ce6f19f6ceeb8d7d5accc077fba9583578ededadff1100f68db1 |
/data/user/0/com.netease.ic/databases/bugly_db_
| MD5 | 013d184948d089fe609b7a3f6f6223c0 |
| SHA1 | b78612403f64dd3b1c44cee151bdfb5d0111428b |
| SHA256 | 4e933855518c7f68ef4cc75d34dfb266e2e33feb56cfeb508cd89af78a1dbc1f |
| SHA512 | 72aab99d88cb391f95101a32e07642f24b4cec42a3924e4f72647fcfbe49f1dd4cd01bb6c702c8150168ebfd4f117954760c54c432303a4621612b7ff93c2fab |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | efc3421caf3b58e238fc8001fa65af9f |
| SHA1 | 0fbafc5dd1b097520db148496a2ded226e5456e8 |
| SHA256 | d5bc965f527ed3c7a5aeff3ddc5d1d554ed54c51a66dee7032557f4558aef222 |
| SHA512 | 7cb56840cf32c0770d0734fcd55e967bc6c0f1b220d95f0f46da8e715ef829cab7ebe31dcd8ef853c80a569330e40fb22437a3588d8b0d6dfabbc15a008ebd0e |
/data/user/0/com.netease.ic/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | 1ed284910a73c07609542b19449f7fff |
| SHA1 | 137104f8135460c1a2320bff8307369c5d348535 |
| SHA256 | bc3b85cd0de46fc6ce796307036409c6b571cc1c57b314629ced099452ca9b34 |
| SHA512 | 77e815378b58cce57e35d066cb652230ace7987022e6c7e14f623aa9fa4b893e4bad2de2b9b519821ec80bf762c35283791945f20e7f18a0f9efb58c8c5e41d2 |
/data/user/0/com.netease.ic/app_crashrecord/1002
| MD5 | 6468d445fb3d674005164028ed6a41e9 |
| SHA1 | 182de36fe7011a74597b11632858aa45c7d38ca7 |
| SHA256 | 0d6002284270274bef018aadff252901b55c6348f3abc0fc57ec013b1b86328a |
| SHA512 | f8cbe125bf19148bfba31c7fc6935f3edc8b209d9d8d86194b3a50a38892cf433bdc15858e11f3d2bd16f16bec05a87b1030e16f7b17e916657024d788bbd96d |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | d042338168c0e658aecd6cea5861c23a |
| SHA1 | e202a119ffd4581af6c491bf089cb41c75d2ca68 |
| SHA256 | 00c3f59d3f70f278916cef2c2567e3be53a99e3517bc5398146d3a85dc482229 |
| SHA512 | 0abbfb87a856f6247e2fbcd9a50a37eb92c235c438fc2ef5b0326043fd39bfa6ad1aac12d8eaffded22712b3e94cef6c6a904d6753eb738cfcaaeda35f4392ca |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | dbce135487da0c17d2fbc5d4dcf6cf55 |
| SHA1 | 9f4a9b1deb85c22374f74109955e4a25f82ae9b4 |
| SHA256 | c6a4d327464199d90b13ac6507899c8dad0e1bc137ed34fdb204074fd6be039e |
| SHA512 | e971094308ad2eeb995e4c0b5a6b48a71052b98f0646ea2d365f7b9b3bd0ac683bf2568d98b30b2980fade59c7efbc1bd254e6cc138bad59851c379122f5302f |
/data/user/0/com.netease.ic/databases/bugly_db_-journal
| MD5 | 0ba9b70696bec641eafcca685d5521a2 |
| SHA1 | 0dc5d2b7c5283b0693f59f06b38bfd2d7ba49202 |
| SHA256 | 48b73462f02f4d70b164721a34fdb9fd18ffee0231ebc19d8d460c5ca09d10c2 |
| SHA512 | db80f4f149106d11278b3639f3893e46eaec9cc4195c98535ea9681eb87b8edab6e4cfcb4b6978946bcc560ffde12e92a2d5f704d36ac7d0f4d545e2d1cb5db7 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 6a3e31b3686323bf2e73a2f0de04b4e6 |
| SHA1 | 94a4721cee31e86b4df170eecf478b5e9b93472c |
| SHA256 | 7c196453a2f818d23533bf468f938fbfdddc508821a66a2c30e8c43c7dd0d558 |
| SHA512 | 27ff85aef47ade6f760130ec3f4959d473edeb26755fb564e13120b1c1225c58ca4b5aa7a8523111b6e4e50119090d10a4ac534be171333d2960e9fb27eead85 |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | 4cfe777c9f6e7859f5efe2197401d8e5 |
| SHA1 | bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a |
| SHA256 | c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231 |
| SHA512 | 6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 7700ddddebf68b9bde5ed1b087f30f61 |
| SHA1 | 9bf01f268aa685b63cfd2cffbf62c9ee86d519aa |
| SHA256 | 093502287dcdf9c56d2b3086514693ae31bca13af19f80ada409561f975b15a7 |
| SHA512 | 87915ffe2c60e315424676f83e526808a4ac359e048c7f820ac9ee8ccf9becc073d374bbff4230d26527a735f690bd4c110b7c6829c68c64f504e382d7354476 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 944fe872aadfd559204bc44f6cfe13d3 |
| SHA1 | 080a77250d6cc3147dc944d3e35867d9bb0a5922 |
| SHA256 | 0b8961bb7235309ffa011ccf29f70c28bb99e3066195d0403a01c2d04e7b8ebb |
| SHA512 | 8b829d83d36b72b6111cc030269c91d158681cbb6aa3992e4bd73e4a6c18514bd28ca5fc1bc831f1d58887c193dead250be77b24f640f5ad1bbf42ea05ceb5e8 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 79b40a445f57610c54699be0d8107bde |
| SHA1 | 7ea38f44bb0b6f86c957b78ab78946ac20fd5d40 |
| SHA256 | 41e2d310e9f55de559c1f839322a3cd01a77f82fdb3345fff83eaea7292c08e8 |
| SHA512 | 6beb1b21d59c68c36d04f5d1758bf144e1309e33fd0b172d02ab906477cbdc8327cf0a9c28aab8ee98933a0c75c30c2bebb0a3f2e177ac5f47acc86253c334ba |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 9ead698f5dd4e6515a1d13e86fc049dc |
| SHA1 | 92346c01904c1c2c1f6d2a01ec8148c27def2d99 |
| SHA256 | ec0214918bef4f6b0a920844bdc3c66056a5d2b669a90cbac3b0a31d975a3daa |
| SHA512 | 25fe8ba8a6f77c964ca361ee326312d802d77baccf87bbcac2b88da081ba1c6ecd92bb88b95023b5fa6dbadfd512ed42625445d0744ddb059ea6b5115b37b993 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 06decca3f3fc8b8799d89c349c46e949 |
| SHA1 | 25f3a1b8641340b3184a56c394007c5648203d5a |
| SHA256 | e06c96de40347a998bc9586f9f3a9d7eb54fa10fdae707cb69a69f3eea96d569 |
| SHA512 | fb0a9d0ab964c609ffce1fc55d8b28e9af2f3aca4ca4f3b4bc819db9a11f67db733aa1fa2db03f497e792e619cd60a612b50a80895fd9635dcf0689f6188e8b2 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 66ecf390ad43580cf8b782a0ca1de496 |
| SHA1 | b910bf0bfd41d26c37144d86965dc0ed16443beb |
| SHA256 | 4ea3f10af525a99c59b4cdb07f67c69fd394b17f9ec4c84202869c2d6f59ea3c |
| SHA512 | 534d755ae1fd4c5dd45d37fb7fe0d3d1911587159b30a08e58a220d438e373ccb104ed56a67fa31405df29e15cf94be8e97c88e43516bb463b9df01a26522e9e |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | dc64857612c228f5eb8f6ca4b5d894f0 |
| SHA1 | ac09ca54e3fa890a69383f355cfb1f1348c9cd48 |
| SHA256 | fbb6da60958331103bf4dabd9287b16538ef64855e607604af4aa2e5ff926f5a |
| SHA512 | a57b9f83ef110bd67546ee45ada8ef0607cb9d7ced913d35d73d81fb6702223840786c025953b2a126f3d7559e2648fbf250f792e3fcba80b010155c4a208d79 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 8364daf9e8b2b994abf6cd8b9adcaafd |
| SHA1 | d6ba16c7228300093299101fad6a0404b06aeca5 |
| SHA256 | 91a3b688bb202ac8a70badde92a86c8b83ad48163e379fee19a5ae2cbea9d406 |
| SHA512 | 36da2e55fd3db6b3abbd11a207190a3abcdd3c4304d6daeebff5b38fe671718ed377d122b8329cd0fc7aa44718ebeb9e4de9b5f2473ec06d57903a795135a12a |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | e752fba7e2823c261817f29a3430b6d5 |
| SHA1 | cbd43e57b13dc9578afe9c53bac992088fdb603f |
| SHA256 | 7686749e577895872f5c28463cf6ab71e479ca5a65ca4d5afb17805d7bc3e274 |
| SHA512 | 240054d7997f0ae824385e3941217753fb40afd250db899c833947cbf34b73e02502abf68f8db191c017d409bf16d877662809d7332ec9c7b7bfce9c4cda2493 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | b139ae4d8e8298d0dd7cca4b69544306 |
| SHA1 | 1804a28c4a0817a26002191f1adca4bc63c01b52 |
| SHA256 | 8241e1c3f492d9731f69f8359591f50ac18d513a87242875950c059d41e1c16d |
| SHA512 | 4ea5607724ce6b69b77fe1af3f05327b436a44a54a613ea09c267c2f3f63961fb2745643d548482c5b00d518c4564f8451f14a82251151d3453ac3c264912d21 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | d91f967b35c7585eb0c77666e29097e1 |
| SHA1 | 25ac3a50cb44f64b487a8f7da3518a9b5b6297e5 |
| SHA256 | bf55a9dd3862b2fdb674e2e44c6171320280c1773370065131f837146d573b1c |
| SHA512 | b0c9cefdbcee827ea91eef793739cf0f882b69bacc95eea68ecc41ac91f1997d3c488de9cbec7390e40ce5d421377a1494a36cfe98b06395cab9c71492372343 |
/data/user/0/com.netease.ic/files/umeng_it.cache
| MD5 | 712a91e4f6251d8978f4ffd4bda4c430 |
| SHA1 | f38b8dd658e1de2a798f526798121d410f7f6cd5 |
| SHA256 | bd285ee7c6d288c21d5535f03da922a88170f4584c05adbef2ad558c021cf1ac |
| SHA512 | 6ac89e438a4ec6ef0b400a42dab1132365fd175d805e288feebb5ad8f2732cc4ae673571ea2c761691e98f5b8f38f8ea8ac4d02b699840be92d294934426aedb |
/data/user/0/com.netease.ic/files/.umeng/exchangeIdentity.json
| MD5 | b5e6836e8d65c8cc28cf6dfda06259c0 |
| SHA1 | 18d70067cba8ed09e6a5eb2565b56ffde7d28a7d |
| SHA256 | 0e089e9662f12cffe3b6f7e350899ef6ca9cf9133d2008effd3075b18d2be187 |
| SHA512 | 25678045359995edc8b9191cc7d7b4b215a50985dda8f98d9d231e3abd1c98c914e1bf6f59cd4537bc1898cb1cbcbcfd1448782bd89ae6eb4e0f38a0077cc001 |
/data/user/0/com.netease.ic/files/exid.dat
| MD5 | 41bbc0164d1b3c2e2b523e15c5113558 |
| SHA1 | 9f3a78ba3d1d60319c31c670fdd876c43970b485 |
| SHA256 | eac351a9e2a5d08e17294ba4e4961fd38cb264a773efa95753a5dd2bcbb47313 |
| SHA512 | 830ba9e35bfb5f9622c5ba7800a0d101586aef2a90e2e8ea36a8098dbfcf60d97b6c861cc6449e831cb7eff461a63ca905e6dae96b02ddb1255e27675e6db59e |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 5b5a051843481049d5bd60eac7b59405 |
| SHA1 | c531788985fda7f431571ded7d85d76c834fe180 |
| SHA256 | 72737675c0c3343104b6512b6d4326a3624719a31ead8ee0ef04ec2e2503f0af |
| SHA512 | 1596096b78ac38671402a1a5662060557ed914755004c2e12732badba89ad72c4936c8674a43aa98a1775ee1c1c9baa8ea636fc61e45b3ece68df885e7374433 |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 4cac7d31fb94d5c9581893537f64c5ed |
| SHA1 | 96bef3288546196ac3058b5eeddbe9da1d999fe5 |
| SHA256 | d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5 |
| SHA512 | 0ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 8cf627fa33646e1f11b7fed0b401eec1 |
| SHA1 | 1393d4266e65e98e0d0f0af56c05d54a0b886173 |
| SHA256 | 6aba83b53faf1fc4f81066dd543920b580ba49be5b94949a32b8c8c28c06952f |
| SHA512 | 28ff6e86188747132623bb6d8fbb76f25861cb51df8f867e22424f9e38906177f1c942fa137cc0f51844cf52d9bebc78c73c205e56c0834b8eefdd492543973c |
/data/data/com.netease.ic/databases/cc/cc.db
| MD5 | 86752a4be6564d8370f2f0e403995003 |
| SHA1 | 29f7d50675f6e59f3b808eb6dcc8619384412115 |
| SHA256 | 50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c |
| SHA512 | 79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 44cc2b82f39c94fed8d278f81a44bd83 |
| SHA1 | 2c7f363ecda2c2d400fc38830c50f0b407c05d74 |
| SHA256 | aedb7318421b9fa1500f053a639e4e73de24db6fcab94d57781a9d87ae613381 |
| SHA512 | dc1e06f72d106be8d84c4a6ef70d6db934ccf0983ead9c05f96a48dd3651ad77b9de6d58e051b11fb347d5872ce97f68120bebd217a222da0b8f353ad88013c9 |
/data/data/com.netease.ic/databases/cc/cc.db-journal
| MD5 | 9a4e3b8adcf857cf6c75bfb55177f8ce |
| SHA1 | 1f7e595fa9928bcf005d9a5d6d9978ef7486ef3d |
| SHA256 | 8671240a7173aba5fb4f5e8c595f75945f53517d27fd766de04d0af35ad4301c |
| SHA512 | 0fe271f5f8dc62073b888d80022b5baee0616246b5289159ded079f21d0eea6554969b9982c0dc9e1566dd43c6b5add063e02a6184f2e4ef03f34d90187cf738 |
/data/data/com.netease.ic/databases/ua.db-journal
| MD5 | 617c2a369230c6d84b8e7a31f87eea66 |
| SHA1 | cbc936c1c7a80a9780c79adb056f276e90e2bb14 |
| SHA256 | a04afca7a6125e08491a7bbf741911c36d1c2f37420710efa43211df34516cc3 |
| SHA512 | 29cb244697104e55a11a95e443e6f6dd5f92b82de25a97b9fab8d0a0035f9648ff814523e94a0c1b611cd74f70f792ea7a13c9026f075c9656c7a5cfb7708e3c |
/data/data/com.netease.ic/databases/ua.db
| MD5 | 01ba2ce29dc181a278cac02d77102107 |
| SHA1 | d2308004953e43d503b407f4a7d2913b1cfab480 |
| SHA256 | 44e632bd42513fa9a827123bb089c18d747c91d9ca47b300272972146ff06efd |
| SHA512 | ecd4a1900714818bf8c9218453717c0dc31554c56b47cbe919da9cbcba9928e70caf8b39b47216048112287d3c9f6e88c1d25c385035aade3e5d465817f81081 |
/data/user/0/com.netease.ic/files/.imprint
| MD5 | daf500e0e8c07041e11476b9f259d738 |
| SHA1 | cdb2f9f316bb9789def3372c89854c33a784a375 |
| SHA256 | abc2c180333dbe62a6db801a5d65e31c0fa1a0795a874ff3eb6fd8c5bf143e83 |
| SHA512 | db75659c31076b9d02ca5a51cd66c8d49ca7368f93c8fce870540e5486147107de3be1bfa5b81e03415fe93ff0d8b6a2bca7cae52414c13044f801b0d8e9e8b7 |
/data/user/0/com.netease.ic/files/umeng_it.cache
| MD5 | ee78dd04b6c8eec552ab5908abc15953 |
| SHA1 | 24b3514080181aac8217bc4cff979104ab267a00 |
| SHA256 | fd83c5c92f04c50622de173b704373b3136e324f4ac03524ffc6fa37093f6f9a |
| SHA512 | aee9f9fc8ce6554450a5e104d3b090cbff7c2e806a615f1f8d5e90658a4b19c3496f9d163e2418d67d1ac93f5976b03ef44bc6b62ec0c5836d7b8fa69388762a |