Malware Analysis Report

2024-09-09 16:29

Sample ID 240608-qpclysch35
Target 喜闻.apk
SHA256 c09a691bbaaf0bcabce974f0471e538eb0789af56361f218b5d53b5f3f8f9cfb
Tags
discovery impact persistence collection credential_access evasion
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

c09a691bbaaf0bcabce974f0471e538eb0789af56361f218b5d53b5f3f8f9cfb

Threat Level: Shows suspicious behavior

The file 喜闻.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery impact persistence collection credential_access evasion

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Requests dangerous framework permissions

Queries information about active data network

Queries the mobile country code (MCC)

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-08 13:25

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES N/A N/A
Allows an application to read video files from external storage. android.permission.READ_MEDIA_VIDEO N/A N/A
Allows an application to read image or video files from external storage that a user has selected via the permission prompt photo picker. android.permission.READ_MEDIA_VISUAL_USER_SELECTED N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-08 13:25

Reported

2024-06-08 13:27

Platform

android-x86-arm-20240603-en

Max time kernel

58s

Max time network

89s

Command Line

plus.H5A5D9F54

Signatures

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

plus.H5A5D9F54

stat -c "%x" /data/data

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ac1.dcloud.net.cn udp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
US 1.1.1.1:53 vip.xiwen555.com udp
US 1.1.1.1:53 xiwen888.oss-cn-hangzhou.aliyuncs.com udp
CN 47.110.177.72:443 xiwen888.oss-cn-hangzhou.aliyuncs.com tcp
CN 47.110.177.72:443 xiwen888.oss-cn-hangzhou.aliyuncs.com tcp
US 1.1.1.1:53 s1.dcloud.net.cn udp
CN 118.89.133.90:443 s1.dcloud.net.cn tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
CN 124.221.14.222:443 s1.dcloud.net.cn tcp
US 1.1.1.1:53 ac2.dcloud.net.cn udp
CN 150.158.175.11:443 ac2.dcloud.net.cn tcp
CN 121.40.119.209:443 s1.dcloud.net.cn tcp
CN 42.192.51.127:443 ac2.dcloud.net.cn tcp
US 1.1.1.1:53 s2.dcloud.net.cn udp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
US 1.1.1.1:53 bac1.dcloud.net.cn udp
CN 122.51.57.179:443 bac1.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
US 1.1.1.1:53 er.dcloud.net.cn udp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
US 1.1.1.1:53 bs1.dcloud.net.cn udp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
GB 216.58.201.110:443 tcp
GB 142.250.187.194:443 tcp

Files

/data/data/plus.H5A5D9F54/files/.DC4278477faeb9.txt

MD5 3cd8376765dffa414d0feb54f8aa922b
SHA1 38c4c80fd54eb568702b759d76df541ea5dae6a7
SHA256 e5611705dcf3a31d2e65d21395e89ec2689acb0b4d826f74e8e37f8acfacd644
SHA512 b9d6f3ad5089b47fb543ce2540ae908b5186de54ca4056b1a30b54ff929734ff3af987fb33fb28c52c44f9d2625529a8c1d54898a42b7e81af8b014dcf574e08

/data/data/plus.H5A5D9F54/files/cnc3ejE6/eje3cnc

MD5 762298b93820a5cd8b6d8ec469078f7f
SHA1 d5b02a2ff3b235cd2b61ceff53a1d88b8984477d
SHA256 dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db
SHA512 70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/1.png

MD5 e63bedf16d1d083ee7fca223e1cf871b
SHA1 8afb3a0ed1dbe719eabea4614c463d78bf916f99
SHA256 ccbb22e16b2ec983cfd7de71ab2d9cf39e94492e8db7eb26084ed1b9172a5942
SHA512 cd234e9f8ab8e6c50b22f0cac0b685fbdc537d066363a12ab3e917093bb828c70d21d735c37183c8d735290f065db774392704f58bbf4c7edf551200a6f67985

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/2.png

MD5 f2c520e615e27acfab5fcecaa5e4bdcb
SHA1 4262c680389720523757a452c5fc1ec0a035469a
SHA256 e973f3b973bcd4759e9b3d2c312d6586ecd96a1f65928b1ebbbc220953bcdad8
SHA512 ee246e66ff0b595e5ddb8766e286baffc9c7862d7cbd30f3e7ae906f4e75f5bcaf1f137e4812be40f6619970666216ca9ba37aff60cb3507de13be4e18b07222

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/3.png

MD5 1cb0e8dc366b9a2d703fd9e0a366ad04
SHA1 b143d154bbee1493292ad878591da588f8629d7b
SHA256 fd4654f504114ca0dbb79dbd103fef54cf600c4e8987910b5c77ec750d492d9a
SHA512 eae987536b45c97e27bc7965c7c50c04aca572ddde80f77b93a982495faf9e55b661c0d393a7e357cfc006810daa41a56c44fc6b403e31d72179857f14036a05

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/4.png

MD5 92334f7acde52b32d9b620ef9c1dd501
SHA1 72b809c158a488cfcfdfb7fc8a86bce5a9659663
SHA256 37f5deefb7f9a39d8ec502c74cdce7fe233131364a9fbe57057a1659857f2db6
SHA512 5d670b77893f2dcd4953f51c817851a82650950c9fa9b21167476f1f01b4c69875ab024488b5220cf3fffc65ea77d87514ff7a1c1faa0005ad2bbcf34685fe7d

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/404.html

MD5 a8c0733e9ee848e3b93ba0f466eea14c
SHA1 221e026c471e29f8f5625fdafb712def71492f44
SHA256 7648a4c1e8a39ee0ff10dfdf622f7384faf098cdef524267c85f50c1debeb144
SHA512 028369cea228528b3e0e0e46ef46a4adb21b84f862c6efac0bcbb1abb27a32858dee4b5d50a5256e8a1128d58419f0d5c6d73b87f685d7267e46e5ff541ab161

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/888888.css

MD5 5be8c13007090305527f8a3fee0b71cb
SHA1 6d18b573da00b093f7dc54c1f1ebda7bec295363
SHA256 519a34a6633d43c96e3c399f504713f7f98999822dffb0934668618d67506a4e
SHA512 82ebf0c510d564064a6d495a3c10c9bcf2523adcbd8f1f912a1f685a0fda779a94142ab6ffda6f34a908b43609a989adc768f6c9ab809e80a96289cb46427fd3

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/androidPrivacy.json

MD5 c4231f4441889d09f18a702a5bf74486
SHA1 16ab2d07d170023ca2ee90d2881509a73ab1bc6b
SHA256 b2b108ed76f55dcbde7b0d549260020a3d0e64e66e1e9705867d2da806b9cfa1
SHA512 be316382b56aa19ff46c599b00366762fe2cea23ee7fb6637a1e1b646f44284569a24723f459d621934a398ed4b22be817c4d3d17d5e64009bd650a12c19b4ea

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/fwxy.html

MD5 9df24747499fc86a166b8ac7d726f4f9
SHA1 5259f61ad6ad989bc133ab4cb2c81de3798e4f5c
SHA256 ba89e8bfe58d62705aeda4ae83ba886882cc61329682d233a3586103c426172f
SHA512 b8b6e4c030c4cd192854e3d8d225cf94e4a5ad2b8ffc3dba8e16608d98839deb7c66c7009d3df612b9649ff9f3abccd1ef84f4acfccca96013139a4da85c7ff5

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/index.html

MD5 d8fa1ecc27700b5ae5a9c1798b541ce7
SHA1 f1ad05c41c57663b86df51aa2310a072275a7db6
SHA256 a1fa6e0201d29600272a2f0a33a72962a8466d9f29bb1efd09f47d5307fd724d
SHA512 0d185df51bcb61a1a4ac347ba686bf43815a438afff107e1f7000539e79dc8cd56486d46708546aaa2847628e963d15f617c8883dac5a3837d737880b556656c

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/logo.png

MD5 2fed2535c62e87ddeb0a163ade710515
SHA1 c98516ae634c6be92ea4b4ca6f04ab5d0fd1bc66
SHA256 435fb9944bc9190c2904584f21f88a3b052dd31a8ba05ba9e72ec1f98037dbe0
SHA512 b6cb42a26b1e6746ec72a4f3891c5661da5736338a001922c7006fdb1daa97dfbf9b5f52820b501d44a5ad041bf77e353ce5cf430d10fc59e265cfb9cd758b35

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/manifest.json

MD5 060582f4e3f6888e553813fabef9a9ca
SHA1 7b2f60274024fcf327d4c59cfdb1548977193913
SHA256 4fa32fc1b9b3661a4808314fa4c61dd5c7662343982b28479d6b4edf4f11e88d
SHA512 79ef77c9c7fd83fb7b8bc5f956d98d26cccfd1a25e8985031ab14b05c53e4d3efe3a27da86c1e89c9f0b1ab91c773012199159c047728ad4c36022a6ebb92b53

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/oss.jump.js

MD5 09d9519eff0a2ed5ee715a47e23601d2
SHA1 e565352259389a02cc1c7ddca7c4aa947bf49431
SHA256 09e8ef9c5c18e5bba46834b1d8c40322849d35e6a7ac4ef317143d2c6f1dd3c6
SHA512 1aa703680401dbb137ecefece97f83d3e7f0b6111b6a27e2a44af22bd26a282137c44fdcc4a1f39658789187c7d9290bc39172d40f21c0fd96dc92df20f002df

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/xl888.js

MD5 6b22964681b36a8643fc16d830969dcf
SHA1 e30137065ca10c7f75a4a79247b2ed5de1016c5d
SHA256 db1d328b7385991f59827a42f6b84b75a716c3d6312aaeac3f8ffca7d05e1b0c
SHA512 a01750d763bc017e9638bfcebfff552196ae098243cdc31e7f8e9f68cc16bb024581744a0b4eef3551092f17beb5bdc82f7c0ac0ff04d2d24c1a38d2acee9fef

/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/yszc.html

MD5 040e2b859e148215e4b4258ca769e0b1
SHA1 d5a740b75be38e643208aa03b5cb464dd7b89dd1
SHA256 d96a1e3d03011ecfca0c3bdbdc4844e68c764c7015269dc3960afc5343fb1ea9
SHA512 6af1f928025a71fe3313a156efee5f9af5ae5b0f4de471546a406fb8bc6954f814cd4b26819923376cf0a9481f72f48154d22be146dbee2a97cbb1c72c0af152

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-08 13:25

Reported

2024-06-08 13:29

Platform

android-x64-arm64-20240603-en

Max time kernel

179s

Max time network

183s

Command Line

plus.H5A5D9F54

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/plus.H5A5D9F54/[email protected] N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

plus.H5A5D9F54

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.234:443 tcp
GB 142.250.187.234:443 tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 sdk.api.oaid.wocloud.cn udp
US 1.1.1.1:53 ac1.dcloud.net.cn udp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
US 1.1.1.1:53 vip.xiwen555.com udp
US 1.1.1.1:53 xiwen888.oss-cn-hangzhou.aliyuncs.com udp
CN 47.110.177.72:443 xiwen888.oss-cn-hangzhou.aliyuncs.com tcp
CN 47.110.177.72:443 xiwen888.oss-cn-hangzhou.aliyuncs.com tcp
US 1.1.1.1:53 s1.dcloud.net.cn udp
CN 124.221.14.222:443 s1.dcloud.net.cn tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
CN 118.89.133.90:443 s1.dcloud.net.cn tcp
US 1.1.1.1:53 ac2.dcloud.net.cn udp
CN 49.234.20.60:443 ac2.dcloud.net.cn tcp
CN 121.40.119.209:443 s1.dcloud.net.cn tcp
CN 150.158.175.11:443 ac2.dcloud.net.cn tcp
US 1.1.1.1:53 s2.dcloud.net.cn udp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
US 1.1.1.1:53 bac1.dcloud.net.cn udp
CN 122.51.57.179:443 bac1.dcloud.net.cn tcp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
US 1.1.1.1:53 er.dcloud.net.cn udp
CN 43.142.62.113:443 er.dcloud.net.cn tcp
US 1.1.1.1:53 bs1.dcloud.net.cn udp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp
CN 43.142.131.213:443 er.dcloud.net.cn tcp
CN 118.89.168.191:443 er.dcloud.net.cn tcp
CN 43.142.57.168:443 er.dcloud.net.cn tcp
CN 122.51.117.144:443 ac1.dcloud.net.cn tcp
CN 123.207.204.152:443 ac1.dcloud.net.cn tcp
CN 49.234.20.60:443 s2.dcloud.net.cn tcp
CN 150.158.175.11:443 s2.dcloud.net.cn tcp
CN 42.192.51.127:443 s2.dcloud.net.cn tcp
CN 122.51.57.179:443 bs1.dcloud.net.cn tcp
US 1.1.1.1:53 xiwen666.oss-cn-beijing.aliyuncs.com udp
CN 59.110.190.27:443 xiwen666.oss-cn-beijing.aliyuncs.com tcp
CN 59.110.190.27:443 xiwen666.oss-cn-beijing.aliyuncs.com tcp

Files

/data/user/0/plus.H5A5D9F54/.00000000000/39285EFA.dex

MD5 75a8168e7080b90fc2956592c268371f
SHA1 3702da56d31f381525473364f031dc884e37076d
SHA256 0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701
SHA512 33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

/data/user/0/plus.H5A5D9F54/.00000000000/39285EFA.dex

MD5 02f69eb4fe05ebc6c9f736d83e5f7e26
SHA1 777d75e14a73f5721fc4ae34f49a9a4b82311373
SHA256 13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042
SHA512 7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

/data/user/0/plus.H5A5D9F54/files/.DC4278477faeb9.txt

MD5 3606a2d05bc6a52709482c184162a48b
SHA1 ee68e1c8dc22af6e430f7a97ba4e532e230d4cba
SHA256 896a5f94fae94e737e4c16dc1ae42ff9c6831808bf151ed4a12a2e8ce459a436
SHA512 40a5a3e171a15e46f28fece398140d3477610c6cd5c6fa5d9b36eaef4ab190f08abc9789dcc86831f9f3729d98b8b8eec510015f8b6e91d06d03679d37acc400

/data/user/0/plus.H5A5D9F54/files/cnc3ejE6/eje3cnc

MD5 762298b93820a5cd8b6d8ec469078f7f
SHA1 d5b02a2ff3b235cd2b61ceff53a1d88b8984477d
SHA256 dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db
SHA512 70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/1.png

MD5 e63bedf16d1d083ee7fca223e1cf871b
SHA1 8afb3a0ed1dbe719eabea4614c463d78bf916f99
SHA256 ccbb22e16b2ec983cfd7de71ab2d9cf39e94492e8db7eb26084ed1b9172a5942
SHA512 cd234e9f8ab8e6c50b22f0cac0b685fbdc537d066363a12ab3e917093bb828c70d21d735c37183c8d735290f065db774392704f58bbf4c7edf551200a6f67985

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/2.png

MD5 f2c520e615e27acfab5fcecaa5e4bdcb
SHA1 4262c680389720523757a452c5fc1ec0a035469a
SHA256 e973f3b973bcd4759e9b3d2c312d6586ecd96a1f65928b1ebbbc220953bcdad8
SHA512 ee246e66ff0b595e5ddb8766e286baffc9c7862d7cbd30f3e7ae906f4e75f5bcaf1f137e4812be40f6619970666216ca9ba37aff60cb3507de13be4e18b07222

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/3.png

MD5 1cb0e8dc366b9a2d703fd9e0a366ad04
SHA1 b143d154bbee1493292ad878591da588f8629d7b
SHA256 fd4654f504114ca0dbb79dbd103fef54cf600c4e8987910b5c77ec750d492d9a
SHA512 eae987536b45c97e27bc7965c7c50c04aca572ddde80f77b93a982495faf9e55b661c0d393a7e357cfc006810daa41a56c44fc6b403e31d72179857f14036a05

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/4.png

MD5 92334f7acde52b32d9b620ef9c1dd501
SHA1 72b809c158a488cfcfdfb7fc8a86bce5a9659663
SHA256 37f5deefb7f9a39d8ec502c74cdce7fe233131364a9fbe57057a1659857f2db6
SHA512 5d670b77893f2dcd4953f51c817851a82650950c9fa9b21167476f1f01b4c69875ab024488b5220cf3fffc65ea77d87514ff7a1c1faa0005ad2bbcf34685fe7d

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/404.html

MD5 a8c0733e9ee848e3b93ba0f466eea14c
SHA1 221e026c471e29f8f5625fdafb712def71492f44
SHA256 7648a4c1e8a39ee0ff10dfdf622f7384faf098cdef524267c85f50c1debeb144
SHA512 028369cea228528b3e0e0e46ef46a4adb21b84f862c6efac0bcbb1abb27a32858dee4b5d50a5256e8a1128d58419f0d5c6d73b87f685d7267e46e5ff541ab161

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/888888.css

MD5 5be8c13007090305527f8a3fee0b71cb
SHA1 6d18b573da00b093f7dc54c1f1ebda7bec295363
SHA256 519a34a6633d43c96e3c399f504713f7f98999822dffb0934668618d67506a4e
SHA512 82ebf0c510d564064a6d495a3c10c9bcf2523adcbd8f1f912a1f685a0fda779a94142ab6ffda6f34a908b43609a989adc768f6c9ab809e80a96289cb46427fd3

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/androidPrivacy.json

MD5 c4231f4441889d09f18a702a5bf74486
SHA1 16ab2d07d170023ca2ee90d2881509a73ab1bc6b
SHA256 b2b108ed76f55dcbde7b0d549260020a3d0e64e66e1e9705867d2da806b9cfa1
SHA512 be316382b56aa19ff46c599b00366762fe2cea23ee7fb6637a1e1b646f44284569a24723f459d621934a398ed4b22be817c4d3d17d5e64009bd650a12c19b4ea

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/fwxy.html

MD5 9df24747499fc86a166b8ac7d726f4f9
SHA1 5259f61ad6ad989bc133ab4cb2c81de3798e4f5c
SHA256 ba89e8bfe58d62705aeda4ae83ba886882cc61329682d233a3586103c426172f
SHA512 b8b6e4c030c4cd192854e3d8d225cf94e4a5ad2b8ffc3dba8e16608d98839deb7c66c7009d3df612b9649ff9f3abccd1ef84f4acfccca96013139a4da85c7ff5

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/index.html

MD5 d8fa1ecc27700b5ae5a9c1798b541ce7
SHA1 f1ad05c41c57663b86df51aa2310a072275a7db6
SHA256 a1fa6e0201d29600272a2f0a33a72962a8466d9f29bb1efd09f47d5307fd724d
SHA512 0d185df51bcb61a1a4ac347ba686bf43815a438afff107e1f7000539e79dc8cd56486d46708546aaa2847628e963d15f617c8883dac5a3837d737880b556656c

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/logo.png

MD5 2fed2535c62e87ddeb0a163ade710515
SHA1 c98516ae634c6be92ea4b4ca6f04ab5d0fd1bc66
SHA256 435fb9944bc9190c2904584f21f88a3b052dd31a8ba05ba9e72ec1f98037dbe0
SHA512 b6cb42a26b1e6746ec72a4f3891c5661da5736338a001922c7006fdb1daa97dfbf9b5f52820b501d44a5ad041bf77e353ce5cf430d10fc59e265cfb9cd758b35

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/manifest.json

MD5 060582f4e3f6888e553813fabef9a9ca
SHA1 7b2f60274024fcf327d4c59cfdb1548977193913
SHA256 4fa32fc1b9b3661a4808314fa4c61dd5c7662343982b28479d6b4edf4f11e88d
SHA512 79ef77c9c7fd83fb7b8bc5f956d98d26cccfd1a25e8985031ab14b05c53e4d3efe3a27da86c1e89c9f0b1ab91c773012199159c047728ad4c36022a6ebb92b53

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/oss.jump.js

MD5 09d9519eff0a2ed5ee715a47e23601d2
SHA1 e565352259389a02cc1c7ddca7c4aa947bf49431
SHA256 09e8ef9c5c18e5bba46834b1d8c40322849d35e6a7ac4ef317143d2c6f1dd3c6
SHA512 1aa703680401dbb137ecefece97f83d3e7f0b6111b6a27e2a44af22bd26a282137c44fdcc4a1f39658789187c7d9290bc39172d40f21c0fd96dc92df20f002df

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/xl888.js

MD5 6b22964681b36a8643fc16d830969dcf
SHA1 e30137065ca10c7f75a4a79247b2ed5de1016c5d
SHA256 db1d328b7385991f59827a42f6b84b75a716c3d6312aaeac3f8ffca7d05e1b0c
SHA512 a01750d763bc017e9638bfcebfff552196ae098243cdc31e7f8e9f68cc16bb024581744a0b4eef3551092f17beb5bdc82f7c0ac0ff04d2d24c1a38d2acee9fef

/data/user/0/plus.H5A5D9F54/files/apps/H5A5D9F54/www/yszc.html

MD5 040e2b859e148215e4b4258ca769e0b1
SHA1 d5a740b75be38e643208aa03b5cb464dd7b89dd1
SHA256 d96a1e3d03011ecfca0c3bdbdc4844e68c764c7015269dc3960afc5343fb1ea9
SHA512 6af1f928025a71fe3313a156efee5f9af5ae5b0f4de471546a406fb8bc6954f814cd4b26819923376cf0a9481f72f48154d22be146dbee2a97cbb1c72c0af152