Analysis Overview
SHA256
36115cf9ad195a3624b382421b888c05ea7cf0930adc46b19f354f8b8146ffe5
Threat Level: Likely malicious
The file 9adf4d4c019954b1ccced98c8c5b8d7a_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Reads information about phone network operator.
Queries information about active data network
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Queries information about the current Wi-Fi connection
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-10 13:48
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 13:48
Reported
2024-06-10 13:51
Platform
android-x86-arm-20240603-en
Max time kernel
178s
Max time network
185s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | b.appjiagu.com | N/A | N/A |
| N/A | alog.umeng.com | N/A | N/A |
| N/A | s.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=46 --oat-fd=47 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.xgbuy.xg:pushcore
sh -c ps
ps
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.sobot.com | udp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 1.92.77.21:19000 | s.jpush.cn | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| SG | 47.246.109.108:80 | alog.umeng.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 1.92.77.21:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 119.3.253.130:19000 | sis.jpush.io | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 119.3.253.130:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| GB | 216.58.213.2:443 | tcp | |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 116.205.165.66:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | aa01dd97609092ce310e17bf791069ce |
| SHA1 | f000840a8f68ea7beb2e29ea466088daf55609db |
| SHA256 | e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2 |
| SHA512 | 766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 64c6ecf9ad2618447604468b5818d7e4 |
| SHA1 | ffcc10199c4bc4c07c8fcce8fcf5b06c7ac235d8 |
| SHA256 | 5a5f2611cac7a618bbe568a9cf319d5c7d39b6e59d105c05c7b76e6adae87d9a |
| SHA512 | 437f42b2f28d87e92f9c2ff3a75c6358fe28b599fd1601cf206b7d01046a2aa7a11cfee03d8fc0919d427183574f74bf2b8c6b17093cd8ad19d141de395c5068 |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 51bdf60bc56301b14cc8771141257b1e |
| SHA1 | 33cd9d12adde0345a80d9fb40c74f6e6b2f2e327 |
| SHA256 | bc88cead2b4c929767ace9af602c0390b7f7551ac863e57e2cb097f64a17fab8 |
| SHA512 | 38a8874a0db440be9c0c6439d846b39ec31de562713f8199bbd435cfd1a7ec837a55dcefe76bff08cf5e6db1ce04340e155f09063b0a11355467046bc8f6f838 |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | db2029e66f93faaa3018c344ddcc99b0 |
| SHA1 | 3ba6574832ee32ecaf977f3395098b5acc6840f6 |
| SHA256 | dce1f5a1bd8d52abe797a05cca2005a4481599015e635fc6c8176e56af91a6d9 |
| SHA512 | 47ed031bb893a5df5fc2520abe707afede1e2701941b1d8afeb2e225b92919d14cfada1b5100dbcd71dea0e64e2a56e77f3160d501b563537fcf32225c415eea |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | c4b84653e2425d79e3056c6680789ef6 |
| SHA1 | fa9e8c09531a193da7181d849ca642c744f5de03 |
| SHA256 | b373569b990b874085e62dc8a2136902204c9e5c9143a5737e6a0d47ef29ff18 |
| SHA512 | a7764c7856588a1e3e3bb262aae1c16fea6dcdaa56ae3c3cd76574bd2b32f1d48d33fe40111ede483374ae690f44617238862e8854945595223da39c18446cd6 |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 6e1eadfb30d739708fb69b7f5b7c7edb |
| SHA1 | 458664b634a1d91c0544c37d42a271fdf19551ff |
| SHA256 | 6bfb58f93b63c662c972eed747a4caaae0ab8933c5967b1c7328c9ece1786ef7 |
| SHA512 | 4d3a9d37342f5023f85ffa6646e11f2063e0204ce27e830d6ba54df971487999afcc3d34fd9a0540b1b05cb353cf62e6eda1f5c3250ca385f8a31829230d6daf |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | f18f788c31dd8d5997b707f882a063c2 |
| SHA1 | 4e355b1c91d0693f7a016169dfbebb2dc648a405 |
| SHA256 | 8428f5f52fbd6fa489788ea882b3928bef3b959425ba4cb038a9686150fdb993 |
| SHA512 | 9d386cb24df0b67bae969061b1b11c0146f2e0cf5b60fdb5e286fb46d92841cf5a39d8dbd27b9426cc4197ef8c9bea583fe16a6296d83aee13381af8bf44e983 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 89a42f93994cd79a17a33be64058c4b6 |
| SHA1 | 77b879088048c7214c652fac36a440859149e5b0 |
| SHA256 | 384381dfd98ea1b560c7ff6dcf6fdbe19b6b1137f39e46f1d4c3bd8f2b430feb |
| SHA512 | e350efa21bb39577b251c2b9a1a109244bc64b76ebb413f32feafb53ada6e66db52ff57066b8491853953fbaa41c004dfe65f72c0e0a65b3482a9fcdd5e8aefb |
/storage/emulated/0/360/.iddata
| MD5 | bfeaeb9c0ba3840366be76f51bd079bf |
| SHA1 | 064abc709bcdc168164d0df508a1da8cb2ad880d |
| SHA256 | 5cfd9e7da611e83f17fb91fe0286eecb7acba0d9c6c6d1b97decd7fc3a72044f |
| SHA512 | b615ac13ba7ef97b2e0181189834968bd05b48d3d1f498e8dc598e8a5df0d23a64ff4b89b927701a0a8458812a06a99c6e0432141a412151e24f420552732385 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240610_log.txt
| MD5 | 10413b382b83cf01bf9ae7318cf5dadf |
| SHA1 | 6475712565fbd2da2d84663c6794755210341ead |
| SHA256 | cd51b1efb228bb7da63987d467477904b196b0e3786e63b928ce2c0b6fd40d6b |
| SHA512 | 4a451604f2c3f57fc2a95aa783e19f547705c215ba729cdd6c4cb62e2da139ed350b769f7fe3b8761974715a0dc073215c15ba0409a74644a2e116ee885c2a82 |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 1a88c5d946dd2c9c0a56373332644978 |
| SHA1 | c8a9dd82c9455ff23e6f1806603430f651145eab |
| SHA256 | eb3475f6ff647a4bf89663d94eb23b71f032fcfad47c65ccc84a9408b73a1eda |
| SHA512 | 5aae298c793d043693f861c07572d07933b4725afc41ef9f6cb6c6b854b3c9355cf213b9000d7554b6f581f5475dcd4081a93e5a759cfd035f836ec130a9bef9 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | bed6afb885d7081c2ce170cb664ea410 |
| SHA1 | 1d2d58d25cc898ae37e81114a2beaa6cba3699e3 |
| SHA256 | a06a879675cbb1bed9f808f849952515e390078659208bbd52981f691fde203a |
| SHA512 | 131b05bef54522af1c58786a5f3c16e66cfdcc385d9dec9f44ad518ddaee20a3176fea10ecb68ed9911b7b722e823cedb8a4db94911fda84faf9d82dd7fb5a62 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 31756e14284ea21026153a86d03975c5 |
| SHA1 | 44f306a1fdc102cb3dcce2a49b8906d5ad171667 |
| SHA256 | 82e259aef3b8300497f301039c79ae5bb4d745723d84a8e5439e6b45d725b3c9 |
| SHA512 | 8b239af5c4fba91cbf466b6c0eb7310c554d5635780f2cc8de6df659f812016b2d302673fd05525678d2708a1510e972e612ca51a1b7189f81b70471a5a5874e |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 2ae9a56aeb2e2a5d1ffdc6150f8227fa |
| SHA1 | bf791523938264c0e1fc5e7bf3f9ab37cb93c695 |
| SHA256 | 3c2f9bf8574b615e047f5780e269ffdb148b97d242487ab233c46074b4ad1666 |
| SHA512 | dd39f50c0c1f6d49aa00904c19e34210aa20a0e4beb35d12b9012715464dd86d34b6bf56c2f1934fb0d99ff8ce87911789ea669906fdfb4f9228e70bcec7d426 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 31f562de2287ee6244a773cd66a00a29 |
| SHA1 | 0d3bb6dde428ef08c599f54ed146c9774dc3ea47 |
| SHA256 | c2cd144c27ac741e04e2e70e672c9e758fdbd9d63d7ba55efc2d184b5bc37a01 |
| SHA512 | c1fdb8fcb80c99441ee8dfe237511c9c5cb35bef18c4e3421d27b0285256b09fdf41a205fd04698f801cd787c7ee3aece617aa86d0827db7169de10f6b517a6d |
/storage/emulated/0/data/.push_deviceid
| MD5 | 51a6e6aea7eb1084be69b667910f2d1c |
| SHA1 | 7185a4dd86c912476e398ea7c2b4dd53c2321af3 |
| SHA256 | b05423d1074deb3e4379e047757ade60678d47913f168e3ed8f4a9c56548c0d3 |
| SHA512 | dd6d77c41efa757de104eb961b1a8330b60d40253107a0b2733551e8d7e1373d3f73ec7eeef4a390baeb54fadc23f2a627141841860b2680b23043c7054e3b69 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | bb63497e3aa8a441d10d16570b4b7a61 |
| SHA1 | ce69ee0d94332b871eb02f78a6858d1a62ee5a53 |
| SHA256 | 91c41826e69fc61295dcabdbbcb3b2c64621034ffab03f3eac5c90258a266ab2 |
| SHA512 | 33c3c081b0c747d226768bcd696102e5c42c6270ec38b9a62a7d4d9c1b7d5446950f2b5c8b80975cc8b1c8fd22072c31fc9c393af5dd849588f7ed7eea3c44a2 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/55af5d11eb82e27ef22ab82a376bf21b83ba87d781d0b8e1956cc4f18c5812b9.0.tmp
| MD5 | 3ccf674803e2bcca74d940a369b98a1f |
| SHA1 | b82beb53b74476af3563d05f4b49b4628611c19f |
| SHA256 | 897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274 |
| SHA512 | b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f |
/data/data/com.xgbuy.xg/databases/cc/cc.db-journal
| MD5 | c90c10351833638f24878898d8770bab |
| SHA1 | 15e88251843c3577ce2414bd24f12c219601981b |
| SHA256 | b85f78cca244edaf59603355a2e90d544752208795bfc69900c87463f6e4030a |
| SHA512 | ce01cf8ea4bc0976798512a6add3388316d2ea871eca3b14f40186b05bcb5aa1c4c2a8805fbf9f5001fd0d85725dbae3c0db09f7ac96794656c1fae65ee373d0 |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | 3ba40b1d45141b7628bd71ef346c585e |
| SHA1 | 7d67c41e304346a1ba9fb4fd73ce5fdd99cce7a3 |
| SHA256 | c48225534d1892d055f26265318724b18e78513009b2304a4cbde7db564e2d0f |
| SHA512 | 42a0c2160bd2e7177aa4dffe8174237a50446107da188abffbdf570a099ef87ec5838f6c9f93ac5d862ccf67edde1b4e3ab46173cce37ba43404510cc59d60e5 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 50805140f34bb14d3e0d1e875e47d820 |
| SHA1 | b8199d7ed5c9202a4c06d6c45be5fad859d27754 |
| SHA256 | 0584b97681d97a1d4ae2514e86d474805cd9f25c7957eb0a2f51aa2d290b753d |
| SHA512 | ac584c576c498ed68104fe9d569a14dcdafdf4012bfefbd695f58be69e5b7e55cde867760862fb7b1ccd0676d40b5f3fd6223149e863916b3f28479d07873c0b |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 12ed57e5a1f5f8668e4f5017cabcd93e |
| SHA1 | 45e6605f1d06583afaa0481fa540f0d7c9c181af |
| SHA256 | 548bb8ec4f8a2f21e0cb2d9f4d7b08a077e72bed6a63f40b54a8e00d16d728e0 |
| SHA512 | 5b1a39b738fbeefb87de2848be549a99660acb7411271356ec6f94afa5712a776888aee75e7498dceb9c03917a322a29d0b97d36360a3167430f8e6c830df550 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | c9f0a8c59f9f858082aa234c3cd8c8d1 |
| SHA1 | 6633659506a2819af81a5125c0300b560c293c03 |
| SHA256 | 536be8eb40c970b02054a19148d0e8e1d152567ff0ba84e973934dcb9e9c93c2 |
| SHA512 | 638fadb14c62be0b901a6e472d995585bfc554b60598301248cd2211065b206370aa7b6e8907de1962fc7d01bca681a0535ce3ddd94094ac74e3d0bb5ed82033 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 2a65406a59ea1764a846d7b8330ff800 |
| SHA1 | acbd590aae848f6518c93861e0beabaf49bec938 |
| SHA256 | 7afd5749775d1e33bda7e54dd21205285858f8bdf5b09f651e665ef8381e41ae |
| SHA512 | 917a7657cd201356f348d46201d36d8cf9ac287229808a038a13585419871c45c63d4098b9ad5a23a2b915128f1386a61292d34e49bbee05a1f46b8be99b3874 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 4e18de9a75d9ade0a26b7f7e6fb1ff42 |
| SHA1 | 0f030e14a728d62ccc1887f8312e785344e2eac5 |
| SHA256 | 500ae809684529657a34671239ba4af0f0f6d6d7b37d20dd20d53a9bd404b9db |
| SHA512 | 753d00b9575b47ff502cd8ac58414ff5a6eb0b7d13468442783038a94443628efc1260ea8a0e6e9926bac2216ae09d683d40c8056f368d3faea28edf388ab322 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | f53d35e42461c0ebb4c53f240a79afa4 |
| SHA1 | e4849a3baa95e159c0e4a19f4d6f1098fe59d520 |
| SHA256 | e0cd26e9bcaec0e010c103f5e51be6b7ff059db453c5e0a477ef6093ad41a2ca |
| SHA512 | 7b3f83383591e1dac002fa34628491e0da67bb90cd6c1fd44e7700241110a02c11ac052a1372c0de446375934be4c3dc630f36288b6d84ce70a21d8c5ec30961 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 3c389238dea70d807224fbb650f00583 |
| SHA1 | 515a6fc2128c71afaa3ade053ef32accbad93acf |
| SHA256 | b4db1dfad67f084b7da1cbc921a39677255ed23603a61b2e441c780a3c73f38a |
| SHA512 | c554a636cbd5bf55511a0483f83657320e935fd1ff93f2646ca0898fbf0c324cc352fa30c71c4413a745d1180ee0d1728aa0be0d10a5e5365a87864529ad3df6 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | e70d1d261531db3535a9cc1e2caed1fd |
| SHA1 | 598b279cb1d5213a2e47c519293596827360c190 |
| SHA256 | b6818fa8f0d426e8928998c09b675d4565e68184c027cc6f4da08135f0bfb29c |
| SHA512 | 25a482e460ce1ff9a5cccd14e5ab339e4b8212e54e8793254a296ac87d9d11d006435307e507d1e5bcf43ade0c06d92472ee5c35967397c6d8c5e07cb09b558a |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | da1ed245bce96833d8948fb2f6123909 |
| SHA1 | 3e9b567e930188dc820335b22985c21486bc1c75 |
| SHA256 | 0f4097b1f793a8505f3fb725b3b7167f2acd4d3abe2cc863ccd7f824cf81144c |
| SHA512 | e1c341635ee119427c4070f4c11198f12276ee1d8a7527450b95ec0a4738bd1a7204aa791f5ff0d7eeff33485ced9a6b29e34c228cbe1c46bc52cddd1c8039a2 |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | 891dfbfbfed3b5658a5b37f9efcbceb9 |
| SHA1 | c9c71d02b3ce6079221ab0edd53dcfd08bc25680 |
| SHA256 | 09b6b4f9ce0a7e7f38969980f1b4b31e34317889df0d4efe27232421233e5082 |
| SHA512 | 645fadf853830872ae8daad4f8f68f1cf5ba6fd0df21b9f01e62e580979e3030bb472d9323a47fab978cba587863f295cd053bc853bb8e3d3c796a32ed69bda1 |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | 953db69dca6a21514b59eb6902be4ed7 |
| SHA1 | 5c8e372f3103b3361c25c18be35529568bd1af1d |
| SHA256 | 66f38479828d5b317db5221365f07d8ad5f410295fedabe76e87b45b012ceca2 |
| SHA512 | 555d82b169f6bc89848a25355e84b1537ebb2fa1155b0d406292e3ed449a94f67602201c1ff1802b2a4b201bcc404c60d42a14144f6ff4a1aa1755c51fc9e62a |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 6131bdb48b5340d0d68d4d8d8a7e508c |
| SHA1 | 7d42d1003a6ba5d3a8bc41d04770d60a0f69bfca |
| SHA256 | 30f8741481ccac7f4d1d29b055842a121ab9a3aae180d8449329b591162cb101 |
| SHA512 | 8a05a069e3e3120b0cad16081e3bdbf3431aa0817d2e6a205996e7bf223233e07a9f8b8986c9f2dc4f3a20e69114917599cbc6582174790368d3f82d937fdf7d |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | 51bb223dcf7cdfcdf7a785f0beab5487 |
| SHA1 | 8d2f65a1261864d0dcb7f447499f37e8feb0026a |
| SHA256 | 6e461d3a64b7520a886076d72cef11923c31df0634b4e469b1ef0f99f5a1afaa |
| SHA512 | 77522990a02f709f2830e655eee89def3d97c004d84ad029c52f3e19f52b3d9234bfd128b0a7bd9427388344261900d776ed1b12d2938116df26978570074619 |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | ee679a5cc3a4f8c2916829db6447fc6a |
| SHA1 | b6675a196ae3036c11502652d96de6eba921fbb7 |
| SHA256 | b402c42b09915193241357871716f6c200d05f88972e573ed984ca51d35f60c6 |
| SHA512 | f84ce3c5da360329e4842eb710f784ca57682ba05675ca01f890d8105fe827354fc4f6c55e48ef5f77cfbf54b1b27432cd121be8ea9466ae243fbf92b9985d61 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 8a8d5bc1fd2ce7fab6e318fdad39a3e7 |
| SHA1 | 02dd8a386d05d7ac719ba4dead14654e0a149868 |
| SHA256 | 26f4f83cac9141243b2d3817ba0953a91e24dd88d3ba3cfd8ff76c8da5c7c57b |
| SHA512 | 8f5df087165439027d134ff8a34026676d93aba08eb109522df6795a2cb27490b8e0235e67eaa88b564bd486729577b32ab43f5356e78f527446a26b2ebf5c6c |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 64192f6e34faea014860687b06cf52f6 |
| SHA1 | 17d68c8adf27fe6bcfa6358328f805ec763de58f |
| SHA256 | 03717a6d602106d374b31292b88da77e3080468cffd3eae556f4d5a0cf7b6242 |
| SHA512 | 525a94c9709453b06540d9efd866f2b06239f0d32ec64a2dbfc87d4d7d079f53abc5ee188616c916046317b85928b5962c8a5d7ab3ab7fe6fd58ab4cb5550c1d |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 4f8b8cd65d2a5ed710c4fd5be3d52d6c |
| SHA1 | 8e1a89d20b1b4c57e98f08eac20c662b899dc67c |
| SHA256 | 5a0563544b4dd6f0abeaccc23a5a30839dc392118c748f7837cf63634faba5c3 |
| SHA512 | 5782d530cb11847c3f5b2a70e2edbf2eae8e32390d85112d737f2fcb39cb2739833735701854d5d9cad1a857e1ce3ff6d91b52f41d20c53248a76454ace91479 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | ad2f1476fc2e94fbda7d05fbc2967acd |
| SHA1 | 55281a947446b073ef6f00c46d382faeed6e4ca5 |
| SHA256 | dfa9d3689e8f35bc17fba4744d077332fa0ce05e846acf1283e3b8c9f36f969e |
| SHA512 | ad3ef80dd04f2a0a436531b8957fd1817295505c1f6110707c9edf4adb054b37d36b44d1da66a3bf834d32dd37fb58416f269af99f3912f83972743ac526e154 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest10351366452344722845741932913213295005-journal
| MD5 | a937bd82068e2d4b0c687c9d1a84cc47 |
| SHA1 | f3fa0953c63818a8d2033d4b08639178ee560886 |
| SHA256 | aa03780d3d9abd01d7da080b5517e5c2faa82104ee4a15ea2476992cb950d612 |
| SHA512 | 18d0db527f1ea8869fd004a7941eae41213dcafd66ea92fa50ed4c8dfbf7927d65e4f0278cc3c38833b9aafacbb4dea3ed8e24b024959a6412b2496fd01daa75 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest10351366452344722845741932913213295005-wal
| MD5 | 81452adc57a47670d69b9c384dfa392f |
| SHA1 | 15c484fa3273bbb62f8f4985d18cc0936b9129be |
| SHA256 | 9d3c96953050792952781d32a7d8461c23c38f5aa412ebc4bdf199191eb998fa |
| SHA512 | 4d8701428c77a08e70a38f7cc6ee6580b8a3ac46aa3ad87c2a1b8ecee113cb8aed8924c6754f3b7b0dc822c42c55014b182401e8988819747f4cfd9835d98d00 |
/data/data/com.xgbuy.xg/files/.imprint
| MD5 | 9212b417f1c592354975df593e74a8c2 |
| SHA1 | 992572dc1e8d3a0c70d7491f42c94ad2ca0a2d4e |
| SHA256 | c5da1f065c5c423745721430e0f9e49c50c80d522348c6a1111499ed38fad271 |
| SHA512 | 4a356c191020160dc23aa7a607c9763d848d373139bed6269f46607eb9fbfcc324d6bc55a86fe87c0559cf0cc9702ebef489d4854adf7df5ffae95ad4d8834f0 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 7d7d44ffd28d1c37beab8e02f6ae84c9 |
| SHA1 | b4c25d95efd6bd34a44bd4ec1a38fa3e416ea219 |
| SHA256 | ac2fff2c501f3e9c79f3b9af063a52876b043f5daabf0eced6e4e08acabf5e50 |
| SHA512 | 3bd6ccc024bc8f1430142363a061034833b0eda7c830fac34d6352cfdf93aa4dc14d5b46d00bff1759f6786c716d808ac7554ec3b3eac46fe112c14c53f7f827 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 8ba4905b773380ce450da6768789de62 |
| SHA1 | 9a9e2d108cfec2699c173adf6a2d5be83b2303e7 |
| SHA256 | 84a6b44db6c1624e567c350782ab2e291f10fd4ab19d261e6b87f1d0068395c7 |
| SHA512 | db86a16f2ab967b9b102d1c28ceeff3ec450bf2258c5c47e1718bea25b84fdf6bd07d8f9e5987ff43a9fdd75d290ac85ecd46b2f217848f51244e1721b476234 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | ba4391d39fc01b24c32a2981d28aaa5c |
| SHA1 | 9c93c84d56f558b44a545b1f39a2947c5ac9c6bb |
| SHA256 | 1bcd74df3a69a1bad3771751cf23180984cc0eceb24d191968316188f7e7fab6 |
| SHA512 | db6cd4785e04c89375e9e9276653fdc5869c0fb3b168e4739de0c273eff74232a2d3c85c56f1a72f8755581e7a116970b35265d864844ccfc312d0ecf4f62e3d |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 7010cc85a491edd9abcace755a052ccd |
| SHA1 | 077703cc39e1a10ab46e2593d723e2c86e0bbfa9 |
| SHA256 | ba97885e18219fe6a8dcfee8729e9e10d4e8c40baacc943e26c621423f84733b |
| SHA512 | 3c804e1ae4e393eb07838c24e7abec98c4163be67c9a2db79c3a0946ec39d9c63acc90f27557de17a24bcae831c3e0bfb17696e9b3815271cb26239f3307dbf4 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 1d9d6c21d65dc99190dd2dd59aed74a7 |
| SHA1 | a58afd0eac806970f74daaf464c188b2ab19d572 |
| SHA256 | 7c3ec9f76c1023b127e7655c5fee994ab9cc2c5c8c7ac8ff1c78792099a05c89 |
| SHA512 | 875a0774ac85020c883daaabe7283857b83b883c9b5f89521765f78b8ac4d49dae9015b5ecc54970afde936ef91ef730dcb95fd59e9dc7bfc872209ad12553aa |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | f9a14cce3f841c973774ea5971432a20 |
| SHA1 | 79b1d5070281a07e333cf047041291eefdd26836 |
| SHA256 | 7acb6b415fd7c20d1f28f3832acb69c255d7ccab9c759a9b412ef0e5955f11b9 |
| SHA512 | 0d085893897cefa98fcf2cefd73f9480b98b5e9cc75e092992fc1f8c3f7187425a236df9a71aa94bed3f75de3e3adc2a84e19f436945bc5c592a981ff57ce99d |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 3ac7f1938973ed5f94bb2086a685a3b7 |
| SHA1 | b4e4053b197264574a85e1e4901c81ee471959a6 |
| SHA256 | eb02aa21b5da4634ab84d33c2320d1e1c2c82353882b25e94b69db158f796a96 |
| SHA512 | 9ed7bf6d81bebec9baac2fe1cae0be817240961ba98a17c2d13a834315637adf314a7b25691099cfd9424c97bc13938fc6d2b433fc9a57815f052701b402cffe |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 042730dc76894bc53795b95b5474b72b |
| SHA1 | dcad44549f2a25e14abea8c189c692299fd6ce45 |
| SHA256 | 5c624583422efd48f0011344b8c79336ec807f8b8afec7ed30519a508010a27a |
| SHA512 | 6c480b0127154ba9ddd893927c71586919a3c30d2fd79519644ea8461a11b86414368e64792558d4b5b4716dc5cc58def54f3264e9c89146f2c3c406cce7c9f4 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 8199bc5f9cbd5a7a5318d04ecf7cc061 |
| SHA1 | 6e4925ba07a7671352095ed4d174533511726593 |
| SHA256 | 5d6690519c680299e88c62cbbef55a05f06eb414dd44f5628aa34a3330413d45 |
| SHA512 | d7400b974b6040f5a7389c2db33313ca2b8add2353fb12c85d13eea4e96150e1b4724f1c33a45f10a92e1b10c49fec07e17ddca0ac4ecbe61dbcf78d035df2ee |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 600a731e7251fccfc889710595193241 |
| SHA1 | add54011da9b72a41db58614480257848c38ac9e |
| SHA256 | 4792fe86a913e3b70ea425095fa22845673668dc72976aa80aa17faebf49e07f |
| SHA512 | d516432829179a90a9d7b242eda634de64b52d809cf599da1587f909ba6571e1aa3dec853ca8dbb40c57bda5bb91e3738446cf817eab5270d51052a5249cb32d |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 1b2230311600c0aac33d9cb41b9ddc02 |
| SHA1 | 797acd2494b0eb19670b8b4a6ea3e053c06068c3 |
| SHA256 | d42c20557217f0c1f5e7c617729585a260dcf3ee1d10748d4780e692dc750f99 |
| SHA512 | d4d0a5e6b307ea343e7ae70df5bc253be29fece8f3a8577194a80e5924d59decfd93b20327cc577401ccbc1c9650358b3ebbfad1fcd16f0c2e88373388864cf7 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | fa10695e43e9a78a9766958176701ef4 |
| SHA1 | 5dcf2baeb5825e5aec91ebfcc04d4b8ad991c953 |
| SHA256 | 272a22c0dbf1c681723660d614f5f810b32e14451510d192066032c1fe2d3a9f |
| SHA512 | 837a06a0053f1225326353d2e31e0190f25403184dc132fbc69abf4ea4653b0ea892d52067188bd69d6b57dff0604b598e4907b46442bc9fb6ee6affb7457781 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | f612baacb2276e4feadde4769758deaf |
| SHA1 | b0b6592c26ec190555d9ae73378aba9f2b543a41 |
| SHA256 | 152bb7a6fc67e6329d940ad8b9fc1269083b7e8059b243c9961d6720515008c5 |
| SHA512 | 0fcd31232c7e76f3b4105e17332fd1a450010eddfc57e9680e372b67de2ce24236233dd4aa2abf40342956c0d14522233817524ae0b7f998875c1f0270a80a1d |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | de80f22f6f2b7cd727d524b1e993997a |
| SHA1 | b8d388960bb83c441a1574c05eeb672c5b8f4978 |
| SHA256 | 92788f830892774dc32281950b71a1fb6f1480142af3eb5ed4d8c5a66a05e04f |
| SHA512 | c26f13b504ac3efafe140e8e17fc4ff78c325501a6948e414e1f752cf6d4c1ccee9d9f9f36fa20be7eaa71cc855cbeceadbaa28bd1ba24af59a35a2c73f774c5 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 1ae9941e691f604736b717d1a7b6b16e |
| SHA1 | b97a4d66da529920246578350b4fb64e942b76c4 |
| SHA256 | e8e85158b1da73164ff06e13e9be9a85b48f5ceebc56df6f57c64774936da53c |
| SHA512 | 860d707cacd30e2dfa957453e2b34bc895b87a8dd70b651b0a476d33b8ef46e2b6ef60a9f325bb2ad69ef3d8f1358234e9fee29db68b354eb272472e88ebd67b |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | ad6303cbd1a69798a0cb7af2254d96eb |
| SHA1 | bb3019930e84062429208d390321009117c8e9d8 |
| SHA256 | 044e87c8d0b97acbd4ca07e022c984e6d08914c3cfd81ed8a3685fca9de1d756 |
| SHA512 | 5bbc659360c151f75f62617f1d921c1153674a0b9bcdeb475c26e5893ccd7ff978e9f01cb23753743cd0bc6968750349a5306efadfde0745ef509d0b4866dcde |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-10 13:48
Reported
2024-06-10 13:51
Platform
android-x64-20240603-en
Max time kernel
10s
Max time network
131s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes3.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Processes
com.xgbuy.xg
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.213.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| GB | 172.217.169.46:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 142.250.200.46:443 | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | aa01dd97609092ce310e17bf791069ce |
| SHA1 | f000840a8f68ea7beb2e29ea466088daf55609db |
| SHA256 | e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2 |
| SHA512 | 766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 64c6ecf9ad2618447604468b5818d7e4 |
| SHA1 | ffcc10199c4bc4c07c8fcce8fcf5b06c7ac235d8 |
| SHA256 | 5a5f2611cac7a618bbe568a9cf319d5c7d39b6e59d105c05c7b76e6adae87d9a |
| SHA512 | 437f42b2f28d87e92f9c2ff3a75c6358fe28b599fd1601cf206b7d01046a2aa7a11cfee03d8fc0919d427183574f74bf2b8c6b17093cd8ad19d141de395c5068 |
/data/user/0/com.xgbuy.xg/[email protected]
| MD5 | 51bdf60bc56301b14cc8771141257b1e |
| SHA1 | 33cd9d12adde0345a80d9fb40c74f6e6b2f2e327 |
| SHA256 | bc88cead2b4c929767ace9af602c0390b7f7551ac863e57e2cb097f64a17fab8 |
| SHA512 | 38a8874a0db440be9c0c6439d846b39ec31de562713f8199bbd435cfd1a7ec837a55dcefe76bff08cf5e6db1ce04340e155f09063b0a11355467046bc8f6f838 |
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
| MD5 | db2029e66f93faaa3018c344ddcc99b0 |
| SHA1 | 3ba6574832ee32ecaf977f3395098b5acc6840f6 |
| SHA256 | dce1f5a1bd8d52abe797a05cca2005a4481599015e635fc6c8176e56af91a6d9 |
| SHA512 | 47ed031bb893a5df5fc2520abe707afede1e2701941b1d8afeb2e225b92919d14cfada1b5100dbcd71dea0e64e2a56e77f3160d501b563537fcf32225c415eea |
/data/user/0/com.xgbuy.xg/[email protected]!classes3.dex
| MD5 | c4b84653e2425d79e3056c6680789ef6 |
| SHA1 | fa9e8c09531a193da7181d849ca642c744f5de03 |
| SHA256 | b373569b990b874085e62dc8a2136902204c9e5c9143a5737e6a0d47ef29ff18 |
| SHA512 | a7764c7856588a1e3e3bb262aae1c16fea6dcdaa56ae3c3cd76574bd2b32f1d48d33fe40111ede483374ae690f44617238862e8854945595223da39c18446cd6 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 4b8260394f301d41dbcbfdb04cbd8385 |
| SHA1 | 6290d15f62f10e06680ac21b4f244bc50cf423ea |
| SHA256 | 240d021e8754ecc870b097dd0e5749170dbef343c67f3158cce134d16b2d7be9 |
| SHA512 | 7d4d5cf1391bb84d7a35cb08dbecfee4a197e78caf3985cd27bb223b4f8044d28fa3be1b12939114b256f43a43384298fe6fb77b963b5ff5dcadce6c358b40b0 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | f6e7e44f3f47fb627a2756a560220136 |
| SHA1 | 8ca467cf8a8b45fe03f71c0750c33d2d06db2056 |
| SHA256 | 1914cd86a66e5a35f937920a45047e1dd54c249ae68f1f2c576a5aa9a66f48a8 |
| SHA512 | d2bff2ebf9eedb42537c279dd475a88a9fd48d5a3174b5adfe17e26e38d2efcc2979efba2528ffcdef3b11813deb13760d291d2fd8c27d7b727d9f8991568fa0 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 51c5aa906f06c067a08870a9a8016aab |
| SHA1 | 2af362a3bd68788f993c23b2739612a7d13e9ff2 |
| SHA256 | bdc1ba3dcfc79be5a2f0eac2fe82a3639afd77e4ac3776dacca777c93c3b83ae |
| SHA512 | 4fcb27b8d5863fc549a6cc452c4b84ae62828b2c7f6523130f9ed371f4263d043eeeb34764c89412a8f2b45cf5fec2d0304e5bbfe6ec756d42e46c78619a5dc8 |
/storage/emulated/0/360/.iddata
| MD5 | 30dc560c6dad9d99a6d4c1e9454e5f92 |
| SHA1 | 523196fe667f8c6f298044874f0f3563740b748c |
| SHA256 | 653c2eea9cff111d5c1d272851d0f5af70913d2c4b85d739b553e90b52b3af73 |
| SHA512 | 9937b8f4e331ad9bee5f550b9ca0924377ea9e7fe7851fba5235e93e3718469ab39b04236f582bc9c932631baff5b3bcfffc252e4a2d873543c317ff8dcebdd2 |
/storage/emulated/0/360/.deviceId
| MD5 | 4c4c5285293d5141f582aefa4e038669 |
| SHA1 | e01852a72e5a8e6f7d63a21426b515118196047b |
| SHA256 | 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731 |
| SHA512 | 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399 |