Analysis Overview
SHA256
7a1a20240807361fa0daf1f6cceda0b335ae2ebd87edd2a2534f7429a8844e03
Threat Level: Shows suspicious behavior
The file 9d6ee18795c552b6112d9564c32c73fc_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obtains sensitive information copied to the device clipboard
Requests cell location
Queries information about the current nearby Wi-Fi networks
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about active data network
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Makes use of the framework's foreground persistence service
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-11 07:31
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x86-arm-20240603-en
Max time kernel
4s
Max time network
159s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Processes
com.alipay.android.app
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.10:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| GB | 216.58.213.2:443 | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x86-arm-20240603-en
Max time kernel
3s
Max time network
132s
Command Line
Signatures
Processes
com.alipay.android.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x64-20240603-en
Max time kernel
3s
Max time network
188s
Command Line
Signatures
Processes
com.alipay.android.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.34:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.46:443 | tcp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x64-arm64-20240603-en
Max time kernel
3s
Max time network
132s
Command Line
Signatures
Processes
com.alipay.android.app
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.212.196:443 | tcp | |
| GB | 216.58.212.196:443 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x86-arm-20240603-en
Max time kernel
179s
Max time network
187s
Command Line
Signatures
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jh.APP469148.news
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | app.iuoooo.com | udp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
Files
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | ba4c3d6551be385c9a01b0efde7edc53 |
| SHA1 | 1b5ad9d4532bf9354a7db208c0dc5da5355e6ded |
| SHA256 | d82ccf972e7398c1b4af565e99d67b130ac9595d25cb00655202be8bf43424d7 |
| SHA512 | c2d709212e5a352bf1b10fbb83556e2910323b48111adc7cd38609323a19212c8f0b459134120ad3fa14bfbfe618b9fe91081ca9231ea2e8e016521cb45c1830 |
/data/data/com.jh.APP469148.news/databases/public_contact.db
| MD5 | 7f6220c44f8ae0c32ef89deb118079c2 |
| SHA1 | 5c2281fceb665e36a69c5647f6bec9465b8dbc7a |
| SHA256 | 3a1bd334ea0f0ef93629180f3a17fbae1a8b3fcffefdfb68b3ff1685258ec03e |
| SHA512 | c6e8838399c752c6c61514b625135c8ee7e45af9ecdf5997c9c3319cd7d65a961442a4e93fcbfd8d16447c7ea8dbb074b66749e6df90058b16f0a060add1977e |
/data/data/com.jh.APP469148.news/databases/public_contact.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.jh.APP469148.news/databases/public_contact.db-wal
| MD5 | 96968647a06407bf7839ab16c654d1d6 |
| SHA1 | 15f328814749560f8c85a7037b5912f5c42571f2 |
| SHA256 | ab5bc59b5df27ed26b822a41bb9e611294caf448dffbe095ac483936a5457001 |
| SHA512 | 9bcb41ba40bce4fe77b9322bbe3f1f1af545693c07eb0e55c47cbeb6bacd924811365a670210f4e64e38d676516106d2679b3284f1722eb1aaa7844d68a73090 |
/data/data/com.jh.APP469148.news/databases/revelation.db-journal
| MD5 | e24c39e4b8da809ffbaca976d67dfa71 |
| SHA1 | dfbb9e8bb1a3f6488879c669ca3bc09574314333 |
| SHA256 | 01553cfe1172faf64c49d84bad44c6ec2da6b0e0a36e8fbc6452fc1a2c4c463f |
| SHA512 | d49c144a4280d033ffa3b538812ba6ff30384a7d7f32cf006ab17fe56ad865e8aac54c5386ad515689384a782b82a1f88e0f098eed70fd269d652f2f4d8a7b52 |
/data/data/com.jh.APP469148.news/databases/revelation.db
| MD5 | edea3b196fac4ca1a81f0cba3ed6e13b |
| SHA1 | f010df0b7de7631d5db6a1c88886b63a8fea6212 |
| SHA256 | 58d5276d563a9154154382b93eab4fc5424e1e875c2dc39e3f3a19aab0869b3c |
| SHA512 | c4f7cdbe2318b39d5d9c673f299c316a6e5e216fbe5323feeb0e0cd5be9bf4203c41bb31ee3f968379933727e2b5627be11d57355ef1196de00e509a07a53df0 |
/data/data/com.jh.APP469148.news/databases/revelation.db-wal
| MD5 | d680650cd8f2855a1bfa851274a4e240 |
| SHA1 | a79b46258c7af4af4aac9840619511bee8440466 |
| SHA256 | 17307dd39a3aaacaab20b23f3353d6cf381f0c696419127f14df264a8724a707 |
| SHA512 | 6278332cbe1a4b42ad1d7e6161ac4b2ab7ef65a679bf14bb5233f842a63c1b79840790235419725e84a566eda6dc907cd2cbec9af02d8e14414f1afa179960f5 |
/data/data/com.jh.APP469148.news/databases/public_contact.db-wal
| MD5 | 9856e51c618c0af7feccca6560c08a93 |
| SHA1 | a297e0a91bf6093cca670b057123add1c5de363a |
| SHA256 | caa38b66a8a755070c066193e231229e16b653309f97ddf5f2e3f1b96648b294 |
| SHA512 | 6f82f214d36c6b48f9a48c368cad04b8f534bf8674867b3fff85c9624c664a911412142139e435c07f5b44af31932228711804b1bb7a5018b9da0339e326fb31 |
/data/data/com.jh.APP469148.news/databases/jhcs.db-journal
| MD5 | b0b0b7afce3f32c78b3c8c243a5c6b99 |
| SHA1 | 9be911914fbe43b6d3c98fbd2e4eca85a706dd51 |
| SHA256 | 1677bce1fd642e6185e6ac3309e5c9dfc8e9458fecbe360ec560621a363e5fe5 |
| SHA512 | 500849043257277b5d8d9b3e47391173bc12524cae70f9046b28d245e222ace5cb40aa4e6014eb0c170f22c0d7b88d7f0e709a27c1c4642e0f58f633e796a91c |
/data/data/com.jh.APP469148.news/databases/jhcs.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.jh.APP469148.news/databases/jhcs.db-wal
| MD5 | 93d34bb166f8016cb4b5c56f18fdfdad |
| SHA1 | 96c2e18759db4e2f9101c4a1eeba01ed66bd117e |
| SHA256 | fd993694b378b16bfd763de36b2eeaeb01f746aedc6b93e27cb61d7b8f947ed1 |
| SHA512 | c0b9cc630c13529a90566e5cba37fdf71763b31eee23576bf324571f8ac27ee2401e311c4df45a496ad3f16ab2f1f260eae61ab059c293b7cd2b5588dd052ddc |
/data/data/com.jh.APP469148.news/databases/public_contact.db
| MD5 | 310eb17e82879771545a86b68c208bf4 |
| SHA1 | 79f06f28ef9dff90b384975a967ed73965807e32 |
| SHA256 | db6afd079553970ecfb92ff41823a1c3a55e167f08068b92e3ff87e69bcc30ea |
| SHA512 | a2ad9c4a234d31a936aff53a774c506aeed36b59ae287eead34ea2f6d7c2e833f18e98508aa085d69f4109cdfb35f13fdfad4a8cba27bf8f3bb99d55a253ac25 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 07:31
Reported
2024-06-11 07:34
Platform
android-x64-20240603-en
Max time kernel
166s
Max time network
184s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Makes use of the framework's foreground persistence service
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.setServiceForeground | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jh.APP469148.news
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.180.10:443 | tcp | |
| US | 1.1.1.1:53 | app.iuoooo.com | udp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 216.58.212.202:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | restapi.amap.com | udp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| GB | 142.250.200.2:443 | tcp | |
| GB | 172.217.169.78:443 | tcp | |
| GB | 142.250.200.10:443 | semanticlocation-pa.googleapis.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| GB | 142.250.180.10:443 | semanticlocation-pa.googleapis.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 59.82.132.217:80 | restapi.amap.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| US | 1.1.1.1:53 | restapi.amap.com | udp |
| CN | 106.11.43.113:80 | restapi.amap.com | tcp |
| CN | 39.106.150.146:80 | app.iuoooo.com | tcp |
| CN | 106.11.43.113:80 | restapi.amap.com | tcp |
Files
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | 62f0197e453afdca98e8396ab0816315 |
| SHA1 | 44fdc675a0ed301b5a66a3064cd9d2bef84af57f |
| SHA256 | 4f4c430688a6635d7c21322a5bb5503989d68eb64c90c2a3ed05488831eca765 |
| SHA512 | ca57dbf7e21e0e5e02daead9632134ecaca14fcfe5ba3693ccb7f3201fa4c1b38777b597419c42ae58ff1192e9c901d94e770c893721a6cfca9bdf92845634a2 |
/data/data/com.jh.APP469148.news/databases/public_contact.db
| MD5 | cf65c4753dccbf37329800ef161e2741 |
| SHA1 | 80994fd25b2484c049381a0170e6e12d64ce28a5 |
| SHA256 | 7b2df2c0dfb4db2412cf8bb04400a8aa3b6f2a4ddcd65daa56f154f13bc61a4e |
| SHA512 | 2e383be7f1e3c4158ea9ebaf195c05176f8debca809e0fed6b03f78be693281b752c8e452d3cf147ab9d22eb13c8024b86a4edc2a22af2afbfe09a4696396570 |
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | a729ee1d0855919ca1ff992a196252ff |
| SHA1 | 1ca232cd3a647db2e51f129ac11cb5144b0fe6f8 |
| SHA256 | 3032a8133bf96b6d1439196c2a162911daf49fd1490307b519ebf5a4c171bb52 |
| SHA512 | 7661e69ca09b57001456c1c9ca478e131c3efdd9a7dd31f400b50f9ef1b26540f7985113a889cb0bef302c779bf8566596d41689cc95cbd06c51208058d53686 |
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | fbae7816a70f64dfd2ffb55812850cd9 |
| SHA1 | 6b2011b8b8e7de8b85e88535a37f377b6cb7243f |
| SHA256 | 4a48bb283a43bae0825beb40f9f1897284cc206f6c0a11cd1e7a5257c4fa1077 |
| SHA512 | 270743e26c8959258c84da0e712eca3e1d48181176bbf114661618dbdfbbf58ab86f53ed1a952678a1aee9796be57f530d230cdb6e438a3bf9f9532d72748c7d |
/data/data/com.jh.APP469148.news/databases/revelation.db-journal
| MD5 | 9cd6b7f42a9091913ff18e2cbec8ece6 |
| SHA1 | bb264bfadedae41a819e60ce060ed80a839bce4c |
| SHA256 | b4b53dd62f2378fdd7ef691d9337ef3680280d0dc2362e8b25d84a77aa3aefcc |
| SHA512 | 0bd70075b9a2e7cdd86e4840ad5452953e0a3c00aaf3efd57663dc96a18d1d4e388323b27d65f262f773fec26a93355732d2224869acb61b375dc7e331068d3c |
/data/data/com.jh.APP469148.news/databases/revelation.db
| MD5 | b77de4046b9ad3019bdde20ee8d6da61 |
| SHA1 | 78094d39e5d42a4957b7a2f1be6996d47151c88f |
| SHA256 | 823e004f81676b7ac5070de59c6c8e6681e67cbdf7bd584d983107937293d25c |
| SHA512 | a6345ff28a86ec3784263e4f94957254fdfb25598f692b17b752c6e42e662cbf1f2b527cb1220e8d3c40b7c5ac16c669e58c48d9540c986b1468159f21cb948c |
/data/data/com.jh.APP469148.news/databases/revelation.db-journal
| MD5 | f6c2d541eeede4e269a5e8b0224e43bd |
| SHA1 | 39ea9a4d53cad9c07b58580ef2f1d1ae152ecf73 |
| SHA256 | ef25341052f99fc4f956bea3c5a58aab316583af90f4464a4a83731b51318331 |
| SHA512 | 6fa2dbcc09413e2ec50742bd7b24076500d1b792f52c0b6146fbe34f579c9beb1d24e250b23d4b5973e20857d319f6b8f9c9927b87d36920c6267ad5603f2c1d |
/data/data/com.jh.APP469148.news/databases/revelation.db-journal
| MD5 | 764311fec2fd7dc25bf805cb3ea61368 |
| SHA1 | 6b89789899917935a01064977df010faa2d6c3e1 |
| SHA256 | 85e7413a025030761df409f9ebf1cc19ddfb2c7a144dc950f3d2f86076cfff75 |
| SHA512 | f84c2d3edbbfaa8478ce41d000572d9792b1f4374153f6309a8700ea667b07dcdebb55b907ab588ba03ec92b67765371c9dad96ce595570a2b236365720f15f4 |
/data/data/com.jh.APP469148.news/databases/jhcs.db-journal
| MD5 | 2cf36687529b0fcd7fe98d7e89387610 |
| SHA1 | 39af2eb8290daa78004853359b5f167dfacacccc |
| SHA256 | 9e764d37f59eaddf0f098e9044aa07628897789fbd9cc4904b8d170778b7a72c |
| SHA512 | 1518c24efe836c4a7a53d59ef5c4a134ce6ca5729140e72e1405ebc6a710fcbe609fea02ab68ac6e5df103cb3ef3de71b0a64c37d40adc2000a95a0358e1e319 |
/data/data/com.jh.APP469148.news/databases/jhcs.db
| MD5 | 7823ea14c193b9cbb2125b1cba501ec4 |
| SHA1 | 4649d6797e59b9e4d6f667deb97ba749389834c5 |
| SHA256 | 9f5282aadee8b7fe54a7cd0f58a356ce2246f2b237144d67aa417005ab91ff98 |
| SHA512 | 4f813f42ceb569464228a9bada7d47b3781ca48dac02d70d4be3d55658a6594ce3b9eefbdd8d68627b58b8244e78fab162211b5cf3f3dcb333371aaf1ef5e43a |
/data/data/com.jh.APP469148.news/databases/jhcs.db-journal
| MD5 | 4cb76252b1abc1021533a8a3cbd7ef54 |
| SHA1 | 482cdfb2d830ac4dd8c6a0307e022ea5d2a9fb9f |
| SHA256 | c4fc4e43425f256aeb08c5731b41ff1f2c0c86e20dbd09669462949f5fd60ff5 |
| SHA512 | 119b5f99ccf87f06c5eb04434839ccb412693e56c92d309849a087d99b83bda5d4b74597e1595ec82cfa7616eeff73992f5e989146000c41d2750a1b6293f8e9 |
/data/data/com.jh.APP469148.news/databases/jhcs.db-journal
| MD5 | ad39bd5385874f05be86988cbe563f39 |
| SHA1 | 91fcb22ed31dc348d40d61a0f1cc3700bd05e4a9 |
| SHA256 | fdefe5673a50e721e520e75f03d2f0a418aa1388d2809161a0d68c03eda073a3 |
| SHA512 | 930917262ced008baaf5d39520c9d2cb6a03f37496c438869e610a90bd6028ff1ea5e3a7317c0218c8d7f2ff83c9b9fdaad97c4733121f20989b3b2d00605bfa |
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | 5521d9c0407b4b02b57fa49f0ee2685f |
| SHA1 | 249dbdcd32f18efc67481308b9fad95d0341eee1 |
| SHA256 | 6903de132cc0990175262ac2a95e551f52b85853db4a114b1edc60bbe3970cfe |
| SHA512 | d71b71b39c79eb6f94cca4c4155d8b15c91a7c883202f8eeff508229db8d459eb959ad05529ffe475794ada6492d74f1a795265b0be07901f9ace48cdd8eaa63 |
/data/data/com.jh.APP469148.news/databases/public_contact.db
| MD5 | 4695029126d6b095bb51b51ed2f02223 |
| SHA1 | e13370d1976f8b0a6a30d1b8c1d656002369f120 |
| SHA256 | 4f8fc07ac062fac213ada29d4ce82ffc589b9c4730778775e3c8ae5a78038237 |
| SHA512 | dec4d41667026e3ea5f66c24409e9f415979efcfb808c3cae4434aba00baf2df744cd5d63ea7ca83c3f8d0afc0c872bf13a7ab41312d032c4d5581749b2b078c |
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | c0133898cf8d2bde50ca7d7be0e8b40b |
| SHA1 | 311fe2996834e3003f674475e2accbabff00aaac |
| SHA256 | 6a26019ed8439e4271201387cee116d576defc8b729e4d9dfbb40f18c054be45 |
| SHA512 | 87f24601a61225c902d0d17eadeda69c0078dec2b9ac39b93deb7c7cb8abc3dd9e65cdadf77d1315007333859de53e906180ca405a18dea418ca16f371f38771 |
/data/data/com.jh.APP469148.news/databases/public_contact.db-journal
| MD5 | c46cc45f1482152046a7b039d273efe2 |
| SHA1 | ce08a78abe9d45c33df5dafe1372c295d09af0f2 |
| SHA256 | d19d6cec0a30ec26c85fb3733c4c724efcd67be34b993a48eb3b3a97cf1c6690 |
| SHA512 | 254b3f0d217ce8d7f6899f46bebda2faf987472cf41cc273e13313d8aff2aa55fb9f55f729e49aa83d3d16fa375fa6295fa45b0090335f864bf27cfd14c1d40d |
/data/data/com.jh.APP469148.news/databases/jhcs.db-journal
| MD5 | a5f5aff39212af6b979e72460f69305b |
| SHA1 | 53e1360a327a95c7b856d24f11bcd3f463ae2dc9 |
| SHA256 | 414cc42c2405266b33263d9ac975b00f113c228e1c2fbf8a84941fb77d14409f |
| SHA512 | 3a6fd184fad79d7cc5c8b4ee7f5eff33f22db07e1bf44296a40463fffb8b4fca0eb2f715df62bfca1b701e4cdabe7b5751c9008788551385cd59a0b79d6f64f3 |