Malware Analysis Report

2024-09-09 16:22

Sample ID 240611-w339qawhlp
Target 9f2410ee38f11aa2e37717a36353524e_JaffaCakes118
SHA256 2e06f8b122b79a21f53c8ae5dcca3a2967b95d1df57c6429c134c26595f0c939
Tags
persistence collection discovery evasion impact ransomware credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

2e06f8b122b79a21f53c8ae5dcca3a2967b95d1df57c6429c134c26595f0c939

Threat Level: Likely malicious

The file 9f2410ee38f11aa2e37717a36353524e_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

persistence collection discovery evasion impact ransomware credential_access

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Reads the content of the call log.

Requests cell location

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Queries the mobile country code (MCC)

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Changes the wallpaper (common with ransomware activity)

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-11 18:27

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:33

Platform

android-x86-arm-20240611-en

Max time kernel

49s

Max time network

131s

Command Line

com.nd.android.pandatheme.p_yinyangshi20161109

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Processes

com.nd.android.pandatheme.p_yinyangshi20161109

Network

Country Destination Domain Proto
GB 142.250.200.10:443 tcp
GB 142.250.200.10:443 tcp
GB 142.250.200.10:443 tcp
GB 172.217.169.74:443 tcp
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp

Files

/storage/emulated/0/pandatheme/dx.apk

MD5 38cf7f560430ccd33887e6cf3b4ad696
SHA1 23a90e3d23a1fd87b5948be57e904f63d7ef18b2
SHA256 4eb0a9241deb8176a85d30a755e403c3623acf12cc46b7a9738cb90bea10e73f
SHA512 1f147fb51fb80c4a789c126ef72740829c05d6a86611308733ee68ce872e945f9739816604069a6b116afa7b2b262a118b60c76b0fd613b447a7bfac65dabb6b

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:33

Platform

android-x64-20240611-en

Max time kernel

39s

Max time network

154s

Command Line

com.nd.android.pandatheme.p_yinyangshi20161109

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Processes

com.nd.android.pandatheme.p_yinyangshi20161109

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.213.8:443 ssl.google-analytics.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp

Files

/storage/emulated/0/pandatheme/dx.apk

MD5 38cf7f560430ccd33887e6cf3b4ad696
SHA1 23a90e3d23a1fd87b5948be57e904f63d7ef18b2
SHA256 4eb0a9241deb8176a85d30a755e403c3623acf12cc46b7a9738cb90bea10e73f
SHA512 1f147fb51fb80c4a789c126ef72740829c05d6a86611308733ee68ce872e945f9739816604069a6b116afa7b2b262a118b60c76b0fd613b447a7bfac65dabb6b

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:33

Platform

android-x86-arm-20240611-en

Max time kernel

177s

Max time network

187s

Command Line

com.dianxinos.dxhome

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/xbin/su N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /system/bin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar N/A N/A
N/A /storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Changes the wallpaper (common with ransomware activity)

ransomware
Description Indicator Process Target
Framework service call android.app.IWallpaperManager.setWallpaper N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.dianxinos.dxhome

com.dianxinos.dxhome:hilauncherex_shopv2_process

com.dianxinos.dxhome:hilauncherex_start

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar --output-vdex-fd=64 --oat-fd=65 --oat-location=/storage/emulated/0/Dianxinos/myphone/plugin/oat/x86/com.nd.hilauncherdev.plugin.navigation.odex --compiler-filter=quicken --class-loader-context=&

com.nd.weather.widget.WidgetService

Network

Country Destination Domain Proto
GB 142.250.179.227:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 stat.ifjing.com udp
CN 103.27.6.115:80 stat.ifjing.com tcp
CN 103.27.6.115:80 stat.ifjing.com tcp
CN 103.27.6.115:80 stat.ifjing.com tcp
US 1.1.1.1:53 pandahome.sj.91.com udp
CN 117.27.146.36:80 pandahome.sj.91.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 pandahome.ifjing.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 crab.baidu.com udp
CN 112.34.111.91:80 crab.baidu.com tcp
US 1.1.1.1:53 appuse.ifjing.com udp
CN 103.27.6.115:80 appuse.ifjing.com tcp
US 1.1.1.1:53 duobao.ifjing.com udp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 appuse.ifjing.com tcp
US 1.1.1.1:53 logstatic.sj.91.com udp
CN 59.56.20.226:80 logstatic.sj.91.com tcp
US 1.1.1.1:53 hltq.91.com udp
US 1.1.1.1:53 www.google.com udp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
GB 142.250.178.4:80 www.google.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 appupdate.sj.91.com udp
CN 45.126.120.231:80 appupdate.sj.91.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 tq.91.com udp
CN 117.27.146.36:80 tq.91.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
US 1.1.1.1:53 m.weather.com.cn udp
CN 120.52.95.238:80 m.weather.com.cn tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 ad.ifjing.com udp
CN 103.27.6.115:80 ad.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 218.12.76.168:80 m.weather.com.cn tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 ad.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp

Files

/data/data/com.dianxinos.dxhome/files/channel.ini

MD5 f00ff998d4b8e74791db93fba73bd91e
SHA1 26da424d8786b0d35089bcc7ce95fa3f14ad7e88
SHA256 04368f71be14535a74e4f7ce69aed171ae048c1d7abf20821b5ef1cfefbcb8c2
SHA512 c550eee9d11e70960bdcd803d19cfe4de3eb389c302186a0da9ae88360ef871dfdeef37566cf4407853f2d5c4c6880811ab092bd48677a54511ec5ba74921a49

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db-journal

MD5 c1f6c2a5b96d465d44d1d8f1854fe237
SHA1 94f850bcb74ccd26ef691e378c5c3580a631aa87
SHA256 29877c7ab6cafb5f924090afda5349438b7999b665c55ed2cc437ccca07f079e
SHA512 6d844a870429ad4c5de2eab084cd6187eabd095fb896cb3e1f4a19b7e4424ff3fc8ab27d921b00c71a4cb3ed8fbe6352f92f0b0907b33b0cf158823ff30c55ce

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db

MD5 665db8dc7da0af0933386e9dcfa7f7ab
SHA1 d99510bbdbdf3d7a481a757b62fcc58beebd1c39
SHA256 df87bec18ca7e423f3518c8e3485e48b69b0d0e3ce9c0a3ffbf9e2d1bb4033f7
SHA512 73595abbc929295304e206616683b6de2da7cb6ba1742ceb82e0ba4e6fbcacfdf68a51c186a3d58544c09cc60a68a8d639441a667a90ea616d8704b404a47449

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db-wal

MD5 8fc4258b0d5992ade1d1969efc069d77
SHA1 8c9828ac63fa6203b14247e0f620b3830b758f71
SHA256 324963c84990345c6ff6b0898466b763f1453f8f6b698f38f54099a2dbcad52f
SHA512 0cb36c553cc2cbe93b565838a8b756ef55b1c0aab3edc0dcc372dbb81b83fa2cd7e5367318e548078bed302159e0e0c1ca1ec6762ca5505f1fdb26a00a1e7f48

/data/data/com.dianxinos.dxhome/databases/app.db-journal

MD5 1b7eb3d9274fcacc3f35e2b8f7cb01e0
SHA1 73fa9501687c8195b8b23f046f11d3b5b8adc057
SHA256 1ce580e1377497487254364de3186f5e0f6bd33ab605c9536b8d02bc5cdd13fa
SHA512 64b732dfea19769810e709a66ca73d5b0e5838b86b3851dc5415d754fa187807dd96b77e6bd88e0fd5167727c3acfb530ffd8c74df97d6e3518b6cd527b46652

/data/data/com.dianxinos.dxhome/databases/app.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.dianxinos.dxhome/databases/app.db-shm

MD5 be6f99b1b96655fa2b9cd32be20eff5f
SHA1 ef284c7cbec183bb0045ea725bcc9cca71d0f5e3
SHA256 875375d32301ee6f09502bdbdc9674938db23ce84eafeaead62fac176bb7a9de
SHA512 3d6923f61cce964b61beb27f52f99d1fd52435209b238afc6bd162c131931380cb8fc422c5258f9e3a3d49632ec0f1e36a8b19e598c6b1ab516b0eb1c33e9944

/data/data/com.dianxinos.dxhome/databases/app.db-wal

MD5 b1af179487e128794541cac39fa5a0ac
SHA1 abe292eff2a2b6b3865512f71a8763e70376c2c0
SHA256 7f2a1796d7fc6a6cab89284d84fb8e27fa56bdb413cd1d22e385b3053935d345
SHA512 a8a0449cff42fbcef39a9c9de324902ba41f293019d16905584b1918339987bfb6cb91ef7f726a30bd41bb4de84b7eecb3de6d4257412c5b9df3fcd2b88839d4

/data/data/com.dianxinos.dxhome/databases/trafficmonestats_v4.db-wal

MD5 1450523113bf2f797e9ceb5ac59e0d08
SHA1 855b5a6a4c0c97d240ec544895bfd1a99f95b351
SHA256 ba546fd238e032baa57532f418b0f9affa5c1d8bc4979606b5fb43ae22e5b9b8
SHA512 c53480f244b6ee6434a9e85ead195b264d69b063e9ee5e2c5c900d7c9601e6e2e219fc3077f5fcba6c4908066ec28a2c4f0dff38755823f0363442ae6001d47a

/storage/emulated/0/baidu/.cuid

MD5 98f17ada8b74db0c38880f875e04557a
SHA1 2f109b5ac71324f05f9821701557289fed47e6a4
SHA256 3d60328723c997375645b59fec844f587d6056ba5f04818b7895ae62deea42ec
SHA512 fed54fc93ebb915eee32447d0099b17cf8b6180e6a62ff7b5c13a2c25230179894cf25b6a93615468809b152a827309be6fead993c4a8a9ac7ed83cd9db452d8

/data/data/com.dianxinos.dxhome/databases/config.db-journal

MD5 f9e5cd6d4525d34457041be24495c921
SHA1 1afa10a3fcb5e4990870158465c77b7326c2a621
SHA256 6246e6e9e17896ca72ac9ff0009e9f4e98c48d355507f800a7b6fb98a683d1d8
SHA512 9628688823486299eff2eb366d9358e4b754bf537c9fe5c3595c0388d104d1068b2118887278133cc2f32a887cc6c5b2f431afa4682e41d95171d563d5cd2fe8

/data/data/com.dianxinos.dxhome/databases/config.db-wal

MD5 b0aac1c64d777d3874b8095ba25613fd
SHA1 3fc42be1ea0a0d7130dc15487e6f07b499bea0ab
SHA256 e2832f85db4ac8fddd415b7ace6c4ebfc1564bfe88ff676957f1da06aaf4bfd7
SHA512 03e13c5002d3d31454b151351048a26d72d6554e2e3842dcf25faccc8935eaff49dfa10cb7d4aedd1747d195f6dd86a0a5dc00bc6aabf7f91c750e20397abb8e

/data/data/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 0f0daba1bda5a3f6f769f5153774938d
SHA1 5adb3d8122f295c938106c4e6038013450634432
SHA256 a8f27844e588b8369a6811d8d688626de34efd9fa003ad0304843d7c66de9797
SHA512 6aaff6fa92af36020a9e3551d7964be1131d030a80f710cafd3f19e23a97065b95b6329f83ade3547cdcca4f10b5236a9fa28eef17ab9f6934f2d9640a37feb3

/data/data/com.dianxinos.dxhome/databases/launcherDX.db-wal

MD5 ba25d88848d7d4f7dd511aedbf5685bf
SHA1 4a42430fa472af948a320cd9433fd8145a61c741
SHA256 e8a224ae32e728389a3d92976bb6c39773b8c190b235bfd6d055bb17331a862b
SHA512 95509d686b2880974a94bedbfcbe63db81df9ff98adde858c2300fe2a786a0f0479e7f5433ea60d9ff21693e9fa4509526ea862af991a40cb6d8611e445fb9f3

/data/data/com.dianxinos.dxhome/files/icon_today.png

MD5 853c2d56981a46a058db8668cb11234a
SHA1 d547cd0e515ece4567cc3145b00cbf7473bf8b5c
SHA256 01b4fc6aa4083f10c4c6182ce6780bdee536dd3442412fa2906bd9c63cc292a9
SHA512 561c642fc4bd4cea61644ad993c75c6e7493d695d2595137be5202c461758b108bb40fd8db6aa2e1457cb61020d81ae0f7e030339ed729da508673a51e848cda

/data/data/com.dianxinos.dxhome/databases/themes.db-journal

MD5 39d2744963a8642e8c28bbe2a0acd1d3
SHA1 10f14eaadb4d376718b0a903294ec5d05513cff2
SHA256 0192264e09e2ac1a4b53ff69f0f7239cd6b7c1bfdca5084feaad1e5e5c17769b
SHA512 9528ca6ce68363f643aea6d3dc317a973a4c568ce072c9416f480f7f354c4e8670add52b16f3b5978947b2a29a4c53d2a0cb43246c26b414478c67aa8b139cee

/data/data/com.dianxinos.dxhome/databases/themes.db-wal

MD5 3fa5c55e410a484b6fe4d2cccabc91e5
SHA1 083bae3e7f85d48ee86eb0c45879e808898c06cf
SHA256 02812c1292c140cab7a75f4ba9325e515fa89d51d9e63a812aaf5e5f36080a91
SHA512 baa54d5ed48dd1a510f981ed5a8bb67dbadfc94e0e194d34f0f1b3b89ba73e829dddf1bb4a7403fe5231b084b703dd65dfd20ec36332e9a5da23a6407a9c92ca

/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 c45a48e0a2078b658eaa95d360f93b9a
SHA1 0118b82f02938f11c6a536e6c2911b06db126b9a
SHA256 edb179615fca3b6cc2d8b9f6b013cadcf22d201bd561dc1de3c8adef0a03a662
SHA512 99114913ad07b0d18dc2119629fd3837f51ddab274348870e98b561d8e4f0b3165f7f676636621dbf723fbb8d4657e387dcd4cb64e9e70ae7c337aaa595702bd

/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 732d19c50777e8c87cb16ca830a8fc74
SHA1 4e5894b48ecf732e57ebe523b3403e7dadb3c822
SHA256 7e746af12201b523f56a018f07c11fa96a24813ef68aeffd32712f4864877190
SHA512 ffd25d4c313c647bc6fd26f7c20afb7a4278a5f0da38741a8d639b9ac28017132ca1a4dd42281a27d33ad647372c689210636c2814e62b39dbdbdf11b6099062

/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 bf5474eedf919122e559f501fb0d090f
SHA1 c1ba1b21b2c0d704742dab2c709534a914c33041
SHA256 cf390d6c95bd84a23f292d5dc79badd983b9781a32f9503af2fced153148b4b8
SHA512 a3cddbac15fa3df28308619b18897c1b3d85ed588cb2884f99d383234c94f33da641adfbefd6342d84ca2116f130c4f89aac6a65280c3a1cca7eec37a94f9332

/storage/emulated/0/Dianxinos/caches/imageloader/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.dianxinos.dxhome/files/bat_crash_1718130617526

MD5 e9209863db1e288e81efaae6e534d091
SHA1 75df3a5f75150f326fe07f8a66a3d3e3d8841eef
SHA256 8e1790c07e96aa1227bdbdca5f7fcdd9315ecfdeb1bb7d73236a3e8985225536
SHA512 6b32a3743686aa6157b0025a1d8c4ba99f20425055382ef59bb5fc8773d302f39caf676ef995c6388f6fb27fb52d1b16d38bbe9099f8fe255ae27d6fccb38709

/storage/emulated/0/tbs/tbslog/tbslog.txt

MD5 5d6dad8901c931ec6c9765c133f66cf6
SHA1 1d9a2c70e60ba170b4bb579008ba92f296f8d4bf
SHA256 1702784507dc6c786c998547c3f46e6c6764bbe854feee803001f40f56baf0eb
SHA512 9e5d3fc437c54abc3dbe53d0e321c9b3235e9b16415a3106ccb37d3eac8f3fbdb0b183719bd396cb0f4b5e7935a8e3bef1d70a374fd88c52fa5b747f02b06d7a

/storage/emulated/0/Dianxinos/crash/crash-2024-06-11-18-30-20-1718130620298.log

MD5 9baa0955f6f2173918bb3abd6ad62c8f
SHA1 582859879cb370751f764ed9841387e5f656b107
SHA256 cddbd0b16987c65930d26af1bc78e3fc1cc075b873bbb535b3f3399ff1d0bbab
SHA512 34ac3c2bd462c5e03e05a3b93ce1f2186c2ed110ad2a43f9a59c81eec21a094df8fbeae56f16e76856fa6a01eac330290b198244a44b9b6cbd21c43dbba74e2b

/data/data/com.dianxinos.dxhome/databases/User.db-journal

MD5 edd13d8f8d6c2fbabcc815fa60a222ab
SHA1 395db42a471e9b101869c5a4f0c75be83ffde220
SHA256 edcac9ae6f11d52d6c479e5ec6da87cac763d7cfcb27ab14db2df105901b5c4a
SHA512 6d80a39b402609260c93c13fb3e19cb2f2cf7321b064600264a57033099531e5fe280001813a01191469a019d9bc19d99bcf01e94e96787872f855651d15c782

/data/data/com.dianxinos.dxhome/databases/User.db-wal

MD5 e882a4f0457f692e9b2522d1efd6980f
SHA1 7e3ca5402083e9001e3934640de518bdf22202f8
SHA256 04271bb8e68b0e877a7569db2595716a6fc541d9e3c5e1d65cc4dafaf6b1bac1
SHA512 b0a9490a74bb7e01d1d14507b7f6727ea108467d1d9629e434b891b31d347dd43af85d1d660f378455ddadecc8f875a240d088578e6c7e2b93c4fc3fa90ce800

/data/data/com.dianxinos.dxhome/databases/launcherDX.db-wal

MD5 bd5e61889ecded0ce661a772e6e69025
SHA1 d281041f24c0516cc2b223216bd81d9faea69a22
SHA256 fe272e4b1a54c5989de565e04eae26232edcf8b9ed6941dda2c0738202d80495
SHA512 05c7bac150b7c96cbd8d27b93f10b8be3a9ff4561a58c9454bbc84d6570b842994e0cec2897b3bc41031631ea306d32dc2b936d628d67a0a943267ac97337256

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/v611_virtual_recommend_live_folder

MD5 769a037e2efc0739915135e8b06910de
SHA1 97e274c98a908c4e79c36925db007d44b2b30185
SHA256 1964ca516570aba5248610017c3175548c485ff4fa22ff2673087248761c6ae8
SHA512 d38f99a302a697584199500d6ec6478b3489d052c982b319fbd170bdbd2db7d9cc45398127b49a8d3448e0f7a458a3e83a08b6359c46f51beb8e38541fe6fd37

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.photos_.home.HomeActivity

MD5 4b414b7110310af12dfa98f70ff0bdce
SHA1 b9e3976328142fe3fc7e016f490e94e45b42ac75
SHA256 661276b46e451e3ecb605f1a27d3788babfa3e9b759bc4332ccc9c0618c856de
SHA512 88949cf538855edfc2db880086c0ca2ec43db1b944f843ff5adb8b4374702342d4ab188065c621c3af96c3389bd417d93d03849c31406838b218583a81b492ee

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.videos_com.google.android.youtube.videos.EntryPoint

MD5 e4428df83ced1f8c14fbee13b289e7fe
SHA1 ff784cb1513938d677a76dbfc95ccf0ccd79c51e
SHA256 9e329d3891dfcc91b00a8c1c5688430fd2d3d5309b27487ceb92bc33b19e3216
SHA512 b5f27045a6d08458e91dc86a6a8efd041a3a01fb2f10fd040816609eb5acd0a26f9118e91bdcfd6875a3bbb7f3213c713f510c99d12b4c199814753c2db483af

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.googlequicksearchbox_.VoiceSearchActivity

MD5 1047552f0634efa95993812f1ff78f8b
SHA1 19a6179efe0701ee25796e4ef1271136693fe4ac
SHA256 ea24995b90fd6c9c59c1f684bf06c0551fc6233650f0e6b5008df7b955c8adba
SHA512 0328cc31f74ab02abf2348479f552aaa9e8ba38d56ba585355b750b21194e056e9d73f2cb2879d5a6d5c493760958464d96af30a278138a9ef8a765ba044ee90

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.docs_.app.NewMainProxyActivity

MD5 f21be8d08f7b09daa54ce27fbafbe07a
SHA1 63ee2be5875563f5b382073516a5b52c3e7895f8
SHA256 a08552f6837f132540ea62036a214ed24aed258c68989e20004e6e23429afd98
SHA512 dcd5c92611ed976dcf0f6435b8b94bb3d4fc08dafe3fa2500396a9b9082eba5ece645a5f1006fbcc674865dd845e4ec95931386f777873f557975a6f37dd395d

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.messaging_.ui.ConversationListActivity

MD5 07cb15f04308089fdcf7f7fd0dd9170c
SHA1 715d19eb4ab18c6e7a952e3f7c3e78606ad95dec
SHA256 693d8ed094f9e511fee3e6b1d7527428397fc62ca0d4205a49c62cbacd2eb1a8
SHA512 f57dbbf37f8f68143ca6e8985ea2abaa2ba9f4b69a1fe81e3ffba8e75d9e5aeb64ea8d59c5f4adb1c41333fa21cf18450b9d4adcc7b3b0eb871045ea0071fa84

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/org.chromium.webview_shell_.WebViewBrowserActivity

MD5 c1ce3d8d628e4c42947b4f0831299b35
SHA1 d1b4ab2b3dd15245260fc42610069cbf59547553
SHA256 e28ab2924d3bd71268a145b38a2797a4f6be74399a0c422b80a05e89fe809fbc
SHA512 7cd4605d8d4b91c62eae1530b042b9e5385accfc85f8ad779d1f14f08a004a7a05561a6e4b5d87debe6f3e1a7b9c7f2f8eb3b90d31d496f01b9014b619a44925

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.wallpaper_.picker.CategoryPickerActivity

MD5 db917e5af038cf662e47ba090acc4c56
SHA1 49e2b40bbfc5fb5a2f431c0a268f573326a9eb93
SHA256 4c1802f8ba6b63a4eccddf1b1387240c94dd0b46c876d5155953d9c915208cd5
SHA512 b1bd3429fde18ece2a010b1835867cbd4cc9148f370523ce22c48c3cb9afcbf3d3ba3b72c90f8be1619648ff30579be501274d3d113a19c6d6dae0b309fc45ac

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.dialer_.extensions.GoogleDialtactsActivity

MD5 31ee3d1d5e5681ac38b48f64a591bd88
SHA1 ef0ea7f2bb40547a27e30f57e672c22532c93e18
SHA256 a81b277d1f673d23b6c78198a7ec8a69fb64a6141c566cdefd92ba8f071e102e
SHA512 f31c1274b3c4aa0e54145f70b5710c6b5e1f6725680a9664429b70118cbccb95c6dba95e3c1e48286593316793e87c165e1a9f4278cb96e69e1d298f460b96db

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.youtube_.app.honeycomb.Shell$HomeActivity

MD5 34cecbd6d15a07cca5953b2a25d1a813
SHA1 230c9d4d9c7c7efbd22403858697ca2263c25850
SHA256 6612f96a1dabab17d14ca141e49f61eb4e713ce9ff04d0fd11c9f0bb44fa1b4f
SHA512 9b11b092378dda893bde39b84a0e0c3dd35456035b4d7b490a5d6674c322ec76d7fa779db4ae9b0843c0ea55e5ff3c38949ef354cdc40f44409f617f007c6eca

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.android.documentsui_.LauncherActivity

MD5 ffb030886425a18dbc606da9576cf3c6
SHA1 15419d19aef876f7a3a72296d497ab62c1692ea9
SHA256 01b6afd0e04baa43d0c7bbd543ef7434f3b91b11be55c4576647375f7c554a41
SHA512 b78d594f19ad3bc7bff0605a371fba99f3028164e467c76dcee707621ac46c4d1a019d30e8824283f0029edcd60e5163713dd7a61d5491ff5414a78c5d1c663e

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.android.chrome_com.google.android.apps.chrome.Main

MD5 cfe05b70af90cd5418a9c03efdcb63db
SHA1 147df5c75ca07979be77127d06813a4d96fa6024
SHA256 c9201a5f45856c83e227140ea0882453e79836a3860ed60f4f85c73c3214b71c
SHA512 e134e6149b1ff313a89e566a0f1ec2208e144c385bb91987ecd5b428a19df220827507ac980f4701523b8e86d7b699f564bcabd9b2c98f8cc9b1fec0baaa0403

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.dianxinos.dxhome_com.nd.hilauncherdev.launcher.Launcher

MD5 d1ead3af42c724e7ba9461adc41227b7
SHA1 eb9486448ff8ea9c4448b079d348c26ab0ce7226
SHA256 3360cc071de140144e8fe2dda362f85c82ed54ab1b2a62370aaf9e689b2152cf
SHA512 221d5c1050e73edd948e56bc5155f51e98623da1202c15b52392863178bd136c36bc6916ddc06edc918e90793c783cf19a7e45aa7aebae6765203d018d19f748

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.googlequicksearchbox_.SearchActivity

MD5 c9e529b83590463ea20d4145f97792d8
SHA1 af7d82ff7185682dc040e737fb451268c3e78c28
SHA256 98ab480276d73b0d60964bbfe112bdbed4788f2aa7d3a704655956bc59733789
SHA512 508e428a41f55beded5a0bf9a6594abc27a57d4fb5eb64fba0997d569f9c27bf53fa19bf07ec63ac11c5ed419115d63559634fc04caa0335b181b35b387f6208

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.gm_.ConversationListActivityGmail

MD5 6bb9385ecae9f975daa2bceb50781128
SHA1 864fcc2ff497244c74f8f4b4573070fbaccdde6e
SHA256 cf80d02937bf0a58748e240b83512889ab0a3823560f4df716eddb18618b2306
SHA512 f87a3dceccc24c606e3ef4267bb5e13fb4ce5f370b07d9b423f14cbfa492993919d123cb1d28c578172b1eb458edd3b1e0ba6cb7184dd60cce6788d9ee00a250

/data/data/com.dianxinos.dxhome/databases/myphone.db-journal

MD5 9001473eed421810c8e6a6ffc4ab819a
SHA1 aa274f25375f4e90f54a2e4a695104825bef6032
SHA256 24d34045084d26cc7317c6da83b578567c4c384672566fc31d573a253eb9d4ef
SHA512 a8d73d730ab58cf6dbe11ff7f51b49c6e2a09160873609b2aef0a600c89bc049f283e37d2d412e00f030b15fbbefc1f805eb33ce592f5ff193ba9d30b3521535

/data/data/com.dianxinos.dxhome/databases/myphone.db-wal

MD5 b4a54bb34c7027b662fa0dcf4cc735e6
SHA1 aaa953be9ca126e035aceb25d93c001bfb998f98
SHA256 07cc2d19a5a52ffdaf3c09813a582e320d7d02a82b50e4b13275521eea07b969
SHA512 fcb03f494cab6c9623cacef87558fb9bff77652dd2c9c108d84dc632a1745470a55f4da64dbcba2b46ae959c7da3f23c48c198d897b5e55338b6d6e04bdb958c

/data/data/com.dianxinos.dxhome/files/plugin_upgrade_new.json

MD5 caef1739b3108f8412d14cde292e69a9
SHA1 41e31e3e7349a11d751bd3036fce73cb4c0db709
SHA256 38fd7490004748f8041b5dce5649b9d920c0d3d63b18b590bcbe4c1be31bc29f
SHA512 464e192dfefcb11af120c8d9dcb360052022dfba0678afb048d0dd4aa005fba1d625f28ecca498e2ac718af0d108b309d0bb35aa76d3817349192a75e0fc8eab

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db-wal

MD5 1beb15bc1f612f966aa8d09a0f334a32
SHA1 eb9d9a1d6941838fc3e3e0ee2135bd48ec02aed5
SHA256 e92414cc907295d7b2c266b1fe72a82e7318f4bd0b62752cc3e34c36b54daf40
SHA512 59eb57861809ff20515438115bb8a1a4ffb4eaf4a9ba6f0dc28ed57e9ce5aaf90334c95602be444377590c1f3c4b136a513fd202688b37fb428aa3a56fdf941a

/data/data/com.dianxinos.dxhome/databases/91analytics_v4.db

MD5 2e11771b99d51f87269b8cb9dacbefc1
SHA1 b7bac4b48a773410c49decf8a90bdef355f0eb98
SHA256 6e91ea622c96101305a8cc837a294ce9b94a602d944c049c60689f9e498f82c6
SHA512 6a0c64cb459edd9be37d8dfe8c6f7b6c0f9c7a3fb38f3a9b46abe74d27d7e74c1886c7751cb40447a07231d8130d4d668db55a0c9567e872f3a80979b389c5ba

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:33

Platform

android-x64-arm64-20240611-en

Max time kernel

176s

Max time network

186s

Command Line

com.dianxinos.dxhome

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/bin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Changes the wallpaper (common with ransomware activity)

ransomware
Description Indicator Process Target
Framework service call android.app.IWallpaperManager.setWallpaper N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.dianxinos.dxhome

com.dianxinos.dxhome:hilauncherex_start

com.dianxinos.dxhome:hilauncherex_shopv2_process

com.nd.weather.widget.WidgetService

Network

Country Destination Domain Proto
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 stat.ifjing.com udp
CN 103.27.6.115:80 stat.ifjing.com tcp
CN 103.27.6.115:80 stat.ifjing.com tcp
US 1.1.1.1:53 pandahome.sj.91.com udp
CN 103.27.6.115:80 stat.ifjing.com tcp
CN 117.27.146.36:80 pandahome.sj.91.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 crab.baidu.com udp
CN 112.34.111.91:80 crab.baidu.com tcp
US 1.1.1.1:53 appuse.ifjing.com udp
US 1.1.1.1:53 duobao.ifjing.com udp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 appuse.ifjing.com tcp
CN 103.27.6.115:80 appuse.ifjing.com tcp
US 1.1.1.1:53 logstatic.sj.91.com udp
CN 59.56.20.226:80 logstatic.sj.91.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 hltq.91.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:80 www.google.com tcp
GB 172.217.169.68:443 www.google.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 appupdate.sj.91.com udp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 45.126.120.229:80 appupdate.sj.91.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 211.97.81.63:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 tq.91.com udp
CN 117.27.146.36:80 tq.91.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
GB 142.250.180.3:443 tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
GB 172.217.169.68:443 www.google.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 112.84.131.73:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 123.234.2.71:80 pandahome.ifjing.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 117.27.146.36:80 tq.91.com tcp
CN 211.97.81.139:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
GB 172.217.169.68:443 www.google.com tcp
CN 60.220.178.254:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 hltq.91.com tcp
US 1.1.1.1:53 m.weather.com.cn udp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 218.12.76.168:80 m.weather.com.cn tcp
US 1.1.1.1:53 ad.ifjing.com udp
CN 103.27.6.115:80 ad.ifjing.com tcp
CN 113.201.158.118:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 ad.ifjing.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 120.52.95.238:80 m.weather.com.cn tcp
CN 112.84.131.60:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 ad.ifjing.com tcp
CN 112.84.131.62:80 pandahome.ifjing.com tcp
CN 112.84.131.61:80 pandahome.ifjing.com tcp
CN 60.220.179.176:80 pandahome.ifjing.com tcp
CN 60.220.179.171:80 pandahome.ifjing.com tcp
CN 103.27.6.115:80 ad.ifjing.com tcp
CN 112.84.131.63:80 pandahome.ifjing.com tcp

Files

/data/user/0/com.dianxinos.dxhome/files/channel.ini

MD5 860c8356d516b5767a1eb89d499eb181
SHA1 683cfe7203143e7fdd894cbd23f0ee3fd10595da
SHA256 07546e8b113d8e8b84c523603a53053259a47cfab7b5f5399a22c634f26beac2
SHA512 4ea21d7f7aa78f9e4c97a94e287adbbe935a7df235214ef77afe46ee18bd9935488518acc11623987374f7e0a0827b09f1e67dbe8689cbc249bba8f3139b4ba2

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db-journal

MD5 89148f8851471d680e64d72f360d682b
SHA1 4b294641ff857626b4b9ed8ba682590cc5cd4b19
SHA256 bc5bab1731121e0e632e5d539768068058348fb3933114bd743d08fa67587d37
SHA512 c0dad7acc56c45fed5252bf7721cf6983e6fbb52966ff6045c76eb28fb410148161d6133b9de9f241377a164bc851e13172e371fe8ce978a2dbd6f932eb0ee32

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db

MD5 6625ad994168f4731d5e5d82a5662e82
SHA1 e9189a9242427ec5429550fdb94885df879692d3
SHA256 6473f822f81370cf30dfea644b0fb3f4a71c4995ae235b4eb6e8ed434cc15052
SHA512 eb55d8a7edec3282c25a196533091405f9c51199069c8ac07d7558c19e32744325670d630e9de518fc8b78b10994cea9c25a9ac43f5fa482a205e34ec7eee0d7

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db-journal

MD5 bd06bf91790c3b817db18375642ffaae
SHA1 54b8a446d7d4c22b53af8e4fae4d5bea90ae87c1
SHA256 0f19460f599f28f1b0a6b6c90467313e95b900240ae22bceac66c5252bfa74ee
SHA512 0bde0085626de651a1dadfd9770b483ed93e9dd562b6d6cef546aa449579162c49b5f6b9b497b2db52f1998e65c4ac6d38c42c2dcbbdafb516f6db1f4c98805d

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db-journal

MD5 be6f99b1b96655fa2b9cd32be20eff5f
SHA1 ef284c7cbec183bb0045ea725bcc9cca71d0f5e3
SHA256 875375d32301ee6f09502bdbdc9674938db23ce84eafeaead62fac176bb7a9de
SHA512 3d6923f61cce964b61beb27f52f99d1fd52435209b238afc6bd162c131931380cb8fc422c5258f9e3a3d49632ec0f1e36a8b19e598c6b1ab516b0eb1c33e9944

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 e80918453e9af68fd09d429b3847ece1
SHA1 bb3b1e750e77731194f95f26c5ae38998630219f
SHA256 9f3d768ff9dc148235bebeb74c83f8ec04e5584dd48904814b83dff4a61eb4f2
SHA512 b00d412449a24219f5382ed81f7461581674e64ea19afcab071c6855a56990a5ce7c5de3466c510d3604f11f298c16a345b8b8371a6ee58c85073b346bba99f7

/data/user/0/com.dianxinos.dxhome/databases/app.db

MD5 670ff61ac843ed97019d59a06507137b
SHA1 cd96478ba88c21bf10945ae7fd828424157c76ae
SHA256 9cb0f3c099c2c13034e5fab67501df222712b73b8fd86a22b436b194294ad6b3
SHA512 2463dc4cbbd8db7c9b32f6e8337edcf99b84c0112af970d5ef985f8b25caec0b0decae90dfe188ce15681210129ddcfe8ecb707391b334404e88cfcb0aedcd13

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 740485cd49338f0854856492f9ce551f
SHA1 96bae92a0434e9a1f35b17510d3cc7d4fc2c6c94
SHA256 d171954c6c41033722d93386c513c56445f3e76bae3d5309fd0eb83efaea5be7
SHA512 eb4e06b617e7cc47badc31e711c61f456703de94bdde495f8bf72574268c0e8301283890b1a26e4d1d5337c54d82d5cf9f283f96104c09daddb4545c09780479

/data/user/0/com.dianxinos.dxhome/databases/trafficmonestats_v4.db-journal

MD5 673e310c555ce6c3eb43c41e90f5dea5
SHA1 d11374492db44a4cf296a3394e30bed0a8a7381f
SHA256 5665559dfb484746e59dc1adc93c14e459f6b53bd71ff4b7cdea94efc019e871
SHA512 4096e331009f7972aa75c63ea4b7006042d96e79db6661222e2b82b7d8867c43208aae0c00b7439843d66cdd7a351c478c2aaf35484c47920c042db920df80b2

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 f70ff55e77c9f8d483572b97f698fb35
SHA1 c8f3bc1ffadfbb98ce9163a5e989d2d487d46f09
SHA256 8fd8e91a46db0c9728317defe29e60cba51e2e361ac6c17efaee0a26de840285
SHA512 3919f09f26a7596c53ddfc2560f97c0e9eab45548dd264bad7a957c865f378995ff5d458f9402255d6ba1b502aac753e30abc4436c1979bfcf648590db323521

/data/user/0/com.dianxinos.dxhome/databases/trafficmonestats_v4.db

MD5 717b1888678c862dd1edbfa5e5a3bfe9
SHA1 1d61cfadb6859e049f39c403066a59b3c3b3a7a8
SHA256 b5f15abf9aabecaf374ddf743ded717b4ec8670bdcd03b41e020d71e750cc913
SHA512 a62a8756008674796da9d8648c7cc646f6d4a498ade88b48f23a913fd98f2d850838bb370e6b0adc16659c324c77324aa889345b88baaec2d4a17e70d7a69a45

/data/user/0/com.dianxinos.dxhome/databases/trafficmonestats_v4.db-journal

MD5 01a9baf9f14ac06f8714257e98f2c34e
SHA1 c3e3adc64973e2c671276f754478043bca428b48
SHA256 74c87519c37eae45289ef0deaae8be1dfebc2c4915feda399a65f5cafc280e37
SHA512 522de6018bf772166bb04f17265a6bf35756eb16bca591927ffbdccf961484a742699da37102c00387a3e2ec0dbafe158658c0a2fc3428486ef237117c2958c8

/data/user/0/com.dianxinos.dxhome/databases/trafficmonestats_v4.db-journal

MD5 6fe6dfc56a44b64e0a7ed4cb1e6a7462
SHA1 953948bc11b4a17dac4c04a97d928fa63985a20b
SHA256 7300bdab5fda577d507008de4d778ef92624158d99ea532d3ec1589e2b218025
SHA512 6ad50423973213d1320af5474613390e0691c01e7fc02b571f119bc322f0f88ea93085c360363fb0d914193e94f3dc6d53b9b1dc50a4f72f9627db60c0ad3899

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 e0692d6718462708b7db877b75400776
SHA1 b8967dfe395f61cb2fa688afe9f6a6114fab5257
SHA256 79cc6159c51055fb5239c9bd620d28d01153469ba0e63b0ebd2a5979923688b0
SHA512 5c5c54e071a9251a277eca9b2b18804fa638570336725c7273a7ec32237abbc3af631e38fd886566f0b1b64cb9c960c0951cc3b78e4e4a416fa6518ac3088ad8

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 cc04170253829ca714da5fad1d53be5c
SHA1 9dfaabf2ec809e41cffc4130318dbc84ab13726b
SHA256 5b283c9c83ce673dec7385f63e43ed00eeb0513dff227da386efa199c458e874
SHA512 b5941eb785c9c061bf401e8af383632a2aed9b34d6e066b08dce0260becc83cef0376c1073245cd5a7153f78ced0ab08566120fb74331356a77fd906a2a8a71a

/data/user/0/com.dianxinos.dxhome/databases/config.db

MD5 072ba6282d13c70714d6d11c96e49fe6
SHA1 2759f018ad45a6d6fcf5e7c83f83f113d87ace80
SHA256 6d8cd7f3862a58ad49845b3e78bf7180d23fbc308e36e15a3b6d8c14dc2e8ca4
SHA512 7d7a2ae1461f82812e43a2453056245cb091f7d19858d054a7309cc6328c3dc11164ee82c4e31ae28d2ebf4bea54d7ba8a37d2abd68ae4b32e62443728876f16

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 cdd77372b9c47969705df6d9b139aff2
SHA1 b8e5af94b7ca706ca9be0d55513095772acda28a
SHA256 b4666ccee0763470190265e8d1333e5b63830f06904e734ef1f43e50de96c1ec
SHA512 bf3b5c936fd128c8a6b9c6e7522b6c5c0a221221d477861910f35bc1f5b2a04d0acfbf3e9a835724011b97b3e1673a8e4dfae5c6eeced038ef8010040b7fdb73

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 09fff8df5809d1493e39604af1b29df8
SHA1 56385b2b58ec8b8eb252d167d1f032ee4eeab507
SHA256 b7fcb4a97b180e4c4654653e906542de40ecf4efaf0b0c5b823e285cb0ba77a2
SHA512 071730f864a07bb66d68d335b452c6fa18bbc00972716f3319fda581d4f5b28decd266ca89c1497820124e1783ecf72a4cd8c3f9e2a37d89aecf2017b7f12ac2

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 ad1ca1d305d5b64d7e362fb135ceb7e0
SHA1 93d6dc79898cb2019d542611501cf452b63ebba1
SHA256 75eddf4d0475a9a09e8d1788ef2311685b911cb24201caacc26839aa32fe0707
SHA512 766b123b992ff637355246f92d268787a1c012175edf4999c7d5fc53424436cb6569b6d3d51ff96eb35f4f85260e175d3c77e6b94b6c35b69fd1cb5ca3f04a15

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 709bce2e39c0351fccb5e9c4c886b658
SHA1 8ae9f3f5d53f0797c833ad3e71a04e74c6aca11b
SHA256 c7e4695973721c223b6ca1b4409aa8961cb38470b1e7b25eb64239f9ca63de75
SHA512 8cd3769415d8bf986f837c70cd1e6aea1f2995410362e384045bb98638c6eb8dd8429978dadbdf411fba01eca2a74d2d6b1ce5b55eddc6ccd042a974e2757342

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 e93f5b7488b5dd9aa6f413463b8012be
SHA1 37b5c64f187a13ec733f4b0840d0a7166b289154
SHA256 0228782f0de9fefbd2d44173bf98817e7e53cb35a472c4da28b9413c55837971
SHA512 b33603311839b9c0aea4f7e480245215dec25d906e8c8ed615590881360564107f744cf83300adbadf2db08d55f150351a7e684d1f0c2eaac78fb3403607d660

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db

MD5 4b97f295c51dd8751c52ba56e213af8e
SHA1 2b11126b02d87b192b059039e916357d9d00b0ea
SHA256 031279ed2814468e83ced07d2c19b89327ad3dec38b5a17d603f42664f370bbf
SHA512 30dbc9f08a9a09861cd9e4c7f26d2e483cf970321bd6a66ad34ff98706bc5ee583cdc5770bf1d81a7af3ea6ece7d2afabe05b0211aa9580464846be53947679d

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 5bd5f9a55b840b4b3dfc97c0a1478737
SHA1 cb4b750e28f77c3d990eecb08d269a66bdd7b274
SHA256 d788384f0b0cf6e5e047f89e724f2a3e6f12e5ff06bf2e758416edce8ddfceb9
SHA512 c50f2db156b366f852410ab6f9c916e0bd5163e4a00f71885fe622efc54d9309cb14549108cbf1695fa2d4c92e50f7dbf709be59496ebc9756e70d71617ccdee

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 87ede968d948e132ff90e36150aef9c6
SHA1 4c12704fe6559a2d72a4794f7d8a53d9977fd304
SHA256 ec150a030b03e1385e2e7fca268d7dddfe12fa262d1652ded7c1b11a87a75688
SHA512 f8b8eb1e1a7dc1e126083e3b0cc98c400b803aef150f44b1ef5d0453c340b0e1872670eaec7914958ced713c2fba5fa2156e54f66c9cf2d87c8f55291205312d

/data/user/0/com.dianxinos.dxhome/files/icon_today.png

MD5 853c2d56981a46a058db8668cb11234a
SHA1 d547cd0e515ece4567cc3145b00cbf7473bf8b5c
SHA256 01b4fc6aa4083f10c4c6182ce6780bdee536dd3442412fa2906bd9c63cc292a9
SHA512 561c642fc4bd4cea61644ad993c75c6e7493d695d2595137be5202c461758b108bb40fd8db6aa2e1457cb61020d81ae0f7e030339ed729da508673a51e848cda

/data/user/0/com.dianxinos.dxhome/databases/config.db-journal

MD5 8749048f7588bc6a394fe9dd45d20529
SHA1 541a52f5c2c3c520acfdc12a0cdcbfa70094c54b
SHA256 2886d863fb9dbe3f2082530a4b64c18dac0f3d01382f8a557136bcdf3538af2c
SHA512 a826ef1e3ce42991fa496f355faabbbe30d2e3e98f835618c6ef016d1481ba11805b01a3c5122b4cb1627054e4db771f05c139a0a5a82ea688c0aa93060e50b0

/data/user/0/com.dianxinos.dxhome/databases/themes.db-journal

MD5 c763cb4f5d7f8a06e316ee51b0d5bc86
SHA1 65d99e6829c071fd42c0a5ee3ca0b44c262099e1
SHA256 ae63e9eb7718dfb19185641d0b9e03a2eef90cd5acb393a243de83d8f9414f38
SHA512 6dbd9f31fb4978d1a118c601fbd9ae4b6787eaabc3632a5cf2cc90ab90bff8b401040892426baee0bd1e08fa7a4f7b11dcdc9e67c337d06ce0436517e6547e7a

/data/user/0/com.dianxinos.dxhome/databases/themes.db

MD5 22eb901b93064267953de4b65c29b185
SHA1 abb71e86f2ac4d1877dcaeff1db4babed6686b73
SHA256 85555f8be4d053dd1f79b69c2861f14fd6ea87f57b30317c84ac414b35ba084d
SHA512 80c6af0f6216c03b1ae73c8cbc64738bdaaa0d1518707515577603f435fc140ecc4260d6fa8e95c943a2e187c8ee276af3ed291c2feea08c2bac44447605cea6

/data/user/0/com.dianxinos.dxhome/databases/themes.db-journal

MD5 d8eced1e4625dc048f86c8f7411515b3
SHA1 e2adb06c71ed0a0415b549da5d13bd0bc320842f
SHA256 7efdbe4a4f8789b9556ecc8b21574ab6825d7668810e8b89c577366937f740c7
SHA512 e3970443e59162488532ebbb9b5701e7552ce44c6d1eb8c963742e33e733bfc1774e8a51a947b6fd5e725b0fc4c604ae1d765cec31706d8275e65454afc71485

/data/user/0/com.dianxinos.dxhome/databases/themes.db-journal

MD5 cbc0d40ee15c86d925b166c8a5e2b9c9
SHA1 b754a848596d771f6442ae60b2aa8405eca45286
SHA256 582531b6ad464d108e55c36d32cf52496ecd07644e27f94653741275b8a4a073
SHA512 6024a49d328cec329cf172c9939e16c156c76afe6b51ea44a426f49f936a6c1ea303463518526d840fd66041343b93f3491ac636be2b72317eefe67198579b17

/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 c45a48e0a2078b658eaa95d360f93b9a
SHA1 0118b82f02938f11c6a536e6c2911b06db126b9a
SHA256 edb179615fca3b6cc2d8b9f6b013cadcf22d201bd561dc1de3c8adef0a03a662
SHA512 99114913ad07b0d18dc2119629fd3837f51ddab274348870e98b561d8e4f0b3165f7f676636621dbf723fbb8d4657e387dcd4cb64e9e70ae7c337aaa595702bd

/storage/emulated/0/Dianxinos/myphone/plugin/com.nd.hilauncherdev.plugin.navigation.jar

MD5 732d19c50777e8c87cb16ca830a8fc74
SHA1 4e5894b48ecf732e57ebe523b3403e7dadb3c822
SHA256 7e746af12201b523f56a018f07c11fa96a24813ef68aeffd32712f4864877190
SHA512 ffd25d4c313c647bc6fd26f7c20afb7a4278a5f0da38741a8d639b9ac28017132ca1a4dd42281a27d33ad647372c689210636c2814e62b39dbdbdf11b6099062

/storage/emulated/0/Dianxinos/caches/imageloader/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/user/0/com.dianxinos.dxhome/files/bat_crash_1718130640743

MD5 6715d24247048daea4f60b432b7ca5fb
SHA1 c0505ef02242c94a8736346d47d386fbc4778d12
SHA256 a46df0aa3fbd480ed258a048ae9244e5fb1b8d0edb2b2b7ffda82b4744824090
SHA512 394a2c2adfe60212deecd05930ec3d467b50587b2bceaffdb8615d979fe65dda4912a3b75f96cfc218cb409d59f84676009bc4129e217429ff9af985c1dfe570

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 51c1fc1a59b79b6dd3971d4060798d4b
SHA1 a2338e2219ed2f881c8edbd3b3f15c5d9a62b517
SHA256 50758dcb44c426860c87b2aef9efe1b78870b92eac6900455eb8c6de177aee93
SHA512 a2713e27a5fb54e3e6951085dcd5fdceb214d78be5e84654c358972f08f18837ec746733cf463ba3117316265637cacd8fc456ef03a85bff7631b24d8d188510

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 a42e7201d7a8f19c363d245501fcb642
SHA1 1cae04479acb467214419e51b5dbb086da6cec74
SHA256 c81859c4b296177119b100c755bb19ae0af2fb5b7da923725e1a9caf1eff0a51
SHA512 c625d987cb18ffebee79fd9d5cf6650145e0ac58c0a8fd5aed560aab9a4b90624c3e1709c5a8a43539dea2872e51d9a5c907efa23370adf75afb2ccf670d7abd

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 1f9690cf587ae4016c2272af20f0fcc1
SHA1 ff8fdd32ac78be27687545340f146307b1a73a53
SHA256 4a35554f5dc6c32c81d6fab7ac258d9e0ea54716e9c89151cf53302be5356c8e
SHA512 b3a6e098aba152cece65cac30b51f6dc8a46982c0a8b39185439d1598581462e0bc6c59e27d52a2b726aaf5432319b051e411b92987d8d6b8b4705ab6aaaccd2

/data/user/0/com.dianxinos.dxhome/databases/app.db-journal

MD5 3f87dc84348fe1d59a84cf45cfa3e2d6
SHA1 f15b65c7cc406ce7a715094f7164e3ce86ba7c99
SHA256 a0b7738b5921494c2e8c73d6478c932f859af9ae34cb25865f20f165be390ee1
SHA512 af779165e65272b745d5d7a34cca24b13f19b1b1ca74a3288b6cc753f84d8063d2d4551893a01f30d89450217fea9acd1b40d72e670baf1cf8453d180867c10f

/storage/emulated/0/tbs/tbslog/tbslog.txt

MD5 bff1ace3dec829e0f37ebdf7bf4d3049
SHA1 63cf2b6b9b124fcf02c5af7a03770c4477e4a10c
SHA256 e74b158d44bed3c79362bb22604770ba821f22617e31c5348a17379c2e3066e9
SHA512 3e88198de0b82acedae567ec696b5542df3984df22879507a30b580345e3eb05d591287e6b44efd79f94210f84a91031a105e8b25e7628a673899d0b643a91c9

/storage/emulated/0/Dianxinos/crash/crash-2024-06-11-18-30-43-1718130643222.log

MD5 65fc650e1939252aba198a11d9239d44
SHA1 060455955631132ce4564268463c0e85276d185b
SHA256 0bf29bd665e787896c3e6d4dd9a1611131a8c55842c0553a29d2384eda9a4fdf
SHA512 bc948f88cc4323c8c384d64cb07951c8838c11155d51c9c41a62b454fcb47747a0282116c525b28b926bee9eedc0eb616374f8fe173eb1eb7e36c21378e26fa2

/data/user/0/com.dianxinos.dxhome/databases/User.db-journal

MD5 16e01c2f4066c9da22e3e24aec692a21
SHA1 25f7c126b4742d0ec5d4ea10023e4b69f8da6ecd
SHA256 7a3628ab60bed1a321bd6a41e0bcfa4f4e8101a1a4cfc8d4e1506a01fa9b03d4
SHA512 b539fbbe3c6d5587469ad332638826f80e5fa50264c3e30be15a09d1fc46bab2f7afe852b057e88e895833c4f133245fce220c0c662eb07638bfac9b6eac2ec4

/data/user/0/com.dianxinos.dxhome/databases/User.db

MD5 5ffa660761682c99b4913976b390b257
SHA1 3191af8c7a2de9e9bfdb3c7a7ddec2e125057ac9
SHA256 dada728ce1c5e47368360225910ed1860f92512319630aae67e22c73ffd5b407
SHA512 ac42d53674ec6d2e9e25694e2f8b09f0ef456cfe6f79a343f1b78502bebe4f9958a9f20c243020047832820b83363835ade559df90f31dd6f0782ac2fa980d5a

/data/user/0/com.dianxinos.dxhome/databases/User.db-journal

MD5 a30b91a5374078e58e7827d25aacc190
SHA1 9eb0ee106e175c18b910fe9363e7e1108103355d
SHA256 e58a7566b0cc82b2689172ed08f01533399eb58489c9ac1ee722964cac59ff39
SHA512 e2ab8e69ff55f120b5c4c98a981a482eb3d6b184057909bde1ada5e49383e51029162546b5ecc3ee35b160c5cc5942cf258c8ad46b7621538ec0584083e6fa72

/data/user/0/com.dianxinos.dxhome/databases/User.db-journal

MD5 b91298074beff549b2a796e7731a32fc
SHA1 acbf75f579e2ecdf93a46b2fd853083ce94d1a51
SHA256 a698ad412abc71884aeba4f7e19879eb4a82888349f79c5093325e53b4a0a6d0
SHA512 2bb5b712323c76450185f852ba890201277c9b2db70163500e48cbce63ffba1b4f296a796a12671ca559b0d5ec36863e0245e4d08d239dc7445f4ab675e89a00

/data/user/0/com.dianxinos.dxhome/databases/User.db-journal

MD5 31b8859fe74c88db230432a8a9e5bcb4
SHA1 3ccf46cdc5fa764e183525fc047e0d4fa177c85a
SHA256 95fa6d9113cb1dfad7642f292a78d983db3102ed5f556e4375727201b2aa5cd0
SHA512 1a2c523d7cfef6093594e41b91bc3c58cc46bade1b87b05fdacab5d90ebfd6acb3651e5e19c8680975669b618101b708d6783961887b5abc5acf33e8af603300

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db-journal

MD5 a2f8c68adf0c870dfbd2076b0d929f35
SHA1 02a6ee2a54727c2ec752bf80bb88122cbdd88bfa
SHA256 96f3810956582a91dab800db2f116eac91da9b1d174a898a96d243c536dcc31e
SHA512 df6d0c83f51bbd6d8f08f7d2948d60ce30585b4670f71e7f23dca3bc709de4c5c52dc019382f5884beccf223ee0255e060fff95712767ff0c7a156c5485afb7a

/data/user/0/com.dianxinos.dxhome/databases/launcherDX.db

MD5 9acd16c563e9f8a4260e5eaa33e8896e
SHA1 58af806348bae4340dd6da1736bd15503be96a6d
SHA256 9f0b658a269cc8023fa8ba1941adb84b0562f4c716047cd9b39f9dd189f45f51
SHA512 21643de3e870c79d575b24ecc0a152c2bd1910c012fa2700830b08f62fb9d74f031639a5e0ca7da54dff726e5ee13d09734163e824f3114017117f61688517a9

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/v611_virtual_recommend_live_folder

MD5 b7d3752c36fe02a0e8b8e360d9657685
SHA1 5cf387ca503739042d0f26db440e38dae34286cf
SHA256 9de5711a64b1819a3bd42f3cda486b2c4703f1feb855d0735241c4b6165e9e3f
SHA512 4a92529ac273a202af9c658673f9b85112ee76bee0cb1c8afb9089a45ad414f47bab1379865a8bb1f554e2457aa3edb6d1a5014aa88768188381343430bffeb4

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.photos_.home.HomeActivity

MD5 7e9bbd9d7a9e98a852459ff94b1297d7
SHA1 0705bac7fbab93ad677104f15c3dede62dcbea68
SHA256 ce98c4054398c8557c83e13dd61e949d3ee725064123481582db179612bbdd96
SHA512 8629a5a401e70f7de2d690c7665a1ebee4d854b6dbb789475773520e622c00c667567881c7c9aeeb6f29b98fcb4b5f6d5bd514ec0b22ba14669426bf1428c8a1

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.documentsui_com.android.documentsui.LauncherActivity

MD5 c543cff1f451792569afb8e34623322d
SHA1 84dcdeea37a55f75dfba6473d1e587a1ac220401
SHA256 b92b9b4cb5387087519975f715a609c1454421ff96b0870151430bade4da6f1c
SHA512 826215f6895906d58e8a6fe92157ace2f4f748715084bab9976636cac3b42b6b6ed3455be1082c9fb3570810ce92207901b86e5f95a45f30822395f09945f75f

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.videos_com.google.android.youtube.videos.EntryPoint

MD5 f7a925c71088cdf16f8fe0cfa6790ad2
SHA1 4e64875b1356f22fea7885b7766d97fbbd1e00a8
SHA256 a681e6c2b2f950f1643c49885a73bd2c4e7cb5c264471a412a6beae840821c05
SHA512 42d699c8734e76b4cbf381b3a6e73ff8982196e33837a660332617c58cca3aa34bd9e73fb193872f84e06b454b4c1e3ae86d41cea1c9fb960f76f2ef11360227

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.googlequicksearchbox_.VoiceSearchActivity

MD5 a6899cba4783884c9a1ecd6ca4603215
SHA1 929297a8b09d3bbbf5b89f9b191f4d91018fab09
SHA256 6da021b42d8b8e25c8dffeeeb926d63f37348fc2db1d5337a1942c2fc107bc46
SHA512 63d595850c0b974334036dcefe39dcb083191fac3615606a5debb4ec96b5138392c4f4788231c3a7b46b0dcf9e4fbefe1a5bfc93d75f34d8efc4716e94f486f6

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.docs_.app.NewMainProxyActivity

MD5 16650539bfbf952505d5f06bedeade85
SHA1 c60790176237d9e7906762d3c51964de247f56f7
SHA256 c7e9c00e7a9deb99a85183244a406edd32a331a406d09e49116e8821bdef5f68
SHA512 3055808af5756fed149af7f84add72411379041c9a21e2b188ab16b344d39b9a430bb24d84c7a034ab4395c9456aaef3670f444d527ad74abb15cd2d3e4d011c

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.apps.messaging_.ui.ConversationListActivity

MD5 8bd8e5fbb14e1ec5506b4b3ef09a883f
SHA1 7574590d1f14165beda6ab81c29dcf17afe4c2a8
SHA256 7447c73e59356546c208e0e651feb935f3bb9445c672d0ce4c00355d3f3a1c2b
SHA512 4ad233bc43a0c8a46fd29a0a035054aaab117f946744b6b79a6618f5b17200baf37db3abb75ed16d27cf59cbec0aea144dc14eae1454936cdeabd966c71b8f0e

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/org.chromium.webview_shell_.WebViewBrowserActivity

MD5 5cc829fd3111625e5c8e4bdacd4addd8
SHA1 d27e0189afbadfaf4cb935fb8891ee0f5577a7a3
SHA256 be3a16326ebc00c014478b808fbd2d9b65e3c044b6ecba642f04a8cd6013cc23
SHA512 a0fab80afe402c2b8eeae41e30d5858be9cee57f1053450611c9c3574d13660b0d757727f490ebd99b2884c86ecee95944e8aa8e19e2e874e198167cce8713f7

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.youtube_.app.honeycomb.Shell$HomeActivity

MD5 93b8670d03655346fce82cb74808ec7d
SHA1 31c2acd8ab75fe02af30020187b0d07fed0b52e4
SHA256 aecfb275b94c3a2cf06100ded86f53e00351174a80b56b944c7518edd7dfe41c
SHA512 70a07b02d1c75db2d4605cdd7adee229191b7d3b5fa575b21e41475e07aa2b0447b8b998967a70f85a956fe6fd0241ef479e75aa83e601152607d7c668d866d8

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.android.chrome_com.google.android.apps.chrome.Main

MD5 dee3db7c7a5c0d4f0b15763fccdd229f
SHA1 fc5c09555706016e4d6801eb6b96098ef0c4bf20
SHA256 f5969cb96e7d146387879b742ead94d3fb7d97c3f272cfef1d5660bd72009485
SHA512 67e8ab85208ad67d5e820bc062d722353336c218174547d6b102e95e1ad30c757be8f25d8d9a476099dec5c558735b51328f1edb209e9d1578d28e8a8d23412d

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.dianxinos.dxhome_com.nd.hilauncherdev.launcher.Launcher

MD5 11665515e62032f4188e1456da2e5b29
SHA1 16c33232da6d2887b2dad19dfe6ca76480d81ad9
SHA256 8dc5dd8e1acde97f71973068abd411c21eafa5adff04dc945591ae08972aebb8
SHA512 786327d4c448f472aa127dd771e4ce88b501ca1210bbf1dc98f5c11476a7f6c9eb65002f30ca29d1cb43bdc7b11dede14ec853a50c73f1a823d25bf79ca7bdad

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.googlequicksearchbox_.SearchActivity

MD5 390b54596d5684e81136e56a00f28675
SHA1 85a225262b1ebeff003ff9f5f309a53918ec60c5
SHA256 502169f18f7ae6683d0da68be2c20b665e104bcd30b12173d3843c7814010841
SHA512 4fd5ac0abf5e85a91b73e24219b57de5d159df364375e2a80f7a21816fec1fa9458ebc7874cfe33999ea0e927ddb03bca57ab3687812bf5d46bbc22e9522cce9

/storage/emulated/0/Dianxinos/.cache/icons/v7_small/com.google.android.gm_.ConversationListActivityGmail

MD5 1b0e241bd073f2e49abcb86339e2f208
SHA1 7aa970db10cebcbf0295c7e7a27a177a0e66b312
SHA256 b2d3242eeab898c223d3993c5ef1f09162ef6de511aee2028fb7666499faea53
SHA512 a4d9a35304d3cf3aeb430f61dc0ccc70ecab2719df55017e0e0414cb1ebe820972fe4504bbe61e0063b6d5537a871b2ea836e3a40308f93a8ca68b17dd852edf

/data/user/0/com.dianxinos.dxhome/databases/myphone.db-journal

MD5 a1811fae7c3827dbf06fa1203cbf775d
SHA1 6e842a7974dd612aba7f3f2625ae58d0b3eb3b40
SHA256 63c4f22732bde0eb892447a022976c578b497d8c8534e78c0de28c9adf9b38d7
SHA512 452a46bbd7d2eab9b09fdb61f034cd8be28671183191013425627eb8042139398bf7a4546e647f223cd6d2895a98788c5a8258a9a9ae1c7c196adc8872a3f2cf

/data/user/0/com.dianxinos.dxhome/databases/myphone.db

MD5 cf62642250a9857124d4e402d27b735f
SHA1 963e1ad167d2efc062673688e7d10afb0ab08957
SHA256 33dc3ed76f25340ad91cb620cdcebd5bea8d1ce4d5ef46ad9c91c364f6fd9419
SHA512 ef915a7944f1b4d7d06e5b5449bbe1b8bd99c54481169db90c740c74e7a6c5c838a362fcfe009ad5a019f867b1e204face111eac6672d2e1563ea0f9f0571dcd

/data/user/0/com.dianxinos.dxhome/databases/myphone.db-journal

MD5 cc76d80b6734bc19260d13243ebeeb4a
SHA1 a95079c8fe88d9259f5c6f61479e528d108864f2
SHA256 49d6ddbb8ef551cfbec3ae96d7a165d8992cb0f849d77b5c67ee3a40b9c8a36c
SHA512 ac0c51800250d6160caab74f0c5ce7bc5cce94b81594122cf2f217c8c8913cdcb41f420c59234f1d996c0300c3fe6fafe3901645e1f8da49ee4f0d332f2e56d3

/data/user/0/com.dianxinos.dxhome/databases/myphone.db-journal

MD5 b967c9d92305f2a85ed88bd974747d42
SHA1 7eb00aa2cfa4e3a4ee231108abff89e90055f354
SHA256 595989d0c391c6b11901f4a1faa20bd30a0c5e2632e7bf1a60c944f84a9ad215
SHA512 99e17557ca44aa8fc42ba07159ba6eca172ac89d6cf72d7382aeb0b8c70bc883865c6f1178a667d1e05864dfd03768763b6da188be306bd5ccef7db91b0ba34f

/data/data/com.dianxinos.dxhome/files/plugin_upgrade_new.json

MD5 caef1739b3108f8412d14cde292e69a9
SHA1 41e31e3e7349a11d751bd3036fce73cb4c0db709
SHA256 38fd7490004748f8041b5dce5649b9d920c0d3d63b18b590bcbe4c1be31bc29f
SHA512 464e192dfefcb11af120c8d9dcb360052022dfba0678afb048d0dd4aa005fba1d625f28ecca498e2ac718af0d108b309d0bb35aa76d3817349192a75e0fc8eab

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db-journal

MD5 325ad6dc06a472fb8e22e594ea81b0f7
SHA1 294a7d09d907db2245ff1b22458b0ccc1362cc8e
SHA256 c977f120b7cb4f681f2172f4cef1d588151746f2f83279e3960f1da2f84f877d
SHA512 a9b0289b35974b9d501298e1d3b086c98ce56fc350a09e93be74fc5b72134f1dc313b85e95ffa3199884437aba27b0a1703cca807a6dadc7e64c06841a1b6db6

/data/user/0/com.dianxinos.dxhome/databases/91analytics_v4.db

MD5 d257fa6ff23af29de4c23b25059a40c8
SHA1 bc250e33a9ae34f01550d9a26ec04ff8b4eddc0c
SHA256 539d136b802cd3bf874a4430431453965a384db50392aea2fd1ca90b4884acbd
SHA512 f573900261abefad5e34e37d43bf36e27cb5791d47a78985b9e8689423da6c999ea62c92f3023b7e54b64985999c7d9fd6bec7b03e7afd0a9442b5d8acaf169a

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:32

Platform

android-x64-20240611-en

Max time kernel

7s

Max time network

169s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
BE 74.125.71.188:5228 tcp
GB 142.250.187.206:443 tcp
GB 142.250.180.4:443 tcp
GB 216.58.204.67:443 tcp
GB 216.58.204.67:443 tcp
GB 142.250.178.14:443 tcp
GB 142.250.178.2:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 142.250.200.10:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:30

Platform

android-x64-arm64-20240611-en

Max time kernel

13s

Max time network

181s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
GB 142.250.180.3:443 tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:34

Platform

android-x64-arm64-20240611-en

Max time kernel

4s

Max time network

150s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 pandahome.ifjing.com udp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
CN 60.220.179.148:80 pandahome.ifjing.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
GB 142.250.187.195:443 tcp

Files

/storage/emulated/0/PandaHome2/caches/navigation/navi_card_site.txt

MD5 14adace71e0e91482a993c6bf1698756
SHA1 614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256 eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512 b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1

/storage/emulated/0/PandaHome2/caches/navigation/navi_jrtt.txt

MD5 75762b1d4cf1f49bd6b036b4a4d3d6ed
SHA1 65ebf30194b63374e40d81b40839bc694a6c8a91
SHA256 046739d4f217e457aa30598dde39fadf14ccb6e71cc1e8bca6c821682933da43
SHA512 b7fa68b5308e71c3c56f9fe7e6a21e3623aab91827cdbc2453e68e38e93870c0e5416f8365643d7093086d2c742f79f211054632f0bcc77861b47f9a94caeb4b

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:30

Platform

android-x86-arm-20240611-en

Max time kernel

13s

Max time network

131s

Command Line

com.nd.android.widget.pandahome.flashlight

Signatures

N/A

Processes

com.nd.android.widget.pandahome.flashlight

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:33

Platform

android-x64-arm64-20240611-en

Max time kernel

40s

Max time network

144s

Command Line

com.nd.android.pandatheme.p_yinyangshi20161109

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A

Processes

com.nd.android.pandatheme.p_yinyangshi20161109

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
GB 216.58.212.238:443 tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 142.250.180.3:443 tcp

Files

/storage/emulated/0/pandatheme/dx.apk

MD5 38cf7f560430ccd33887e6cf3b4ad696
SHA1 23a90e3d23a1fd87b5948be57e904f63d7ef18b2
SHA256 4eb0a9241deb8176a85d30a755e403c3623acf12cc46b7a9738cb90bea10e73f
SHA512 1f147fb51fb80c4a789c126ef72740829c05d6a86611308733ee68ce872e945f9739816604069a6b116afa7b2b262a118b60c76b0fd613b447a7bfac65dabb6b

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:30

Platform

android-x64-20240611-en

Max time kernel

3s

Max time network

144s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

N/A

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.180.3:443 tcp
GB 172.217.16.234:443 tcp
GB 142.250.187.206:443 tcp
GB 172.217.16.234:443 tcp
GB 216.58.213.10:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.179.226:443 tcp
GB 172.217.169.10:443 tcp
GB 216.58.213.10:443 tcp
GB 216.58.213.10:443 tcp
GB 172.217.169.10:443 tcp
GB 172.217.16.228:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.16.234:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:31

Platform

android-x64-arm64-20240611-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:31

Platform

android-x86-arm-20240611-en

Max time kernel

3s

Max time network

130s

Command Line

com.nd.hilauncherdev.plugin.navigation

Signatures

N/A

Processes

com.nd.hilauncherdev.plugin.navigation

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 pandahome.ifjing.com udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp

Files

/storage/emulated/0/PandaHome2/caches/navigation/navi_card_site.txt

MD5 14adace71e0e91482a993c6bf1698756
SHA1 614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256 eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512 b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1

/storage/emulated/0/PandaHome2/caches/navigation/navi_jrtt.txt

MD5 75762b1d4cf1f49bd6b036b4a4d3d6ed
SHA1 65ebf30194b63374e40d81b40839bc694a6c8a91
SHA256 046739d4f217e457aa30598dde39fadf14ccb6e71cc1e8bca6c821682933da43
SHA512 b7fa68b5308e71c3c56f9fe7e6a21e3623aab91827cdbc2453e68e38e93870c0e5416f8365643d7093086d2c742f79f211054632f0bcc77861b47f9a94caeb4b

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:31

Platform

android-x86-arm-20240611-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-11 18:27

Reported

2024-06-11 18:31

Platform

android-x64-20240611-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A