Analysis Overview
score
8/10
SHA256
85040f1ca529f8e8b40f465bb9246524c468d9847a2d615944530107d80cbb66
Threat Level: Likely malicious
The file 9f236e0d39f042b69f4e493b86061ee1_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Checks known Qemu pipes.
Checks known Qemu files.
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries information about running processes on the device
Obtains sensitive information copied to the device clipboard
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-11 18:27
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to collect component usage statistics. | android.permission.PACKAGE_USAGE_STATS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 18:27
Reported
2024-06-11 18:30
Platform
android-x86-arm-20240611-en
Max time kernel
12s
Max time network
146s
Command Line
com.biquge.book.noverls
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.biquge.book.noverls/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.biquge.book.noverls/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.biquge.book.noverls/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.biquge.book.noverls/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.biquge.book.noverls/.jiagu/tmp.dex | N/A | N/A |
| N/A | Anonymous-DexFile@0xcc83a000-0xcc849e88 | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.biquge.book.noverls
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.biquge.book.noverls/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.biquge.book.noverls/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.202:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | oc.umeng.com | udp |
| CN | 59.82.23.79:80 | oc.umeng.com | tcp |
| US | 1.1.1.1:53 | beacon-api.aliyuncs.com | udp |
| CN | 8.132.237.161:80 | beacon-api.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | adashxgc.ut.taobao.com | udp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | dig.bdurl.net | udp |
| CN | 8.133.123.139:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| US | 1.1.1.1:53 | pp.tuxiansheng.top | udp |
| US | 1.1.1.1:53 | sk.qingchen.art | udp |
| CN | 101.71.150.37:3000 | tcp | |
| CN | 101.71.150.37:3000 | tcp | |
| US | 1.1.1.1:53 | dm.toutiao.com | udp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| GB | 79.133.176.166:443 | dm.toutiao.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | oc.umeng.co | udp |
| US | 1.1.1.1:53 | dm.bytedance.com | udp |
| CN | 8.133.123.144:443 | dig.bdurl.net | tcp |
| US | 163.181.154.236:443 | dm.bytedance.com | tcp |
| US | 1.1.1.1:53 | pangolin.snssdk.com | udp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| CN | 114.80.179.241:443 | pangolin.snssdk.com | tcp |
| US | 1.1.1.1:53 | dm.pstatp.com | udp |
| US | 163.181.154.236:443 | dm.pstatp.com | tcp |
| US | 1.1.1.1:53 | adashbc.ut.taobao.com | udp |
| CN | 59.82.39.0:443 | adashbc.ut.taobao.com | tcp |
| CN | 8.133.123.137:443 | dig.bdurl.net | tcp |
| CN | 47.116.84.225:80 | beacon-api.aliyuncs.com | tcp |
| CN | 114.80.179.240:443 | pangolin.snssdk.com | tcp |
Files
/data/data/com.biquge.book.noverls/.jiagu/libjiagu.so
| MD5 | 98736de515958ae37ae93a0a0e997098 |
| SHA1 | 72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9 |
| SHA256 | 335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421 |
| SHA512 | cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf |
/data/data/com.biquge.book.noverls/.jiagu/classes.dex
| MD5 | a72d48bc8cf681f0292876a04f65cb5c |
| SHA1 | 45f2a6ba73846cfec59b0729d9061cd5d28876e1 |
| SHA256 | 355cd559da64a3490374b1283af1e486f7c68b61c8136ff9c592d98a560d8f4a |
| SHA512 | 6868b085bec16b6f6db6d73c7801c815e8cdb455432f956c7b66aedd0b4ba494575458ecaf96e39a74e095e25fde88803f3f945459bfe3d9cd6a6cca4f5949c3 |
/data/data/com.biquge.book.noverls/.jiagu/classes.dex!classes2.dex
| MD5 | e3e6b819aeeba9f228827945c5bbd4b6 |
| SHA1 | 647cfd1a6f4e1ab6c8c378f79b80afacd97b28c4 |
| SHA256 | 6ac6b69f1b8d8a9d7668a1689ff40248500149bb8841356b3f15eb4102c00de8 |
| SHA512 | 9c31599e904ab3cbbf711af04e46f48cb578229b3643e3bfe7d1a1f7d8f295dd85a0a1d4cf6808cab6129fa4d26c441d60b90b8796905de02145f8e557d8ec1a |
/data/data/com.biquge.book.noverls/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.ri
| MD5 | bef54b5dd3b670e1da74fb207f82ef54 |
| SHA1 | 3d13db9f0dd5e8ebfd73c9535c3fdfca3fb47d8a |
| SHA256 | a0b5a2df4aa7b356f1794a74e6534d449857626e4521e9814c343366c62bf4d6 |
| SHA512 | e2bc27b6edc06b2e36ca6a7045d1e41e1c953faeaaaa94e9c115b6dc9ed5e9cba6e4726b1aa635f53a5aefaf053adb24bbccb044a336e44e337306bad5a48dfc |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.ri
| MD5 | 1039913d44a70ed43cfa00af50078b3f |
| SHA1 | 9632778e345350f117f401f2bf1a0f240bed27ba |
| SHA256 | cc09e072a6396f483cd7e483473dc10b61662bbb664af4a5f689ba23f3e27f15 |
| SHA512 | 00f344ebdfaf50662ba5f2f8d3387cca86043c01cba1be9b8627365a2d25d6eeb33a4aaf2bf6ee2bbc1e807f487f838f5f5269221958e84e038a880b0c3f5953 |
/data/data/com.biquge.book.noverls/files/.jiagu.lock
| MD5 | 1e5f8fe5ca4f21b394ce7557f2a19b21 |
| SHA1 | 02c961553af4337536c5328c6a060a50c6ce15b8 |
| SHA256 | 7ffc685f1cf2f25175fd1c013c29b0675a55b4b70a6433c20fcc5f8ffd0644c8 |
| SHA512 | c7c80cd92cb584f0de20496ed4959e83048b3f8c0ab2532a63d633bd1104dddaceefd4e4dfbd555e6d30034360c042eb2f48f7a5171fd04fd530eeac1a6561f5 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.rd
| MD5 | 309645c3acd89c23986608cbefc6fc2e |
| SHA1 | ac72d130bdbca6a9b66d207f3e2ac1727399c197 |
| SHA256 | 84470c48068cce14dc1e3db6f8b8b9a37a356b0c1decefc770572d0d58909d7b |
| SHA512 | 27f6615422c683f37ca08a3f84f29cda9b119bf8ebb3b773da0f3310f4f0df9f6685d114f9bd4d89e886887d435aad6c8ade25d3dfdf3b5ac86c9761a629cc82 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.store.report_cf
| MD5 | d01765cb87b6382cc3b9c4e7dbd52415 |
| SHA1 | 08a1a2041d14ae387a8c38642037da358745f216 |
| SHA256 | ee2c9a986f022b7078a7662e947f1d117e6f64e17956708878d5a4495c93ef62 |
| SHA512 | 1e5e0c560a25ced84ea6ce15bd8198c53194ee297088f3c267c6a87b9cc7f016e4088937217b1c3b605f9890b51e53f75dd9ca7af4808b7fdc13e5ecb6375470 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.store.report_pid
| MD5 | 2603f62e5b9bdac7c1130daf84c09cbe |
| SHA1 | a420c898417b7e88ec90e09cefeaea61e78475fa |
| SHA256 | 7971c79d9da81b94bd65b9c27b9aff1b498b31b0533df2c45e6bb78c5ac91d39 |
| SHA512 | 157251503c070acf5966d796692e9c352bfd363c95a967f215a4d28fdb6dfac2ef7de81e853118300117b6386c83621c3afceaee165c98914b93b5fd25e794a5 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.ri
| MD5 | 8dc5eb0b7943b645978389c6c7915a13 |
| SHA1 | dd47f6fb466442976c59ac1397e864e40decb7fc |
| SHA256 | 907398fa581d139b788a855984531f164b73b2abd12497f0c84c490c207b20a8 |
| SHA512 | e8cb130c93f669cc27fbd996c19316121b7ac239ddac12358cc112e4f46c16883748da57721807c2be850277bc9ec01d2e9639cc0303b5dd48d42e7ec9dcc22e |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.pk.h
| MD5 | b11a68dcbfd6f916b8384a40bc487eff |
| SHA1 | c94c3419884bdbe37dae2146f1b12179d89f6221 |
| SHA256 | 76af2985a0aab0b03ce5c36dea6b371cae0eaa7a94f24202ebf85469fcae8c4e |
| SHA512 | c9b369f259147eb19351d3d366931218ebd51313703da8e53c3c7991b5c3dadf7b5b1052c42a57498679c01ebe6a0db6c0f4a093e249fa92bc48cbe11729cdd7 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.pk
| MD5 | 65a52c40b03ddc80a44e3443e3a59cc7 |
| SHA1 | 643b489988990f2014b20a84141ec3f0b034b356 |
| SHA256 | 1cae044281a83245e8b95ac821f9da7edff520f0f378fc126dca7736a2c2c221 |
| SHA512 | 408f0a56a1d7a6fcdea61bb8f815dc04147ba5ecea6829ab3d84bf7bfa77c4939874173358c2a1038246d268ab12c4d05e89979ed8878234c3c6ded52c3789b0 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.ac
| MD5 | 29a95ff4bac131d3cc3b16214f78072b |
| SHA1 | d720f80022455de110b1cae8bfdc0cad154af0fc |
| SHA256 | 5aa2cbb989e2a50a932c15f4253dcb2d62df4a5254818b86d2fc86a84571f789 |
| SHA512 | d5ce2e0dad1db153a98014f3c97b135aad070ae4d1c67fd0dbf105041b943c9fbcbc44184e319b06395235a0958e8a6e9d3065a00f89ac3e6604af70d2217372 |
/data/data/com.biquge.book.noverls/files/.jglogs/.jg.ic
| MD5 | 6d978f8ddde91ad8df297d900242337a |
| SHA1 | 38c90f9c396912301105632cfdc76855dd34b9c4 |
| SHA256 | 3ba16280c0f2dc67f47f584766b15fa261744cbcbaa9969efb1111cc46808969 |
| SHA512 | 40f7bded1b675e51c1eea5984abcf185ab7395d152e9953f59a330ca1884a430ac54ed20a911c9d027236027bc8461c1cc0726d52756bd0317f1cf4986d17bea |
/data/data/com.biquge.book.noverls/.00000000000/A3AEECD8.dex
| MD5 | ed73a80eb949bacc52428b8d5a087fa5 |
| SHA1 | 07e973549a2cee61ffeeb6439abc419cd8a489a9 |
| SHA256 | f0ead1ad60e0cc310c1a40685c28fc7a69aa346604552816c51dd3c1718a1e76 |
| SHA512 | 4bc26c18ca3a2edfe38ca1e14ad1e1415268b4a69cdff3c0f8e2b8fa910c67c2e4bc4f32c21274e586e8e139122ea3dbde7ec507c4722b4a9a778ee2598090b8 |
/data/data/com.biquge.book.noverls/.00000000000/A3AEECD8.dex
| MD5 | 5061e4948844f7d366972ac8005e9f13 |
| SHA1 | a2b79a1c79afb095ddebf0f16a1f9db64482bcaf |
| SHA256 | 3aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45 |
| SHA512 | 223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299 |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/uil-images/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.biquge.book.noverls/app_crashrecord/1004
| MD5 | 7184c394333157b2a86da0ad821602df |
| SHA1 | 687365504b0775bfd50987b075ae1acd5ec3e8de |
| SHA256 | eb0ce83263f124d1cbc3a7d26c0c0cc57ad34a55b8a23c3ea11b668e3d2ed4ae |
| SHA512 | 95b7a217eb85b8152e88924464596a762727331d630964b385fc063b2b2ed94287315b77b587d0ef97e507ab3a8e276affed6e744f3f1a25b721dbfa3486cf39 |
/data/data/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | e17b7065daf79bf1a7c486af88340ca9 |
| SHA1 | 06c60c91ba0b77c53e2a42b9695153b94c2c5478 |
| SHA256 | 40f90f8709e402db7f8263b444dffb98a856ef0178b1f2b0bedc1b630fb85037 |
| SHA512 | 2cad26c971852ab384fe83260f0b7c06be1e491d3d262c0e3057aa148f31c8bba4a21b66ea5ae6e1857e0e23522bac764a87e8736b8455cf654fb4746ad7bab4 |
/data/data/com.biquge.book.noverls/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.biquge.book.noverls/databases/bugly_db_-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.biquge.book.noverls/databases/bugly_db_-wal
| MD5 | 8b45870e6f2b5592ec2f37b81c61d35f |
| SHA1 | 3d1b8de99b7ac31e4a5597a49153bd4f9a23565e |
| SHA256 | 7bb4904e0883d0c6ef6307b3d3e5a1c7d3f1aaa04c8946c690daa3ce60f82946 |
| SHA512 | d4fb87ad75b80c5bf57d009e00533bda9dfa8855fc39f5e4f019809531039abb17b09212ece4143f5a9ea6afdcd96a0d34603e2fada77ffb58aaa9849bba7666 |
/data/data/com.biquge.book.noverls/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.biquge.book.noverls/app_crashrecord/1002
| MD5 | 019fca57eaadad566355b1066443b432 |
| SHA1 | 591e894fbc490e5e998c90dc54d56184cd84fac6 |
| SHA256 | cf2f3a5e8b68678658850036a4b991a9144b366bce214267714c7793dde28bdc |
| SHA512 | c95a32ab61eb59da187360b7f4b3e1b53bdbddef51d0e3f01b7582d3a799130049cae2f509b7415de6e14339ede6268f7e4aae759c099660700151dc1f59f6a4 |
/data/data/com.biquge.book.noverls/files/com_alibaba_aliyun_crash_defend_sdk_info
| MD5 | e47f2223470f5fec847d8a556c5b84ab |
| SHA1 | 78d8dfd61e8a08800eef8010e7665645ceb6f3cd |
| SHA256 | 3f4fb3ab6324150b7049289120c6dd02b087fa80627253e4d9da1332307fa271 |
| SHA512 | 72ad028bcb91d2dc5ee5fd657fb2d992293a86299769dc670243b1fd0882b611350a7f8950c02c95300893ea431c3e60091186b235f11957018a57fbf93d87e3 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | ffd2b3fb021d83347bdccf4cf20196af |
| SHA1 | 77fee3d16d79cb82799c4e58c692b4c247bd9733 |
| SHA256 | 9f649dded95adcb5a26dd5a098ebd85bd2c8129b8b0661665606c9cdaebb4a6f |
| SHA512 | 7b7b244f2a07cc83778ebb2fc6e46264e76a39598dbbeb1f6b6f8bffa02dba810759b0b81e3d3b151740ccf4d629a5f65f4a368562e561d6cc2ed3b5e350d2f9 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | b91adeade59a27d5a841164aba96de2c |
| SHA1 | 0cc79c67e2115072e25c9f3812307be542d197e9 |
| SHA256 | f9596ad8e1c4e45e72ccc5b19dbf85e20b4c83477a09d487042c07fade308c22 |
| SHA512 | 213ee13ef26f4605fc89b029b069c4f21f933596027ac43b6db28c57f83124b26dc5aaabc77979995d46ce9a8fc7c50d61864e9f8d91bb4bb3631003ebca6a73 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 1055353d4e776b74d00ca3dbb93704f9 |
| SHA1 | ff924c6bafa2f5fce27214dca72230db199d431a |
| SHA256 | fb79e383e1a31543dd4105464fec0e09b47933bd5dc2312c6e4d125483e2a030 |
| SHA512 | 2bf4748957c5751fa6f5e3091dedce195995795ff6adb53e1581f2d16c1796837c2644949b959007eaf809a10b64f8a07be859b3e2d0a293a67332015fbe27bf |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 24e7cd1491f1b0ce678e7f38d2e5462d |
| SHA1 | 4b0649dca4ec3b3389beb59ebdb2011e3091057d |
| SHA256 | 17e83efa7e04e288cf3cb0b6cefb828600458c7b3cea3f8ff9f5ddeadb3d70c8 |
| SHA512 | ad736583a8beb1fbcd48831a9617418003bb2b778d7638c29e180afe209683524b76671b9fd41b553a98c5197a12ac5ac61c47400db5a43225f36f39cb34a0bb |
/data/data/com.biquge.book.noverls/databases/ut.db-journal
| MD5 | 19084d9d32d0f9e902e31d9522865196 |
| SHA1 | 967209aa49e7749a307f1006c3813438e572e893 |
| SHA256 | 41e1a6b938eb317632f8935b7f56540678189c77f2ae546275e05fe2817f9809 |
| SHA512 | 90b27fe8abc2866d88b180c6feb7eea9498573d2b5562338624a4abdee626757ddc42bf2ca7441cb80b00cd919a87114f04ebca6f6e23c39560f688836589d6f |
/data/data/com.biquge.book.noverls/databases/npth_log.db-journal
| MD5 | 421c6211a0e24f99a120e3172076dea7 |
| SHA1 | fa144a4eb1fe0714d7c6ecea2d384b8a4f87a637 |
| SHA256 | dcd9644a5950bdaf6cb9b1e373db8ea318ff042245ea57d85ae55196d51e1ea9 |
| SHA512 | 6bd6676e78cc05fd75e6e301fe666afc934f403d8bb803c1be44ab9e2c211901029d2754f31eb67d62cac4f98dafe527160ec269a0fd343df4c387dc1b6d81ea |
/data/data/com.biquge.book.noverls/databases/ut.db-wal
| MD5 | 21faad36219301c68ebaaa0d184c546d |
| SHA1 | 3bf30f0d0ef269bdf4156c429b95731a571873b9 |
| SHA256 | c61ec48ae6cb7808c26fea7291e3bbd74e9b8adad91888492469a009f84b3695 |
| SHA512 | 63b676a3de776ffb05a7c02fffcfcd540c703717ad0da62e1da5e5ae3a1bfb84eff3536f18bf00ca8dfd594ceddde4c3fcde1ebb818b4d42d8849308941881e0 |
/storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat
| MD5 | 2e0ebf43ca5b6b5cf209863260362e6d |
| SHA1 | d49f363fad573846fa793bca1cedec800127844f |
| SHA256 | 4dd77ba3c721d3f3a216116e1532f19809758784186cd60b733f45e6c287530c |
| SHA512 | c8d6633b190d28bc8b366ddc9fe1ce9a7a2e798ead7bb036af129b58222bf423d6d392d17e63abb689cb6ed031ed865d6f3907d3ed72e05efe51b2db91dd6ac7 |
/data/data/com.biquge.book.noverls/databases/npth_log.db-wal
| MD5 | 5b5d2ffd3db3bec6c19b2f889f9f9779 |
| SHA1 | a905c53535e01b44d57ab7aef2a8bb83fa724c30 |
| SHA256 | 40208a78d01e9115b76a80dc5d1bec420b63a36a93636ad4e845ab267e256e4c |
| SHA512 | e74c7f860702628bb7ec1067711c816f3ae94ac83c07af5f32825ca8526e94729f247b4633e328232c9066c3751c8369bf82b9045a7a50b7a37d0c317dd3e2f7 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 18:27
Reported
2024-06-11 18:30
Platform
android-x64-arm64-20240611-en
Max time kernel
172s
Max time network
188s
Command Line
com.biquge.book.noverls
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks known Qemu files.
| Description | Indicator | Process | Target |
| N/A | /system/lib/libc_malloc_debug_qemu.so | N/A | N/A |
| N/A | /sys/qemu_trace | N/A | N/A |
| N/A | /system/bin/qemu-props | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/socket/qemud | N/A | N/A |
| N/A | /dev/qemu_pipe | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.biquge.book.noverls/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.biquge.book.noverls/.jiagu/classes.dex!classes2.dex | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.biquge.book.noverls
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | oc.umeng.com | udp |
| CN | 59.82.23.79:80 | oc.umeng.com | tcp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | beacon-api.aliyuncs.com | udp |
| US | 1.1.1.1:53 | adashxgc.ut.taobao.com | udp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 8.132.237.161:80 | beacon-api.aliyuncs.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | sf3-ttcdn-tos.pstatp.com | udp |
| US | 163.181.154.236:443 | sf3-ttcdn-tos.pstatp.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | adashbc.ut.taobao.com | udp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| US | 1.1.1.1:53 | dig.bdurl.net | udp |
| CN | 8.133.123.141:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | pp.tuxiansheng.top | udp |
| US | 1.1.1.1:53 | sk.qingchen.art | udp |
| CN | 101.71.150.37:3000 | tcp | |
| CN | 101.71.150.37:3000 | tcp | |
| US | 1.1.1.1:53 | dm.toutiao.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| US | 1.1.1.1:53 | sf3-fe-tos.pglstatp-toutiao.com | udp |
| GB | 79.133.176.224:443 | dm.toutiao.com | tcp |
| US | 163.181.154.238:443 | sf3-fe-tos.pglstatp-toutiao.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | oc.umeng.co | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 8.133.123.137:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | pangolin.snssdk.com | udp |
| CN | 27.185.235.162:443 | pangolin.snssdk.com | tcp |
| US | 1.1.1.1:53 | dm.bytedance.com | udp |
| CN | 47.116.84.225:80 | beacon-api.aliyuncs.com | tcp |
| US | 163.181.154.231:443 | dm.bytedance.com | tcp |
| CN | 8.133.123.139:443 | dig.bdurl.net | tcp |
| US | 1.1.1.1:53 | dm.pstatp.com | udp |
| CN | 36.143.236.50:443 | pangolin.snssdk.com | tcp |
| US | 163.181.154.232:443 | dm.pstatp.com | tcp |
| CN | 8.133.123.142:443 | dig.bdurl.net | tcp |
| CN | 221.195.241.101:443 | pangolin.snssdk.com | tcp |
| CN | 8.133.123.138:443 | dig.bdurl.net | tcp |
| CN | 101.71.150.37:3000 | tcp | |
| CN | 101.71.150.37:3000 | tcp | |
| CN | 106.116.191.122:443 | pangolin.snssdk.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 8.133.123.144:443 | dig.bdurl.net | tcp |
| CN | 111.62.185.157:443 | pangolin.snssdk.com | tcp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| CN | 106.15.83.128:80 | beacon-api.aliyuncs.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 8.133.123.143:443 | dig.bdurl.net | tcp |
| CN | 121.17.255.229:443 | pangolin.snssdk.com | tcp |
| CN | 8.133.123.140:443 | dig.bdurl.net | tcp |
| CN | 60.6.2.229:443 | pangolin.snssdk.com | tcp |
| US | 1.1.1.1:53 | dig.bdurl.net | udp |
| CN | 8.133.123.140:443 | dig.bdurl.net | tcp |
| CN | 27.128.148.229:443 | pangolin.snssdk.com | tcp |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 27.185.235.162:443 | pangolin.snssdk.com | tcp |
| CN | 139.196.135.6:80 | beacon-api.aliyuncs.com | tcp |
| CN | 8.133.123.142:443 | dig.bdurl.net | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 36.143.236.50:443 | pangolin.snssdk.com | tcp |
| CN | 8.133.123.141:443 | dig.bdurl.net | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 221.195.241.101:443 | pangolin.snssdk.com | tcp |
| CN | 8.132.215.224:80 | beacon-api.aliyuncs.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 8.133.123.138:443 | dig.bdurl.net | tcp |
| CN | 106.116.191.122:443 | pangolin.snssdk.com | tcp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| CN | 8.133.123.137:443 | dig.bdurl.net | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 111.62.185.157:443 | pangolin.snssdk.com | tcp |
| CN | 8.133.123.143:443 | dig.bdurl.net | tcp |
| GB | 142.250.187.195:443 | tcp | |
| CN | 121.17.255.229:443 | pangolin.snssdk.com | tcp |
| CN | 8.133.123.144:443 | dig.bdurl.net | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 60.6.2.229:443 | pangolin.snssdk.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 8.133.123.139:443 | dig.bdurl.net | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 27.128.148.229:443 | pangolin.snssdk.com | tcp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| CN | 59.82.33.252:443 | adashxgc.ut.taobao.com | tcp |
| US | 1.1.1.1:53 | ebjvu.cn | udp |
| CN | 112.65.70.244:80 | ebjvu.cn | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:443 | adash.man.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | adashxgc.ut.taobao.com | udp |
| CN | 59.82.33.253:443 | adashxgc.ut.taobao.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
| CN | 59.82.39.255:443 | adashbc.ut.taobao.com | tcp |
Files
/data/user/0/com.biquge.book.noverls/.jiagu/libjiagu.so
| MD5 | 98736de515958ae37ae93a0a0e997098 |
| SHA1 | 72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9 |
| SHA256 | 335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421 |
| SHA512 | cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf |
/data/user/0/com.biquge.book.noverls/.jiagu/libjiagu_64.so
| MD5 | 64f0958be2a8e6862b90faacb40129e0 |
| SHA1 | 389c618137db70dbf84adffcdc3c5d4850a5ff24 |
| SHA256 | 4f38bee50f32a8c64f4f9c671b7cece34d4a1cb926087fec8ef505327d4edfaa |
| SHA512 | 793cb7104013b7841c38e4aa14f4d9246aefa61aa9803160e6398c4115a2df5c6af304bad045c687467547deaab3bb77272a675b0d673f81f2df3dee2d1fe94d |
/data/user/0/com.biquge.book.noverls/.jiagu/classes.dex
| MD5 | a72d48bc8cf681f0292876a04f65cb5c |
| SHA1 | 45f2a6ba73846cfec59b0729d9061cd5d28876e1 |
| SHA256 | 355cd559da64a3490374b1283af1e486f7c68b61c8136ff9c592d98a560d8f4a |
| SHA512 | 6868b085bec16b6f6db6d73c7801c815e8cdb455432f956c7b66aedd0b4ba494575458ecaf96e39a74e095e25fde88803f3f945459bfe3d9cd6a6cca4f5949c3 |
/data/user/0/com.biquge.book.noverls/.jiagu/classes.dex!classes2.dex
| MD5 | e3e6b819aeeba9f228827945c5bbd4b6 |
| SHA1 | 647cfd1a6f4e1ab6c8c378f79b80afacd97b28c4 |
| SHA256 | 6ac6b69f1b8d8a9d7668a1689ff40248500149bb8841356b3f15eb4102c00de8 |
| SHA512 | 9c31599e904ab3cbbf711af04e46f48cb578229b3643e3bfe7d1a1f7d8f295dd85a0a1d4cf6808cab6129fa4d26c441d60b90b8796905de02145f8e557d8ec1a |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.ri
| MD5 | bef54b5dd3b670e1da74fb207f82ef54 |
| SHA1 | 3d13db9f0dd5e8ebfd73c9535c3fdfca3fb47d8a |
| SHA256 | a0b5a2df4aa7b356f1794a74e6534d449857626e4521e9814c343366c62bf4d6 |
| SHA512 | e2bc27b6edc06b2e36ca6a7045d1e41e1c953faeaaaa94e9c115b6dc9ed5e9cba6e4726b1aa635f53a5aefaf053adb24bbccb044a336e44e337306bad5a48dfc |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.ri
| MD5 | bb45681e9f12075c11e540e53a8221bb |
| SHA1 | 2eeb1744ba0ec5149fa8c9db780fe2c0760b5d69 |
| SHA256 | 92ef7ff56b3493748c5e53f2f5825e51f30b18b1a7b8dbe6d3f16feca6bbd13e |
| SHA512 | 11544949ea526c1447715552926793a6aec4e30ca75f547ff2e6d54e501ab87d3e3630bda368d759f6a128254c31a73e29debc08183138da004d91b83abf21a8 |
/data/user/0/com.biquge.book.noverls/files/.jiagu.lock
| MD5 | f299833dae0634648de2d9de4672382d |
| SHA1 | e41000bcca9b48afe7a2e6de0802da31efbd3a8d |
| SHA256 | f4b02b911fcfe8a29a169c9ccd2cd91b20213107aa7bcbbcffa3c72de7085513 |
| SHA512 | d78162270ec16efa47f2a5f6800daa639732c9f2dede957e92bb19d65c39d744d6aaf10a89883da635f180f180ed26b79ad09d9142ea47972d45d7ba576a62e7 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.rd
| MD5 | 309645c3acd89c23986608cbefc6fc2e |
| SHA1 | ac72d130bdbca6a9b66d207f3e2ac1727399c197 |
| SHA256 | 84470c48068cce14dc1e3db6f8b8b9a37a356b0c1decefc770572d0d58909d7b |
| SHA512 | 27f6615422c683f37ca08a3f84f29cda9b119bf8ebb3b773da0f3310f4f0df9f6685d114f9bd4d89e886887d435aad6c8ade25d3dfdf3b5ac86c9761a629cc82 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.store.report_pid
| MD5 | 2603f62e5b9bdac7c1130daf84c09cbe |
| SHA1 | a420c898417b7e88ec90e09cefeaea61e78475fa |
| SHA256 | 7971c79d9da81b94bd65b9c27b9aff1b498b31b0533df2c45e6bb78c5ac91d39 |
| SHA512 | 157251503c070acf5966d796692e9c352bfd363c95a967f215a4d28fdb6dfac2ef7de81e853118300117b6386c83621c3afceaee165c98914b93b5fd25e794a5 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.pk.h
| MD5 | b11a68dcbfd6f916b8384a40bc487eff |
| SHA1 | c94c3419884bdbe37dae2146f1b12179d89f6221 |
| SHA256 | 76af2985a0aab0b03ce5c36dea6b371cae0eaa7a94f24202ebf85469fcae8c4e |
| SHA512 | c9b369f259147eb19351d3d366931218ebd51313703da8e53c3c7991b5c3dadf7b5b1052c42a57498679c01ebe6a0db6c0f4a093e249fa92bc48cbe11729cdd7 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.pk
| MD5 | 65a52c40b03ddc80a44e3443e3a59cc7 |
| SHA1 | 643b489988990f2014b20a84141ec3f0b034b356 |
| SHA256 | 1cae044281a83245e8b95ac821f9da7edff520f0f378fc126dca7736a2c2c221 |
| SHA512 | 408f0a56a1d7a6fcdea61bb8f815dc04147ba5ecea6829ab3d84bf7bfa77c4939874173358c2a1038246d268ab12c4d05e89979ed8878234c3c6ded52c3789b0 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.ac
| MD5 | 29a95ff4bac131d3cc3b16214f78072b |
| SHA1 | d720f80022455de110b1cae8bfdc0cad154af0fc |
| SHA256 | 5aa2cbb989e2a50a932c15f4253dcb2d62df4a5254818b86d2fc86a84571f789 |
| SHA512 | d5ce2e0dad1db153a98014f3c97b135aad070ae4d1c67fd0dbf105041b943c9fbcbc44184e319b06395235a0958e8a6e9d3065a00f89ac3e6604af70d2217372 |
/data/user/0/com.biquge.book.noverls/files/.jglogs/.jg.ic
| MD5 | 6d978f8ddde91ad8df297d900242337a |
| SHA1 | 38c90f9c396912301105632cfdc76855dd34b9c4 |
| SHA256 | 3ba16280c0f2dc67f47f584766b15fa261744cbcbaa9969efb1111cc46808969 |
| SHA512 | 40f7bded1b675e51c1eea5984abcf185ab7395d152e9953f59a330ca1884a430ac54ed20a911c9d027236027bc8461c1cc0726d52756bd0317f1cf4986d17bea |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/uil-images/journal.tmp (deleted)
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/user/0/com.biquge.book.noverls/app_crashrecord/1004
| MD5 | 3e39a1fcdaa27f722214b1d868e3fb79 |
| SHA1 | 95c7863bde36a0a39ac704a2ff27df4161b6aff7 |
| SHA256 | 081af726e75ac57b3aaef4766c06dd0994558410c63ea3d344cb84f895f7c419 |
| SHA512 | a5b1c8686ec74a8319f25c89526c90ff65d47946845a682da7179b4b1fb743e9f4aec3fcd1f5be1d3eb76ab84b0c2ff1795e9876d5cc7b3e2e72f2409a08e105 |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | 56dee4f7fc0e1a9e59ff07d83e7be8c3 |
| SHA1 | 388e761c14c139f7e337e73ec8c13025f6a6278e |
| SHA256 | 1a2931ed6718dc5099e26ed106c279a24bc3d7c8e2b244701ee9acd41ab67eaf |
| SHA512 | efb8820ffee135d5529b3f71da6336f2c6f6b0cf1ac01e47d71efffffa5aaebe9d703d29212778e5c65f288d46251622de4868afb001c0ee7abefcc05b6c2a38 |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_
| MD5 | 2f7a0ec402c0d918f73a72c1deff684d |
| SHA1 | 97ed9c80304aca02900368bf169640a409a84067 |
| SHA256 | 68b301406842991b7bc6facbc57172fe420c10bf5be2ef86912e2984be6e1c5f |
| SHA512 | 04960e1139999958c6d09141ee5d7f8b442369edcfb8ca4f86db7bbd76a92b49d5ccc749fff1a1a632bbf4423232cecccd488445f42f10d4aa150bf41a93de2b |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | 9366af1220d5e5de2e4690d7a5204fc4 |
| SHA1 | 2057e12f8c1548aa5c80e629111729240c7dbdb1 |
| SHA256 | 4a6cf61fe8595ae732c5e45a071fc78db0cf8fb61044f21242fa4b3006dc3eea |
| SHA512 | e99a070dbae869992a5fd0fc3db33ff687e1c7a246663c588891a130da15a1ad3629c84f59a0621432e5e70e39d2feb392f3d65e36301163b1dac55b4ac86959 |
/data/user/0/com.biquge.book.noverls/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | 3178bae02e22aa2170f391bf37c50228 |
| SHA1 | 5b2f4f4c2e1520382b2006f4bd9116efed351507 |
| SHA256 | 3033a4b057a1af203eac8d4bde9fba51b418d93f0e23b2ce61de3d0b5bcbc22a |
| SHA512 | 32de5a5dcfd83850ae433865bd89118ea43a2a318c401637b189061138cd7431f49510b53155a30c6ec522b080cdf88f0c0b0d39883b7484558384e016e6907a |
/data/user/0/com.biquge.book.noverls/app_crashrecord/1002
| MD5 | 841d68ae1b9ad225810c106ce357dc3d |
| SHA1 | 2c5f30b013fb6b75815593608cd08cab294e1526 |
| SHA256 | b8d5d78c6917ee47eade4570263eac2fecd1ab0b75633d816c47760695a5c5d7 |
| SHA512 | a45049fc4d4d8d5cdb1a2b6671eb2ec954769a3404361d6b6c6afec2626012c7e199a1195af9a694c6b5ef55f2728b11bbfb70a7d8845f54f4f5457614fe62ce |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | 47d5d8fda788e75f8e3daf55e0056dfe |
| SHA1 | 676823663dad1ac9011f771ade2cfa248dcef8c6 |
| SHA256 | 791aafa77ebe3881a40aeb7a2e82efb9cbca890622acccc2ee7971d3c8f768a3 |
| SHA512 | f2f3cc2d33eac7a97fe4eb1333bf34d6ec0571e93f9dc054cbc2a3a431a005842b16b0f17fca2af4352281e5448d4913d54e423e8f0e3513d1e3b227a80f3bca |
/data/user/0/com.biquge.book.noverls/files/com_alibaba_aliyun_crash_defend_sdk_info
| MD5 | e47f2223470f5fec847d8a556c5b84ab |
| SHA1 | 78d8dfd61e8a08800eef8010e7665645ceb6f3cd |
| SHA256 | 3f4fb3ab6324150b7049289120c6dd02b087fa80627253e4d9da1332307fa271 |
| SHA512 | 72ad028bcb91d2dc5ee5fd657fb2d992293a86299769dc670243b1fd0882b611350a7f8950c02c95300893ea431c3e60091186b235f11957018a57fbf93d87e3 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 14f8f21dc60f70f2721cfeaa6b74c79e |
| SHA1 | 95c5a91fd0acc7466f69e08a801896fd107dfc92 |
| SHA256 | 5d3c20f3d7103c8f2147301672bc1fc33264a32f5d6d7bac2522daadf35654eb |
| SHA512 | 7e809c5363ba2ba9897beb9a7fcec45945a3e70945ca911d7cbcfbc87b7014e7c9c8ba32c75377471f2f6a0a40c0de50a555a1580c0b587c9f1b342d032929a7 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | a0bc389af200c365d27570d825326354 |
| SHA1 | 0764bcb8ec053c07a9dbd34838e7a3acc2cca6ce |
| SHA256 | 861975e75280b6fa9b249ea611fa19a6659cae43f9b1fdde4e40319c95991886 |
| SHA512 | 3a0f43779b878a1af68f3a427ed34fb28f4ba9b1acc4b095a212256c01dd26bd947bf0222f9efef1859dfaf7c28c60feeccd9cfbf7f658ac6f14ee6e25371fe6 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | f31164b27423ccb25c709c09e531ef47 |
| SHA1 | 1e1c0c8f94000d6882317488d4ebab29961b4016 |
| SHA256 | 8bf7d09dea9e73cf557e14a216291dbb7df65a2dc16df77b86bd86dfd3dfb944 |
| SHA512 | 5f8ef20076fbd15b58c623d7bdb00b272d253468482d64ca36f20e706d7539f72b9e5d3a6df7d66ff07fb1f3d4791db912811db08bc1249895ab263f76e392b7 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | f49828df1eecd652f983125fc35979c1 |
| SHA1 | 89b28333e98b2a7662fddf99bfe402eb43cd5f8c |
| SHA256 | 3186a93daebb440d7ef612422762975b81e07843de2414c143027efadd64c5fe |
| SHA512 | 0f7420052ea8fc4fcf5550b566beba2e53566e6ee22ca4c8fe69898c08a175a63dc838ccb78b02dbe441bd698e3b42ad5beb430e00d9d4cd71ae0f1109ce7991 |
/data/user/0/com.biquge.book.noverls/databases/ut.db-journal
| MD5 | 53c6f5e2dab8b4a3269fbc5e2fd1f0be |
| SHA1 | 9eb63c0a2f13878af0f14ad2d09f55c7df658b31 |
| SHA256 | a41498ec3199aa622afe8b91bd929e01816781e035d5d1d58472a3a210fd8518 |
| SHA512 | 0f09276772afeaa12526bb23bd5c51bb3f306aa79eac128a0378dbb9ca43ff689674cd23a8f5b6937818b900f0ebd57bb4c72a104cadc738f2cb045080c09885 |
/data/user/0/com.biquge.book.noverls/databases/ut.db
| MD5 | 75694e403dbc728c85b85d55d972d357 |
| SHA1 | 346ce6fb424f486cc32f7f46649649470cd57225 |
| SHA256 | ad9862b2cfa8b250817df299b073d617bba35aa05292f7f0c6cadcefd47cfaf9 |
| SHA512 | 591d814f3bdba7180588ec333b554f946a977374df798bf69a352b4f1f0b43a412b5998622a059cfb3ad94eefb56d6ae62c6fe7dfefcb9ec5d47b98971bac6ad |
/data/user/0/com.biquge.book.noverls/databases/ut.db-journal
| MD5 | 5dc30656bf96f37b4efc5dd818efee0f |
| SHA1 | 864b6fc8e83fd26b4d659ace560db6d9a9b38c44 |
| SHA256 | 3c88f49b6d6a8590099a6c472010470012fdc35204c4fe11d112e44d87f7224e |
| SHA512 | eb92dbf44cf29235cbdc5a21e239fef31a60240b7ba8c361b6bdf0ef2f058d26d1d0838cb265c793ed9c7b0b3114247e1b118bc30c76cd0f96f9ced4e047267f |
/data/user/0/com.biquge.book.noverls/databases/ut.db-journal
| MD5 | 0a5885a66f0c75478ddfe341da607895 |
| SHA1 | ea3953effdc88f7ad04287d1f414c2e85944a572 |
| SHA256 | fc3d28c05222cd1ce82725b086f3ff4418c2dd3cf15e6a6c90d15c6dadd07988 |
| SHA512 | 1fc5480d89ee536fd8c2266606053c0ba37f012666bda37a2cec34ea2036f891b2a398c716318725ae57552806cb50eeff3e53022aa1ace6508cf7cc7b053b6e |
/data/user/0/com.biquge.book.noverls/databases/npth_log.db-journal
| MD5 | 1ae8574336eac042a3175b180600da6a |
| SHA1 | 381dbd0b0af9d7d576eea59be996b358d898cad9 |
| SHA256 | c886b49afa208e5900c778b4363075ab418cc63dc94bf8934aa6e7cb04d22338 |
| SHA512 | f43aa53d9dcd4ce6743eb3fc74ccb4c2284cf15413eff09504ce80c2a58af685025b5867dce48cf408613647a095f0ce1a93f2f2f81f13fb7515558acfbbf8a8 |
/data/user/0/com.biquge.book.noverls/databases/npth_log.db
| MD5 | 8dc03e147a44099e46adcc75eb340610 |
| SHA1 | 4e087fa92230d55aba4de0ea71719afaa66ec108 |
| SHA256 | e7a10f4213b91e5144fc5e5d61ea6b81484ec79506ad7f7db35ca992a9634a7e |
| SHA512 | d823aac6b0f8ecd90106e1b10b8fc5399798dfc09e63729b88b525a8a43ea301fdbc3977eed3a1fd21723c0e1f4c78585db9f9fb3402787eead6c724087d790f |
/data/user/0/com.biquge.book.noverls/databases/npth_log.db-journal
| MD5 | 3cf1f95cc026c0773f717d7ed4356b6f |
| SHA1 | 04b15bc7bffa0b2e6c10791eb7656daf164fa1dd |
| SHA256 | da815d4c2ff577d6f51f28262aa4aee7816cfba158e025f48ad6ab7107c3a56c |
| SHA512 | bd0f069b0ae977920b2213130036adddd3c3ae741f6dbb84d73046b0f5460db51fdb762725d48876ba2a62368013739ea3de65a334731f0557636da2615a19ef |
/data/user/0/com.biquge.book.noverls/databases/npth_log.db-journal
| MD5 | c9b16257dbeb060d3a1a59140734a3a7 |
| SHA1 | 8ce037d23098170c69bd11ec13b7363b7a6d0f8d |
| SHA256 | 3f0821bf6d9a78b9819de5161179796301ea4d135925e06b580c05370b2ed27b |
| SHA512 | 4ff00f67437063add9f537196af15e899db979bb13bbc296eecbba5b39d27d13d271c88914e856a3d6ac805c0dfbf5df32039288366e6080d9b42d1fb44fa4f5 |
/data/user/0/com.biquge.book.noverls/databases/downloader.db-journal
| MD5 | 9893c850fdae0c5c03aa8b6efd973cd5 |
| SHA1 | 22fad652ad3d4022c2e26e6f55e037d17c4f6c9a |
| SHA256 | 2773409f1821a8f7a7071c7d628e4c56ff3f3c82bb51037fa334df10e286ef1a |
| SHA512 | 92f3be7a68e077cac64b8f2a5478d44349daaf1d8359cd1930a1e2c38dc036056ba8694ae3bb5d8ad35b15118218a0ed5b6bdd9613ef761960036d04226abce9 |
/data/user/0/com.biquge.book.noverls/databases/downloader.db
| MD5 | e90765d0ac3f2df32dde37bc312cf0d7 |
| SHA1 | 29766d680442a2142364bcbb909b03c01519cdd1 |
| SHA256 | 125f46bc2a78d410701559bbd2858aa0cbb9c5b22fd13006514de47fe2e9218c |
| SHA512 | 0fd52e6693c9c606a3836bd1caf8aa109547e77affb725c04780ae0123497f297bc2d2303d43d76beab066669bb48dfc8ecc04e9d110947b8008de52ee429bc5 |
/data/user/0/com.biquge.book.noverls/databases/ttopensdk.db-journal
| MD5 | 970afd0e0328956381711b1584c925fc |
| SHA1 | 4cc9f6585ebcad35583a90bee6c9b7ffe6afd66b |
| SHA256 | ec64712270f7110805aff20bb179c1d54ce74585c6ec42e6588b48ef2cba12a1 |
| SHA512 | dcba18df59cf5ba65014ebbb73f644956684fef834c5ec258f5ba1ee376deb2c0c66a1677002b0f9ee882f9cba40b1487102766cec16224cfffe51056358d579 |
/data/user/0/com.biquge.book.noverls/databases/ttopensdk.db
| MD5 | 8a86a19a1ca231ab7a6dc004c817c8fc |
| SHA1 | 56b88350a7fea73de2150b2b499167e15cf35c69 |
| SHA256 | d489e8fab49b8fa2decba4663e5018c6cf365cb2c124f5d66a986a6c035cf149 |
| SHA512 | b50e7cbf9f0a9a224d3f93c959171ab9e5f9c68d2bf1da0a65772e9af96aeca32993ea9f0ac9584d0bc27b80c210f810f1f4eabd1cad7e8e48b226a22430db49 |
/data/user/0/com.biquge.book.noverls/databases/downloader.db-journal
| MD5 | 55ec6236d59deb07d912e219fdd6a3e6 |
| SHA1 | 7a45de92ee2a55a46ddd2d8b45d421b60569105a |
| SHA256 | ff1337e0341dbae76f6eb8cca48a5ff72a3096c4005a1437a9546be304f23114 |
| SHA512 | 53a3045460ce604a5424dd997f887ec8cf02b78cc701f3f09c1f37bd6ee53197c56aa6ec985b68488f5bb4a80b63a0646859881c10cf3da656826b42e55f4d00 |
/data/user/0/com.biquge.book.noverls/databases/ttopensdk.db-journal
| MD5 | 5c312a10d88afe783d707b66b2cf9f15 |
| SHA1 | 2338d9383ab1f338597d6ab498ee710c6b6547ee |
| SHA256 | 79d3adc5fa4a9f0da13d561080fa2af34f78ffbb41016689320b635c16c64b4b |
| SHA512 | 8a7ce647f02db5ec5574f1f89d39be15f4b50f8d7a64b9c6aff0281e25d370f4867809f1d0ae6ac594fa46839aef6b10a752c699365c06a489933c65873cd35e |
/data/user/0/com.biquge.book.noverls/databases/downloader.db-journal
| MD5 | 7203c8feeb24f769fa43c0682a9be52c |
| SHA1 | 070c0eb45a88124db720ae3aee7af55e5d6c48a5 |
| SHA256 | d7b05bc452fe1f087979c02f7f2c7248257081ddefc0eda00cf4fa051209d37d |
| SHA512 | c299dd6b43af9e61f5ca8b0408e5849e5dfe0ec878a72aa274a01f1dbe7e85b0d582623acd028e84c68198f1f4d0f06203f6750af870b36cf0b6eacde3f362bb |
/data/user/0/com.biquge.book.noverls/databases/ttopensdk.db-journal
| MD5 | 75b11189008e0dbc3f0edd98a8240b4b |
| SHA1 | 71dbe2df1d8becb34072cfd185e883b1a29fa3a0 |
| SHA256 | 75fa4838bce0c78d874f273c71d7034a5f7ae96469b3f83fa5b5ecd6f09606f4 |
| SHA512 | 8069afa69d8b7a1efd73cef48080111bfca8897731c85fb42eeaf5b78d2150bb2519aec8b7cad9fe4de464d47fbad0beea03d499a4f899dedbb4689f0836e5ab |
/data/user/0/com.biquge.book.noverls/databases/ut.db-journal
| MD5 | 0a94fd129d514f7d827018add1a46097 |
| SHA1 | c9353478f9f2061c722681495186689a24c45d08 |
| SHA256 | d3d9f8e76d2d90fbe9aac5a8c7331b003e94c3ce0dbcedbf52ed9ac9ad3c52de |
| SHA512 | fba886b26c53e75494e6e198a3127da44f338d7b94a97ad38ea1d2a15ecc861786ec9402e0806c9fe1a6db22bed6614836ba5549bd1fbbd36aa5c66c6b62ef29 |
/data/user/0/com.biquge.book.noverls/databases/ut.db
| MD5 | 3c1ffc7ba04cad9348aae68e7543cd0e |
| SHA1 | 165b0d75cc82e8b10de31b3bb7fa43ca0294047f |
| SHA256 | ce5079d45b266aed1caa7ab200c14028c8e95d24d2ff3b4a49bc8808afd76756 |
| SHA512 | e9afc70b20212304b119aa7f3addc349c5f1613c90417706e3b7411067fb4682b149eca38be67d7baa18a37bd6098eee96b38fcb24de967a13bd399ef20c4e27 |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | e96885cf2b5f797f918c7e3820122dfb |
| SHA1 | 459001f11a2a99f9b7fe7ec9b9ebf695018f2afc |
| SHA256 | 0fee8d8a79159107126e80591568ef4fc6a92921b3819ffc11abc011c357e083 |
| SHA512 | 2023b83d9acffc2ba7e216ce1084433ca391c4aaecc5fcba5614353be9c4f52917166fa504610c7a7915f2b62d56adab5993b00051eeb57020458f8eb01f8174 |
/data/user/0/com.biquge.book.noverls/files/com_alibaba_aliyun_crash_defend_sdk_info
| MD5 | 7544d336658eca9aa13bb9e2846a67ab |
| SHA1 | b06d6372277daa8a97a4361fbc231b26dc039395 |
| SHA256 | b05da41072a0be409460b7701791efaac6e31f863c0eb1bfc096a7a692955632 |
| SHA512 | e6549fd6965a730fb83639b189d2c62f58a605896cb533706cfdacafa06a2de718efa42d41b5014a17814848c66697fb9fb50c777674f98aeb0d327643368bd5 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/webview_data.lock
| MD5 | 9a7d7e1e430982609111930f63586eeb |
| SHA1 | 7c8beec416b3dade6c71bb6010e12d5446f39ee8 |
| SHA256 | 3ca0066d59436cfe24fd231f027590bcd6e326c320da156c5c5f4dc342ef3b8c |
| SHA512 | 8811f94e74840e76d180bc66e2031306fc5340fad6b21128cb5e1df9d7f586f916e393c933a4c271ba9fad21cefd509bf8dcb5f31d4b3b4f8d577916cba519f8 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Web Data-journal
| MD5 | 50dd23711a4301ae354eacccc47a2de2 |
| SHA1 | f910ac1670156781c6893bc2e6ea511e7ccb709a |
| SHA256 | cedf0f3326dc1862677a4a72f6fd281b2ca5668c06702ddcb6b0194a0d427aca |
| SHA512 | 1274f72eccc035e6dad378f5b5ae077a2c657c6b136748a2881832c81e9215b4e7d49a14e0ba9478075495958fb461525a5e2222f3bb5b15727f25019069a985 |
/data/user/0/com.biquge.book.noverls/cache/webview_com.biquge.book.noverls/Default/HTTP Cache/Code Cache/wasm/index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Web Data
| MD5 | 536e58581641e767a8bf8eca3b8cde9e |
| SHA1 | 750a88189322e36147068f1c585f02163ff3a388 |
| SHA256 | 3ba04fa6622801be4e625176b175ff75caf19c8966c13418bf1433433eefa1a0 |
| SHA512 | 498da0911c702bc683cf153ce9b66044642378eafb79bffe0afd7f7460bd12a4c9bb424e1606550d8bbfb25dede34b5ad6ad1f7ee698c8d5ff67208625612319 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/GPUCache/index-dir/temp-index
| MD5 | d88e74a732fdfe2d6f0d482f9528b663 |
| SHA1 | ae33226c82ead710b501966f29baf301b60bfac0 |
| SHA256 | d9eb8426866ac25e5cd683818827d1a9f0ba37f3d44851fd0e2a028010974782 |
| SHA512 | 72d1d7729170d76bb56fb8eb2505eb5cd947888fddab95e222230cce2a5c1b0ce0fa443fcc37d5467f1260dc5185b3e5e6f3fdffcf5257f00b8c67f23dd99e7d |
/data/user/0/com.biquge.book.noverls/cache/webview_com.biquge.book.noverls/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
| MD5 | 42a8ec7c0b0ef8571778a736e209bfdb |
| SHA1 | f7bc93969c56edf7a3cdf7fe30683fdde6328053 |
| SHA256 | c7211bdfe0ac48062ee76d4def379c8585c1f90c444ff5329dd6b479d4690d61 |
| SHA512 | d68435551038760db00d70450fe5c57d81ec6640f97a9c722a7ea2f5d6fc82703029e3fe94f4c5024080ddef82f6f0424af17788c2d78d4928c686c8b8f24a84 |
/data/user/0/com.biquge.book.noverls/databases/bugly_db_-journal
| MD5 | 6d46cbc9add3efc230aa98e2c8298d5f |
| SHA1 | 7a98e6c16d91afa8930826a100b78d77f13877b6 |
| SHA256 | d22fd4ec050a5433a5f5ca1ea576bf2ef186ae02f344582042b0b7dd05396981 |
| SHA512 | 5a5ab42488d6b4e5fd9ff2a10a09795b0c5bfdd4125b64dab387518d83930aef6514c9bde7b72a020ad7dc59bf4fde75ddb29d0235b73c6712f649d282326b36 |
/data/user/0/com.biquge.book.noverls/cache/webview_com.biquge.book.noverls/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
| MD5 | 1cfca67ea4db8ef39c06c533aeec237e |
| SHA1 | 9aa67b64d46ae9ce31ed82dee1ddd20a729b3560 |
| SHA256 | 11fd9cfda836360899130be4b81ad7e707171d0ffeb95610aeda6ef0eea5b2f2 |
| SHA512 | e9c61efc1620f08610c3a7fe1a0b76fd8e1bb1ea710bc6ad22eb7f9c17b36bdf7219a26e985e135a07c92cb2239e2351b1834fc44daa822a76c267fbffba59dd |
/data/user/0/com.biquge.book.noverls/files/umeng_it.cache
| MD5 | 6cfa70396f6c3f0a373abdb83f2a51cb |
| SHA1 | 23814f3ac1809149cbed7673b819203e2adbd466 |
| SHA256 | 2f0194de649bc735091ef01437fc22686f8047ba3a4c4c7a0f67a158048bbe27 |
| SHA512 | 26833fce29d0e49f116b47c8bec59793d477f6e6da547e5d6fecc54a6187f458d876304174b1253807e1eb763832648ebf8f1d727c9e44095cab8c0b976e0298 |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/tt_tmpl_pkg/template/b3c7b290efa296bd34365e2948d7b934.tmp (deleted)
| MD5 | 3635d1f849075ef333f78d609509cfc7 |
| SHA1 | f37e20477927df34fbd2f353d520f1abae5d81f2 |
| SHA256 | f1480555d3bd1cfc47f13714fc39eb74d98ed5632ffa040f63d39dfeecc85f93 |
| SHA512 | f23f37239b8ce3b56ac42713aff571b53829eaa1ea0d6b2c060f2aaa2b77edadc34ce655b439d4e4ee71eccdea341484eb13a060aa910c6be7ace64e7597ff8b |
/data/user/0/com.biquge.book.noverls/cache/webview_com.biquge.book.noverls/font_unique_name_table.pb
| MD5 | 9147f3c70cd68eca82079554128543fa |
| SHA1 | 3fac96cb4b59ac89a9ff4ef4b91d9570342d66db |
| SHA256 | fd0e0c4e89444a88d27118b6eadbf01cdc5debc762d9b6ba8b51022558702736 |
| SHA512 | ba6c2ec755c4e49b5f31fd4acc4d19318352608b87b1e1ea90cd7c30c7d41fae4437a6a6bf39df31d862b2b193f43924abc22ab0998045d12e380999e43ddf98 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Session Storage/MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Session Storage/000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Session Storage/LOG
| MD5 | 9a29542ed11e7b72bd37afc49f35c489 |
| SHA1 | 1166bfe3f4cca8b56769a8806a200e622a0c81f0 |
| SHA256 | 6f759bd8e13e855e4fc2e409cf96c87dedfa62787961259581afb0efe582a95e |
| SHA512 | ec9cf3c733df61d2ffb0cedfa68ef1d45cebd48958951a32d89a724172bcf4555111888239fbcfc4ddddc13c234c70a910dd1e283de654095b30fd644011d529 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/Default/Session Storage/000003.log
| MD5 | ba92e5bbca79ea378c3376187ae43eae |
| SHA1 | f0947098577f6d0fe07422acbe3d71510289e2fc |
| SHA256 | ccf4c13cd2433fe8a7add616c7d8e6b384cf441e4d948de5c6fc73e9315c619f |
| SHA512 | aa1d8b7eb9add6c5ed5635295f501f950914affc3fa9aa1ee58167ed110f99a1760b05e4efb779df8e432eab1b2a0fc9cf9d67a05b2d5432ff8f82c620a38a62 |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/tt_tmpl_pkg/template/a6a5b5b6c7a6425d8847671531c736f9.tmp (deleted)
| MD5 | 3610043095edfae0fde800376f4f63b0 |
| SHA1 | c58f32ab313bc9c8b0a2a9d2ee7f445972973c8c |
| SHA256 | b37b20aef8aedef7f952401b48d8d2da271ab65c8acbc1c6a296b244875ed088 |
| SHA512 | d9440d22eb1886705a8936d16585a9c0f439a04303a432818b61ec608aec9fb21785f2098fff0607c23a2f6ae1727c4103b350d82591d0c5bf470ac5d17555b7 |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/tt_tmpl_pkg/template/497c338886e619460537c8c4b99e37ad.tmp (deleted)
| MD5 | 3cb18addbd563508da9d8b24af3e9bad |
| SHA1 | 9b6ce986414cf209e720bf0f7515688df1101062 |
| SHA256 | 9614a250c3921ab426426cf2df2a3f5d5741449de032a053e40ff056bba9d8d3 |
| SHA512 | afad51a9747680a5160defd977ddd4c75c7a05f851688c56b6acad284cf06077ea99eefbec9770f5c111d8d544af9ab43572ace5ac7310c350f77b22c7cf5379 |
/data/user/0/com.biquge.book.noverls/app_webview_com.biquge.book.noverls/.com.google.Chrome.7gKX4v
| MD5 | 51d91ce89648410ee1a52335c6ed4d6f |
| SHA1 | 834c98f4516213af163ca12222d6e7e6a7848ddb |
| SHA256 | 2a70fd1a81887d121536ee3725e0d448037e4208377653cbc48590772c298c6a |
| SHA512 | bd03c9d11a3ab08acd59d69bd126b5d8eb67b75a71d58e9813f73dab047ca0618169414c70711642322c58e79723e4dfdd20066fd8fd3c9763c15145b0a526f6 |
/storage/emulated/0/Android/data/com.biquge.book.noverls/cache/tt_tmpl_pkg/template/temp_pkg_info.json.tmp (deleted)
| MD5 | 545f5078ffc8d5078cd82ac9f80c890d |
| SHA1 | 51e06018f231cb5727a83fd1c50a50969c95949f |
| SHA256 | 6c8aafd80921560abd25be12186193ac6c2640f342ed980b47e3269621c1f312 |
| SHA512 | c520a8a81f13b133408ccdce91d654d2fec90c84d2ed10574c91e6fed61cdb3b5c8e2ae252ee83543015d0524967897f81fa39275d6056f6d293d847af222791 |
/data/data/com.biquge.book.noverls/.oabugaij/.fsgkea
| MD5 | 01abfc750a0c942167651c40d088531d |
| SHA1 | d08f88df745fa7950b104e4a707a31cfce7b5841 |
| SHA256 | 334359b90efed75da5f0ada1d5e6b256f4a6bd0aee7eb39c0f90182a021ffc8b |
| SHA512 | d369286ac86b60fa920f6464d26becacd9f4c8bd885b783407cdcaa74fafd45a8b56b364b63f6256c3ceef26278a1c7799d4243a8149b5ede5ce1d890b5c7236 |
/data/user/0/com.biquge.book.noverls/files/mobclick_agent_sealed_com.biquge.book.noverls
| MD5 | bc4cb969f53e6705ae5def390f6c18d0 |
| SHA1 | cb7e1671024e622ef5318b39bf30d29068e7c68e |
| SHA256 | 20bb3465d54535ff9990d011f42b8d0c0660b96d4cc02c4614b6d630a540606d |
| SHA512 | 31b1696be4deb3f8edebf5c7833290b181d056cd45a129d1fcd1fe63a82df4bfcfd262d14a5523a37fe0744d5a3c0c9478a2cef6b9da2b095b11d2f449e6417f |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-11 18:27
Reported
2024-06-11 18:27
Platform
android-x86-arm-20240611-en
Max time network
5s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.195:443 | tcp |
Files
N/A