Analysis Overview
SHA256
8632d5c1219c52fd544ac6f4a17f08eb10753cbdc3cf16934b8e2c6bf6e4f3d5
Threat Level: Likely malicious
The file 9f622739b9e1b7d97683568027263e0d_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Loads dropped Dex/Jar
Obtains sensitive information copied to the device clipboard
Checks Qemu related system properties.
Reads the content of photos stored on the user's device.
Checks Android system properties for emulator presence.
Requests dangerous framework permissions
Acquires the wake lock
Queries information about active data network
Queries the mobile country code (MCC)
Queries information about the current Wi-Fi connection
Queries the unique device ID (IMEI, MEID, IMSI)
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-11 20:07
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 20:07
Reported
2024-06-11 20:10
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
138s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.rcplatform.nx/cache/1582435991586.jar | N/A | N/A |
| N/A | /data/user/0/com.rcplatform.nx/cache/1582435991586.jar | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Reads the content of photos stored on the user's device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://media/external/images/media | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.rcplatform.nx
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.rcplatform.nx/cache/1582435991586.jar --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/user/0/com.rcplatform.nx/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | internal.faceunity.com | udp |
| US | 1.1.1.1:53 | internal.faceunity.com | udp |
| US | 47.254.56.66:6443 | internal.faceunity.com | tcp |
| US | 1.1.1.1:53 | bridge.dloadstar.cn | udp |
| HK | 114.134.189.160:80 | bridge.dloadstar.cn | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.95:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | data.flurry.com | udp |
| US | 74.6.138.65:80 | data.flurry.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | bestmeapi.rcplatformhk.com | udp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 1.1.1.1:53 | ip-45-56-65-189.cloudezapp.io | udp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 1.1.1.1:53 | www.googletagservices.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | s0.2mdn.net | udp |
| GB | 216.58.201.102:443 | s0.2mdn.net | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.98:443 | www.googletagservices.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
Files
/storage/emulated/0/selfie/share_image.jpg
| MD5 | c6064e7853fea1ce1daf718628dadae0 |
| SHA1 | a02c91e75b6e208299f15757924e7f3f282201e1 |
| SHA256 | 47810cc7dc65f8a347fd5a6ad433107a277efb8bd6cfb2d4c6008fc3f28037e3 |
| SHA512 | cd4fef340fc0570754048de27fef899fa3f78a758f5273e539315869e685fc64f2aa0d7527ceb923eb9a1650b0b4e5b2d17d1967e186c683ee41280c86d6a755 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/Z72
| MD5 | df5d086274ebe43eb8c8ed9dbb826d75 |
| SHA1 | b7d4a5b4a2252fdcd1484cbef50934a4ca1e993e |
| SHA256 | 748f6a5ab5c390dd03799565f28382b082fbc53c24b9ac048189cd48044edfe1 |
| SHA512 | 44adeba7ae8c7b5e842c7abbdda058fda759515960d4e60953eaa0872541b1526a92d2e599c1ecfa8bd70a74c15c3563b8afeef4dfecc066caff0c0eddb35f4d |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/com_rcplatform_filter_fragment_shader_lookupfilter
| MD5 | 45dd0cdb7a053aaa3f7ff318df2413bc |
| SHA1 | 74a5e7c82d5856c6aadbbf9865ac48837badc111 |
| SHA256 | 210adc5553ca1e6f0811aa68000e1add11f440c7532bdf64f23762af811ace6d |
| SHA512 | a7e9ce6465fe7eec5021fa865a56632ba6d91d6cd93b4516393b4a6db60db8b5a28ee811f62c0015e7d7a9fe1be5bb80abcd06763876a613f1dd44fd777e402d |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/com_rcplatform_filter_vertext_shader_no_filter
| MD5 | 53a6c9598b429ab5fc6a6408e58bccce |
| SHA1 | ac49da930f8324b7534e708c130ed7f5baced52b |
| SHA256 | 09eecb60cecc5a21681696dfcf0750f01bf6894057bb830c79f2bab77a88c0ac |
| SHA512 | 2de1929d975cbf0123637f09e2298b7631d776de7a61423da0f20e1c8010b0806d156c7146d5a2b2e2727532131030f5a01820f7e15476649011924fa37df6e5 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/config.cfg
| MD5 | 912795c99416a8b6dfd4a1c35c0f65d8 |
| SHA1 | e6ac38c9dbb016521d228ece4e1a4723e8b4f55a |
| SHA256 | 92c3e8c2102ddda1c718ebe9992ff0d80ab6f0aa40b4596c4623baa3f7b4fe62 |
| SHA512 | 44bd69b090039f50c028caea23fa2ea3d5b59508aeb53c196173f59b7d16cc5cc9777d0d21907447339a47d4308fa3bc4174b09870d1c336446fecd892f4c2a9 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/preview.jpg
| MD5 | 8cc9501fd27c06677c03a60957a20298 |
| SHA1 | 10bd4003ace1a3cad723581fa9fa3a08d9bffd12 |
| SHA256 | 92a4a8c8328614426482f8f7fc76406be46a46de1ae4385cc2b4147d99c8345c |
| SHA512 | 0245b41b50378c85c53367541302be60784b955ddaeca62867c438fc8ec9890ee57b52541a97f93aa12cb4aa617ea7971f691b81f943078ee4652d73203a28d3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/vignette8
| MD5 | a1143c81d2e64d8947fb057a7381d6b0 |
| SHA1 | 7b182d3a94862705818cfc452f8ce84f3c0e5280 |
| SHA256 | a6c96d730bbbedbd621bc0be31a3b1af75f29eea373dd17e053fac248573789a |
| SHA512 | 206cf7ce627e61b9980d112898731fe29a7322ea616968a975674f783e4e44e2ce11edc22a6ddc1887ed5203662d0a7ba3bb81bca03bd606a92fdeb887bdcfb1 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/Z74
| MD5 | e47f0dce877fd1d07584bb7c2abeb635 |
| SHA1 | 9cfc6df08a8b6f267a6649c32f8b293fbf89e29c |
| SHA256 | d950a88e532c783563bef13406c3ead4e7ac0a5f339cb538a3961c75dfcc5f1f |
| SHA512 | f359b7fff601daa412138a9116f7b033f7d3bc970e518b9cb9489cdcf09abd692630893b7b0f664dd4fe51415e652229d56789939fe55f2de4e131f55bf15631 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/config.cfg
| MD5 | 238422b5a88049b5761449d6b20664ea |
| SHA1 | 14c7945f06e70c9c6cf1efac3f3cd7245c1905b9 |
| SHA256 | 92080f7bd36c40809080c4c54e9c1640c78b91d0338a510890cfdba090c0af02 |
| SHA512 | e82160e370c3549a5e8c59a2986f9613bf67eabf28bc8065c1a2c86b21394dd2a05a2bfc41dcf8aecc3455adcb61446bcc2de6ead8c505442e7acb22a5cd2728 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/preview.jpg
| MD5 | c4d9c782dc15e40b7f82cb60e0634919 |
| SHA1 | 8f1f6ecc361e8e65ff75edf8e1c847f1e8f3f76e |
| SHA256 | 1806a8e31c400b9fcb0901e31e0580d7babe577241d2178e03944ef0e7764e8c |
| SHA512 | 0e48c804e41f55bf0d3be340377a898a7e065090745d4309d8ab56dd617f22a5b7b8f5a06ec2558e62422972e05b304652d8b8fd333be9db43e7b3dc2868cf91 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/vignette11
| MD5 | fe2498fb6b4c0a8f7b53ed13d5361db2 |
| SHA1 | cb19a2ff15a0a5af0cd29ac83a7ccef4400c2136 |
| SHA256 | c002fe9442435abb579f8e16f78babbe0a22d10376b4ca651906d271b165b085 |
| SHA512 | c12c99c052acb2f3202bc3d80a62f63821ef3024a014304f6ca943378307ff87b7fa4cab7b9a8124ce3afa5ecd0a1bf11f58b4e9baadebcaa25eb11b4e71ac63 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/Z10
| MD5 | 2af7f9dc875988d2cfa38bbdadbfa596 |
| SHA1 | 4eb315d5ddf3507f16d1af156640ba519fb58e92 |
| SHA256 | 3b7c6f583db4829c7e3c7cb7373e7c192f0fe19464ba6f1cbbff2e87759e6d5f |
| SHA512 | 705b2fc4708f180e1d4720b74e984a833f7ad9060c116c3d0a4f119c17a021fced504995df0fde6537782a1f775ef05cfae67a4e02eeedc1786fb8da447ea447 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/config.cfg
| MD5 | d8de8ce80d4bf9ebddaa8e2c596e5072 |
| SHA1 | db849ba190ae4b7cd47e5e4696b7f060a60f8a28 |
| SHA256 | 7b05f0f28ca8d30d2ab7a83ac9341fcfdc6558c6443d918d26ed5a73dda811b0 |
| SHA512 | 597bd02a11f6512f7cd5d92c6bc1b7ef77689126397de040dc83b81d0ab950ff6738cb5298b388589b0db9b817d73449e56ac3042bee838b43c450acb34a63b0 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/preview.jpg
| MD5 | ce50bdc3787b32a4cfdf81b4b21201ab |
| SHA1 | 7152724827970240a94e1d750ecdedb729a2a175 |
| SHA256 | c3cb1560914dba905d15abe05f63d906aa0cbb6e53c37edbc2962291a4253cf5 |
| SHA512 | c4f0309c8b0c4616efc3f0cf99296e6ca6a85866e701b3c464ffc8484e7de584d7d5cd7fea9c84df2ac010b32e00db0ffeb8b0420d6aa268adda399d6c739306 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/vignette14
| MD5 | 19e0b77e54bf3a44d8cfcc7d7c79e54b |
| SHA1 | 036a3f6e78d93db2e2dc5df6cc8d2c4a93d1b482 |
| SHA256 | b276dff3989de53784a8c6ac5d34ddce2f657a2b56b190ba143052d973ba1dbc |
| SHA512 | 07fb507d40db5056e8619a053bced6a5ae7ec9c0e8def210d3d6c56e0e3f9def1e1ae89919bb947b50c906cf6e93d6a4701eee548b09be46a3e8861cbd81dce3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/config.cfg
| MD5 | 169530324f1f5b157a7da21455e97bc8 |
| SHA1 | 8687390d1e8fdad49c107916a279505518a55a92 |
| SHA256 | c0de9cc54d7566f30f2bb3906e73f934c04d8fb95dc497501db7a991bcd337c1 |
| SHA512 | ec18dbe6036ee41ad216188c9f385c870eafaf1d5ca3c8bd31299825ba35cafce591259a675c8af3217d3fb374f0d15eef13e275a70cd771f488e7e30b2b42b3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/lookup
| MD5 | 22d494dd2ca2ff2759538297d063e0d9 |
| SHA1 | d4732b797528e4c0f5ffab4f911a3968f4a32b30 |
| SHA256 | 6ff2c647c0285219d02c8d0252096b679c1460837258de16442401b4485fbc96 |
| SHA512 | 52c07e678270a04ae6d446ae9b9b6c33d615f30d0743efce63a08e866215fa6e61efdd80edb2c72b9d833f526c29a233a1ba8e865fef664ceff8b80913b991ab |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/preview.jpg
| MD5 | 762eba9a67bb616ed3cb4062dc862361 |
| SHA1 | 6bafa4d1a9378d02f99e353be98b47ad6a004bb6 |
| SHA256 | 1e9b9152fd106a5d26d0a341bdf88a79b1d376bb8d4060d15fbd1a8caf02d383 |
| SHA512 | fac23ccaa6f43eea845ffb44d8390101bf138a60b38a4a1e37c8caebc173ce96b5588ed4852a7acc0e2f09aea03b87d4df73fff797675db1f5252657f57da4a0 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/config.cfg
| MD5 | bd8168fb7d0fa1fa7f661d3f407172b1 |
| SHA1 | 70e58a1ee600da5c7efdadcc3143f314469ecff9 |
| SHA256 | b860d81eddf3f348bd1b00da8ad1b23b5210cf9b423eae16d4838c2e1d608ebf |
| SHA512 | 3ddb20bb5d2b98619a9a4f9c3adcacfa643a24d0bb93174d4ec0631ad6ea2bf2d299745d9ca99228575ad9fa06fb7ac6235718867c1d34336cf20d2acfc17bed |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/lookup
| MD5 | f63a9eef1feea9655f011220bbd19522 |
| SHA1 | d4b5b975daab20393bb5b77b0deb85e48e6e6ddd |
| SHA256 | 762494a0fcd20c0ac9feb4dc3b420e450a048abb20d2b86d05afd3ae17f49226 |
| SHA512 | 89f01683e746a57c602817e7aa80133ed76c20c4acfa3209824ad4059800c2c7717c3e45e8180a16673591e18682b9274fd6df10650a966b322d58321789fcdf |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/preview.jpg
| MD5 | c43d08b67b822ea9c011fcd6d862eadc |
| SHA1 | 41c87d82ed695f065b6848019e41bb7fb162bc79 |
| SHA256 | 48a05d9e2d37b4cf8a9ab81605577298b10da776cf0fcfef4401ff6e7f1c0f64 |
| SHA512 | e8b375b52cb458d63edffaeee91009d54a8a9c1aeb1923463c22a527f168727a811915369975f8197858f7cf2313f8d8f4f4804c05e9bbd33ffd53aa30f30605 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/normalFilter/com_rcplatform_filter_fragment_shader_no_filter
| MD5 | 785396b2743eb721532390a5e9f54f86 |
| SHA1 | 0489ea25368abfe3909df380988e46f0e16db71e |
| SHA256 | 97f0ad3d3efa9e2b7950e4fb90a8b0bb222e4b1ea6773f93cfd8e30fafce6165 |
| SHA512 | 60d739f0582cd5af444820367dba98999ec0f751541af0ebc1e74e39479c4eaafd84e5067afd59737be397e87872ed971924d7dbdd8e5745d21893229d160a85 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/normalFilter/config.cfg
| MD5 | 4f2d5102a8b331b0728a193f019d2047 |
| SHA1 | c5f18ac398c089d64db286a49878787a1eff91f3 |
| SHA256 | faf50609f5163525846bf1237da16fc9b9028659c1116bc1a4a1f00c406e7f31 |
| SHA512 | b009392762fef582a7eb58c8d454f8d8d15821085d82dd6087e47e2e30015c269e94dc7af6f89aebf8bea6bc50e52dba38d0a314ef7d6ecfa7f67bbd64db0584 |
/storage/emulated/0/Android/data/com.rcplatform.nx/cache/uil-images/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.rcplatform.nx/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.rcplatform.nx/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/user/0/com.rcplatform.nx/cache/1582435991586.jar
| MD5 | 2048eb6124a452540ee51dae4145aadf |
| SHA1 | d05005b2cd7fe4cd652b0d7fd1bdac2c19d51451 |
| SHA256 | 105c54b6fe3f25350e92187467761598e4c21d62b1091b77d091f65f3bd98864 |
| SHA512 | bb6cb3853dd2a5d0701e20607d4e153ae201268dd2e5e2d06cc2df208b3b4dc50132a4ab428251b1644d2399fcc717662438d082ff14203387bab8794109d44d |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | 5e613e7a68956954e9a96535376b810d |
| SHA1 | ccbad4c0ba712ac37c5169a27cb36865f489aec6 |
| SHA256 | 441f747b607ee4be4d132747cceeda88474d9dc2f3292685db41fff26bc8abf3 |
| SHA512 | b4ae14722364e85e800fc8acc8291a58130ec9ce1489697acae9edc027f65a13016dca97c37149985ed39095e93214fec55639419dac6528d49b303e71e44f4e |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | cdabc9e5593ea0540c4f74fdd0df92b1 |
| SHA1 | b3de08a21e9d2c2697f967e130fd477bc026e9bb |
| SHA256 | 460665c321bd35294ee316498a3361a57380eccac64e677d032bec6ad95ce394 |
| SHA512 | 84309e76cd03ba89dc60395cbbe3c601126d1f2bec50f51f5bd69d8c115333a914e860cab7df6a8b21542e6775aa467604ade08540cf6a753af99615237333e8 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | bcfb09a69608079ff04bafdc7770e77d |
| SHA1 | 08a4706b5cfb00e472b139de2949309df5cb8954 |
| SHA256 | 358dc75564c5cbc9d7178ab0c49eede5bb69b10a5df33bf91ef38af7a66d480b |
| SHA512 | ffa150689e06f92879dbd9e4c01ea0867a710b7da28ecd43d559d19667ce9c34b02d18ecf57457fdbd76dc3a76b08c19eb220181892b776d3ae0fa217b10ba2b |
/data/data/com.rcplatform.nx/files/.flurryagent.-3869e607
| MD5 | 60b256b39771d1ecd23e6a21bb39af57 |
| SHA1 | 03fcaeac9133e5ed7d5b1c5a671c51399031983b |
| SHA256 | aabc142d0b3440b6b51882fa205394a79ec5682b602b36de494fa4b572a4a3d6 |
| SHA512 | 4ec78da7529e2d168671d243d9b473398453b37eb9bc96011203362e76a70027bc96d64b4cdc40b51c672dd0724746c3498671bd5d4773325e6022e82693939d |
/data/data/com.rcplatform.nx/files/.flurrydatasenderblock.75ef8e9f-1a47-4ae3-aabd-6a1856c2d7d5
| MD5 | 088652ccc9d23cf58473a73a909bba66 |
| SHA1 | 86e4a15bba245f3d631e592565e5ec0bf5a624e3 |
| SHA256 | 742dc5228024ef2bef43649876bf1962b8dafdbcb8b9fa5aade2291624b8894a |
| SHA512 | 42c627904c6cf552121712568b0fb5cfeabec19a0652772753a0697fee5f32fbb29a028683e481a05f2de9ffea1ed24ac214f64c6a37d9c7f7ee014c894813b1 |
/data/data/com.rcplatform.nx/files/.FlurrySenderIndex.info.AnalyticsData_KB97GZMYPP296QFH2JP9_158
| MD5 | 810d377da23f0138732ed05f0492e706 |
| SHA1 | 17e062d5811a4bba5b575e51d2128831bd50e172 |
| SHA256 | d76cb1c80493046e57cd50928cdf1338aefa47f62896ae5125ed81afdca8f2ac |
| SHA512 | 06bc26b27ef5d3e16b1c72cac0f35d9865dc89b23a0251e74d999f5696d98e40f21033fcac9af434696a0076c93cd4da80ac62e26ec7308db5849231d18a3ac9 |
/data/data/com.rcplatform.nx/files/.FlurrySenderIndex.info.AnalyticsMain
| MD5 | 7ef2423cb0165a1a3f9d8ed96de0e768 |
| SHA1 | dda43704817cb762882e41f653083a4a27326336 |
| SHA256 | 5f78d247a15e6c12baa34812a79b88a1bc8846c287ce167529f3b3b65980b768 |
| SHA512 | a991baa38e9a188f9789c38ba22f348bd766b164e5366f919d70adb2d5de77478d3f9ca7e58ee79783898a00d9d003d9c5df841171c5068e0762a6393be09fb6 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | c0b6149ef5e83a66f7ae914063d26973 |
| SHA1 | 039a9e48be48296066eef331865e3acb248be9cf |
| SHA256 | 97a25663ce2da2e7850c78a2946215ae3c5f62077e7465bf7623298c08ffa0b6 |
| SHA512 | 2fc170b0b77145f1f59ea916237438e02c1ae278bde4e3a3db90f2994da23fbbdd184d4f215f8510cff8c291b9a92cc9e9f7bb21e06333d8453f9e941725ab75 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | c56a43118a35531fd0832429275d63d2 |
| SHA1 | 16cac1fc65245bd3663384a4c8feeb804be8c1c4 |
| SHA256 | 24b1d4b3d42d0b37ef94abaa072af30ba6d44b5760d6808b16ff0ec0a14d5c4b |
| SHA512 | 9d4371d35b9d556178eb1c84f8fd9d8ed8a97c5c745c93dbda7b21e6bbef0cac5051e49ef9e8e5da509aff49fc661c9604a2552d518325245d8bb481c3470c8a |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | 5c48576db3e113588a11fb215a45ce7a |
| SHA1 | eec85ea695e8e997f60c6f70f9afbff1243befcf |
| SHA256 | 2c8e1adffa3965cc3e71b8b0ea3f20c6463af5c8f485bbba43e1b489bfbd943d |
| SHA512 | 34d3316311e066d2fa42d3e348022c4d3519ed02a65ab8d154381922aacff09e15c8fd83a4111fbf33f59857c53ed11ea8dd8310f1e247a665de5e53b140d7cc |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 3dff517f48098013004f1da0aef114fa |
| SHA1 | 5937b20b0ece4497450df74b8faef6c781caee47 |
| SHA256 | cee1c09af8112319ed9b52958f4314280d8d32990430e2227a9f969a3fe8654e |
| SHA512 | a069aa347cf413d273638d3b419930a3156a242a668d0a57c2acd00fa9968f9fe437752370a21c9b1273a50fdb54c68aeeb34119e31b1e230c800c5546d1a106 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | 9a52afada01849749515dd0d1004bd11 |
| SHA1 | f8404e6fd9ef26a778c2e51ee78fc478a39a3f94 |
| SHA256 | e3b57d9abbbab1dd50187b3bccd12b5ad65937c48575d5f5cfc5f2cf473615a4 |
| SHA512 | 1c6bac199864344ede02de82bafa8fcd28029c218ea1e321edf321ee19b8ac1a996abd5e2a979efe8c62e338946d32ec885164050138492d8fa547ee0a9e7f3d |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 253a3e89fe371bb80233f84ca8752da6 |
| SHA1 | dbbcb2705315af4d30f97f6fabd96f83d7264e8e |
| SHA256 | 1e93224aa7525fbef5e21546c800ce20a51336c7f6ab1464efc8305e54c398ef |
| SHA512 | 120f6355c0527145c227db36fffa09897cd9225d589061f61774c86e21d093a459e58ef76ea19bdd451f0f02d2f5c4a4ae2c974a194f4fc03af8a3e00248cfa6 |
/data/data/com.rcplatform.nx/files/umeng_it.cache
| MD5 | e1c890e37fdddff91062a85347378c1e |
| SHA1 | 15c55a7673aec30e6b6469b42fc8fc8271b711bb |
| SHA256 | 3aa714fdf66ee5925123ef94de244efb5cd386bc4377f8729c28aed67962de68 |
| SHA512 | 5127508d8abf1ed5223cdac0458799fa7d7c261fc19f0a6f297511e794c5e94b483d144e639f65a1c8545d2d8e135f0d748149c00728d0712410eeee4f9f68f0 |
/data/data/com.rcplatform.nx/files/.umeng/exchangeIdentity.json
| MD5 | e483a6beaf75954d8e51d1a16e1ef019 |
| SHA1 | 4c5683b44becc121b060257e96c2ef02afdc4eb1 |
| SHA256 | b61b7e7cb389d05dfdbf55b00268b5d190d3829d9aa23eb4e34886886f0de225 |
| SHA512 | a848a2c316153c8a985d352e003f6d6c55b0893a96d3d22dbbf252af827ca62971d501149862dcb8861d49af4400de799f941a2074d6b437a73086e1ac0da2f9 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | db9c6812e032323667695d9fe25a8165 |
| SHA1 | bc8fe4377350edd8f7d87929f49c701cc035fee4 |
| SHA256 | 056a5cbcba260375ea6a29906f5d6b4caaada5d862da7fa581179fe9851d46e1 |
| SHA512 | d5fedf75bda7f4149fa286229e9228ae8d75fcfaa095e7fb189ca49efe30d14cce9ed4882b9f665d9a2c9040eb8763a06061f3f95d4f4bf1f58849f1ccdd2b64 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 7f9b56bbe5c613dcf5d3e3a00270839f |
| SHA1 | 0f30f7329647c765424e8cae5713ee91ea2759ed |
| SHA256 | 70673c2acb8894010ad8bb6bbddc99ed34956b4b32cdbfce613e8eca93580c5e |
| SHA512 | cb8edfd7dc29d53d4da5be5dbcb4f0b6a39c363a51cd7a14b07e194e8369df51b73df23efa0e018dce027ae5a6b75e1be4aa823f15b94d10902b7c794ffef2fe |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-wal
| MD5 | f9e76c749a8c78ee12ac3842cce9b0cd |
| SHA1 | e4afec14612368dd3a529d541e852b788f4e40c0 |
| SHA256 | 705f15fb60abe76dbd87a6255cc39da79e2cd5a497ed7935683828ac1ab011db |
| SHA512 | 813dcc0ab81a3418daef4bdd4f41a53c6cbe8827546579cde118abaaa897462c610f15146aec797df23f33b239a1f07c0cdd7fc97a29cc00c6ad4b68bee5bf5a |
/data/data/com.rcplatform.nx/files/.imprint
| MD5 | c3105d4e6702e19776477bc91aed8a32 |
| SHA1 | 5ecda3b8915a3e757352f64f1f58fa8d1650355e |
| SHA256 | 0e37e85954a059e8dea2981f87e1fe4f56dcc37415183f1a0c09636c51ea9ec2 |
| SHA512 | 4757e8d69042f12dd095da591d0dec73df77650fc6dcb268d8b46748eaeec8de36558c082a62c779640f744f346e703a7822100bd4b558804d6210346e494079 |
/data/data/com.rcplatform.nx/files/umeng_it.cache
| MD5 | bb9f15af888f93b5bba798f6c3c2f9e9 |
| SHA1 | 2bce1ed3ad2350ef1dfa08fedfe4aa621ded9be9 |
| SHA256 | 3e774b850f41dcab7946a15d5a1a29956a6186f9f58731586fe564e6fc9988ac |
| SHA512 | 4cf17bedd0b296a616eaa0713aa18051ee3b92480192b316e62ded2f18a2ec9d4b420525165e3afb3d6ffc866783dba653ea2fe0fdd8cd9f03b93c70600fb441 |
/data/data/com.rcplatform.nx/cache/oat/1582435991586.jar.cur.prof
| MD5 | a3b78d197d786c13687c3f0f89703bd8 |
| SHA1 | 9967f0726b6b1ed3f198904547b81920f8329621 |
| SHA256 | c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97 |
| SHA512 | 9a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 20:07
Reported
2024-06-11 20:10
Platform
android-x64-20240611.1-en
Max time kernel
179s
Max time network
150s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
Checks Qemu related system properties.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.kernel.qemu | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.rcplatform.nx/cache/1582435991586.jar | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Reads the content of photos stored on the user's device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://media/external/images/media | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.rcplatform.nx
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.10:443 | tcp | |
| US | 1.1.1.1:53 | internal.faceunity.com | udp |
| US | 1.1.1.1:53 | internal.faceunity.com | udp |
| US | 47.254.56.66:6443 | internal.faceunity.com | tcp |
| US | 1.1.1.1:53 | bridge.dloadstar.cn | udp |
| HK | 114.134.189.160:80 | bridge.dloadstar.cn | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 163.70.147.22:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.95:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | data.flurry.com | udp |
| US | 74.6.138.65:80 | data.flurry.com | tcp |
| US | 1.1.1.1:53 | bestmeapi.rcplatformhk.com | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| US | 45.56.65.189:80 | bestmeapi.rcplatformhk.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | ip-45-56-65-189.cloudezapp.io | udp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 45.56.65.189:80 | ip-45-56-65-189.cloudezapp.io | tcp |
| US | 1.1.1.1:53 | www.googletagservices.com | udp |
| GB | 172.217.169.34:443 | www.googletagservices.com | tcp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.213.1:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.213.1:443 | tpc.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | s0.2mdn.net | udp |
| GB | 216.58.201.102:443 | s0.2mdn.net | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| GB | 216.58.213.14:443 | tcp | |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| GB | 216.58.201.98:443 | tcp |
Files
/storage/emulated/0/selfie/share_image.jpg
| MD5 | c6064e7853fea1ce1daf718628dadae0 |
| SHA1 | a02c91e75b6e208299f15757924e7f3f282201e1 |
| SHA256 | 47810cc7dc65f8a347fd5a6ad433107a277efb8bd6cfb2d4c6008fc3f28037e3 |
| SHA512 | cd4fef340fc0570754048de27fef899fa3f78a758f5273e539315869e685fc64f2aa0d7527ceb923eb9a1650b0b4e5b2d17d1967e186c683ee41280c86d6a755 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/Z72
| MD5 | df5d086274ebe43eb8c8ed9dbb826d75 |
| SHA1 | b7d4a5b4a2252fdcd1484cbef50934a4ca1e993e |
| SHA256 | 748f6a5ab5c390dd03799565f28382b082fbc53c24b9ac048189cd48044edfe1 |
| SHA512 | 44adeba7ae8c7b5e842c7abbdda058fda759515960d4e60953eaa0872541b1526a92d2e599c1ecfa8bd70a74c15c3563b8afeef4dfecc066caff0c0eddb35f4d |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/com_rcplatform_filter_fragment_shader_lookupfilter
| MD5 | 45dd0cdb7a053aaa3f7ff318df2413bc |
| SHA1 | 74a5e7c82d5856c6aadbbf9865ac48837badc111 |
| SHA256 | 210adc5553ca1e6f0811aa68000e1add11f440c7532bdf64f23762af811ace6d |
| SHA512 | a7e9ce6465fe7eec5021fa865a56632ba6d91d6cd93b4516393b4a6db60db8b5a28ee811f62c0015e7d7a9fe1be5bb80abcd06763876a613f1dd44fd777e402d |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/com_rcplatform_filter_vertext_shader_no_filter
| MD5 | 53a6c9598b429ab5fc6a6408e58bccce |
| SHA1 | ac49da930f8324b7534e708c130ed7f5baced52b |
| SHA256 | 09eecb60cecc5a21681696dfcf0750f01bf6894057bb830c79f2bab77a88c0ac |
| SHA512 | 2de1929d975cbf0123637f09e2298b7631d776de7a61423da0f20e1c8010b0806d156c7146d5a2b2e2727532131030f5a01820f7e15476649011924fa37df6e5 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/config.cfg
| MD5 | 912795c99416a8b6dfd4a1c35c0f65d8 |
| SHA1 | e6ac38c9dbb016521d228ece4e1a4723e8b4f55a |
| SHA256 | 92c3e8c2102ddda1c718ebe9992ff0d80ab6f0aa40b4596c4623baa3f7b4fe62 |
| SHA512 | 44bd69b090039f50c028caea23fa2ea3d5b59508aeb53c196173f59b7d16cc5cc9777d0d21907447339a47d4308fa3bc4174b09870d1c336446fecd892f4c2a9 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/preview.jpg
| MD5 | 8cc9501fd27c06677c03a60957a20298 |
| SHA1 | 10bd4003ace1a3cad723581fa9fa3a08d9bffd12 |
| SHA256 | 92a4a8c8328614426482f8f7fc76406be46a46de1ae4385cc2b4147d99c8345c |
| SHA512 | 0245b41b50378c85c53367541302be60784b955ddaeca62867c438fc8ec9890ee57b52541a97f93aa12cb4aa617ea7971f691b81f943078ee4652d73203a28d3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/43/vignette8
| MD5 | a1143c81d2e64d8947fb057a7381d6b0 |
| SHA1 | 7b182d3a94862705818cfc452f8ce84f3c0e5280 |
| SHA256 | a6c96d730bbbedbd621bc0be31a3b1af75f29eea373dd17e053fac248573789a |
| SHA512 | 206cf7ce627e61b9980d112898731fe29a7322ea616968a975674f783e4e44e2ce11edc22a6ddc1887ed5203662d0a7ba3bb81bca03bd606a92fdeb887bdcfb1 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/Z74
| MD5 | e47f0dce877fd1d07584bb7c2abeb635 |
| SHA1 | 9cfc6df08a8b6f267a6649c32f8b293fbf89e29c |
| SHA256 | d950a88e532c783563bef13406c3ead4e7ac0a5f339cb538a3961c75dfcc5f1f |
| SHA512 | f359b7fff601daa412138a9116f7b033f7d3bc970e518b9cb9489cdcf09abd692630893b7b0f664dd4fe51415e652229d56789939fe55f2de4e131f55bf15631 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/config.cfg
| MD5 | 238422b5a88049b5761449d6b20664ea |
| SHA1 | 14c7945f06e70c9c6cf1efac3f3cd7245c1905b9 |
| SHA256 | 92080f7bd36c40809080c4c54e9c1640c78b91d0338a510890cfdba090c0af02 |
| SHA512 | e82160e370c3549a5e8c59a2986f9613bf67eabf28bc8065c1a2c86b21394dd2a05a2bfc41dcf8aecc3455adcb61446bcc2de6ead8c505442e7acb22a5cd2728 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/preview.jpg
| MD5 | c4d9c782dc15e40b7f82cb60e0634919 |
| SHA1 | 8f1f6ecc361e8e65ff75edf8e1c847f1e8f3f76e |
| SHA256 | 1806a8e31c400b9fcb0901e31e0580d7babe577241d2178e03944ef0e7764e8c |
| SHA512 | 0e48c804e41f55bf0d3be340377a898a7e065090745d4309d8ab56dd617f22a5b7b8f5a06ec2558e62422972e05b304652d8b8fd333be9db43e7b3dc2868cf91 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/44/vignette11
| MD5 | fe2498fb6b4c0a8f7b53ed13d5361db2 |
| SHA1 | cb19a2ff15a0a5af0cd29ac83a7ccef4400c2136 |
| SHA256 | c002fe9442435abb579f8e16f78babbe0a22d10376b4ca651906d271b165b085 |
| SHA512 | c12c99c052acb2f3202bc3d80a62f63821ef3024a014304f6ca943378307ff87b7fa4cab7b9a8124ce3afa5ecd0a1bf11f58b4e9baadebcaa25eb11b4e71ac63 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/Z10
| MD5 | 2af7f9dc875988d2cfa38bbdadbfa596 |
| SHA1 | 4eb315d5ddf3507f16d1af156640ba519fb58e92 |
| SHA256 | 3b7c6f583db4829c7e3c7cb7373e7c192f0fe19464ba6f1cbbff2e87759e6d5f |
| SHA512 | 705b2fc4708f180e1d4720b74e984a833f7ad9060c116c3d0a4f119c17a021fced504995df0fde6537782a1f775ef05cfae67a4e02eeedc1786fb8da447ea447 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/config.cfg
| MD5 | d8de8ce80d4bf9ebddaa8e2c596e5072 |
| SHA1 | db849ba190ae4b7cd47e5e4696b7f060a60f8a28 |
| SHA256 | 7b05f0f28ca8d30d2ab7a83ac9341fcfdc6558c6443d918d26ed5a73dda811b0 |
| SHA512 | 597bd02a11f6512f7cd5d92c6bc1b7ef77689126397de040dc83b81d0ab950ff6738cb5298b388589b0db9b817d73449e56ac3042bee838b43c450acb34a63b0 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/preview.jpg
| MD5 | ce50bdc3787b32a4cfdf81b4b21201ab |
| SHA1 | 7152724827970240a94e1d750ecdedb729a2a175 |
| SHA256 | c3cb1560914dba905d15abe05f63d906aa0cbb6e53c37edbc2962291a4253cf5 |
| SHA512 | c4f0309c8b0c4616efc3f0cf99296e6ca6a85866e701b3c464ffc8484e7de584d7d5cd7fea9c84df2ac010b32e00db0ffeb8b0420d6aa268adda399d6c739306 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/6/vignette14
| MD5 | 19e0b77e54bf3a44d8cfcc7d7c79e54b |
| SHA1 | 036a3f6e78d93db2e2dc5df6cc8d2c4a93d1b482 |
| SHA256 | b276dff3989de53784a8c6ac5d34ddce2f657a2b56b190ba143052d973ba1dbc |
| SHA512 | 07fb507d40db5056e8619a053bced6a5ae7ec9c0e8def210d3d6c56e0e3f9def1e1ae89919bb947b50c906cf6e93d6a4701eee548b09be46a3e8861cbd81dce3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/config.cfg
| MD5 | 169530324f1f5b157a7da21455e97bc8 |
| SHA1 | 8687390d1e8fdad49c107916a279505518a55a92 |
| SHA256 | c0de9cc54d7566f30f2bb3906e73f934c04d8fb95dc497501db7a991bcd337c1 |
| SHA512 | ec18dbe6036ee41ad216188c9f385c870eafaf1d5ca3c8bd31299825ba35cafce591259a675c8af3217d3fb374f0d15eef13e275a70cd771f488e7e30b2b42b3 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/lookup
| MD5 | 22d494dd2ca2ff2759538297d063e0d9 |
| SHA1 | d4732b797528e4c0f5ffab4f911a3968f4a32b30 |
| SHA256 | 6ff2c647c0285219d02c8d0252096b679c1460837258de16442401b4485fbc96 |
| SHA512 | 52c07e678270a04ae6d446ae9b9b6c33d615f30d0743efce63a08e866215fa6e61efdd80edb2c72b9d833f526c29a233a1ba8e865fef664ceff8b80913b991ab |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/B12/preview.jpg
| MD5 | 762eba9a67bb616ed3cb4062dc862361 |
| SHA1 | 6bafa4d1a9378d02f99e353be98b47ad6a004bb6 |
| SHA256 | 1e9b9152fd106a5d26d0a341bdf88a79b1d376bb8d4060d15fbd1a8caf02d383 |
| SHA512 | fac23ccaa6f43eea845ffb44d8390101bf138a60b38a4a1e37c8caebc173ce96b5588ed4852a7acc0e2f09aea03b87d4df73fff797675db1f5252657f57da4a0 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/config.cfg
| MD5 | bd8168fb7d0fa1fa7f661d3f407172b1 |
| SHA1 | 70e58a1ee600da5c7efdadcc3143f314469ecff9 |
| SHA256 | b860d81eddf3f348bd1b00da8ad1b23b5210cf9b423eae16d4838c2e1d608ebf |
| SHA512 | 3ddb20bb5d2b98619a9a4f9c3adcacfa643a24d0bb93174d4ec0631ad6ea2bf2d299745d9ca99228575ad9fa06fb7ac6235718867c1d34336cf20d2acfc17bed |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/lookup
| MD5 | f63a9eef1feea9655f011220bbd19522 |
| SHA1 | d4b5b975daab20393bb5b77b0deb85e48e6e6ddd |
| SHA256 | 762494a0fcd20c0ac9feb4dc3b420e450a048abb20d2b86d05afd3ae17f49226 |
| SHA512 | 89f01683e746a57c602817e7aa80133ed76c20c4acfa3209824ad4059800c2c7717c3e45e8180a16673591e18682b9274fd6df10650a966b322d58321789fcdf |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/assets/filters/RF12/preview.jpg
| MD5 | c43d08b67b822ea9c011fcd6d862eadc |
| SHA1 | 41c87d82ed695f065b6848019e41bb7fb162bc79 |
| SHA256 | 48a05d9e2d37b4cf8a9ab81605577298b10da776cf0fcfef4401ff6e7f1c0f64 |
| SHA512 | e8b375b52cb458d63edffaeee91009d54a8a9c1aeb1923463c22a527f168727a811915369975f8197858f7cf2313f8d8f4f4804c05e9bbd33ffd53aa30f30605 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/normalFilter/com_rcplatform_filter_fragment_shader_no_filter
| MD5 | 785396b2743eb721532390a5e9f54f86 |
| SHA1 | 0489ea25368abfe3909df380988e46f0e16db71e |
| SHA256 | 97f0ad3d3efa9e2b7950e4fb90a8b0bb222e4b1ea6773f93cfd8e30fafce6165 |
| SHA512 | 60d739f0582cd5af444820367dba98999ec0f751541af0ebc1e74e39479c4eaafd84e5067afd59737be397e87872ed971924d7dbdd8e5745d21893229d160a85 |
/storage/emulated/0/Android/data/com.rcplatform.nx/files/normalFilter/config.cfg
| MD5 | 4f2d5102a8b331b0728a193f019d2047 |
| SHA1 | c5f18ac398c089d64db286a49878787a1eff91f3 |
| SHA256 | faf50609f5163525846bf1237da16fc9b9028659c1116bc1a4a1f00c406e7f31 |
| SHA512 | b009392762fef582a7eb58c8d454f8d8d15821085d82dd6087e47e2e30015c269e94dc7af6f89aebf8bea6bc50e52dba38d0a314ef7d6ecfa7f67bbd64db0584 |
/storage/emulated/0/Android/data/com.rcplatform.nx/cache/uil-images/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.rcplatform.nx/cache/1582435991586.jar
| MD5 | e8e0527a01aefdb89afd2c508f131da1 |
| SHA1 | f1103e6b260c657ceb3d95f1b023af3fda8b133a |
| SHA256 | f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce |
| SHA512 | fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34 |
/data/user/0/com.rcplatform.nx/cache/1582435991586.jar
| MD5 | fde2ee00cbd121cfab5290b078aa3ceb |
| SHA1 | e2b77d5320e155e413d040a8c20020962065b2f8 |
| SHA256 | 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685 |
| SHA512 | a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | 460a03efde8073c38862b66ee29101bc |
| SHA1 | c1ad55fe076f329052a7bd35bba02837cb596163 |
| SHA256 | 80ae9195fb7644d043a2e907746a2063948518dfbad224bc2fae27e8a67bc4cc |
| SHA512 | 64892694aa400d17765ac45695937266c7200c0292d1aa12e2291bdf2329811daf424c2a2c2b2cb781718ca9bbf612b48932b386925b6020b7b029cba7bcd7a1 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 0c9313a2f53edb8234965e3985dd2d1d |
| SHA1 | 4a3aff794aa52ec43d44e5074b19353b9ac523bb |
| SHA256 | e5da4b90a24521a364363955b404e64341aa851bc9086dce13cbc0ee2f8080ca |
| SHA512 | 878f3e4a8dfbfe1c31a45e51b27ddaf00bde1b8a07bc7fa30d0ba3b5440bc77d8f454767b9e44616ffc1964d4ba725d6cd04d8d4d26fd42e4dc113cbb215a8ad |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | 24ec97ca8c2d572b6bcacf38cc870f7c |
| SHA1 | 03177823ca43466a578a9ac4de98138f51f17e14 |
| SHA256 | ed1fec411b0150623e8be36bd34ff68a48f1ce517433b97a75db7fe2fe48c532 |
| SHA512 | 460a136da0ab0eb4195ed6557fad04b3560be37313e112e0ca277d52cbec73a958cab2cd23a26aa860ff8bb526d4a2130e311d5f7c6fe319f4040024c940c509 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | fbde36973a6b443334688cc0238f5a91 |
| SHA1 | 5400c071428ff19bdc564f4b3923a9eee8bb27fb |
| SHA256 | 0284bb5a8321f381e8d321d152eb1372111621860ecbe6b4a552c021b4c57494 |
| SHA512 | 6e1c598c9c85d8db1c5d5bfb4e89a981085b1efd592c266b0b17469f2ad6c098976b8f3946119a5317a544a9c7df72380c8573b0c07b92b4a64e7615cbe11024 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | 646e2d53af6eb5b43cd08d70f15a32a0 |
| SHA1 | 85aaea01fded3eb0b48a31f7817f622619107f33 |
| SHA256 | 99c96896b3c4ed966832dc1feab872c9c2aab1e4f07ad0334e01cb576c34adff |
| SHA512 | b00b99444511d0322f363ed5797980002328027790bf4661c11d7ba46ec849ca0570a42b53d7d69927f87540612c5e93bfc1d554729d12c63493acb3f7a302c7 |
/data/data/com.rcplatform.nx/files/.flurryagent.-3869e607
| MD5 | 8edaeeb8c674a1aa85bc5e28e4ca240e |
| SHA1 | 8f0a10426b40238965bcb6efd1d5c964f6621cc0 |
| SHA256 | 3cfa13c18fb84c3ed22436a1d27f53b9ae013e1c1f83404bb170ef027275e49b |
| SHA512 | 804e77f9a2983ad6cae221823f3d49f989d2d5995e71e2c28047d2a6a925493455dd1c4b0b3346776c3f3e5459f3873c59a7686f94a962c34f90661a6c476c66 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | 3ff356de5ae53715f6f6e661de3b7024 |
| SHA1 | 8cc56a979c3eeb60503be04c7c3ccfe998958df9 |
| SHA256 | f8b770c1112c640fcc4bf0a2f9a9357e3455a916815d001ab16c9e2d2a3b50b7 |
| SHA512 | d90c03def97e4094fb45efdace747fc82710dffb0fca841f02417ebd347f5cd50b777544c8b0631098b2d5292f95f4983934a8727f312df39e5552300216bb82 |
/data/data/com.rcplatform.nx/files/.flurrydatasenderblock.171d080a-4499-476c-b416-d00a23da71e5
| MD5 | 52142fc6675febccfa8725853a944a5e |
| SHA1 | 367e509d360a63629e52d36d0067932510814071 |
| SHA256 | 2232b767c411c850698b5b67814e018b2bb986a42d611e83d6edf3c6f6a6c85f |
| SHA512 | 76e3016856a66615aead66b4e3f5afd4d866a5fc2f168b548503aa8f7346beae4be23389311ecf313d1d2dbe961ee72f08b9c300c95adfe280fc5bfcf680b40f |
/data/data/com.rcplatform.nx/files/.FlurrySenderIndex.info.AnalyticsData_KB97GZMYPP296QFH2JP9_158
| MD5 | c1fd076eb1586f5c303dfb0f71056715 |
| SHA1 | 70a69096f45eb4cd1e35285853f19567f002a455 |
| SHA256 | e8305d8ad9213b125e4bcddc0a4b31186468a118c729bfdf4c4aee8904cf5613 |
| SHA512 | cebdac7446868ebe8e871719a5e24a403658132ed1ab3c7f4861684e9ab492ec670d41beab9ba41b1e692fb038fecae5c2aa731aaf9234b68389bfc646e0c9a7 |
/data/data/com.rcplatform.nx/files/.FlurrySenderIndex.info.AnalyticsMain
| MD5 | 7ef2423cb0165a1a3f9d8ed96de0e768 |
| SHA1 | dda43704817cb762882e41f653083a4a27326336 |
| SHA256 | 5f78d247a15e6c12baa34812a79b88a1bc8846c287ce167529f3b3b65980b768 |
| SHA512 | a991baa38e9a188f9789c38ba22f348bd766b164e5366f919d70adb2d5de77478d3f9ca7e58ee79783898a00d9d003d9c5df841171c5068e0762a6393be09fb6 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db-journal
| MD5 | fbe0ae090b948c4b4525e296953b3804 |
| SHA1 | d9bad9fc0a112cf5450d33c4071fa08e564bc4fa |
| SHA256 | ff464ec58c652ad2e6cfb79850413116319c7f9a49d7895de08c2a4ceed18787 |
| SHA512 | 104cce58648667542237db18030e2a14ad61062da192d94e7f4f8eb6309222fdc6558fdde6ff9fbdf445d8c6c595f6ea47266fa9d3763e7f6e628d721f96f1ca |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | f006d46289945a4e4e2da7f502d8d106 |
| SHA1 | 3342b736ca2a2a6b356371eacda387c5aaf48d8f |
| SHA256 | eb95379c67288f14714ff7fcecd62c69005f97a78a1aa2133033c3425aa08cab |
| SHA512 | f14263fb90e77cd8f644f55d993aba8324a4ab18aec551ffa540a456cb2b2a806b756fb35db09de196da52f7bdb34f2ea658764f6543415fd6c0dc1d53eb3985 |
/data/data/com.rcplatform.nx/files/umeng_it.cache
| MD5 | 49c3b6c82aa97b6efece2d8188da73d1 |
| SHA1 | 9077cf432f36afc6deab4dd303628cd61d90713b |
| SHA256 | 023ed99637bfb4d8c553d975dfed741cf17a02e9d8c2813611d2104ee5d3c88b |
| SHA512 | 27927c10fab4bde5954cfafdd55a7c05cf079bb84a65c94b066b17a76a6bac1433ec7f13bc18f3ed567625a7d2179ded7184603bbf16dbf3b4b3f9a1b41669d7 |
/data/data/com.rcplatform.nx/files/.umeng/exchangeIdentity.json
| MD5 | f9220f77e26cf52fccf876ebe400c673 |
| SHA1 | 48e9bb518c15636acad250215fb80ddf4eed8c0f |
| SHA256 | 8485fd713fa7f456c9bfc097b74a65b57cdc7d02f0789e20ece8a98cb155e4c7 |
| SHA512 | 90d42180dad36322237a617b69a889a0938cd62c07e3b0c7bef07b39168d00753aa9cb764ddca3cf0b81724f46ae36046da225f3047dbf073f537153162696a7 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 0402bc8402db39a8a792309656b00f34 |
| SHA1 | 38e5dff19b274e6fae20fda1636b802988466cf7 |
| SHA256 | 9707deaec03ee56cfcb26df2c4eb71c5e82f506a0642c9b7e36944f7f12cfd90 |
| SHA512 | d45f4feeb4416dc06b9b811894698ef9629832d9e5eaebb6b385a0db936cc100e8f23c0dce817d27fad641aa3362643a8010778e8d7ad1e4937b88abdd71d2c1 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 14f95bc5dc264c4357d2ee5254b56d4e |
| SHA1 | 44c8b75f95a67087a67d9e0b1b10def1c05d66a7 |
| SHA256 | cffd251c7ddd091c28fba383355a333c3ab0634e29144fc0b1fbcd857a90e7c2 |
| SHA512 | f9032e160e99172479e137ae56e490549f7b5c3fb204f907ea14e56eee7f3b6c1d4599891ea1b54d08005146f18ddc1543d395672d14f1f7e29daa8ee0c06362 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | b44bf2f0b9188be7a549980b26814c8a |
| SHA1 | 9f23831a779e17932eef35bd9a9de0d03a019c41 |
| SHA256 | 6a05a831df0b343ab3762320969d22db064b75b007ca784d37a37e031cba42d4 |
| SHA512 | c65328287e1713a59c99c9e8c99fdac84f800c1c78735df890bc5b4871091d9236b56b87f20753f2bee6ca090ba15d8106bbf4cd45be5979e7436e0340eed935 |
/data/data/com.rcplatform.nx/databases/google_app_measurement_local.db
| MD5 | 7bb388d5aa56264a6056f23a7e5b476e |
| SHA1 | d8fc437f255fb30b08861d9a991d75c478d80899 |
| SHA256 | 08c9994063fb85888ce6e59f3feaa1bb3c728bc3858b08e58f1a58ac1895347d |
| SHA512 | 64c68f5e2f173e4b0851cb5dd8b9f882b8b3e3b727105b62afa373179bf894d6191796a14541bad423fe5c124fa3c5a025d5d43136812e4dfe3aaaf4cc5f5d88 |
/data/data/com.rcplatform.nx/cache/oat/1582435991586.jar.cur.prof
| MD5 | 942159d62a6e5ec257e3d84c5da93252 |
| SHA1 | 59f0263d5f68473ad0d5af2e44317b4cfe2e1c9a |
| SHA256 | 3a14792a953df11877b239425a7138ac871bff18d74f2cd3f475768ba824d41d |
| SHA512 | 6cb45264993b6bd3adbe45c1a484d7a3ccaaad33350c5258643622e6ce6e1ecbce34d27ae612ee4d67ff6abc57a0675dc5930ecb78916f354aed46b1212860ca |
/data/data/com.rcplatform.nx/files/.imprint
| MD5 | 16a97fd56a1e8fb3ee76058e8b292257 |
| SHA1 | 18c8c50d4cbb1e1cbbe9dcf3aa0b9f3373f1a5d9 |
| SHA256 | 1235f2a9b0d391183d93dac659ebe8bb3e42c83dbebfe2d038ba6802dd7fa0b6 |
| SHA512 | e04cd56df5c6888d7f4be03a2dd950410d70608780e6caed762958fa90ec4ed6be0ec96bbf2079abe7168b6ba39e54b0c09de161317bfde15c2f711c7e6e5c11 |
/data/data/com.rcplatform.nx/files/umeng_it.cache
| MD5 | 2bb9fd210cab536e77270c314f9733c7 |
| SHA1 | a0fba76f5441ffd5121ce063e7d0ed340aad9aa2 |
| SHA256 | bfcbc08d42330425f4db632bdb1b7f9c836375bfbb0b2c4297be251acefce7ee |
| SHA512 | 62f639f9e56c32a13a50e0fa052f570ac213cd5a3c9257f0c2e0899038ee8d4f17ecfaf2c07e96f15078544b57a03762c168149590d51c9b5672e69b417c1213 |