Malware Analysis Report

2024-10-19 11:54

Sample ID 240612-k7ddbaxbrc
Target a027813482b259f8839d0d712a2b5aa8_JaffaCakes118
SHA256 908174a824f24f671be6a634a49463c4193f5688a8c104fec9b444b262fe3feb
Tags
banker collection discovery evasion impact persistence execution
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

908174a824f24f671be6a634a49463c4193f5688a8c104fec9b444b262fe3feb

Threat Level: Likely malicious

The file a027813482b259f8839d0d712a2b5aa8_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker collection discovery evasion impact persistence execution

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Requests cell location

Queries information about running processes on the device

Declares services with permission to bind to the system

Declares broadcast receivers with permission to handle system events

Queries information about active data network

Requests dangerous framework permissions

Reads information about phone network operator.

Queries information about the current Wi-Fi connection

Schedules tasks to execute at a specified time

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 09:14

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by VPN services to bind with the system. Allows apps to provision VPN services. android.permission.BIND_VPN_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 09:14

Reported

2024-06-12 09:17

Platform

android-x86-arm-20240611.1-en

Max time kernel

110s

Max time network

186s

Command Line

com.sogou.androidtool

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.sogou.androidtool

chmod 777 /data/user/0/com.sogou.androidtool/cache

chmod 777 /data/user/0/com.sogou.androidtool/cache

chmod 777 /data/user/0/com.sogou.androidtool/files

chmod 777 /data/user/0/com.sogou.androidtool/cache

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 awpping.mse.sogou.com udp
US 1.1.1.1:53 mobile.zhushou.sogou.com udp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp

Files

/data/data/com.sogou.androidtool/databases/MessageStore.db-journal

MD5 ee3364cd39fc8246ebcf6f2e8afca95a
SHA1 7fa4907c7573878a8f1c0954b7086bbd7571870b
SHA256 573bfc00fa03d6c30cca08a9bcf875ea352a99d99840caa6ca1423620edb9963
SHA512 90ad4d2007e34b567f62810da825561fb09a42861c6feab96a354b8d5cbf2b5718b74b8b8539fe195c508d46d08d6006c5d937dedf90cbfb94ecc564a0e6bb93

/data/data/com.sogou.androidtool/databases/downloads_classic.db-journal

MD5 c6e962f7f01d1f976219a259ca22bb77
SHA1 5f7ccb879ec9d56eb14d279796324b38e97e243d
SHA256 0152a2ce49155d8aea2169ce2200d0d5935eede045e781505c05277d91cf908a
SHA512 1b449ba12f8dba3271ce89321b9a78e43e5df4b82454852f27bdc737f5da54203c021c7bc259f19a3a9e75bc8da8f9d26694aec175c033efe0537b63f26b48d4

/data/data/com.sogou.androidtool/databases/MessageStore.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.sogou.androidtool/databases/MessageStore.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.sogou.androidtool/databases/MessageStore.db-wal

MD5 1e6b8498780e91503a370865dfd10e4e
SHA1 7583b7bd77b42a215c5737e91ed584f83a3da197
SHA256 6001ce0de766a27ea32f0635ec5d145d49d9598e49e9fdf5ec396ad3b9071c0a
SHA512 202b259160fd7d3dde4769d21bfc49804ae03b9ba64cfaa6fff7647efb8724e1ea6b3b79f2d7c91ee36731ab3c2c1184e5584d66a201997a0f8a1f08daa00737

/data/data/com.sogou.androidtool/databases/downloads_classic.db-wal

MD5 cba99414dfc768e69941db44c800a625
SHA1 1f7c802a065765bfaaad9e226eab2666e7c27e4a
SHA256 0db072ad675060d07faa08ffb1da9916aa8f4fc1a574fcdc7e71cb4903e98839
SHA512 05ef460c064519d8d0c18d2aeea3490c3fb57bc547ee4c87436bc126b85f1355389f2b572284192b0bfcca9406337f3969d1b9961e7c65b731f855964b210ccb

/data/data/com.sogou.androidtool/databases/MsgLogStore.db-journal

MD5 283424cd1426f48a46d6f5327e14b326
SHA1 cc27275022a7264a557523d7f3fed5065fc818e9
SHA256 af2881ef96fa23be8e3d2321479960f56cf1ad436b65ce023c2e6e9b68e806fa
SHA512 764ae564197164c2b7cc66b903cd2f37729fe52c02cb9cb5473839cf6d48ce090bc836cb206209a89fb8ba0395707e141c781fb3df6907a5d28a8976549cfbc5

/data/data/com.sogou.androidtool/databases/MsgLogStore.db-wal

MD5 8f9e5b93fda42716f81fdc61bbec8d82
SHA1 84f26635a549e2ea9ba2b8abf7bdef1d676d5720
SHA256 cc10d5a9486ce083bc6d9de39957b033f592bc3f31fc3554202b0cef34f8feb3
SHA512 136656c041de2edcdc138a630d64359198ee2e44c4c7386c46f6250be3d7a6b966bfe20a9cea40f8d4c1334b1940b213baa94e80b9fb032b9b6f88f703386efb

/data/data/com.sogou.androidtool/databases/bugly_db_-journal

MD5 f4e0b53a586b6ceec35ef15c2e385375
SHA1 3d4e80b5bd95965d3d34fb9db03078a92ee3b0d6
SHA256 436fa7ff0930b1f22075063632e9bc636052b41ea9321d727d32827987c06184
SHA512 ad96e1a2d6bffd26a6743fd88df44c2776a27f8f052a1c884c27f8b461e8cbca348d03cc8cf5586abc5434b7849678cf516312a6287ede1b1ae08e7a96c7ca04

/data/data/com.sogou.androidtool/databases/bugly_db_-wal

MD5 97addbb19ffd1a9331f3475483cdf564
SHA1 6a316d887cf18e2306a4e811f68febd499726b54
SHA256 1c6d6bcce94768ac664706bac2b5831f9518c10e575e448fe55e688515459a0f
SHA512 3ca090ef88fe5f7a0268db6b8d32c6226fc5e78e1f57746b567896e30f07ef4b7518a5681a58601ee9f52e1a3d4bf945e7e62c6ea5305e9dec025e1ee4a9fbd1

/data/data/com.sogou.androidtool/databases/account.db-journal

MD5 441f124e5ec72494f29158eb6c7abc64
SHA1 147621e579a3325968460b76bbec85477adfcbd5
SHA256 7806576514b0e9524512b11e1af977a3a4b71f26ea132ad61013c3535465c8f5
SHA512 e2047ea0713f5a0774f0fcc55af7d3b3542dc80706092e6fe5fe76daa33f763af9eea3a27c645fdb9c252c26a67e762267bc53134694dcb2040979ad1c7b0658

/data/data/com.sogou.androidtool/databases/account.db-wal

MD5 56cb51576e65905bd6aebda8856d2470
SHA1 43f824ad121f17dff53acfae2a0bacaf1cf3b708
SHA256 dfcdc2c946156b1a972cc1e5024662f76adcd9cb64831e80735aef7bf1021334
SHA512 7b4a174ed1911004dfbee82e9852090518aa441df3b1e261d399078152f05613c11b4e41723955a0c22a9cc66e8f270e29e66d415c8ca2658d671916ae3ed6d5

/data/data/com.sogou.androidtool/databases/androidtool.db-journal

MD5 29ae6643162361538fe5a880f9df6e6a
SHA1 3b083ddf313e781b299d5d5a41be19f1844964d7
SHA256 c46f194b2993ed5d2a4ae35f7ab21c11ec1399c6b2762d786b0ca10953d4dc03
SHA512 04eb572c8712371680c8e40b7438a9b9190368d8b70cd4578351834a89055c591ff0da0a11962b900e42bf139b72c109760cc7794544b9f6e0402c198f489db7

/data/data/com.sogou.androidtool/databases/androidtool.db-wal

MD5 c9a0d98dc1884b25a44c4ed2a3334122
SHA1 ace8a818591fbf56d99ef331c70a601fd386aa81
SHA256 24900b9492db7b7c4f0855e2a551c6ca71fe2bad9f0de660fa49196d6011b949
SHA512 852d57d2585b73505c50aae24ed676cf16bc6d85b8ad880a9fe8463c977d69b621b998a290f4a29883b989b207d96328971c099a7edc4252ee192679d5338849

/data/data/com.sogou.androidtool/databases/unupdateapp_v2.db-journal

MD5 67a11049c2d2a0516cf2fcd4807e2c9e
SHA1 ad541507fd7f28edef056a04a1a991d455e7721d
SHA256 b142be9eb37c81a0f40971efda666b19790f9482c1a50698b6d4415be34978fc
SHA512 98232f872493382db46735458e8e0525d885649c109e173b4289a6d9c8466331b75aceb7a0864010420e9d2eb99441183c280212b0583a8bc8b7d82059765429

/data/data/com.sogou.androidtool/databases/unupdateapp_v2.db

MD5 2e88d035f7dd4983dc71afeb8347bb23
SHA1 46210e953ca9e3ed1ce33d29981894502b7dcc03
SHA256 88cfbfe4c21e2d1285c7ead94a47bb88aab9619f5d02c465b45a1d4265fbe5b4
SHA512 ddba27e04a397de48c822968e0af157ad85b8e280f41d2afb903d405df1775efe787847738019b1cf466ee0a5b14c459838271dc2e3ecd710869b7a62fc93d3d

/data/data/com.sogou.androidtool/databases/unupdateapp_v2.db-wal

MD5 a5b8b685cbf31e228a4252fa5a227e3b
SHA1 2d6f1c48f40fe7496a3175a5fb28c6eb84ce57a3
SHA256 28b313970e5875da37f5c8055e62b75a2638f56da1402f04d96379b5db82e1ed
SHA512 587b665bb0512926b8c71e9f2ff9e834fee39101a800ee8489d497226ec18043d622660e77c49f80b59c96d28022302be59ff685a7c13ea31f903d7deda83f40

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 09:14

Reported

2024-06-12 09:17

Platform

android-x64-arm64-20240611.1-en

Max time kernel

173s

Max time network

189s

Command Line

com.sogou.androidtool

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /system/bin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.sogou.androidtool

com.sogou.androidtool:remote_proxy

com.sogou.androidtool:push_service

com.sogou.androidtool:channel

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 awpping.mse.sogou.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
US 1.1.1.1:53 defake.pingback.zhushou.sogou.com udp
US 1.1.1.1:53 mobile.zhushou.sogou.com udp
CN 203.107.1.97:443 tcp
US 1.1.1.1:53 get.sogou.com udp
HK 129.226.103.145:80 get.sogou.com tcp
HK 129.226.103.145:80 get.sogou.com tcp
US 1.1.1.1:53 adash.man.aliyuncs.com udp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 plbslog.umeng.com udp
US 1.1.1.1:53 ulogs.umeng.com udp
CN 36.156.202.78:443 plbslog.umeng.com tcp
CN 223.109.148.176:443 ulogs.umeng.com tcp
CN 203.107.1.97:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.97:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
US 1.1.1.1:53 config.push.sogou.com udp
CN 203.107.1.97:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 tcp
CN 203.107.1.100:443 tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 36.143.252.67:443 umengjmacs.m.taobao.com tcp
CN 203.107.1.100:443 tcp
US 1.1.1.1:53 amdcopen.m.taobao.com udp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 tcp
US 1.1.1.1:53 httpdns-sc.aliyuncs.com udp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 223.109.148.141:443 ulogs.umeng.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 203.107.1.97:443 httpdns-sc.aliyuncs.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
GB 142.250.180.3:443 tcp
CN 203.107.1.100:443 httpdns-sc.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 106.11.61.137:80 tcp
CN 106.11.61.135:80 tcp
CN 223.109.148.130:443 ulogs.umeng.com tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
CN 36.143.252.67:443 umengjmacs.m.taobao.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 223.109.148.179:443 ulogs.umeng.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
US 1.1.1.1:53 umengjmacs.m.taobao.com udp
CN 36.143.252.67:80 umengjmacs.m.taobao.com tcp
CN 223.109.148.177:443 ulogs.umeng.com tcp
GB 216.58.201.100:443 www.google.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 59.82.40.77:80 adash.man.aliyuncs.com tcp
CN 223.109.148.178:443 ulogs.umeng.com tcp
CN 36.143.252.67:443 umengjmacs.m.taobao.com tcp
US 1.1.1.1:53 amdcopen.m.taobao.com udp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 203.119.217.116:80 amdcopen.m.taobao.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp

Files

/data/user/0/com.sogou.androidtool/databases/MessageStore.db-journal

MD5 28ea1c7a24d381bc7e4d60b40f9bb191
SHA1 4fd17f5bed4fe843259ddb91ff5659e0e6698984
SHA256 40a6fbd9d90f813abe5c83be26972753b09f7435f699832565bab73fd3586c4c
SHA512 70a3f1863bc7fa44527851265528102dc673d22924a151948e18427b55af0c94f8f1d1588ce140cc075aaefaae755205290416c9ca70fc73689d4fcaafd684ed

/data/user/0/com.sogou.androidtool/databases/MessageStore.db

MD5 cccc1a6584d11fac73a0a1add112c342
SHA1 47a0ebd7598407e5cd723fdff617bc8b3e691367
SHA256 2d23a423eafa48dc712396d9a9390de1fe79f4e0d24ed9423c5e9e5c506316b7
SHA512 f66453986ab73c48d897203006d970d060975646531b7ac83b30b9e6a0121eb1a6ced7241da5369a08b6770005d2fff4817628596d977019310f4a8ec28719c6

/data/user/0/com.sogou.androidtool/databases/MessageStore.db-journal

MD5 c224651a9215a6f004a96576dbf06eec
SHA1 ea5dd5ab141ef57efb31efa147fe126ef135e0b4
SHA256 5d273148edaeb13bd4ec031634204f8a8f22afcf831a4aad99815b6cc9f1a752
SHA512 e9148ff7a8b9919b10b3f7a695e94035e015c2a39a735006c04f60272d67dc6c0cc0756a37f32570a651a682327ffdbf5fdbe6e5d9f63c3838b9edc9b0aa57a4

/data/user/0/com.sogou.androidtool/databases/MessageStore.db-journal

MD5 81118d4448e385eabb887003864f0f87
SHA1 167db71bc7ade130270e5441fa112e0eeee69014
SHA256 810538a63556832fda72d34827487807bfdbd2cbd207247d856adc778a99eb78
SHA512 65bb4ef1e2768af8ab8ef791e8eb2029abc75b86bb92f50923ae175cc3f8b18ee588d27f3e68802f1e3a5bb00470651c584c6f00e59e0b2d6fb0bb03720e459c

/data/user/0/com.sogou.androidtool/databases/MsgLogStore.db-journal

MD5 e9909275401d3da474145aa49f68543c
SHA1 15f6b63f537dd2bef3b816772521c9cfb368a0f1
SHA256 909009f0ab67d464b498bc95606bff49267d7900b436410fed971092b9f8abd8
SHA512 5355bdc60386403f2c5b57128d58a1b1ba2e172d3e0a995747a481875b45a26d513d269eac19ae4da8424bca73ce4515a4fecc71f637a8627ad0369db4445565

/data/user/0/com.sogou.androidtool/databases/MsgLogStore.db

MD5 f04cf32dba96ec5613d9b3ea29a95ae6
SHA1 26bd89f3d462528719b9c765c1cb4fd72970550a
SHA256 a49248a2336dd7c433d8155d8854f03fe36d60b3c640a5d9d7ee7821d62bd25a
SHA512 571ad26c55b66e1737ad63675cb06d763ad35c80a6f9027a1a3f7eb2c225291e9c5163a93be0ae282c34a9e6614b067382415265c36b6b9ce973ae746a4a20e8

/data/user/0/com.sogou.androidtool/databases/MsgLogStore.db-journal

MD5 a3ef35b09c1bbc32cdfeec1bf4bc0f16
SHA1 bbad9d6d0db67ce2811a24e73779257a1b4c1c1e
SHA256 cab249ad278fca7e43e4f23e1fed7ffa2d2ad135a344074c6cb5459d36be70b3
SHA512 cdc1b8da0ed7b1ebcc72ff5d0d3405bce727e06097d9a4d4961699d386aa300c2f3b4f046e6102fd779b182414562067f84648e83f1b082b14565f92d2816cf3

/data/user/0/com.sogou.androidtool/databases/MsgLogStore.db-journal

MD5 4bb33c43ebd467e76ed2c9f12dbe02df
SHA1 0f30404de7d1fc5fb982df971dfe01e4fbf04b28
SHA256 6961bc00b2e923a964464f7f8de642cdaf18ee10144a40fde082b4ad2dbf75d9
SHA512 f0ede6bd430f0687210179a7ea43572fe742243afba05c21aa63adee6c6486dacb2656c8627decaedcc4a3c86bc1c4b78bd533954f31744640806cf4dd0f6d2a

/data/user/0/com.sogou.androidtool/databases/downloads_classic.db-journal

MD5 06d9b2f1919683e291a1b7174521749b
SHA1 b6abbad64148bfe5ef95da5d555f33a03e3fe29b
SHA256 fa145fec848fd9b9a5a59b3efd29b9c7c3125aef81ffb69276697523bbf26d94
SHA512 d463d3dbe499bb5feeb05a33df063db613f60959454d196d36ac0925b4b4010da1346eebb802d937a51294d65311f3fae856640c1780973b497b52989259c875

/data/user/0/com.sogou.androidtool/databases/downloads_classic.db

MD5 570f7ef22343ab3d1295cf0e6d09030d
SHA1 e124c66119048c50378cddd08364183f848f2f18
SHA256 fed4fe36b9be49602c9e44a3c3db111c24c9749fa4360401698f8baaff2afac8
SHA512 b4c418383350e98f739577434184449065f4e525cca0a21a7470e6bf3f8190ef6ef35f89e29cf956c11b00df277a08141f542cdefc4604f0f2f4671e3c3fccd3

/data/user/0/com.sogou.androidtool/databases/downloads_classic.db-journal

MD5 27214a0e6505ef4a406347804cfb473c
SHA1 4691b351ed1cb968aecab4d889cabca6a3814c63
SHA256 9d6d78dfbd261a914b0fac1939eb7042d34a60313b42d61d20da8f5ed0559d54
SHA512 b5552d69efdbd1cc177076e49195768a7b48964fef7c7679cecf799de48d1751f68baf9a89dec7ae17a0b4310c24bdbbede21183548b4662e776df9d2274ea1e

/data/user/0/com.sogou.androidtool/databases/downloads_classic.db-journal

MD5 7c0b5c6d1120bf3635cb815eb5e29f28
SHA1 cbb58092e164d3d098e750a608f3833f85a06476
SHA256 f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b
SHA512 151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 9e9472a634aafef0e8dbdf9827f4b78a
SHA1 d6a3883f88f7bdcb9f35d590f482361d99e29c55
SHA256 6eb8035876caf371294dc900c4504f9051b63ecf53d24ab4f18d1995fbd4f83c
SHA512 f2bf4dc8f28f02162845046e10be4f3529f15c7d48f5ce20c8e79854aaaed4646fd8da330e49188f3de0bd462567ffda84713ee3fbb877086c8d328355490b9b

/data/user/0/com.sogou.androidtool/databases/bugly_db_

MD5 dfd336dcae22e08572c06dbf526f5ce6
SHA1 3fcb59ea7afe82689f8898ce82538b52fbd2d202
SHA256 5376ff2725ff53a18ca109790eba4d22059b467371d19d3e67edf1f73cc0a858
SHA512 cdb54ba14f91775a0a7a16f8060a47e86454f95999d1017c71491b18688ee33fd4ec127a70f3174677fb47f7405006182912d692fc3f7add6bea87e4ea1db13a

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 fa3964b32c6463043e6115c7a1105514
SHA1 0f24f819ef2b745874789cbfe313a517ca42b399
SHA256 2f95a004984b1c5df28cfc32e07bc8fd7d9f873f385fc3e70d80692fb525f88b
SHA512 3d59df32589097445808da54f66527012fee287657304987c1fee575621413a54be2baf350985664d9269047fd7f6be4a5224b03d3da8e8fff4a5258d3468840

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 43a6959bdec60d69261a63cc471f2578
SHA1 0fc38e8f274188d5204d3c5c1577ff7b91e33fb9
SHA256 7eb2dbf04c99d38e1ef88833dd672c63df8e0789e064444a868fe02e1ac1a66e
SHA512 4a26236445ae97eb18e6dcb151c45e330cb9183130a25b54dc88e83726b89ababf052d7dc45b0dfd06715d172edfd11d31922ba237d28f7823e8ebcc1c800c62

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 e2cd6d101a8f95107f975256f0a0a265
SHA1 00e1d0217053106c8e43c051a5994540f9974768
SHA256 4da292c0569f8cfb5e2b366e4cb19d45db402084c73f9a94d3a1a631ef3d4244
SHA512 05a246a24ea48e6e37bd2b99b890162407a5dde5bcd4a08ad15ca7591af9e91d3a3489dd3ea35e0ba7c2dd22e8c059a913598b1caca5ce5fcf6bb38f84f97ee2

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 4fc74ec97e493696e27300459f8cb2b5
SHA1 0d766545d97bc15d00d346d233a075a3e9ceaee9
SHA256 cc09c4be48fad52504f47b6953c1f09e485aabda32338b0b2e6d07f8a85b0664
SHA512 31029b3e5704d39780059b26cdea9673f6a95a36331cdafe2795b53f551ac6de699db26184814efbbc347dc644100f68ceb0aadfe37c067276e66c7852c60d25

/data/user/0/com.sogou.androidtool/databases/bugly_db_-journal

MD5 0df07767a0fd2c8e5d34600bb65aeb05
SHA1 ba86e20569705cdca58d238d0a0e67a6b62971a2
SHA256 0db25550fea802700f76a067d8bd7edb0c2cd618706c779440945b9a535d5da9
SHA512 64601f2718d065650f46695c13ceda64ccbd4ee5b7b06ee6cc174228d437b90beb5763f5479dc4cff8da6e89db19351ffda2649a82136349a96a86981e6390b5

/data/user/0/com.sogou.androidtool/databases/account.db-journal

MD5 a4d482bc8c9283740f4e3295a8251e17
SHA1 99c6d87f5861269890228ed1eac722221e693a55
SHA256 4a708a3c8d066530b03446787ab4dd74ee482f9754371ab3767b96990e7ba7e9
SHA512 be6dce4721db7d770571cf28ed3496ca1bb8ecebe120912859f8c3c04739b4e604b60ff23297f78d8758388fbeed898343d4b0a011f0a7201227176fdf9f4b83

/data/user/0/com.sogou.androidtool/databases/account.db

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/com.sogou.androidtool/databases/account.db-journal

MD5 ab20ccb1a858cf0bfad0bd92713b9cb4
SHA1 69b975577dd90507dc93c85d1cf44390d4fe920f
SHA256 7b34619b8485de7f555d28639da2c4efb3938066a35c7679dfe8619f7cb272ed
SHA512 ca9e1d9bbbeccef7899c132bc5a3ab9ac6e72ca54eaecc2a76a5748a4c9edd7080ab5e792d99516caff5a9c55eaa739fca7d77236c142bd62bc6e99962412e92

/data/user/0/com.sogou.androidtool/databases/account.db-journal

MD5 8260006316d0562dfbe429257143ccc2
SHA1 c8e6832f9ad54cb27a6e8a7289ffc4cf3fb6c630
SHA256 31ee9b60dfdf97772b6ec572b9e03cb9b7fe0f93b40220d3c7e30560c7c6342a
SHA512 2eb8d95253aee468ecc848b1843375d26a96adf8b750a86c9b1162c12d9a7900fd11f2095afb18efa3cf5bc5ee7715a36585b5a6948e1d8b018e33a893f241f0