Analysis Overview
SHA256
9c6f0b6cd0535a843409ecf3eec2f161e8a90b0a752bbae95d64fd66b3de4478
Threat Level: Shows suspicious behavior
The file a01a9dd118fe4689f4634fb46d5f16f7_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests cell location
Requests dangerous framework permissions
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Queries information about active data network
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 08:56
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 08:56
Reported
2024-06-12 08:59
Platform
android-x86-arm-20240611.1-en
Max time kernel
177s
Max time network
182s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.pykj.ddashop/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.pykj.ddashop
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.pykj.ddashop/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.pykj.ddashop/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.pykj.ddashop:mult
com.pykj.ddashop:remote
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.3:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | api.map.baidu.com | udp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| US | 1.1.1.1:53 | app-router.leancloud.cn | udp |
| US | 1.1.1.1:53 | gtt742co.api.lncld.net | udp |
| CN | 106.75.100.17:443 | app-router.leancloud.cn | tcp |
| SG | 119.29.29.29:80 | 119.29.29.29 | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 124.71.170.130:19000 | s.jpush.cn | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 124.71.170.130:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | app.goyounglife.com | udp |
| CN | 47.95.165.147:443 | app.goyounglife.com | tcp |
| CN | 59.82.29.162:80 | log.umsns.com | tcp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 47.95.165.147:443 | app.goyounglife.com | tcp |
| CN | 47.95.165.147:443 | app.goyounglife.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 59.82.29.163:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 59.82.29.248:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 59.82.29.249:80 | log.umsns.com | tcp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 59.82.31.154:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 59.82.31.160:80 | log.umsns.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
Files
/data/data/com.pykj.ddashop/.jiagu/libjiagu.so
| MD5 | f380717bd1e3916c7b697fab8d46c5d8 |
| SHA1 | 04f51f0d16097214e38be517d93be44cb0603a88 |
| SHA256 | 8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc |
| SHA512 | b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e |
/data/data/com.pykj.ddashop/.jiagu/classes.dex
| MD5 | b2a2a30e1f5f02b587d4d6886fc7b629 |
| SHA1 | 38c3d1e12dbb0168062c884ce7a77cf496124875 |
| SHA256 | fcea42742f860a11e2b937e1aaced63271a34ae639fe36830781046427eb93d2 |
| SHA512 | 8528f5c6c949c6ad8085388ec301428679e6fb8a6288ccf0d3db731266a8a63a65affa163cf9d55d2751e9b914a87dc9893226098b1921fe150254c65342cdd5 |
/data/data/com.pykj.ddashop/.jiagu/classes.dex!classes2.dex
| MD5 | 75f42225e22a84f1fcc3a3df45978601 |
| SHA1 | 37fba0bc980c17876f468795a45bbf3047dad91d |
| SHA256 | 98d91ff8923d4c2bb20fded1149ee213c4369ed72d25007d936b2439ba9c27d9 |
| SHA512 | 8c2b14ad587ac21bf91f12401c8f01f566004e8c176f4dda460edf7748fc18d8e0e2f7261961c4c4ce6bd19a43d3cb9bbc3889441709ebdc9a9ccc78bcd5ce67 |
/data/data/com.pykj.ddashop/.jiagu/classes.dex!classes3.dex
| MD5 | 6d97c38e0b2c30745d0ba8ce09c9e798 |
| SHA1 | caa600428905dd678a4d16e1c32c4adc1d1443f1 |
| SHA256 | ca6952240853668726d60aca2b8d5293e2bad73306be196156a0226fbb8ca811 |
| SHA512 | e34d95001fa9ef28ae936ac8f5001e5864564ab57846b68e32a2962167544ecd7cdabfb56f3aebb01a554ebeff925d63cac4af453096358c03171f436c9b4931 |
/data/data/com.pykj.ddashop/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.ri
| MD5 | 7a5f3bea3a8fb3738b5120cd0ee56033 |
| SHA1 | 1b97e7df7d23115be72996899d71dc9508041c14 |
| SHA256 | 449aa4a8c159a0e6cf182870fe73d80657cf209e8e54205d285f2be0a7e36e94 |
| SHA512 | 1e111b351a1fd717bab8dd6b3db5b74c7674df5028f347a76de408d9a7a9961fbba4a4893451e8e08b44a202409f3030ebb70f1c8755f87acb35275f0ae15786 |
/data/data/com.pykj.ddashop/files/.jiagu.lock
| MD5 | 9811c7668ec6700835139be9f0ec7a48 |
| SHA1 | 0939411f75ba2f5a014d7f5f77211f0b2c557ba3 |
| SHA256 | 6e5602a6b1bd8e03e2f05412c2c913c7054f6e6f38425a8773d0b0aa61034364 |
| SHA512 | 6081235cdf995f180aabf8c9491a46b8be8eeaed979470f82231982f60170d08d43a8ac828aa711c9ab271432328c78e12199535160e2017f5678ba2874845f1 |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.rd
| MD5 | 47ff445c892e97bd925ad254982a36b6 |
| SHA1 | 44abb7af4adf7e47f57b9123c9461b80c8b03a37 |
| SHA256 | 3c4d335ad86603e12f1310a6b2c49af6878ccf005c0432877ace799013136fe2 |
| SHA512 | 49e31baf3bc733a31b17e9d75db01b267d45cf6fe230ec33d7b2e8d3acbca11f7341f3086d70f179b51e799dd4a259fa6f56206b5a3a45ab79c50f24461c2cd0 |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.store
| MD5 | 8184c6cfd5c946b7abb10aeda133cde0 |
| SHA1 | 148908515ed7ff859e526c7b1707888bbde54b4a |
| SHA256 | 794f11d0f09c976cd5ca8f9e38ddf3dce150765e2c8b596f9799d184fb21e5d5 |
| SHA512 | 6dc29cee3c34e0639f304f3996da792115f4d59df8b71677af724ef6aa026198d6f737055e1707d608dbb2da37d0c597a9507c7a985799de6e7a18c3225bf8b9 |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.ac
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.ic
| MD5 | 5004ca9f0481fb0a6ad028c59342d4b8 |
| SHA1 | 3550e853f56facdec633a7010bba6f441fcf346a |
| SHA256 | 26db2cf7a975009180c9e853458d86850622a0d685c7976f5414327cf157dd51 |
| SHA512 | 1314b2709d68a2439b22b6bc7dbf0c6fa1c5d918c7f6e6f0a4b1a426bba56d6eb2aabc8988b5a42d196a3a83e4b20eacb618597e3cb1903fd22b8a257f29d748 |
/data/data/com.pykj.ddashop/files/.jglogs/.jg.di
| MD5 | 48dbada5b5cc94bbb66347c73b00cb0f |
| SHA1 | 147bc710f5a1b7e261b83af26fb97740ba898916 |
| SHA256 | df9e2f3f49b26b02f658ab72d58b4a991cb544db146bd0df46027d744a50a301 |
| SHA512 | ac412595a2c3fa78c51a81142ee9f76b2ffe9c2fee05ffd7ed1e4b750764d76bbe2b73cad706007d9054c8c285ca451e316a178f204be53e992b7d9757cf2519 |
/storage/emulated/0/360/.iddata
| MD5 | 90625042389e6dbdb37ed9f22b20867b |
| SHA1 | 463347bc897536fcf5b17158626b678dbcfca08f |
| SHA256 | 7069d64f71de14791fd3bcad954a66c7c58caa0f38ad08a59a481f41fa92b86b |
| SHA512 | b1131f34847f3f37ae6e262b3d6fe70b1da7075f89cb8fc570fe97b1751b36f5786b43237ca6a04727a8096b9195e9d73fd3efaa36fcf2cad9f477437fa684d2 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/data/data/com.pykj.ddashop/databases/_nohttp_cookies_db.db-journal
| MD5 | 2dee3750ed9c8e2b2542e2ce0cebe714 |
| SHA1 | e7c3ab4f1a0aea98082812e31999256c115e56d9 |
| SHA256 | cfbcff85ff442adbce4e904b8c5a48d05b59e78bf109d005453f3840d8460c42 |
| SHA512 | b8262efc975d1ff77986c7c293c309aff490dd6a72a7eec49f07ea51cef9f9d7f1842da35c73e5ebdc7b744ce94d354eb683a1aeb86262d9d9fa88995c869d18 |
/data/data/com.pykj.ddashop/databases/_nohttp_cookies_db.db
| MD5 | 17b0ff572cf67562f2dde50048164b64 |
| SHA1 | d377398bfff3fd9dd92449503c76ff72cabfdbe1 |
| SHA256 | a4609688cee8a780f4bfc78102b7c3f3399f2069e52d38f67aeeba29027f3960 |
| SHA512 | d138c5b0ecdeb70abee3a63b15e48d46f94df49e979dc7fdfad0de31ef39d238a05c85adfe8489a2cc7011e19d01642bb090e98e5d0e275825681b4bff28684e |
/data/data/com.pykj.ddashop/databases/_nohttp_cookies_db.db-shm
| MD5 | 9a638d534718a9766fe5612ac6820e6b |
| SHA1 | 78d369692954d070f272d1dd3b5ce1149182c903 |
| SHA256 | e4d5eb7ac28d8bba9bca673f08740d6ad6c544098c2a6f901f25c4f9a30b0ee8 |
| SHA512 | 21e603597b4d0bee45294db3aa00e8845c20af3ea60f3aeb1d28b4ead250f567df9c9573f4b8366eb6143f752630ebb28a6e0b60efb47f18640ed8c81fea3ef5 |
/data/data/com.pykj.ddashop/databases/_nohttp_cookies_db.db-wal
| MD5 | a73838e5dfacc3bcb2cd7513b0b90e11 |
| SHA1 | 3c6eefe2cbe9d2dbccc014cc3bc3538ec18a6220 |
| SHA256 | d15e242d441cfebcf5836d00fc8d0f9ac0eebe70a78566205835bc36608be30f |
| SHA512 | aa35a577ff4e4a9378a12e69095950effd86958f36194f9d9e36dbe4b88a2d9db20495149236618d551b131033c5803b29fddcf31d864434a293ab33722cf9c7 |
/data/data/com.pykj.ddashop/files/libcuid.so
| MD5 | 96b92d493ad58acede1feebdf86dd8de |
| SHA1 | 4ab6cfbd38a377b6bdc187ec23e1fe8a86b36fef |
| SHA256 | bfd3116aa7518cbda0ff4260b60e346e5b4da79d72a5e9ff906e936ed9849690 |
| SHA512 | 2fe75dc1a593d44301e6273447bbe2be1ed374586342dd2c224033ab22acc529e6fb3d5212c6d7d73f25aa5d5d87158818f83ff7205b7b4d425e22e8380b89ad |
/storage/emulated/0/backups/.SystemConfig/.cuid2
| MD5 | 54e7d18fbd1c09929edb9387322da5f6 |
| SHA1 | a3af9028931c1c90b791b0e1edfa22efc164cfe0 |
| SHA256 | 117b9b3f315dd00e18168f2723291e33829a117e78c5a24c3522a2182d4839d0 |
| SHA512 | c726af51882934c25d7bebf7f0654bb246540903eb8e7f14559e4fdd62f1f42656203aaa81993ab1f5b0ec9f829dbe4996467eaaf1e66c79facdf982eb318464 |
/data/data/com.pykj.ddashop/databases/tx_1000_ISME9754_guest47974609491720737240171393831803108216-journal
| MD5 | 9980b339b300aa1849a67db75a5b9884 |
| SHA1 | 732e6936dd371f62e5d951fab966f7a69fc1f002 |
| SHA256 | 373f089940dca3bd423442a0d7900e44d64b58c52189a8864df336549a1be422 |
| SHA512 | 14769132500d4491542badf637ca3f248ef166ca56754fccc3d4ce5ae9199295ed425b4c439f106e4c7b377edb5d0d5c9d80f05f67d7b388114b31c07f50af9d |
/data/data/com.pykj.ddashop/databases/tx_1000_ISME9754_guest47974609491720737240171393831803108216-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.pykj.ddashop/databases/tx_1000_ISME9754_guest47974609491720737240171393831803108216-wal
| MD5 | 6efdc1b87deb78a1ce41dc7187761699 |
| SHA1 | 42c0e5bd140ebfb49e0b593340333ef7f5f2ffe5 |
| SHA256 | 4d0b37e0b02beb6a17ab78d9d02cb0cc48236752fd4e9094a86b4167cc0f6953 |
| SHA512 | 6fed37bfa05a2116236d5824edcc78bb215d74f9ce87c313dba48b63fc30265255b8f4bd30c2867113bcb45c26b1a5374266d872da11e2f70e13a3fc060910aa |
/storage/emulated/0/data/.push_deviceid
| MD5 | e7b5d801099c30f7e99408f99542808f |
| SHA1 | 5194c2a544c92f2ebc17729dca9c221cc8e9da6d |
| SHA256 | 680df0f09ceb10c4c563c07d1731f50f3850cd6e101b47b5890a3a105224a7db |
| SHA512 | e672ddcd6a652310778d33900baf49ba7517a4b286ce662589a7a121c7596a18d0903a67a3a3a08118058c76b79890758e72bb20c243b05b1f7517e05fd2d921 |
/data/data/com.pykj.ddashop/files/jpush_stat_cache.json
| MD5 | 993a20ca16d701884ca69f6b54ceaf11 |
| SHA1 | 5a22b898b93fe8b8b2422f6f3eebffa20db9abe3 |
| SHA256 | 7ed5e8cb4befff7a3cdbb5c866ef0fc04f9c223847610a0a58543c4b54d15ec1 |
| SHA512 | 8ae3650050a07a902300227d15410f11fb4ca2235828778698f286afd59bb20e1269f6a6d169818c60816de33c2f5b28169f40a2025d2ef7a189538ab9a53015 |
/data/data/com.pykj.ddashop/databases/notes.db-journal
| MD5 | 187b3d97c529d6f20515d184776d6b99 |
| SHA1 | 1f75d967a51d1ff61adb4f7d3473970877a6db44 |
| SHA256 | b13cc8b9942c00d845e89d10eda06399eabcef35ab637c313cbb89a9ed981afb |
| SHA512 | 90cd9f221bc93bc703cc494d0963517eeb6d95ece6bcb4ce892784b8b3fa9165e73d957ece20c782c3366520353ac467286c0760fa77bdc191c2ebbb21828af6 |
/data/data/com.pykj.ddashop/databases/notes.db-wal
| MD5 | 4b6ecb3e922f0f1941159543a58f686b |
| SHA1 | 0f5ab635f02e8110cde570acc7dfdc4a777872ee |
| SHA256 | 1141fd16e5537b1a20770cb8b2c13fadf1a9816e4f3a8c12ce8deba4e48f17bb |
| SHA512 | cf97e1ec5205346d07b30da8e22c81222a0579e1ad665ff7fdc387f6a9805c8a78749ddfebb52b2020a8dce34fc282dbec2e3415243205fb27ed9c86dfadfba4 |
/data/data/com.pykj.ddashop/databases/ua.db-journal
| MD5 | 4459037524713543efaf1bec65ed08cf |
| SHA1 | 291c89b813b0f47f90dae8d82d6da701a2275b37 |
| SHA256 | 6b42878f92d956f2d980d8bdcb3cd7a489167a53c6511651e04e31697016afbf |
| SHA512 | c43189daabe88dca615e24e3ca93c7120deeca37fe4e172feff3dcedee1614a5c92dc6735cc80bb9b3e4b555a901c0cd23ac902a6d573695da82a21a1fd4d1b8 |
/data/data/com.pykj.ddashop/databases/ua.db
| MD5 | cb7dc48bb11374057d873f404695c736 |
| SHA1 | 9367868e9dc6bbc61ef8cc3f60553d5bf19d2ab3 |
| SHA256 | 975d247fb5577afdf9993533a18237ec69a683da9085eacdb0bee1d8ccfaa44e |
| SHA512 | b634ae17086104f32ca8df153403088e76b278e9ce7325bf41a1c9526c2cf155631870b6dac1ab4175d41b562ae68238a8b5c2798bdc4cf2bbc6b8b29ff10c04 |
/data/data/com.pykj.ddashop/databases/ua.db-wal
| MD5 | 46a7c9ff8bf1033a916b92bde4a2d15e |
| SHA1 | 262b92e601ab11c006f388fa51c4ce359b965a76 |
| SHA256 | 911b6104fe6bb08520b04006ca5ba9160205043e9c60896d095619c04246dabd |
| SHA512 | 96a5863c4772291eb99ca06e69d07354b7e82fa990e84edc485f4d4f4cdb79edcd3013ea3f0890723e826e940e1bad2987a7d668f70d9f5bb10533843e9ae019 |
/data/data/com.pykj.ddashop/databases/cc/cc.db-journal
| MD5 | 89ab1cf1a668034cd3c841fbc899f904 |
| SHA1 | 7b97a8f8537c6f4656cde25ed12b229da996f126 |
| SHA256 | 2483e7b88c3286f38536c2c4e109931b5e2f76b1a9367da6f9485cda65049038 |
| SHA512 | c72732a01623ede170148578ebd571803db2c71c9b26276726022e84eed70bfe184a9ab2e8b826d44f134dd631ee5f085ee4f66b611f2b2ee91e705d17b558b6 |
/data/data/com.pykj.ddashop/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.pykj.ddashop/databases/cc/cc.db-wal
| MD5 | ac3f32e2842c9f20ef56634bd08bce22 |
| SHA1 | fbc1ec3354fa8d6decf83bea783e3929321ac233 |
| SHA256 | 625524bbb823021d99d1961342cb057b73f08bc431c910831f7417ea238cc221 |
| SHA512 | e4b55fa0f8b7a01685d8fef62bad67f1d13db99f09dfd01f9b5d332a7b27acc6068e4b577f58a6fc26385b32a1c7e502b467e73f34f3ea9ea6c5c31abbac51a3 |
/data/data/com.pykj.ddashop/files/umeng_it.cache
| MD5 | 8627ff14393cb2acfac09a5152d086b4 |
| SHA1 | e327947629f06d172519ce72c9f3ae5054366fd2 |
| SHA256 | 36f0f49004f71530ec56f8cf58c441351be4182de124c26b458d5addc976158f |
| SHA512 | c6a92a957ea2bf8895e41b6182130bab66c830977ea02bb0d144ba0fb716df1b7fbb6c1272805d9c240063b43c73a1297405ec3b585011cad1de541abe048829 |
/data/data/com.pykj.ddashop/files/.umeng/exchangeIdentity.json
| MD5 | 07fc1d8df1ee99c7d5a7b86983bf2ffc |
| SHA1 | 0d4a6f5e299743a80ff971b8e6e454c57f69b3a1 |
| SHA256 | 70188cb210ea605354abcce93fc3e90c8a963983c8396eeb18738365c46d6eac |
| SHA512 | 4ba356762cbcb255d7d0a145521e00407115f417f5b91b568454164d1afd21adb5f5ce5bc74aea20a8b8869c843fb8455e4918eaa9fecbfea161e98d02cb47d6 |
/data/data/com.pykj.ddashop/files/exid.dat
| MD5 | f1ef57a2322397fc309af93a3f42410f |
| SHA1 | b90b71ea3fa1022bc5f96b178dce9f55d01d0fd5 |
| SHA256 | 961588661d9c4c40c1b5bd6288852f3e510d7a50164f4b137a8442b8129c7f20 |
| SHA512 | 92257ff0e12a8a05882c2ac01b33a8640ea0935e8913c77f2ffe4576a6083ba8d884fae5feefe0da74cc16916ca2eb28dbfcfab51de2de0053e1208c011571d3 |
/data/data/com.pykj.ddashop/databases/ua.db-wal
| MD5 | ed3ebf330d00f096b388766946b66015 |
| SHA1 | 3cc9b7bf2ff5746eaa1c55a39b13c7977032693d |
| SHA256 | 914b170648c19f794582dd25a2385be8c899266958799a9fa7b5f26ea8f027cb |
| SHA512 | a88c425504f2a71aec773ce65218ea673a38ec080053a90c67ce9876589ef65f71c195c23a6171cbb72102f753d6bceb853af7e335af229215fe33408c95e97f |
/data/data/com.pykj.ddashop/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.pykj.ddashop/databases/cc/cc.db-wal
| MD5 | 62fec246a88320ae40d3ddc5cc24c8c7 |
| SHA1 | 7b1b8925dd87b75600e24092619ca7938d40f53a |
| SHA256 | 258d06c69e3c28f0472148707b43c88b43eaf57b4594920c4c9066224e61445f |
| SHA512 | 43ae4d5e39813f4ecaf6c8f6a329b9133a4f7854710c03bf67515f237e16f0fb5a190672ce2fd67601d2278383b621442a1227628b7cd00725deea7b7128180a |
/data/data/com.pykj.ddashop/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | 294bc4cd9e52462bdb3fec8e77a4672b |
| SHA1 | 585e7be5fde3858fb8f8f8f54ddc109bcaeb12e1 |
| SHA256 | b7c34f3e64c200be1a4bc563869469b0454c19585856e3dd8bda2163f5b87aaa |
| SHA512 | 95fde66a84bdd0d2cb2face2506058c30349ef45a210f4a29a15c47b99abbb275989d24791a72929b0723e24650e0659cf1ae8a4a74c0891357f613ee33606ea |
/storage/emulated/0/backups/system/.confd
| MD5 | 249e034c9703afc1fd6062371c7f3da8 |
| SHA1 | 9ca489179488e0fe5a35f7c0d5887f163e4890cd |
| SHA256 | 18fc5cf216b05487a87be99a662e7474bd54120f214e034b3179f40ca989352a |
| SHA512 | b819b152548431c7892678ecdf23abe44cbdcf80e8f22707ab32a2aedb5356346b27e3c3e750665ba893d602af1c7dcca97edbac3c820859a0fc20714c22c0bd |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | c6a5c157538ff0f70a921aed2a29d10c |
| SHA1 | 619deb1f6b21a3f7eb7a6dc849b328d6efc62766 |
| SHA256 | 53a616c0bbac34fe2e91c25cf1aaa8dbcdcf253384ea8001ca451fb3f8f09d7e |
| SHA512 | d1398be32184452cb3fbae6b630bfae38ebcc6712802fd1902976badba8e6d9c589147cea938e6b7393806e56287425ee2619b5930b3becf8d64911bcd7444bb |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 10d74ee230f43c17064708a543db2192 |
| SHA1 | 3e47ce2810398866755a055cdc34379b1bfe3a03 |
| SHA256 | 0dc7edc01ec8f2ac1649a80facd8bae33dd43c39a4ae77838856c56209b56631 |
| SHA512 | b81c9ea71edd629c42ba9052e4a705f2ee78d2cc677e93e154c6979f5698a9e1ffdb499750ddaab7c66fd460a92a0ad9983113adf1fbe989152127e75b44dee7 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 0d246f7972fe5fdc828fae25f01a3496 |
| SHA1 | 3f51baf6493b20a0f3facf010fb926b82bf1ada6 |
| SHA256 | 0cbd33135f662448c79795ead3358eefbf7adc5a8e869404c5a5fe2de325cc6c |
| SHA512 | 99b6f7519d02e02b04bdbef9531d6e8c8d5789736776bc100241ba274e6de6d16e22c523c461976d4ab761a924e449c2cae1dece2c14d71a0853faedbf81575e |
/storage/emulated/0/backups/system/.confd
| MD5 | 8c7f6e3b52e6e841b895bbd13644ed43 |
| SHA1 | ec8daf46a7eb99c75ea1ce8582ef77b2df8455d2 |
| SHA256 | 6615188d5d8fa77b44fbae7a249d073b3623316e7489c5fec95fe53188ea467c |
| SHA512 | cffafd628e62fa915872796ee02dd8119cfebd6811291155acd400986ee5d34b244ab3b5d0bd386566724205771f665571bcb04950d390c5c60072fdb90c5280 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 40c2ded87e90544695b1c430d3ac5df1 |
| SHA1 | 75b002439565f04e3aee90fdafebd04f9e35e9ab |
| SHA256 | 658e45246e7cdc5736d96657c08e231c38dd783a1ca7a836f1dad1c67018f03e |
| SHA512 | 3cb6f260b81d70f64bd895e22dcb8e153047f30d8c66b278e25e14fbbc697c14fabc3c682fe215c3b76f791af2cfc12fabad660cd9a448852a80622dc04e374c |
/storage/emulated/0/backups/system/.confd
| MD5 | 37f0f6208806ad46847df9707d9adb92 |
| SHA1 | a6c17a1bd2f0ce5c8337a5a88334382998f9dfe1 |
| SHA256 | 6794da04a35223ac424c0887bb4a3e6743594a1dc067fad01f853c32fa7583f5 |
| SHA512 | 7632ce0f4bda3603a90922ae0a545e82cef4270ecb9d7a88ce49b0b7cc0b5c3dc65f499ff4b7c2d807b9dad4031dfa3d327a28d24c77595efa1fdb4e2a122dd9 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | fd04dc6f4067edefc283ae65e981a891 |
| SHA1 | 1d11788013c3317fb10dd3e7cf843732c738b22c |
| SHA256 | f0222804456af9d38f5ecc5acc5eab1a994e4514c17815adcf0f9e24449c6d85 |
| SHA512 | e2b372494678d5f00536f495590193e439474ed4c6e7b3ccb0541cdd84ff20c5c44f9638946e014b5d2e4a84b7cfdb9df7d50616ec6afbfa3184ee3801d46be0 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | d2fb997c613192db17a51951d8762295 |
| SHA1 | f44257ac63f24705ed8f896f102970c5a0fdd4a0 |
| SHA256 | 476112ba976802e772aded444f0792acd286613e01336ea911579481ff84bb4e |
| SHA512 | b60dd6dae6d8a8f6b82135ceb783af4ffd23e372b62c8a335a0e3a3d66ab4cf7433cccb6f4977a5b5dfb6f00398a286ef43a388dcabd66cfc0fc05a56b811b65 |
/storage/emulated/0/backups/system/.confd
| MD5 | ec24010057341bd77fa400d1fdc21b42 |
| SHA1 | c10c495f04a5f57198bac7ad6b69d28f483dc2bc |
| SHA256 | b610320234c3a98ef538319dabc0ef297816e461a68a562269be2f0f6ca7fbe7 |
| SHA512 | e87d3d21b8f5ca1b998575bbc61151521bdd7204a26218bedb55b3de8db69453739c53f7a6d47569948e0f631bb484d7c281a14790dab321b317ca2bde44b561 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | d50d9ea788e7039ea62e2034bb3e9f63 |
| SHA1 | 14866e3151fbcf87f397fe67d7b439d31b3ef1b3 |
| SHA256 | 808704c97d0db27966fa739209e71fb22fac41f8d3729b10ab2e566b2eff4adb |
| SHA512 | 74b27b17855f66ccb2c46de063c75d2398daf16c7694896f180df91155db7e8030727c6272f9576c4cea272a536d0b746cf82c023979fab4d5d07f716183da81 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | bbd59c938bb593fdacb3ba265a1a4940 |
| SHA1 | 9aa1704e406ba081490192c34697b0772a9de4b7 |
| SHA256 | f86640f99631c49ef9c084f5fe645f26de300d3f60979b2ae6f235637888f520 |
| SHA512 | 58080916aa08ba786a8a3f22b8605c5fdcd0b3bb72f9ae0e74192470ada46d9e5497559e68c65a1ed10cb1cf65d7ecc02f30a5b055f7589cf06c4fc260a5d02b |
/storage/emulated/0/backups/system/.confd
| MD5 | 8c4f19e151d931b3859444f4a82bb31a |
| SHA1 | c3795f9a5e3b04e6e3a72ca326a894434517145a |
| SHA256 | 5ff71d3510fac032cfef0b016f297568b24e39357d3951934fe6af5f5355718f |
| SHA512 | b4970ed06ed5014da25feb790ba0a95a732a4450e75c8be311811a1af85b460c7a4b01f5196c532e56ddc1f71dac87b300998482bcb7f7b1af46fc478a3f0cfe |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | eceec013aaa9c40ef9258c3b1c2a2f4b |
| SHA1 | ff269a6a180418769a6118ab0a4ecee6a17925ae |
| SHA256 | 8ef9f86c87fa73c8fec7b9073116d5119b8e740ec48ba453aa24397eed60cd11 |
| SHA512 | fdd00f96eda08bf43312cf1a79920bad13deecc08d036f7812aca32ceec4f96eeb2767f24d49174b4c1b626740eee680204cdefe3ba692fd7d385e8ca2eaa8dc |
/storage/emulated/0/backups/system/.timestamp
| MD5 | a87c5a914c9812a35307710e5ce15148 |
| SHA1 | 85ba5b8ba74be94be84c12024cc03c54e9cf050b |
| SHA256 | 8c46a93f5c62036a75ad63092a0ca1cceeacfb56b6c66063e18d1dcd2ca2568b |
| SHA512 | 4ff81aa9641c24657088ca852904fa2cf0754cb66db1288eabbd1c291e63ac2a0f1c84ed9389d32c18844e893e8833441d17f05c98174545731756511d9381a9 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | e169bb8295ba44220180d5fd0bdbc0e1 |
| SHA1 | 88b74041ff40ec2b36ad790aeb00368263c6552e |
| SHA256 | 64c6f704ab7ac9d63755ec2d7da8c52afa6ae932ac0deed1308ef10e7a3569d2 |
| SHA512 | 93cc1ead2fd3ba6aba44bebdb1ffd4e647ed25a8108fe2480b8f7db3c778616608277940682efbc68de035fe2693e880272f16c03a3002ca98f777cbf5fe64b4 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 8259f4419900934312ecb3e83e4d2b77 |
| SHA1 | 1ed90a3297057f64ddb23d0304c396fb0057989b |
| SHA256 | 39adcda4c63a173e981ab332803b3292ab60279c9c37cdacfcc0a138fb093ec5 |
| SHA512 | 8247a92f905e2fcc8bb5102449990d54734d32b5774d6bfcf52083d7f86700f9a1130ba277ad67fa71ed95d3fff7b1a6d582507df4b3c3f2fb9aa786f3414f56 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 8af14acba9848cb678345ea76965e968 |
| SHA1 | 9d4037742068abe8776bab4a98dfa10c56ae59ca |
| SHA256 | b81f56d8c094ebe95d126c93632b010f2789aceb5abd640e8a7be04f71190319 |
| SHA512 | 2f582cba31b87479125fc9feafad13eda1d35983c67d3a2f83c401102eb58561fb227efaa725f8d87b8ca3cbbc1182e4bd752cbda20187d1d918aee333c24a2d |
/data/data/com.pykj.ddashop/files/.um/um_cache_1718182726653.env
| MD5 | 754ad3a63f1229b6526e949c2b45229c |
| SHA1 | 8ffaf6e0d9daa2991735cda5a31b2c82abd1413a |
| SHA256 | 96b81af77313961b9ee9a6e132200e60af30e51d2cd1722f9e32c381cfe11bf4 |
| SHA512 | 4c21fa0e5202f002a7040025d2dac285b1265b4b396b28dea35b7c63325a81f67c3818f4b3e9d1907c726df7a731cb5e0ad7c04c8cf6500e9ae39c59001210bf |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 08:56
Reported
2024-06-12 08:59
Platform
android-x64-arm64-20240611.1-en
Max time kernel
2s
Max time network
145s
Command Line
Signatures
Processes
com.pykj.ddashop
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.212.227:443 | tcp |
Files
/data/user/0/com.pykj.ddashop/.jiagu/libjiagu.so
| MD5 | f380717bd1e3916c7b697fab8d46c5d8 |
| SHA1 | 04f51f0d16097214e38be517d93be44cb0603a88 |
| SHA256 | 8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc |
| SHA512 | b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e |
/data/user/0/com.pykj.ddashop/.jiagu/libjiagu_64.so
| MD5 | 585208a50849d74967be092bf41ab7ce |
| SHA1 | 7b7105bc642c01784e7a301c5008f82fc3d4ec44 |
| SHA256 | 38cc9d02e42be8f2e0dcd69a0a826f9517b3381b4ca24eb1769c2880e7460a37 |
| SHA512 | 9f8b659e91f2c40eba6bd82a2d3ecdf0dffaa9a211f0a64fd52ae8f8fa713d2ff9dfa48a94e654d5797e0304ecf53546d828085d9b96b6d3a4c42131405de7f2 |