Malware Analysis Report

2024-10-19 11:54

Sample ID 240612-l66h5svapr
Target a046066648cac784494ef883e7ba37fb_JaffaCakes118
SHA256 99ce7da89b5a967a9ccd9c06c70d1c7ca8dc92651b73725f928805ad0801cad5
Tags
discovery evasion impact persistence collection
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

99ce7da89b5a967a9ccd9c06c70d1c7ca8dc92651b73725f928805ad0801cad5

Threat Level: Likely malicious

The file a046066648cac784494ef883e7ba37fb_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence collection

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current nearby Wi-Fi networks

Queries the phone number (MSISDN for GSM devices)

Requests dangerous framework permissions

Queries the mobile country code (MCC)

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads device software version

Requests cell location

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 10:09

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 10:09

Reported

2024-06-12 10:13

Platform

android-x86-arm-20240611.1-en

Max time kernel

178s

Max time network

182s

Command Line

com.sinaif.credit17

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.sinaif.credit17

com.sinaif.credit17:pushservice

/system/bin/sh -c getprop

getprop

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
GB 216.58.204.74:443 semanticlocation-pa.googleapis.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp
CN 183.134.98.102:5224 sdk.open.talk.getui.net tcp

Files

/data/data/com.sinaif.credit17/app_crashrecord/1004

MD5 02dc370b59ef1141fbf0fbbb0fb0168d
SHA1 79e59237485ea620b1abdf9a833fa0023bae53ac
SHA256 abc0d49637952f45fedc3cdf6589607d7c1b8ab84b90a854abc92a9115ea4847
SHA512 1528a7dc34b03aae5eadd9c80e9211db50be45d803f805a893ba544186e8f9d7f2d517b5041c827954fa3da2ec4114a0ab76acf06bb241ca6f7c2c1e44c80dcb

/data/data/com.sinaif.credit17/app_crashrecord/1004

MD5 2f18d16a9741287e703be764d16471d7
SHA1 2655cc348a0c912d452882637b331dff98afa9f1
SHA256 f77d95cc2a3035d40810a0cfdddee10263213a63e7f0b815b93f818a1ddb6d2c
SHA512 f36723745b84b16e1160779cde1879545a106006a8c0f01c3b0835811253805113c2a9f08970d71848bf9cc0496ec994575ca92106d11d053005ea5536e89478

/data/data/com.sinaif.credit17/databases/bugly_db_-journal

MD5 1dfb7a9a6c53b0b6b1f3c1e7aec189e9
SHA1 677b23ea3c53bc98f7a110fe7727f9434962ea6e
SHA256 d76bef1e2e707c9ae2b20da74e5fcc1c066c69f969fff468b912931ffcaaae06
SHA512 34774f3efb140b11e04c77e90733e2ffe6f887068fd0c13f1f42c0938c1864fed737c83b36742beecb06e4700d552317b21b3047f7e01bcb53d06ba9873f16dc

/data/data/com.sinaif.credit17/databases/bugly_db_

MD5 135528ace77117a30781dc3d6cb9b80b
SHA1 108748c683bcf7a8e0f6a56718b90474c7588696
SHA256 4a2c2178ef537b5913fe736e57b5a48763f79a106e6c2a17947f8f4e977b58f9
SHA512 867ce023593edc32fd38cfe390b92258dcefaa808f8cc445b9f8748d688f1ece0a7ecd65693d0c6e2e465787c224afc5f37d4cdac33fc35abb5f651b9f831b7e

/data/data/com.sinaif.credit17/databases/bugly_db_-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.sinaif.credit17/databases/bugly_db_-wal

MD5 8403ee4958930e14f0430218587730f4
SHA1 a748f8c170309e0b60bd6b29a1ca04cab46d6bf6
SHA256 451daa85a511e6f2c6f870bb27695b94d1147b1e2caae02fd46d7c32b43444da
SHA512 5c8c4fc6a3253c6182de7504f9158f3b2e1f51a680499a3fad853e92119b868d1fabb36a966de6292ef89a9b6c99e2473e80a0bcd6943bf7c789c30497c0dca3

/data/data/com.sinaif.credit17/databases/statlog.db-journal

MD5 03334458f621df4c63313c5270be5238
SHA1 30cfd447d121ecb4a9c0ece672e062bccd72bea2
SHA256 61a7336c4a14a1a4824f50fb797b1580ce50cd41f8691a872b0bfd45821feee3
SHA512 74603611d6432996705baec20f19630db89ff030a43d14dd811306529778a0cf14ada4ea4d46f99ed53e5454a3abe1f3797ef18d9533651db988286baafcc2d0

/data/data/com.sinaif.credit17/databases/statlog.db

MD5 1ebc732819ad8a3c87946a66c1b7a413
SHA1 863412accb6786a2aaf558538b032e88ea1628f0
SHA256 f61ec89d5eaa761ff487ae514c1069f73810954d9ff40001a007e38fb779e8cc
SHA512 f768f023e9d823f41e6a3f69aff73ff283e24750c79f9c151ccd84dc3d99e74a9606ffcded19268ee8b0705dc0d7d117aba98546e2f871ebf6156713fec3ec17

/data/data/com.sinaif.credit17/databases/statlog.db-wal

MD5 25f0aed072afa02f03602a3091c5b9b8
SHA1 29bdcc6ce57df1b517552d8708b69e4b942586fd
SHA256 82a99caca20d0cf223a061af06a311052933ba579791c5f8409b80366b722c9a
SHA512 84aa19c8ce8faf7abbbbfb95b56fa19d54f79360cae459699c41b7bf15b610ef681bd03760d2da94ccd11178e094d324ae684cd9610b8375f142d682d4831072

/data/data/com.sinaif.credit17/databases/statlog.db-wal

MD5 ccb91718ac020126a707d53d3892a571
SHA1 0ed06dd164c385493a7b8255603911b3f09f87bc
SHA256 17cd49e0de915816da700c02a0f53e1dd3d0041ddf50f2504792e3473e4f95ad
SHA512 6bf6f0e61dad7b8f040c13eb71e18a9bb43a07d62ed37a46c9b0197e58e9239440e4d0b9a043a6af97afeb93d8dc44be25b8356f4ed367d869232732d8a0e47b

/data/data/com.sinaif.credit17/databases/statlog.db

MD5 51ee399d891da7a274f8ff99a7bfc392
SHA1 0481b3ddafbce69ef9a7910811f3b2cf38a8e4c3
SHA256 c0d2da9dd35cbdcacf038c3d7ee9e8b5dfb39adc23f0c2e7cfa0b091d574c3f9
SHA512 db3af8c8ca3670342dd2e2a8f9d7d8d19946de50d4c88db3bcca9228c77b0e7c215fd68ba1b9435ef262f4f0c6027af0a1b7a48d0d48d2322481aa71b3cfb6e3

/data/data/com.sinaif.credit17/cache/td_fm.jar

MD5 59a240f9a50b682069179656ca0fcb81
SHA1 9bcd5ae769a8fd99af5c4b01f1b09f3a36054aa9
SHA256 939dca355c8c6a8a114ccdbd619a79f229d22d3615e4bcf5ff2177915f307412
SHA512 23fca85588494b1effedc748cb8d1e4f35e2bc7ed4054128d5115493f63e7e33143da05c52ddb9f5d2c940adc04738cf2b5b9215f9253ad54e9d92adc2131b39

/data/data/com.sinaif.credit17/databases/pushsdk.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 10:09

Reported

2024-06-12 10:13

Platform

android-x64-arm64-20240611.1-en

Max time kernel

176s

Max time network

188s

Command Line

com.sinaif.credit17

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/su N/A N/A
N/A /system/xbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.sinaif.credit17/cache/td_fm.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads device software version

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getDeviceSoftwareVersionForSlot N/A N/A

Requests cell location

collection discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.sinaif.credit17

com.sinaif.credit17:pushservice

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
GB 216.58.212.227:443 tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.102:5224 sdk.open.talk.gepush.com tcp

Files

/data/user/0/com.sinaif.credit17/app_crashrecord/1004

MD5 c7cfda9733c02623417a6ae9ad36c05b
SHA1 448a7f8052c2bcfc8bcaf190dd7e8d1138f710a4
SHA256 9ac8101281ea7978af9c294ca5c99d7ea153376acb939e97ad0b2ef0799aadd2
SHA512 012cffbc7c2d0175554a87ec9ed433a19db8b099941f4557a5a4732240bdcb997fae77c1c0629a88ae4b72d6c0751afa50536dff5a71f2b0348c23f5c1506951

/data/user/0/com.sinaif.credit17/app_crashrecord/1004

MD5 62dc7f571a0484d488ddd5ffa9edad50
SHA1 189236ac83989a8586e64b265da9b631882dc03d
SHA256 5efb5173023a742a2e473bc95dd89f7db13b61f183d1f4b78d345993ff734499
SHA512 5be34d9caa3ea568f24aa048f34d30c540476389d741fc81268b8e23bdcb0417193e82226ed64e0810b5703d423afb95f5685fe83baca4899911e3291189db41

/data/user/0/com.sinaif.credit17/databases/bugly_db_-journal

MD5 4fedeb03a8ac7cc5e0cfdf830e459534
SHA1 3b51a3c9694110eaac0268170872cf117d870a49
SHA256 bc344b0ebd95aa307bafa701d7970864f6a71390624ff68553365d7d399df062
SHA512 7f7611091acbe4b450cd1e685c746bcab3fa99e97842dad359dca78b9b37a34791e5697ecb454f37db3473a951cd29e8ef5030dd6fb865ab3233a3e121fc5ff7

/data/user/0/com.sinaif.credit17/databases/bugly_db_

MD5 adf5b2ba4b8a06c74c1d5d75f02f62a0
SHA1 f03c8956acbc47e916d2c13bd3dc1f06d0f0a7d8
SHA256 860534463ac5f8eec37154f332635cf3d7f58fa8f7143d102bfc4bd305aae027
SHA512 f9c98e945f3931cac09305db65b0e1152aa0323b3e760200a16b41f69219be18bf165c27d7dde32a10b0d28f97a212e30f3cfd6a259cbb71c6d8ce197db65d94

/data/user/0/com.sinaif.credit17/databases/bugly_db_-journal

MD5 9202beaa1ecf33f19366060062f4aca1
SHA1 10e90ed4fcb067bdc8d10e5889f5dee935550ab7
SHA256 a95ff1a9104d750f04420fcb36fab42128cdfa5972fade7972b48d7424321b6f
SHA512 4d734751f1d38af9e32db1f42d98d3a2380e0760c4d82e903b81ab4144394944276cc0d3184ab2a2ce46b54809eefbf6dfe1a087eb938460e2bbc981dc31d7b7

/data/user/0/com.sinaif.credit17/databases/bugly_db_-journal

MD5 dcac1f3d642f86db28155f6c73177955
SHA1 728bb36323dc51475af2fd090620313f62d822a7
SHA256 a6fa51d5364136776fb8713165c81045012429d948729a3dcf1ed065d08e7296
SHA512 77300e3f4e08a8d9bcaf7ebffdd8d478502119b801ab8508acb28eee1e5fe517a1dfa1fb9ea9e60eb9a0755c373ae739b615cf419668f6e9755f719b18422543

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 d2659024087ed385327026b27496b5a9
SHA1 115418dcd40b29c06a1e796e6345b3ed282fd3af
SHA256 98330349f0b571048ad2760b35648eefcd8e4cdeeb9caac3134efacbd88b103b
SHA512 7efa7e6d60fd4cfaf707fb9ebc80e4a21a0aeb0cef7db4ae407864c6d44dc05bd0cbc9967ec90cb65d9bec80e2fbf75a8f40e95ad8caea529bb53a05c47fad81

/data/user/0/com.sinaif.credit17/databases/bugly_db_-journal

MD5 bb9cc0ccbca1aa944865a72a6568b415
SHA1 c7d0f703dee7ca431aa75f336046d9de6d9d07bc
SHA256 b8b87f4ebce323e1d78854e80624ee624453c3cfa24ba9dd3aa03b4173463bcb
SHA512 54b727e2f63a448ccd2c8640808125c0bd3fecda3c25ca559ec93820559ccda71a083174050d387ea1761bc57e90e9c4213d06b561630b60bfd71fedb1b79991

/data/user/0/com.sinaif.credit17/databases/statlog.db

MD5 c8b860fa5d9244011b8c13ed91af4dbe
SHA1 9fa1e910f10b9ac8457283e6dcb58542516938b4
SHA256 8dee7bded2422a8b2046a168716165415a7af473657079cbd07aa8124de01162
SHA512 0e532293b087ea64017e19d74414811809cf7df645154810b347008f4a7df1af5a1da84f2e642408b7cb8f6326f5a9e707c3c32ca98627a223cc88ad392d1203

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 7a5146e82068256d5eae20aac45f94b8
SHA1 33a618d4b97ace4381c4bffa1bf6fb6f086d8248
SHA256 023b9580a57f9efda3396b2b4108273034bd63653475c10eefb2b4cc2bd76235
SHA512 5b17c45ef522c6fcb7280ee0b8888f5fc09d094acbb0155579e44c247dd4efa150796e09889d3a68eb7ae0bac1c27c999589757324c66ffbd3bf22666317dd00

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 2f4bbc29559fe3978672cc46e634600f
SHA1 349c6eaf93ef6ebd54deee0d2d42d67cab79076d
SHA256 f5a07bbca123dd7ad9b589ed143d61ecfb6228066ed1b0279f6708e0123fd7da
SHA512 0c1389fef7f5eb2c2d08e7acfebf512cf0ecfd9175d54c5036700e5a8cff593b98be33292a53d899a8cf103cb74b143a11805025086f6d0b00b71eb108e85c38

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 382f24e1ea47ea2279d01d9e5a46f109
SHA1 efff0f2e31562700992b83db3f76d5348c053682
SHA256 cbc8eccb0102d1220f336f593041ef7c41c89ea74d3ff6464a0a4322d7713ab5
SHA512 687a430eae09e0c0a7e960156dbda39ede4acd50ef47f4f42144b28f6c65f9ca0e1849cd7321be9406d1dd1ff2f7d369bb57adce1db16bc6385e7c4d96541c7f

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 a8c4ed9df529f920390ac8e49a6b25a5
SHA1 ad62ee520a678899e51d0eb6409408601df1f4aa
SHA256 1ad31b23829747178621d16184475a08d56cc3ed6c1e7c363f63d4f96b220bf8
SHA512 dfaae21f05d499f12b59e01c5ded2c777b69d40769d9cfd3f2d7801a8c75c22f60bccb10be230e58fe6f90518eebd065759318a1e71636de0fdc058da8eeea79

/data/user/0/com.sinaif.credit17/databases/statlog.db

MD5 a379a9041828024f9847a2b2f70ef333
SHA1 cec27209d3f42c89f433aff94aecfd24f1967099
SHA256 96c6e99ac9c32e5f1aedc957e6e0b24d502d627006a339d012741e22916eef61
SHA512 a9651e6f3bd4e2b0edb465dc87a7a4fa1096cc99ac261ec1fb9c967e3350bcdc93dc32a2d49bebd80676f2ddd1e128b9c3d51747b81120c501918b3609651bdd

/data/user/0/com.sinaif.credit17/cache/td_fm.jar

MD5 59a240f9a50b682069179656ca0fcb81
SHA1 9bcd5ae769a8fd99af5c4b01f1b09f3a36054aa9
SHA256 939dca355c8c6a8a114ccdbd619a79f229d22d3615e4bcf5ff2177915f307412
SHA512 23fca85588494b1effedc748cb8d1e4f35e2bc7ed4054128d5115493f63e7e33143da05c52ddb9f5d2c940adc04738cf2b5b9215f9253ad54e9d92adc2131b39

/data/user/0/com.sinaif.credit17/cache/td_fm.jar

MD5 b94b2179695252d2d9220e97d14e2557
SHA1 3a0278afd368d25a40670745171a1248590e92a5
SHA256 a165fd6c0ae33cc8162e164a63b5e5abfafea84a4ef69b3a2845dec716046448
SHA512 0ca17f898c9fe03cbd1cefd19a021b351a7f7432a8520f7527900b9b553dadc305ec2e8ae51ac6eba6deacaa1472ccbb01bafae98646158234ba29213da1c1e5

/data/user/0/com.sinaif.credit17/databases/pushsdk.db

MD5 d96aa7708ddb9258b080ac4f924ac018
SHA1 5a452dda5d3dc0030064cf86f01390bd437e14e5
SHA256 6d0952dc27acd0f1d328e51f8ba42a4c26feb2607beaed8d9f276e07305b016f
SHA512 26d2b7ec55b747c6c8035604adcb6395d4dd51df64b6f16af479a6c856781a9045f6ba13d66e7c7ce60af6f397d6c619589d742cc2df9a19bbdae837c02a6283

/data/user/0/com.sinaif.credit17/databases/statlog.db-journal

MD5 1788a47ef21c0f21474a27e6ec1f6f1a
SHA1 e288aa48298beed0c5f947894c9d5ca9ee5f9c2f
SHA256 bd877cbb7b278258289fdfbc3a8d67fc7cc1234478f2ebc12bdc2c677de585c3
SHA512 a3038e176b1100076fda8999a14a09003add8447d5f982344de12e566abb36f6f7175d2f50cdbef2104c89aefcebfa61d44f86faf83219f62783f15ab3ec1d05

/data/user/0/com.sinaif.credit17/databases/statlog.db

MD5 c4e807ad1cd05c0737d6e69cfde9db72
SHA1 6164bc2ad469b40ae9923a466cb84edb0bdb6a5e
SHA256 f33935e2cff89ab460199fb73471ee590178408f9cea08a0a0d03755d172eabe
SHA512 7c87c5ed2157b03eb4182983cbd859d76dc638772626d3502634a05d2d0ac7bbae9d35e7cd769a0d7c56b8f5bfa0de0eaccd9ec6ef1239b08e0fd68acb7bb6cf