Analysis Overview
SHA256
35db68b82a03f23cbcb4d4e45f1bc6bf80aa0a93c523dd1fe4e7978febd7124a
Threat Level: Likely malicious
The file a03bc1695ea924cf5a3fdc673ffcd8b5_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Patched UPX-packed file
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about running processes on the device
UPX packed file
Requests cell location
Queries information about the current nearby Wi-Fi networks
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Reads information about phone network operator.
Queries information about active data network
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 09:53
Signatures
Patched UPX-packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-12 09:53
Reported
2024-06-12 09:54
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-12 09:53
Reported
2024-06-12 09:54
Platform
android-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 09:53
Reported
2024-06-12 09:57
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
185s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.dream.recruitment/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dream.recruitment/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.dream.recruitment
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.dream.recruitment/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.dream.recruitment/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.dream.recruitment:pushcore
sh -c ps
ps
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.pgyer.com | udp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 123.60.31.166:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | abroad.apilocate.amap.com | udp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 123.60.31.166:19000 | s.jpush.cn | udp |
| GB | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 120.46.131.222:19000 | sis.jpush.io | udp |
| CN | 120.46.131.222:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | restapi.amap.com | udp |
| CN | 59.82.132.217:443 | restapi.amap.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 123.60.31.166:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7000 | im64.jpush.cn | tcp |
| CN | 139.9.135.156:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.135.156:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp |
Files
/data/data/com.dream.recruitment/.jiagu/libjiagu.so
| MD5 | 50750315eef281575611bc425174b939 |
| SHA1 | acaff02526d7b4c257e00002ed09af364f66a401 |
| SHA256 | c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef |
| SHA512 | 60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9 |
/data/data/com.dream.recruitment/.jiagu/classes.dex
| MD5 | 77eaba6aa2124cd2f2e832ff2f95ec5f |
| SHA1 | 87f88444bc7ea1b900fd2b43904f937cc3579716 |
| SHA256 | 6214b5429a3ca2ad8a4d849fa1db8aaf2fb2c71f27fccf7026a380131939a538 |
| SHA512 | 2019f70985eea24fd1f7812f5ff75c11851a35dda6b193b5ce44b0118e8291e0d92b0d8ee8f8c7bd09fcc6d82894c4ad64f1b722516038ec40fce0d2f4af6bef |
/data/data/com.dream.recruitment/.jiagu/classes.dex!classes2.dex
| MD5 | a1cddd046acf5c3f09e5cd6a6f460e93 |
| SHA1 | f7d1259d234214cb205334ed60d4977b988c3725 |
| SHA256 | 978fae90c6616fb3c9c6a463469d854cb699877649ed8400a6d218b2846ac086 |
| SHA512 | 0eeafa5803243813d6ef83d8c9b2903bfadd627a891b40be11b1e6fbfeb422f810bf2baad2b5ec799d3f04af86a95bbd812186010f1b0732fcf6183f2fb01fc7 |
/data/data/com.dream.recruitment/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ri
| MD5 | 3b155b00decb000d98a83311fb53b2e0 |
| SHA1 | c67cc40949e907d256bebba95370c3b0ec038b7b |
| SHA256 | fcc448c7f16b2c993ee66427f926d5418db2bf0d8be7cc1d3c77b1f69dd63704 |
| SHA512 | 5dd1bc4d9d70beee87b219be80744db43e61e96d0ab586b280b108c05216be823a5b61f3fc39bb4efe0bb2e3c1f6d3cd3e99429dcf362dbde47390ddb11b37ac |
/data/data/com.dream.recruitment/files/.jiagu.lock
| MD5 | e173fb5915eb64fbd1e39a7d1f9c79e7 |
| SHA1 | 0ff577246e103172093c4b9cacab520511bbccb1 |
| SHA256 | 0289c0e7d02362edaf3ca7f87a8fdde132850e3b9ad5efb2fb75d713734cb46d |
| SHA512 | bf6a57d35b51aadd53d4a3b390ffd36ccecbda1d9674d799085c6536f0bf65c3dbf41e77f895aaba40a0b7ad38d2beb8009cf06a559464aa1e4974d71b96aaa5 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.rd
| MD5 | f8f7c0b6a3c975930a855b6acae7e9bd |
| SHA1 | 2d09b9c5851a6317d06506a7c581a23c36c479df |
| SHA256 | 97e5d82df535128ee935de31e071aa76e01e0ce253135f2ecc378a7dcd37c3b1 |
| SHA512 | d223362dacddc47245492abfc6f81b92954d145a71ba1e900920e47c605afafc41f7ce6e88b1115e6bbe059ec4f65ccaf235314c6c31755d855810bce49de69d |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ac
| MD5 | 9e2a15dc7c51f31e6ae5a3085cbb58a4 |
| SHA1 | 1b6eff513bcfdf9724069340c95bc16684d332f4 |
| SHA256 | cedfcd1b14db8d79e90a912252a42f434eea51313f4179fcc0a754517aeda4a1 |
| SHA512 | 84dfa0d316a8c19988403de107a94f6f4684c06c0870d1fbd7bfe6d6e17e1fcdb6f96cbc61a7156b4031fa9c2d9ae77fd95eb0f6216c1f67ea44a55d7de50cc2 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ic
| MD5 | 47259428bf916543e4e7e7610aa0aeca |
| SHA1 | fe9493ece7adac484273bd057f7f0b7045b67dac |
| SHA256 | 25f5ab0f29a0744dc8eb2bd11f293dd015d8aec9984591c8ebcdbd0d0019f58d |
| SHA512 | 45e1736620eedb3de6d46cf31badb40512950e10b2d204b48c5f25356d110e58c8595a0c7ef225fa2c51e8f70f075c4ea8dfc5e76059e1009bc1b579784b8da4 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.di
| MD5 | be21f0068ccbe2f4d7ec4639483a2fd8 |
| SHA1 | cd82ada5bf834f357fd9b9f41ece690d53bc40fc |
| SHA256 | 0621086b9e70f055b1182036910e92d0416734e32b21719f876416568a3dca68 |
| SHA512 | 5e76db1a5b31e563218472f7ca38e4d7cb1b11d6c97b00da312ef4e535f6d45e205112f1defd8a032fb0cab58c0d4445f829edb0a5573019bf4b696526c77e4c |
/storage/emulated/0/360/.iddata
| MD5 | 3102636d3b9940c8ad4470657ce77469 |
| SHA1 | 2f307170eaf8562d5790dc4dfc6238e929bc992a |
| SHA256 | 96ba085ae1becbd9288ed3afa552d11d4db311682d3d80c83173f5e7f77a5242 |
| SHA512 | 9d80869f0abb72c685c5b90c4c437f8325ebc0d243efc946d30d4b41e4d3e252c8fb7ffe939045a94f24959779dfe2ce0e9a2a3e2ffff7bce9b2594aa275951f |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Android/data/com.dream.recruitment/jxfxkjyxgs#kunyudongnan/core_log/easemob.log
| MD5 | 8f6e1ad88671783738de798d67fbae2b |
| SHA1 | 0069aa210a9ef13c3be75c2f649ff64770ca1165 |
| SHA256 | 2db938450eb5cf30b486ed40da0e1bc99e4873d117cdd499f4cb0b302f83c5ea |
| SHA512 | 0f87b2c5244a3d426a42c0bc9f00dd67da844084da3c811cb4ea90b51eb185c337d0d43a8c662d9c71a7719802e376a20a61039449723fdfadeaaffdbb4b5cdb |
/data/data/com.dream.recruitment/cache/com.parse/applicationId
| MD5 | 91acb7a4a0161c5a9903f73904b12125 |
| SHA1 | 86be65aae5b6e7dff36c2a87572e8825717a84e3 |
| SHA256 | 240c1bd1da4c51d73bb3d03aebf64f8d261d2114a9e41669a6e677e4db3d9999 |
| SHA512 | ba6d82038a6a57b0e8e665cb90379636e9b81258e08b439152e4e8a4f8babd7623a6e7cbbd86ee599ef1e109dac071aa476fd7c314e5e883933c9d6584aee1a9 |
/data/data/com.dream.recruitment/databases/logdb.db-journal
| MD5 | 6e68c434a86a023b99841041c7d2259f |
| SHA1 | 9d305f4ab3aefc01faadab7675815a6a99d9c8d3 |
| SHA256 | 9d7031f09727dfc5eec5b54a27a8287dd5c0926dd52808da8d96a7c8df105cdc |
| SHA512 | ce52959fd7178543947aa9e0c6526a52fb4db269157979375d7b4d05dc8cbdfe3ae6916a43295540c0b4441a4feb4a29a2b362772393fc31dcf8efd90f5b65a6 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | f472e31e89db74ef438fd9c43c64e5c3 |
| SHA1 | 802cfe520e21075ec121fc04a95095efb180b350 |
| SHA256 | d03ad8a5e6457c8faf3d54d6628161a32d48cff6af61dce08711978da4f26296 |
| SHA512 | c544ddc7fe22bff6993cebb0c0093d398dd48292b2fee605abee5af6ca734ec21161af8fbc11c1c33363ab0f2bb85c152c3aee745f1f457d84bad305aaba3d4b |
/data/data/com.dream.recruitment/databases/logdb.db-shm
| MD5 | 00b840624badb7c0ee507942af74669a |
| SHA1 | 358997a3be2a7a399c8195c42ca72afe03769231 |
| SHA256 | 01f8339fb9c7c1907d920d0555fa85e0a651414d2bca021e087e95929d4dcae4 |
| SHA512 | a2e60d9869a27626b74ac081f345397a52498c7db71dce142a1d81a072f10dbeef3ca23a869143697844bb884e0a0af7921f66748ad1e60518f484cd340a61fa |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | b1c0813d3c79b33419a761a5b2d7ff31 |
| SHA1 | 0ca47365f85141f1da246f92229f337552a9eb5f |
| SHA256 | 18efadd9e828b8c032218bad6104357987d676091d7383b0888357a223f1b83c |
| SHA512 | 8b6a7f55026fab65d94c55a1e592685037158dc59665e35ca933acdb46f3d09b45c01beededd79c93cec820d4db5f07ce09972382da888819fec8cd5f8869111 |
/data/data/com.dream.recruitment/databases/hmdb-journal
| MD5 | 363fec39f4eb95a41c6937370978ba23 |
| SHA1 | ddc8daeaf5ab88a9377c51f3f3de3fd1e852ae6e |
| SHA256 | 57d414e19bf3306da6a50907439b9e39b20742fd1390b47299a1d26d7c871c65 |
| SHA512 | cd7c3454557e08a6b87a1424b596668fed42a575da362ceef5f55195214682c4ad8cf043e5192cd2ef09ec4b1488630d999d48c486c8c2622899aac18118ed1b |
/data/data/com.dream.recruitment/databases/hmdb
| MD5 | 0e07edecfa7506a3b24c8817f27f1961 |
| SHA1 | 491b8291706469b2868f4ec7c06aa0cca3f3ed1c |
| SHA256 | 3e27b3cc521e9f9653b9127ef357c9a439716a3261e8571b8b703b0c1808aa56 |
| SHA512 | 1cea4f6fa4c72664dc0b6dbfe5e07abf9de6dc48ab419d4eefccd4b89259efbff7a07e59cb5281e9522d47bf64ba58c200d8337cda3743049cfbc5ebfc84b9d8 |
/data/data/com.dream.recruitment/databases/hmdb-shm
| MD5 | 82283f0a0983e74228d7ac5409fbe41e |
| SHA1 | a97c98139b42cc7d0d9aab6c8a33a4c400912ae3 |
| SHA256 | 75836890e63f2f6593dd6d0a970884e1530976a7d7877559d554936783d62a68 |
| SHA512 | 21dd3dc614e7a17e8bc6a772fb54dce06615b61d201775f34ee30e7482d51defcf97f450edb839713043bf8041a1d3dd4a8042fa36e34920b53eeef614ddef97 |
/data/data/com.dream.recruitment/databases/hmdb-wal
| MD5 | a0928247aefff2530de2f747e7e69b64 |
| SHA1 | e41a54242acd909600e19cb4d0e0eed40fe2f721 |
| SHA256 | b7a31a6070ad7387c9a24b7fe78676ff592e0bda1ea37302a5aa26c1763e500a |
| SHA512 | c30ffcd734ff6e51cb82833aa54bdf85d6fd48c226cd6578b683452f7c1403175b9a2972082ca57b6d48e4ea6195fd89957888c1a5668fdd4838376bbbc01224 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | d600a1a88070c2b842dac21e850d4a80 |
| SHA1 | 22bb9027234bd6a09e29a8a01badbc0318974892 |
| SHA256 | de22af3fad534fb094f92544ae1fd6b4ed82d29ce6b2530e4b7709a9fffbcb83 |
| SHA512 | 3481b2563459bc29c1287e0b03529a98f5927da70133cdf31618efeb9490c53ee7ff9d1e477ce66f189cff9c34d1c0638cc8cfea165778ca5ea45f51ceb4e94a |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 2d19f1be0ba7106114404b3e20dc7da1 |
| SHA1 | 7b307f72ad2cf13da3fdcdeadfb6a0b398d529cf |
| SHA256 | b88c18c54c07f34e2f11c7be2322965df84fb0bf03e9005063b716d4e126fd9e |
| SHA512 | 196f1168adad8b6eeaacd24b7e7da2d7e5d8951f398d881b77199c63d25a0f7ea8222e017c4c4357734b793f33a6a6344337031ef23d7344574e73b6de405465 |
/storage/emulated/0/data/.push_deviceid
| MD5 | 4cdf945b94ee0ea496005b3156279f58 |
| SHA1 | 67b419b7daff463f227c627218958cb6fbcc0a3e |
| SHA256 | 83fbb3e482068502f6b631e95d07a189444a9d8414f3b37049f6839f756ddcf6 |
| SHA512 | 8fd5d3ba9a0b0c9d3ed35d6ffde667d99ed3d5ee9c2dcea6de2c0275bde0f764d73ba826c1122ecf9255fd2d852bf38aab5432cdf6da134bd0aa72a7b961c509 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | b561808028ccb6b5d7e90b2c58575cc9 |
| SHA1 | cfbe082ac9fa06a4d8d380b56508b861f8755480 |
| SHA256 | bf790a1363b267c65a4219365aa3c369ba363e1a384cf97785ed51ece0abfa0c |
| SHA512 | 73ad96e3a62b972b2488d28d1f3f9e4a4b293d5bd3a6356f4cd8217afa0eb2eabdea4524649687f14d6b2e65657dfd9ba7e206bbf5d150a59ce4923c057c5ac8 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 60e918a66670488ae5e111bdcbcfa95d |
| SHA1 | ee81e2f5ad9a7301adfce5999095370e532a43d9 |
| SHA256 | 0126f776c2c01bb621001c4d80787b706902fa8fdd89fd1f062d063ec74d5313 |
| SHA512 | 1abb9311fce204649d299a19efab820981c427a8f3778a9848fdfe99aac19fbb3d62bdc4f5fc93bad66c090d198e9db33c23066041207272f2942272167796d2 |
/data/data/com.dream.recruitment/files/jpush_stat_cache.json
| MD5 | 1e7073cc86e7ab039dfda35f2f9bbd47 |
| SHA1 | e308ab8be1796fabdf5fdc134e3bc28f14f2a226 |
| SHA256 | 8883795af04a8eedb450ddd0f0e8dfa1940a058c9a259793e6dcb73d83636735 |
| SHA512 | 748135c8e264ae121156a43f2aeb7092cf80ee799332586bc093d448ce53b13cfae24ffe07db21d8ea86c97343bb477b53d2a1280b9869fbf11cc6578f8dd366 |
/data/data/com.dream.recruitment/databases/logdb.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | a5efc74a4fadc116259c4b22e64497a0 |
| SHA1 | 0fe58e64aefd91b213cd377f62d0cf67ff940815 |
| SHA256 | 061f96388f3e08e9a5e97666cfa2ffddb1de261d57364c6d42a16af3b038853b |
| SHA512 | 4549a2efe5465e6aa3d25859a79d62795f3dbed52bde6cea2e1ade491d10e4ec11a6a9caa374ca200be51b75f23b1c4a5889def0d7cd5e5aa78bf38ac4c007bf |
/data/data/com.dream.recruitment/files/.jglogs/.jg.di
| MD5 | aae7fedbee3ce8c2fbffdb257a97bbd6 |
| SHA1 | f7f14049539f789811d50636c939cf8b3920a0b7 |
| SHA256 | ddd9533427a88906a834711b75ff1a218207b54cf323e3554f04823c12a35730 |
| SHA512 | 3636d2655bdac3f16b62e925002c71488ac8e7d65f146fb6f318f46e19f32b86e6ac4f5f6c96b9d37712822b344ae3f89d0afc5eae0e695d9ea571fc3d16f4a9 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ac
| MD5 | 3f36b726ad0bf8749ef72ab3b426fb9f |
| SHA1 | a736b8c4cb79e093b3089275d62a04940cace0a4 |
| SHA256 | 9596183367785b8e4d62f698125b3faf0d06332eba85643198bae937206f3538 |
| SHA512 | 8e3b25d4d7f6b364f48647d53a5a903d87a293be65d29113d642053a58a4e62510ca02e58af5b602df13921f16f1e529a62fc0e557e34a1f78abc6faf6b35557 |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal
| MD5 | 226605e6645cc557ceed5b489dd5fb06 |
| SHA1 | e7e419e0c0fcab6619278530189af4181627e4f3 |
| SHA256 | ba6b91de7293ec5ba6cd62b63e2e72fe7061a2b14765c1a3a719aced6c6cbda2 |
| SHA512 | 0d01b470afbd755ad58da3613710f310b5b1fcf7f97a10ca167b5a1784cde133d098cf5e640c321058cef4c10d2c4c4e5ef4444f99e9e81e0ec48e1f6b071e3d |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db
| MD5 | 731fba9d21f23915576ea5dc2ea3ffb8 |
| SHA1 | d1fdbc209db8b71d1b4e5341e75b8cc88647146a |
| SHA256 | 87510194f38897a04cd1f80bd6fffc3344fa8ef21baa61de020a2e790a7268ab |
| SHA512 | b643177cf3a30543342d3a521a2dcfce70df4ec450b040e2b61d8692bbed4b3cde2f9f304cbf496869b89455e3cc6a501e8ff720edbdf0f6898e6a5f31fec25d |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-wal
| MD5 | 1657760f2ce209268a0bc51f3849b7d1 |
| SHA1 | 77c805677e2765e91c1989fccd8e6d8e34c85667 |
| SHA256 | d88b79e0f28e82f612d5da01c172109b6db98e2ec4885bad1a01f26193869aca |
| SHA512 | fee604cb063c99d7a4d5c670d2bc30eff9fdca5eeeb8d708594ad73c7a751eb9195a1706f0971db439b283f6230eb7d26b722933497ead0fd0cd1d85af8f76dd |
/data/data/com.dream.recruitment/files/a/b/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | adf74c6eeb18424ae96792f31795a85e |
| SHA1 | 2a1791759434831de0bde90fb1016ae02fb44875 |
| SHA256 | 9dfe39523699289bddc58b5d35346e131916607ca6cba18336133700429c065a |
| SHA512 | e39604cf92527f820533f60fb94ec3bce2a75d5192e9009bf1218b6a570fe53c791a0d23860ffe33517431d00d7e98763f9c930992b68ef430a9d7f72ec0a5ec |
/data/data/com.dream.recruitment/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp
| MD5 | c90beaacef3832c56e0fe9caa94b6e17 |
| SHA1 | 53cae00732e41406586a1d77579988f566814bcb |
| SHA256 | 8d324cfbd51e4349345693393ece3c6d752d983ea0bc43b9708533a40d93d09e |
| SHA512 | d23e280fd69b1171bb02e2eb5024d2f83ec53077eb560217e2ee84f8eab2263041459fa800b6f8bbeccd6b2edec67aaec8e842c049afe8e0f2f4a883542ee703 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | 69cd2e3fd4710ab842d9ee7a4fa56459 |
| SHA1 | 56f0e03a953b385cb87a8ca34a9037d0ee5fd6bc |
| SHA256 | 96730852b257a9dfe8c04b5c2922b46e6dcc2bdaf7ef804f6fc17bda0042e724 |
| SHA512 | 38dcd8996d927a7841c19ec8c5597b5112d1322e743396fc002106ab46e117f1dc40c51b0d68b017a140600cbd24dac950f57571b5af3d75ef0ad42e9100c340 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | ea8985a75b326163e0c57f365935a741 |
| SHA1 | 65ffcd52aacf9bcdb776149626cfaa9c9556f147 |
| SHA256 | b096245a8bdabebe026ddc838db0b4f9eac5f0219101066b318c024aa3a50421 |
| SHA512 | a8a6489f1825e71a73d4d96d27d0759b410b78684c190511b2b98ed4741b18cc6d03412ac994bddadb862c5dbc433a2e7ac34419ee50d2b0179933a72866943c |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | f854ee43e675eb02b015dc153eb50e3d |
| SHA1 | 223e88ee27918153215206c5c51c6b25978842c9 |
| SHA256 | 487f3dd629efc4d2b9d610e378b11117a66bcd8d31192ea30e615d5d3b7632f5 |
| SHA512 | 375981a46c6bfb48287d46f6e083419270a9f01a7c624298349606b2995da723af0e33637d800179b3e873c620e3d71eb43599a9ff5bbbc580924d3fa92077f3 |
/data/data/com.dream.recruitment/files/a/b/f533337ed12cb4e7c792a32f24bee6cf.0.tmp
| MD5 | 7db92b931d67570f6a9cf785344dff15 |
| SHA1 | 2237b5fb11ac46023d4ad02e438f1d9150316dcf |
| SHA256 | 9e4fba3af0f22a20ddc9e9058a9c3ab9fa77ff7bed126900b4b5dc56fb13ed9d |
| SHA512 | 31162b25f431edb8fde1080be047f7f221ed252ca12c035ce91fcbbb3f0d20c2cca2bb3303c2407908615cd4190707a14fcf00849085da88dbf0c61ce76ee0e0 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | 6668283d4fceb7322efa52dfca4edf22 |
| SHA1 | 519eca8caea20cb91280dfa54b5bc65f24f8cf5d |
| SHA256 | 58e55836f5e82586109635446ba1e8ea3f0833dacbc76dc4e2b8206f9dcf813b |
| SHA512 | c7e092f29364ff89672fa5e678ea4d1bbc0bb3a4cdb9354e403e70cf28d8fc4bb4af072e84eb9e7495b99decf35e5dd67e593a49b77f72ab322402d46728c5c1 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 5e53c0d3768eeca8f031d0ec81606645 |
| SHA1 | b20088af219586fd84f089be88bae8feb564f028 |
| SHA256 | 191dce4acf3e329d166e052aa99973641a2fe1c4527f4c45cf778c8431104da2 |
| SHA512 | 6658f8670ebe658687e1375238ca012967ce28bb16b912ee13e923ccc45db7280d5bc2fd4a553ead63cfd465adeee61406606f8bf599de564ba229743d970e3f |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | b4e5df3232017f5cd435cce6d67d9829 |
| SHA1 | 54efbb305cc17b422f7b8a302e1139db358e62d9 |
| SHA256 | a7103dc8b0f25f5f7d0b6a052c6e7cb5c4254e826b35eb852669f30d63c2335d |
| SHA512 | d77699f939b130260475d1deb50069fbd43435e83ddf85036f49bed3ccfb9353d0907377265eedcdc754ac96225a16ceaacab3920b387b1d2aa38c2f9c3226f5 |
/data/data/com.dream.recruitment/files/a/b/95f52b29dd00cff48e643bf76ba01465.0.tmp
| MD5 | a9628bf9ab230af3c44cc70262d2be4a |
| SHA1 | 8bd6103fece611069ce6f3aa62ee9c6a228ae8d9 |
| SHA256 | 9b7d2d0f299b06aed058d9e6d523ea230eb779b3ce6c45932a173258c9aa0ed4 |
| SHA512 | 8f075a06f6549543580a60c446e5674f53f133f875ecfd2b0948a543f7afc8d93eecfbf89847688feafa840e1acf112b2cd8ef4a7df6000dda94bd95fde85fd9 |
/data/data/com.dream.recruitment/databases/logdb.db-wal
| MD5 | 0caa42f01124b63707ec31ebf49d9071 |
| SHA1 | 8c940f4b366932691bfc9ce9b7ba56941667ac24 |
| SHA256 | 1d0221ee959196dbb5ab2b2ce5e79eb3e2996d17db348408b3cb2c87c4366ef9 |
| SHA512 | 6205772bb6471450fb93bcabe4a7533cca640a9ea74455a2635e1792fdceb4625a6c2f87eea4a0c5e712ec07eee49c871c16361022550fea0b574dae46d80cd5 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | df8d920ff3c64ee43a87404de68c8d5d |
| SHA1 | 195f22c74f4a529fa1ed0e307232dba023b0cea2 |
| SHA256 | d340da88714a363ef43d71915cc762d84d41a5dc5b5b34ea09c1ab390722002d |
| SHA512 | 98a4fdd88dcc7a6b24d30acd318148a5060474e3859b37a800de167ea60fd61b0cf7304a0a0441e16af97b0e505f0812712f4cc69a2717eded6a77288dce8ade |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 5e35c852bb1cd4d3321c28193e135856 |
| SHA1 | 27b0569d4b298eeacb67d0399428c0eae5490b79 |
| SHA256 | 54fe2f86841cff94835c1390c315464e40258c1b2486bda31251e99c29e9d364 |
| SHA512 | 3ca12fb5e47ca8b77c75c23284719ee1aa8edad4d4124ccdb9c9e8fd21b2cdde4e4425ef9a6a31d41eaf0962345dd09ebea0664ad841bb97b9e70db1adb76fd1 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 545355fd7e3d85e6ff89918618fca16d |
| SHA1 | f064bc9c261dc987f7a3c8c0f92076554e20d95b |
| SHA256 | 8b1375cf8b07acac0d456494a065082d19a7bc61a6a07674567f03c84d3d5feb |
| SHA512 | 9c0c7d3da6c2131783cb1bcd2a633339d3a865eb2062a5eba7168d57075e3d56ef7f66ef62b6b8a42f9226ffa790e62abfded9a1bab6fa91d541aad2c5c9868c |
/data/data/com.dream.recruitment/files/a/b/c9ff5364ac8ef8a2803ef4181a8dffdc.0.tmp
| MD5 | 2d9d5a67f8d1d9729420c43c4cb62caa |
| SHA1 | 69867d4ebf149669b6dd30451e927724f9331df0 |
| SHA256 | 38eeaae2ae511318ad20313612ea779c592eeb9466d66a402cbf39e05836e650 |
| SHA512 | 8721092acfdbc1a4f96eed14896f7a00edb295e5198ad43a3dfe594e040a34b627b3112a61734660fdc84555c8edf46dfb747dc335a02a8c487e08f2b18d9dd2 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | ab4f74863de13047ec8a98a29d0bf1e9 |
| SHA1 | 0ad90c66d7ae9d7c0609161b715fe31f43150c6f |
| SHA256 | 293394d0d607cf68e62b9a5510a8c8a8cd92d567139cb9c91e84bc3157121093 |
| SHA512 | a3575e17a86046bb10bbd799cb5b850005688625e492999e515109ef596682f4806115001885db744184131f07e8a8dd8b41a1a813e0c0c9b12c702727562607 |
/data/data/com.dream.recruitment/files/a/b/007b49ef3d069fe798facab5b169613a.0.tmp
| MD5 | 55238174cc76a7058c1e4aea7791c039 |
| SHA1 | 5e4b9d76ad335c4729a8dd2452dac21f1f6a8566 |
| SHA256 | 0ca18dc080fdc8af8149b9c4686e26c387ccfefa7d3042078d143cc600dfcd48 |
| SHA512 | 80f48d8a69a1e3c76126b3acfc60f62a9c65b1dc03732b1452191282eb3e27ebeaad757a41d0e376eac5809dc36b75d516af12064b71d55a36bdcdab0744d4cd |
/data/data/com.dream.recruitment/files/a/b/5ad6cdbb45b4a14283563bba26a5e0b7.0.tmp
| MD5 | e7b840abe742524228b69170566fccd2 |
| SHA1 | d6c1f534577dd7bfc50f0c4c943b4bc5ed5dc6ea |
| SHA256 | e474d55e2afa6aec878bc31fb9147a6d58d4c736afbb3548937984673b69d18d |
| SHA512 | e07ae486a3c253cca26c057554105b048ca1b1c33c338dc7eaf2ff6fa9bdb68bc990b8229aba0de6e7c3419a99ab9b65a1b825b29bfb9dfc974f93a72b4f9ac0 |
/data/data/com.dream.recruitment/files/a/b/a9019c6b0ee62337782ffefd864f7d5d.0.tmp
| MD5 | c895a43722a72d0a08be8208adecd261 |
| SHA1 | 54b9ecee48890d5b61dcd68961cafaefc42cfb2b |
| SHA256 | 643d2afc738f86661ba623dd85549687beb3745cc69f6eeff95d6a5971e07d54 |
| SHA512 | b465eb2be4fb1884fbfb1a5c7bada8b7a94870b5d94a11a25d426e959952bf8e51f88074e9d95f08e9e727ea92dc58d4a7a61f12d9df940fcb3c0757bfe0fb66 |
/data/data/com.dream.recruitment/files/a/b/8c7fd458a3352d68fc752a3193251a90.0.tmp
| MD5 | b5ac87b59592b598e96ffd728f38c488 |
| SHA1 | 344597ccfa2091b144ed91a3b996321802fe85fe |
| SHA256 | 19bce33f0a7f99f5eb11f4f5d67cddb669f895df39b1a624a3ea896fd698a112 |
| SHA512 | c8ee6fa2dd23fd95f283f8bce3174117b07441ab8effcceaa5847b7cc701085408b091ba3f766eb2f540a0ad02b89c84ed678a27cb9c10879382a569210aca36 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 09:53
Reported
2024-06-12 09:57
Platform
android-x64-20240611.1-en
Max time kernel
179s
Max time network
187s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.dream.recruitment/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.dream.recruitment/[email protected]!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.dream.recruitment/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.dream.recruitment/[email protected]!classes2.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.dream.recruitment
com.dream.recruitment:pushcore
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | www.pgyer.com | udp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | abroad.apilocate.amap.com | udp |
| CN | 124.71.159.41:19000 | s.jpush.cn | udp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| CN | 203.107.44.30:80 | www.pgyer.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.92.210:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| CN | 124.71.159.41:19000 | easytomessage.com | udp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 124.71.159.41:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 110.41.162.127:19000 | sis.jpush.io | udp |
| CN | 124.71.170.130:19000 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 124.71.159.41:19000 | sis.jpush.io | udp |
| CN | 110.41.162.127:19000 | sis.jpush.io | udp |
| CN | 124.71.170.130:19000 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp |
Files
/data/data/com.dream.recruitment/.jiagu/libjiagu.so
| MD5 | ff158ad446387f3cbc1e8f0dcbf30ca8 |
| SHA1 | 2eabde05de79be3fcd535aafb08f33707583df24 |
| SHA256 | ce714401d6ef068e322395f87b87bdecb28e1ae37d9714bbb84b7151e9242fa4 |
| SHA512 | 2419304d1ae11ba14f997bffdd479ddcfcba3bcf4ef09e997e24c34f16622a4f6ff8279da36011009ddcdced77f628af4d0bcb2ad451308adb8625e08afa8600 |
/data/data/com.dream.recruitment/.jiagu/libjiagu_64.so
| MD5 | b7874f194f1cd6b53d5a7cb7eb08a896 |
| SHA1 | 29c28cf753a3c64bc3835b312d5795161dd715a2 |
| SHA256 | d51c08a11f6b854a5662ea2561dc6dd0ad0135c72bd0e5cbb9e1f912805018d0 |
| SHA512 | d298930a4996db8ab96346ca389be05b5195f5a920149144225855891aebf580c0717f6a3b2374df63fb56731053dc359c2eb815cd214b6409b32c36b8275e95 |
/data/user/0/com.dream.recruitment/[email protected]
| MD5 | 77eaba6aa2124cd2f2e832ff2f95ec5f |
| SHA1 | 87f88444bc7ea1b900fd2b43904f937cc3579716 |
| SHA256 | 6214b5429a3ca2ad8a4d849fa1db8aaf2fb2c71f27fccf7026a380131939a538 |
| SHA512 | 2019f70985eea24fd1f7812f5ff75c11851a35dda6b193b5ce44b0118e8291e0d92b0d8ee8f8c7bd09fcc6d82894c4ad64f1b722516038ec40fce0d2f4af6bef |
/data/user/0/com.dream.recruitment/[email protected]!classes2.dex
| MD5 | a1cddd046acf5c3f09e5cd6a6f460e93 |
| SHA1 | f7d1259d234214cb205334ed60d4977b988c3725 |
| SHA256 | 978fae90c6616fb3c9c6a463469d854cb699877649ed8400a6d218b2846ac086 |
| SHA512 | 0eeafa5803243813d6ef83d8c9b2903bfadd627a891b40be11b1e6fbfeb422f810bf2baad2b5ec799d3f04af86a95bbd812186010f1b0732fcf6183f2fb01fc7 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ri
| MD5 | a1e0c69e8a4827173481ee2e6f46c14d |
| SHA1 | 37ba5d890086c44fbb61e4cbd588668a0176df61 |
| SHA256 | 6be12cf9a72c91206709ab0f02c9e19eb9a866694b594ab1fd8748cc951ce101 |
| SHA512 | c938d2683e70d8cf65e468eb31346503525ba757f80a581a26dee8d084f547ef06e18b54fe750bdc3315d17ac44a18b4b3c050f084fcb125c3e2a34d7e3d42ae |
/data/data/com.dream.recruitment/files/.jiagu.lock
| MD5 | be4b89a379cd579b26294679f3e8fae8 |
| SHA1 | 7aa0c7d31b707869a5ca7e13fd933970e841a88f |
| SHA256 | 619455e42b99dce9e436db63f2134456cdaf707586c599246624908d0010e3db |
| SHA512 | d24fe344216d9cf74a2b226718c919fa4d6e699dcd791269e2b2339d1b1df599a6ab1b0fede45606044927c169a67287cff426faa2918910677c85cab85cc3b7 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.rd
| MD5 | 1bb9db288a3a769cbf1f5e38602d6444 |
| SHA1 | bb449d2e18404f6eca2ee7698d1d484a77e64541 |
| SHA256 | c434b725b55b6799de08dedef2e53f5cd58927968ad0dc9ddc214e79ddb062ab |
| SHA512 | c8f896595a7acc371ffba4e178e594d6130c0e4aed07a4dc9b7801e6bfe3c5a4087ae2e91c871163bbf20130b2b65ba66f16442ca437ea7cf5c16a965011ed58 |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ac
| MD5 | 7920e3648b8a1fa0bc07d51ae66693b9 |
| SHA1 | 534c26004706c4896734f2c6611f96909f63725b |
| SHA256 | 24a6e6045303cb24656a93871fd70229b45042264405507e3a821e673fba75d5 |
| SHA512 | f0aa64c8b147e5b10a1520796f8cab1b8323ef80fde4b63fd55f9b38aed452e8a8e33ca139f6c310ffe08acaa4e5c8cfe7ff8bdd67f5a7092c999ae0bec4c77b |
/data/data/com.dream.recruitment/files/.jglogs/.jg.ic
| MD5 | ea628e04765adaf4238a5dcdff4bbd51 |
| SHA1 | a801947619ea8c368efe9c006a324dc6339ac60b |
| SHA256 | 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4 |
| SHA512 | c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe |
/data/data/com.dream.recruitment/files/.jglogs/.jg.di
| MD5 | eb0f0e45397f27c8ebb55195b520c26a |
| SHA1 | 44fc1d940554eae02b6cc8d3a100594a02231477 |
| SHA256 | bfd40b5b53f11bc48c2158b85948283c047cbca2d00742ccfa27daceecd0146a |
| SHA512 | ac3326cf0fbb89b8275f6ac86cb161595063257c7c1b9b66d092db05e43e58a0823abf5f892095e8d0a61d4787e0252eaafd991fb869743b0c410a27be1b3899 |
/storage/emulated/0/360/.iddata
| MD5 | 3c291214877b706469786127641d5daf |
| SHA1 | 6a93f3c723dfffd594f93a6577fc8ada1bfacb7a |
| SHA256 | 9271f3c6447890d42d5dbf1a2bb17bbf062b76abaa08b7c25bc22ccd0d71f319 |
| SHA512 | 909194f6ae2faafbac1d19c787b26a1a6694fd2ac6bd57cc625574158fa104d470f4ee1b63d9f687fe32956eee6a7a38a7fb671cb301d81215e4bc437198beb9 |
/storage/emulated/0/360/.deviceId
| MD5 | 8683be218c7f607bf3e2d1559fa8992d |
| SHA1 | 9e9e5c1574c35c1e7366f76d0ebeebd8dc0c25eb |
| SHA256 | 4fd55df002e0c8b37c2af9cbce3ead639632d712cc67903aad94985cb4a3ed42 |
| SHA512 | 7caaa306c416b5df6282f6535e8f3e4c757ac9e748c5c944e65da5c70e6361e2684c417a3451b8e1ffaccd92fdfaa29bc025a7904fad60a504c85559fe049ac0 |
/data/data/com.dream.recruitment/files/jpush_uncaughtexception_file
| MD5 | 32ccf88c529feb00f9b87f5ebe85e3eb |
| SHA1 | 583aca0e4a6d96754d04994866a5a9e2e9720bab |
| SHA256 | 77169c33a3b780d881dde1f4b480ed0b4c7a521f30def8303c3c3c93981d6d89 |
| SHA512 | f3fc9804dce19ebb409959cdf85225aac897a62a0b4ba6e9e6186d970d6f832e4b20298aa6187daaad302e9e4252f33e1f8aa50f57923bae45e1ae21c45b2e08 |
/storage/emulated/0/data/.push_deviceid
| MD5 | eb057b1259a92e6af586375414276f05 |
| SHA1 | aed3d6a9da3fd529ce322670908af738d1d0320d |
| SHA256 | e9d4fa4eddda49769ee2dc1d9ebf74099e8f01aca9a50228b6b8fdb0c5cb2c65 |
| SHA512 | ade2ceaff12fa2dc5a2d4d35991da0e40ecd33ccf6a2dbe37bc0b02676bbfb1f69312ed882ac74d473ad5945b3115bb64908d90546b3f1b6af8c5b400dd9552c |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal
| MD5 | 90a1be8edbdfb32650bbddc5a6715cec |
| SHA1 | e4ba9d05fc12ac7f77f9d3fd4d063cb87c74e85b |
| SHA256 | 792880467da0baa0117fe86ee340232533fcd2717f33ea187138967dacc2c056 |
| SHA512 | 90ab10595e0d4bc6a3b7e7d1f24a32d0da709924eb4502bbee945c5b9b459ed1874949346fb51fa10a9f1ea9f563bb26bde8fc5e1c9b0ae9756c5014995bb88e |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db
| MD5 | aa6a64326024eb67d3d31f8f7bdf9e8f |
| SHA1 | 3180b97c12df443d082faa414ad6709bf704231b |
| SHA256 | a943e84d1da0a56f1be0705c5cf2acc5fad7e8995135308ab23b66cee38e6b44 |
| SHA512 | a8308648d7bfd3d2312eb96638dd7948c30722ed9bec3b4d04d430ac4ac47df36717f8b6ca4468acd482a72a4970874e26d48180aaec0d31bc8cc15282d2bfd1 |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal
| MD5 | d9f7165e9cbe38846a751dcaefe43efc |
| SHA1 | 8c2709365fbe7cfac358843e155f1a5510d206d4 |
| SHA256 | 53f98e38304255b3785e5f0d59ea9890c8ec9952058c5790e53a2c89ad5e9c03 |
| SHA512 | cf81f6a9ebf311151d5740ac59d4886b7742fbf55d206bd1ae4a1ab04178ba22ef86310cb1891f4fa14763bec058699bab81ca4c81baecefbd8b0265ea45116e |
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal
| MD5 | 1c4bb52938c8932216ba2ab40b6e8590 |
| SHA1 | b2b34e2c34f340dce462473f5aab42a05deb881c |
| SHA256 | 9daf2ff25a224944b6ebcfabfd8381c829947d8f6b6c6d81106e8ea6d208835e |
| SHA512 | 4c5901ae3b298d7441fb4a1942d3beeee185625cc585e1121f6bdeb33e12064725f590218a3b0436b16c6b9f48082620ec6e702ad8a422e4e2607e5dc9bda766 |
/data/data/com.dream.recruitment/files/a/b/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 7de584b6080af3aa17c6512ea2b1e87e |
| SHA1 | f028997dab670d16fc8aac6a5b0cc76280a62207 |
| SHA256 | 95c9f31a21a6a536672e06d8d3316dda0c091ab4488f0772a12f85b653204259 |
| SHA512 | b97826a32bfdb4e610ef5d10ee7b76013d71a240c4a8753b1ef65cf36f7259577b4317b09127e896c7cf08977c77fe68be5c4b7baf97087f32a4fc76dc185b7f |
/data/data/com.dream.recruitment/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp
| MD5 | 8c5593f91139a5b6911772e70fdb9ec9 |
| SHA1 | 25cc464e4640f4d20079cd91865e3c05eda12c70 |
| SHA256 | 1dd6e5c6a1d789d70d3e9127458818b8b306525ddbc3e628e076739c80acea9e |
| SHA512 | a22b3f0e89c2cd12dc588960fa61848e1c666837f6987740ff6c9475e566e67cf48657b558e0d9a1b1f90e6ba51ee96e65ee5b42f897ecc66aecc077e6c55858 |
/data/data/com.dream.recruitment/databases/logdb.db-journal
| MD5 | 2c766a9aecdfd32c32de09849e7a2694 |
| SHA1 | 1456e84fecec04ed0b81d867ca82b129d3dfe922 |
| SHA256 | 0b2fd5a0782e36e20430cc450016e649abcec20ce9dd3a83f9ced9f5597faf18 |
| SHA512 | f80b3760d5f090cfd251584530b009bc0d63b52062bb2e678f0607dee1e7b8d14b117e5e1688fc64c61f0837edb05d251fdbdae5a0529440db59a6459c2f1063 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 995655d4963744d4f32d85bb40093836 |
| SHA1 | c5cd342506de1c8d276f8dd8b76d6a509e7a80f7 |
| SHA256 | 7381494956dd65796066c972cf1e0595dbd892ae7ab8900d27e0f470d6b60917 |
| SHA512 | 8b0ad824185172fe59ce98a1729a7b384e140137544fa862fca782d044b0c6fbac0f82e5cf22bedb4b12987bad9457b7856ee90277c458f725478fad941f76b0 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 90b931937d32e99d455650284c6b93e6 |
| SHA1 | 1ec36248d63f3f30f77553075e205c72ff543619 |
| SHA256 | e3617a317ddef34c23598df7e4490c6ff48c87ab837faf04460d94e36b5e5506 |
| SHA512 | 323335c6c57fbdc8389ce88d5f087df956ef85f4544bb1810460e05e91b9af04f858af834bd7b685c15ba4f5994a68516630d3d8d76080228919dc76befda6ec |
/data/data/com.dream.recruitment/files/a/b/5d68ca83713ccc6ff7996977be1496ff.0.tmp
| MD5 | 2098989cac23f130408070d5ac566d34 |
| SHA1 | 9ceee8c532772071636be2e6eff9211beee20d08 |
| SHA256 | c6037ff0986d7a3035ca1bba14c8fca7513103ee00d99f10eb3c1d8f7bd2b27f |
| SHA512 | 58df959270aa0c02c11410cf981f8d36338cd8d91541e7fde7b0d689eb54f35db1c09b085b92c62cba28bc4456499890b17cf2c7781f09c45a2de01ccf0735fd |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 9125c1370ae443887e3295bae7b15b84 |
| SHA1 | 27387a85158b5a2390cd5c0ccd9034b6ff9d6a89 |
| SHA256 | a38ce2523f9fbc3baa3d03140ede08485e54ef588a5a7b6d20be52af48988ece |
| SHA512 | b7098cb83eb9f6027d095d49a0a836b09ec4b24fd68e2a33acd8797b69f3c11f70032d934bb5ff747c14d12607b21d597538cd5d0289bbb14769e4236afb5f29 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 9d937467ccf1b2e9619fd6fbf08e302e |
| SHA1 | b5b63a5a775561e15723f70de4b91791d2f6bb44 |
| SHA256 | ea82c7b5e5f0b1802c871b2400c713df0a8aa96457c8bc8d04afc12b2e87ab2c |
| SHA512 | fedac15f001d41db0bf2c83fc403e657119d1cf6cea762104c4c3f42d725ed020a99e17257f29bad3463807c9502c8d287c4b9820bc553cae7071c4f59e6d3ef |
/data/data/com.dream.recruitment/files/a/b/0da2cf804c79e12d840a9dd526080b7a.0.tmp
| MD5 | e5339592e6f3d53fee9df635f94f3667 |
| SHA1 | b665604fbd3547d89622f6b149ee972ccd2e229b |
| SHA256 | 5d40ceaba2e5efda65a205b13487e977a4bbf66ddad30148920e66fc87fb704b |
| SHA512 | b8a4600705f4d6fae783e1762feaf4ce00eb63edcb99258a90e97fed1395a9b44d691aa48ac22f2af2ed4ea1f6e8d3b10bce7beb4083e251af05a099a25c0492 |
/data/data/com.dream.recruitment/databases/logdb.db
| MD5 | 0e1d9cce7fd442d1a8b61a19a9d3b86a |
| SHA1 | d8959feaefd105d5170bb6a86d852546d36ba401 |
| SHA256 | c3324bc761a5d5d9bbfd8163c4990dcee48f971e5391cd870f191fe76ddb6828 |
| SHA512 | 777177d9dbcf5d0c6def54b5b0b1cf7ec5882fda03006294481a6df506f6be5b02cfd7741373275dbfffdddcb9c4b7360db5fedd6f7754f01bf7bfe681344ef2 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | 5e35c852bb1cd4d3321c28193e135856 |
| SHA1 | 27b0569d4b298eeacb67d0399428c0eae5490b79 |
| SHA256 | 54fe2f86841cff94835c1390c315464e40258c1b2486bda31251e99c29e9d364 |
| SHA512 | 3ca12fb5e47ca8b77c75c23284719ee1aa8edad4d4124ccdb9c9e8fd21b2cdde4e4425ef9a6a31d41eaf0962345dd09ebea0664ad841bb97b9e70db1adb76fd1 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | e65a681b2f07724cce3a6c47e2858188 |
| SHA1 | a8f74835371aa208dd60c38f8f630a1143db7fa9 |
| SHA256 | e309a2b9da5364ed5f94c47c24c15c46e1e004417f3ab7f41d65808c7057af6f |
| SHA512 | 7c627f7caf31bee886d93c725ae13771bb7f767c2f4315237657982ed8b05406876e5199f449dd06af507afec486b8a800314dbb0ab256549b36f66534a58792 |
/data/data/com.dream.recruitment/files/a/b/24c110e1f76093b35c3c2df1927aab79.0.tmp
| MD5 | b783780e9615fc7123f283ac5240613a |
| SHA1 | dae662d6c6c5264a319a2d0d5dd44fe50d966661 |
| SHA256 | 5a73b8d10b0e5810678b3c27e252d70b858896c0d21dd5374a67b340a30e688c |
| SHA512 | 04aacbec51e57f136f20bc82d01bdca929e0c897ed12839707ac15f7424a34e944e1167e1aaf8b455f4a77bd7cf6736f623fcd919af458452bb2cb04d58e4e11 |
/data/data/com.dream.recruitment/files/a/b/journal
| MD5 | dff59ff29dd5ad2f4ca08c045dc126c9 |
| SHA1 | 2621d1f07c645a7066cc965b664f2041cf23abc6 |
| SHA256 | 6ac9121199b915351cb6749e0f825368519cba6355b5c1b54c5de9b633b7ae0d |
| SHA512 | be44027d1f37679a6dcb529c1945abd2dd6fca0b75b47694c8fa0c0ee42d66bb82b943daff27911e9f474664f89d1e4495ba55d804e4468713c65273d40864f8 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-12 09:53
Reported
2024-06-12 09:54
Platform
android-x86-arm-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |