Malware Analysis Report

2024-10-19 11:54

Sample ID 240612-m5lm1swbnk
Target a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118
SHA256 bda231d0832a836a7413c0f4881b568904a8cff04444a97a3c946c01774f3d1f
Tags
collection discovery evasion impact persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

bda231d0832a836a7413c0f4881b568904a8cff04444a97a3c946c01774f3d1f

Threat Level: Shows suspicious behavior

The file a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

collection discovery evasion impact persistence

Queries information about running processes on the device

Requests cell location

Requests dangerous framework permissions

Reads information about phone network operator.

Queries information about active data network

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 11:03

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 11:02

Reported

2024-06-12 11:06

Platform

android-x86-arm-20240611.1-en

Max time kernel

177s

Max time network

186s

Command Line

cn.com.sina.auto.trial

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Processes

cn.com.sina.auto.trial

cn.com.sina.auto.trial:remote

cn.com.sina.auto.trial:TcmsService

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 544.sina.cn udp
US 1.1.1.1:53 openim.umeng.com udp
US 1.1.1.1:53 tcms-openim.wangxin.taobao.com udp
US 1.1.1.1:53 spns.mp.sina.com.cn udp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 hotpatch.wangxin.taobao.com udp
US 1.1.1.1:53 m.beacon.sina.com.cn udp
US 1.1.1.1:53 api.sina.cn udp
CN 49.7.36.158:80 api.sina.cn tcp
CN 183.60.95.228:80 m.beacon.sina.com.cn tcp
US 1.1.1.1:53 tcms-allot.wangxin.taobao.com udp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 imdef.wangxin.taobao.com udp
CN 203.119.216.10:443 imdef.wangxin.taobao.com tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
CN 203.119.216.10:80 imdef.wangxin.taobao.com tcp
US 1.1.1.1:53 api.weibo.cn udp
HK 36.51.224.128:80 api.weibo.cn tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
CN 203.119.216.10:443 imdef.wangxin.taobao.com tcp
CN 203.119.216.10:80 imdef.wangxin.taobao.com tcp
US 1.1.1.1:53 tcms-allot.wangxin.taobao.com udp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
US 1.1.1.1:53 spns.mp.sina.com.cn udp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp

Files

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 a04b9b1ab8bccfc3c3d342e802749034
SHA1 8e7382d9eed3dc68796e8ccdb08100b38b5452d7
SHA256 353b21858254d616d4b7ab04ec787573ef1744268d855bb9a1c6b1d23714bac3
SHA512 6d83ecde46cd0b487b62af4c5712cee6f1b49c69d322c048fc31f45ca3ec73b7f27b2c02f0ff078528cc3c8655efd26bcdfc4c4332239a5eb73d70ff1afba969

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 cea175483d1b0499a370f3536c2e516d
SHA1 bf05be12839b7ed48c6a707451a5f7ed54fd7389
SHA256 71d205ee3872f293411e9e68298c19a8dd7d075fa0ffe06ea3774f6bb88bbf87
SHA512 40ce44ad4dc8dc1f44678e37c9d80f598b2964455a69e8abc2869253d7506c69f01d72258633914fdbbe7aa85a5b9302522da301c916593362e928781b89ae6c

/data/data/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 2e7faf276ad1ad97fb9768c7b865af89
SHA1 26a94eb9ebff8db058aab20247a6726f32d49b24
SHA256 923e00a1f9a2563945e1f51d8804f2b7ada1ab687da5d4e38cba2ca01b69d7be
SHA512 63af1deb225c91b87f3b9d4c5d62787dfb34981af6929cc12451cf16640e491e3684f3b7d9ec6ff577ad3f73fe6fc4703d050ced083172bfb709064dfc882125

/data/data/cn.com.sina.auto.trial/databases/sinapush.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/cn.com.sina.auto.trial/databases/sinapush.db-shm

MD5 d6bb265c56f96645083ad82c613e00a7
SHA1 5e85979c8ea0c2307b46c735f06a28888f96189f
SHA256 effbd2d9a53b07cff0c4f88c72f8473763c6dd219b2309c121be8b059038cfe3
SHA512 6bcf3b34c709a80a574b6199bfdd58f5f40d627c205adc60558c8e3321eb517b5aa51a0b89009657a1f8f92fe11449232e41dfe4b99dc557e955aeff1b4108ea

/data/data/cn.com.sina.auto.trial/databases/sinapush.db-wal

MD5 8fa9264b0ebd8cfe5f774fd53d7e82e5
SHA1 7c35057995157ad30ea4ec2df5890ce2974cf1fa
SHA256 ea07928f19d504edfb3dc1357a4dae67a9710e563282736e9ab1c8a21881709c
SHA512 2cb1118b49b84d997483cb04de8d80c43fdb71da3f5dd08452b15d149d928650c7814adddbf20dca19d31c4e3427361b0ccad182c5ca169b100cb1b4243ab5a5

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 fdf924d47851a8ceaacbdcd60065d600
SHA1 31614c8f576f817dbfd79a8f9d1649b151e9c0a5
SHA256 afcdde958059db4f1b7958b91b6fc769c6058a84ee2e2c03edff28297291ea87
SHA512 81319cad96cea930cd19fb3f1cb2a55743724bcded75ac5162dbd54d6bbf053dc3bbe1d23d7d4695a554f74fee8fab98994b844fdff231a82fbdbc23cd97f159

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 f37a5d4de4d3f8bb34e558874d383898
SHA1 76684099d2926d31e8bca888a5c82170d65fbbe5
SHA256 dee77d19a6dd9b7dc589489c6f3c0a8d6bc9e8ae0a1925cb49c4017968cfa0a2
SHA512 7b1162d238cfd45a4b7263bfab3b2eb5af809594844d841ac2474fd39943da925ece35ca9aaaf4476506d4426141a464f03f6deec407c75ade9cca0f7a621135

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 d1e08c58ad79c0fda20c384824c6314e
SHA1 a186adf02817909f9ad3236ffee551b1487a6777
SHA256 d3176263c753b91ee41878f1394b82857530a9036903d5bc17cf1d38331f7f3e
SHA512 c06c0535cd14eb26d76856511be2ecf942a7268345046943907e286197634d67e46424691b9fb44c0a138233c43f106796b7f7fc9fae7498fe748aad0abe0256

/data/data/cn.com.sina.auto.trial/databases/xUtils.db-journal

MD5 8c1210b8b325e933693e7a11c025bf81
SHA1 8e84279c2f7c149708b8b18c96210d4fe9f661c1
SHA256 c82075fb2b9143334f9857f4a8cadb8198b9f19d27dfef24053a2f44c9f0bc1b
SHA512 51cd2ab4ea6ffd0f72652d3c5514906f4f76e8655b22a6e74f5b3be6a256a0e5045de3aa72a317d15011556b51c47231120ed81f647fc654d283d0aa6618cfd0

/data/data/cn.com.sina.auto.trial/databases/xUtils.db-shm

MD5 2fd0fcb5fd1302bed38ab9529a63bf61
SHA1 018042c4fae3c8ca4ad0991ef1ab674238fc1f2c
SHA256 c7820c55c7f873f6bef076446053cd3f7e337ff719faf4cc636c9ed3e1f2067c
SHA512 6447462bd7901df3efb83f863fe901656a00996dee029c2fffc934e2842c59e3fc0d26f23b12790ffbd1ccf95e85aebc31ace2badd34201e2faa4d03a94464a9

/data/data/cn.com.sina.auto.trial/databases/xUtils.db-wal

MD5 0339ff7aadc415d18c1f81a8c08825ac
SHA1 feb33204723644caa22b9dcca5229fb7a6fa2841
SHA256 d97664be0e8283c72091a9ad5e314eac163b46b0b5c1eee5a6ff4158d54bfacf
SHA512 d26286a577ee1fd23d485131386b3aee93202c55ed125ecfa78bd578c5c4259578343e123fb36fd1f17f5c4377ac844bef2a237bd5efa6d639b8be95c6504435

/data/data/cn.com.sina.auto.trial/databases/sensitive-journal

MD5 921360c1107bb82b6648e63fe20937dd
SHA1 7f63f9f1ff08cce675245d532d054c9b3008452d
SHA256 c822a037f1f7fa120294143840dd910d5c4af9359979f8b347b7de867a9ae9a0
SHA512 48249d8c7f283d436fac41891975c16a5de1812459ef368c63b8576c036bbbe92d110dd7b81e41c94cb637bcec213c522ddf7e9f4caa5756a689ba68e966d052

/data/data/cn.com.sina.auto.trial/databases/sensitive

MD5 d2046c4f5aa6eee7471370e20f7e8a01
SHA1 f64b60606f4401178440cd7c8bbc6979c73a79a8
SHA256 98b4584b1afa0a0351ab2bce2365d8648c3db2e31d43bf863214da0f4798fda9
SHA512 161740aa51d9c7747bbceb656c0f2abb97a6ba769be9693fcc24505c8a8952ad8f286019e2390a30cdc32fe44653862c049b90335e9137405cb0f9b54b6b44c9

/data/data/cn.com.sina.auto.trial/databases/sensitive-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/cn.com.sina.auto.trial/databases/sensitive-wal

MD5 cc190ac03628b108c38ed7fbe4e9bbb6
SHA1 f9e934f4d49a57284d4762edd1ea2f8782b705c9
SHA256 51a4b736bd95e49ac12e0d8c57270970519b3669063fdf0f67cfe32a784a814f
SHA512 e8e4c0f0a59c86f0eeeb1605468b755d1ad3ff56661eb923baef272bc43857daeb31ef55af6a57ea6e58dd56c78c14d6da0985c3be8155835f787ed496b6a224

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 c4a0f67546cfe83f20ac5dcadea5a52e
SHA1 3456eeaf850c63719ba40f2c1370ca3bea12fe3b
SHA256 32a9870ad25728470f990b05ccb74a58cad731bf4ffab008554a49f5e527bed4
SHA512 624fb48eef4714da0c0fc321f84951a37b56eae7be0340faaf4d9c027abcf47cbb99d734827e8fef9d4f5ada3d4c2260982d2927cebcac3ba122c4273d3e82f3

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 433db4cc40f302bd3c142c0a935ffd96
SHA1 5b5c3e391c6b73902d82ccb10eec7f1178fb6fb0
SHA256 a8e97e4f1c3c969ea5529aa11af30b9365bac1b21b8372e25c8ba80ff86bccd3
SHA512 e4d04005c10f9077de4883e10368497f9fa54e0fe458711df625cc8afa8b6b4b9845a81433a6885e6f441efd8b28a0e0d5f844f2a65fab73b0f49a7dde05c9fa

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 2cd82ee7eca78d503fb0325c28744c93
SHA1 60499d95975c8ffc2a70c3914f0cb74ca89f691d
SHA256 aa4172933f3fd36d7a2f5b22324097a8f765674346431d09c02c58893ae3bef5
SHA512 a772ead5514f395a8c5a8c47a44118acc9351b5d97aa7aa97ae5c5612cc88884cec0be3f20064d1d13d2640cd8ed9789d6023876ae51df2d252cc2acb7df84d8

/data/data/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

MD5 53dadf1687e5a83702d33d2bdb1781df
SHA1 e8b469f398a6d4805b06e4a5e24ecffa90da3e62
SHA256 6e0348851273fcadb21d3427c0a06811b1912ce70ad1090ef97030c6d89647d9
SHA512 bf87af522229be4c0ff3182231411df841ba671d76aeb6fa7058ca8927cc279f99d8a0d892a91095da0b0e4662732dec42ace1b66dfff3430b32e44136049595

/data/data/cn.com.sina.auto.trial/databases/MsgLogStore.db-wal

MD5 c03671569efb6cb36e2983813a0abed1
SHA1 c47041fd89a06864495e20c7384f867fbb335952
SHA256 2e383dd3da9b9258637d7f4c42900482df303a6de2878295458b9c1960f96778
SHA512 b31636d5ec1e3d5e68a5e6683d8cdd9255bfa01af517b6d1e476e9b83b9b354c4326886da3a12678131e30cd6ac373d58c549fec4063fc02ddf4b9c18a0d08ad

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 f04b659268befdfb3bf35f99f1182871
SHA1 a281f05e1e4fee01394066228bbe31c6f8b75d41
SHA256 13c12210c81ee0746e0246dff30fdbf2bcaa532cfe9da680ce0e5f7b180c97b6
SHA512 334444dc48fb62b54d3e161d7260a551b9a11fec49694e31809f80d8a0576f66d28ccf462fb7ce00cae0af554a1f86f10b24e123fd2b78c390321a39cf707d7a

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 21e6e5e9d4c13b01e0030910e39d3fe4
SHA1 d3a00329ad3f27a9b3b21dbdd48494d74a1a2267
SHA256 291fce0e63c026e96d43e23f29a3f0f2c09b1efa6aee95ee3d923c8b9e597fbc
SHA512 189e48fb2a6752c252fd8e883eda1ec43e1b742e00dd373b5b040d4adcdac00119e887ba31b2ef43470b705f0431dbe68ef1ade4dc708a27433719555dec6e28

/storage/emulated/0/Pictures/.tcms.jpg

MD5 f51db7ea526e2d8c7a3b7029e4bc964c
SHA1 28993756fcb3897a19c2fa5cc6b06e4670e068f1
SHA256 dba8cdf1d0ec18e520d7be20786626269f58ed85f557efaaa0f97e83e73cd315
SHA512 63e0260bb19498e2004c9c8b224d8c5f3c06377aab1555a3adfb59c67bcb7a39f45d9da58dade8085e6f615f1aa8bd874cadf1fbde6b5d48662a57bc49abd937

/data/data/cn.com.sina.auto.trial/files/degradeinfo/sdkobj

MD5 bb779841a1251e2f6c99e6cc51638508
SHA1 29c153501acbd1676ed7fe9f9302bc3824db317a
SHA256 3eaf892397c289d98ffd657e1fc1e5d97dd7fd62268b4095a6b844f7163b5edc
SHA512 b963d8e7897f08694dea945d5fb260128ab319ce46415727a1f2cb63629f2a3857bfaed85259c203baed3bda8b15b12fa0bc0e6ae1b6982af2a094f7ffa38c82

/data/data/cn.com.sina.auto.trial/files/degradeinfo/wxobj

MD5 a28caa085620d2f9324de6aee07b986d
SHA1 d902f33092c953674b794010af6b450c4a48160d
SHA256 85de6c1617e1483d35a7dbffecae75cc70ff1aa5d42063612266d7f6985ac89e
SHA512 b55182cb4286dcb08edc36138de5392b75bdd290daaf69c4d9da337d67b645fdf77114b97adcddd050007635ad78d6684dfc8b9329120ae9e33e763c3f8d69ea

/data/data/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 956ee78b3c3869f1996368d6ff026a44
SHA1 260fc5526b591b1d71f65e2bbffc7f2345222497
SHA256 717457e1dcce149f98d07fce7741d6e82f1ef4151ceaa1b4d3029548df277fca
SHA512 583364cfcf4a603c3ac63bb3efc452842ad6e5609e4bb85662c991117e8d89fcc14097fbf2f22da66aa1f6b99daf900edf054bd8202c1c524357ab8c63d918f3

/data/data/cn.com.sina.auto.trial/databases/SinaAutoLog.db-wal

MD5 31ef6f3c21aa28198f8498de735011d3
SHA1 3e05b8f6c81878f0bcdcddca1353969aa6e9f175
SHA256 50ed6fd25f9f01ecc732e319a51af00552d1b04755b3a55ac9d5ed797f64912a
SHA512 0d818884843b44acbcfa5db8fa1c8152a44be012123e9b7dae3b9c41581c1e59c4aec9938590381bb9269ef98c4c6319cdbc728c5068a8cb60ecaa9c446be6b3

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 11:02

Reported

2024-06-12 11:06

Platform

android-x64-arm64-20240611.1-en

Max time kernel

177s

Max time network

188s

Command Line

cn.com.sina.auto.trial

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Processes

cn.com.sina.auto.trial

cn.com.sina.auto.trial:remote

cn.com.sina.auto.trial:TcmsService

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 544.sina.cn udp
US 1.1.1.1:53 openim.umeng.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 tcms-openim.wangxin.taobao.com udp
US 1.1.1.1:53 spns.mp.sina.com.cn udp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 hotpatch.wangxin.taobao.com udp
US 1.1.1.1:53 api.sina.cn udp
US 1.1.1.1:53 m.beacon.sina.com.cn udp
CN 49.7.36.158:80 api.sina.cn tcp
CN 183.60.95.228:80 m.beacon.sina.com.cn tcp
US 1.1.1.1:53 tcms-allot.wangxin.taobao.com udp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 imdef.wangxin.taobao.com udp
CN 203.119.216.10:443 imdef.wangxin.taobao.com tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 216.58.201.99:443 tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
CN 203.119.216.10:80 imdef.wangxin.taobao.com tcp
US 1.1.1.1:53 api.weibo.cn udp
HK 36.51.224.128:80 api.weibo.cn tcp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp
US 1.1.1.1:53 tcms-allot.wangxin.taobao.com udp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
CN 203.119.216.10:443 imdef.wangxin.taobao.com tcp
CN 203.119.216.10:80 imdef.wangxin.taobao.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 47.246.137.244:443 tcms-allot.wangxin.taobao.com tcp
US 47.246.137.244:80 tcms-allot.wangxin.taobao.com tcp
US 1.1.1.1:53 spns.mp.sina.com.cn udp
CN 123.126.45.101:16000 spns.mp.sina.com.cn tcp

Files

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 f22d926166009a726602077d0bf34e2a
SHA1 96d6f784c5a52feb4c960208d85214d49f824c40
SHA256 65dbe559831e0fe257e03e4fa03d98acdfb89d69a2f38d09fb711ca574f319db
SHA512 02d711a3f75111d0c927df65d67752ee3cff335f3bb98656315d0c3cea9a2f6a75392b020925c0d567813f5b3af23642056f651eea0cd8d0f41db6966960e861

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 71dadf758da89b38fbd4c5bd8e6b4065
SHA1 9fad87081c522f345cae33d3f2f44f9eedaab2d5
SHA256 33ba9b440e15a9eb70a8c8d9303bfa9cf9e488a18a97bbd36c628b5e4aab13a0
SHA512 2a0680db8478f5a8133eb3c4e181293e0658d45d1497517c99c6307b78a406ece4587f555dcbc88787a93c0c411d9fc1e863c853d234f86c4dfc47396bfc2810

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 0eed5ef7887a553ff8054b48d0f4d81e
SHA1 8de387c4d9cc065fd3d35ce5f2a4e4adc92d9514
SHA256 46669f4103c0b06363afd3facfb0a603e7f9d5c5aba2e41ea20f3456da025e33
SHA512 0d51f0cf63a4a3413ac4d82cb1f47678146d61579a261185e92599b4665adfba98aee65b59c9925970eac0319d7776754d2f007532dbddf8f61b662f67ff90a4

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db

MD5 abceada5d017f5d343a761bf74c5b2a7
SHA1 9da4d8c8093ed87f746485506e8157721026c3b5
SHA256 4a28175b17040eab825ab72282e89d48be434130e53c62437e4c0d9ed9c2c159
SHA512 2751e5aef8ae153b5c32010727e6fd59aae4d636d4c7682c5be8b0e505bc24d42da39683679d719028a28376939a981384e87e9417c160b26b6d538c4ca0889b

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 707a387e2b45c254067bd35cbb3afbea
SHA1 c30db63a027e961f3c1adc0888efe7bca927b006
SHA256 c498c09f9bf04d2bf5c6e5cd51874eed83c9c2e60b243dfb765fca00ec1d6d66
SHA512 357b350b1c2dbd0354b94c7de27caa40d0ab8be1984f941052ac1b698ac68215520a7d3b039275d07416e2bd259a7342b54674376609f723847acdb9e7e6e568

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 72409cebe9a335e476e0bea4274ba645
SHA1 c8a9972f53953f4adaebb5858e3e481e4946183b
SHA256 8927c0262747cecbac43ce92f2c6c70b4247e6b5d9866e296d5be9a899019e07
SHA512 659f40979f9e6506d791a99e16c391e50387c5c7bce4bcca53e6abc656fb2424a1897ad86bf7197b19105083cb4b9fc273119dba696c967b9a6be65fb7e94a22

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 5052b4fdce61182ce6e42592ecedf848
SHA1 bbda88e45780649a1b3e4e8ab6634480140cf905
SHA256 660f4fa4b76345bb9a7a96b0d1a21e43797fd96d65eebbfe7b021ffe565458ac
SHA512 e36dc55ffd65990017c584358315db568c1099495173f376f6e1bbb4ded7973c7660a3062bf7c2c5eaac2b919fa8c359a77008f5b7a8668d1eeb18fe7ad61512

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 20718a2cd71875aba9da434e32a91099
SHA1 1f27877e4d21f9c46b8d581927acd49feb769e18
SHA256 59796e3a411d8599895339d14ad69c88780274895b223823909be540fbbc3cfc
SHA512 285a29796017250d2b45b53a6e576c70f7b12b4643405287e21f590b0ec45c3e09f66ce69a37c6b40d69702ff3cbabca29aaa9778db9bd3dbfb440a5e67f0291

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 88959f6a5a0a8c6a0a3fb54e96dcee62
SHA1 7fcd055e22d0b5539eb946873dfd9090f47721e9
SHA256 e8e2981d3bfeaa398ed839989dae8442fa4ab0a682ba55860e77e255ce0814ba
SHA512 b82a7560525238989207ac08d531d5c4ccf77b62c6d6e95926879c6c025dbf1f7c7db2e57b624f3f0d70e85005751f4b626adf2695cf5ca95f01beae0c8e1546

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 77b35ba93f95c4c59ca9b5a31b32c4b7
SHA1 f1ca6ab0d1fdf4c07c57b09cd2568e2e0ced632d
SHA256 0a5607a289f0f589c45abdb03edb531772bd2557fa345333d7c05d86a72b4919
SHA512 2a91eef0f3a51203645d4f9016c0986c2ca7a0bb7162b099f4033b3dcdbfa38499b9f33906c2df32b0fdbf2707f0f33a9e991916606f09064ec2dc92ffa98368

/data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

MD5 93fdd0ed5f4ba44c83052d8f759de2bf
SHA1 dbc2563a9321927714c226caa1beceffbc0fead2
SHA256 78ca5363e152656fdea3418c9a39a77a4c760d36bd648897994ac885536d7fb5
SHA512 404dbeeb84f9a93ec2ed33c61a38cd85a3727f0a2ac8451cc3d5813b033ef8c959235253e147d2c8618bd000f3b2ccbfc6a9f730c9d113f1431c641daa3bce39

/data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

MD5 f0f1a639aef6bddc0d446e8cb963ea93
SHA1 66e6134735e7fa3602a2af0357d13a840046a3e6
SHA256 9decff993831b88e8c7b423372784f3027318639d5f04dd417e1da2327a8c6e3
SHA512 fc2794bd8124a625351683ed52706eeaed9619fc5cca8d795a17b653314297a1147e8f52d71498d4e64e53bbc6b60a4ee7552d2abdc46e15bee27e4e33b104e4

/data/user/0/cn.com.sina.auto.trial/databases/xUtils.db

MD5 4a9695c2748887495fbb55ebf1496887
SHA1 332265d9de3e1d4efd965f667b606369a7ac85a1
SHA256 9aeb727052fa49be1a20b76186a374e5a76de6c7c4816ed1b200ea5c5a60eccc
SHA512 996c0c611eb11b2101138213a5838ee99ef115cef26292db03414b3de720a059003b355307a24fddfc8dfa501615cfa738899c37b4338b4bfbc78a3559bcf6ab

/data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

MD5 3c7129d1961787b64666f57576d9d9f3
SHA1 34d6aa15a4ab99e55bdb483527390885338bbb2c
SHA256 8512c4fc33dbdf737a54cd776b1cb147e42ec857c9577cb344ed129f5bc162fe
SHA512 477c9637c657c3afa5697a1747dcec5441a0ed6d33e9e741b1b6b67ef1686284c3b3a8d90c5a6f4513c24ba295851f665db6d0130e637e87a8992402d0fea158

/data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

MD5 394b4f53ee9a7d21900bd1adf3d868b2
SHA1 e87981e317a4081d9db90e9ca964ea629f638e68
SHA256 bc2510002115cbf4913eea5b98b77d0b381d949cb731672e0846fd48461459ef
SHA512 4d5e19d26862cc9cb49b8693f87670645c426e399b08546e3077824a6b3779a20791c736c5368edeb111feaefdae97c06793fb226d893cc51e9579eacdca20e9

/data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

MD5 e02a82264c6a6b346d950c042142d6e9
SHA1 3b5e49d1760006ff168dc03ff2097a2acfa3726b
SHA256 15567d05498012ffc8b6156745882fa17d3a5905420e643655dd27429abfd5d8
SHA512 a450fff643878b98dcff3379f6005f0a191aa98d3c34187b360a8a23b53a37a2b1c2d81a50dbdb14e7821d8f0bb93367f7e7660e331b090979241465490decbe

/data/user/0/cn.com.sina.auto.trial/databases/sensitive

MD5 2e8d2b7e3b1a8758ee427d301314b7ef
SHA1 32bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA256 67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA512 2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f

/data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

MD5 b2f31ad886f5ff66ccdffdf05fc33dfa
SHA1 a69bca4c4c52b72a9d75be44c7de7cf3bfb563fc
SHA256 5d5e79cc79037bbe25aff86b8a649635d74df414797423fcafe4324be02edb03
SHA512 19436d9a37e299ffcd166c9b0caf0fc902320da17a830ed2af3602f1be05aec0a3bb1b176575049d3ba7f8eae5df7321c7be426e867ed784c0962c05e48df6ab

/data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

MD5 578e33ee396cd17adde1e4e105720e91
SHA1 c9c872d8240a3166ecbbe4ce0a292cc029c7bddd
SHA256 c716eaf6b0946b1e06dda77dc770bf9bc44d4f054c7440bff6497d00c90f0579
SHA512 5077290404aea872b729a455c3c07bdfea74684bfa6d5fe43fd5db102749c07fee582b1b9fc0d20a18e9cf6274835b23ec722d312f1fb4f68ed249d382219a9e

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 28a0ae1b5b5fb4adcfe93dfbb7f46c48
SHA1 b4a02f03ef612b48a61782bbb6a4e30ae18b0253
SHA256 e737d33d16be84dc6d39ebddccb896a9def199197e6d16ed8241e48b34498592
SHA512 40ad3e2e77d7309e3f1dcbd0e6488597b27f42fb5d27335018db3433c9e692839b13340c26ea51891772e59e41dd1f41b95619947aa7e1391ba858c6024598b8

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 8210ab33e2507f17b48e0eba4f55f02f
SHA1 958901cda86254d5a44660115aeade7f9a3eeb69
SHA256 215a5892672b5397250c6ec4d27257340c8a4c0a065e9164eb66a6de1675683e
SHA512 83fa04570cc93f6e13e2a2cd9089c20d2a8883d955067336b13d8407d79fb4c5a76541f98fbcb12f9618089e3b291aed73f0f6dbb894f17399dbd185ace9eaca

/data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

MD5 b204f72f7763f6f1cdb001c910af1c74
SHA1 8b8020d7c3ce550bee66b776ffa8a7dfc3c4abd9
SHA256 e12892ca1e9238dc0ca0ba3871410e70ee8aabd000f123b073bd1452b787558d
SHA512 7a58ccbe5c8bbdce91d1df86507d951e8cfe3bc90e9e500c83fc5b556ffc2741921bbe613922d8fe027e7b2c14479235538e5e819a2d37ef4eb4156d5bbc46d2

/data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db

MD5 f307a5c48c572e7d677e86a722c5662f
SHA1 4f3fb17327e6ab7be04c06289a6f553c9d7724cd
SHA256 b68454cda4a9e2a9f701ae77783a980f49cfbde1bed991660bba72eb04e214c0
SHA512 6b1351ae069089b578e0a0c799def3225b55d5c6e4ffd8690e2bf4f43cb048a2c07e958f9aee7901a955f840dc591f42d2104f7f54a32c0557c0ff2ce5974bf9

/data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

MD5 f7ad77ab0cc058f239ef728811408edb
SHA1 f4b346bec6f35547f5f552e75a882da9caceec87
SHA256 f03dd628b115d058f7d4e9251133a6f7ad21eae51676869720182e959f06f2ca
SHA512 d91ac897b34a8f5130fa82681ac23f1c08e99bd48d7791a9f6f0dd2f506172d010015556954efea98d224825734f0ae5440eeab095ab4fb4e7aa8a7eb774c153

/data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

MD5 7137bbd6625e190815466acbb7a8c11c
SHA1 0bb5ad753fb90da992f6ba0898aecf34ab4f634d
SHA256 fc53e7d0cc8a14e3b816aa24e03bc4291c7463caf5f2f85a8f512dac625f48b1
SHA512 3df50e818f319a7365ea840811c3f38444474be288dcc96d1985b195ec932579f5b34977add364e4118c0e5400b28e15073eaede14ce8d241265d6fe396d68a0

/storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

MD5 110c740f5206c1db02d856c05616a1ba
SHA1 92f3ed5349f83a0a79be83025899c6d4c35105ef
SHA256 7deedd161e44573366a3cee361eaccd255d7da360d329de636c3cde1677e79fb
SHA512 3a5e6e91d00d8cebd7e99583ea30a2a8ba6d4fdbbfdeb32e9a0c2d50daa67fa6de4405087823756254e1d224d63efb84497fcddcf80fd716aaea9a822dd682b8

/storage/emulated/0/Pictures/.tcms.jpg

MD5 1c0894f611bf8bc10274f1332554b266
SHA1 d4fdf3c3db2eb3d7a026d7da868150ff2fb0922a
SHA256 1b88a68e63847c8c375f7c2e33dc0cfb7b8f6e7633d27c61e16a043bdd4e885d
SHA512 7d298782689cafa223ee64a45413ffbf92278b161cdd2fcaa5bab703ede074c9c39ea5e88cb5f92c8a950b4dc562e5991e8cdeac702ac7591a011040d0277e1a

/data/user/0/cn.com.sina.auto.trial/files/degradeinfo/sdkobj

MD5 bb779841a1251e2f6c99e6cc51638508
SHA1 29c153501acbd1676ed7fe9f9302bc3824db317a
SHA256 3eaf892397c289d98ffd657e1fc1e5d97dd7fd62268b4095a6b844f7163b5edc
SHA512 b963d8e7897f08694dea945d5fb260128ab319ce46415727a1f2cb63629f2a3857bfaed85259c203baed3bda8b15b12fa0bc0e6ae1b6982af2a094f7ffa38c82

/data/user/0/cn.com.sina.auto.trial/files/degradeinfo/wxobj

MD5 a28caa085620d2f9324de6aee07b986d
SHA1 d902f33092c953674b794010af6b450c4a48160d
SHA256 85de6c1617e1483d35a7dbffecae75cc70ff1aa5d42063612266d7f6985ac89e
SHA512 b55182cb4286dcb08edc36138de5392b75bdd290daaf69c4d9da337d67b645fdf77114b97adcddd050007635ad78d6684dfc8b9329120ae9e33e763c3f8d69ea

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 fbb73db9c66da2a645c212e723cb17f8
SHA1 8102eaca72f98261fae2febd02f38a3ec2c9c28f
SHA256 17d781c74b0fe6466bc9a0374f0617ddfb431d2605a739b0dfba93256e9de947
SHA512 d40733f06cf673a7f0a7cf40e87570bf185016bcf0c15d0da779352f4f38ad7cb0903be2d8cc68db9a18b1a4a3dddc9adb88c5b02ac4939e3c84c4f2ded17a2f

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db

MD5 22142be0310e6b7b7018be3a18957825
SHA1 8423461387adba133c081809e30161b0f79c24b0
SHA256 b25ab8134803d881fdf78b27cf3b66a11b72b4890b37b70205e868339e3ad928
SHA512 df2c672cb4a2b0fc3ad6d5a5209ee64dde1efc315e92c15b6c81694ff431d69bf74843336c2114709738f2a9034ae135a0d94fe9288dfa4311a46556272f1320

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 475196d7b88c544662e7821e9b9052d2
SHA1 072550beff3189c7c6ad845204412ec3cc158aaa
SHA256 97d375b45ae657865cb78f19d00b7d5558068606b92eb3d2189d23643bdbe353
SHA512 070226967d39ecce072bab3058e669da12166f8b8346c914b0e942adba90b753903a54ba335e34136bdc3bcb26b0a8e0e5881425a723f6aa45b934facdcaf8e6

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 8c77a7398d9bfa29b765f98c890be8ca
SHA1 3331497fb0a8566ae6f141c6856f55f48cc93370
SHA256 34202a108ce31b39d806247ae8a8053e943cbd7dd7bc25b24c77417e97e1d70e
SHA512 98454ad20f0ad47926a6acf6e1edc84a4e9fcd3ee3a3c527d851ab71df0f3e553002bf9e76971458b1d77d0f005c502fa0984b770a345bcbd7445dfba5f5382b

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 015a4e84e01b56f68f3bb7c90de0651a
SHA1 d2919577b618df02dbcd6b0b94dd639d3e22d289
SHA256 2d7fa53e608ed3cef9a8dbf2a8a609eafc60fed7742bab85fde5d9ebd60a6e79
SHA512 a8a5d162e914ab675637e06471d2d8833324fa6d2c95d4815f610c0da257008407eb1dfedb705de0baafe3fbc79d78c6e305c26e02125f526e91328fa095db5f

/data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

MD5 ed8d76750beb28174fcc10f61020809f
SHA1 0775c47f26825b76c3ba50b1fe18e7cb7bfb685d
SHA256 3fbb41f4f0109ab6204a5b1b20d497848818958f944503464bc316f4db456246
SHA512 5ba4e5841f920dc8fb8916deef4d262767f963b623813d1a349bceb3f4c9f47f536fa713f2d949f93a28e4b507a5aeece75c3c5b2eabf71a26ef050f7faa87b8