Analysis

  • max time kernel
    179s
  • max time network
    185s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    12-06-2024 10:44

General

  • Target

    a05f41f3d798fbb0a4026bfc1abcd9fd_JaffaCakes118.apk

  • Size

    17.9MB

  • MD5

    a05f41f3d798fbb0a4026bfc1abcd9fd

  • SHA1

    1486ac52ec8d8a240fc8ca6671a74f03d64e9aa8

  • SHA256

    7a406028ce4dadff38a56379e12a7f63c221178277749d9bb2520fde8e04e330

  • SHA512

    6a6952f3db0280d2170fe3e3611f173e15e70d37024c945641969a5363b821109ba2dd77dfb0b9e911043baaa2512de4d0746c48fc6fe174942dd4f2e430ed7b

  • SSDEEP

    393216:2qjVlqgWRbfcDdLncK+r2tF9YV3K7gf/dgRRJlS:2qj3qgW1fcRLTF9Uac2Rzs

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
  • Checks Qemu related system properties. 1 TTPs 7 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 1 TTPs 10 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 2 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4172
    • chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
      2⤵
        PID:4198
      • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
        2⤵
          PID:4547
        • sh -c ps
          2⤵
            PID:4584
          • ps
            2⤵
              PID:4584
            • ps daemonsu
              2⤵
                PID:4608
              • ps | grep su
                2⤵
                  PID:4626
              • com.xgbuy.xg:pushcore
                1⤵
                • Loads dropped Dex/Jar
                • Queries information about running processes on the device
                • Queries information about active data network
                • Registers a broadcast receiver at runtime (usually for listening for system events)
                • Uses Crypto APIs (Might try to encrypt user data)
                PID:4248
                • cat /sys/class/net/wlan0/address
                  2⤵
                    PID:4464

                Network

                MITRE ATT&CK Mobile v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/data/com.xgbuy.xg/.jiagu/.jgck

                  Filesize

                  4B

                  MD5

                  0642ee0723bfe66f477678dae1326f50

                  SHA1

                  0a375356192e039292048d3d8e9690d5aff2c3f8

                  SHA256

                  3246dc4495d869f0d00c1d91e3024e68d06025bff4343952c79829cd2c4deacf

                  SHA512

                  cac02e7c7a3471f15a7901c152ab1714fa7de89112424c7919f18fa5d8e37cac3dd19684906b514299a280c2505b98618cccfc2ab12a96a574d141dcf3ed9717

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  8.0MB

                  MD5

                  7c17366a8785c78be60ad22700e831a6

                  SHA1

                  df18773978ef0fd306f7692b1c68fbeaf006ba6b

                  SHA256

                  b1db2ad411bb5b6bd2df10ebf92f30e0ecd691fc63a06a6b26d713d3ae5e075c

                  SHA512

                  78f586522675ad57f799f5d140b89280dbb6d1661e594c1d59f57148f658914d17b2e93d066f32492449ec27f19436a4860ebef43d028c9721e99b357d0cb771

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  6.5MB

                  MD5

                  63489f8ffc4c23ff337d45cb8346f966

                  SHA1

                  22d215c56a5a20cd554eedcd1bc23154f5cf844a

                  SHA256

                  645251fb0c5def1ae81713dbbba3d23e471eca87bcf73cefce9e32c256c9a9a5

                  SHA512

                  73099e94ef1d7798248decec3527402d61bf62b2aa7c39645b1d557fbbd4a07cc65e302dd08e79052652511abb76b35a749dffbc4fd34df070926f349186cccf

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

                  Filesize

                  6.5MB

                  MD5

                  a4cb96ae304b9c8463e5d2d6b61bc25f

                  SHA1

                  e40d7603620bb6685248b468487776ea7169a4ff

                  SHA256

                  b05bb83f8406984872b617c85b0b50a716c1b1baa1f5617524f3cc3f53dbd182

                  SHA512

                  9571da0805c8c8f3dfabe30d908797b5b03a2529de9d72eab6a859a44e121b8bd11797a47bc8a2ca49929601dea6b70ed07859e4eb2ac65855930c11a4edf489

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex

                  Filesize

                  2.0MB

                  MD5

                  bf5b40b5d4157a240dc5677f9012850b

                  SHA1

                  f7c8627ce6368fd6b6b29fce0e1cb7e1b3950043

                  SHA256

                  b163747ba703216a09be9cfe163dd8a8cb6ce7853a48a686b4d8a0a904c5aa61

                  SHA512

                  aad9d3532a4672dc56ef9bd828e825b2d08eea26126fac7ef7e8a850e772fc6651bb64005bdac7aaf5a4294c33f8720d6106ca5df58a14fdc13dba2f17bed493

                • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

                  Filesize

                  455KB

                  MD5

                  e5a53000766ebc433b27d6a66ec4f555

                  SHA1

                  2c8f53f1c03aec2005bcad67d731f07261dabde0

                  SHA256

                  78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

                  SHA512

                  370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

                • /data/data/com.xgbuy.xg/.jiagu/tmp.dex

                  Filesize

                  284B

                  MD5

                  f1771b68f5f9b168b79ff59ae2daabe4

                  SHA1

                  0df6a835559f5c99670214a12700e7d8c28e5a42

                  SHA256

                  9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

                  SHA512

                  dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/a8eb51b76e7536e3ab796b3600ae0d235290126b48333a6fc140d3836facb54a.0.tmp

                  Filesize

                  106KB

                  MD5

                  66c0c680753df4ee0641951b8cb1d613

                  SHA1

                  9573fb478fdd97f871e9019c3b88f27adb879a29

                  SHA256

                  97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b

                  SHA512

                  0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal

                  Filesize

                  180B

                  MD5

                  e32eb9ed103d2f1063cb2ea3fbea392d

                  SHA1

                  753ba873574beabe8d0767db8e05631c3d3e6a03

                  SHA256

                  00122573aa12b5539da684449307155305222dc72621227892f05ab9158c7b4f

                  SHA512

                  082f6817ab742d8501f92bb2229a340768e41c699169c5243c5a398be8a76d49817c07dcce231bc2bd55540dd3dfe8f6d7b4283b8fe44ba109c83e3359d98837

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

                  Filesize

                  31B

                  MD5

                  8c92de9ce46d41a22f3b20f77404cc1d

                  SHA1

                  8671a6dca00edb72be47363a7071be65cf270373

                  SHA256

                  68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

                  SHA512

                  30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  5e818823f78be14d74c2d7ab08e6cf01

                  SHA1

                  7271f6ca0457edfefcbaf8f8452e8a7e429d49fc

                  SHA256

                  4aa0307c94a641590a49eb49695bc87b584cb661784a170f2ea46da888036f25

                  SHA512

                  fb8e0aec945fd64daf68b311792a296df945fd1a95dfd657ecc09320279cc4c08c3f5f9ae0affbe3295c983d5a093a84094d7742edae5b5c9de77da483f62498

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  b714db3646420856fcc8c1a5576cbc07

                  SHA1

                  e34ee05219d0a68d0409cc4c92b437225a5cc45f

                  SHA256

                  9ab1a275f0b554f2c88e2e2ee655bcc38ff72a88914d1d6509bc5cd4a912b535

                  SHA512

                  fd4beea42d6a3bdf92d67133affd6ec111e70c68183799e653e04a3b4a6a1cc727e1cb0852e80a131974a42b773c0963900f66e7dd29310a3403d5a1e9108e66

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  0fdda69de189b2b762214eb67ef62fd0

                  SHA1

                  c52c1b5362f59f6aeb4ef4cbd6c9f9d01bbf877a

                  SHA256

                  05ef5749e698c789cfb4ce6f0266ad6acf1bfa581e3a25ad8bb38fdf21207bfd

                  SHA512

                  6e8e54b1f1ecfdcbeacb03b221dab6b9b487bf81eb3c1529a5c482b985f2942553680ca3444a5bab27483968b7e481f86782c685d0d74fe88308936c29481d90

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  1983da5b778dcfda0613f294f2a1933b

                  SHA1

                  edf743b280564cf14c35dcd7bb022fc4d41a4502

                  SHA256

                  02dd5587df0cb9c3d286ee56bb67f2949b6b381365094d092e685f24655d8207

                  SHA512

                  f622c481731551e932e8d25f4971a1f1c76023bfc257861a4e4ce18761baaf3135e2fc7a9c5e7df5ddb7c4c8bf4e953fa8ed7cda418bb5bbdc716471c658d59f

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  df2a2c48ce8b7d16dc1f9dbd5085f805

                  SHA1

                  62bf88b284d3659cc6a736da73f2f211813d0118

                  SHA256

                  146b46879faa61401634e6490c18dfa79bd3f52331c1db50228c8e9213997b17

                  SHA512

                  a38862668ef2ffef44f45a7f890b234aeda2bc627d821aa5e178e3c2c5296bbca57f271b76347ef0e2450e4a74fc53ab0e3e1f795a824c4981591aeec473d39d

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  28KB

                  MD5

                  2e6ac6e8781f70fc56284c9eb741340b

                  SHA1

                  38e8182b3cfc7f9c172ce20b6b559ca7f2a5682c

                  SHA256

                  05759f0eeabccd645142b3991ec16da670ea779584bda1386726a0d17abda714

                  SHA512

                  2170c8690782cc0cc039163fa04b99c32ffe2082c3b30f9d85c835fafce37e9f4dc3207dea5679b91a258ea10759a1759881b22586cdae078087b3196add646b

                • /data/data/com.xgbuy.xg/databases/Reyun.db-journal

                  Filesize

                  512B

                  MD5

                  7be818d12347e5d0e5b10044b60dff53

                  SHA1

                  34f8635b2fefa252a33596575d678e1d15fedb34

                  SHA256

                  568505400f1ce363eba9da99c031d95df9c5d30756b8f74204dd401c0dabf7f5

                  SHA512

                  58c5becbd43a2dcaf6e2da355cea6106c2a8671dc39d450773627f0c19c6bd6c41f0fe89a64fab5ef8e155b37a3b29dd224816cec756a0fea5a18bc769e5a5a7

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  44KB

                  MD5

                  a4b3434a745554f599eaf1387aed80b9

                  SHA1

                  3b433ce6f7a41a78af6cc254ce2774d30d3790a3

                  SHA256

                  3ccd2b9228938d62866962dae4eec08c0e4f5428bb7677c4af5a6505cae7116e

                  SHA512

                  1eed84334db5d6118de3497b21e875e821a932cccd4a47566a36af6006ff6b8820d9cdfaebf5f86f750965164de4cc13b5d2d65feac9f244071973020f8a2330

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  baaff27fbd3de94c06645bf31b1779f9

                  SHA1

                  f2b619a79e9715f91406f86ded30aae5cc912eb8

                  SHA256

                  69a0b8bc90f3cbb9c77c44fa22c256ac181976694a614f3d281c8a5b69bb7eaf

                  SHA512

                  19a87c423ba7ea1610ceb7874d1d5921b255302e6457bf346f83c4e4180d9285e023b2e5a3bb21f0d1b105e6f70b5ff7e59e4ba2293c279946c315346c51bc91

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  53dd5e0889b58026ee19e0ed3b6b39e0

                  SHA1

                  b3b66d223f271dc9b9393672951f6c33743fa384

                  SHA256

                  4e4a210db229c718792727619734ed4ee46d76009d74775900fdc5a95f029967

                  SHA512

                  2f07d17944e99b951f1283527b9e7039c658c8fc0a45084d625214798ab6eef2aafea016348d3e5fb4c53319a50c1a535655beb82d9253a7526c9236f3f6a19b

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  b0de32d536c2ae46e9f45cb815edbcdb

                  SHA1

                  1fe550602bb17130929457053e6543d5e21eb4b1

                  SHA256

                  54681f614db29241853521f35abb544025aa0db3f7bfd51d3613c4d1ac7efc7a

                  SHA512

                  69822d26d130d0652c7eb527a3f3700213e85ec1785863ed10c4455f6897b1e47a24d53f14a163d2580d8ecade661371b88b3cf6412f8a29195daecef5acdb17

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  75c59b24ef62fb0e7ebc7358fe975786

                  SHA1

                  edd54a37951ed8ea8de3c314db822b5fa5e6fb84

                  SHA256

                  b1dc54d77d9dedd68f680803d1ffebf85205ac18e395a98804c2af8a2d8231f1

                  SHA512

                  c2863cb2dd1814c74d793f06782b287dfaf879bc81570ce5c005d2713b1b2e8372c5bd7014280ebc7e0771c17d90c38238cc318fbcf41f8586cdf2206e56c26c

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  24KB

                  MD5

                  668aded2352d7d1073af09f696adcb37

                  SHA1

                  fa0871c310cacc9f042371a274b66201c8463c40

                  SHA256

                  10a9e327888f0a31ba9d46d1e94213ffef35fe0b8753d41cab5dbc728fe213d7

                  SHA512

                  148c767d2eaa49a115f614dc668b35e655ed4179285e6e80369b71986323722ff421bcb214a95fdde43934899a1c7186cf1fef61d7af99442e946b3197cb6ec7

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

                  Filesize

                  512B

                  MD5

                  14c399b5b6e8e68e21ecfb00a3befdc9

                  SHA1

                  c7fc5489c473ecef3b2faabe32fd201a7ac31506

                  SHA256

                  56a499cec8ab68e75cde1e0aef033ea7378c9c9702650233e0e75fb172f7172e

                  SHA512

                  3f93327d532b54d916dd1f1521971afc38e21637e8fd379c1292d710d8a77d4399baf3cb6cb623f3812223df74d0eebc413dccd845b64d5bfac3bb896e6cb470

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                  Filesize

                  80KB

                  MD5

                  e6173790d242adeb3d971d6db468e48d

                  SHA1

                  5cae2a7b92b2475f673c326f5684b30a61446938

                  SHA256

                  4f2c04d50c0d6f23e1729a50fbe67ed8927720a8038da38850b244aa5d7c72c3

                  SHA512

                  1639b38b967354de71c89d46b2a1a9b498cf3d965566a5af4b86fcd976f3a0cf2d1686b06976319c0a06c1943c5e55de2f1ebc9ff2f3fd75518ebd0bfbb82806

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                  Filesize

                  140KB

                  MD5

                  5cccb154ef2b8c031dc61bcba2127a51

                  SHA1

                  400cd0f78bef7be209587e461d8698a8d9e39e29

                  SHA256

                  f98c03af0d14f21bfcad5e2dc40157fd67efe76877f59a13556ca6c1988d250a

                  SHA512

                  4b48fecfca871c7f0a1753a5c3048fd2bb47dfc5320782133b72f3ed348abf88e11f41b9598ecdb7c089d033ca690c569ff491b914f0a0e847dccef0ff0e688c

                • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest8504593253935541932949184316892795870-journal

                  Filesize

                  512B

                  MD5

                  da428477bed84ee132a4797369cb12f3

                  SHA1

                  cd8270e8b250093618d50609e8484896d2f065ca

                  SHA256

                  4c88e616df5ddef1ca26dc24996463558d897de427f5ef778b4c982d964a7212

                  SHA512

                  224bb123a8e15c2ca69e4bc1fb563efb915a168b863b67271ce6a434421da24913b554ccc77cbe9ef5564f08b0c26044bca936c44ec66010d3d62fc12f6719f7

                • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest8504593253935541932949184316892795870-wal

                  Filesize

                  48KB

                  MD5

                  b6e9e1c5314962810345b4e812e2cf0e

                  SHA1

                  b5198458d7a52c59e6b3dc5151aa50aeeecdbf97

                  SHA256

                  c44fbb1f3a65d14c10a7a8795fe3f3a4702ca414bcd2d6f620e78bb3f9d9c7b9

                  SHA512

                  77caf89e684f567f9b0a9b1fc8e67c12f298633b63842a4892fb15efc4d3cf9e505f5a0c402826ca0ecf563997bfba10ab42b0a333ca916f52651b431e5d1575

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  36KB

                  MD5

                  0adda9c85a5e4808f5b1b74c0a8591a5

                  SHA1

                  5048107883ab1e345af9cf2e6849ce46e0e612bf

                  SHA256

                  1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

                  SHA512

                  646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  24KB

                  MD5

                  531ed12b720688c0b86f58c04355da33

                  SHA1

                  9ac899257f9d79dd547869adb10b4e94b18b912a

                  SHA256

                  585637de7e24f0bea14cbfa9002eacf6cac363a366b4922b2da8ae13e637cde4

                  SHA512

                  692e0f20a61494417b6603fc1a29eb910f916b56850bc35708aac2c890440ed9d5ede0c01e0e8e134c7575dee74b2f1b524f194a64ceaef4bb09ffb4f5fc587f

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  d0e3268c6734aef46d05758845a6fd7b

                  SHA1

                  fc1d94b87e2b748d8616325ef06ac7a4c96f7dfe

                  SHA256

                  d7fa94f70d085eeb15f5bfbd2d2e286a85ca4adb5a53858886179b148e8ed16c

                  SHA512

                  5dedc4135e72419b028566a5b6a9ca402336410b8b2ab4976eb70867f2cb090c899b4b9fa8174dd59dc59618381f8378c6e676a95b56c98c1cbe04f14928c0ba

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  fa0cc5b4e0d85768aa8cb2f3f0cf1db0

                  SHA1

                  1b9abef6b61e1f427dbc69dd8468f33d0655f713

                  SHA256

                  17c2fb7459a21cd66f4c3bb191daf8e4ec569a5aa30a254ca0d16aa96a907e32

                  SHA512

                  5b3f3aff529972963decee299e1db72053ae25b795f7118323efa3b8b52f8df7f10796e6866711b249c3b511535fcea7e635e49ec078725a90213fb662bc84db

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  055b750ff6e9fdb1ae833fffc3a302d1

                  SHA1

                  97bfb69dd0d4afee87b501e8fe0d21fa9618efd4

                  SHA256

                  9424111e537eda72168b071e85842d8d1cf581f067eb974dfd8b27950a165b30

                  SHA512

                  6637acdbf4deeb7d0e63da5518d76672336c4ac4902464d2acbbe977388ab2cbf8a1d97446f9fa1c887b86a61e1e8a7d8e253352b48d0431e9e24f740e5976cd

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  cf5038071630eb518822f4ca426aa2c0

                  SHA1

                  5f3f0da46b2143053d2d7d57cc48e62fddc0690f

                  SHA256

                  7aaf9d93628ae78ac23fe45cb8f8096103dc2c620d6a51e002d30f6eec6fb94f

                  SHA512

                  17e83bb71e392603a3b845efdd8e22af36215ab04f844d3708edee8a9d995e03111476479f15b93c9f34c348b2e916a12e4508c31eba7fb7ee5d131e100f2b27

                • /data/data/com.xgbuy.xg/databases/ua.db-journal

                  Filesize

                  512B

                  MD5

                  63e7365f360637996fb8cf391a8ca57e

                  SHA1

                  6eac45216c39ce2292ec175485be1d05c736d953

                  SHA256

                  847f9b174ce4abc60382c5ad5f9d8adf729160bfda40497b052cb4a68b1c7fe5

                  SHA512

                  1f606e5e47372c71189874732db9b2e602e29d234ef74f75be94c0ff358221f3e5652ba8e27ec2a044353ba5ab8ccf9edfd9dd75f6e21533d00a44a8f9987cd6

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  48KB

                  MD5

                  2e3069c10dc3ec2a8be5328c4ce7f94a

                  SHA1

                  c3fd67ac280a9cb7117d776cbc9727bfc7ead929

                  SHA256

                  4e1b1940174c1bce732452cb060473eef7643c6c9d7f13f8aeb386d8b94e7e96

                  SHA512

                  98b2b4e87efcb43f91ea79d4b7feb3bbc71842f52f79d87198826598e2abf84f34be9efdebbdc85b4627600f01d3a61dce33b1db387ab2d43f2e850a503ec607

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  12KB

                  MD5

                  5eec660974affe205c728d467b5fe783

                  SHA1

                  1d4a977927610f41d3b5e29a1acdef353a4848ba

                  SHA256

                  5b74e086ebe325c5d4c47bbf1940d439fc75e9ee55fed62feb2e2029b1c5d3c5

                  SHA512

                  e7b748ef714fde31be46376475958700b1c1fbdb3ce21c89d21d1c0014a21524f7aa794feb11d19734710721fa78a4962afdd75b526eb2baf8ea46e3901992ad

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  8fa202df8f9c32030bf0dd133015050d

                  SHA1

                  0e7981936af11ab51ff0c94aba75458e0df76f35

                  SHA256

                  30cc83932a53e7ca8072caa8492c1d688531c39feb388b340cf9cc20e57c2370

                  SHA512

                  b659851e091eb6745bddb0de30a43aa293d5fd7d94d92c54a1497f08cb81d68817c0e215e99c686b11826984d0948c6da9a679609a462e37a02ea3830e0d2637

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  66672863f937a2eb2a758b6c613aaaa9

                  SHA1

                  3e5c4e0d2d8439f70d716212f6074a7102f59362

                  SHA256

                  1e944c84af6fca78691cc75e1aba247fb3b2e32e45b6ba5f2f8650d9f502828f

                  SHA512

                  629c80b44d6c72e4617a6284d08c7a337b41611ba6599e5a3af5b43aa6f7ce3ebd9ad5f9e7a69393c2d1b2a512ff6218a5eb92a95f047dec025e4bc063c13b80

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  939d74e87c21e294531cc5e06692659a

                  SHA1

                  27cc7d415fe0f2f2e188c957db556164a255a7a6

                  SHA256

                  be296bfdc71bb7d765cbfc13286bd86e5b844d23841232da3cbc695cfec21117

                  SHA512

                  0f1ae26e654527e0207f204de7ff3da035fca664eda0120e09901ef6a1b8200cd90bf9970827f074a1320c42d8593d3503965ea227f848f5ee53b6bd76d45156

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  7ae18ff9aa431982b7bd9de1ec44e407

                  SHA1

                  4d1683a91385b0434ddea8dc032acdfb3f91be6d

                  SHA256

                  e388576b6abc29e822054b4837baae30b82eb1290bea4a5662adb94add927891

                  SHA512

                  fd0441eaec81fd79ae0f2ba5a45c246653f011423f376e580a4b72d9d70dd796199f80c39cab47c25a8e200fab9cac54f166f0a053fca5d996a46f457eecbca5

                • /data/data/com.xgbuy.xg/databases/xinggou

                  Filesize

                  4KB

                  MD5

                  f2b4b0190b9f384ca885f0c8c9b14700

                  SHA1

                  934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                  SHA256

                  0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                  SHA512

                  ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                • /data/data/com.xgbuy.xg/databases/xinggou-journal

                  Filesize

                  512B

                  MD5

                  5ebb3a576f0ca68371d7c432eb466d9e

                  SHA1

                  92908ca21316d4adcb458d4ebf5d4bb32c611578

                  SHA256

                  a6a125b3c4c9a331a481823e2be67ffee01bdcef3483fcc2adf0b45e6f0dcde7

                  SHA512

                  1c313ba76c2a7a8ddc9aaacf6dc36e81a3e44039e666513f4ce1ad0774ea34e99760827f6b215f70f4320f02be99c8af4c1c0ea97d28a36236393fc6a2be1907

                • /data/data/com.xgbuy.xg/databases/xinggou-shm

                  Filesize

                  32KB

                  MD5

                  bb7df04e1b0a2570657527a7e108ae23

                  SHA1

                  5188431849b4613152fd7bdba6a3ff0a4fd6424b

                  SHA256

                  c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                  SHA512

                  768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

                • /data/data/com.xgbuy.xg/databases/xinggou-wal

                  Filesize

                  120KB

                  MD5

                  f2ca5aafed69d7ea6fef2923d573b1f3

                  SHA1

                  f8d5035136a575cb7c6315feec7f0569ab265a26

                  SHA256

                  63d330a0b200587b62661da45c5207076e372c343c28e2e873eae4479d789f99

                  SHA512

                  ec4bdc1913995bef2b2d3400222c6101e0312c2330c0ad141b5e20869842775d7d6bb27946093698ddf340fdaef4ed5b431f46501f923aea692dce296f78de8d

                • /data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.5.0_1718189115873_envelope.log

                  Filesize

                  1KB

                  MD5

                  f78dbb7f62c841c127c8d5e9edf97995

                  SHA1

                  af61e515682ec279a3bc07e2ce638d7683aa76d0

                  SHA256

                  837a2fefd1e8c5efcea6a7eba37fe612ae0e2282a26d069a021c839323a869a5

                  SHA512

                  a5eede4b832fcb5213270dd6b82974e26cee3d5a0b836779e2a8b4b38f78201786a8d889c394ca5dc6cdc6977a47b0ab5f4b059ddd855e0a11e55736158564e5

                • /data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.5.0_1718189112203_envelope.log

                  Filesize

                  2KB

                  MD5

                  a9f302b8aa2f06dcc1706eda6f01f860

                  SHA1

                  ac10ce92e5d1e26dac06440782eadbee06fdeb5c

                  SHA256

                  0b22c1ceef894796a0eb3b028778fcf770f19393e7884956476e551d4820350b

                  SHA512

                  a980e15bee1ed91a974971c7075fc912db05904a310e2dd432c6d7dceef5a80f68af1b7f38989582bc27338424530c81de70bbde6b18249b0551e06a7471e52f

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  66B

                  MD5

                  08402591a5b4057a425d2cede4801eb7

                  SHA1

                  7304da68e97c6907ebadad9ef956f3cf70df568f

                  SHA256

                  b87ebd0db6499261ebcac217d6f52e505a28c5ce07f94b63122ad090f3e7bdf4

                  SHA512

                  32cf61a4d1c054a053484ddff27e4b215c77989b2ef5ac445991b40618c786374228aa64afa972dc9b4fd0eeacdbf9a47500b0e45b4c23aee3b3e02bff71fd09

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  40B

                  MD5

                  81024874f926b0c0c9e613997c9370b1

                  SHA1

                  a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

                  SHA256

                  da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

                  SHA512

                  8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  0ea5d767d0b4d3b587899796ba0e7d6d

                  SHA1

                  c74f77113c4c0336fef52a76ca27b0fcffa75947

                  SHA256

                  30486fe2a0821d6ecd250b75346a08fb8b7990639c7a67a06f3b79cd3e65aef2

                  SHA512

                  590e7e869bf3141da161a22c6d6bf1aed06cabcd05d3939cd79916e7f483b438226570ccb11cbd17a82f887d52fc3748cbef658158a96b458b99a8ca2391ae75

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  1067e756734053e21828b8a98a6c9f87

                  SHA1

                  72a664630ba19d8ab7be9176c6f28632d74b0f53

                  SHA256

                  0b70209eee76edb08fda0e14cdbab1b763c33b40e38c4a0d00ead0a6dd949c54

                  SHA512

                  f16705d28fa11b94a2cfeba8a0bf840be4ab7644736f68122603d95d2eb75fb373c6be227a4f31db9056fbafda7649f40b6286f0d79886fbebbe0a94aa20c250

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ic

                  Filesize

                  40B

                  MD5

                  1bd86b90e1b355f123e5ce8c93c3de53

                  SHA1

                  bee5683d6124650c8be0b3740ad66e771f29b178

                  SHA256

                  3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152

                  SHA512

                  6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

                  Filesize

                  314B

                  MD5

                  dfbd5b5b07e175dca984b3e64bf3f9a6

                  SHA1

                  1e821e623a9ff92fb57b46e22206abf8fc871e74

                  SHA256

                  9782ee10a2f9c2bd4e950916afdb7662cf933ae3265e74a1ba0e22c2d86e725f

                  SHA512

                  12bef123a4d823328605600a7713baa4e376ae22009621a11679caacf838a6c45555f04be59f311b8fb308aa7774d6faa95aaf10f24ce5d5324292f76fb2115a

                • /data/data/com.xgbuy.xg/files/.jiagu.lock

                  Filesize

                  27B

                  MD5

                  ed5853fdc1a4e098fac7419ce4d10c4e

                  SHA1

                  b2c872497d7c47d6741af1a41de031ac0bcfb055

                  SHA256

                  a0d432e637dda8670d84203dc9c5fec338b8925fecd3ee9138fc95de3f15de4d

                  SHA512

                  b3113390022ae779883fa4947f7b9277c1dae95926f8b489d38cc08a22d2b6c9b960692497f1997329df06a5bc433e25dfe3c3e5555e33247875383d1a7a4478

                • /data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json

                  Filesize

                  162B

                  MD5

                  597dcc44252bbff6c23774e2f987d4bf

                  SHA1

                  4b16f97d36ef89f6500f53d7f0c6fd9875d1e2b5

                  SHA256

                  9f590418ef2a37a534ba529100a5a8908aa8b2b45f6524b4e64f97d391b20a4e

                  SHA512

                  9469ed2da926a5f49664bef0832941d2e29a3703f025a538513f68cbc09a02372000607a66a6e74a620302a9de24a6962863ada125d0c4260d7160c15eac5058

                • /data/data/com.xgbuy.xg/files/Mob/mob_commons_1

                  Filesize

                  2B

                  MD5

                  99914b932bd37a50b983c5e7c90ae93b

                  SHA1

                  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                  SHA256

                  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                  SHA512

                  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  23B

                  MD5

                  8e24e79baab91c4d0604eaa9006a0cb3

                  SHA1

                  e427afc94a4b957a7096f73e395a10ea404c076b

                  SHA256

                  65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

                  SHA512

                  45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  62B

                  MD5

                  4ccb12f8bad5b96a4ba4b5333c62cccc

                  SHA1

                  caf37342b4ac55409cb4dc2bca66466be519d660

                  SHA256

                  89cc494557c9ecc912dbb69ca87474a4d59d0d227fd039552ae9e542c87f5117

                  SHA512

                  966d10e5a595c20a35341127f2335589446e23740173d2dc5ea323bdfa2e37fe4341eedcdb101fca7f7b806d09eca7a9d79c7ef5fc82d104b70050e48b777f65

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  86B

                  MD5

                  04b692b9d21f9cc74a96a640c7364e21

                  SHA1

                  94fddd4df1c1187c2364d6e9f9d91eccb20bd6c5

                  SHA256

                  43b1a2a48608b51aa666f802ca21a5fe84dd818ec5a1e1272c05a42abc835601

                  SHA512

                  e5d4d18a96fd039ea744f324bb392c0ac1d5db68777315fde5b1281d83c85ba8ee1ab065419be9d83f31a3a1c114417bf6c662e58eae5878129faa9cbc30624d

                • /data/data/com.xgbuy.xg/files/exid.dat

                  Filesize

                  62B

                  MD5

                  716a98891db9837369c09b960e444622

                  SHA1

                  62c330372b85481fc75fa74831c0d7995616d40f

                  SHA256

                  b3761a7ab2b05cf8d2ae0c014edbb2ee5cbb2cfa0dcd4da7018e3524c58a1c8d

                  SHA512

                  f7476894750f995a2d9ffafd2c929d48e46dbb12c2c43a91299f98078da613872a1c79148e45e86b9fe42767c11011ea1a5c6dc80f7653d7b83033bc745c013f

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  131B

                  MD5

                  6e638108829fc9d7d87383dd5254b844

                  SHA1

                  4b5a1755d9bb51d74b93a58c0fb94450944eb70e

                  SHA256

                  5e19f58199c923be40f386a034276017d1608a5fe24a57dc2b573c87439bcf44

                  SHA512

                  8c0288f49eb205aabe75e5db7f4c0dc67694ae80ca80b614d1592feed2ba148b777ac94d60addab76a07df092cc66590c9dbe8987e7b42d639808d9d90c9eade

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  177B

                  MD5

                  d105b7250533cb234c2ece45ee1c4dae

                  SHA1

                  2c0b136645178e2fa7dc9b454339227b372ccdc3

                  SHA256

                  e9f5f5f746f1ca369598aeef432b3cc73faa1b1c5f35c4335d81f87e035e535d

                  SHA512

                  5f0a48b99d78ca3ee3fff9592e5c0047475a99d116c836771d417b5e4fb358613be8951775ace85582c8afe16280db62f251247289339c514fdeeff3ba3fe909

                • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTg5MTA4NjMw

                  Filesize

                  1KB

                  MD5

                  2f065a4ccdd8c46516eebd5a795c7f86

                  SHA1

                  1ea3cad9929251420af512dc05bd7b02e4fc867a

                  SHA256

                  86f7b62068315db5a54c7721693a17bda1a71d6874685d62c94fe91d5d01422e

                  SHA512

                  47b52e7f27b940af3967c8efa2ee4911750a0ee9f9115c2c9b288b3a0e2d00190ad5020c0ae3da204b989772990ddd2e48df74b8475c40fde9bb6e7d067dac3e

                • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTg5MTQyMjgw

                  Filesize

                  1KB

                  MD5

                  f4d5544099f4e92bc156dc0e7dda664d

                  SHA1

                  cf6ad91ceaeee6cde0dee61f9d6e5df9c25bab97

                  SHA256

                  de207fd625a1e7c582114c8b61d3da9be5eb827a452df0c4d4055f531ee32952

                  SHA512

                  dc976d33541f9b547c82bbfa794f477f11b2b85af2a3aac238de9e216ec2db747f3a026de9902f0a91f1e73ee76c9c5e6c861fdc7ef2e05153d4ce488a261d84

                • /data/data/com.xgbuy.xg/files/umeng_it.cache

                  Filesize

                  415B

                  MD5

                  c48aaf040f3d3bc26a1fb7db14fdffd5

                  SHA1

                  1f8195eeecd7a4f45104120dd15e6f27ddece6cd

                  SHA256

                  cff8229c77efc6491f3beb7e5c0bb124ae9236adb0e87692bb4b7698607ee1b1

                  SHA512

                  c6f06d614fd091cea395faeda55d24f4d2d2e0a5457f7a69d197444a8169209ee74ffb77e4b07cd33597cb7ab4e0bb701c4d196f22e16798953c1af63cfbf014

                • /storage/emulated/0/360/.deviceId

                  Filesize

                  48B

                  MD5

                  1d8d16c4e3b19ebf18988530d9b9a757

                  SHA1

                  bc94c1cce05cd848a53271ecb9c5311e27ffebf5

                  SHA256

                  abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

                  SHA512

                  4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

                • /storage/emulated/0/360/.iddata

                  Filesize

                  32B

                  MD5

                  b0f92190d0288550093ff4222e616ef4

                  SHA1

                  135695d21898345cd27a2be5212e46a019492a37

                  SHA256

                  49b24a748aa4dcf023a6ff9ad3a31349437094efafe7f8cc6b16f8041523f774

                  SHA512

                  7cf5a8e2047b11ab94fc88f77034ae605fd7bfde2b592f3a24425d5687d0493e00be854f28d72f0ef0d993e0f0fbe16fc4bd3354ed76be9fb01f1af27c1e2933

                • /storage/emulated/0/Mob/.slw

                  Filesize

                  66B

                  MD5

                  19402718bfb1c685a726b4e1d846ad98

                  SHA1

                  02a7e30044a67085f2f1da24e16e4ecfede65b72

                  SHA256

                  079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

                  SHA512

                  25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

                • /storage/emulated/0/Mob/comm/.di

                  Filesize

                  57B

                  MD5

                  acc2a2f5cb76c41d2e97e0d409b53bdd

                  SHA1

                  ed06f22ff10e0912f50d53bc775ed2ae70f85d5a

                  SHA256

                  12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448

                  SHA512

                  faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419

                • /storage/emulated/0/data/.push_deviceid

                  Filesize

                  32B

                  MD5

                  ea4407b6c02bcaf6e8dc6cd98aafd1eb

                  SHA1

                  f0761aa52747da24099f6084516ec60eac949b8c

                  SHA256

                  57ea819d0897c06ae04bc18b639e64cb32dd5057017d1d53005c66a80ffb63ed

                  SHA512

                  cc43b1a43c760718490afeb9aa6d5f9f683a209e7febc198a6f9b5026cb0c392cefb15919eede34207d440a5553ba603b57dfab3c6d23574718304a975f04fc1