Analysis Overview
SHA256
7a406028ce4dadff38a56379e12a7f63c221178277749d9bb2520fde8e04e330
Threat Level: Likely malicious
The file a05f41f3d798fbb0a4026bfc1abcd9fd_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Checks Android system properties for emulator presence.
Checks Qemu related system properties.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests cell location
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Queries information about active data network
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 10:44
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 10:44
Reported
2024-06-12 10:47
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
185s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.serialno | N/A | N/A |
| Accessed system property | key: ro.bootloader | N/A | N/A |
| Accessed system property | key: ro.bootmode | N/A | N/A |
| Accessed system property | key: ro.hardware | N/A | N/A |
| Accessed system property | key: ro.product.device | N/A | N/A |
| Accessed system property | key: ro.product.model | N/A | N/A |
| Accessed system property | key: ro.product.name | N/A | N/A |
Checks Qemu related system properties.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.kernel.qemu.gles | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu | N/A | N/A |
| Accessed system property | key: init.svc.qemud | N/A | N/A |
| Accessed system property | key: init.svc.qemu-props | N/A | N/A |
| Accessed system property | key: qemu.hw.mainkeys | N/A | N/A |
| Accessed system property | key: qemu.sf.fake_camera | N/A | N/A |
| Accessed system property | key: ro.kernel.android.qemud | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
com.xgbuy.xg:pushcore
cat /sys/class/net/wlan0/address
/system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
sh -c ps
ps
ps daemonsu
ps | grep su
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 139.159.137.254:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 139.159.137.254:19000 | s.jpush.cn | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.92.70.140:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.92.70.140:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 139.159.137.254:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | e5a53000766ebc433b27d6a66ec4f555 |
| SHA1 | 2c8f53f1c03aec2005bcad67d731f07261dabde0 |
| SHA256 | 78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e |
| SHA512 | 370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 7c17366a8785c78be60ad22700e831a6 |
| SHA1 | df18773978ef0fd306f7692b1c68fbeaf006ba6b |
| SHA256 | b1db2ad411bb5b6bd2df10ebf92f30e0ecd691fc63a06a6b26d713d3ae5e075c |
| SHA512 | 78f586522675ad57f799f5d140b89280dbb6d1661e594c1d59f57148f658914d17b2e93d066f32492449ec27f19436a4860ebef43d028c9721e99b357d0cb771 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 63489f8ffc4c23ff337d45cb8346f966 |
| SHA1 | 22d215c56a5a20cd554eedcd1bc23154f5cf844a |
| SHA256 | 645251fb0c5def1ae81713dbbba3d23e471eca87bcf73cefce9e32c256c9a9a5 |
| SHA512 | 73099e94ef1d7798248decec3527402d61bf62b2aa7c39645b1d557fbbd4a07cc65e302dd08e79052652511abb76b35a749dffbc4fd34df070926f349186cccf |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | a4cb96ae304b9c8463e5d2d6b61bc25f |
| SHA1 | e40d7603620bb6685248b468487776ea7169a4ff |
| SHA256 | b05bb83f8406984872b617c85b0b50a716c1b1baa1f5617524f3cc3f53dbd182 |
| SHA512 | 9571da0805c8c8f3dfabe30d908797b5b03a2529de9d72eab6a859a44e121b8bd11797a47bc8a2ca49929601dea6b70ed07859e4eb2ac65855930c11a4edf489 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | bf5b40b5d4157a240dc5677f9012850b |
| SHA1 | f7c8627ce6368fd6b6b29fce0e1cb7e1b3950043 |
| SHA256 | b163747ba703216a09be9cfe163dd8a8cb6ce7853a48a686b4d8a0a904c5aa61 |
| SHA512 | aad9d3532a4672dc56ef9bd828e825b2d08eea26126fac7ef7e8a850e772fc6651bb64005bdac7aaf5a4294c33f8720d6106ca5df58a14fdc13dba2f17bed493 |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | dfbd5b5b07e175dca984b3e64bf3f9a6 |
| SHA1 | 1e821e623a9ff92fb57b46e22206abf8fc871e74 |
| SHA256 | 9782ee10a2f9c2bd4e950916afdb7662cf933ae3265e74a1ba0e22c2d86e725f |
| SHA512 | 12bef123a4d823328605600a7713baa4e376ae22009621a11679caacf838a6c45555f04be59f311b8fb308aa7774d6faa95aaf10f24ce5d5324292f76fb2115a |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | ed5853fdc1a4e098fac7419ce4d10c4e |
| SHA1 | b2c872497d7c47d6741af1a41de031ac0bcfb055 |
| SHA256 | a0d432e637dda8670d84203dc9c5fec338b8925fecd3ee9138fc95de3f15de4d |
| SHA512 | b3113390022ae779883fa4947f7b9277c1dae95926f8b489d38cc08a22d2b6c9b960692497f1997329df06a5bc433e25dfe3c3e5555e33247875383d1a7a4478 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 08402591a5b4057a425d2cede4801eb7 |
| SHA1 | 7304da68e97c6907ebadad9ef956f3cf70df568f |
| SHA256 | b87ebd0db6499261ebcac217d6f52e505a28c5ce07f94b63122ad090f3e7bdf4 |
| SHA512 | 32cf61a4d1c054a053484ddff27e4b215c77989b2ef5ac445991b40618c786374228aa64afa972dc9b4fd0eeacdbf9a47500b0e45b4c23aee3b3e02bff71fd09 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 0ea5d767d0b4d3b587899796ba0e7d6d |
| SHA1 | c74f77113c4c0336fef52a76ca27b0fcffa75947 |
| SHA256 | 30486fe2a0821d6ecd250b75346a08fb8b7990639c7a67a06f3b79cd3e65aef2 |
| SHA512 | 590e7e869bf3141da161a22c6d6bf1aed06cabcd05d3939cd79916e7f483b438226570ccb11cbd17a82f887d52fc3748cbef658158a96b458b99a8ca2391ae75 |
/storage/emulated/0/360/.iddata
| MD5 | b0f92190d0288550093ff4222e616ef4 |
| SHA1 | 135695d21898345cd27a2be5212e46a019492a37 |
| SHA256 | 49b24a748aa4dcf023a6ff9ad3a31349437094efafe7f8cc6b16f8041523f774 |
| SHA512 | 7cf5a8e2047b11ab94fc88f77034ae605fd7bfde2b592f3a24425d5687d0493e00be854f28d72f0ef0d993e0f0fbe16fc4bd3354ed76be9fb01f1af27c1e2933 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | acc2a2f5cb76c41d2e97e0d409b53bdd |
| SHA1 | ed06f22ff10e0912f50d53bc775ed2ae70f85d5a |
| SHA256 | 12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448 |
| SHA512 | faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419 |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 5ebb3a576f0ca68371d7c432eb466d9e |
| SHA1 | 92908ca21316d4adcb458d4ebf5d4bb32c611578 |
| SHA256 | a6a125b3c4c9a331a481823e2be67ffee01bdcef3483fcc2adf0b45e6f0dcde7 |
| SHA512 | 1c313ba76c2a7a8ddc9aaacf6dc36e81a3e44039e666513f4ce1ad0774ea34e99760827f6b215f70f4320f02be99c8af4c1c0ea97d28a36236393fc6a2be1907 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | f2ca5aafed69d7ea6fef2923d573b1f3 |
| SHA1 | f8d5035136a575cb7c6315feec7f0569ab265a26 |
| SHA256 | 63d330a0b200587b62661da45c5207076e372c343c28e2e873eae4479d789f99 |
| SHA512 | ec4bdc1913995bef2b2d3400222c6101e0312c2330c0ad141b5e20869842775d7d6bb27946093698ddf340fdaef4ed5b431f46501f923aea692dce296f78de8d |
/storage/emulated/0/data/.push_deviceid
| MD5 | ea4407b6c02bcaf6e8dc6cd98aafd1eb |
| SHA1 | f0761aa52747da24099f6084516ec60eac949b8c |
| SHA256 | 57ea819d0897c06ae04bc18b639e64cb32dd5057017d1d53005c66a80ffb63ed |
| SHA512 | cc43b1a43c760718490afeb9aa6d5f9f683a209e7febc198a6f9b5026cb0c392cefb15919eede34207d440a5553ba603b57dfab3c6d23574718304a975f04fc1 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | e32eb9ed103d2f1063cb2ea3fbea392d |
| SHA1 | 753ba873574beabe8d0767db8e05631c3d3e6a03 |
| SHA256 | 00122573aa12b5539da684449307155305222dc72621227892f05ab9158c7b4f |
| SHA512 | 082f6817ab742d8501f92bb2229a340768e41c699169c5243c5a398be8a76d49817c07dcce231bc2bd55540dd3dfe8f6d7b4283b8fe44ba109c83e3359d98837 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/a8eb51b76e7536e3ab796b3600ae0d235290126b48333a6fc140d3836facb54a.0.tmp
| MD5 | 66c0c680753df4ee0641951b8cb1d613 |
| SHA1 | 9573fb478fdd97f871e9019c3b88f27adb879a29 |
| SHA256 | 97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b |
| SHA512 | 0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | c48aaf040f3d3bc26a1fb7db14fdffd5 |
| SHA1 | 1f8195eeecd7a4f45104120dd15e6f27ddece6cd |
| SHA256 | cff8229c77efc6491f3beb7e5c0bb124ae9236adb0e87692bb4b7698607ee1b1 |
| SHA512 | c6f06d614fd091cea395faeda55d24f4d2d2e0a5457f7a69d197444a8169209ee74ffb77e4b07cd33597cb7ab4e0bb701c4d196f22e16798953c1af63cfbf014 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTg5MTA4NjMw
| MD5 | 2f065a4ccdd8c46516eebd5a795c7f86 |
| SHA1 | 1ea3cad9929251420af512dc05bd7b02e4fc867a |
| SHA256 | 86f7b62068315db5a54c7721693a17bda1a71d6874685d62c94fe91d5d01422e |
| SHA512 | 47b52e7f27b940af3967c8efa2ee4911750a0ee9f9115c2c9b288b3a0e2d00190ad5020c0ae3da204b989772990ddd2e48df74b8475c40fde9bb6e7d067dac3e |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 6e638108829fc9d7d87383dd5254b844 |
| SHA1 | 4b5a1755d9bb51d74b93a58c0fb94450944eb70e |
| SHA256 | 5e19f58199c923be40f386a034276017d1608a5fe24a57dc2b573c87439bcf44 |
| SHA512 | 8c0288f49eb205aabe75e5db7f4c0dc67694ae80ca80b614d1592feed2ba148b777ac94d60addab76a07df092cc66590c9dbe8987e7b42d639808d9d90c9eade |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest8504593253935541932949184316892795870-journal
| MD5 | da428477bed84ee132a4797369cb12f3 |
| SHA1 | cd8270e8b250093618d50609e8484896d2f065ca |
| SHA256 | 4c88e616df5ddef1ca26dc24996463558d897de427f5ef778b4c982d964a7212 |
| SHA512 | 224bb123a8e15c2ca69e4bc1fb563efb915a168b863b67271ce6a434421da24913b554ccc77cbe9ef5564f08b0c26044bca936c44ec66010d3d62fc12f6719f7 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest8504593253935541932949184316892795870-wal
| MD5 | b6e9e1c5314962810345b4e812e2cf0e |
| SHA1 | b5198458d7a52c59e6b3dc5151aa50aeeecdbf97 |
| SHA256 | c44fbb1f3a65d14c10a7a8795fe3f3a4702ca414bcd2d6f620e78bb3f9d9c7b9 |
| SHA512 | 77caf89e684f567f9b0a9b1fc8e67c12f298633b63842a4892fb15efc4d3cf9e505f5a0c402826ca0ecf563997bfba10ab42b0a333ca916f52651b431e5d1575 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 7be818d12347e5d0e5b10044b60dff53 |
| SHA1 | 34f8635b2fefa252a33596575d678e1d15fedb34 |
| SHA256 | 568505400f1ce363eba9da99c031d95df9c5d30756b8f74204dd401c0dabf7f5 |
| SHA512 | 58c5becbd43a2dcaf6e2da355cea6106c2a8671dc39d450773627f0c19c6bd6c41f0fe89a64fab5ef8e155b37a3b29dd224816cec756a0fea5a18bc769e5a5a7 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 5e818823f78be14d74c2d7ab08e6cf01 |
| SHA1 | 7271f6ca0457edfefcbaf8f8452e8a7e429d49fc |
| SHA256 | 4aa0307c94a641590a49eb49695bc87b584cb661784a170f2ea46da888036f25 |
| SHA512 | fb8e0aec945fd64daf68b311792a296df945fd1a95dfd657ecc09320279cc4c08c3f5f9ae0affbe3295c983d5a093a84094d7742edae5b5c9de77da483f62498 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | a4b3434a745554f599eaf1387aed80b9 |
| SHA1 | 3b433ce6f7a41a78af6cc254ce2774d30d3790a3 |
| SHA256 | 3ccd2b9228938d62866962dae4eec08c0e4f5428bb7677c4af5a6505cae7116e |
| SHA512 | 1eed84334db5d6118de3497b21e875e821a932cccd4a47566a36af6006ff6b8820d9cdfaebf5f86f750965164de4cc13b5d2d65feac9f244071973020f8a2330 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | baaff27fbd3de94c06645bf31b1779f9 |
| SHA1 | f2b619a79e9715f91406f86ded30aae5cc912eb8 |
| SHA256 | 69a0b8bc90f3cbb9c77c44fa22c256ac181976694a614f3d281c8a5b69bb7eaf |
| SHA512 | 19a87c423ba7ea1610ceb7874d1d5921b255302e6457bf346f83c4e4180d9285e023b2e5a3bb21f0d1b105e6f70b5ff7e59e4ba2293c279946c315346c51bc91 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | b714db3646420856fcc8c1a5576cbc07 |
| SHA1 | e34ee05219d0a68d0409cc4c92b437225a5cc45f |
| SHA256 | 9ab1a275f0b554f2c88e2e2ee655bcc38ff72a88914d1d6509bc5cd4a912b535 |
| SHA512 | fd4beea42d6a3bdf92d67133affd6ec111e70c68183799e653e04a3b4a6a1cc727e1cb0852e80a131974a42b773c0963900f66e7dd29310a3403d5a1e9108e66 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 53dd5e0889b58026ee19e0ed3b6b39e0 |
| SHA1 | b3b66d223f271dc9b9393672951f6c33743fa384 |
| SHA256 | 4e4a210db229c718792727619734ed4ee46d76009d74775900fdc5a95f029967 |
| SHA512 | 2f07d17944e99b951f1283527b9e7039c658c8fc0a45084d625214798ab6eef2aafea016348d3e5fb4c53319a50c1a535655beb82d9253a7526c9236f3f6a19b |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 0fdda69de189b2b762214eb67ef62fd0 |
| SHA1 | c52c1b5362f59f6aeb4ef4cbd6c9f9d01bbf877a |
| SHA256 | 05ef5749e698c789cfb4ce6f0266ad6acf1bfa581e3a25ad8bb38fdf21207bfd |
| SHA512 | 6e8e54b1f1ecfdcbeacb03b221dab6b9b487bf81eb3c1529a5c482b985f2942553680ca3444a5bab27483968b7e481f86782c685d0d74fe88308936c29481d90 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | b0de32d536c2ae46e9f45cb815edbcdb |
| SHA1 | 1fe550602bb17130929457053e6543d5e21eb4b1 |
| SHA256 | 54681f614db29241853521f35abb544025aa0db3f7bfd51d3613c4d1ac7efc7a |
| SHA512 | 69822d26d130d0652c7eb527a3f3700213e85ec1785863ed10c4455f6897b1e47a24d53f14a163d2580d8ecade661371b88b3cf6412f8a29195daecef5acdb17 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 1983da5b778dcfda0613f294f2a1933b |
| SHA1 | edf743b280564cf14c35dcd7bb022fc4d41a4502 |
| SHA256 | 02dd5587df0cb9c3d286ee56bb67f2949b6b381365094d092e685f24655d8207 |
| SHA512 | f622c481731551e932e8d25f4971a1f1c76023bfc257861a4e4ce18761baaf3135e2fc7a9c5e7df5ddb7c4c8bf4e953fa8ed7cda418bb5bbdc716471c658d59f |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 75c59b24ef62fb0e7ebc7358fe975786 |
| SHA1 | edd54a37951ed8ea8de3c314db822b5fa5e6fb84 |
| SHA256 | b1dc54d77d9dedd68f680803d1ffebf85205ac18e395a98804c2af8a2d8231f1 |
| SHA512 | c2863cb2dd1814c74d793f06782b287dfaf879bc81570ce5c005d2713b1b2e8372c5bd7014280ebc7e0771c17d90c38238cc318fbcf41f8586cdf2206e56c26c |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | df2a2c48ce8b7d16dc1f9dbd5085f805 |
| SHA1 | 62bf88b284d3659cc6a736da73f2f211813d0118 |
| SHA256 | 146b46879faa61401634e6490c18dfa79bd3f52331c1db50228c8e9213997b17 |
| SHA512 | a38862668ef2ffef44f45a7f890b234aeda2bc627d821aa5e178e3c2c5296bbca57f271b76347ef0e2450e4a74fc53ab0e3e1f795a824c4981591aeec473d39d |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 668aded2352d7d1073af09f696adcb37 |
| SHA1 | fa0871c310cacc9f042371a274b66201c8463c40 |
| SHA256 | 10a9e327888f0a31ba9d46d1e94213ffef35fe0b8753d41cab5dbc728fe213d7 |
| SHA512 | 148c767d2eaa49a115f614dc668b35e655ed4179285e6e80369b71986323722ff421bcb214a95fdde43934899a1c7186cf1fef61d7af99442e946b3197cb6ec7 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 2e6ac6e8781f70fc56284c9eb741340b |
| SHA1 | 38e8182b3cfc7f9c172ce20b6b559ca7f2a5682c |
| SHA256 | 05759f0eeabccd645142b3991ec16da670ea779584bda1386726a0d17abda714 |
| SHA512 | 2170c8690782cc0cc039163fa04b99c32ffe2082c3b30f9d85c835fafce37e9f4dc3207dea5679b91a258ea10759a1759881b22586cdae078087b3196add646b |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | 597dcc44252bbff6c23774e2f987d4bf |
| SHA1 | 4b16f97d36ef89f6500f53d7f0c6fd9875d1e2b5 |
| SHA256 | 9f590418ef2a37a534ba529100a5a8908aa8b2b45f6524b4e64f97d391b20a4e |
| SHA512 | 9469ed2da926a5f49664bef0832941d2e29a3703f025a538513f68cbc09a02372000607a66a6e74a620302a9de24a6962863ada125d0c4260d7160c15eac5058 |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | 716a98891db9837369c09b960e444622 |
| SHA1 | 62c330372b85481fc75fa74831c0d7995616d40f |
| SHA256 | b3761a7ab2b05cf8d2ae0c014edbb2ee5cbb2cfa0dcd4da7018e3524c58a1c8d |
| SHA512 | f7476894750f995a2d9ffafd2c929d48e46dbb12c2c43a91299f98078da613872a1c79148e45e86b9fe42767c11011ea1a5c6dc80f7653d7b83033bc745c013f |
/data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.5.0_1718189112203_envelope.log
| MD5 | a9f302b8aa2f06dcc1706eda6f01f860 |
| SHA1 | ac10ce92e5d1e26dac06440782eadbee06fdeb5c |
| SHA256 | 0b22c1ceef894796a0eb3b028778fcf770f19393e7884956476e551d4820350b |
| SHA512 | a980e15bee1ed91a974971c7075fc912db05904a310e2dd432c6d7dceef5a80f68af1b7f38989582bc27338424530c81de70bbde6b18249b0551e06a7471e52f |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 63e7365f360637996fb8cf391a8ca57e |
| SHA1 | 6eac45216c39ce2292ec175485be1d05c736d953 |
| SHA256 | 847f9b174ce4abc60382c5ad5f9d8adf729160bfda40497b052cb4a68b1c7fe5 |
| SHA512 | 1f606e5e47372c71189874732db9b2e602e29d234ef74f75be94c0ff358221f3e5652ba8e27ec2a044353ba5ab8ccf9edfd9dd75f6e21533d00a44a8f9987cd6 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 0adda9c85a5e4808f5b1b74c0a8591a5 |
| SHA1 | 5048107883ab1e345af9cf2e6849ce46e0e612bf |
| SHA256 | 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1 |
| SHA512 | 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 2e3069c10dc3ec2a8be5328c4ce7f94a |
| SHA1 | c3fd67ac280a9cb7117d776cbc9727bfc7ead929 |
| SHA256 | 4e1b1940174c1bce732452cb060473eef7643c6c9d7f13f8aeb386d8b94e7e96 |
| SHA512 | 98b2b4e87efcb43f91ea79d4b7feb3bbc71842f52f79d87198826598e2abf84f34be9efdebbdc85b4627600f01d3a61dce33b1db387ab2d43f2e850a503ec607 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 14c399b5b6e8e68e21ecfb00a3befdc9 |
| SHA1 | c7fc5489c473ecef3b2faabe32fd201a7ac31506 |
| SHA256 | 56a499cec8ab68e75cde1e0aef033ea7378c9c9702650233e0e75fb172f7172e |
| SHA512 | 3f93327d532b54d916dd1f1521971afc38e21637e8fd379c1292d710d8a77d4399baf3cb6cb623f3812223df74d0eebc413dccd845b64d5bfac3bb896e6cb470 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 5cccb154ef2b8c031dc61bcba2127a51 |
| SHA1 | 400cd0f78bef7be209587e461d8698a8d9e39e29 |
| SHA256 | f98c03af0d14f21bfcad5e2dc40157fd67efe76877f59a13556ca6c1988d250a |
| SHA512 | 4b48fecfca871c7f0a1753a5c3048fd2bb47dfc5320782133b72f3ed348abf88e11f41b9598ecdb7c089d033ca690c569ff491b914f0a0e847dccef0ff0e688c |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 5eec660974affe205c728d467b5fe783 |
| SHA1 | 1d4a977927610f41d3b5e29a1acdef353a4848ba |
| SHA256 | 5b74e086ebe325c5d4c47bbf1940d439fc75e9ee55fed62feb2e2029b1c5d3c5 |
| SHA512 | e7b748ef714fde31be46376475958700b1c1fbdb3ce21c89d21d1c0014a21524f7aa794feb11d19734710721fa78a4962afdd75b526eb2baf8ea46e3901992ad |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 531ed12b720688c0b86f58c04355da33 |
| SHA1 | 9ac899257f9d79dd547869adb10b4e94b18b912a |
| SHA256 | 585637de7e24f0bea14cbfa9002eacf6cac363a366b4922b2da8ae13e637cde4 |
| SHA512 | 692e0f20a61494417b6603fc1a29eb910f916b56850bc35708aac2c890440ed9d5ede0c01e0e8e134c7575dee74b2f1b524f194a64ceaef4bb09ffb4f5fc587f |
/data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.5.0_1718189115873_envelope.log
| MD5 | f78dbb7f62c841c127c8d5e9edf97995 |
| SHA1 | af61e515682ec279a3bc07e2ce638d7683aa76d0 |
| SHA256 | 837a2fefd1e8c5efcea6a7eba37fe612ae0e2282a26d069a021c839323a869a5 |
| SHA512 | a5eede4b832fcb5213270dd6b82974e26cee3d5a0b836779e2a8b4b38f78201786a8d889c394ca5dc6cdc6977a47b0ab5f4b059ddd855e0a11e55736158564e5 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 8fa202df8f9c32030bf0dd133015050d |
| SHA1 | 0e7981936af11ab51ff0c94aba75458e0df76f35 |
| SHA256 | 30cc83932a53e7ca8072caa8492c1d688531c39feb388b340cf9cc20e57c2370 |
| SHA512 | b659851e091eb6745bddb0de30a43aa293d5fd7d94d92c54a1497f08cb81d68817c0e215e99c686b11826984d0948c6da9a679609a462e37a02ea3830e0d2637 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d0e3268c6734aef46d05758845a6fd7b |
| SHA1 | fc1d94b87e2b748d8616325ef06ac7a4c96f7dfe |
| SHA256 | d7fa94f70d085eeb15f5bfbd2d2e286a85ca4adb5a53858886179b148e8ed16c |
| SHA512 | 5dedc4135e72419b028566a5b6a9ca402336410b8b2ab4976eb70867f2cb090c899b4b9fa8174dd59dc59618381f8378c6e676a95b56c98c1cbe04f14928c0ba |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 66672863f937a2eb2a758b6c613aaaa9 |
| SHA1 | 3e5c4e0d2d8439f70d716212f6074a7102f59362 |
| SHA256 | 1e944c84af6fca78691cc75e1aba247fb3b2e32e45b6ba5f2f8650d9f502828f |
| SHA512 | 629c80b44d6c72e4617a6284d08c7a337b41611ba6599e5a3af5b43aa6f7ce3ebd9ad5f9e7a69393c2d1b2a512ff6218a5eb92a95f047dec025e4bc063c13b80 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | fa0cc5b4e0d85768aa8cb2f3f0cf1db0 |
| SHA1 | 1b9abef6b61e1f427dbc69dd8468f33d0655f713 |
| SHA256 | 17c2fb7459a21cd66f4c3bb191daf8e4ec569a5aa30a254ca0d16aa96a907e32 |
| SHA512 | 5b3f3aff529972963decee299e1db72053ae25b795f7118323efa3b8b52f8df7f10796e6866711b249c3b511535fcea7e635e49ec078725a90213fb662bc84db |
/data/data/com.xgbuy.xg/.jiagu/.jgck
| MD5 | 0642ee0723bfe66f477678dae1326f50 |
| SHA1 | 0a375356192e039292048d3d8e9690d5aff2c3f8 |
| SHA256 | 3246dc4495d869f0d00c1d91e3024e68d06025bff4343952c79829cd2c4deacf |
| SHA512 | cac02e7c7a3471f15a7901c152ab1714fa7de89112424c7919f18fa5d8e37cac3dd19684906b514299a280c2505b98618cccfc2ab12a96a574d141dcf3ed9717 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | d105b7250533cb234c2ece45ee1c4dae |
| SHA1 | 2c0b136645178e2fa7dc9b454339227b372ccdc3 |
| SHA256 | e9f5f5f746f1ca369598aeef432b3cc73faa1b1c5f35c4335d81f87e035e535d |
| SHA512 | 5f0a48b99d78ca3ee3fff9592e5c0047475a99d116c836771d417b5e4fb358613be8951775ace85582c8afe16280db62f251247289339c514fdeeff3ba3fe909 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 939d74e87c21e294531cc5e06692659a |
| SHA1 | 27cc7d415fe0f2f2e188c957db556164a255a7a6 |
| SHA256 | be296bfdc71bb7d765cbfc13286bd86e5b844d23841232da3cbc695cfec21117 |
| SHA512 | 0f1ae26e654527e0207f204de7ff3da035fca664eda0120e09901ef6a1b8200cd90bf9970827f074a1320c42d8593d3503965ea227f848f5ee53b6bd76d45156 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 055b750ff6e9fdb1ae833fffc3a302d1 |
| SHA1 | 97bfb69dd0d4afee87b501e8fe0d21fa9618efd4 |
| SHA256 | 9424111e537eda72168b071e85842d8d1cf581f067eb974dfd8b27950a165b30 |
| SHA512 | 6637acdbf4deeb7d0e63da5518d76672336c4ac4902464d2acbbe977388ab2cbf8a1d97446f9fa1c887b86a61e1e8a7d8e253352b48d0431e9e24f740e5976cd |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 7ae18ff9aa431982b7bd9de1ec44e407 |
| SHA1 | 4d1683a91385b0434ddea8dc032acdfb3f91be6d |
| SHA256 | e388576b6abc29e822054b4837baae30b82eb1290bea4a5662adb94add927891 |
| SHA512 | fd0441eaec81fd79ae0f2ba5a45c246653f011423f376e580a4b72d9d70dd796199f80c39cab47c25a8e200fab9cac54f166f0a053fca5d996a46f457eecbca5 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | cf5038071630eb518822f4ca426aa2c0 |
| SHA1 | 5f3f0da46b2143053d2d7d57cc48e62fddc0690f |
| SHA256 | 7aaf9d93628ae78ac23fe45cb8f8096103dc2c620d6a51e002d30f6eec6fb94f |
| SHA512 | 17e83bb71e392603a3b845efdd8e22af36215ab04f844d3708edee8a9d995e03111476479f15b93c9f34c348b2e916a12e4508c31eba7fb7ee5d131e100f2b27 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 1067e756734053e21828b8a98a6c9f87 |
| SHA1 | 72a664630ba19d8ab7be9176c6f28632d74b0f53 |
| SHA256 | 0b70209eee76edb08fda0e14cdbab1b763c33b40e38c4a0d00ead0a6dd949c54 |
| SHA512 | f16705d28fa11b94a2cfeba8a0bf840be4ab7644736f68122603d95d2eb75fb373c6be227a4f31db9056fbafda7649f40b6286f0d79886fbebbe0a94aa20c250 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 4ccb12f8bad5b96a4ba4b5333c62cccc |
| SHA1 | caf37342b4ac55409cb4dc2bca66466be519d660 |
| SHA256 | 89cc494557c9ecc912dbb69ca87474a4d59d0d227fd039552ae9e542c87f5117 |
| SHA512 | 966d10e5a595c20a35341127f2335589446e23740173d2dc5ea323bdfa2e37fe4341eedcdb101fca7f7b806d09eca7a9d79c7ef5fc82d104b70050e48b777f65 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 04b692b9d21f9cc74a96a640c7364e21 |
| SHA1 | 94fddd4df1c1187c2364d6e9f9d91eccb20bd6c5 |
| SHA256 | 43b1a2a48608b51aa666f802ca21a5fe84dd818ec5a1e1272c05a42abc835601 |
| SHA512 | e5d4d18a96fd039ea744f324bb392c0ac1d5db68777315fde5b1281d83c85ba8ee1ab065419be9d83f31a3a1c114417bf6c662e58eae5878129faa9cbc30624d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTg5MTQyMjgw
| MD5 | f4d5544099f4e92bc156dc0e7dda664d |
| SHA1 | cf6ad91ceaeee6cde0dee61f9d6e5df9c25bab97 |
| SHA256 | de207fd625a1e7c582114c8b61d3da9be5eb827a452df0c4d4055f531ee32952 |
| SHA512 | dc976d33541f9b547c82bbfa794f477f11b2b85af2a3aac238de9e216ec2db747f3a026de9902f0a91f1e73ee76c9c5e6c861fdc7ef2e05153d4ce488a261d84 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | e6173790d242adeb3d971d6db468e48d |
| SHA1 | 5cae2a7b92b2475f673c326f5684b30a61446938 |
| SHA256 | 4f2c04d50c0d6f23e1729a50fbe67ed8927720a8038da38850b244aa5d7c72c3 |
| SHA512 | 1639b38b967354de71c89d46b2a1a9b498cf3d965566a5af4b86fcd976f3a0cf2d1686b06976319c0a06c1943c5e55de2f1ebc9ff2f3fd75518ebd0bfbb82806 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 10:44
Reported
2024-06-12 10:44
Platform
android-33-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.68:443 | udp | |
| GB | 172.217.169.68:443 | udp | |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |