Analysis Overview
SHA256
c6f1bf7d3abd0ca101f6572c7ceaed15a4f823388cc99140594f8672c6d20536
Threat Level: Likely malicious
The file a08ae7f9e72abc34b74fd74289d05ea4_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Loads dropped Dex/Jar
Queries information about the current nearby Wi-Fi networks
Queries information about running processes on the device
Requests cell location
Reads information about phone network operator.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about the current Wi-Fi connection
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about active data network
Requests dangerous framework permissions
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 11:41
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 11:41
Reported
2024-06-12 11:44
Platform
android-x86-arm-20240611.1-en
Max time kernel
176s
Max time network
185s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.xgbuy.xg
com.xgbuy.xg:pushcore
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 1.94.9.210:19000 | s.jpush.cn | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.75:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 121.36.205.81:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.138.15:7007 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7008 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7005 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7006 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7009 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.138.15:7004 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 1.92.70.140:19000 | s.jpush.cn | udp |
| CN | 121.36.205.81:19000 | s.jpush.cn | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 117.121.49.100:19000 | udp | |
| CN | 139.9.138.15:7008 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7005 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7007 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7006 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7004 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.138.15:7009 | im64.jpush.cn | tcp |
| CN | 1.92.70.140:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.94.9.210:19000 | sis.jpush.io | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 123.196.118.23:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 103.229.215.60:19000 | udp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | 50750315eef281575611bc425174b939 |
| SHA1 | acaff02526d7b4c257e00002ed09af364f66a401 |
| SHA256 | c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef |
| SHA512 | 60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | af40ddebf367d3418c410ba2bbdb34a6 |
| SHA1 | 9a5c0f557da523fb37d3ea9f1dad84e45b78b8ab |
| SHA256 | fd4c1d3b24b0138f6f355235f35815ff43de7e73e5029854ac0581f6d5b4cb45 |
| SHA512 | 6ca004321a8ef7f6a08b5be12833971bf017ff58c753ebe73d682abcf5633f084b9b1f5c3453432894f8ce8c9b306963b345cc0d6503450667d9ef66d3ac0ae7 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | 56a56032a56816197231ccd2c1447841 |
| SHA1 | 42b24c7723619c5bbfff5625ee1f4ff7a9afb34a |
| SHA256 | 920b1975141f98268ddde30a18db00a3c92776c8472763640b06009b90ccf039 |
| SHA512 | f47a2ee1f15a58887d5158bf141277a7d6488fcd31a9c85ca0d6706a4252433b812e8a49e956fba313393ac55333bee777394d300e136d489a484f5e883e3165 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | 63eb01b23dce33b6abd34b5693031ca8 |
| SHA1 | 870abc96ae069aa034b1b647244af5465a881ddf |
| SHA256 | 3798ad86a5974af83d89bc71f1737c1747ca4561beb07f74a214675efab02629 |
| SHA512 | eac344e6167fc50acfca60a177bccf404cd0eb595b0b3e948f88af21ac3d7c14a49d0d7162bc5ef529b9107132c8ac3d0242186ac1b0ac231acc31e8f969311a |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | a5250fd612fddb1d5533a0e023ea9d7d |
| SHA1 | 5716213446cf2a4fb070503b06fc218c62a5e648 |
| SHA256 | 589716a49d891158222094716b1217dd64a2b6ffbd787cb21fe75d99d7dc8ffe |
| SHA512 | 91bc66c13515e8a5e00bf37a972927e645d1c5ffac470452c5fc1e3470889750a38eebd309dfb189f35154d0709bbbbca9e98de8587e3527a6c2338358a2d80c |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | 75e6fa5557500883cb909d1fb0c0ecfd |
| SHA1 | eab9ac1c82579b7fbc8540969c48e461160f4836 |
| SHA256 | 10f6ba5e0621c713ebcc8e04287bcfac7a7621a4a28109132d44832768c00a71 |
| SHA512 | 86c1ab55d4ac995c523532f40a8997a01765793cb7fb4ffe3c23c5694d428bb52ac97200dc5f783a985c02a815c2736fe8060caf8522fea18764842499cf96bf |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.rd
| MD5 | 1a5d276d1e61ef6ab8262f83cc23eeb4 |
| SHA1 | d0979b7b2304f4a8540b132a87ce728637359431 |
| SHA256 | 54b74f17e1010d576783577bcc52009aeaae6f9c58f3b29f6becd0bbd248091d |
| SHA512 | dc3ab8cdd7c8b549601253ecc5612c6efbd8bddd0fc26f7a463e94eadbea5c8c42e531996a3826bfa6760fd9676f5ece376d8020dda0896f024cd5427fa62f05 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 1264f30db5bc978090c891fc9ba97820 |
| SHA1 | 22a1664ca5bac8af36bdaf8e4098c02c7fc9c1fc |
| SHA256 | 6383110e70c2cf20a67539bbf759d99229ac2dcd214cae6a3c5de840497bab2c |
| SHA512 | f3ec53223344ea4763479b39ae62a3dde4b83e0db05d4707c9e2c914725943063706c6c53e6fc043ee13640ac98242775c901b84ec76eb3edf11615bd0084488 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | bc50299365ea35d0101eb3d9116b49e4 |
| SHA1 | f6c182d394346873182a9c7a957b1cf04eac74c2 |
| SHA256 | 8b687fc211b3762b8bbc4641e7c3d5845edc6dd49c7bdac6054f3e5f26a2b90c |
| SHA512 | 13fbc1e542a16eca3b51d0239dfd9a62ecff46515768fda3d026e579ef1b3a2c5e701db9cb2ff8afbefd57b963cfaedfa5b50ef1317499fbc3750938fb4bce35 |
/storage/emulated/0/360/.iddata
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | db0466133e5113802420152079c59c0e |
| SHA1 | d4ec6c2f91656a490408c32ca0710c95d35315de |
| SHA256 | 6b1f78e459440984be238561e6aa7b14ac4cd4900de90ed014f3a9a12bcf41cd |
| SHA512 | 51fb128802e3c7d0b3e5f17e0210c92570b529a4e9a86482d1636eb5e95164fd7c772051268f47715c12ae9e00ade1c10cb388ccb4dbfd12bc3b0a7ccd2766b4 |
/storage/emulated/0/Mob/.slw
| MD5 | 5376297da698294a17e3200d3d0d3b7d |
| SHA1 | 675745b8d8992ddd3e476b330891cb4a5cad8b53 |
| SHA256 | b9bb70904e233150e2037f5f682d676721526f651be7072329c44bce14f30261 |
| SHA512 | cb2f974a65173fdcd523d7d15017ad6f56eee431e4c3d3581fac31a1f7a9bdbd04272c163c1035bbd8c6e2338f6227a9f4b7edf17487d86e8ed98e2ebc2526b9 |
/storage/emulated/0/data/.push_deviceid
| MD5 | 37d995a8f5b42fef7a6814e7328c0891 |
| SHA1 | 73c94164b0673cfb0dc8f8130bc9ecc4d6b68148 |
| SHA256 | c407dfc521edf668060c36cc8ba63a87ae4b9be472094b32c9dda9f49c9a1ed8 |
| SHA512 | 419654507d0f215e7aa124fb4bfab2329ff3a82d8b01dbbc812db4e4b562f40314dfb46431e9f4b255d25991d561a54c79e94dfd2a16dd079630542e586a34b5 |
/data/data/com.xgbuy.xg/files/jpush_stat_history_pushcore/normal/nowrap/c5ab308f-84d8-4821-827b-5b9ee859b387
| MD5 | e6eea8d2650613c33f7f2cbcebcf5aac |
| SHA1 | 7a69a50f9b40032711ec9037aee36331b9adffac |
| SHA256 | 53622047afa2b45a69786538353e44b275cfcfce39811949d2498c7c23d1fede |
| SHA512 | 40fb27426db20960b86da827bafb3396557ae9795dfb1269e0e6a0d790fd4e934c86c0df44ed3b95e61c2e921d9d8def2faa9cce0d26077387756187d583f8eb |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 11:41
Reported
2024-06-12 11:44
Platform
android-x64-20240611.1-en
Max time kernel
176s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes3.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes3.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
com.xgbuy.xg:pushcore
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.35:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 123.60.92.210:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 120.46.131.222:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 123.196.118.23:19000 | udp | |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.119.173:7003 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 139.9.119.173:7009 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 139.9.119.173:7008 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.119.173:7005 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7004 | im64.jpush.cn | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.9.119.173:7006 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.119.173:7007 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.119.173:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.9.119.173:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.119.173:7005 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7004 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7002 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7009 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 139.9.119.173:7000 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.119.173:7003 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7007 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7006 | im64.jpush.cn | tcp |
| CN | 139.9.119.173:7008 | im64.jpush.cn | tcp |
| CN | 123.60.92.210:19000 | easytomessage.com | udp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | 50750315eef281575611bc425174b939 |
| SHA1 | acaff02526d7b4c257e00002ed09af364f66a401 |
| SHA256 | c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef |
| SHA512 | 60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9 |
/data/user/0/com.xgbuy.xg/[email protected]
| MD5 | af40ddebf367d3418c410ba2bbdb34a6 |
| SHA1 | 9a5c0f557da523fb37d3ea9f1dad84e45b78b8ab |
| SHA256 | fd4c1d3b24b0138f6f355235f35815ff43de7e73e5029854ac0581f6d5b4cb45 |
| SHA512 | 6ca004321a8ef7f6a08b5be12833971bf017ff58c753ebe73d682abcf5633f084b9b1f5c3453432894f8ce8c9b306963b345cc0d6503450667d9ef66d3ac0ae7 |
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
| MD5 | 56a56032a56816197231ccd2c1447841 |
| SHA1 | 42b24c7723619c5bbfff5625ee1f4ff7a9afb34a |
| SHA256 | 920b1975141f98268ddde30a18db00a3c92776c8472763640b06009b90ccf039 |
| SHA512 | f47a2ee1f15a58887d5158bf141277a7d6488fcd31a9c85ca0d6706a4252433b812e8a49e956fba313393ac55333bee777394d300e136d489a484f5e883e3165 |
/data/user/0/com.xgbuy.xg/[email protected]!classes3.dex
| MD5 | 63eb01b23dce33b6abd34b5693031ca8 |
| SHA1 | 870abc96ae069aa034b1b647244af5465a881ddf |
| SHA256 | 3798ad86a5974af83d89bc71f1737c1747ca4561beb07f74a214675efab02629 |
| SHA512 | eac344e6167fc50acfca60a177bccf404cd0eb595b0b3e948f88af21ac3d7c14a49d0d7162bc5ef529b9107132c8ac3d0242186ac1b0ac231acc31e8f969311a |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 39663441e1fcab0e54bc62a83dca03f3 |
| SHA1 | 4d5b247db9fbb1c8fc072ef4112b4265aadc78c1 |
| SHA256 | 86d2d27f7d96283056a00550a1c7a5eaa9e68de920c20b44d1aabe079425c42a |
| SHA512 | b2daec5c4ef1ffa57139a2f8dc8f960929095ce2b78fc7b00085d2e64d84dd4ef890e8a43d31ca92e370a91abf69ff8598d23f805cc2958277f92033c6ce89d3 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | 79d5ebf1aa047b25470d1f57692ddcbb |
| SHA1 | b8424fb4981a8394fd8a30175aad703aeb9d912b |
| SHA256 | d35218e03e53be4c4a489a463296eaf925c612a5d2bbbe85c3ea6c8d1374c356 |
| SHA512 | b04fffbfdc3796e3fe0bef4ae978023211a0a33ec960e4c001604882c498fddfdad281f01715dfa4d762ad8cc71c93fa3c7430e02b49afb42e64e051622ce912 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.rd
| MD5 | dc2e848be2824acf32cff8ee979e58cf |
| SHA1 | de0d519b548d2290385fe035f031fd2c4a61a0eb |
| SHA256 | 77b8a926e64d8810db71b3d51f4cf37b68037d0d91e5ea2940872775e8442a23 |
| SHA512 | 52d2e8441548718e5a13c0521a46b15ee7d6b93039edd4f3033852240a63bb4361e238b6c7020725eddfad0199ccfdb7496f8e47a3ef6116e5d0bf067f5b46c9 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 439b00716a6cd356e64d6671dae2b33d |
| SHA1 | d23bab9843bf3d8fae206c46b195a7b4f769be2d |
| SHA256 | 9ebae3170793097473ad18e4474e8b40e50a179bb6608e16ff1a52113baa600f |
| SHA512 | ea5b3024fec3f2c64c5dff5c52a9d540ec17c5ab3190fd3b502ad056cf0be93314afecd4dd6e08e674a69d777a1d1da8e9ea532753b1530c462a94c0d86fc54b |
/storage/emulated/0/360/.iddata
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/storage/emulated/0/360/.deviceId
| MD5 | 4c4c5285293d5141f582aefa4e038669 |
| SHA1 | e01852a72e5a8e6f7d63a21426b515118196047b |
| SHA256 | 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731 |
| SHA512 | 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399 |
/storage/emulated/0/Mob/.slw
| MD5 | 093d6d3426351dbbd68f2a6f70dfae8e |
| SHA1 | 9fd1d9088b5b354c772f7ea865ec8450c09bbdd2 |
| SHA256 | 7065930c425107957a2db95b13c8b4bc1b7225c945a2a1fd941f833933af395f |
| SHA512 | 4926afa7a570010742fd2e92f9b5813b82e4370c8d44f8e0ff897313a120c2a0e0b14b52629da31c16171c4ec1a435e83efe368dba7535c4ced8a4081a8e2984 |
/storage/emulated/0/data/.push_deviceid
| MD5 | 37b7921f7a6c62d143054fa735256334 |
| SHA1 | 4a3580846a2168045438d7279f0b1409e95c523f |
| SHA256 | f17d73eb9d92f67e4e25bce9453a1cf3c36a7b2da77a69c2995461ba826a1b42 |
| SHA512 | 85f77f9aa7dbf282187de725bd88cecfddda0f75623d9ccc8c5fe9cb6b88f4816a82d64121d80d1491c0ae6867c4b873076f13a21d38c684d08486f1f2ebbbcb |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 6dc928029e1f31745ce73c22b005864f |
| SHA1 | da67ebfe97ca68c083adb5d5fc34f7a35568bc6c |
| SHA256 | 4b9f3ef8300c3d4afd331352c287e9034d8477c82289c69afd5f525ca85000eb |
| SHA512 | 8455cba63df4319a4c23984953bcbe14fa02b2be19f41729248c3e12b121598a00bdb8791882c65b3b218bb4e4e8084c1dd9cf5eb0aedabf7b548b5629d0ea03 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | 50d32d5b90a4187cd5ea6724b4ad4687 |
| SHA1 | 00d2ecca8152fa3f3d2a95b20ca8a62b70e4f82b |
| SHA256 | d454ed2623fe4754309678304b4cf8005ec8f77156ca1ea9acca6257c697f9b3 |
| SHA512 | 6cd199595f762181e1dc308418710d998318093393e28dc4b1a09a283adde4217b29b6a7a794003a633ede20b0fb141d6a440f196a55db8d1a760c52a5658067 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 49379c6b5438ba4c88d8a79de84899d6 |
| SHA1 | 22ba091d274e5b49240d1abe903a3895d862bd43 |
| SHA256 | ac3fe2ffab808f1e368a34472d91eba46262b040be2d24bd97d83c6c9cef138d |
| SHA512 | 34217fc988059573fb8a6704ccb170d1de3067f58186d366b93626ce48d5e283e957a76884fa2495c5e8ce073fd86af7a4282dc11fe3bf35d40452861130ea07 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 03c3403252a5274afc1aa220414d6c7c |
| SHA1 | 049fd1bd88508341226ed5e70030d9d3cd760779 |
| SHA256 | 672985b3c3aa7aa974775d3a2b82cb3179b8e608341c5ec4ca143314875d7ede |
| SHA512 | 00b3470210753346797267815d38bd438f7dfa188c945658e2ecc8e92194b47e27e5fd7b7c4d575a261ad0c96b6bfb9e191f94d18e9e96ec9dac5317d61fa135 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | e3de6b760297172cac71d2b4019edad5 |
| SHA1 | dba76a08fafc8e036e3a4c59275c4d6cebff5d09 |
| SHA256 | 68e26f6b28006283f4ca921919960deb768bbf76a90a8489afa53d973d9226e1 |
| SHA512 | 2b06af436272d266e2a90e932f091e808826f93445577fe30597acd28f097b5f37fb7b5d9531ec4a7e0fad58fa81b99384c8414a508a11d59f0f0fbc61194d40 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 0ae76b5d0366c84171c416cf0c3ad6c8 |
| SHA1 | 2aa82101d24128592b01c267f1f478e625e154de |
| SHA256 | 56f0cd538f4c4035fd167a755c2fdeb17821f1d43a4714b59d37a4b3f90d3f6f |
| SHA512 | ec1ba24a2f2ed25626480a5c8743398dc254ccf5d35ff4ee32b72c84faf5b04d4c3d0094d3201e2f740de7b2b02a8d92ff86ab51090ef4c277fd98f8f6d07499 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | cf1a4cd892e3b4e76f23a409ae191187 |
| SHA1 | b89532b5ef200d5d8f76bbf830f0a3802b5b3f24 |
| SHA256 | 2830cde7880b3d986e17df0f48507959e3be88000e28b09daf9c658daf38cc95 |
| SHA512 | 48355abf9c9f3975018f65ef109d216667f2e31b2f725afec69961fcdc32a7905ed84db5c740f6be7f6cd20d0b14492f518d383d967f0f4f6d3b699111ad43fc |
/data/data/com.xgbuy.xg/files/jpush_stat_history_pushcore/normal/nowrap/4843f74a-cdee-4d86-ab92-6f9523c419c9
| MD5 | 6321b5c966a83cac7c135754689c59e9 |
| SHA1 | f40e6b1c5e5888d8fb857febbeb1a699e2d76fd9 |
| SHA256 | 2e527de356e8c4750a1c65bd1996f7a5cd55a74d3ab5a9fc95454d6eccd5f094 |
| SHA512 | fc3b24bb87957e16d143ade0190232e46db4b929a90e160658eb659b8ce091bec5788f5b44f964ed924863118d502adc620837beba1db1698ab3f983a4e54b06 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | fd8a9e65289c8a1d0146648329fb8ea6 |
| SHA1 | c54b9b0ffc0bc395884de50cc60f36e9a77f88eb |
| SHA256 | d5ee931a471d4c357c00908e2ecdc1e1f9c8b5b8e90835ac19ad912921823be0 |
| SHA512 | 4f292f5399a404b3ef274889707f7bcac87138ef239ad8295305a57821b556dadff7d356836aeac06ef2a232d8a8e51e38fc1e2fde9f27f8187722029c49583a |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db
| MD5 | 3a03afb60ef6268b8f33ff660f935ba6 |
| SHA1 | 712bb84696cd07b45ee04823c9a532b3d086d3e8 |
| SHA256 | 052c20b77384449a2c93df8477b90706867f3f039dda7d024f23673c1cf8d594 |
| SHA512 | ea47b128f98d4f737d1ac0c8cf2c94909c6b71e5a7056277c125337f72609ae1d2cd62b208a76c8c2f5e889a467f302773f958ab8537ca4fa097089dc70a736a |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 3a4a00f3d06458bbd6b9e0f9da4e2b54 |
| SHA1 | 962c4477465572e18b4a9eee60ccbd744778c960 |
| SHA256 | 5d69be9c5759d037d118a7046f1f4b26a6ae343bef74ff680b0a592f955647a2 |
| SHA512 | f6e42b1e6cc8677084f79cf6361269a3c4c2f747983b9998f802823926785cc50bd63123e4ce0aaa0875993364a30163f088d187523dc90829f5de1710bc6669 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 58c33b847e9fdee0fae84049ff1c4dd5 |
| SHA1 | 77ac04342963f0dbada73ea99828f397cf975d44 |
| SHA256 | 585f45509e45e6540e0b03fc00c33f1d7612c435f14a68ff1c4b9c4d4d0156ff |
| SHA512 | b77dcf721583f608cfb4f160e71042b0112f8ff33dac18a408e62be8a97a30be79c97ac9fc4f08db039badf236778024ad33308d3f848529e9ba0ece19578ef1 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | c431b647d9e627aeb642ccd41e648883 |
| SHA1 | 6a343358d01c533ed2bceee807e09f82ac3069e6 |
| SHA256 | bd98dbdf310b0c2f45f49a2d8a7a817d67d29cd9824404651bd91b0d6a775d38 |
| SHA512 | 9da75841dd9c139f97e41f6be96a1b77ad3a454f4bbd14452224acff8d5488bd4c798bb723c0f5fa4a867809be72cf686b9f76d15427a0c7b871ef504deccf68 |
/data/data/com.xgbuy.xg/files/jpush_stat_history/active_user/nowrap/281208f1-4b68-4da8-8b98-d0570b819c97
| MD5 | afaf86bad9146d30f74e5faaca09d1f0 |
| SHA1 | 96c91621cab199b87c33284429297c42b68d7360 |
| SHA256 | 13cf556e92e7b03549b1d40b00f1be5f8e22771087ede66b75dd5b13589e87f0 |
| SHA512 | 0e089f8802a1347fb498d7efdbbe41e68989dad4ea22eaab435b981e81e90373fb3aef09f227e0520f817d9f5d091361b92dcdb6c3e5066d952a9ba37e53de0c |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/4804f76c1982138ddd57254b068134862ad1ad20f5f58897a3e0f1f5f1c2f990.0.tmp
| MD5 | 7459aff7652a92bd0f6067f2d6e82f00 |
| SHA1 | df17e66aaa9218124c14a31c0b4830f1e3d85bdd |
| SHA256 | 57c17ee898ccd959646b900c6d4f21645a96ae816134de1d067ad1c776940935 |
| SHA512 | 58a15b84a2a49e0bfd07ba29d3c0a4590c67c83867e11664ab53519b54afaf5e95266972ea503b4c480df4971dd138afaeaab9c25f3d4747aeed9f8211bdabae |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 12fcaafe668838eeb687e711c150df46 |
| SHA1 | 82361089cb39da96335ff69cd27c588bfdea3750 |
| SHA256 | 6566816f092b65089aad200b1535d34ef703fa5b2e498795e5b16647420e3a1a |
| SHA512 | b866e65a051810031778d34610e010d444678ea070a9efcb98a9cf56cbc347f5f7f632d774776b7493a6b7e6b50ddbc2d305e9a73df2364e986b09fead315094 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 1464895a4fbdefc86ecf107de359499d |
| SHA1 | 310fcc9c4fb05a89e4f8ca57a55311d94bd78a89 |
| SHA256 | fa2e6cba79fcf9ecc20107dc10ab179f044eedb54ec82fdc953c0a4d1a8a4ef7 |
| SHA512 | 83d3cb152090c3f778970a220836821fe0776e4632b0d26605e4f9ef4a82f0d21a8569af9d2c39df6bb9b447f0835140319a7d46ace0295b4ac3454e4bd3fb01 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTkyNDk3NzUy
| MD5 | 92fd72303adaf2ef7d03c9a28aca8262 |
| SHA1 | 53626ebb0b124c62f5217a93117547245b3e8d84 |
| SHA256 | ef6ae20de956836c904aea410d1d3585da306cdc96ee99520ff91362e9318a7c |
| SHA512 | 907bfebc07ed436ebf969db5235113a333cadab181f9449e24044fe6954f0fd7e4eee55bffc15fc1b368268a18262f27458caa881f48a1468c6fca1da3cce23b |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest4758450615018444924772381017608398527-journal
| MD5 | 68c44633523de61585d0ff729f3cd4d9 |
| SHA1 | 999ba84ff333607bf622a529b9356f40892fb7d7 |
| SHA256 | 7ebd29ed4293ca6350e95913d2ba38df6f99b19ee1a684033f0038b8d4d8f71a |
| SHA512 | 1c7d63f99efaa21d667d90fe1e0f1c188fb1d4188aeff05ba932c01d33b0023c6a730b2d0e9f3ac06c166b1871e9397c8af7aac6ea4cf6bdaf653a8c0d5af24d |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest4758450615018444924772381017608398527
| MD5 | 0e062d995e5372761dc3ae3385e1828b |
| SHA1 | 736a9077e2a378b8b01c032dac0c42ff6a8fc9ba |
| SHA256 | e1ed9a4e1f53b32cba6f801afb79e50cbf15bdb68a14d5bfcffbf983ac4a2fcf |
| SHA512 | 0a915650daad56a46afdc498e81adee0ff1aac1f582776ecbe55ce7421a1b75c97aaa4614da79fd7ded6df69fcbee31aa6409f13bcdd4fdb33a8149fd8bd2776 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest4758450615018444924772381017608398527-journal
| MD5 | 3dd51c13284f3279c7a1e922858f1b8e |
| SHA1 | 43724b77587a5f7a63c27b105eb80d64ad8cec5d |
| SHA256 | 55f6aec7c923c1b18279d36e339c77076acea7fed4bbdeb3f072990a6ae63465 |
| SHA512 | 4e00204e15b5057d11f8fd0ff2c7d01e268ff0cc43c6b400cefad116a54643e3165e544fa869b8dcb1427e62a47a647ae69a30c6dcfee93b28ecf77af459923f |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest4758450615018444924772381017608398527-journal
| MD5 | fb0a7c690e27a7c8c75250f607fc2eb9 |
| SHA1 | bd478c4f4dbc6047863f4fa1f707a007eaa25435 |
| SHA256 | e9abb8dd79f11862ea32eacfc980596a06ab7aaee6cde80c51a0801fe09dade0 |
| SHA512 | b2eb89ab3f0d7c6eea650f5e9b2b69f7740c195f327704ac29c9540fe35f65305dd54d03345cc0978104ebae7ec5063dcd363acdeb175581fc8b1c2e586ea8e1 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest4758450615018444924772381017608398527-journal
| MD5 | b65f50cb0405dd0656a2ebc5be738671 |
| SHA1 | 5e3eeedb6a3e85f57d868bf17a822540ad6c5c4d |
| SHA256 | b546eaf6513481379e30bc6e10caf8321ef592923b497c4f191754e64a913026 |
| SHA512 | 1748556db0d60c7b3c84a1b24fe774a726aca0f6965cc367e60eb37c0890363e0e123abd817bb402e81361921817ffd0d7da8467a6814dc827bbbb945e481e72 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 9eae68c80769260675a3d4301c8a5837 |
| SHA1 | 5c90d75ca7801e528ba2add5822081be1150b781 |
| SHA256 | dad8814095423252dc462743aeed3e569eec0eb1ef757f212dead8b5fed64175 |
| SHA512 | 5c9916fe506c35841bc02044ee55db1e2f7eae89d2e81713d6ce4350defc1ba02b9bc47a97a9695ae2be0d1d481cb3e77193e0afb44852cd505758f00fd4ab7c |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | e3e070d2e3d5e00d107e25f0a579af3d |
| SHA1 | 09dde77eab58605bea42a61dc35e975e8b62c14a |
| SHA256 | 15661794bafd16a8807927482e516ef2225cd3a9692bfe724c0c45697928b4c2 |
| SHA512 | d9b46d05cb538ced0f5f45224fb36b9471e8075e3eb4c9f05d84bf6e12a1e6aaecccc13738ae52f1cc9c2a2041b406b12441cb652892bfd427f1b574c09155f5 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | b08351185e1e5d58cf9ff19b95a92f37 |
| SHA1 | 41941904aba4ecf250eb4a79af300ae85e75222e |
| SHA256 | 4d6e292fcef1fd90824c7f568521e92981120c93e591302eac368d31dc5baba5 |
| SHA512 | c9d6d5d2c80f0cfc45bf41d3a982dd25830b706ae49bd8875f572b6601a6e7079a73f5d0290508275963faead73f35af4b69134160a0ae3394c79de03aa8a30f |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 36fb083f52dcb3eb4693696213a1e211 |
| SHA1 | 8b0f71c06e083e137d8849cb149656916661a9af |
| SHA256 | d2b43fb17139ca2ddd3f98a632df12ac7cc537719482a1ef28a274e2bb5cbc7c |
| SHA512 | 2d61943ff034db004a8c2a65c7f192f10d5ff449b4fd286ce8f3d90c0359a4ef8256ac097e81f4eaa80008070c1d1d99386e40105c8e50d87fe3374518b8c263 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | fbc2495fdf06daf332cef23047f3ead9 |
| SHA1 | 933798975bd4e0c4e86cf56df73556eb0766b76d |
| SHA256 | 839a7e4ae8c3f7896f33b0555b7ee2001e55addc59d44573e2bca75f92df6ecd |
| SHA512 | e4003ab2d86d7eb7ddd8f1b98e1795869efab07f39ae9090eb538bc6d70a12d7577fee45bc2f3c41eb761a0c4731db3155e82681ac4f8f00d58a266f1ddc29d9 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 5b2074132647761745b2a336044930a7 |
| SHA1 | a99e0ec6a856b91cd37028be76fd0c100c2e1a4e |
| SHA256 | 6fb597a6ca4e03f1c46a28ed6774922d94da084d984380e510e39fc33de4e62c |
| SHA512 | a6e2ac58ff5e4ba026cdf2d6b14baa49dbb5eb438160d1903401ea04619220def7cd3f6b9232d0f2542d4281e2c5faf84a3ab04c82528551a10ac6c30f465937 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 632a9ba3799fc94c034c1c9715a71874 |
| SHA1 | c6fbba9eda95d1bb6945ba8b271273f62925139e |
| SHA256 | 2edb87d90e639c8d4e1ff13ea71b171edf60e87eaac03029cb2725140fbc7ce2 |
| SHA512 | 4bd87e99ea5d0e87a185446797a83fd993a4e6156b43f0bd18779af58428d188631c687382cc73bb8f65de01f3835d6e9911f44d9826734485bf60fb40f82367 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 57614907e977d461aac82a0fb2e929e5 |
| SHA1 | 1148327b939a1abebe7fbbea77c6020251787fb8 |
| SHA256 | 3b69497a4778bf9ecf8a48fc7f6aad5be35ab45396394895ccb5c9604c5ed5a4 |
| SHA512 | 7538d5b043504bc707e8ca3709dbe20dbe4a7d4ce87984fdb3e88247c2332036c4ac42a1700c883bd75e959c71818888ffd845d324d7d64df072f48586bbcb8e |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | cb8eed73d4f87c56f3bf0a18033f4e16 |
| SHA1 | 70d4f486d64b37c01d83a5a413717fa89ea3b48a |
| SHA256 | f08cd6666ec97a7e8bceee8310205875bb5360e3aafa02b6855bc010768e85f0 |
| SHA512 | 1d541d39d9c59afa2c5a9e6ee4792cf81ab50fe80758c6ee238b1261b16388ade9b9aa0c970ab0da3dfcb4d67e32dc0ce3e59cb2e6dde1ee6028e6f0542d0472 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 336b65764d8d2da57075bb11b1b03a27 |
| SHA1 | c2733af0f1917e9a2a2218a3066da8be4df5d962 |
| SHA256 | a675b404e6f352aca628a401bdae630c4e6a310d66499e8b7c22c33b3ab4c743 |
| SHA512 | 889352c961276d97aa322bd8460b789fc911ac94d7adfdb28002326a61909444103bb4615b366702828176f07fb223cc900af4d033c5142a948813467ef6dfca |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | a9d212f4b1910c1ce9ea4d39f5cb198c |
| SHA1 | ffceacd41ce6134db4e91acaa40dc0d9b19be03e |
| SHA256 | 1cbc759fe6259593c7f9944ceed97c358b8fa3cc9a56ec636f6c48e822ceac37 |
| SHA512 | 3b1ef86ba55ec9d870054ee3af7a414e21c99d5b13578a5b169cc84238a85d4e8401a6b126b07abf57a9a230ffc1227f42bd9b80daa96db88b4870c07d92dfea |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | cb9a196d71e9c2406c0d757f92e96d10 |
| SHA1 | 06785ca5045d6d199bd714bb4716c76562254da1 |
| SHA256 | aab3d3bb516f73b32743332ee2348d408128e203c0d958ba722fbebfffe06659 |
| SHA512 | 3f650983b07cbe217d3d3a0feef104a9eaafad71ba2212e756d52920ae29a7ac8145d20536db065aa149ae3c9c59ca587945b985cfbf2c85afe7687def6da427 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 10455f8598c5ef2aaf709266dd504a5d |
| SHA1 | 17672975d2bd141de3cc05be252ff67f7367973d |
| SHA256 | a592c650fb6343c262a5f57916dd7c7169fc2491acb8b20676fcb7a310afbdb8 |
| SHA512 | 411a66e9e2e7cbfab05ad8bbc506dce41f237249afe36873f22e8cd9fd84945b5a38022f678f6070642abe4276be4c95319dd47d015ab8adf65559e3fb9bb098 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | f7f07bd5d8f707a631d9f80a791c8691 |
| SHA1 | c6d27e09efc06a4b72390c1b49de47c83a25f200 |
| SHA256 | c7af435a519f62c21f92ac7bb3469b56e79631f3b8188e8b0742b17d9c687ce7 |
| SHA512 | 2a9eaf16ece7c330266173647549c70c240050e6b8ac26e8cdc91f6b945b7ffbd4ec079a95c44d1046b30f4a67cf2a7801be7bd820b594017d19a9ba979851e8 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | d17314e270ab64baade31c65aa11b170 |
| SHA1 | c1a31cddd1273461ee4b75cf6b398df7a89ef3a6 |
| SHA256 | 2e844b7111815bfa9d47767b79fd64999567d5f5bcef3ae2aca6b0358983df6c |
| SHA512 | 3a4dc6e43a2c4f6ab3996906811cca79f91469c501842cf40315ee935030a4cd3c1d52fd68fdcd0d912a62d17f3159de9c49075720e5ef2bfc6a90da254830a9 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 36a0ef77b746a61f975e918fc9016d84 |
| SHA1 | 53ccda16edc92f153cc37beff231de260508ab54 |
| SHA256 | d2c88e5cd82aa38849e300745306391a6400da7edab2a514accc733b48d1ea01 |
| SHA512 | f669ee921f9c4d78e1dbe74b43af18f693f1074eb359b86c25d1b1f0c4ea41ac6d894e39d3545a9316c8014b75f48360f9d18b9a0ea4ba6d52a6853d13ae4b40 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 73e28886e8a06ad432e13924fae88dac |
| SHA1 | 2162988c5de7c3555a3f1f3e76a499a43154bade |
| SHA256 | ce31b6414f3fde7a5c4a56a861e0cedf4ccff303862a84bf57cf67a52e38ec77 |
| SHA512 | 31e4547998b78313e8191881104c292f41eef7446aed9b5513d892169e1487022f1a8bb3cc0f9e0ca22efc69a5286b31f0635baf35afce83104f1cdadc508ded |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 694466515b7c26596e4136bf7daffe5c |
| SHA1 | ddb99080146a83c54be804e235a5a30154e78ee5 |
| SHA256 | b5259f3c0bfa4004bf28f79c9289c14dbc21b8dd556ae7762bc27ef62a0f8665 |
| SHA512 | cab322701480129992bd80a03fe3fcd725b4efd84bd9b0a6ffedae0dd72d5e2d19da8aea362e9cd1dc5bb07c7e6c08e4e307960d433845d8d91d8d79d960a17b |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db
| MD5 | ac5e251ee7a3db01fd27f13fc5b482a1 |
| SHA1 | fa3095c7b4aba7aad6ed11e2f23b03a9de7acc2f |
| SHA256 | 6cd5f9eb2a70e647806bec6f65f83f422f15367ffd3b6679751098faa9097049 |
| SHA512 | 95bad67eae10e9bf5d7603f18cf768f64b953e66bd28f1937c4ff3a75e62720790887e737546bc9577c5e19b187e57afcd368d653e5bcc8672ea8f2b28193e36 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.li
| MD5 | eaff68b70e2b1659349969df4edcb95a |
| SHA1 | fa043c3079d8c9ef88a9fdeeb578f9dea8641d3b |
| SHA256 | d02d08e197863d695a40307d8e2ad33d6efc862ebb9536129cd59b1820192607 |
| SHA512 | 72b4e5b8f72b516378468577d6293f8be3121240d3244848f1acbd10702c6a1ac806b6d51b190accb1fcdefb2b9a938ae0c419958c887b8f2d97b51f69a89e27 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTkyNTMxMjMx
| MD5 | ca3daef2cc852d6cc8d31b87afced17d |
| SHA1 | 33bc8cee4db380135c000e4fc8ba714f09c51577 |
| SHA256 | ba071991ac126429d96704aeaef7f3308f58fe66381e96b1ab93643d0e43456c |
| SHA512 | 1ee8e70f05ebfe0ac7b2cdea17333ea2dd5b5f7543540f331f290fae11edc51e1619c1e14533e05e5cd1a33afb85ed11263563135d380cedfdc6c83f0d69e4e2 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 335ae6d3db75c80549769fd278c422a5 |
| SHA1 | ec865563653752c7e383506ec964ca944f822950 |
| SHA256 | 7b9d936c5559231cc4f4bb82466af1b920eda9cff8f31dde7a08ea8305cfe5b9 |
| SHA512 | a2f6949b44d4df46e74e79080622986f52e69de801c48e83c799f7c2c91497c5d1d6643be7badb9b8d21e5d2605b4efe10e2b082985aae39e47b55b0dc320b6a |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 8bba3201ce0ea0a08bfb5467463e2cab |
| SHA1 | dc069e463f0dd03f7a8ff47a31e37ad9b7b23ae8 |
| SHA256 | 26adf3f1cfc70e71c63bbbd2e02bac0bef186eaca5398cf726e74b974120b7d0 |
| SHA512 | 293e4729b4b226669651b747e46e0edb5777e680a40c756bb803598d0371f4f53fc00fe4d364830c87fb512a074fe9f29b3725448a99d4246e51939300007969 |