Analysis Overview
SHA256
49c8c3fc8b1d7cd448ec6d18fcb9ff10a0927e3bc14dac5cf3d042f61722d84f
Threat Level: Shows suspicious behavior
The file a6d611c9ee6053b52df98e9fe668d515_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads the contacts stored on the device.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Requests cell location
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Queries information about active data network
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-13 22:15
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 22:15
Reported
2024-06-13 22:19
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
184s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Reads the contacts stored on the device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.xinanseefang
com.xinanseefang:remote
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.204.67:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| US | 1.1.1.1:53 | hmma.baidu.com | udp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | sdk.sms.mob.com | udp |
| CN | 120.46.84.108:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | run.xafc.com | udp |
| US | 1.1.1.1:53 | house.xafc.com | udp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 121.43.233.9:80 | house.xafc.com | tcp |
| CN | 121.43.233.9:80 | house.xafc.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 120.46.84.108:80 | s.jpush.cn | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| HK | 103.235.47.161:80 | hmma.baidu.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| HK | 103.235.46.245:443 | sapi.map.baidu.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.94.119.240:19000 | sis.jpush.io | udp |
| CN | 1.94.119.240:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 1.94.119.240:19000 | sis.jpush.io | udp |
| CN | 1.94.119.240:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 1.94.119.240:19000 | sis.jpush.io | udp |
| CN | 1.94.119.240:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.94.9.210:19000 | sis.jpush.io | udp |
| CN | 1.94.9.210:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 1.94.9.210:19000 | sis.jpush.io | udp |
| CN | 1.94.9.210:80 | sis.jpush.io | udp |
Files
/storage/emulated/0/baidu/.cuid
| MD5 | 221708d13eef763da8f1c943541584ec |
| SHA1 | a8253e3e33d2ba539065d9c79efb0df88bac2b98 |
| SHA256 | 9c06291954f589607cc6a45439a83fd078ff642b18b487cf153af198d72baeb1 |
| SHA512 | 224f2f090488c3d6a273b83b03019b2bc76468d65e9cfcd40a235f1484558a32c2d2c779db414498c3ed2e4c48bdba7ba4e46c807ebf6a6591e1956c3eb65d18 |
/data/data/com.xinanseefang/files/ver.dat
| MD5 | 8e31aa8d6b61e8b044ac3346e87098d6 |
| SHA1 | 70e4050667039f00eb5231bd731b9f3cb5daf00b |
| SHA256 | d2a616114953901b1bbbb79a9be694acc0aafdabc1df94f46002bcd6b75b3a4b |
| SHA512 | 2935b5e37639b7c631aac8d5073a200d56471b1a06858c0e3dac03e03a89758743b023cedd1ad703e8f775114b39ee0ca808165188c74359d6b1e47fa7e171d6 |
/data/data/com.xinanseefang/files/cfg/a/ResPack.rs
| MD5 | 0357e8edde36315c0e0a4f5385de625f |
| SHA1 | 2e6c6f15010e88dac5078f34e31a8ddf5e032f2f |
| SHA256 | 44764ad74b21113fb17b21899bd0d4c81740544e868eaad680553b3bd0cb016d |
| SHA512 | 497385b4e3b512f6a4365486d40bf1ed298422087f23a352ed2cec96331b9b012814ffba9c3ba83af5f777df16b53bbe1bf3ab8313902db49011f01a3024cf93 |
/data/data/com.xinanseefang/files/cfg/h/DVHotcity.cfg
| MD5 | 0d3e99204c6401ea499fe9e6d9855497 |
| SHA1 | 09829f00ca458eab7374d5079393a2cd69a2348a |
| SHA256 | 63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca |
| SHA512 | 8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68 |
/data/data/com.xinanseefang/files/cfg/l/DVHotcity.cfg
| MD5 | 4c147c14af4c145352bd8b29fe31432e |
| SHA1 | 42924c6c6f9d10234a9053bcf1fc88403bd042f9 |
| SHA256 | 2f56b1ff49f5bafcfc5ef931f2949f45d4303d139c99d43165fd0e645a9c6909 |
| SHA512 | 3b194de38f2fd00aac8be66566d0891817e4507b821367bda7a47acac42410d5a7ecd0adafe1bd9dd9f38387732eac48b4272f0bd205c975dc61f910d03f4604 |
/data/data/com.xinanseefang/files/cfg/h/DVHotMap.cfg
| MD5 | c16f5ca1517683c46e02a6b71aab3c00 |
| SHA1 | 2d09a048d1b8d556d89d4d723947e9e234b5e59b |
| SHA256 | 13d4fbc0d1cb7c2761641a3632c440f6f1d919dce731b8c32cb35e652b0b39f9 |
| SHA512 | a692b79382747548fd8be8ed94c06198b143c167be1e96f60d8ea7ee9432a0eb1a0cd73d0704523e487d59443bf7ad13eb36e47b67864e227917d33225e3e62b |
/data/data/com.xinanseefang/files/cfg/l/DVHotMap.cfg
| MD5 | cc3fad9057e0940ad4d4c7ad27922023 |
| SHA1 | 403cbbcd7b819733b5caf49ed2a58d654441e99d |
| SHA256 | f6d90bd8621889ab994374b4f51a1c3f9b028aab1a2129b8b3b0e1d7c5c37864 |
| SHA512 | ebaf2b8c56bc15826ef38b36e72ae41765fc723470c6dcc40bf9f31118f252777072ad39a535a79f53b6aa29811b4b21cebbc9810c47e34ef9400246d789ab21 |
/data/data/com.xinanseefang/files/cfg/l/DVDirectory.cfg
| MD5 | 4e4c0c143d31977e55ccf433768c1fc3 |
| SHA1 | 133300cc7fc747e87ed11bac9723b6fdd99d10ef |
| SHA256 | da0e065b0b5e7f3b9d9c5c81f563899a18d77ead7220db8a0a5b75883d3b308f |
| SHA512 | 027d7ca57026e9d79fb803eba4f57077931cabe0b381e3b92a66a1bb9b2e378688d5e1ac169a27f22357b1c3ad8ec313483c08b3282fd00889400bde9d04bd3a |
/data/data/com.xinanseefang/files/cfg/l/DVVersion.cfg
| MD5 | d54b7b380a5ff46c78283013a07d8e0f |
| SHA1 | f697c5f7028ba2679a96d6bc5291c38ff96d7982 |
| SHA256 | c7ad837b097687d92e0d944815fc70adcb0e1cdc82db28f728d13e8a48d7532c |
| SHA512 | ade792589c33179c51305f201bfb6db28c05b2ea098d12bfefc1a5cf9bd3014d53830ce2e71f027719ee1b83b2394c7654b5ddf4fdc7f678840869d2a2787ef4 |
/data/data/com.xinanseefang/files/cfg/h/DVDirectory.cfg
| MD5 | 559d00b248f240aed54b1f2e9a667b05 |
| SHA1 | 4e52ea33350358a754e60a63b84d0fde49538d52 |
| SHA256 | f569f76cbf7d7570db61f0c1319603811837f3f3d2759a843d9d45b2d514075a |
| SHA512 | d133ba266171c11a6241314688bd9e7cbe9b4833ced128961123a3591f73c5f6041c098cd5d39224c2d8a040df420632d37f06aeb905748e8ac556fdea36d7ab |
/data/data/com.xinanseefang/files/cfg/h/DVVersion.cfg
| MD5 | d783f5b9d76ec2c039be642717407cf8 |
| SHA1 | dc7e66199d13f7dc2cf982ee943c1064cc807759 |
| SHA256 | 55b83afee10463b21c76c6c6a2ff4447f3cb3c5c33492ff986fbd40e3d54fdd5 |
| SHA512 | 2034c62b80f81e728b92dcb2673e33dd6f9b61d9d6d74a5de8fb35aed3403913ff7ec4a711027028c83a9179aeddd1bed950fcf383b8d3665a8460798f94bd0b |
/data/data/com.xinanseefang/files/cfg/a/mapstyle.sty
| MD5 | 46a9f9a5221dbe4ff71bfcd2ee045c5c |
| SHA1 | 915cb3bc2f0096dede38afc1cd7f09c8782360a9 |
| SHA256 | ad3067eb308a9420b727b4f24dc5134bc75b36bdda7a7a7c5651090698dd10a9 |
| SHA512 | 185530752b639d743f99e28369f75626900420dccf598a639065ecb08c562ff98c4a1f6abbec9724d1684ed053774d60402cd2f20e3586a534c8715e7cec2ac2 |
/data/data/com.xinanseefang/files/cfg/a/satellitestyle.sty
| MD5 | 3f1348cd6165c9a66a9892565c917ca1 |
| SHA1 | 96f0c939438c494cf3fd89246d458e92c0c7203b |
| SHA256 | 5fbe3817e4047e14c40b567be4955d7579c8bf7b7824bf8370f5e194ebf9767a |
| SHA512 | 405c3d1d5f4899cf723509f8e293f2ca1d95a79f7892e93401309372335a6a286f2eae9ee9312f69af10c5bcabd091cd90608898a129542b0abe0617c500d023 |
/data/data/com.xinanseefang/files/cfg/a/trafficstyle.sty
| MD5 | 6a86f30539dfc9332cd235fc48fcb62c |
| SHA1 | 5c202003f6346edb85175b8df7c460793f5512c6 |
| SHA256 | 34bfd1e28c3625f50a23240c4b08ac50a90fd35c5e5f88aed1cf36fa8fe5e18f |
| SHA512 | f63edb8270e6cd35e5c6896e2b9153144af0d29303e367a4fa81941b1b2bb0de57fa484badb7ec7f05ebdfa67d77b00c3651572c5f05e9314389887f5546d235 |
/data/data/com.xinanseefang/databases/smssdk.db-journal
| MD5 | d111f4d5c9f313f68b4e6a6178018491 |
| SHA1 | e11c724240a68f65173a6ae523a10cbe14073319 |
| SHA256 | 1821c17a11f010254822c880c42a4a9d70f95841f71e1ad34400534df8298021 |
| SHA512 | 66f7fb93f1775653c96f3d4994d9509d6021ea369e056621cdfffba58c68b98713c11b9115e4007a066f271a75cbdf21f429ea6e80774ecb5b6f38047964216d |
/data/data/com.xinanseefang/databases/smssdk.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xinanseefang/databases/smssdk.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xinanseefang/databases/smssdk.db-wal
| MD5 | 478d8889de3641f2fd4892b6f9d30018 |
| SHA1 | 6bc4d350c1af9519984badd9e2d915ad23362832 |
| SHA256 | da748bac2c1afd07144b1ae0241596a0266484d0ddd58d61ac2d155f0516fb9e |
| SHA512 | 24b65502f81e5626291baf2afd9a43bdb1fc326fabbe25835cf8aaf6af48dca7084eef521ad113f149eb2cf4a02d6ba7dba9f4ba0c15d26560cdc9e01e64cdfb |
/storage/emulated/0/SMSSDK/com.xinanseefang/cache/.ba
| MD5 | 277d21fa1b8fa77f5f5b5339cd3c24ff |
| SHA1 | 051e484b0afd8bfe731887a11b683d76cdbf4cde |
| SHA256 | 801a4f27320c2949dfaad7b5607c48c1ab9fb5b06b44568b8644356a059b509c |
| SHA512 | 83220a5de8c5672816429014eb296dbdf805a9e4d7b6298967006ea6eef5efd03ed3491ccd64d1b97239d84812d06a8452fc81b579ffbede4803ab2a888cede8 |
/storage/emulated/0/SMSSDK/com.xinanseefang/cache/.ba
| MD5 | 6371a3162317053a389226e9e5c069fe |
| SHA1 | a3ef3f1db3cf75c9bd41122f73af0c725a8012f4 |
| SHA256 | 4ba4fad3e2bc59d7a5c8e192fdb60a8c3940adcddb29ab48b81f02b1ffd49b80 |
| SHA512 | 0530a95725ed38e55af9e1c7606de2171563362db4917f8e0ef144d0ddaebf96557170500d0ee8a37209c494e0579f9cb6308b97a35e6c3be684c029b38b81f0 |
/data/data/com.xinanseefang/databases/rep.db-journal
| MD5 | 89f4e05b86a5a5bfed31f15a53f55588 |
| SHA1 | 4834c85b45acb7b12c4d657764b49ca00034bcd2 |
| SHA256 | 558460fbf6e10ef53db17baa31fbc93a3f8399d8a458895817ef5e9b5f64597b |
| SHA512 | 3bd4655a212dcd03c380dc76523dec39d0228dd9b965c167a358d9cb24c4b3265de1fdd7cc0416a947fefeaab6e5af3cc04ae1faf8f708a2fd33b5f26d817078 |
/data/data/com.xinanseefang/databases/rep.db-wal
| MD5 | 4a2f5ac1f3a33d75e928677b37505dae |
| SHA1 | b39709a1f245602c61bc9dfb9baeb1a092270c1a |
| SHA256 | dac1f092615e6a4b95eea0e25e72b903fe9020901fdbdd378112f491d0e1744a |
| SHA512 | cf180f5e2409c8efb26ad9b4234549e6d6a44f236ae3d0855c8efbd8ad0dce7155fb7e715684b90624cc776ddea151b9aed8e703ed6de0d433baa1bd7148e6c8 |
/data/data/com.xinanseefang/databases/smssdk.db-wal
| MD5 | 90e26526e088676234b57fb0e2325460 |
| SHA1 | 0e4f08841c399b9ea051b0eac6d92cd4b35e7cb1 |
| SHA256 | dccac25261b5bcfe1a25606ab032ed3e934415d2c2ed7ad4e5aeec63581bdc0a |
| SHA512 | 91970cd3e8efb81bd9de49c6dde4c9b83c01a8522ce48139310f3ebae7b8791d78e132463151536cfb8e53fda1d555b19b7a2a1c2d1e9fa7d210dcffb2eff057 |
/data/data/com.xinanseefang/files/__local_last_session.json
| MD5 | a7a4ad3e4a14cc4e5b28c1199a76efb0 |
| SHA1 | 8d42b29542d1777afdcbe3af879851c751ede647 |
| SHA256 | d24c87e0c5ab5b4628361cbd14d30141d25ecbdf87c7b955f740062408a75f23 |
| SHA512 | 9438ef4e73699b6fa665338d4a2254740353097eaffd8a70f6cf16690c92d94fadbdfc0820b125e598f773f27bbe986a1064bdc150de568a31bcd84f30087f6c |
/data/data/com.xinanseefang/files/jpush_stat_cache.json
| MD5 | 92c55f189afc3e5034c25fba7199b2d8 |
| SHA1 | 43c1991facaef619fdeb7990bf43a1672076e6a5 |
| SHA256 | 21208a1ea75871d6c4916661da45134edd2575e16ebfc86ccd7242eb66381a3d |
| SHA512 | 4a9cb3bbd29675b2a6aa86f579624c6d0d235755d6fa3855aed2f7f314136a596f8fc8e11e94b33f8a4553606fba06e8f5880bfb4b5cc99bf2d1fafc2273f16e |
/storage/emulated/0/baidu/tempdata/ls.db-journal
| MD5 | 25f79ec323bbe2f65c0aac967faf95d5 |
| SHA1 | 2313911fea3c2914c8959c821cae0bcbb6a4a849 |
| SHA256 | 3f7e553f22889b259c064b1119ce0f534071f01c93d45b4f085bc530d443ffe0 |
| SHA512 | 6068fccc04aa9b5e4a08a0ba4bf92eba454e82a0621342cb203e1346ef0f277569ccabcc208470e8f413a190a4d34d751726f60ed60a3a4cc1c247c40568a346 |
/storage/emulated/0/baidu/tempdata/ls.db-wal
| MD5 | 4c876badfb458eadc63f7f09a2b26574 |
| SHA1 | af9b14aa4692800cbf4c10b70ba816449b0f6bc0 |
| SHA256 | 91bdf711425a1638c195ef801c685aef2d92e305a2dc9de38a3619e23d2694f7 |
| SHA512 | 1a0c667f3435724aa8282f69f2332afd659b963956a07610bb385dac3b487fb794ed929fbee5bbbe4e7463886ade3fcf084f97a2bc8df59d9a6be6575b01f7b2 |
/data/data/com.xinanseefang/files/lldt/firll.dat
| MD5 | 39eea580d06562caa78c7e3918084fa6 |
| SHA1 | 28d3099a199f05b5cb54a60cfe7d4ceb10acf0ed |
| SHA256 | 16c024ccc88492c10da7a2f0a96978f0d996c241bc7dd3fbb49eadc41f2e7ef9 |
| SHA512 | 461bba4b62dc1ff66064e4bd45e46869ba316faeea188e5bec0188ff57fe5396011ce580aea887d74397f920e7dbdfb52bdb589cac9f9bf6536e1cc4c6e825aa |
/storage/emulated/0/baidu/tempdata/lcvif.dat
| MD5 | eba63998b6e5d112dbc34b3054f11873 |
| SHA1 | 9f1d421dc1afa6ca68518c1448cfc96016ab6d57 |
| SHA256 | 99688c355be7a1c9302e335c9c751c50aec1d01dff820746cef327e96c17f9eb |
| SHA512 | 9eb6c8c8db2e63ee44ea596dba221d0f4e516a268328f9d78aea48fefc5f508637aab8765d4baef6ed7edffc7fd6e5c8a5d8f5e119fd0e50828397d910e0dc3e |
/storage/emulated/0/baidu/tempdata/conlts.dat
| MD5 | 8d80bc8ea90e9cac010d3ddf97bda5f5 |
| SHA1 | f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07 |
| SHA256 | f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93 |
| SHA512 | 9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7 |
/storage/emulated/0/baidu/tempdata/lcvif.dat
| MD5 | 4b38264196c65e9717848802f2b698f8 |
| SHA1 | 26067e22151e69f54eb5976f93a888bcb40065cd |
| SHA256 | 6fba0805783f43207caa3878fb35de06249eb1763fdf9df1a0d49ef71a969986 |
| SHA512 | 33ea3dea39b7867760b7621de14cbdc7ed341310f99a435784f3e2fa918ff457a8ce08da84e0c8a6530e6ef31170308bfe270bfdf5d771c45dc07eef8c6b9b0a |
/storage/emulated/0/baidu/tempdata/yoh.dat
| MD5 | a936690571e9104e1922dda4a0ba5bd1 |
| SHA1 | 65f49c57edde2f96be2a1dbdfc3f7351f1e66554 |
| SHA256 | f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412 |
| SHA512 | 3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394 |
/storage/emulated/0/baidu/tempdata/yom.dat
| MD5 | 1681ffc6e046c7af98c9e6c232a3fe0a |
| SHA1 | d3399b7262fb56cb9ed053d68db9291c410839c4 |
| SHA256 | 9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0 |
| SHA512 | 11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5 |
/data/data/com.xinanseefang/files/__local_stat_cache.json
| MD5 | 2d805b13f2f28dc3ca9bbcc000f49bb5 |
| SHA1 | 9eac165b4d81258fd3967cde5cc53b53b1dabcb1 |
| SHA256 | c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19 |
| SHA512 | 5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0 |
/data/data/com.xinanseefang/files/__local_ap_info_cache.json
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
/data/data/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | 35bf5018efbd2c09743e497d17cc88e2 |
| SHA1 | 15438c491515f338c32009aa6a61b7c007750d7a |
| SHA256 | a14fa193bfafec23d5baf01ca4de146a22e0ad6c74d097daaab3c769f9df023a |
| SHA512 | fd2d08192fc0d7c9916ef0e9a084c42ed6521866200a7614868fcb00abba87fc5f1659f7ec99063c94e6609de0ba0bc467d9726546562099ff1bd22ac895479b |
/data/data/com.xinanseefang/databases/ThrowalbeLog.db-wal
| MD5 | 6b5b6d4b4155dbf81a66d295967254c6 |
| SHA1 | 9b630e460c97ea0fbb7e76254fd41e382bcea76f |
| SHA256 | ecd93bd3557134d332326b6b394e7f92bbe79ee79760570bc36e26fa294bd842 |
| SHA512 | 1e696e2fb2dc3a14896f1a6bca23094ddac8bb7144b559f73c97c34a892588fb4408306702c66c70d0ae6d0181938194dc166f123c36802f440ccbc7ebf4e57f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 22:15
Reported
2024-06-13 22:19
Platform
android-33-x64-arm64-20240611.1-en
Max time kernel
179s
Max time network
188s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Reads the contacts stored on the device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
| URI accessed for read | content://com.android.contacts/contacts | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.xinanseefang
com.xinanseefang:remote
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 216.58.212.196:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.202:443 | udp | |
| GB | 142.250.187.202:443 | tcp | |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| HK | 103.235.46.245:443 | sapi.map.baidu.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | hmma.baidu.com | udp |
| HK | 103.235.47.161:80 | hmma.baidu.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| HK | 103.235.46.245:443 | sapi.map.baidu.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | sdk.sms.mob.com | udp |
| US | 1.1.1.1:53 | run.xafc.com | udp |
| US | 1.1.1.1:53 | house.xafc.com | udp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 119.3.253.130:80 | s.jpush.cn | udp |
| CN | 121.43.233.9:80 | house.xafc.com | tcp |
| CN | 121.43.233.9:80 | house.xafc.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 110.41.53.90:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | udp | |
| US | 34.104.35.123:80 | tcp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 110.41.53.90:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 110.41.53.90:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 110.41.53.90:80 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:80 | udp | |
| CN | 113.31.17.106:3000 | tcp | |
| CN | 119.3.253.130:19000 | easytomessage.com | udp |
| CN | 119.3.253.130:80 | easytomessage.com | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 120.46.84.108:80 | easytomessage.com | udp |
Files
/data/user/0/com.xinanseefang/files/ver.dat
| MD5 | 63c099a982535e10af17014d74c217b4 |
| SHA1 | b135744c810e68d1a262a4355070afd2faa3829e |
| SHA256 | 0e406008f819c721d1964fefc854c647eb16720db4e85858c20e10498d34d454 |
| SHA512 | 74681b0b622ecec4b9f9c1a246b40e84dc20e1cfd31e2429eaaae1f063e9820c79165a178a55fc32cb3b2987f8959a2d4462902a2b58704be04deef6c0643fa2 |
/data/user/0/com.xinanseefang/files/cfg/a/ResPack.rs
| MD5 | 0357e8edde36315c0e0a4f5385de625f |
| SHA1 | 2e6c6f15010e88dac5078f34e31a8ddf5e032f2f |
| SHA256 | 44764ad74b21113fb17b21899bd0d4c81740544e868eaad680553b3bd0cb016d |
| SHA512 | 497385b4e3b512f6a4365486d40bf1ed298422087f23a352ed2cec96331b9b012814ffba9c3ba83af5f777df16b53bbe1bf3ab8313902db49011f01a3024cf93 |
/data/user/0/com.xinanseefang/files/cfg/h/DVHotcity.cfg
| MD5 | 6b853feef9fafffdaf098f6dacbd19a9 |
| SHA1 | 63242ce47347e9bce8b2ff9afc4938caf98fa9fa |
| SHA256 | 98b9421a1bb202549afc2bbf103a5bd393d8a958407711102f9c155c7ff5d376 |
| SHA512 | 3f15bd8e41afad79d21786a98fa38aea38d4f3a2fc2ff4e9cca51a2cc20453d2b1b75c8aa29a2f50d48544e9ccd5deb09a131484b210e108867fca8d418ddc70 |
/data/user/0/com.xinanseefang/files/cfg/l/DVHotcity.cfg
| MD5 | 63b0ea4cb04b62db9b2ed6796529463a |
| SHA1 | 07fa7c5e7c0709787749ba1bc320bbe29a56b497 |
| SHA256 | 24ca0502688e07346d33965db89a1ff445232c0a28c849b4ecd57c17141f46f5 |
| SHA512 | 7b6a3f6e8dd4dbd28ea7bacd444d59388c3a5d16ae3f0c8969b7fa928fa3dbece3c4b21c6ac85b4e15b4b16fe6da1306cb65aadb2f9b70bb2127bf477c725483 |
/data/user/0/com.xinanseefang/files/cfg/h/DVHotMap.cfg
| MD5 | a3a99cca79b18795bcc48fed8510a5fa |
| SHA1 | da42eb1c7c71ae30f1aa9ae3f19f8d5166db021d |
| SHA256 | 4d025e5c63ecca7107a85e1da9175db3efc56dcb2f3296ada88672c74c5af11b |
| SHA512 | 909e844e3347f48011fb1d4efd3fb57bf008c00909b98397a80aa427580734042d89102463adda755dca7311f5b4ed3403c3a9cef6cc655491df9667853cbcff |
/data/user/0/com.xinanseefang/files/cfg/l/DVHotMap.cfg
| MD5 | cc3fad9057e0940ad4d4c7ad27922023 |
| SHA1 | 403cbbcd7b819733b5caf49ed2a58d654441e99d |
| SHA256 | f6d90bd8621889ab994374b4f51a1c3f9b028aab1a2129b8b3b0e1d7c5c37864 |
| SHA512 | ebaf2b8c56bc15826ef38b36e72ae41765fc723470c6dcc40bf9f31118f252777072ad39a535a79f53b6aa29811b4b21cebbc9810c47e34ef9400246d789ab21 |
/data/user/0/com.xinanseefang/files/cfg/l/DVDirectory.cfg
| MD5 | 5ce812200c357bb064dedf09f8f36ff2 |
| SHA1 | 27d5513cb969bbb3ba72db187026612c946a827a |
| SHA256 | 0417e8aeff0f9eb322ba23673cd94292e199d578d642c80f88d2cf9004f82f82 |
| SHA512 | ead2bfe160dd34a600dbb4a370a59aad3ff5aa16e33b81a603c9a6e2726b439e6b2ee66de04b2b9023bd5362d69860363fadcd2af41820b6d78f1d4d6339680f |
/data/user/0/com.xinanseefang/files/cfg/l/DVVersion.cfg
| MD5 | 063c6fd1479c4c4e59d83b8e553354ef |
| SHA1 | 85f17cd549c54d29cfc7c263551283840f6cd722 |
| SHA256 | f7b9d7664e183e1d774ddc64116f1c974e1d4d7432465fa54649772c65defca7 |
| SHA512 | 920bfb5d0623996e1b16874800ff6e0871f504e743582ce178ddb78ed9d6c75734ce1d94bf797b74f5103e87d2807c48b5e0ebc3ec0894067679e39a4f7d2065 |
/data/user/0/com.xinanseefang/files/cfg/h/DVDirectory.cfg
| MD5 | 2e57790b5d5c701feb30a6b54df05d73 |
| SHA1 | 82c6f9af5d8944db05100d208828f4cb73598d49 |
| SHA256 | 80f191bbd06306010496dd03b0b58be1e7d1d07b03d7fc7c94e0fcce2570f2e7 |
| SHA512 | e5caee2eb06a7d4b5dcdac204776f2dfe25dfcd26f54020742ef9e535ce51b06deaffaf62a95310ad7fb60005d4e261fb1edbaedd65243c77169516ffd98a135 |
/data/user/0/com.xinanseefang/files/cfg/h/DVVersion.cfg
| MD5 | d783f5b9d76ec2c039be642717407cf8 |
| SHA1 | dc7e66199d13f7dc2cf982ee943c1064cc807759 |
| SHA256 | 55b83afee10463b21c76c6c6a2ff4447f3cb3c5c33492ff986fbd40e3d54fdd5 |
| SHA512 | 2034c62b80f81e728b92dcb2673e33dd6f9b61d9d6d74a5de8fb35aed3403913ff7ec4a711027028c83a9179aeddd1bed950fcf383b8d3665a8460798f94bd0b |
/data/user/0/com.xinanseefang/files/cfg/a/mapstyle.sty
| MD5 | 46a9f9a5221dbe4ff71bfcd2ee045c5c |
| SHA1 | 915cb3bc2f0096dede38afc1cd7f09c8782360a9 |
| SHA256 | ad3067eb308a9420b727b4f24dc5134bc75b36bdda7a7a7c5651090698dd10a9 |
| SHA512 | 185530752b639d743f99e28369f75626900420dccf598a639065ecb08c562ff98c4a1f6abbec9724d1684ed053774d60402cd2f20e3586a534c8715e7cec2ac2 |
/data/user/0/com.xinanseefang/files/cfg/a/satellitestyle.sty
| MD5 | 6a4423fab398792d88ff508525aa7401 |
| SHA1 | 16b89c9d1009bd48d810073a6d777c65f07688be |
| SHA256 | 3fd14c4ec117f89b272473772a3d71e6603b5e6d58217e0a2775ed17386db1b0 |
| SHA512 | 053acc55f50dea07451e6d5a96bdf4a1317b727f07a9e4be6700c5f2fb4ce11d177d418dde259115f6460479490259654750c62d89c1afaebf0aebaade63aa18 |
/data/user/0/com.xinanseefang/files/cfg/a/trafficstyle.sty
| MD5 | 9bd44d405d13067a0c32b274ecad3c2e |
| SHA1 | 0d404c5470f011dd9ba44e1fab20d8769acca202 |
| SHA256 | ccbbfa23edb0b8b25a0a0114f2bc626a33f830c4326ec6d30652b310d8907ddd |
| SHA512 | dfbd97afc12c82a9e7dfb03a174d467f5e2f08e810b3ef6705731c54b92aad64240910ecb3b049191cc0088aec6bc3d1c93db4388c72791f1065879505cbf1c3 |
/data/user/0/com.xinanseefang/databases/smssdk.db-journal
| MD5 | 8468f4e33bb5700fda2a4882117c66fa |
| SHA1 | 84278948535c51e151ca1e15ac781b6c3d4287a6 |
| SHA256 | 9e47133c26b16692c3c06fb94ea635b1e9797aca9a47c89cd81d3f0321cf75ea |
| SHA512 | c3455ecd976f9d6c43a9a3e1ed76c3533d703ec30d3716e7942434d67765cca63c5687484669f17205398e67ecd6c673fdff4bb62b6d0b6fa1ef211cf851c8d3 |
/data/user/0/com.xinanseefang/databases/smssdk.db
| MD5 | ca929f9ea48a2300f0342f2a122339a6 |
| SHA1 | 77c651e7853614eeafe7f9bad8f069a8fb211c39 |
| SHA256 | 4503ee15f9ef446de801efd81781cfdd5c773246fc30b0e196053260b608e7d8 |
| SHA512 | 642e5cbb40e3845fdf99faef1e5238b34197d494de6ac568be016414b9ff9c058edc4620d56087b3a5dec3d42940424916209068f889d01bedb7a56114ac83ac |
/data/user/0/com.xinanseefang/databases/smssdk.db-journal
| MD5 | f9302bf1343134f9cb27888b0756dbba |
| SHA1 | b4fe597068fd2d951a21b6362469e14ddee46d83 |
| SHA256 | 7a3c926d7b55d0ca414c50a385a969083f17e4d985b1d8e029e28c2ef4c41a12 |
| SHA512 | c2fa39969df715e16ed1e7be32dfd9aee624aacaf120a497e1f603b1bd61cac2ce143fbf678bf609251422925502013d7226f3281995eadbbfe4191834d2b684 |
/data/user/0/com.xinanseefang/databases/smssdk.db-journal
| MD5 | 812f2248346a888d593a15d98286ec9b |
| SHA1 | de532001b775ff82a8558c4d09e0ef021c7aaf13 |
| SHA256 | 0a3711ddbf88f4b7301bda36a2dbebcdaf58d002484f93ec0232f048d6594dbe |
| SHA512 | 72fe0cb463bdc68e921a355da4ebccd62dd494ca5b9607519e3181527a441036e67e597d4051988198de2a106488899b5ecf08e0b7849c1ed476167ada8cab68 |
/data/user/0/com.xinanseefang/databases/smssdk.db-journal
| MD5 | 134833252f6617d46c45349cb5c6c100 |
| SHA1 | 5afba33e07332f384494a6f2e874f6afbb20cfd5 |
| SHA256 | edd26b4af41eef7ca87bef9f5772f313d06c4fccd9b3576ceb360df682e92a88 |
| SHA512 | bf66dee10a14f979f5fa700214f34d99504c704e290e1f738e1aeba417d9d59881a5b3104660a58c260a6b72dd970b6bd63c6a380338b9d88efcecc7a16b6326 |
/storage/emulated/0/SMSSDK/com.xinanseefang/cache/.ba
| MD5 | 277d21fa1b8fa77f5f5b5339cd3c24ff |
| SHA1 | 051e484b0afd8bfe731887a11b683d76cdbf4cde |
| SHA256 | 801a4f27320c2949dfaad7b5607c48c1ab9fb5b06b44568b8644356a059b509c |
| SHA512 | 83220a5de8c5672816429014eb296dbdf805a9e4d7b6298967006ea6eef5efd03ed3491ccd64d1b97239d84812d06a8452fc81b579ffbede4803ab2a888cede8 |
/storage/emulated/0/SMSSDK/com.xinanseefang/cache/.ba
| MD5 | e068b507ca16feb4fd5444fa5ebfbf69 |
| SHA1 | 81cabed127426cc2429ac7b3cafc9b9332887914 |
| SHA256 | f4ea6f3eb373c3e25f7285dc2d73d3573da76bf38923b865566b1c0e6f97c7a1 |
| SHA512 | c01705bdb36ed4e5aa720560a5f664289c09e70f203a8b22eb241c51668e35733bae6b0be9f4f5ee99a896c91bd189d46a029be282e450ead2eb7eb831f1d8a4 |
/data/user/0/com.xinanseefang/databases/rep.db-journal
| MD5 | ac296644bcb70d761cf08030c6dd292b |
| SHA1 | 53da7856d4fc7d54c9c75c81f992c6a02184880d |
| SHA256 | 3f6101ee4d8f495825c7de1cf953f4e8aa12b8510759e3f2122970a5d01e5085 |
| SHA512 | 843834ecbe2484ff1a33cafa10a55aeaa6ad05b3a262cbf8acbb6c00db8ae353b5311ae8aa1f108854bb9093b467443908b3b083dfa3bd55cc6e9be8a7e2f808 |
/data/user/0/com.xinanseefang/databases/rep.db
| MD5 | 9c6c05b150611ffce829e41a4707b796 |
| SHA1 | 76f0a7b714622d62f687c4bb2d5d0f17ff92f2af |
| SHA256 | 9c6869feb1d744dd73e65d987d064a0b91a13553687a90877966758778763dcd |
| SHA512 | d8ef6d794db2b528201de94b2009bfa8751a43c0598a31cd47c9c98ea056077efe197e2ed7cc22c044bf9b0150629075a22cf5c273bcf2d17e4c94e0e3c870b1 |
/data/user/0/com.xinanseefang/databases/rep.db-journal
| MD5 | b1ce4545bd0c563dcac1cb42682c70fc |
| SHA1 | d9a18703cd6c7e9d35423b58ca4e70e41c605e28 |
| SHA256 | 51428ecee1de2f11957da2c0a2fea704cc309281c02f04a46655e2836ffa9252 |
| SHA512 | 407aff80ee0b5c3a157a1b4029b064df398b7e5923f81dd3650dee048f3cb463d973aba6047977cac12443fa51334fde32ba128fdc5466cc14aa314c8da61fb9 |
/data/user/0/com.xinanseefang/databases/rep.db-journal
| MD5 | e09464b779e9b9d88b9ebd19a53f466e |
| SHA1 | 70d63b3a9ca953709ec0bdd035a822b7540913ba |
| SHA256 | 8bf95baa8acd87af02f215a959a5e1a26e516225b125e5b8adcb8e360cc9b7ca |
| SHA512 | 648dc45cbf237db4341393efedf60f11bef2feab0f88682fbbd969c00f2b3da6fe192d9fe28d976f42117d3c33f13148906308ee62575cf54970eef44b65589c |
/data/user/0/com.xinanseefang/files/__local_stat_cache.json
| MD5 | 2d805b13f2f28dc3ca9bbcc000f49bb5 |
| SHA1 | 9eac165b4d81258fd3967cde5cc53b53b1dabcb1 |
| SHA256 | c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19 |
| SHA512 | 5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0 |
/data/user/0/com.xinanseefang/files/__local_ap_info_cache.json
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
/data/user/0/com.xinanseefang/databases/smssdk.db
| MD5 | 67925c889a8972b4cf2b690350e2d76d |
| SHA1 | 9653dfa64ef43006402ed1f0172475a368b45c76 |
| SHA256 | 8ac89035bd0af03f0255708bf8f29c8af5a90872846b0c7b87ac455eb3025230 |
| SHA512 | 230903280efc0564b6b176055456719165a2da4b34869d3c61849703aa60d442776f892b6e644d7bf1bac3a16bfa05e7ff91fa94d91f3afc39942dd8a02d52c7 |
/data/user/0/com.xinanseefang/files/__local_last_session.json
| MD5 | b532db61b8bbef3af015aee70d85e1e1 |
| SHA1 | eaf300201fcf5a9e285c0e4c7d3344a88acccc5a |
| SHA256 | 931c3538f2dfb7585837e27c3e961ed310b2769bbae014b6d6eb7e79d872f620 |
| SHA512 | 55315a0613e741ed8b3cae1980c159bf73feee4706f5ca78e3082a737d1f932c37d724d4547e500adb3d891721f6c9349f53515c1a7497a2dae165a11e1f7c53 |
/data/user/0/com.xinanseefang/files/jpush_stat_cache.json
| MD5 | fbb47988cffe4f5bad0d935356e7011f |
| SHA1 | cf7e8e712d4daa338ce4dd898f7f6e50d55dc704 |
| SHA256 | bf03affc5b1b0b40a896a57db7792fa7c8ce2921d5c6bf3e7b5a0a96b943c2c8 |
| SHA512 | cba7fc2923c0d3275404e25afb7d6267fef0ca145d7532f143839cd59962e3933b6e03dec4dcc26becb92e7ea368c084192448dd2ef699dee65d07c094fa3e6e |
/storage/emulated/0/baidu/tempdata/ls.db-journal
| MD5 | 131f4d91e7486927a4f6181383272f69 |
| SHA1 | 24b77eab6e77eb225c6aa1fbfa86c65ccb46e9f5 |
| SHA256 | 03c66a918525e9978d8515e4778ce9febd59de89578029b954407503327c37ed |
| SHA512 | 2932885bd5f9001dc051dc6625ef89cadbdf1beba2723d9f9afe103cecc9ce9a65fef10460518c6b274f0e7596fb6a85bef929998c88b71bef98305024350dde |
/storage/emulated/0/baidu/tempdata/ls.db
| MD5 | f8df032b186b8daec21b955238836997 |
| SHA1 | 6670b787d78d0391ca067ee9d89c1fc99ab248b8 |
| SHA256 | 0eb2691193d5b1af9ae73ce1110ea204d7895f5a39d8d5155f6de13dd3d1d283 |
| SHA512 | 97472fd05b640d30f6e8d2a722e57a1d670e77391506c54b8e55ddb6109a21acee6a74af8c5098467317fd9292460e54ddfcdcf46e44684ebe7798f7890bbfe8 |
/storage/emulated/0/baidu/tempdata/ls.db-journal
| MD5 | 42d6bad8413214a3dac5b52b6d09dc7d |
| SHA1 | e1f5afe3608bb7fa929a851d60e1286efbe91980 |
| SHA256 | 34ba796a3cc98c610946834fd17a837c156119a42bf66c6eef65b1a592cf7db8 |
| SHA512 | c3325c71150d4bd6132a5aa9c2fbad1d6c52f6ea83a6eb90ffeb3f22bc3643ecd2a1f7cd7d8b95af3659123e242392d38f457190bd44e8e075b0fcf578d6f34d |
/storage/emulated/0/baidu/tempdata/ls.db-journal
| MD5 | 35ed1d010f899ebe986509c25310fdfa |
| SHA1 | ab0741e9dc7eac9f8c80b7173e64ad2c0d5939a2 |
| SHA256 | a8ed5adc5e6bc6e541ac6e43b1f5fbce72d3b4510fb3dc9d1be322101f6d14ca |
| SHA512 | 189e16b7c71933814c8a387d54e68dbddee2b6bccc022a778ce929dd464a468af6d68c4d55f8c17e86a202370f951dbdd016115a2211af2dbecc7b2d680ff6f3 |
/storage/emulated/0/baidu/tempdata/lcvif.dat
| MD5 | 3ef46a1944cc52c154ae5d67ad43e1da |
| SHA1 | 6e9f215701554f9c0c8a5cc2909f5f4cba73989d |
| SHA256 | 4c469f69d1673f1c54671402629838c3cbacc197755b8a190602176314b2ddee |
| SHA512 | 0e97f2fb5b661162fa52a90cce763c13a7bf166de0b7a1f145108a56cb2bc45a26462195873fa9e273d5624d4c5eeb47c48bfb3af19583ba60c2b1e751ccd54a |
/storage/emulated/0/baidu/tempdata/conlts.dat
| MD5 | e2948d55e9f8bd65cee46964606c9665 |
| SHA1 | cc32a6e1daeb792b74fc8c39e3e647b69e99a0dd |
| SHA256 | c24366b6a045e9f74cc5aa19dba3e70fc0e3bd178cd931648aba3beabaf58c5b |
| SHA512 | 27d385ab30e888021a651504e463f82902e02af5a59822ed249e4d6b0b03bff10be030d4ef1f6b484e8fbda659f94fcdc4bfc8bb08909d596008937d42aea23b |
/storage/emulated/0/baidu/tempdata/yoh.dat
| MD5 | 1681ffc6e046c7af98c9e6c232a3fe0a |
| SHA1 | d3399b7262fb56cb9ed053d68db9291c410839c4 |
| SHA256 | 9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0 |
| SHA512 | 11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5 |
/storage/emulated/0/baidu/tempdata/yom.dat
| MD5 | a936690571e9104e1922dda4a0ba5bd1 |
| SHA1 | 65f49c57edde2f96be2a1dbdfc3f7351f1e66554 |
| SHA256 | f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412 |
| SHA512 | 3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394 |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | 5eb2af0aa430d602896619db6bf76dc8 |
| SHA1 | 0ac3649ecabed24831037baef8db344f73063982 |
| SHA256 | 96c9a07c402df6eba9738b72f22e2072c2fa36be6b26c19c58b2546903de969b |
| SHA512 | 79887e9ba93f85321945cd0b3d7d3e9552978adf334c0e06304c74fd2df64a31db2d88083a4568770282c1af289ed700073e6ed93cea9441be662bc37e3e316c |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db
| MD5 | ca139da9f68677c2c1398a8ac2e2bafd |
| SHA1 | cf27b371ec9c143028f7d5f52ea51d1b23ce78e0 |
| SHA256 | aec2d69fbc7ede24c66eea222c076fb1a4569445e5ace7d7219e48336b44aa4f |
| SHA512 | 1a097b8e6eb23f71656dc7076578a8a120d3bfcee015634ddcb23daeeac7a10b37d691e24493a6795a17a81b83296a3fd6cfe0fb6f3e4737f342abd942ddda3f |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | 3c2eb71a804bfe9e45c65b909fd4fca2 |
| SHA1 | d141a7238b5b7acdf5c6ac7fd3f89e68b3b1674b |
| SHA256 | 628f5d9c88d532a5ddcecd791e2060ad7300da8080f344a5a755cf4693bff6d7 |
| SHA512 | fcfd20af1cac9f97d13120e07b9d76ebcdae302f8f786adf1619ebc81c0772f01ac2cbb65a2eea672b258906aa5126baf34122375137d638918493f6f06f9f02 |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | a8fb882da123cd0a5dd6f958e00d6a5d |
| SHA1 | 36c70f0b432ba8a0908276d38f7c25ed6408e653 |
| SHA256 | d9a19862f50aae1dba892ea62db7833db9efd02f7c68991d0819ddeae2759635 |
| SHA512 | 3f0b70cf823048758ede2568f69f3fcffe128d72acfcb2f8633df9987acfa76c8093e2ff2ee01df301bd3a49d43a912b090b0c09f000027cc61c2a72ef50e926 |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | 0734b45c87667e272cb253e098836fa5 |
| SHA1 | d53687ac5efca711c1b63ff9f1e6801599eeb02e |
| SHA256 | b7e48a82e049fe75212233ea577e339986986b054bd2b9c40f9bf4607bc9cfa4 |
| SHA512 | 19fedbdff1d27f101edab4f50f2251aef429c07dd3011b2fb2d88dafe6044007755e8dfca6ce90c77ecbbbd335c46c4e3db0e1bb9be78590dba3c92ca6cbd7a7 |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | 18a65c81dfbf2264f83bae0036901c23 |
| SHA1 | 1b281080303bad972a5c5ce7d19ff8a19e40f974 |
| SHA256 | 6a2587ac7a034361724171ebc1039afbdf7e694f4e0e731a3fa565a3353d0749 |
| SHA512 | 9ec6258346803cf0b364b63be5f26bbd4e46710fda5711371ab73fedcf8beac5c7ba51e258ea4a2f5e8bb2fa590d1a7cdc4e9e8609140a8e6b69916fb133f742 |
/data/user/0/com.xinanseefang/databases/ThrowalbeLog.db-journal
| MD5 | b12b51f5b0ded1383b9e7762138f6b20 |
| SHA1 | de48395e4024c1b227f961829a6839e247b6f140 |
| SHA256 | b0a349d0353568edbf600be3c99ab3d086c0a36d40c3bf114910577545337b0b |
| SHA512 | 54ee2137558287228e87ab368ac25eead00d6bce42ef8005527d6e4001ca6c485da268c1f48494d636c68171e18ec54cc8427b8f120b0a090ac9889484d1ba5f |
/data/user/0/com.xinanseefang/databases/smssdk.db-journal
| MD5 | 27dc3a396f93314e82532c8cea6085fe |
| SHA1 | ecaae5dcd78ecf85cb309a566ce2f2f476d77566 |
| SHA256 | b5eb7d4c868ddf937a54de44d7487ae4846dbe788542e7ff1c46985946655a9c |
| SHA512 | d402e871e820bbaf0c8c0c592ee62da5fde01429ae60589c42308dba8ae736dba3c8b00c6b7e523c5dd3a7965d9732b9bdde15f7695c51be1faa94b4a459060e |