Malware Analysis Report

2024-09-09 17:24

Sample ID 240613-2lahzaxcjk
Target a6ef5b23648fc136362c30e8de6e16b2_JaffaCakes118
SHA256 c41c9fe6ba89ab3f4197d0b64ba16b8c48df6f156717aac8117d2efcab8bbc5f
Tags
discovery evasion persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

c41c9fe6ba89ab3f4197d0b64ba16b8c48df6f156717aac8117d2efcab8bbc5f

Threat Level: Shows suspicious behavior

The file a6ef5b23648fc136362c30e8de6e16b2_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion persistence

Queries information about running processes on the device

Requests dangerous framework permissions

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Makes use of the framework's foreground persistence service

Queries information about the current Wi-Fi connection

Acquires the wake lock

Queries information about active data network

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 22:39

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 22:39

Reported

2024-06-13 22:39

Platform

android-33-x64-arm64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.169.68:443 udp
GB 172.217.169.68:443 udp
BE 142.250.110.188:5228 tcp
GB 172.217.16.228:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 22:39

Reported

2024-06-13 22:42

Platform

android-x86-arm-20240611.1-en

Max time kernel

126s

Max time network

170s

Command Line

com.zhengzai.zhengzaitv

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.zhengzai.zhengzaitv

com.zhengzai.zhengzaitv:ipc

io.rong.push

com.zhengzai.zhengzaitv:cde

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

com.zhengzai.zhengzaitv:ipc

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 stats.cn.ronghub.com udp
GB 8.208.8.123:443 stats.cn.ronghub.com tcp
US 1.1.1.1:53 apple.www.letv.com udp
CN 27.128.211.253:80 apple.www.letv.com tcp
CN 27.128.211.253:80 apple.www.letv.com tcp
US 1.1.1.1:53 api.platform.letv.com udp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.179:80 alog.umeng.com tcp
US 1.1.1.1:53 api.letvcloud.com udp
US 1.1.1.1:53 nav.cn.ronghub.com udp
GB 8.208.8.123:80 nav.cn.ronghub.com tcp
CN 103.52.175.113:80 api.letvcloud.com tcp
CN 103.52.174.179:80 api.platform.letv.com tcp
CN 103.52.175.113:80 api.letvcloud.com tcp
CN 103.52.174.178:80 api.platform.letv.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 103.52.175.113:80 api.letvcloud.com tcp
US 1.1.1.1:53 s.webp2p.letv.com udp
CN 103.52.175.113:80 api.letvcloud.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.95.79.18:80 tcp
CN 223.95.79.18:80 tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
GB 8.208.8.123:443 nav.cn.ronghub.com tcp
US 1.1.1.1:53 stats.cn.ronghub.com udp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp
GB 8.208.102.120:443 stats.cn.ronghub.com tcp

Files

/storage/emulated/0/ZhengZai/picture/journal.tmp

MD5 103a15f0f4a86f7e60a00c09b5fe454d
SHA1 a86fae96f59d9ca411cc4e27b855914809ce3cf8
SHA256 4ed48f312a9ddab2eed434be143887dea5513bd940bb896d44e1c9a1258dfdc0
SHA512 4bb1018bfc2d87346ad8c68adc7f80a1d7ec7dc977d9d681a984c172c7f066e41f060b025966cbf6537d745b566d4a9274d4521753bd2f90d72d4a7c4df4327b

/data/data/com.zhengzai.zhengzaitv/databases/ark_offline_db.db-journal

MD5 cbb7dcfa47065a39d502ef0c700d7761
SHA1 8cb4527f642466beff8acf77f808d7afbdd1ea80
SHA256 69e91befafae3beea5544213774b037ec3543fe759e7e3e582a148f2386674be
SHA512 ff3c281014c19de2e1f8aedf5fbb9a1349580c200ab3c4476b6b8dd70d909df8af6455b28a61de0943af494908227a14eeed1fad86e89a3e24bfaf97c428b4db

/data/data/com.zhengzai.zhengzaitv/databases/ark_offline_db.db

MD5 b69d4c577dc8d3e78d45366ccc023e8f
SHA1 240c5d214e62fb97d1ce86f262758223388658d2
SHA256 b4bdb4789c3fc3c71ad8847ec5a153074ef4942325cf93b20058566af88d01cb
SHA512 c5b1ca7dbb4c9459749ee705bb61bc6f5d3bd94e281c03dc592c7c1add4af4be535902c3563ace8977b3172d99310bba2d3cd5a53624ac260c416ae127fa4c25

/data/data/com.zhengzai.zhengzaitv/databases/ark_offline_db.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.zhengzai.zhengzaitv/databases/ark_offline_db.db-wal

MD5 b21a46e57fddec293bec153879ec0f4a
SHA1 40e75fd79bca361fcf086551772fe5070460a762
SHA256 fdefd12fed315a3a8676e90f73d323d534e3ba6597d2c02b77edffba636ff950
SHA512 382ea054f18eb34f670041f56aa75f4207e5185cfc48b594e6aaa95212cd6d7a0d0b4b52bda6a4026f8a7c10e10d0cd7e8bc60c686d60c5a41f0789e725e7189

/data/data/com.zhengzai.zhengzaitv/databases/rong_version.db-journal

MD5 cb1545f18040b81c41573b24988692d9
SHA1 cc13b3beaec10bd91bdd9a7c19e4f2ad740e677f
SHA256 94cec15e38da2281b7d9b4d616ab3a7d544e0a631d0e5d1de912e86484605f18
SHA512 55b6accda7f56731903f566982ff5884074453ba24e1c0af259cd89d1c5c30e6852c6def767d4dab1c7cb297b4b1822dbdc4597bd58c72e327559809b63e6aef

/data/data/com.zhengzai.zhengzaitv/databases/rong_version.db-wal

MD5 44f7c7212da32cea8cfd43d813dc41c1
SHA1 635a5a618979719abf1762af72772354a50ce7b6
SHA256 b920aaf76e519b130adae1fa4cdcd21053acf44368205bda5f9ff947439a76f3
SHA512 5320541d673797c3f6b7e54b7c274861f856efc4d2c7a51e8c5c553ef5ef06ea489f7269279d7fc23c1432953bd0a7a3e089310d63d4825e437d8d2a22a00883

/data/data/com.zhengzai.zhengzaitv/databases/vvtracker.db-journal

MD5 432ccf354c646ea8ee7134e9f8bc4c40
SHA1 132d0a37527d16f7a1276684531c77e33a54a29f
SHA256 1c3ddfd76aa3440c25fbe7d8031ca8325efa021f799b836ad53cd8969f12647b
SHA512 92b5dd746534d7618220f97fed8b80d6c8d95d2cbf4c312158c9c06abecfb563b95c866bce0a4da19cadca139f20db526539e5ad3af060c74c79b9e89645d67c

/data/data/com.zhengzai.zhengzaitv/databases/vvtracker.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.zhengzai.zhengzaitv/databases/vvtracker.db-wal

MD5 2046f31f295d2827e12344935c5b4967
SHA1 b6eace75ba937d06e6c7333304b8e0539e233ef0
SHA256 46827ffa43e9e9ee0862d99c13a4125b72cffb8411ec23e404c109bf90fcabc9
SHA512 36fb292a10f23c88e9b040151ed67c1dfcfc21c5d9be02154baebfbb4d98e7b4ed0219f5097a06596f7158cb914676708558a4ebfb26ec152d418c10e7f8f013

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/leLog/20240613/000.html

MD5 bc4b723f22a2cd1f2bf57d5937baa264
SHA1 5b00a7bb912e16c5cd08e31a6610bf68c8bfdf36
SHA256 4d20ee148861fdd9e1f75e0efb242731eab42c8b9c831bf0d5d05d7c282c60db
SHA512 05c31598603131f5c1a3fe3b73e9cbc26d3a866aaaee025cf77c3932bb2a4c343bca6526ef81c4233ff935eb1a8eda4ac976b532b676c9330247a008e5824045

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/leLog/20240613/000.html

MD5 1fd6d86c301b5a22a518d68fbf1b332a
SHA1 f0bf3c9333fc8bd9f17ff7be4f5713bdc667643e
SHA256 40c56b95c1e6c064761c31671fb83aafa635c42e8e30de5bcf37865d3a2b4be5
SHA512 774081678835622ec7bc3c7ae315612798fa1b7c1559b2a690197a46ed2967c3199d065948955f03689ca284bb0f3f938f1505c35395a400a6e46461a04ba1f5

/data/data/com.zhengzai.zhengzaitv/files/umeng_it.cache

MD5 2667ec53076791f7198dd5c0f645bd9c
SHA1 e4401b8f82a6a83ce3abc697d64d8c06af16ff4d
SHA256 6daa5eb25f02bb903845bfdf46453ac299166fb8799b2a3ee868a42c76cd3870
SHA512 7b79b2aaee3df2cb14eb6a909e2908bfd3140c466e473d6702b87d42a17ca2d030414f81c02945f4e3f7c41c65819c7bab370c8249bcd34a69085e7180cf25f8

/data/data/com.zhengzai.zhengzaitv/files/.umeng/exchangeIdentity.json

MD5 6068074297cdaae168ad43df6800ea56
SHA1 49facae79b1b06107b96fda01c779529aa65ef67
SHA256 866afaa4a626fb25f143de6b1a082bb76552995035161c367cbc59b1e134d6a7
SHA512 62f078cab1bb414939cdc354c372aaaab5ff9cf501469b71a37aa2c676124ae476c20e590143ac2684d01c1155a1b23d6a1af3bb267e4141b61dd170823aa291

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/files/log/logs.txt

MD5 6611afdfa583f40f1d9bef4b5a919385
SHA1 dea4f58b4681c45a781205dd54db93bcbd027f32
SHA256 c6f1de01044b071e756b63d4b1c5873089c3a3c01c035021d183b09d870486c4
SHA512 b07556faf3371b2736880535fbb1c53ec58d3a57693f88e8dc8412d5473a7332e87324e7b1da632da77f5df331b7bf9ec05f4681ad0435f61e9bb896fd743a90

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/files/log/logs.txt

MD5 844b3d2fb5426c779613505323f8d57f
SHA1 c3242459d16b33bccf08815b533317d822d3f996
SHA256 6469f82deb42231be4a0a4e722488f374db6ddfc413e395b23deeca8c9fce98f
SHA512 8e79e9753bd640bca2566cdc83b3a03144b244339a9e973f530ab6a4bfb625ae20f3396d2fb9a01ab4ab1991eb683e60aa39933f38fe65f0580897b21a3ca8d0

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/leLog/20240613/000.html

MD5 f77790fcea77b270805d35f9f807558f
SHA1 b6e118c08cc290db212b509156b3e52bf5379cf5
SHA256 4cde2cb2e44f15d9a34f2ef9f85990a90caf5a928ed9ccc710d90fb5ef0e3722
SHA512 442ad0348204a1cf1b8658a4d1783b896a985bf362345931b43e90dfee7e9aa688e6634f81ee1ae780e1ff2f93acbf27da5522ce311516b2e819d3bf29592a90

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/leLog/20240613/000.html

MD5 dcafe8d82f307657549a84532782be11
SHA1 b8f45214280e43ebacc6e9a5c80bad0b799aefca
SHA256 5d1c52598219c2c0a0ef3aba993dd7512f4af234f134aca7a892617a9b88a600
SHA512 6d3774a424ce2895c82b72f18560a321a9f4fd5e5c414b42bc831f2dd6c3a100edb952f85665f22ac7a3e12b0456ce13fd71833da4dae4a77f8af2b71a522241

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/files/log/logs.txt

MD5 3ddab065ae5b76100002270c23081ab0
SHA1 add56037accb7c4493cb870ccbc394a6189f3b59
SHA256 a3340a7e340e39fc9df6152c53b7b6d57b6d7854034405fa8b92c9f27d035922
SHA512 e4c42c6eb9ac33ef7defb553322dbc4f38f803d418bbe1fee98f3844735c92b8c50ae6d2a25964c5dac22ff826272870110b3c7f9085f29a6c162346b2475bef

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/files/log/logs.txt

MD5 00f59c69c36a3f760dc31bbb8e17d31b
SHA1 ed15e961cc75378046e2e2042176393c652b3b02
SHA256 4b329b3e376c777c383aaee81a71244dfc8fa191f5f8b05facb204d3c6d0e2ef
SHA512 edb39ca07796b4fdbdc73bba78dcaa655a5843958cfd07fb0750e933c8cb1c90bcbe37b2ec96bb2615c9417d3ef6778a84b36febfd6bf728254a6ca00ef92469

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/files/log/logs.txt

MD5 28a451e51c48a4ca08cde506219252a0
SHA1 b44a5e020d7605ee647172d2e071cde2da1ff801
SHA256 431060dbbe344a6ddeb04ff00eb67a8d6518d72ea821c32ce427720f9b04e80b
SHA512 9ff086dd38218480288441c58199121c50812b8c93e4de41008a5514949b43f1814874471e2d20d80c3e1f73548834dc3338ecc3cd67b7e48a04a3e757dca94d

/storage/emulated/0/Android/data/com.zhengzai.zhengzaitv/leLog/20240613/000.html

MD5 707a8b4be4816083f260e0af2d076ae7
SHA1 21e974e19d6db2fe69b8536a5b7e5921d291d54d
SHA256 37493f11656905afc6eb4a767c0c015138c1744dc074de1b9fff58fd76089f26
SHA512 07b80550e3ca57018be477ba6beff3108678652530c12c96b1b276203d8abc41dfe471dd02f34f0b2a0da0f1d250f85dddf86af58418d3b825fda85e67f62584

/storage/emulated/0/ZhengZai/Crash_log.txt

MD5 13a1074315f61fc4baf1aa80d0d3c8cb
SHA1 a2e8955eee6809bc612049528e5687e6d6315dca
SHA256 2115ec4428a175f937b7b7bbdc9bfb0bd21dbb288262e1b4f69f2cf740c8f224
SHA512 2162b4570e65aa2f4e3edeb782f0af0b15a9ec92356a6eb2fadafb9a01e05a855c67726c78b3937aeaa5aac678bb4cc59fc8ac79b28666886286a6ec89f888be