Analysis Overview
score
7/10
SHA256
b15714d57765466ae1144adf674ef2cb9c66978dc022a22130614d96e30aa618
Threat Level: Shows suspicious behavior
The file a71fdc23212a443e287d43ebcb9569a4_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Queries information about running processes on the device
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-13 23:33
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 23:33
Reported
2024-06-13 23:36
Platform
android-x86-arm-20240611.1-en
Max time kernel
177s
Max time network
185s
Command Line
cn.aedu.v1.ui
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
cn.aedu.v1.ui
cn.aedu.v1.ui:pushcore
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.74:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 110.41.53.90:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| GB | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 119.3.188.193:7006 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7000 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7009 | im64.jpush.cn | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 119.3.188.193:7007 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7004 | im64.jpush.cn | tcp |
| GB | 216.58.212.202:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | semanticlocation-pa.googleapis.com | tcp |
| CN | 119.3.188.193:7003 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7002 | im64.jpush.cn | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 119.3.188.193:7005 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7008 | im64.jpush.cn | tcp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| SG | 47.246.109.108:80 | alog.umengcloud.com | tcp |
| CN | 110.41.53.90:19000 | easytomessage.com | udp |
| CN | 121.36.205.81:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 59.82.29.249:443 | log.umsns.com | tcp |
| CN | 59.82.29.249:443 | log.umsns.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| CN | 119.3.188.193:7000 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7005 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7008 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7003 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7007 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7009 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7004 | im64.jpush.cn | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| CN | 119.3.188.193:7002 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7006 | im64.jpush.cn | tcp |
| CN | 110.41.53.90:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.94.137.180:19000 | sis.jpush.io | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 59.82.31.160:443 | log.umsns.com | tcp |
| CN | 59.82.31.160:443 | log.umsns.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 117.121.49.100:19000 | udp | |
| CN | 119.3.188.193:7003 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7006 | im64.jpush.cn | tcp |
Files
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | 3a7df39c5f753f144ce9549fd9f52dfe |
| SHA1 | 5e3c051dcb198396598e402fac86b485aa84f851 |
| SHA256 | cf01cf1de0f18c62021cba43a827724ea60bed642442694059866382947f59b6 |
| SHA512 | 0168f8a3fbf03413261fa1eb41b001ddab117ffda4fd0384514ed14618d5ad1265ef6829efd345326e16653b9776b79f4cbe6b17487cf4dc5b4b7c192278ef60 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-wal
| MD5 | 5db71a318350bf38d7d92796a42919bb |
| SHA1 | 9f1e289adef2a7f00854cbb8d30ae35407d532a4 |
| SHA256 | 3b6c20d3c77397f0d7887182bf84bdcfe64564c8fcd8c9cf33f33f28bf953480 |
| SHA512 | 665a53e6a689ff9825ea0fdb09fe8b1166aaa749246f677449e1e80d06bd7bbcbb38a665bed4b6e947274c96bf5faabf19fe9f805cd7d7bbf040b952b0ffb9e8 |
/data/data/cn.aedu.v1.ui/files/jpush_stat_history_pushcore/normal/nowrap/e491062c-930a-4878-8df7-4f2af6c88cee
| MD5 | 4c6367dcc881a398fd852997360516f2 |
| SHA1 | 517dcd78489d330d9f74cf3c221cc3d452058f5a |
| SHA256 | f03b95044a8329832fc63a599189d224207da65d6dedcd4947f8660b41c3fe21 |
| SHA512 | 79695d52231fcf4cf9fae056576b5d24a0fa0b6fa509e2be9ed1d30654360cf9482db89eca8f40e98afbf3546062a89c61de1a443eca699abad209e1e37cf41d |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | 75708cbce51c441b9a9ec7cc9936ae81 |
| SHA1 | 2e942925ea115a2c7af11d08fdf46c0ef3fc7b9a |
| SHA256 | 40b32fa64f98534b8ac97b900fd89b81452f0edbbd869c71af7d7900a94bfc0e |
| SHA512 | 74efccfeb3cf69cd59394a5c47b426d1c0f8154005d42bd254ddc0f5ca442563ba5d030cd68a3965521c7b88c277e8fff0e4bed7662435679340273d95ac0ceb |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | f61c7e4e5e0f93721c70e95a94c2594e |
| SHA1 | 7204afbaf3006ada73172c9efa79e9569daef5b4 |
| SHA256 | 8afadc82a3cf688aaa1d4fbd6bd5bb1373c300d83c627d6b0a41be3285bda0e3 |
| SHA512 | be1b0761fc4b2e341a2b12ec0981c233a279e0061902008aa5e2a3a2937f6f5b297870a1025c100412b552d94b9beea9a0f4a73e519858963e252260ab117622 |
/data/data/cn.aedu.v1.ui/databases/ua.db-wal
| MD5 | 600e7082898cde23e7b0f49950002cbf |
| SHA1 | fb04ee99650b633775a3b6b24974362d32e1e1e8 |
| SHA256 | 52dad18ad5acd976b5b0de31c8ed9743eee2070a12bb1c2d87cfe69a7a2789c7 |
| SHA512 | 5c90beac69752f5b8851fdabf826347f4cbec941b537a08e30ffcd43504c32263c6d1e44279d5a47ced349aedc08ce2f0c5c1c33806b8c1a0d8d5f048652d7f6 |
/storage/emulated/0/data/.push_deviceid
| MD5 | ef3e95a35f8caeb0767aa332801ed8bc |
| SHA1 | e6d73d0907ac928da1eca4f8e067d8d7db4b9aca |
| SHA256 | 7e2de94bb13e0f99e39ace60179835a20f2b0071654620993dbee9ac2ec864e9 |
| SHA512 | e6b966157b16f9548fbce5df96adcd0ee0d9d20f710e7d83c5b6d2dcd6583f5d90b88a7c80f96ae37d0599d69a8f44e58f4099ebf504f53b3771a91ed7e91ebd |
/data/data/cn.aedu.v1.ui/files/jpush_stat_history/active_user/nowrap/b663a9cc-7ef8-4d44-bc0b-3f4a6cac2050
| MD5 | 997483d4ce35fa8d843bfdb956d328ef |
| SHA1 | 936a03ff337238cdab5a957eb982b103c1bb7130 |
| SHA256 | 9f65f35bab77ada89a46cd62f1d6f7935699b9fb52ae86fb133114d9a8d0b401 |
| SHA512 | 2a6395a8bbf6067859a69475f0c3af813e425bfc8b24991656a8ab4dc8ac0b3e3788de785045e1cb916dbfd5e8684873ea57daf6bd2bb349056caf7cbe092fa2 |
/data/data/cn.aedu.v1.ui/files/umeng_it.cache
| MD5 | d37baca77c78e984660d6f3f06342ebe |
| SHA1 | 7a873a69112d90f0048d45c0a400746bc514475a |
| SHA256 | f078a1d47c0e4fa186ae89f5acc4793a5c195e99c5877e64439fdba95ad869fa |
| SHA512 | c247bdf8159e1eb278238fba03563e0263501ae1b69f8eaa9c605bd8fd5934a54cbac1f438af2b670a5a31b9bbf0cf137cfc41107f1c6318d9ca175ee2c91582 |
/data/data/cn.aedu.v1.ui/files/.umeng/exchangeIdentity.json
| MD5 | 976ce1897fdcdb1ac3730ba872b7bde3 |
| SHA1 | ffd565a4a5487a28f923a614969b8a313a93e851 |
| SHA256 | f611dc6a1b8f93e42b57609ff00a2d0dc9d2676ba112a4095ac1b2d405b10069 |
| SHA512 | d3c659061e1dd0848f8ec67b81e625318b47a992c23766eba76773f6982a1db9709dc6d91f3c930ceafee84d14eb74e1b4b061024ea2c69558e8f70dd8d49e84 |
/data/data/cn.aedu.v1.ui/files/exid.dat
| MD5 | d84f87d6a44f5edbc1827f7d9db3d356 |
| SHA1 | edadf0609a8d9eab29275f6af558aa9fb8e9f98b |
| SHA256 | c36fdc3dcccf06db77dfad45ab2a5adf62b4b40d96e1a801854060c1a1ac33b8 |
| SHA512 | cb762fcf94f51d9886d526bd7d3c11abdac5930083c187861ecd8678b48e885ce094e1bea0a36326f9efb423611dd742b57fcdb006ff7b4329563c3a38141186 |
/data/data/cn.aedu.v1.ui/databases/ua.db-wal
| MD5 | d96684d57479926626291348e777dc23 |
| SHA1 | 6427b69d2d054bb50ae8d517791e267956920ea3 |
| SHA256 | 531a6a4d68bb974379ff43959dc9dd66ea936783aa0b2c35867f8bb6ddbf6d5e |
| SHA512 | 7c43cfa573d8147367ebaaa57a7a94e79680bc14c9318ec567575734132818e0fe8211fae98343f3434983883e68524147e3e617cc9fc91af70160b70cbe9503 |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-wal
| MD5 | f7e2577ae01d22e99ffeeadf41287d3e |
| SHA1 | 03ac62d921783610df73f0d8337772af6a446b87 |
| SHA256 | 5bf874ec1081b90ca1dffd99f59afc9182abdf36fd2484330253fcf3eb397d05 |
| SHA512 | 70d59ed87b4a733df1ae7092d162a101f6e4e226cd49ef479907f43d01f7d77cd17591485a24df5b7908b6f9e88405fab794361dd9875ed73877ea1f596bf08c |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/cn.aedu.v1.ui/files/jpush_stat_cache.json
| MD5 | df0ee1daf8859c2853f7a8b9707ad440 |
| SHA1 | 74b798687eafe30ad5b62d8283c58a08ad067b41 |
| SHA256 | cde938c0750502d4eb3d9816afcf07af890ae989c6af0bdd75f1c59f8a76e167 |
| SHA512 | e1be73f72746e4f83d404fbe4d2ad6566d98546db291f936353233cc90e0d83e2008f790781f34048f18d5c2076919dd66ba419ea8e0423512d57e0d0ef81a62 |
/data/data/cn.aedu.v1.ui/databases/ua.db-wal
| MD5 | 26af288d4026dfd4ec7d1246d5e0c6d7 |
| SHA1 | 610f5df47f51f6627a01f6451e3c9bbdfc0ee6b8 |
| SHA256 | 3639be8ed3185b31bbe03d6b297ba470fadf84d6d9229d55133ffaf900ccc6e1 |
| SHA512 | a224fbe215534edd625b090706e5ad522e85c21b791f51d1064bf2283cceb0fd0039477f779b356dca0a3325149a43f97e00a62bb6d0113f0bccfd4d6dc18e7d |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 0fc2bc508717d508acb4d0abab18c9b7 |
| SHA1 | 08cfba7be899482d4f53aaa069c13bb7dbadb677 |
| SHA256 | 81802de293875a25c6e1e38c5cf1071a1ee294d053461d19c53370e97337d9df |
| SHA512 | 6e8a1c2ac9cb8fb4eda6e74501a561809730a99358d51e9f4a41b393fe6a5b116829f43ad2bdde763df3d9c2105139f44819d7007d4f817fb4b6ba5aa30473fe |
/data/data/cn.aedu.v1.ui/databases/ua.db-wal
| MD5 | b454e1c094f1070fe988545951b86fdc |
| SHA1 | 721099ba6e2b6a6ae8ba454ed20273754147f17d |
| SHA256 | ad0090116036b74a8eb6de6813d30141a605c53e19c0756dfb3f52fd8f214428 |
| SHA512 | 77275c6dfde5ec32f9dc94299892f5d7946d4228b07faa670c79f3edc22e738a1c5d66ad5128fa1a64b8a1a41548e962b1cdade6d502916794bdf0386e6ae517 |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 7ec3735ebe788cb97002347a3d5772ee |
| SHA1 | 2529ab312323445f6b1ce87be2bbaf0fce5abf2b |
| SHA256 | 1ce9f3beb0d5654ffa5d77506557a55f201b90d53d7a01700f9a59da5050c18c |
| SHA512 | daee7862786cd4b13d63820d94d0ed6715097d2119be1fff715b1d36346f00805ce0fca007f009d1c4fb7c0ad16e4824f498275233e44ca74df71636e4015a6f |
/data/data/cn.aedu.v1.ui/files/.imprint
| MD5 | 6ee90f4bfb755a439966b252bbb0cc16 |
| SHA1 | 923092800872dbe12f66aabff41c35b68a7a0c0c |
| SHA256 | 1aa792fe17e0f384ea5293fe54adfa44cdd5ee680b56312b45e909fdc0b89deb |
| SHA512 | a7afe9fa7abcec2a6f857305a4598ce63975daf026321b1b2d0bae496d968e4dd5cfa7aff87e5db0c61e6f284f60aec650697f89d14a7a1dde0a4355b57ed8aa |
/data/data/cn.aedu.v1.ui/files/umeng_it.cache
| MD5 | ffea93199f3b2f994772948b6d2d730b |
| SHA1 | 2f47af6449519c8bf8f65aad5ea6a1d86cda1953 |
| SHA256 | f731739bb3f09cb8bee862d6e6c20f61ccdeaae261aeb716498d786da3cfe87d |
| SHA512 | 9d3a317739d3ec8ffa6c62e4bda56874e5ff2f2c1a8fb06f3d5caf096a77e91d18b4db15be0b67c32047556c1a8e11dd3c56fb3db76e75a0528cdb930c6111d3 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 23:33
Reported
2024-06-13 23:36
Platform
android-x64-arm64-20240611.1-en
Max time kernel
178s
Max time network
189s
Command Line
cn.aedu.v1.ui
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
cn.aedu.v1.ui
cn.aedu.v1.ui:pushcore
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.238:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| CN | 59.82.60.44:443 | log.umsns.com | tcp |
| CN | 59.82.60.44:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 124.71.170.130:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 117.121.49.100:19000 | udp | |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| CN | 59.82.29.163:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 119.3.188.193:7005 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7007 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7000 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7008 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7006 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7009 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7004 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7002 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7003 | im64.jpush.cn | tcp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| CN | 59.82.29.248:443 | log.umsns.com | tcp |
| CN | 124.71.170.130:19000 | easytomessage.com | udp |
| CN | 1.94.9.210:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 59.82.29.249:443 | log.umsns.com | tcp |
| CN | 59.82.29.249:443 | log.umsns.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| CN | 119.3.188.193:7008 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7005 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7004 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.213.4:443 | www.google.com | tcp |
| CN | 119.3.188.193:7007 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7009 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7003 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7006 | im64.jpush.cn | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| CN | 59.82.31.154:443 | log.umsns.com | tcp |
| CN | 119.3.188.193:7002 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 121.36.205.81:19000 | s.jpush.cn | udp |
| CN | 1.94.9.210:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 59.82.112.112:443 | log.umsns.com | tcp |
| CN | 59.82.112.112:443 | log.umsns.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 103.229.215.60:19000 | udp | |
| CN | 117.121.49.100:19000 | udp | |
| GB | 216.58.213.4:443 | www.google.com | tcp |
| CN | 119.3.188.193:7007 | im64.jpush.cn | tcp |
| CN | 119.3.188.193:7009 | im64.jpush.cn | tcp |
Files
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | 5063c7c6f34acc8c921334cfd19df0f1 |
| SHA1 | ef651bfc6c4ce967a1e208824c9f2431ec7caa0c |
| SHA256 | b9edd676d6df446768dfca775ddb5e3f4de2a38070ab57bcf9798dd316442545 |
| SHA512 | fbc709c9dcc629995fdc1019df603d76572109c65f0f67c3e85069e7e0c2aeb188c9db057e9db5ede913a07c02f5c22eb2e71572516eb571ca02ca726b04fb09 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db
| MD5 | 83e3d663660106f45dc0b5a1ba0ba399 |
| SHA1 | 40b0c2f6d834037010e5ed0780d032663dc192f3 |
| SHA256 | 510d434a0811c2d2b16c5bf184f24884362e64d5bc5d1489d392fcb248910d06 |
| SHA512 | 17debb8f9cafa6d414f4fb52262ad109b379e219eefb2a3a7f49ecca59aa9b215d6f8b2b2b38243ecea8195d309003d9ab952906051a9149f5944ef6de79f071 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | f830298b8cbe306df94010100e426b04 |
| SHA1 | 6c4f8809fef4d383ed30f5f43c78032ef2ab5ad3 |
| SHA256 | a898722a76cc8e319c83ac3725ff6532242662289f7885efe009cec66a02dc2b |
| SHA512 | d1d4356bc272c8ab771c125e53caab84bbb1efa2ee129010db6608339d660e88f2b4a4f7c9c0f2d9251632f0ed7a987d6aa174df821eab71552035c5b58b0712 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | 4db75e03484d1d935983f61437bfe7b4 |
| SHA1 | ba0a1d8b920e53ba484fa4e970b0ebb3c2c00f6b |
| SHA256 | 76d4b39bb4bbe381d498672b3116ec153a878513c572876b60d54ee59d3f841a |
| SHA512 | d61587c773f13bd035bf799bbd24ec4ca1ea8f40c8370ec534250aa128567c154c67ec5cb395d1c6f151361972fe8cbf4df332f7e9f5668ec4aff9f9a857ae94 |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | fca3b6097dc941068cc6c6c4dbc76133 |
| SHA1 | 493bee78aead02f357b5a6a2c4f3ff661b78f2e2 |
| SHA256 | afaa949726e0fddaeadfb7f706aa2c575c8a36a973a45ff29affd10c0f59c5b4 |
| SHA512 | 7a4eaf39b6a495e8c2d8f82e9b9b1d1285c9fe2ac12524c2ad96a9af4f1660be680d29d8046d0252be77409bb008698d8a9c317334bdcb11e338f2c23662ad61 |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 502d942e18b316c32fa391d59cc4e5b1 |
| SHA1 | 2367d0f25feb50fb4c5326beefa8a1ed12b223fc |
| SHA256 | 01264f7883af84fff3680b436e286f66e48cbb7d901d5f1432ff4116295891d6 |
| SHA512 | 4f81418123494d498560bb845c07e4a7092b45816025b430f0159b790e25c1f1321bce4332947334920d15964d59dab08c514ec95b944910aadb77ecaa974cd6 |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | 212234983df31a2e465a6178793c75bd |
| SHA1 | 9845b6eb242ab398922eda439e73d394ca5efb3a |
| SHA256 | 5cb770f0b14e35dd1c379514edf4df46c48f733927dd89efa0e626e71bcf4b06 |
| SHA512 | 629821074de9c00919a70ea5d62206e5b583ce20b2e65b8f3aaa406ccd857e5d69fafaa178d3f209af9cc08a3c02159cdbb718ebdbeea23b1eca84c75b3f8ff9 |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | 0ae61bcd74e09b281cad0d96a509f263 |
| SHA1 | 3194f44784a0120ea293150af16dae67b4f44bd5 |
| SHA256 | 42be0c248c363648ee63851f34b65bd2e0d85c454400384a910bdb21c08c41ba |
| SHA512 | 0dc5fd524748408536be71a56b0605ea4fb8cf74c98f546229b2f0c7fe4d6e8dd021d4b6e7eb2e81bb4e63c91c374dd0194229b3ccc91c436f709e14f4d0924d |
/storage/emulated/0/data/.push_deviceid
| MD5 | ddffcae77c176e76da816fd08d01f2d6 |
| SHA1 | 661d8ef8827e6ec5ca808bca9429af8e3404c19a |
| SHA256 | 0aa1be1edba43ed6122937581e5da5b4ce03aead2f90dc64dc200db1a28d5876 |
| SHA512 | 2d9083d386fc1e03dbf17486264029cb07532e310e727b038f7ec2cf5472704f837aac6f37e9c9198b599476484d2cd067310ddc0eedd8123d38224c9c724d3b |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | 277ce3c0cb5d0c6cacbce7a7a1c7d4a7 |
| SHA1 | edadbe349329a20e426fdbefcc2d8d78dbd59402 |
| SHA256 | 19100fc0c36493f58d58888e63568292c7bb18cbc6484bf022d5085d3150bf9b |
| SHA512 | 564e847a3233ecf8e0ada8ee457a2ab99bcee73ce59f0f3d85e7dea64f66431eb46f2accc553351c0a2dd69589612f340ac03532c96d1ed0201164323cb351bf |
/storage/emulated/0/data/.push_deviceid
| MD5 | b633c702506bb463aaacf029c008fbfe |
| SHA1 | b589b2305b502da51adbd248b682a587c420f259 |
| SHA256 | ac1d6c48eafb01940bb9248858b5ed14c50adfe80d207a30781473ec640fab5e |
| SHA512 | 7c759f08dc32dc4355fcac9bed2227a90a38cc2493afc2b3e02a506b912a9d47a357ade19d0530f56c5f45a3af1147ecc5b022fc4bca3bfa9a45dfb1552dda98 |
/data/user/0/cn.aedu.v1.ui/files/jpush_stat_history/active_user/nowrap/812919d0-958f-4a17-b60e-935e152dec96
| MD5 | 6ffba1262de4ae5a5f856ef03d960e1a |
| SHA1 | d073d0d5496826880e8f400e67a94f8614c56d54 |
| SHA256 | 2b0653767a8e13bdd162ecb161633989ecb9592ede9bac0f12f5bbd1bb358439 |
| SHA512 | 4a5b62ba67b78ba045f07011c444115855ca002bd2aea4ac1780fbc2c96a18293e5823d5e0a84c50c233603c862ec9cd84b04fda51190adba008f9f2393e0c20 |
/data/user/0/cn.aedu.v1.ui/files/umeng_it.cache
| MD5 | 0662d1ce0bc17a14525466a386a25020 |
| SHA1 | 10be24c88f8d4faa49a5275da7dba735ea3e4462 |
| SHA256 | b847eb5e96a3662849c3342a935665beab1962894e9385bf3db65ee2e7ce0b6e |
| SHA512 | bbed5ca3585d94ae3235899c3635ce1787c1b39250e90238e7563b45f974f4f58f88384c5178b2d700994535c640d6b0de97f847d5d85f5069dd087cc8aced94 |
/data/user/0/cn.aedu.v1.ui/files/.umeng/exchangeIdentity.json
| MD5 | cba707cc2e076798c735f9fe53af8dee |
| SHA1 | 112642775fedb6fc0e465034d86b7bc7ea411cbd |
| SHA256 | 6512365b007a76d74b47c5d3dad28fb5501e96d8c44a333863829d8945538009 |
| SHA512 | 0a31ae2d190bb253728fe5e33ca306e3ebd4cdfcd088b243a1e95419defcb4c29e7a2c31a1243f72e77d867919a8f3288228db159dd1d881ebfdfeb799e4326c |
/data/user/0/cn.aedu.v1.ui/files/exid.dat
| MD5 | d84f87d6a44f5edbc1827f7d9db3d356 |
| SHA1 | edadf0609a8d9eab29275f6af558aa9fb8e9f98b |
| SHA256 | c36fdc3dcccf06db77dfad45ab2a5adf62b4b40d96e1a801854060c1a1ac33b8 |
| SHA512 | cb762fcf94f51d9886d526bd7d3c11abdac5930083c187861ecd8678b48e885ce094e1bea0a36326f9efb423611dd742b57fcdb006ff7b4329563c3a38141186 |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | bd8aab3468fdafc3288216c758b869fe |
| SHA1 | a8a9e520b4bc29df6901a7613eb4317d53f432cf |
| SHA256 | 9799c80244fb692e728dabc98b6796a97e7f0f8d6f081cb8bd0f689261fc77b4 |
| SHA512 | 02ecf245e57194caa75770f762b97afabf8540737ca693fe91fffaf50e1a8a5aecd11f2496d0075ac7b8e52fcbff0aa77be9810271b480f0322b877ed103b9b0 |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 4cac7d31fb94d5c9581893537f64c5ed |
| SHA1 | 96bef3288546196ac3058b5eeddbe9da1d999fe5 |
| SHA256 | d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5 |
| SHA512 | 0ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | 063a5f2ee7fe20fde35c755a9eebba32 |
| SHA1 | 9494f73672579373bcd23040dc313e4c48893fbb |
| SHA256 | a11451b50bc88bd9a1708fa0274335f9dac21d427b6924a9de0cadafc1623030 |
| SHA512 | dc5d1154579d916e5b2526d146fea67e0b16e53a1279ced9b2a5b7d2f81a2ffe60e600061295a4b55df2f0d278994720fc4f09cf74cd28c1a98a40e6904959a5 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db
| MD5 | 86752a4be6564d8370f2f0e403995003 |
| SHA1 | 29f7d50675f6e59f3b808eb6dcc8619384412115 |
| SHA256 | 50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c |
| SHA512 | 79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | 365094de0eefa8a1141472998a33bdfe |
| SHA1 | ad254c8d5a45a33dc43216daf627cd179e64782e |
| SHA256 | 34de0dc245e905656d4b2be2d2418f74d8623863d0f051fe6e320ad38df7afc0 |
| SHA512 | 6902af3b3e818f0c4a039fe3869737b2420f14d726bd45e40b48d2fc00b5e1ae365568d84cdaea38fc607e883e63e983a3169a734782d98c1c17b403bec7d452 |
/data/data/cn.aedu.v1.ui/databases/cc/cc.db-journal
| MD5 | ffbb763e8f7711575dd9a6e881f04b60 |
| SHA1 | e24fbaa7982fc21d983d6bacbc8e12ebf03d0962 |
| SHA256 | de3783d8e0fdc001b51c1b1b986271cd810fc6ef0440d754e9247343dbd6e92a |
| SHA512 | a14ff4066addaa82ced60cc26342d71a718d6dc4d903ea7c4c14348198e910c2428571d455889a5feaaf120bbc190989ec01ba8d2830826cee29d15180be3a46 |
/data/user/0/cn.aedu.v1.ui/files/jpush_stat_cache.json
| MD5 | a62057a7e893bbd65fa828b1cd602d77 |
| SHA1 | df4d24a508e7b9476ff42635d1f6d0f8d589f6f0 |
| SHA256 | c7f1d906fa3414323a55dc1ddd729fa1803f2d8dec45e25ee068717bb6ec517a |
| SHA512 | 37ab4a2e6c8ff77f650be29ed44a57ad70ea6d124ba01933fb5dc69a07fcc2e5c171be8b2b5e664b14f63783d3cdfab7142a39281fbbe4e9952aab37f912efd0 |
/data/data/cn.aedu.v1.ui/databases/ua.db-journal
| MD5 | 080c93c030ec49d9bc3d9ddef9d307a6 |
| SHA1 | 2a774517aa528fe759be0f1679fd0d2c5409ec64 |
| SHA256 | a3920729f74392ce0b607ea908de96be5bcfde9ed31f6bc85dd98b4fc45d7924 |
| SHA512 | 44df6905120c4765b7e2a0a985f5a9169612d78f4efc3a9794893058795b92fc7bd2befccf9acf2afe046282086f705daf65633ef2e3dbf0e75b829a849db07b |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 62439a98369650123b0142990ac377bc |
| SHA1 | a1b94c5c5ee479a1dc5f5b64f125d8d248e27bf0 |
| SHA256 | d3beee24c02b658be11a7a7e22117566af5509c102eebedfb3f4d9a8b8b67d73 |
| SHA512 | a614b382d9307a241f1158049e0babedb05330cfb7ab53c658692505cdfbcb41f81260798a09147c2ee2dbe5e8d941311d47255dac861efd5afbae81c1d72391 |
/data/data/cn.aedu.v1.ui/databases/ua.db
| MD5 | 779030385f571adb954ace94e0330ba6 |
| SHA1 | 5fa58795288505f9224b00e99c2e7ebb3ff6e8f4 |
| SHA256 | efc4bf067af9c36e43a50d351f524879e5c76bf8fd2d67b483cfce88d8bb1627 |
| SHA512 | 86efbc236e5b17d30012f7f66fba377e0bca6035619dbfa83ae435a62809a259036af47ac7955607d37fb2f428512edbfd6c1c1e90aab0c75e203dc2fcffa1f5 |
/data/user/0/cn.aedu.v1.ui/files/.imprint
| MD5 | 2808d711a322309291795b5373050849 |
| SHA1 | d5258617c4351a4c45eb07fd4e9e615da084b1c6 |
| SHA256 | 7f40e81193cb73a717360883d08c5222ab9bff957ec1cf1fb186f8f2160562a8 |
| SHA512 | be2b7bfcaced143bccd1c8a035baae8f25f4ec0ef2e997e1957e7af2dfcf87073409b17c0056375c176387e14628670bcf8084a6c80140e81708654bbb545329 |
/data/user/0/cn.aedu.v1.ui/files/umeng_it.cache
| MD5 | 6961fdecb9aa06aee6d7cb45908420d5 |
| SHA1 | f55d4f46e0efad21b3ba77a729c37e31dacd3af2 |
| SHA256 | 2fde9e6126a6e83dbee94ab3d6fd6c4435a7903ad33a52cd3cee0c8c97dc57e7 |
| SHA512 | fc4278ec46160d65cfade937014597abf65a2006ef627675e74f17c7076760e6c1e4205166527e97c8b1767b6ef0e96a8bfe25d24b964c61aeb98ec47a875d27 |