Analysis Overview
SHA256
cbb85f45f987994c2f1163ff5e86356703d52e29eb5e0c39550d1a8e546d899a
Threat Level: Likely malicious
The file a3e6dfeffd6d19f618aa468791dfc705_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Reads information about phone network operator.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-13 05:01
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 05:01
Reported
2024-06-13 05:05
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=46 --oat-fd=47 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.xgbuy.xg:pushcore
cat /sys/class/net/wlan0/address
sh -c ps
ps
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.sobot.com | udp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 121.36.193.140:19000 | s.jpush.cn | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 1.94.119.240:19000 | sis.jpush.io | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 121.36.193.140:19000 | sis.jpush.io | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 1.94.119.240:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 121.36.193.140:19000 | easytomessage.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 1.94.119.240:19000 | easytomessage.com | udp |
| CN | 121.36.193.140:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 1.94.119.240:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 182.92.245.193:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 121.36.193.140:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 124.70.128.38:19000 | sis.jpush.io | udp |
| CN | 121.36.193.140:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.92.70.140:19000 | sis.jpush.io | udp |
| CN | 124.70.128.38:19000 | sis.jpush.io | udp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 1.92.70.140:19000 | sis.jpush.io | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 124.70.128.38:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 1.94.9.210:19000 | sis.jpush.io | udp |
| CN | 124.70.128.38:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 1.94.9.210:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 139.9.138.15:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 139.9.138.15:7002 | im64.jpush.cn | tcp |
| CN | 139.9.138.15:7003 | im64.jpush.cn | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | aa01dd97609092ce310e17bf791069ce |
| SHA1 | f000840a8f68ea7beb2e29ea466088daf55609db |
| SHA256 | e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2 |
| SHA512 | 766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | f9fa3cfb3fcd10a835d60bb6357ca06f |
| SHA1 | b8a8ac4a6fbc03e4cf852a46284b1c573a127f66 |
| SHA256 | 612bacff2788e79924cc2518cc74fa5060d05f9da1272ed4f86b22be31ce9c17 |
| SHA512 | 70a942be88a3757141c9098f043bcedb9162a8c6fc89d8a72af2e0466c3e4a655ec0a77af7e51d54da0c52a133f1a1e99c5ebd69f9e3d5c6f5da5b1e26626755 |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | ecd45794f7d44996ac92b4f0560a14ef |
| SHA1 | 7f0429092afd8449f9c178135ed81ba583f22fe7 |
| SHA256 | e53bdfb1d488a196b6b63afa582d4a755fab19302a0390f95f5f0328661b4c66 |
| SHA512 | b89594a335fecaa3a6057d02ca901d5e55068d83c381144ce71cf61b0b8da615d665bc011b8aba95349b71b5a1b8aec6f28bfc643b4f58c0ada783b2ca783f92 |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | dd4d06ae6948421a6d13c2d77e6b72c5 |
| SHA1 | 0e905ebd3ae8c5eaee7fd6fbf5ed8e5460a58d78 |
| SHA256 | 982d97137a41ad82d5e01ed1f0d8fdaa3da572ad090764478e96c386ea01792d |
| SHA512 | dec38aac3fca1e874fc0394b999bf568d5a6d18ef1012a64e6dc2f4a76a04e72898b6398288e49d42ee4341fa3c57a25f6e5f4f7d1038ca5c9998aa933e3c6bf |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | 2883c9593f5962f990c96170acbd6b0e |
| SHA1 | 22fc30225a9a7d678e87d8eba2c1a335d59dfaba |
| SHA256 | e37d677cd474aaaa45870679a1b85015a2f4681397e5ccb88f08affed475db2e |
| SHA512 | e57438efecd90026b6746aa52272a9f1e6eb28f02ebe648500ef3409fdf02ee6a8917eef6fde2546eb19f1707e6c01cf190af0b26cc09a77f43d0f2e4bce504f |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | b2d32f4ea6f50276aed89d7edda77714 |
| SHA1 | 98a010d8fa351196789786afd21dbbc3ad5bfb80 |
| SHA256 | 5030c04b0631aba12b15f62aaa6f3cedebe4323c1e34b816a7c68f5879bcb982 |
| SHA512 | b95ec7ad6e09433b38ea219c3a1dcf5335bbf1bca59256fd4af77dfe0c722f43c9fb8a0c73e2b4f04586be20857d99d7408991342e58766644c736be04df5353 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | 1d31afc9f61d3b6a6a1599f682d9936f |
| SHA1 | 21e2f6b536c79b792f0898645835da78771db79e |
| SHA256 | d560c47d4eb361ad826ac04ea623764398637e1b760857dd8b775fa92b1d02a4 |
| SHA512 | f73d2b776f359068f4a7bdcf1618219686aad9e83ccfa682a88413b3a654d3439a3db20878747b4778f2a7fcc165bff5abc47f900a5fa3276761a257bb337c0b |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | a21944793cc2b2949b6f37ff11a01d40 |
| SHA1 | 65e4e8258586d2642c8e8d38676455d4f23055aa |
| SHA256 | e27a2ae138656255a39445ce4aae5e76d27e42543f5426425eecbfbcfc7ed6ee |
| SHA512 | f095419731cf858eed7b158d9c46aefdc6f97f3ad90985036e5bf96777ae92cc76d5c7b679220a3230529482811ca4d478482fd3834d40e86bb9d563f48f65ad |
/storage/emulated/0/360/.iddata
| MD5 | b4cca151107fa115f574a1278f9f315d |
| SHA1 | 2081b46887957dde2094e41855c731f69d36634f |
| SHA256 | 89b3dee94e9d830ef0c3c437904e4d8b69326c50e417539a97d62eb2f814bd88 |
| SHA512 | 87bf1699621600f776d73313e708d6ceca780506a5164307685e84823504468c15f0950e61f76f9807ae75e126b23af05219b2fd9e4821062a05eee3101c90fa |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240613_log.txt
| MD5 | 88101e34afb80e21de0cce71736fa0a9 |
| SHA1 | cc28706d8cf53951efe2e428848b1d07c84cc45c |
| SHA256 | 581f6eb731f7aa26074dc91a0c2b99f148bded60432476df209dc829a6a3248e |
| SHA512 | db3ddce711f8310eea94767f2867c19b589fad42df38227ef45d471b8fc6dbf177f0a12dd037f22896584d17953cb298ddc62123cc9d25b40db949bd8dfbaebc |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 6728d278642939006b9b170db3075c3e |
| SHA1 | e753f7ba390d67e6dc6de1ed39bb28cd7eaa11ec |
| SHA256 | cec85cdefe9f6442c5f63935e8ee97cef9e661b0721f364257de25a1c826280d |
| SHA512 | fb49cec44416ad69ceeb2f6ca56cfc8ef7c4bb777374bc496aeed1ef50ae938aa0d344181ae3ce9e98c1d1f82188dc90dbce2cdf5b5fae3434ccbe991eec26da |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | d0cf31037bb376f623c9088443fd2260 |
| SHA1 | aa429a5a0822f443794f0f4245a3b6a80978b25c |
| SHA256 | e575ecc6c7caae639aa252c76fdd2e98438f2283d757bc6889de4118d8e15723 |
| SHA512 | a9f04bb3514a1cc0c1ef63dff58f59977665f0a329a39a4fc15e70b7c25c9814a632c9a9d9844d4614994f8250a901b7c6bfa48cf9a7c9ccff52967e86e01d85 |
/storage/emulated/0/data/.push_deviceid
| MD5 | deec9fa052e8f8dcf8fb33e890c37657 |
| SHA1 | 0432c97759be6e282a0246e14d508d9e509112b9 |
| SHA256 | 4bf1bf7f5ec13cf3d53d880d57b71784748c478acc981e0c59b30df69c72a2ca |
| SHA512 | 5da4892932c922bc21f63200525120d4aaf1e2f9f68e4deb7a2f8058ab0b8a5cd5ff4d5f9f2183559daccc13f848908a9fec57e2b875db345af7811f9c05ac26 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 28f82791bd6be536d738f6dfe88d05ad |
| SHA1 | 2a4e02ec5babdce518ab3ef1424ef73d23e2f316 |
| SHA256 | eed5e7d18e24a40009106b2b720aa552f06c502b78e6c520714a612164c5089e |
| SHA512 | c38d039d7c82e496c50fefd74bbc3acdd52fb846ff886cbd647bf099396cc59f6e201fdd8a4a94da16ed7052dc4fc488633dbeb3038e96513038445791906ba4 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 9f8e13694195053ceb1ec9b4cd840686 |
| SHA1 | 0a19c105a8542186cc11e99c18e9f081ac351d17 |
| SHA256 | 56fe2a78ba674b124c7a020e40950fc8297d4b8f735a0a46d1faefa3e2fd53a0 |
| SHA512 | 3896224c23e584ddf0e27943427937a1d070a3f104b2e931c2d30e3c98c076d46f39ce1b990f993684d61ad9ca12e672c04a3daf4532cfba20c368dc6f873a31 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 556a0574acdaef820033a15c5a924f7e |
| SHA1 | 9467bc172a8db5cb10c82d69d72790d8fb2bf303 |
| SHA256 | 56bb55b0b3c89b0baec85e0020448343ff75862a59eca86b7465f4ff99d05ab8 |
| SHA512 | afba02c48965a7ec70527647ef137e6a60c003e2e16eb863a261563433003672b04e12881487c07c82c97add06f5ecf372dd4038d184da1566075859a0342f36 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | 558e7c199f33a5304e4801764cd264ec |
| SHA1 | 9e9960d6db26ea7b066101023cb69041c6654ea9 |
| SHA256 | 3c3af02a5f4e4d2b1334666d91e97bdfab7454f30723623c079f4cd9d0ba81e9 |
| SHA512 | fbd1e67831ef14fa6776c1b265eec6670b9be62e77599609cbbfbc6cba254d219392d37a5ec4d796349d954f37610579de457d005af864e2ac36a8cffb0d297a |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e0bac8c3c005c727bb9b0b2d00be3d7cf020743113c01c46c33a507d6275519a.0.tmp
| MD5 | 3ccf674803e2bcca74d940a369b98a1f |
| SHA1 | b82beb53b74476af3563d05f4b49b4628611c19f |
| SHA256 | 897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274 |
| SHA512 | b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f |
/data/data/com.xgbuy.xg/databases/cc/cc.db-journal
| MD5 | 8314837d9ef6fe11ff45e6b73525fe2c |
| SHA1 | 461c954d15de48ea7bff3d14c0b67c0dc22ad2f7 |
| SHA256 | 5e25d11e5b51f0098da793c79e058a0fef2afa561dec422d28562ed328db1908 |
| SHA512 | fe6aa4f495a2ad556e89d7b45df8ccfeed1df4528805955eab216aa4e03ec5bf32a5bf2c25381b46c27d0b86a099aedbe16f7d72f172b389fe54346f125a6e0d |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | 1a6bf70d513a7d7c55b955a3054ef252 |
| SHA1 | 0aeeae6a0ff9d083a8c68b41895d37a5349f7e2e |
| SHA256 | bdad7fed356c815dfdf61f2abef793806c58b316523f7f628208de5b5a319b52 |
| SHA512 | 5bfcc92d75fc5a39643a2e7d521888b0facd7830a322c7ca41a3f1f91329a92555569185b72fc3ff15145eb7994750cdab234c5c6d60e1173cb857d3b945a99d |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | e43c950aefdda697ef68aa79dbf47d89 |
| SHA1 | 22e9ed6e85f943372ca80f20c4ffb7ea4b918c21 |
| SHA256 | c5f54da60a813bb34a06b428fed480a716874fc11697b28efcf4df0d0c97cec8 |
| SHA512 | 10ba8323061e821baf981217658f936b32a4950860e50b3acdde251334e97b5f1cae4636a4c6c85188bf767a369f8f89dee8ee462b3dda83f6da21f1a71d5380 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 904bc635d2e5e85a865476644c24b090 |
| SHA1 | 7aa2d35b1c48b6b1369ec66525b1c9ca7441c00a |
| SHA256 | f4ee9a5daf20a7fcae92789880c39c4a491ff70fa82c514c14f6b9af7d3d8662 |
| SHA512 | 84c10e24333aecd024c2a005f93e26f26fd8fb69e2eabf29d6f6ecb4736003a295bda77725e0e33c4610a3b14c8cb042498c26dc02f40d80c22cc4fab508261f |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 123b8f6b71889e9a24c85acddb6bb608 |
| SHA1 | 81d949110321143c5722226b4c3a7c6757154de1 |
| SHA256 | 386a3a997161aaeaa9424def6251cf305a89343ab6cc108a3cee04b256dbf47a |
| SHA512 | a633ff70726029f0e595ed89819bba47e112db0a8e0fdc08c8be9fa142c9a1e05338fe56cd400115bc35bffcca96a513baecdb90c7368912d0be76ac3119e2af |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 24e4312a1b1bcb87fdecb07a5a5b0cc1 |
| SHA1 | cc7406ca871a02231d859dd4cfa1d551cb2cb933 |
| SHA256 | 6b560771889c95893684988ab367b6d4628873eacd8c10ff6381d4d802ccb334 |
| SHA512 | 77fc0aea46d19cd9a627ac4755946ccbbae36b9ff9277cbc6a892c4e9c5afa438e347981b087cb2f5c5efdffd850b223961bd8650a6573733016983da4131604 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d6081c778e6ec59d3192e6f69cc53d80 |
| SHA1 | f6f64b02beb10830b8c6c729827252f952562a5e |
| SHA256 | 84f927ad14c83678f791d670f168ecbdc8175052f9ea1a3492ea471be05110f6 |
| SHA512 | 791dd912dbe5a653b383ed1066fd203648556423dee8b7e47ffd4a54b8ff9c0de7c6a1d7e7759e6496e2f26b0e46e5908dd6c907fc57903cd409e21eca1bc8d4 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 7dd6c54ebd185ea16cfd30c31ef98a3a |
| SHA1 | 91742ed415810bbd6807ad04ed1a440f0b58e0d5 |
| SHA256 | 6ee36983d93ef20ca4ccab188f0e68d2ed978a23a202194c54d37bfc825399de |
| SHA512 | a144be0e51595bc35aea2208138d41ee59c2be6a8f25d55a2a6bbaaa8fc136694d9c9567b6f0727a721a33649d6819ae45ccd2b2c031a60b58f74ad679e82a47 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 6e502323f2684110371c7880af48d0bd |
| SHA1 | ade739d32cecc6113bd7307720deff7db7138df2 |
| SHA256 | b1a906c49a18422fb34740f1aba7fbf5731df02d9d17b25eab219d902ae9f386 |
| SHA512 | c9ddaf8dece69fa0ec1d2a20d38538cfff485a996b4bfc0f46038a24d83199e798bf275e77581db45607070b132de3cb97a1df281c9d268e1262f8d1c2fd58c3 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 55ebd4b839bad3653847735ce70b51ae |
| SHA1 | 1e02d7f9e6e6e2ab9cc36cae5888a89aed02da5d |
| SHA256 | 974262642ba800aca41965196009c6d6e09ff18363da210aee915bbf965ce591 |
| SHA512 | 02ffe13bd7b37b41ef8ccedd79f621d16a60ea607427af6e0dada6b7c98fe355c9615a1eb5e5c0a2511a9faeadd6655caa35b1e62df6d4f91ecbd4af6c7dc0e0 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | d6368bb623ce21634a9401fdcfe4191d |
| SHA1 | 931d1d87862931b73fa8b7ef511d55a5b03bd084 |
| SHA256 | 6c63241979eb2aebb421fbd235939321bda9855024ae60bfed55143298a796d6 |
| SHA512 | 3fb9fa51c94d0e58049114172ad7188e413654872ba98fa05a5f6de8ba98cb077ed6084f6a929987a8588bd41d64d6c61df3ac7fb1923f74f64fc246f01ba6f3 |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | 3cf83e9ba49d9a85576f50cfb8a54526 |
| SHA1 | 085f997a7916757c321282830ad3d5d1def6d2b8 |
| SHA256 | 8b63ac83652091f48be71dbbdfed1d504934bbafe02e525c9385fab848b00b1a |
| SHA512 | 41b5ceb0a611b81fb7eee646ee20639b8138165c1f8d8bb3992afb750f59b720c18dcbabd20c6eff35d85a2f6e52089d5400260c6a472e1fc3ce26e702e0c04d |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | 1997704f07a698b1dfa8b2525547624b |
| SHA1 | dea462622e735a7ec0c4c4cce9b5d562ce583867 |
| SHA256 | 9ad76754c434b94e91b07a3da411a5099bd8bb5bde1e6cdb2a40942286f8d56d |
| SHA512 | a71c57fb009947d2033473ff190024f0da60f3370e1516a690aeb1ad8a641493c638a3a4f2cef22edf41e62feaa389ebde90b72a2d7dadcd0472c79d7c949f9c |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | c15aec7b19ddaedef417666ff7722163 |
| SHA1 | d144ccea06879306ec4fd2da33d07eff7398feb2 |
| SHA256 | 248a6167252462de10045d5dd3b1b7af74bb410278e5b0944bcd32ee12542cee |
| SHA512 | 4a309b140dbfedcda20bf636ba1b58b2720dcb40b207d5a6d63784eda15b9fe7f82ee0935313ecb1adcf46e472d40d4fbc2639aeaa782a220798165449855b33 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | 2c9a1285e7c0881265b9bdce5f1fb0c5 |
| SHA1 | c65d2d4e6cda55e70acf61172ef542915ba58d33 |
| SHA256 | 916a4a4b83b3c9bafee9b4a6a6cbb68efe1d8d81f6617981830b1ec9b73ec057 |
| SHA512 | 4dfccbfd1195f0f9a21c46ef44db62e3bbcd915475f5b5fc1287dd363d56abcdf8cfea574a82c22653cba79a76df415a02cace83ee1473dc785c6d9b077c14a1 |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 57f62dccb341de9e97d71289745bdf84 |
| SHA1 | f76b70f25fe411a0fa7699d5b93858ce07aea5ba |
| SHA256 | 7b5cfc9281d86ae0f4710d3e8f464b675fbe16e4348cdf2ec9267851d4c63cfd |
| SHA512 | 9730ec8b550e434ac040035dc7f80a478d1802bed6b94e3d5cff087cd0455230768d9b4a6b9f3f3a93a67a8eabaaaf6ab98f14d5651c1caa7cbeeadd366f1da1 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 4b331acce24f520380849531d3355474 |
| SHA1 | adbd7a57d06fd03029b5ecc314cdda3e96110ae8 |
| SHA256 | bd3902a75ae775a03b07aa323d471c7e6bd1efe4b2fc33bbafead69336016684 |
| SHA512 | 5613e60cbfe0bafa7065ef49c5fda74b02068179645568948ed37299d4b4e6e458231878d49ff39f6f9a52c2b22507601c73acb29f42bc9dc183a1fafdd2e878 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 2d8c5db314eedda1a368f09a2c74bd53 |
| SHA1 | 23a4bd2d724c57cbaa3544db54c26a8c8242d7f4 |
| SHA256 | 5cd21e04e070453a2244e3eed5822ed41207c51ea8bd33ec8382ec56f36890c2 |
| SHA512 | 5a6cd09cda21be42927165d25dcf1936fd570e131a385c0a0fa460be24a0eb9d8f0fe1ffa2ce7a9dbf47edebdcc03c9b30b7d3ccd1d630aaf3b581e2ac708bc6 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 7b788546f38b12e63f8eceb796121820 |
| SHA1 | 348f35850a26418b30db9572a3f6d0c815fabbe4 |
| SHA256 | 5516274935cbeedec5db4035b124031943363af06d9e838c22fdb8ff9098d3b5 |
| SHA512 | e56680f6bb640919d71d71efbcc9d439d94ec8eb992f19c1a00f2e9d8cba66bce49338ee0326c3108d8d6f2111caddf62bf47431889ba8453b19a72424d7afa9 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | c96a5810f9bbd556739c381db5a28141 |
| SHA1 | 2cce735c75f4934d61a51b5511ef05ecd168d142 |
| SHA256 | e028355b185edba6f850ffa6c8c262fe3fda61680a3f67cd2246750373dcdda9 |
| SHA512 | e6b8a026b26401c6f593ee64f0932dd11e72ca7cb117853bca95d343515f431e9a6bf55ae9a6fea7369fe389c8c847ffda1792512b3787822cb2eb6abb71a7ef |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | c6e49fb96f2fdb17bf839f4934689d95 |
| SHA1 | ea9d34d78e99ed75d048134a0a78730852176445 |
| SHA256 | fca9c9254c618d29fce352e92c32021b6e655cc6c86313129eea1b2dc4a9fae7 |
| SHA512 | 4be1469d80c00999cc7b53040636aa2969ac6deae0ac9e14597c22042a76730f5cbdf75b5a05dc0c7d4835ae64ac6d6863e57f39d4a0f7e9f9a8d1fdbe6734fc |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 257c307a62a75d95a1fba6168a557632 |
| SHA1 | e281dcc710f67d6775b2b1aa42c89914382d962b |
| SHA256 | e7f1e0b1c4f56e4691206af9b061b67c971b8ee2e140153b6d1838531fecfef1 |
| SHA512 | e8bcd606ba30ada1f6bd75202cb24de215b7bf10c67a332e9b74590e459c00a3ff467f73adaae3adcbe40d164fdd145115f1f24d8e87384104e5c07b93e02215 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 28c158a40e37e17fdb257ed789c501c9 |
| SHA1 | 52a0d59349c4b4e7b8a807c85932396cb3d8497b |
| SHA256 | 1c3321c65f404f4ae9556957020182c47ba2e0f2933c3da92681e096b75d0794 |
| SHA512 | 91bc04eea6b9a90e3d9729e25ca0ca08e514346ffc3fb17fd48a21442cda79a246be138e31cd51e4d629bf14b930fe37fa12eda54d4e89045ee9668f4fcafa09 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 74d2ff1d1294fe30fad3aba833f818b8 |
| SHA1 | 1cea3cbae56d785500a80ff242fb44c16da7f9fe |
| SHA256 | 1471d845ec017c7c7677cea7e407f0fc0aff9e616b938cdf12470951a85f8c94 |
| SHA512 | 8c7eaf1d8a34825a03ebfae8514915922436a21787decfe3d4ff71435489f622eedfb9e4f48a8e275cf124a103e32e1507c04ab12f99872020a38ca0862c8190 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 1a2e583e5943988e616b8c24b6880566 |
| SHA1 | 3c799cc573d6ca29dc8e3bef4f7c3829a587c216 |
| SHA256 | 3f40d4fe3453137bb3353300c8061965f9002cff6b7197573c2b9941175db195 |
| SHA512 | a062dee2221b227b4688bb78ae8e8af274be79ef14a8ab12ce194927ae7bdcac6c979d9993652bd4ed07495ab6028ba56cc781d3fddf73ba1d78137100f45532 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 14411cdc8e2812963f2e153e29e23658 |
| SHA1 | 36714dc59e2a97c8edb4ce79382515e80de3ddad |
| SHA256 | 07e62f02824843f64822ba6cf793d777d4c91be23420acd9c8725f059cf16bc7 |
| SHA512 | bed12fdca8b754af621b579ecd81eac8e4d4aaab44d3267c6740a2c5049857d33a813984217ffce8d3369460d9fc6a3127ebf5cfddfe785267b11ff70b16cdea |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest16725451827759883424348216503022772322-journal
| MD5 | bc48a7d388ab942d601cec31c2fc5d14 |
| SHA1 | b6e217c095e0ab24c8b18dd0a2cf426867daca5c |
| SHA256 | 4b8df307e0278c136110cca5022fba25d329625737a37f28461cfd85803dcd67 |
| SHA512 | d059360097d4475569686949d7b7407758053ef0105afc7501771f3214b70537663d7045ff5868113c9a0e08523cfe94b79545f465da4ce0feb9e1fbe9f0c0df |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest16725451827759883424348216503022772322-wal
| MD5 | 1a1090e567d6bfe70cdb06c8e09b7a8f |
| SHA1 | db0d7acd10bad1ede1c7ab0ff3be02830aded757 |
| SHA256 | 8053dba05c29b5231a5449f055f0efc1056b3e573bf7d670a18a5c3c061ae73e |
| SHA512 | 6fbaefd912a24215c62afbef910032e74e42beefd234c5547a3639082eba0dcb2b5dd2163ef9f5ff2d9c339b9a62e27177aa9f1507760df74130078b5a36839a |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | b84e013b485154dbb14a9d12d61b5491 |
| SHA1 | be9158f4a6f2a46c080d8d488d0804d53a9f4a75 |
| SHA256 | e277c57fcc7fc804612b4d701d74d1798376ca0db6220bbbdae50f7aaab17306 |
| SHA512 | 67d748f4d08329a1b8dc485bfd50e36b8385ff292e39ce61e64d22d257d1a68564c8d1130bc00eea5ec40fe5396c55f1001ae52754fcef83e7499d3c9d56638b |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | dbc2713c25c52434c803df429103aa8f |
| SHA1 | 1cf874e6d642e83e3bfb2ccbdbbd56c89ce215b8 |
| SHA256 | 32a020690cd684b5e2fe3b2f742ddfa6c1b267c8873e7e784c089d5a66df1af4 |
| SHA512 | ae25e9c453bde5538775c2546246e5d9323bab384fb9e55e0a5688d9a3b2e6b9652b84e44342831b05af08148125a1385d36ac9fb27fd7f61443586eee2233e9 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 1221dfe81c6ed7869d7d18ba4bb1b34d |
| SHA1 | 0d2a227f033d0b6aa4f1fa7d4932cfe12d402210 |
| SHA256 | 7f04e67b57ba75ba36789b4f4784cc912e79a04da2bd35b56d80a0d9a5883b1b |
| SHA512 | c382ae5ebffc26ac274d9b368982445e71b875b5a519f92c43fe0b8b66fdeec1063a7a23467d5807a011727c083a4e8c6f2dcc9d1f0a4378d19b3e1769c135f4 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 40121166e290c9cb23a8831e0147c328 |
| SHA1 | 193de5c8d3116a94daa7a44eaa38f2f884c7209d |
| SHA256 | 4e8e882d868291219a3934784c99c19ef8c181d32b4f260979bd71c7550514aa |
| SHA512 | 92f85097324d5e6ac8a9e000f4d1b617a72ebd8ebfe337cbbf61a0a25806620607ab089c221d6bb44f59fc4970c8b0c5a6af07a63028d33c7d5dd67dbfb8c46e |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 2159bf6b07674b22c99d9d63e9588d46 |
| SHA1 | 5393f207139fd3136ba1a02d7343078e5e725a81 |
| SHA256 | 8dfd9bde9cf3cd84a0b2eb34c5303b44f360a04ad66cd2efb85976018f94a695 |
| SHA512 | 1f8136b39c609c5b03208b9b8d7287cdc2fe262e4031bc2e00b8987df747d37b9f65d2c4ba58f201548f6dd55dc8e269fe9f93ad8ceaa4634b491b08f0cf8800 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | fc54aa319a7f80021bd7160a0afbf407 |
| SHA1 | bc2585f131233c96cabf11f09e8657c839172c76 |
| SHA256 | 34fc12d277c0bb7eadcdeae7e8fbc1a2af6e63ee7bb887fd7721f6fe8a326900 |
| SHA512 | 913c0dec7e3c8aaceb74dcd15483fc8169200c32ddd8326b2bd4c44bc87afff12a6ebf079d5bd29d36bc01f321dde8cef900fac9ff69585bc41672d35a0ba0ea |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | b67cc9a984bee4839d5ca34d238b4e2b |
| SHA1 | 138f12f8c0d12c7bab96da2a8b08f48442af27fb |
| SHA256 | 95fa8a7515521b3202b525b6dfa84408f73d6d0d35c745e6eae61f25d300e710 |
| SHA512 | 52729cadd78c60abb17775f00fbe18fdf660d888e53874fd70f35d6017c340bebc5d7e1091c99f3e427d0ea923f4b521a58415230d4e85f77dd511d6e0c9520c |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | aa8a450ece6851cdf2f6f300a8c3d948 |
| SHA1 | c9ba95fff47b042872726d6e506f72e646af9f65 |
| SHA256 | 9e16d53c2f0cc649f7963686ef7340c7a2ae38df9f19e201537b186044fde397 |
| SHA512 | 121e7c598dbd03d88d4158e8cda46c341844e632c6a78c93acd6aee71010fdc002c356f6d7206d02d2cb56e4f3bf0455339677171ee0c4929a9e60fceb2c8e98 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 1d5df7c172155481a7d16eac936890e0 |
| SHA1 | a3c3de8b584a969be9c514c88bb1da1b1f3bed86 |
| SHA256 | 9fa8fa838ea4e1286ef5aabf98b317b2ffcf73ba054ad5dba35644c2b2762349 |
| SHA512 | e677b6a3eb78225d91ee21c71b885ec7ea6ec87eaabec158f74388366d38ca6f874051c56dd420d53f0f88a90c2f86202decca47654726b5a9ce368fd4fb5259 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
/data/data/com.xgbuy.xg/files/.um/um_cache_1718255076801.env
| MD5 | 67e127d5eb525269b905cf3464ec9eeb |
| SHA1 | 40575811124b7fa8d2bd4e9d2ad4414e6d76062c |
| SHA256 | e8db417bd385d8ec35a4d1e8384c772750323bab5e114474559f2ef213c56b3d |
| SHA512 | 60d6d4c440c4380c694156025ff5506811e5cc28980a14f861a035a8affdc98dd077b460b027eef5f2b18e619f99d6c697fe776bb92b6ff36f92d9ea1e3f9bd5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 05:01
Reported
2024-06-13 05:01
Platform
android-33-x64-arm64-20240611.1-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 216.58.212.196:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.202:443 | udp |