Analysis Overview
SHA256
05daeb2bf6e780f702bdf01a88bdb27357dd70a14cd1816ccd5a66148978cbf8
Threat Level: Likely malicious
The file a427f8fde19a40fd2e360647f2d5d6b0_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Queries information about active data network
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-13 06:16
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 06:16
Reported
2024-06-13 06:19
Platform
android-x86-arm-20240611.1-en
Max time kernel
136s
Max time network
182s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.bxkj.ejrzp/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.bxkj.ejrzp/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.bxkj.ejrzp/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.bxkj.ejrzp/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.bxkj.ejrzp/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.bxkj.ejrzp
/system/bin/sh -c getprop
getprop
/system/bin/sh -c type su
sh -c ps -ef
ps -ef
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | cgi.connect.qq.com | udp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | api.map.baidu.com | udp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | ebjvu.cn | udp |
| CN | 112.65.70.244:80 | ebjvu.cn | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
Files
/data/data/com.bxkj.ejrzp/.jiagu/libjiagu.so
| MD5 | 610a895c4a71bbeeaea16eddb1422bbf |
| SHA1 | 9f919de42ed1e80bfadfef48f8202b202166f869 |
| SHA256 | baa349e9b5a47be21b6ea00ef2e0c0c5dc203c0e4c391dac46df07ca9d333217 |
| SHA512 | ef4173ba32309ef1257b75bcff28fd44ab14398577b4fb3b6b95323035c964201ed39546cda3b7115ba5025781f3b9c018443e7932edd50a25b1be60359f80f2 |
/data/data/com.bxkj.ejrzp/.jiagu/classes.dex
| MD5 | 10c90c7c155f2dfedf77bf6804f3c053 |
| SHA1 | be1ba09594fd339ee4ebce3a5ae29c681f1aa009 |
| SHA256 | 8ee5235715927cf06f95540c13004f5ca6623c8f3824fe701d9ae6abe59aeaf9 |
| SHA512 | 70fe875808d71aa046100d54f7a144937a7b76ced942c02f907c590cfbc788daee9bdd2e5ab57dcc6d065c051779d6a5834540f599ab6f87a19d6fc7920fd862 |
/data/data/com.bxkj.ejrzp/.jiagu/classes.dex!classes2.dex
| MD5 | d853e67d0d066ac3cd79c123657db537 |
| SHA1 | 189fc0f88f0437fdccfe965c0ea6dd940b1c1a91 |
| SHA256 | ecdc6861c18182f15c17b5ad621807f1d5c3857f6add24d29a20a3dd15016d0e |
| SHA512 | 4910f2f6afbd6164aad7dca666b1bdc3f1fb5919b16c0999d259e64d4a8d8fc3b85b18f9080c4b70209a8b5f507715fd8c5fcfb125e2290953b4d6298dffc5a0 |
/data/data/com.bxkj.ejrzp/.jiagu/classes.dex!classes3.dex
| MD5 | fe6cd1c89b0e42385cd3a9ec1495c16d |
| SHA1 | da96ba60b666d0b930df40b0475bdcc1b8d2392d |
| SHA256 | 41a575a0068e30d7c28e69975ed177756651bb6f6cc16c9e0279c5704d9f596c |
| SHA512 | 7c2087b93ddb8dfc572853bc4d0abe8ed5d7d24bd5aa4a9d7ac997ca1d1e65e2933ccbad41ee848159c520f79415c17b254cbde2fd106aa5771367eb57560759 |
/data/data/com.bxkj.ejrzp/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ri
| MD5 | 20a2fe19d515b4e1f51d0e04249c9a2b |
| SHA1 | a5e41872f325d3f8c4b160b0b6f137b225f7e2be |
| SHA256 | 20f25884b373e261441ffffe6a95772be0a2102fdea57068e13152cf80845155 |
| SHA512 | 979c4d45596dd2ece8da26bf28fe6bd39e707cc12886a3184849169484b25e53ecd6ff1936820ac9de2c3f9d5fa98690b811bc293f29583d2511a9e4ce653460 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_cf
| MD5 | fff9e7896edfc5c6cb537a62e6b9a66a |
| SHA1 | accb385ca73b60095459280f370e0b6dee28d711 |
| SHA256 | 4084882713b58cba48e6c1d7a9059d85a65654edf765bdc01a2160878ab7c102 |
| SHA512 | 0f8939ea4ba224df51df7b0e44df4cdf6d6b536c55965ec6f6ccfa095326f08447bbdf0ed717a7151c9cd413a0f8ba2a0dd6bea1724b2158834d5a77ae8b79ac |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_pid
| MD5 | 6bbb5e6b95e3b71a14a94a288bd24c7d |
| SHA1 | 7aab671288120fe4928713577d4a8341057d9ccd |
| SHA256 | 211b1df5ef4bc74ef2c5acac5774900154bc7d4fcff969bb7129fe32d4e1d5b0 |
| SHA512 | 7420483ad4baa75ad3b86f52a489103b3f4ee1255bdc4e5fb90555f2b1737d35e8a2cc9d6edb8a2903474f3dfc7d8da299d6c55b226a22cae15c72c86ab59d6e |
/data/data/com.bxkj.ejrzp/files/libcuid.so
| MD5 | a5b652d18ae585958e8060ed0afc0da3 |
| SHA1 | 8e2fd23dbba67bb1e93326583582b0b0caf2bb8d |
| SHA256 | 6146eccce70aa572bff890c01d1580cbaecd7845747a1996f6573a115be0b1ac |
| SHA512 | c5b3e343161dc89a7fd47a2b2fed632a92edf8e5a05673b158d485e7409b6294f469698d15fd73eeeefe3eeb62de31bb903f7f2de4898720f059b13762715906 |
/data/data/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | 969f0da9bd4206d60b5a2308cb778f29 |
| SHA1 | 0073f7e4e9a9e117ade4cad4e5e401b715f7f449 |
| SHA256 | b02d938b0952514761c66c259b8fd89864f8d68c1686425349cc1fe56df74cf0 |
| SHA512 | b70f6bc5265d8f9f95ea8c5553a20b34f791c5dca43801dbda1e1c9081e59c739b0e0f409254d9e0fb4cacd3ed93ea45a3402fc34de2e906b7a7993af69f6d87 |
/data/data/com.bxkj.ejrzp/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.bxkj.ejrzp/databases/bugly_db_-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.bxkj.ejrzp/databases/bugly_db_-wal
| MD5 | 5a5a0019056893d1f0231575c75ce056 |
| SHA1 | 98616531362bd0384eeafa7b5a74740eec1d545a |
| SHA256 | ac5fb4ef0b854db7fa1300d07485bc2015b96d7a3aaa03f5300da983dad8a829 |
| SHA512 | ebc364f9ad588937d09b99fb2e81761e37133f7e69008c62ff3b588b198a9e3d4dc20b2824b40078db0bf0b6cfbab492ca4c167d47c2a2c86231a7447add7a4a |
/data/data/com.bxkj.ejrzp/app_crashrecord/1004
| MD5 | c44a8aeb3804fc41bf0152c496106786 |
| SHA1 | 43524469e8b2a06ef73eb72331d960ed809710e5 |
| SHA256 | 060a7e3ae2a35fe24694c9e403b158e1a868611f079dc036a6004c58ec8848e8 |
| SHA512 | d777f8b82a24121c6834b6ce31cd880620085e67b3d19063152bebd21c4784ceccca43599d9207a74c2ab1dfa60d887427a76b17fc0b7d4f143d62ccf29dc875 |
/data/data/com.bxkj.ejrzp/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ac
| MD5 | 4316c4e87865ce4d9a5eb6d1666c684c |
| SHA1 | 213418d940159019d11a4f14664f169df45117a1 |
| SHA256 | cc01a52a0ced311d16f012f4b88c8f152e2ab20a617c82bfba189e1243ad529f |
| SHA512 | e135513b1a970b8697757afdd4d679202023b9f694478babb44e8110f74608852f035983056e320a7313c458235c1bf9a7fc2c2708bd3e8e51a78b379cef361c |
/data/data/com.bxkj.ejrzp/files/com.tencent.open.config.json.1107741683
| MD5 | f526172de1566b34fdcea744710d9559 |
| SHA1 | 000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d |
| SHA256 | 8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940 |
| SHA512 | dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | b47fa3eed8ec8e6e34aaa9f64d72f577 |
| SHA1 | ad96dc83e15ac555dfcc16fce450f566e792e633 |
| SHA256 | ad0cbaac37fabddff0c9ca7394d5748fd8cf69796abff1c43ec127d067918f07 |
| SHA512 | 64b41e8f8239f20723be5838da01a8dea3563e237dc69d71c2304dcdd7db4baebcf1be74abf80b7b515d32663f231973b370f3f6451ff6b0d7d4249c7c3d6cfb |
/storage/emulated/0/backups/system/.confd
| MD5 | 249e034c9703afc1fd6062371c7f3da8 |
| SHA1 | 9ca489179488e0fe5a35f7c0d5887f163e4890cd |
| SHA256 | 18fc5cf216b05487a87be99a662e7474bd54120f214e034b3179f40ca989352a |
| SHA512 | b819b152548431c7892678ecdf23abe44cbdcf80e8f22707ab32a2aedb5356346b27e3c3e750665ba893d602af1c7dcca97edbac3c820859a0fc20714c22c0bd |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | df050244b0da120a8f7b791445daec83 |
| SHA1 | 1030be1e20cbff19d37aa91c795b0a2f9ac8ab1a |
| SHA256 | bd514766588af65a17fe04a427636031bd5b3ba90d5f79516b1ebf024c2daf89 |
| SHA512 | 034f7f1928f98a7a3d16f8a1a2b08f03af5479adc220240eddabb73c9ea5c30d9238717fb022c1aeea1c2333ffd93d85db57e1010282cb99decd40bed96414c1 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 3c136e6ed8cc1e129a8adfba69598759 |
| SHA1 | 607c45a06730f911965dfa54dbd635d2ff205e54 |
| SHA256 | 14754a8157af9c34b66ffa699c6a528c1b922c63f2f81b779f8cbe79c063ee1e |
| SHA512 | 69a916f7366bbffcb94f4838326038ed83c3f1456f4d182f713bb8ce71b0bfce67ec5ce9f7cd0c97bf38c3c1535e5ca059ed0341211e99f179a194954aac201e |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 2798eb470216f60bf9e62929f4c6b9be |
| SHA1 | 7aaf1e3c89bfb047e2849f954508ea166ac9dc78 |
| SHA256 | 843fe41376a65966d7cf076dc6888b3a846f1181de1b782bb3b267b842ef0eaf |
| SHA512 | 79801404e6c6c4c0ca10bebb6928294a31054a516579493fc6fe4be65c34bdd345f7219449d8e8794b67229669face3b63cfac985748afd005f70f1ee85a331c |
/storage/emulated/0/backups/system/.confd
| MD5 | 8c7f6e3b52e6e841b895bbd13644ed43 |
| SHA1 | ec8daf46a7eb99c75ea1ce8582ef77b2df8455d2 |
| SHA256 | 6615188d5d8fa77b44fbae7a249d073b3623316e7489c5fec95fe53188ea467c |
| SHA512 | cffafd628e62fa915872796ee02dd8119cfebd6811291155acd400986ee5d34b244ab3b5d0bd386566724205771f665571bcb04950d390c5c60072fdb90c5280 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 17a9f7979604131484195f683bc7e9c8 |
| SHA1 | 68ac23058ad2d9bfaf16680d03d963717695861c |
| SHA256 | 3a6ce291820a051ff1169d6a99e97fca1f4f96295cd5d8240a795a09535fd6ce |
| SHA512 | 96497ea8df96fb11198cd17ca89ba08a166a1d0f0b84fb25fb9bd4404a67ca359a357663178f4e8079cf103f22af31d72191e1e1f1d7a6d3fb85aa75da0e94b6 |
/storage/emulated/0/backups/system/.confd
| MD5 | 7569a085d42bc000cf276ec604972e03 |
| SHA1 | 1a9788377928655c3eef4514f23337b224052908 |
| SHA256 | b5d567d73d057c8de87bac464b25b9264048efcf8f1f153c4b0c323d65accb78 |
| SHA512 | ae0fbbd252667f91dc470df08d94e652855f3012e73f1bc53790e5968332f266d3089f6d075a1b7616a7bd59f3a5eb1b6f60038b392f52b20bb28d2e40e435b1 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 78534fee41178f499f44b4c3f2972afc |
| SHA1 | 384018d5190d7423a9630db9f836bc5cdb7271d3 |
| SHA256 | 7580ea8e1727147d50b472610512bd8f10301ba5546eedf7e0c7ed85f1d6a7f5 |
| SHA512 | 89fb5f3eb063d686f100a258d90ddb31d4b4a0acb4edcc11ca3757138c3d6de770767a16f5739a37a7d95a83cc60e65a7ed5f7739fb59a2e8af0bf30d83af692 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 7012d8720033cbc65dfb458cebc32efa |
| SHA1 | 1299f15ae650371cace54d2e1c08bf2a0f1ef5d4 |
| SHA256 | a9581d06262172f0aadf08edfc971330470ca7b7fd7c2e5b30eae082ffc07c32 |
| SHA512 | 1c762902268d8182d94e5572b8ab6495cb98a84d1ce47a07856dab8c6c68efaf7e147e81a6ea85db20d090012bd61024071d0711e1640de16e26239244f965e7 |
/storage/emulated/0/backups/system/.confd
| MD5 | a7cfd4d32fa73aeca63c137073563ccd |
| SHA1 | c66ba9571f6d593c0b816ecd989f7cb7e0bf119a |
| SHA256 | e398096f864595aa64822e8c7f504be065d6cae0a44ea0e6809659218e326af6 |
| SHA512 | f52d5b5438a47c4c45ee1db020c1719730f86b265c1a7b83ab1433b8830bad676cad6c32ddb2042237913a755f133fcd24f8dccfdd3125be4277ff90f67c2da4 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 5666b6a7ef175482454cb996dd61fc5a |
| SHA1 | 512d653c717921c91ea63863f8e552afdc8da4e2 |
| SHA256 | 5a2015669ac371dd63aefc833027ff16bdbb4533dc879f8f9dfc97dd9fdb8865 |
| SHA512 | 52e01c9a05918a4f7ce8e98552f30e92cb06cd2fd7e42220887b9e529f5ec9553c6ee6b2aa92a2360370c841ad7c0863c6f885f36b547cbb669772de94dfd85a |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | e8d49d3f8031d0c8e13b0a16b10ff7a4 |
| SHA1 | 531a1c5ed4b977ac87994c69fe0e7a39be817690 |
| SHA256 | 251baa99f900a0603f48cff4b488da14ed9367dcb78c4a68d8cad6525cb38688 |
| SHA512 | bb8e48d169bcba22d38975237539b3266a461420f98fa57401b397c3f2d894f3678894d6cef70e1c894a85c87443d2e0197b3ce32ff00375b84a645328c47a53 |
/storage/emulated/0/backups/system/.confd
| MD5 | d25bdc5262b72ea0c79e018b061fac80 |
| SHA1 | aed9be0857692d38d43cf3ca2948fddb92829d6f |
| SHA256 | f80824d49163f5abc19fe1dce23fc39339e505142a1db28749048e1bbd6c2690 |
| SHA512 | eeab5849c2c469568c62aee3fc50b74e39c73f56cfd44cb6c60021dc5f89c02aa1e3f705507e74df1d5a0921f38cfedae289efeb6c9f148422be822932802210 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 7ba4c9b925d4a60d7728584ed2795b52 |
| SHA1 | a902a1de302d8f762778f5d29a8da27dbc20f542 |
| SHA256 | c958546db23c74b6e9acd52f49cb2490c7a71862f3b94647d3b175ef587c4481 |
| SHA512 | b1f33fecc53af1175b8bf55f2cc32a22b5eaa97ff76a35f856e126068aeff734e4b73981e41573adbf541044f0260a03b1807260f613720dc63f4bb823dc73e9 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | abec0475e28fd8fd4a8f91ef3b5f8546 |
| SHA1 | 482ca4458b9c99efb76806648b953c6c2ecc10f3 |
| SHA256 | 3348cf43451c7f1926ba6928bd16543ae7e384c2e3a9ead7eef09292c25b6442 |
| SHA512 | 4fa5e08b15a92abda92b03cfa7d06d6a9f88bd789683e315ccd828dbe85aa388a1df39ebe458ce6f258800dd2e90ae0ac0b40dc3e2a7a0e25bb4f93e664ea162 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | 80dd3b1212cf49dd5453b2fe4dc042c8 |
| SHA1 | 9802691a11d4d4d596e2a5c9dd5369dcd6886bbd |
| SHA256 | 6683925c9d81b70edc4dbe6c61a278bdc04c66ef4c317f9f279c4826af526d87 |
| SHA512 | d8c9793e1fa65d1848eab89f4bad0300ffc22f7d3207f51b3a1f220ffbc91a0a47880337dec65127598461c18d63e78ec64386a04a40ba95236fbcd0c2084994 |
/storage/emulated/0/backups/system/.confd-wal
| MD5 | e9bed8c5680cdf128fffc09b5d5b42a4 |
| SHA1 | 99bd96f6c5cb3ae55ab5220d8f8a8eb0c2687165 |
| SHA256 | eff9b08a2464a6d4b39fc97f7ac2c4fe4f7aa2b2bff46d4055725ee326366a38 |
| SHA512 | 1a819bf2663b003bfbae5ef94f0c741df379dab5236075a4afac12d146556fc49293ce72a00cd06ded6cfc1e57764b666673dcb5b8705652a482da2b20548bd8 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 159f95ed6093b6c79e6eef8047c4d16a |
| SHA1 | 53e618a017fd024f4f90deaa1c6d7a9fb18c3c15 |
| SHA256 | fe3db5f2b2c2752a74c06b2ae791055f9d9c1519f81729ed85e31caddb1171a9 |
| SHA512 | 0d3867ab7f441aab419f7dbcb16287d2ec0a1c4aa1f9a3bcb18c476f19928d6b96475f9523d2993e8001f2f00829314c2603ed6fbf25287e34444c0a54bbe979 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_cf
| MD5 | e235f598ec65898dd591a5d2d2e88f14 |
| SHA1 | 9eb49be0ba4bd769d861ff90d4452ea37d412c7a |
| SHA256 | d2a8e4d7f6e511776d29f93c59319321c82579a1561423657b3023b0ec78fedc |
| SHA512 | 010b4b5eeb42ce2f1a3c04f774fd0ef35cf6197f17bdafa8bec57ad637a933105d70f7c827193523b3c1f29fb10e8d28e9eb632c528f1547082a9417f8bd9478 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ri
| MD5 | ef96ca8471fbd46e3a6687a262fe0562 |
| SHA1 | 27c7f656f303dba4bf7f290a39f7247dfab9a2ba |
| SHA256 | db9d7de9684dc827658bf5f8a150323346f18f5c4bc130dfca84da452ad84c5f |
| SHA512 | b11befaff4884224efce0c2b46fec63a11c5c4067c34342129fda46f82463f68b0676024acba419ec17817837aa3a527fd823452b6149dadbc299f0390a1cdb0 |
/data/data/com.bxkj.ejrzp/files/.jiagu.lock
| MD5 | a4ebed812e41b4547b0722a58734e357 |
| SHA1 | 5d8d368b21aa0f14a07328f3be01bee5d873ca2e |
| SHA256 | 91c77963d2caa15b7b64a9d9f9cd896793ae1eb04d1f5900bdc7a62bf84c7a67 |
| SHA512 | 6d932b49c9c6094557eb84c78ac0d3711661baf2a1280c58a35059444f4c8c86d84bfeb82efc95cd126eaf0818ef5e0729a6e214ce63c86232f611431efcdf4a |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.rd
| MD5 | ca5fa5287e6a3823ba82189ab7ac007c |
| SHA1 | 0cfaad48c85a1ee490c49f47c90d1ff2e248bcfe |
| SHA256 | fb478f8c2a5cd04096a8668a251ac74f503a587b99a707e02c15e55213311833 |
| SHA512 | ed9165cf940af8f4cf134f7aa066802045e83539ea928f4a89cc6a5334852ba311b6726a596433b5bcd71ed5ae1b6b58a4f50a6eed4d75cf336f870213bc3663 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_pid
| MD5 | 9f8af7062d0a331c3bf93d8a44ff7e5b |
| SHA1 | cd84f10d72646098d6e10e027fe014335a86a25b |
| SHA256 | a6a672fe1122d253d8210fcd7b9a6d938647571a8db34d01827c8482793d8bf9 |
| SHA512 | a75bc8b29f2143d63111e1f0118b03acfe70db5d4e7d8b1c66ebe176a57a19f7565c4a788d9964ea4ff1ee75a657a2321d1f6df7f9b30efd44d5497e5037aa60 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.pk.h
| MD5 | 1162ec544fae2170644a9c1299238b4a |
| SHA1 | c6c1b2d2ff034b57e0106eb76ed3771912c40a6a |
| SHA256 | 4d2303f99ff2d56effe89063b24fe6ca51280ed79222f6e38aa8be7b09e9ee62 |
| SHA512 | b9641c757a895f910af43180940d97239e2b574b7ed6e34cc6d5721fe64c56608657cc288e7edd84b1b7c8b03c0a45dd588adaf85c2ac27c91a5ee770eb0127a |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.pk
| MD5 | 0a31e45ae296284542eb3b874f15e3b2 |
| SHA1 | c64dca85215b2768986067b38933f67aceee642f |
| SHA256 | dfe4841e5db7dbcaaa016f3dd799082f3ce8db5f4c68fe1f3c4c67fc3f9fb92e |
| SHA512 | 1ff663942ee61ae8cc4c2bb0e9a06bd777b518295510283362f0127bbf3c3e3fe25d57818f26737650d6d6f2b5e56f5b4f4270b50c3df554b6d42ab80a725080 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ic
| MD5 | b51b086137c7b63149909ce4ce4624a4 |
| SHA1 | d0d63931d62109df728bee31e999ad5722d38d56 |
| SHA256 | 1de96480095139dd28d721c54266bcb8bed3318ff921f1e5ce5bec1a18ab897e |
| SHA512 | 629368dd2b0d9952493d0eb1df441860626c0cb76faee5ddd2c7c8bfeaee6cf780a3e3f8c83be6ee9eb0a409227a9a46b2caa6e8b61f0bf6ec067f9e6d62008c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 06:16
Reported
2024-06-13 06:19
Platform
android-x64-arm64-20240611.1-en
Max time kernel
144s
Max time network
188s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex!classes3.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.bxkj.ejrzp
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | cgi.connect.qq.com | udp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | api.map.baidu.com | udp |
| HK | 103.235.46.245:443 | api.map.baidu.com | tcp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | ebjvu.cn | udp |
| CN | 112.65.70.244:80 | ebjvu.cn | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
Files
/data/user/0/com.bxkj.ejrzp/.jiagu/libjiagu.so
| MD5 | 610a895c4a71bbeeaea16eddb1422bbf |
| SHA1 | 9f919de42ed1e80bfadfef48f8202b202166f869 |
| SHA256 | baa349e9b5a47be21b6ea00ef2e0c0c5dc203c0e4c391dac46df07ca9d333217 |
| SHA512 | ef4173ba32309ef1257b75bcff28fd44ab14398577b4fb3b6b95323035c964201ed39546cda3b7115ba5025781f3b9c018443e7932edd50a25b1be60359f80f2 |
/data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex
| MD5 | 10c90c7c155f2dfedf77bf6804f3c053 |
| SHA1 | be1ba09594fd339ee4ebce3a5ae29c681f1aa009 |
| SHA256 | 8ee5235715927cf06f95540c13004f5ca6623c8f3824fe701d9ae6abe59aeaf9 |
| SHA512 | 70fe875808d71aa046100d54f7a144937a7b76ced942c02f907c590cfbc788daee9bdd2e5ab57dcc6d065c051779d6a5834540f599ab6f87a19d6fc7920fd862 |
/data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex!classes2.dex
| MD5 | d853e67d0d066ac3cd79c123657db537 |
| SHA1 | 189fc0f88f0437fdccfe965c0ea6dd940b1c1a91 |
| SHA256 | ecdc6861c18182f15c17b5ad621807f1d5c3857f6add24d29a20a3dd15016d0e |
| SHA512 | 4910f2f6afbd6164aad7dca666b1bdc3f1fb5919b16c0999d259e64d4a8d8fc3b85b18f9080c4b70209a8b5f507715fd8c5fcfb125e2290953b4d6298dffc5a0 |
/data/user/0/com.bxkj.ejrzp/.jiagu/classes.dex!classes3.dex
| MD5 | fe6cd1c89b0e42385cd3a9ec1495c16d |
| SHA1 | da96ba60b666d0b930df40b0475bdcc1b8d2392d |
| SHA256 | 41a575a0068e30d7c28e69975ed177756651bb6f6cc16c9e0279c5704d9f596c |
| SHA512 | 7c2087b93ddb8dfc572853bc4d0abe8ed5d7d24bd5aa4a9d7ac997ca1d1e65e2933ccbad41ee848159c520f79415c17b254cbde2fd106aa5771367eb57560759 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ri
| MD5 | 20a2fe19d515b4e1f51d0e04249c9a2b |
| SHA1 | a5e41872f325d3f8c4b160b0b6f137b225f7e2be |
| SHA256 | 20f25884b373e261441ffffe6a95772be0a2102fdea57068e13152cf80845155 |
| SHA512 | 979c4d45596dd2ece8da26bf28fe6bd39e707cc12886a3184849169484b25e53ecd6ff1936820ac9de2c3f9d5fa98690b811bc293f29583d2511a9e4ce653460 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_cf
| MD5 | fff9e7896edfc5c6cb537a62e6b9a66a |
| SHA1 | accb385ca73b60095459280f370e0b6dee28d711 |
| SHA256 | 4084882713b58cba48e6c1d7a9059d85a65654edf765bdc01a2160878ab7c102 |
| SHA512 | 0f8939ea4ba224df51df7b0e44df4cdf6d6b536c55965ec6f6ccfa095326f08447bbdf0ed717a7151c9cd413a0f8ba2a0dd6bea1724b2158834d5a77ae8b79ac |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_pid
| MD5 | 6bbb5e6b95e3b71a14a94a288bd24c7d |
| SHA1 | 7aab671288120fe4928713577d4a8341057d9ccd |
| SHA256 | 211b1df5ef4bc74ef2c5acac5774900154bc7d4fcff969bb7129fe32d4e1d5b0 |
| SHA512 | 7420483ad4baa75ad3b86f52a489103b3f4ee1255bdc4e5fb90555f2b1737d35e8a2cc9d6edb8a2903474f3dfc7d8da299d6c55b226a22cae15c72c86ab59d6e |
/data/user/0/com.bxkj.ejrzp/files/libcuid.so
| MD5 | 104c410469ddd51f95bbe93081f9d12e |
| SHA1 | 5e57009bf68d37bf27fe690afefbc3bddc840f95 |
| SHA256 | d9dc9aa8a0543e49ec2c42a26f7b66d9e071ebc16e2c3810fac2180d23db5c89 |
| SHA512 | 177e7baad79494973a33dcc9453fad22e2bdac173359a38f61df1c300edada6954462834e25e925facd36a259f5fc28e69139ea227c7ed03c74e7c19911234d0 |
/data/user/0/com.bxkj.ejrzp/app_crashrecord/1004
| MD5 | 3679f4efbb0e6e9624476a4231b938ad |
| SHA1 | a8399972879c0f243fb0ee634c03074df3101354 |
| SHA256 | 9e5052a71e5b7f4116fa3942ec349a66b948ab6acd74a11b8f668a0a7ceeab05 |
| SHA512 | 937203bb82d780605f0f8599e20e3ff944f0dc083e8b5e9fb931e008d4289caef03ddb4628337846e5d370c0ef9940d89c92566e34b1ed1feff6c50f7c14a925 |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | 4043e10a61023b2722c88b090e22362d |
| SHA1 | b4b2767529c66982cb7990a53cbd3d59033bb02a |
| SHA256 | 2e2dec2a9da0b96f1b78fbbf357eea09cc533077dcb1f73211c20a2e58b5d08d |
| SHA512 | 6bb68ab12db949cf70833dca90288a926041132d1c283d0acce7ae23ffed65cb796791893c7feb630e34dbc9f0b9be36149d8b00e0d2241d8fdf4edd9ad69293 |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_
| MD5 | 045d2c32f416a8cd4e5ff4c81e80b914 |
| SHA1 | 5ab3097b9495eda9bc3b637bc541263b8f47f411 |
| SHA256 | 1f9f478f219c8df5d2db341c89c0af91e42b39907ba78c390f475f98e06eaf41 |
| SHA512 | 7193989c816f2c63472194ff2a8ce20a1b938fcff138b9bcc8a1a7944a4b301ba72519815a4d6d77830fd01654eed1b4180727a0c799c0f45462c93c0dcbbcba |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | 36d2b1c07b84a96f0da08fb834a5e75a |
| SHA1 | c731deac642ca9c314f91483dae18122601bdadc |
| SHA256 | d0c7934500d2d2d2726efa1a6182214849bcba671e7e61aea512a5c5fabc8210 |
| SHA512 | a23c0cd455ffec8e1e0b8d0cbae4743d7264d1ac6d0be5ee356798461a82f1c03fda006f94e2d6cf4165b7c827e91ab824250eb396a92bd9208d7bbba69835ea |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | aba5d3d9762afde4f895f5378b3728d5 |
| SHA1 | 2d784f94d9cbb2200b0853a614fb184091619cdc |
| SHA256 | 51e6da0c9cb145073f1f61815eddf6194eb69b05a781735db67d2224b949f227 |
| SHA512 | be9ff6c4ec97c22bb821155ab28143e7c03d2b9cf6c334f84c033b495dc3a6df1be82d32d3d45bb32fb70d23dec0a451dca1062b7d28e58d8821bdab2685a91e |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | b397bc091cf1288ba427cf291a188267 |
| SHA1 | fda3a03edf651f412db09ec00b4ff8c3a3700aee |
| SHA256 | d25029bcfddf3b1f4811c26b916524f2d46745cd9af3ebeadb6283d4b1ac5809 |
| SHA512 | efe1188606e0edb375ed1c493d43a44d1335cdfd888bb30307781de2020920ac2a66ab4b86c1a1b64377d7331dd4183016877ce3ef9b368677baec0d483d7f2c |
/data/user/0/com.bxkj.ejrzp/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ac
| MD5 | 4316c4e87865ce4d9a5eb6d1666c684c |
| SHA1 | 213418d940159019d11a4f14664f169df45117a1 |
| SHA256 | cc01a52a0ced311d16f012f4b88c8f152e2ab20a617c82bfba189e1243ad529f |
| SHA512 | e135513b1a970b8697757afdd4d679202023b9f694478babb44e8110f74608852f035983056e320a7313c458235c1bf9a7fc2c2708bd3e8e51a78b379cef361c |
/data/user/0/com.bxkj.ejrzp/files/com.tencent.open.config.json.1107741683
| MD5 | f526172de1566b34fdcea744710d9559 |
| SHA1 | 000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d |
| SHA256 | 8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940 |
| SHA512 | dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | 07be0a4dff43c8928d1570097edc3571 |
| SHA1 | 15d0cebd3874fa85427c8375b0dc9d11ce22d92e |
| SHA256 | be611533aae69fba429395444345dc5cb8e98a2340fabdcd2700b26507fed005 |
| SHA512 | 59daf693a582a943f1aa79ac55086c09701f954e886babdbd479f653437bcd595dc7a6994c76fec7762f3660ba980b8336c634556dd36f7e3e8eb5580fa44a74 |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | e93af0fcd4f3c178731930920dbb8389 |
| SHA1 | ce58b6270ed2f47cb73e2eebb785576726114fa5 |
| SHA256 | 21bb04c1fd7568492e02148a0e01b1937eea407edb66fbb646c27366b3d9fd64 |
| SHA512 | 9c652d578722264cced7a75630b5a8bcd3e940414c26bd8d86007fd43d94eed0b6fcfae038fbf6e92ebc377ca59a228c88d4f98b7557da8da989b02a635f840d |
/storage/emulated/0/backups/system/.confd
| MD5 | 1c8872cc763afb2f791a9347e8dc895b |
| SHA1 | 92d9e156ea2640bdaf7e883cb8e4e11264e381ab |
| SHA256 | 72d1e0672f5346f5904aaa5cb09085dc2b71bc594034760bce25fe973fccb80e |
| SHA512 | 58327074c8b6442221caf181c2f979714d98240c4a8e43ea41b10eb11f67d3941731ad0ac0a6edfe49f2fab2081f4e8cfbb22ffc2652648ecc594054c15d8e00 |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | 95352c6e5bc59ec829c642c8ea44e8df |
| SHA1 | 71ed49457f65cf173972292a55ca7d563048f0f1 |
| SHA256 | 219c7f6d93b16e1ad290f301e0ae29a69b6f238e3def2a2dddcb4fb9336a0957 |
| SHA512 | ab3d720cc4b30d75c0ab7de358d7937dd9cd8a0b51e09c9bea824f944cde77a4ab805a140cbebb3210998954c0aba3ecad31e0ec33d0e242b0c69d028777e86a |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | 44555be29f1b7b4db3f9b40e0f745a74 |
| SHA1 | 5f30f1d91189deda769057e517e94c6e7de6a7ad |
| SHA256 | e1ba7f75302ed2dea24e0a15ae61817a3c1699b585e9e84e0ac91fc997081a02 |
| SHA512 | 46c8fea2a4818bba2883f0c0d92a45ee9b4ad59981e049e7c965b675718c3f1c4b824cb77bddd24adaccf020e12e041dade2cf5dc632b1dafa044599b59d2c58 |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | b3a6318b613652da71174b2b78f0709c |
| SHA1 | 376e37b62fc205203d66007a21280a61ca5ea1a0 |
| SHA256 | d3386147cb8e18f21e280499835b551b81926811cc8cde099b906488ce07b8c0 |
| SHA512 | b65ba4c3e72d3b23e665e69a5ba97785102243906213084ece706174c39331e885d5651d92ce713ab3474341aba04d86b534868380ad54dc72f38ba131fd230e |
/storage/emulated/0/backups/system/.timestamp
| MD5 | adecf6f72b28b9a2e2e953ebb3d8b4f7 |
| SHA1 | 71be2e43de7b45809a4c64d5936cb2c9e768e959 |
| SHA256 | 5449cc61c52e16833b2cc4a8d00099c006a21e513963acfa413388f00aa60845 |
| SHA512 | 344b2aed592f8dfbba0cd9240254d338cf75728f0beeeb9365c37d34f5ccc383ffe1291c1fb1018b219dd373ae2a9dd6fee63828a1c7591d6ae61a575493018c |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | 4c3da2207fc1f7148720ae56b31b649a |
| SHA1 | 249116f53bf1c7d86d16ebb0dbce84ac73caaccc |
| SHA256 | 3817dcdd4f6f559edfba06c9c780a8cbffc2929b918c2e7104788ecd47c36470 |
| SHA512 | bf231dc2eac77124647d2745e3a3784cb262cdd1f03f8a37417b40908ae7578e23e4ea768e62996cbf89e3f06306c1c21e2ccb081b33d54820a0ec58e2f675cc |
/storage/emulated/0/backups/system/.confd
| MD5 | 915b14670a6e358714ac6afe9458360d |
| SHA1 | a80bce9280db4aa28fa17f27bebdc9c1075ca964 |
| SHA256 | 03024cb648aea2f615db16ad719bb230e4f7ae7b54c47dac309089821c45fd28 |
| SHA512 | ca97b5a8f52446894d36feae7d8d3a76e0d361b914027705ee564ab7b4855faa7faac702ee3d1542a9c2c253cf60fc6e0c1fc517f998b1b92559c36a6170180a |
/storage/emulated/0/backups/system/.confd-journal
| MD5 | ea6070b1e0298f0ff7e4cae6f3210c65 |
| SHA1 | 2a6aa864c8dcb73c905ad7988fc40375b50e0048 |
| SHA256 | 8c5fb11eddd2570733939424ae12e7b5f9b16a41a24c3aef2dcba85e019514ad |
| SHA512 | cdc6427af7a6935e4509f175b9bf535ed50f73014d51169573512d9f1ab8802ba68fd638d1dc8ba2a591258bb87103a794c62c275155214bb3e4ac761afe8c49 |
/storage/emulated/0/backups/system/.confd
| MD5 | 7cf0f2cb88ec7c7aeb4773ef20a32385 |
| SHA1 | f4f9fa5da93a328be0625b2de3085c6d0e6ce22d |
| SHA256 | 1410d6c2b9fa2a2660b9c26adfdb2382ef6080a6dda75bd64cde57256afc8ff2 |
| SHA512 | d01b3b067562966baa5ecd61fe97b46a75be12b6c82a60f43374a73cd745a80ce1aaf5ad15733a278e06d3cdaaec98edf6e0e905f0b52a9694f4d3058d6403d3 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | d1fbfe24429e140917033d4c89793e56 |
| SHA1 | 8d71311d42087cb2160482a94a6a9416071f1fad |
| SHA256 | 9b80ff66a73d06eed9e9ba5b340318ac924e8f419e72de8742498b57e083b57d |
| SHA512 | 59029de71d6bbb4da7a4526bf43220d9d15d8703ec63e9656e381ad2cb3337083278b5b1fd7e7e5b0208857c4f37f755badd5ddf2caa379d0566b2b4ee7580b1 |
/storage/emulated/0/backups/system/.confd
| MD5 | b49384801a4d8c08319ef10cbff0c4f8 |
| SHA1 | 603dc0785a48eead9fe67df1bbe3e3cfe66174e6 |
| SHA256 | 86d704392b7eb2da3775739d2564a68d2064eb581ab5cf73dc46cc1d576eaee4 |
| SHA512 | 1939a3e2705e4bb518dee0af129bc74e3d52dc2de0d90688285053439706583c08edeabd62e956b6fe7b7dcc1c55a602127ee4be686dd59b9edf9047a9ca1340 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | 0667efa32b775087078e0580f333a06b |
| SHA1 | 5864116b503dd2a0ab22b859e8573078f7ff7645 |
| SHA256 | 0e479b6325b6848b3779bdab2b1c5de2a8f59994d096bb9834955ccbcd39b36c |
| SHA512 | fdd5e9e0ddc74347e2d167e0770f6c1ba03b74dfccf405ed4cd9ac51ebf446f430d2c9c5a4d78c1454c136f56b9f4d40ab821127f035e0b2aa00ec4cc121d26c |
/storage/emulated/0/backups/system/.confd
| MD5 | 2d37ab737ee3c9152c07b5be41d89034 |
| SHA1 | 24a695ff3ac5f16e2b4e141310004e0b31078498 |
| SHA256 | 71d76cf763bf1402533e31df34b3ada9d48e93b4c5a698824df77509ee0f032d |
| SHA512 | aee61420ede0fc9b502efdf067b56081be25163d0747b176b3ebc33f3e4afef2d16fe92d75fd5fdd3e4d44672db775653e47a4b2c95bf4b8e895613e9c34c644 |
/storage/emulated/0/backups/system/.timestamp
| MD5 | c095defab51592e65b601fefe902d1ea |
| SHA1 | 7c5c969c258688025fdfec97dfc96399ae7cbb4e |
| SHA256 | abb327012812d3c84ad4d80bbfe901a1da82ca1095d095b61beded23b3518228 |
| SHA512 | 3136b1b24f26d67920d18a587d2051964eaebda6c42efd6c46d29feda6b63b7f1d2569f286039a12a00381b80d9a55d2dfd1ada84e97776e725db9470792986d |
/storage/emulated/0/backups/system/.timestamp
| MD5 | dcd73d5b8939977fb709b0560dbc142d |
| SHA1 | 5fcb60120b08a60f39bc269f7fd7e7340c4bcffd |
| SHA256 | 351323030cfbee1295043cd48770ba4a7e2a55ab9ab902b9d695939016d920a8 |
| SHA512 | d80df575a03e70139c82ad641fa1a82699a60528ba8b1b3454a2920092027b758e358903c8382b986116d892a6c48e8165ddff085efa452952cfbd71f21eec9d |
/data/user/0/com.bxkj.ejrzp/databases/bugly_db_-journal
| MD5 | 3f9091f50d5e1545be237ae7557ada19 |
| SHA1 | b4fba12a001402ecaf495f6f68d246e4448b4738 |
| SHA256 | 9fd97e86d49c5767dcac21b946293be39eab6710b1bf9b6d9d3a65171d6b14f1 |
| SHA512 | 14529c0b25f97509b9d8ca28312c1f3199d22e328b9bf1fd0ee881b3eccb43be527393355a57ca5c81fc65cb449bea5b85a47ee600e09d3a01ab1f61216cb0aa |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_cf
| MD5 | e235f598ec65898dd591a5d2d2e88f14 |
| SHA1 | 9eb49be0ba4bd769d861ff90d4452ea37d412c7a |
| SHA256 | d2a8e4d7f6e511776d29f93c59319321c82579a1561423657b3023b0ec78fedc |
| SHA512 | 010b4b5eeb42ce2f1a3c04f774fd0ef35cf6197f17bdafa8bec57ad637a933105d70f7c827193523b3c1f29fb10e8d28e9eb632c528f1547082a9417f8bd9478 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ri
| MD5 | aa88eff00258e388c1b3bc6db5fa3bba |
| SHA1 | 1416d776c02ea64f9cd2d50669fa5a89b9cfbca2 |
| SHA256 | cc335d339b6872259c4497a6fe5fda056259c4636f00203aeac9774e107b68ef |
| SHA512 | d387ff6c043b52bb4d895af6056f31a9d9ad5504c1908cfbe91c2efe849ff4a11b016e6357b035dd325759cacd8c616a597c948675e3f8bd924fb00dcf00491e |
/data/data/com.bxkj.ejrzp/files/.jiagu.lock
| MD5 | 2d94ff27f9d2d41d4164f12217e75bcd |
| SHA1 | aa55332820fc1698f5057f8e707cb5804811045a |
| SHA256 | acfedc8881c139d4721a7734a3f1843f0cae2637509f086f8f9d1ed57c4cc377 |
| SHA512 | 5461d9946e68e5d5c254c8fb256c1772f03d7840bbf3afb5120854fe7ae252877daeddd954bf7a77f255e55eea44a95cfe8e18609a8c17ab913a8f821306471e |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.rd
| MD5 | 1aec5b0bb940c7105283c1e03cfa3a66 |
| SHA1 | 4319ff2e5747d12882324912c1653478a2aec39a |
| SHA256 | 5a88c532ce66eb7abf144badd0df1ab0c84f2798c63fb5df209247bc804fe32b |
| SHA512 | b147130a63329e740c57fc90528612aa85b6bb2c0a71d6afc20c0d5af589d6834adcba1e7b40c33e6069444449093e539be7b7926f7f2f6691b0560b28a91874 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.store.report_pid
| MD5 | 9f8af7062d0a331c3bf93d8a44ff7e5b |
| SHA1 | cd84f10d72646098d6e10e027fe014335a86a25b |
| SHA256 | a6a672fe1122d253d8210fcd7b9a6d938647571a8db34d01827c8482793d8bf9 |
| SHA512 | a75bc8b29f2143d63111e1f0118b03acfe70db5d4e7d8b1c66ebe176a57a19f7565c4a788d9964ea4ff1ee75a657a2321d1f6df7f9b30efd44d5497e5037aa60 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.pk.h
| MD5 | 1162ec544fae2170644a9c1299238b4a |
| SHA1 | c6c1b2d2ff034b57e0106eb76ed3771912c40a6a |
| SHA256 | 4d2303f99ff2d56effe89063b24fe6ca51280ed79222f6e38aa8be7b09e9ee62 |
| SHA512 | b9641c757a895f910af43180940d97239e2b574b7ed6e34cc6d5721fe64c56608657cc288e7edd84b1b7c8b03c0a45dd588adaf85c2ac27c91a5ee770eb0127a |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.pk
| MD5 | 0a31e45ae296284542eb3b874f15e3b2 |
| SHA1 | c64dca85215b2768986067b38933f67aceee642f |
| SHA256 | dfe4841e5db7dbcaaa016f3dd799082f3ce8db5f4c68fe1f3c4c67fc3f9fb92e |
| SHA512 | 1ff663942ee61ae8cc4c2bb0e9a06bd777b518295510283362f0127bbf3c3e3fe25d57818f26737650d6d6f2b5e56f5b4f4270b50c3df554b6d42ab80a725080 |
/data/data/com.bxkj.ejrzp/files/.jglogs/.jg.ic
| MD5 | b51b086137c7b63149909ce4ce4624a4 |
| SHA1 | d0d63931d62109df728bee31e999ad5722d38d56 |
| SHA256 | 1de96480095139dd28d721c54266bcb8bed3318ff921f1e5ce5bec1a18ab897e |
| SHA512 | 629368dd2b0d9952493d0eb1df441860626c0cb76faee5ddd2c7c8bfeaee6cf780a3e3f8c83be6ee9eb0a409227a9a46b2caa6e8b61f0bf6ec067f9e6d62008c |