2e460f98b6b6f43256567a633439f180f33f6211a69f218d5d8cea5a4130a349

Analysis

max time kernel
178s
max time network
183s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a4ce342252048914a9c9ad85b69897ce_JaffaCakes118.apk
Size

20.4MB
MD5

a4ce342252048914a9c9ad85b69897ce
SHA1

965a5a98e050eb7968868cb6c267dc68bd2b2f81
SHA256

2e460f98b6b6f43256567a633439f180f33f6211a69f218d5d8cea5a4130a349
SHA512

55dfed35a4b4e293fa08055a48f5c6ad3693f47c697d4cdc47cd8ece2da1c1f87730177cccedda3e994582e8ea3244831742d5fefce38335eb00452ecadef916
SSDEEP

393216:m8RR9Ciq8h+rcr3b9i3LobolaxplYp+IXxd+82qxqIx4c0uR:mMsiL+yb9cLraxplEsfqxqIx4PI

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs
evasion

T1426

Processes:

com.jingyingtang.hryun818:channelcom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipc

ioc process

/sbin/su com.jingyingtang.hryun818:channel
/sbin/su com.jingyingtang.hryun818:ipc
/sbin/su com.jingyingtang.hryun818:ipc

ioc	process
/sbin/su	com.jingyingtang.hryun818:channel
/sbin/su	com.jingyingtang.hryun818:ipc
/sbin/su	com.jingyingtang.hryun818:ipc

Checks known Qemu files. 1 TTPs 9 IoCs

Checks for known Qemu files that exist on Android virtual device images.

evasion

T1633.001

Processes:

com.jingyingtang.hryun818:channelcom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipc

ioc	process
/sys/qemu_trace	com.jingyingtang.hryun818:channel
/system/lib/libc_malloc_debug_qemu.so	com.jingyingtang.hryun818:ipc
/sys/qemu_trace	com.jingyingtang.hryun818:ipc
/system/bin/qemu-props	com.jingyingtang.hryun818:ipc
/sys/qemu_trace	com.jingyingtang.hryun818:ipc
/system/bin/qemu-props	com.jingyingtang.hryun818:ipc
/system/lib/libc_malloc_debug_qemu.so	com.jingyingtang.hryun818:ipc
/system/lib/libc_malloc_debug_qemu.so	com.jingyingtang.hryun818:channel
/system/bin/qemu-props	com.jingyingtang.hryun818:channel

Checks known Qemu pipes. 1 TTPs 6 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

T1633.001

Processes:

com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channel

ioc	process
/dev/qemu_pipe	com.jingyingtang.hryun818:ipc
/dev/socket/qemud	com.jingyingtang.hryun818:ipc
/dev/qemu_pipe	com.jingyingtang.hryun818:ipc
/dev/socket/qemud	com.jingyingtang.hryun818:channel
/dev/qemu_pipe	com.jingyingtang.hryun818:channel
/dev/socket/qemud	com.jingyingtang.hryun818:ipc

Loads dropped Dex/Jar 1 TTPs 21 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.jingyingtang.hryun818/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/com.jingyingtang.hryun818/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channel

ioc	pid	process
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex	4293	com.jingyingtang.hryun818
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes2.dex	4293	com.jingyingtang.hryun818
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes3.dex	4293	com.jingyingtang.hryun818
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4293	com.jingyingtang.hryun818
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4349	/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/com.jingyingtang.hryun818/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4293	com.jingyingtang.hryun818
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex	4428	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes2.dex	4428	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes3.dex	4428	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4428	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4428	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex	4672	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes2.dex	4672	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes3.dex	4672	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4672	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4672	com.jingyingtang.hryun818:ipc
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex	4812	com.jingyingtang.hryun818:channel
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes2.dex	4812	com.jingyingtang.hryun818:channel
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes3.dex	4812	com.jingyingtang.hryun818:channel
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4812	com.jingyingtang.hryun818:channel
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex	4812	com.jingyingtang.hryun818:channel

Queries information about running processes on the device 1 TTPs 4 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.jingyingtang.hryun818com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channel

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jingyingtang.hryun818
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jingyingtang.hryun818:ipc
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jingyingtang.hryun818:ipc
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jingyingtang.hryun818:channel

Queries information about active data network 1 TTPs 4 IoCs

discovery

T1421

Processes:

com.jingyingtang.hryun818com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channel

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jingyingtang.hryun818
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jingyingtang.hryun818:ipc
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jingyingtang.hryun818:ipc
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jingyingtang.hryun818:channel

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 4 IoCs

persistence

T1624.001

Processes:

com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channelcom.jingyingtang.hryun818

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.jingyingtang.hryun818:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.jingyingtang.hryun818:ipc
Framework service call	android.app.IActivityManager.registerReceiver	com.jingyingtang.hryun818:channel
Framework service call	android.app.IActivityManager.registerReceiver	com.jingyingtang.hryun818

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.jingyingtang.hryun818:channel

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.jingyingtang.hryun818:channel

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.jingyingtang.hryun818:channel

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 4 IoCs

impact

T1471

Processes:

com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channelcom.jingyingtang.hryun818

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.jingyingtang.hryun818:ipc
Framework API call	javax.crypto.Cipher.doFinal	com.jingyingtang.hryun818:ipc
Framework API call	javax.crypto.Cipher.doFinal	com.jingyingtang.hryun818:channel
Framework API call	javax.crypto.Cipher.doFinal	com.jingyingtang.hryun818

Checks memory information 2 TTPs 3 IoCs

T1633.001

T1426

Processes:

com.jingyingtang.hryun818:ipccom.jingyingtang.hryun818:channelcom.jingyingtang.hryun818:ipc

description	ioc	process
File opened for read	/proc/meminfo	com.jingyingtang.hryun818:ipc
File opened for read	/proc/meminfo	com.jingyingtang.hryun818:channel
File opened for read	/proc/meminfo	com.jingyingtang.hryun818:ipc

com.jingyingtang.hryun818
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4293

/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/com.jingyingtang.hryun818/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4349

getprop ro.product.cpu.abi
2⤵
PID:4395

getprop ro.miui.ui.version.name
2⤵
PID:4455

com.jingyingtang.hryun818:ipc
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4428

/system/bin/sh -c getprop
2⤵
PID:4623

getprop
2⤵
PID:4623

com.jingyingtang.hryun818:ipc
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4672

/system/bin/sh -c getprop
2⤵
PID:4733

getprop
2⤵
PID:4733

com.jingyingtang.hryun818:channel
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4812

/system/bin/sh -c getprop
2⤵
PID:4858

getprop
2⤵
PID:4858

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex
Filesize
4.2MB

MD5
afd5d36ed27df25fd3003b1154336c11

SHA1
495ae61db259df44f1ae5aae2a4d47592379f918

SHA256
e354e6d5be7892463a456bcc34bed6add0eb13e41521d427fbffbb40ee8b57b2

SHA512
a92507581cd34b075a85317bc3d6fe7811809d26495785917ed742bd2880930794283652e5e4c4a482c01100b6d496a262f29650b8ad1cf4c510dba5ac3d1915

Download Submit
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes2.dex
Filesize
6.9MB

MD5
9a8727e1061cbeb0b2648103aef6186b

SHA1
02f8ed339f1b5cd9967ac521d19be087b3d970c2

SHA256
1b6eab5b2ca5978984ef9644c2801787b9cda737d7252db809a47ac948bd518a

SHA512
44f7013218f94222e385871ea3629433538185801090655f01e3143bef5e32464ebdd97dc4786f17bb3f309f7c615a4bbde766c431de990db2ebca8cf87bd645

Download Submit
/data/data/com.jingyingtang.hryun818/.jiagu/classes.dex!classes3.dex
Filesize
6.9MB

MD5
faac49c95ca0eaf51f712e151181293d

SHA1
30b3cc1cf9fb81349e1723fed4cb3133fa875cdf

SHA256
a87a7952d6649b6262cc9c2ee5c94611b672e7ff2436c74bf335440639b58f28

SHA512
e39f497c47967f110c8460fae01e3b6517c8b5dfa540f623df80fb8deffb1b77959f7960d96c5d158ac63e726f353259cb97eac1377b55b84a251fee7d6d0c99

Download Submit
/data/data/com.jingyingtang.hryun818/.jiagu/libjiagu.so
Filesize
487KB

MD5
610a895c4a71bbeeaea16eddb1422bbf

SHA1
9f919de42ed1e80bfadfef48f8202b202166f869

SHA256
baa349e9b5a47be21b6ea00ef2e0c0c5dc203c0e4c391dac46df07ca9d333217

SHA512
ef4173ba32309ef1257b75bcff28fd44ab14398577b4fb3b6b95323035c964201ed39546cda3b7115ba5025781f3b9c018443e7932edd50a25b1be60359f80f2

Download Submit
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex
Filesize
17KB

MD5
96d0dfa1c18ebeb2e47e0a71ca53a2d0

SHA1
9c09b55640afa8898d5a6c2efcb1f13a11c5437b

SHA256
a6a588a5dc475ef1e37a99cc758d7ea9dbb8992ae74bda7daad50907061c684d

SHA512
74f75fd6efa1a934f654b049dee5bb9442fa0e36c3cfc0fc71dfc30e6e0a4a03547ba3287b06aba4b35c3559f4d3029fb80813175222ad34b1352ade5a474013

Download Submit
/data/data/com.jingyingtang.hryun818/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.jingyingtang.hryun818/app_crashrecord/1004
Filesize
234B

MD5
a2be7f1dc8a7349d22b8da328f32efc7

SHA1
b7d457a35966ccc4a189afcefd2b872c0f93f150

SHA256
ec21d1ed14a1d795eae1dd7f0bcd21f3f509486de7159b2a41f440fca1c6db12

SHA512
1106cfa209f366ea5d69208bea30d531ada7df9a1fdd8f9611137c98b7fe3c9be11996073cde34b60e1c93cf4ad7cc8ad64e448cdb3b6f2d8a69784b714f4815

Download Submit
/data/data/com.jingyingtang.hryun818/app_crashrecord/1004
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.jingyingtang.hryun818/cache/image/journal.tmp
Filesize
512B

MD5
b84cad6e2be64164d116698122ae0fe4

SHA1
91d849b7732cf65df51bba62c06dae1be3639eed

SHA256
a840240f26635d20be72d13db1ff6e5ffe90a8354e148a9b1d00decc071d3409

SHA512
d568a3668c24659e51bd5eed9a224eb2b50bba1edf05be0e3d7cacca15713afc48a3d90ad98ebe02a9aa06d9f8f05d0f338dcc23f61b7902db0c20b8b13be947

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MessageStore.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MessageStore.db-journal
Filesize
512B

MD5
4ff9feea07afa1dc503b081c2412bc67

SHA1
545d7b874500416cc7e7e705bbdb0881efc4780d

SHA256
62dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c

SHA512
ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MessageStore.db-shm
Filesize
32KB

MD5
3dae08244679dc4d4f67d2e4cee312a3

SHA1
c8d19dd04c0cbc5329a5850cbff487593d74678b

SHA256
9fcf0ae4899916b1b944864367211ba2e7debbb407a162228c16df1acdc5ebbc

SHA512
38c8218087e38cb3d7bbb2ee5e2499c45a0c37f8384acb588750dc416a35de94af38aa5c09be28931d489fe7bb066638b79f127299324cac198ad34a1de1902e

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MessageStore.db-wal
Filesize
48KB

MD5
c49550347ff83591013f4e8930250f38

SHA1
c7fe96a7525cbc9dbf5bc3d5a12cf830b917bda6

SHA256
c7e35b112c3974242c9e3df80e05f5d0d58c165530a463eae7231a3237bc1be0

SHA512
862c030b6077ba69252e165d7ab48a69f4164d83bb14ce5ab33e395ad6c63db8b01d8b05531b749b336eee05d776e8e3a111deb3a58399b642e6c04794a41b30

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MsgLogStore.db-journal
Filesize
719KB

MD5
9c46406049ac9055bc7fdf224a0e406c

SHA1
9f03aa5d15e707a1ca1b0576978f9d44df4285f3

SHA256
449c7cfeba0d7a7831930b4b83ec063f7c3e8406f1c41b8d77aa4511dff67f7f

SHA512
2574af609278db99ae777243abef5797ca15335d9bf0071568ef64b1572bce1d1051f3f0a39ae55404b8cefb09a4dc1c5eae7547b07f7730b7a43f66b0117305

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MsgLogStore.db-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.jingyingtang.hryun818/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
a3ceec646a217cfdcd5bb330a38bc94a

SHA1
3d8682f422fb3c68f7de38a8539beb1ce26c04f5

SHA256
3afb4bf8401caa6c065a60cad4ff9fbff9b54d4929eb0339934eab602d333e2b

SHA512
461f9ea48d44cba78f7aebcc16af675f0b30be8b2fe45e734b79a173542f21fd9f07cf7cdfa015b6ac1210490b32601b37aecf68cddae767dc87888c3b3ce630

Download Submit
/data/data/com.jingyingtang.hryun818/databases/bugly_db_-journal
Filesize
512B

MD5
9ecaeb2ce668ffb7eda724940c7bf4b2

SHA1
06fbe9485d7005b9af4ddbbf9b21c21c6ea023c2

SHA256
430cc093fdd4db021d85cb1635dd6c0f28e3c3feccc3a82d564415035f5042ac

SHA512
c94cb2e1a163eb048f3302bab28ff47a3561e8ee53b735a693ddff466eee9c27c42ac1e7e0023f56967e2abf457fe5faa1a8ef48457769995aba9b13a9118468

Download Submit
/data/data/com.jingyingtang.hryun818/databases/bugly_db_-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.jingyingtang.hryun818/databases/bugly_db_-wal
Filesize
68KB

MD5
ff66222057021297c7aa7b4012d133ae

SHA1
84887388f1c10f09c6a972453534dad45e9b5201

SHA256
d911bf1db1b2c05e7123df6fac821fa2191bf722b773fd219fa524b765f0f369

SHA512
358fc3ce49305fb0ca7b774cffe63557ace81aa80f6849379e40ffc6b63df2af574dd8f1b55e1ead1bf8cce484ccf3cd8a63bcb889c1c38df4ebe17e6a3301f9

Download Submit
/data/data/com.jingyingtang.hryun818/databases/bugly_db_-wal
Filesize
193KB

MD5
85acaaa8506d7734f2a417a1610a4afa

SHA1
7a3e3d6c3be8f3a9a745587337f52e79b8d74bdc

SHA256
38f2fc5345e55372c7eb036bfb1cdc43ba5119d60fbce0a1088b6d0f56a8672c

SHA512
ad506e65cf906908f752207104ac588ae94dbb46b618b90b6bf1f20c8e71e03acb13bcbb5b7a1401a2d50b6c3686de7d1ef678d6b9b23d784f77d7d3b164a69f

Download Submit
/data/data/com.jingyingtang.hryun818/databases/message_accs_db
Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/com.jingyingtang.hryun818/databases/message_accs_db-wal
Filesize
48KB

MD5
376a5a34b0d4273165d8b674723f4ee5

SHA1
3b52e1ae01ccb1a974763fa7b42e8bc3fb70e311

SHA256
7601e7522e96f49fd1594444c37f7f800a27954fee13822b30592a8ebb551ceb

SHA512
f999b00688d4f65d3383daa0861d6d8bb91c2fcd0702a24469ca1ab7e399fe093a207f9229242e4f46d0f4bf68f2b222bb2e4d8220fee0be7921dd28e77a4da6

Download Submit
/data/data/com.jingyingtang.hryun818/files/.jglogs/.jg.ri
Filesize
307B

MD5
b51d9b594d9cfcd86d545ee93fa705ae

SHA1
e52406a2fc8c4fcfa12a135f973a32d74797bd74

SHA256
82d122b6364f3a4fe2d8af2a1e6ec7bdaa3cb0347dce9064c974baf9a0a40069

SHA512
749f58d0ca1e82c333e2be7a73251f586db04b40438f70d4d68586aaeb662289d0ffb3ac1fac91855074db51cf57fb8faf76d2a60591b0b601cecdea3f00e8dc

Download Submit
/data/data/com.jingyingtang.hryun818/files/.jglogs/.jg.store.report_cf
Filesize
242B

MD5
4ef0ee0f8d2c73f61a4cc0d14719c85f

SHA1
eabcdc15fe1b3530d68dce68399f00b136faf46a

SHA256
bee2289a8a8d48f4c56f9d478dc4564251ce911f08efa1d228699ee850c769c0

SHA512
a961c7d8bc4b20f2d97b078c3b8a2189abc8b0badbe98c26a64a5ab49cd64eb8f7bce3cd5da2e42741a56bd8199bbe2f474c7990a2f20810f13ab53ab1d50707

Download Submit
/data/data/com.jingyingtang.hryun818/files/.jglogs/.jg.store.report_pid
Filesize
32B

MD5
caaac767bf0481baec3562448da28bc5

SHA1
56d189566d25afc91fbda9bf5e5e32e7b4e7ba76

SHA256
3f6ede5b5d1189cfcbf48c2a4321fcddec7a38fe84446718a38ba133ec565b11

SHA512
bf781732c51e3f193932e8be0279931e33344302379a6d6a311fc8dc30d5ea4d88ea65d3da33cdd820c1f5bcc4615935a6ea9d4b0cb5eed6d20bc8e3f510d4cc

Download Submit
/storage/emulated/0/Android/data/com.jingyingtang.hryun818/files/rong_log/rong_sdk.log
Filesize
32KB

MD5
e18efe77d9a682599b6400dc9de07b0b

SHA1
75a3a1d0283a6f77c1a88e1f8bbe09ccc53903dd

SHA256
47379a781675c31c447c0371ef98627eca74bb43f54924f9fc7a66f9befb6793

SHA512
c1a48f52f9c9e31f29b64bab8df44d22392aff07048ae8c9f141b94ffbf90380069038c640e45e12272aef4e7f82f26fb766424ae0c893d477bd9b48997e3262

Download Submit
/storage/emulated/0/Android/data/com.jingyingtang.hryun818/files/tbslog/tbslog.txt
Filesize
28KB

MD5
aae16b802a785409f4903a9a1ae8d51a

SHA1
3d2e4aed182f8b2deee0c8a08ac2ae757504b2be

SHA256
215c40d4bca65f7de1eb64e64c0850bb1dac7bc6fe36142c9649eefa2b6f7063

SHA512
078d47b0b1b15da02f4966f9122b3033d9f489dcf3f3e3623d1c24757c90fae9a644e6da23d4878c58d162e05d8f11fe86877d08238d678b73bb8b0c4ede5dbb

Download Submit