Malware Analysis Report

2024-09-09 13:22

Sample ID 240613-kdfxcavdqr
Target a4a275675c82503a3bf009d491539649_JaffaCakes118
SHA256 b486f9394b5198f64fe01435f3c764e08c85fbfc4f44c30d11bc0628cd8b4755
Tags
collection discovery evasion impact persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

b486f9394b5198f64fe01435f3c764e08c85fbfc4f44c30d11bc0628cd8b4755

Threat Level: Shows suspicious behavior

The file a4a275675c82503a3bf009d491539649_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

collection discovery evasion impact persistence

Queries information about running processes on the device

Requests cell location

Queries information about the current nearby Wi-Fi networks

Reads the content of photos stored on the user's device.

Requests dangerous framework permissions

Reads information about phone network operator.

Queries information about active data network

Queries information about the current Wi-Fi connection

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 08:28

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 08:28

Reported

2024-06-13 08:32

Platform

android-x86-arm-20240611.1-en

Max time kernel

179s

Max time network

189s

Command Line

com.gift.android

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Reads the content of photos stored on the user's device.

collection
Description Indicator Process Target
URI accessed for read content://media/external/images/media N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.gift.android

com.gift.android:thirdService

com.gift.android:pushservice

com.gift.android:remote

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 sapi.map.baidu.com udp
HK 103.235.46.245:443 sapi.map.baidu.com tcp
US 1.1.1.1:53 m.lvmama.com udp
US 1.1.1.1:53 api3g2.lvmama.com udp
US 1.1.1.1:53 hxqd.openspeech.cn udp
CN 114.118.64.119:80 hxqd.openspeech.cn tcp
US 1.1.1.1:53 data.openspeech.cn udp
US 1.1.1.1:53 redirect.networkbench.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 117.48.148.47:80 data.openspeech.cn tcp
US 1.1.1.1:53 register.xmpush.xiaomi.com udp
NL 20.47.97.231:443 register.xmpush.xiaomi.com tcp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
US 1.1.1.1:53 sdk.open.talk.getui.net udp
US 1.1.1.1:53 sdk.open.talk.igexin.com udp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
US 1.1.1.1:53 loc.map.baidu.com udp
HK 103.235.47.89:80 loc.map.baidu.com tcp
HK 103.235.47.89:80 loc.map.baidu.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
GB 172.217.169.74:443 semanticlocation-pa.googleapis.com tcp
GB 172.217.169.74:443 semanticlocation-pa.googleapis.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.112:5224 sdk.open.talk.igexin.com tcp
CN 183.134.98.76:5224 sdk.open.talk.igexin.com tcp
US 1.1.1.1:53 sdk.open.talk.gepush.com udp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 154.8.188.31:443 redirect.networkbench.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 123.206.5.129:443 redirect.networkbench.com tcp
CN 183.134.98.76:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp
CN 183.134.98.112:5224 sdk.open.talk.gepush.com tcp

Files

/data/data/com.gift.android/databases/control_provider.db-journal

MD5 2f256aad1511604d577b7d51674a67a1
SHA1 1405707759f147332d61df8babfa7ada13b420eb
SHA256 b86993665e4379f0ed2ad1981db932fd25581d1655c3c7fecc661061261e107b
SHA512 839bf736ae95deb17b7feabee809c630f1da752e89adfce1cdc87a90fd77d50e3dcd7d93b2ba8ce5349318024469241142ae79a035908872c243a54a536456db

/data/data/com.gift.android/databases/control_provider.db

MD5 b2bf4fa5a823f6aafde57f57bbb80c3b
SHA1 edd58668d1a3a0f587a3b1044cb5e92dc196b593
SHA256 d3c54bc471a28e61e6c4dcedf58e1e472b605bb7a94ef8a06f0d11b2e7b18b2b
SHA512 96f4672bfa630f70d75cf6d2e79ee02d3178efcf3d651529e9b8dac81c640eabd3bd089263c2432cf87305375b7a2fef37f1dab7511f4c37b061e4bf912fa39a

/data/data/com.gift.android/databases/control_provider.db-shm

MD5 bbe181493e138794c196e1776210a498
SHA1 b70cdae620be6c2ab1f452ff2bd72394a6d5e4eb
SHA256 33cf8a81ad90271edd297a68362749735bde77b6b9b9ffc757c3e52ac96107e6
SHA512 6004062834de9d03485185307412ae6a765d99f6f9ee213f1c269e093a0c15814b46c4256a08769080edd272ed1ebf750ae1c63e2a4103673472951db2d9fb65

/data/data/com.gift.android/databases/control_provider.db-wal

MD5 d8e52ee9d1f7b52d1d49d064a41fd62a
SHA1 4f796abd5ee1bf02bc9d54ce1529db475d60402e
SHA256 8436d9a26f11071723966f5ab4c586cf4ad459b2d9fc74053d68b4f2f4322029
SHA512 a849aff82a7fa03c154b572ea5f41eca2533d9229af2baaebd9cca4af914e3ce29d12f9a9fd7f0ddf0d91c868d17de273f24921999672d3de74864a85746098b

/data/data/com.gift.android/files/ver.dat

MD5 8e31aa8d6b61e8b044ac3346e87098d6
SHA1 70e4050667039f00eb5231bd731b9f3cb5daf00b
SHA256 d2a616114953901b1bbbb79a9be694acc0aafdabc1df94f46002bcd6b75b3a4b
SHA512 2935b5e37639b7c631aac8d5073a200d56471b1a06858c0e3dac03e03a89758743b023cedd1ad703e8f775114b39ee0ca808165188c74359d6b1e47fa7e171d6

/data/data/com.gift.android/files/CMRequire.dat

MD5 b557f3500cdfa66f4e905248194caa98
SHA1 790282c4072a029dce57298c774770dde9772f13
SHA256 0e3297077bcfa105f4bec60a03567e986c648f89288c43ca39f31e3901675885
SHA512 232647a69300320b488c6d884f4a74377000933cf6e6c40bc0714249e2f2fcdb1011cfe90d637fe8708ca31d35c7abb6e353604f3db14c8bc2f3a7971d0245fc

/data/data/com.gift.android/files/VerDatset.dat

MD5 caaa975d7bf4952bd5dd695ade33f1da
SHA1 119373fbb2db036712df72ec9b26c0c2840dfbb1
SHA256 d0f94264a6b5c355dbf5c0516202c732bcae471a2401542b2ca43307727a0d02
SHA512 db2acdecd236eab67cb67151032f53e51c9c04e754f3c21d74e05cacb1ea5edecbbccbd66ee760624b9cac97b8dd77f568324e8abc2b9c16aa73131db81c8b06

/data/data/com.gift.android/files/cfg/a/ResPack.rs

MD5 0357e8edde36315c0e0a4f5385de625f
SHA1 2e6c6f15010e88dac5078f34e31a8ddf5e032f2f
SHA256 44764ad74b21113fb17b21899bd0d4c81740544e868eaad680553b3bd0cb016d
SHA512 497385b4e3b512f6a4365486d40bf1ed298422087f23a352ed2cec96331b9b012814ffba9c3ba83af5f777df16b53bbe1bf3ab8313902db49011f01a3024cf93

/data/data/com.gift.android/files/cfg/h/DVHotcity.cfg

MD5 883c30365d5d377966125dd0c079debd
SHA1 d296ec1e3f4badb6e3e6166c1473fb55d4265761
SHA256 50112e7ed210b33224fbe1cce568c8e95a14fb47f7d39ec905369e2feb9668aa
SHA512 00b1604e206a5d929071aa1cac99d83320eacdbb064d517973a5a36757a8a9eb8a103452c98f24e7c8d29adb4b2843e804bfdcb32902da7e364a0c30f8609b7f

/data/data/com.gift.android/files/cfg/l/DVHotcity.cfg

MD5 1c6abcbbd253448057930ad1cc59ac75
SHA1 a5845d1c4bc87b8b4785b456d76edcb8309eda4e
SHA256 a46b498ba6586aaa2f246bb34e47f4290ac60273cb86ff662475b0def7172136
SHA512 71aba5b2a1020d1925b3844c861cbe595de3b21d665eedb13f1ef0d80477fc091663e0625b09c5f49d4f9d0770970dd0d188b84635e9c75c1bdba9f2a7171631

/data/data/com.gift.android/files/cfg/h/DVHotMap.cfg

MD5 c16f5ca1517683c46e02a6b71aab3c00
SHA1 2d09a048d1b8d556d89d4d723947e9e234b5e59b
SHA256 13d4fbc0d1cb7c2761641a3632c440f6f1d919dce731b8c32cb35e652b0b39f9
SHA512 a692b79382747548fd8be8ed94c06198b143c167be1e96f60d8ea7ee9432a0eb1a0cd73d0704523e487d59443bf7ad13eb36e47b67864e227917d33225e3e62b

/data/data/com.gift.android/files/cfg/l/DVHotMap.cfg

MD5 cc3fad9057e0940ad4d4c7ad27922023
SHA1 403cbbcd7b819733b5caf49ed2a58d654441e99d
SHA256 f6d90bd8621889ab994374b4f51a1c3f9b028aab1a2129b8b3b0e1d7c5c37864
SHA512 ebaf2b8c56bc15826ef38b36e72ae41765fc723470c6dcc40bf9f31118f252777072ad39a535a79f53b6aa29811b4b21cebbc9810c47e34ef9400246d789ab21

/data/data/com.gift.android/files/cfg/l/DVDirectory.cfg

MD5 65685a117c72fe8fbf5a92b07073c99e
SHA1 b115b527f74e4c291edcaab19b316a446aca8f5b
SHA256 19bcea79613a5c3bb71dfe6b311241fcbf3534b538f0b147c7e849b58b24b2b8
SHA512 e5821a5212f0790db33ec7274f018b08f499557ff7f2f118021a7905573e8dd66e716fb02144919d96eeec7da9db921c756a88cf0a050f65a9f8de3894dcc253

/data/data/com.gift.android/files/cfg/l/DVVersion.cfg

MD5 d54b7b380a5ff46c78283013a07d8e0f
SHA1 f697c5f7028ba2679a96d6bc5291c38ff96d7982
SHA256 c7ad837b097687d92e0d944815fc70adcb0e1cdc82db28f728d13e8a48d7532c
SHA512 ade792589c33179c51305f201bfb6db28c05b2ea098d12bfefc1a5cf9bd3014d53830ce2e71f027719ee1b83b2394c7654b5ddf4fdc7f678840869d2a2787ef4

/data/data/com.gift.android/files/cfg/h/DVDirectory.cfg

MD5 4e9eab735928758b860e48b2f9befd7b
SHA1 7223dfdd00f8059d3b83c28c6f7d78d2dcaa0569
SHA256 1a5650bc57e525ff23c7f0cd058d4574142e772c51a89867a13f89e13b93d6b4
SHA512 c7465fab9518be687ee63cbe044f28a4d5c60f1c043fab0ec66a856b2b542c9d99d9ef5812c7eb2033f797805ba37b821572b83eeeebdaac4854a4bf53977599

/data/data/com.gift.android/files/cfg/h/DVVersion.cfg

MD5 298924848d2517a508f43ff0cc51bd3b
SHA1 b9fcde7b86653ead6deb57280a6049cf87745710
SHA256 0b6eb1f518059d8c472bab90091bb26d9ab877f6c70fac375412ff1582b8ca3b
SHA512 63b88c5b9b971ec52a5f724485d9998bfedb073e84ed63bcf0337e726923510d97a8ddf87371b5620f89ba788af01db58300638fff5031856c77dec8e18b4342

/data/data/com.gift.android/files/cfg/a/mapstyle.sty

MD5 46a9f9a5221dbe4ff71bfcd2ee045c5c
SHA1 915cb3bc2f0096dede38afc1cd7f09c8782360a9
SHA256 ad3067eb308a9420b727b4f24dc5134bc75b36bdda7a7a7c5651090698dd10a9
SHA512 185530752b639d743f99e28369f75626900420dccf598a639065ecb08c562ff98c4a1f6abbec9724d1684ed053774d60402cd2f20e3586a534c8715e7cec2ac2

/data/data/com.gift.android/files/cfg/a/satellitestyle.sty

MD5 3f1348cd6165c9a66a9892565c917ca1
SHA1 96f0c939438c494cf3fd89246d458e92c0c7203b
SHA256 5fbe3817e4047e14c40b567be4955d7579c8bf7b7824bf8370f5e194ebf9767a
SHA512 405c3d1d5f4899cf723509f8e293f2ca1d95a79f7892e93401309372335a6a286f2eae9ee9312f69af10c5bcabd091cd90608898a129542b0abe0617c500d023

/data/data/com.gift.android/files/cfg/a/trafficstyle.sty

MD5 6a86f30539dfc9332cd235fc48fcb62c
SHA1 5c202003f6346edb85175b8df7c460793f5512c6
SHA256 34bfd1e28c3625f50a23240c4b08ac50a90fd35c5e5f88aed1cf36fa8fe5e18f
SHA512 f63edb8270e6cd35e5c6896e2b9153144af0d29303e367a4fa81941b1b2bb0de57fa484badb7ec7f05ebdfa67d77b00c3651572c5f05e9314389887f5546d235

/storage/emulated/0/baidu/.cuid

MD5 d73666cd6d44f1371a3e2e79a773280d
SHA1 86d8ccd0349cf6e603a46e6e97de3e603f3a6367
SHA256 3d46ba50338b3edb6ee021868217e49dbc2c79e76ec29a17302d7cda2da2a56d
SHA512 58fae90325cc1bed32c9881725fec5a1680dc40d619e4a9ba559652b8a1cfcb75c05a7cab08ac910a2bd97521ed32fc529e8d3799c87faeacb7fa9a6fb37e9ce

/data/data/com.gift.android/cache/lvmm.db3-journal

MD5 8d8162f15ea2b05c1b31da9025d4f309
SHA1 604df7f4e46c3bc366a5a72297a1266c7e43df7f
SHA256 52e56fab7c779cfb9531e43f1dcb88958ebdd727b14a1c1dfcd719c5466011eb
SHA512 3daec8d6367480644ea6bf0792e55e3ab6c00c9cdd780047a0d3f0337022d7c58e4a2151f67900312fc29437cc987ddca3840d8fcdab4a7be45e09c038d38f41

/data/data/com.gift.android/cache/lvmm.db3

MD5 3bbba8f072ae329ea1a0ddf598da784c
SHA1 418a2212d9904c4a2db6b3c3b63372004c3e7c1a
SHA256 52d2fc6f5348811fdbadf6266674cfb99b0ddac950563b30f294dd3d958cb674
SHA512 b8bf3c75d58f30634fc71873c2eea9372f59ad72ea0fc48bfadee7bc21cedcd08d1664e360f127f06a46942b1137dfea797bd20d79636481453a697cb1db9525

/data/data/com.gift.android/cache/lvmm.db3-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.gift.android/cache/lvmm.db3-wal

MD5 38b7318d97d5eb7ff960631202c26485
SHA1 9f0e508ca97cb4203339c4bdb69724e075dcac58
SHA256 14b77b13e764a1708a01aba213b116881208b5212356be03962763339f9356cd
SHA512 4fd076c23e5f06fb242598d0de2dcfcca4fa773e8b24333d286349235e9eda221419852db303624c947c533ea7f6bb5db57be3a7ff6f14cd4553861bb08c5823

/storage/emulated/0/Android/data/com.gift.android/files/MiPushLog/log1.txt

MD5 3239b54af6d10067ec9d814303cd44ee
SHA1 543f4261a2955b08be3cb2615e9d55b7f8909e11
SHA256 4adff65f6fb1b0b197dc5d6c2d397c5d370cd631894c6507be5ddc7bc2ace4bf
SHA512 65d2e42f71e39786617df4182ee709c5c6769b69e6562f34d1ee3a211b272ea7bb2e4ab07515aa18c1cde0f52fbaf65fa94c2bbabffd730f4b6ca5707e1f2917

/data/data/com.gift.android/files/shuzilm.db

MD5 23babd2de04baa446e7c267695576741
SHA1 bf81a6e9319a623026184c68654163fbc527a526
SHA256 4549eb85175b02423d9c2d651c8c1800c75495eb2093fe4aaf43210f4191c9b9
SHA512 ae4fe92976eea37b754a83c89f97deaecf2b3e240b18306ec8cdc98435b6308f88bd7a477bb2e5d0f8bcdf733130a33c9d42f75e7aeed6ba1d8ad73dd14525df

/data/data/com.gift.android/cache/lvmm.db3-wal

MD5 5c191b90338e920c77f789c547b6439d
SHA1 72cb1eb8fa0412aa575d1eb77d980869fb21af69
SHA256 7e67bc27abafaa6c92abf83999b166d66da93e34cb07983223192d83abb0cb4d
SHA512 b683a977e3388e55d1aa4ecf60aa78cb7208a15d9fc0cafd52959c601433deafc555e62edf770b7ffe7bc044d32f6907598b34dfc3657aec79f728b2a8f634aa

/data/data/com.gift.android/cache/lvmm.db3

MD5 bc5ee3bd1676e52bf75af19795f0823b
SHA1 20dd7edf24e62ae81a11d3729d44a7fa16efe9de
SHA256 0daff228cc844646343508264035df8f23d89b4e1be9002a95af932e086c2c7c
SHA512 bd76f5a46bfa74c6a7e20839a48b5d52d07d5e78b904a1d2a10b4a82b6303b4f3b003271b5f0ff52340ede9a2c82314621c2bb91ec8dc1ad722b7a37e98a29d2

/storage/emulated/0/Android/data/com.gift.android/files/MiPushLog/log1.txt

MD5 0b037bcf0786b1de4e5c26e490e87a87
SHA1 e6284f06056f270eebc0b98cb206a907129d395a
SHA256 b18fe4775233a2b2f8232c235fe4af05dcca84499f0626713fd600dc34d00328
SHA512 bb5f4315c5e2316075851e71e7046729b79c095883da943ccdc659a7c906d01107668bc2a5110f5a56ebb00c9edfb5ad28fc98f41532dc2b99e622f8f0589cdd

/storage/emulated/0/baidu/tempdata/con.dat

MD5 8d80bc8ea90e9cac010d3ddf97bda5f5
SHA1 f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07
SHA256 f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93
SHA512 9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7