Malware Analysis Report

2024-09-09 15:59

Sample ID 240614-2cndgasdln
Target abc17a9f74487c0d0f56999d511f0c8e_JaffaCakes118
SHA256 0645e802edf9fe53abac0763a36d5ef15dc65647b7705be8660b753e92e1474e
Tags
collection discovery evasion impact persistence credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

0645e802edf9fe53abac0763a36d5ef15dc65647b7705be8660b753e92e1474e

Threat Level: Likely malicious

The file abc17a9f74487c0d0f56999d511f0c8e_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion impact persistence credential_access

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Queries account information for other applications stored on the device

Queries the phone number (MSISDN for GSM devices)

Queries information about running processes on the device

Queries information about the current nearby Wi-Fi networks

Requests dangerous framework permissions

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Acquires the wake lock

Queries information about active data network

Reads information about phone network operator.

Checks the presence of a debugger

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 22:26

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 22:26

Reported

2024-06-14 22:29

Platform

android-x86-arm-20240611.1-en

Max time kernel

160s

Max time network

178s

Command Line

com.sj49jdxy.com

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A

Queries account information for other applications stored on the device

collection
Description Indicator Process Target
Framework service call android.accounts.IAccountManager.getAccountsAsUser N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.sj49jdxy.com

com.sj49jdxy.com:gray

/system/bin/sh -c getprop

getprop

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 d.wanhoufu.com udp
US 1.1.1.1:53 pay.wanhoufu.com udp
CN 106.75.218.5:80 pay.wanhoufu.com tcp
CN 106.75.218.5:443 pay.wanhoufu.com tcp
US 1.1.1.1:53 toblog.snssdk.com udp
US 1.1.1.1:53 ichannel.snssdk.com udp
US 163.181.154.237:80 ichannel.snssdk.com tcp
US 130.44.212.65:80 toblog.snssdk.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
US 130.44.212.65:80 toblog.snssdk.com tcp
US 1.1.1.1:53 api.fusion.49app.com udp
CN 101.37.182.27:80 api.fusion.49app.com tcp
GB 216.58.212.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 api.fusion.49app.com udp
CN 101.37.182.27:80 api.fusion.49app.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp

Files

/storage/emulated/0/Android/data/com.sj49jdxy.com/files/tbslog/tbslog.txt

MD5 4f6810478e0b02544e4aad8aacdab430
SHA1 831abf723b648286dd6a94200ebf3c53180379d2
SHA256 1c4f2c72deda5a2ace362004f76b4d654802f5e27c502b87d174e63d52b1f588
SHA512 059827ef8540a62932f5836cfd2fd4090e07c2d220f479326a9278351b85eed067b9def4737adccea4eb29d51833f71676da819f3a43168c1338a0a7e27edfba

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 ac8d4af68e2dd2d6905f7bbe33f46ad5
SHA1 514859cca8d658ddf413eb52380bd168078ddcd6
SHA256 395c7759d42e7b0230b3ae424a130f2c5eca69463dea76598f3ec230f2ca728d
SHA512 377c2d3e571a65e872e3d7ca022078694a1f345eed7d83b76c8cc12ebcf4608a40ea7d07e13cd304c6312cf1dfbba63bc6cf56d25872a13b05954951bed630cd

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 50ebdfdbf17abbed2c0001a518f3cb75
SHA1 1a357f66191bd4f82bec7713e388a10f9f544ab1
SHA256 1de0516bbb896c8af982b27c2d67885c3a8d20a19fe136b24f78712f3b18d959
SHA512 7b63989287b9b36effc3a1e1d748b68d8c015cb99fbce28755db561442b6c62a20170e42e2e9ee521b555906b4837721816ff11d634e757c1769e98c81fe3ce2

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 5c0bd9c0f0776fc45e299fcb1ee80e9c
SHA1 df5d191cce5ff01d97dff53eea6e335c32c50cb5
SHA256 4f8b2e6bee05c67058b7f6b463f9138d44cd1577f8cf1c4d232d1bb65e5d4fd4
SHA512 141f17cc51f55e16f97df2e2b765b839c7dc964b02cddcec52482f4c5e11158346d147d1ebd1572472c45c867bcd1e06f219054192a33d3697e6e1eb54e7892a

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 3cbd88b7cd4ca45310202d78acc6a19f
SHA1 2cdb0888753cab7b639ba85fc75449e838fe47b9
SHA256 381c296330f7eb9167708b344a80afca1aa7f46f8ceb927afc56808e5ef4b9e6
SHA512 a6d8f069b36f610855ac27b11e334a170eff439e3da75400c81ca2c326c66a7878d1ee7eecabef2fae3bde7173a6dc4d7fbeede2f76905c8ff39ed61bcc4e3aa

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9ca34f32b32c0aab54a4cdb4036aae5d
SHA1 38f3c28ae53308ebb50e18609a4f1cc25d843a55
SHA256 251e5a1430652c9f052f8644c35723de364a25e81cd03acc75850f56aaa6ebb2
SHA512 cbff99af538b65c7f435ce72f7aa88ee87b09d4aeef5321ae323b688b2556c7d45743f311a67194e7da063d7ad72dc7a4d5fdef74ca9fc751b4407e6b04fbbe1

/data/data/com.sj49jdxy.com/databases/bugly_db_-journal

MD5 4e3cf05989e4fd664665d0921b6e5436
SHA1 87d0a4a04d7e91da87d24b1016d4733ff5541503
SHA256 d696b4b19f4cd3aa19d31c776128e0e3a8b4e609671a407261ceebeff24f26c2
SHA512 04021846f49a4b368d206493d2915f9fe2890a6f28acf0e1290ee16013ab6e1470af37bda697ba993ce9085fb46fda319c93af1fab63881f0b7188d3acab1a76

/data/data/com.sj49jdxy.com/app_crashrecord/1004

MD5 f3bb4301d180d4022ad001478946c394
SHA1 7d8cbc93d30c4a82a4f61a281db333be3c28ce24
SHA256 6fe6c3d62667521edf8ec6f1cb8ac6ed9d49d26aed3892789eb71694db29d551
SHA512 b35139cfb9ecba266b170574dad873f331fd32ab8d0428f71221db222daac6e4528d2823ecf458102647001e088457fd9d2af31b800d7fe867ac0d5dc2fe0d4b

/data/data/com.sj49jdxy.com/databases/bugly_db_

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.sj49jdxy.com/databases/bugly_db_-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.sj49jdxy.com/app_crashrecord/1004

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/data/com.sj49jdxy.com/databases/bugly_db_-wal

MD5 f79a50e9eefa74a58f0eb54493f5ae4e
SHA1 838adf774c14739938947351aefd33193b47a38b
SHA256 a1d03add15b522d1891758121ef594643c2a1c2793a92705e088103b79226c95
SHA512 38ddd538be4122ff596f71e6cc620083838f4917e994891928ab06682f8ca246c11a2b951c6815e9b41bf8fe222281036979ccc10089ac4d19864c20b58b739b

/storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat

MD5 713690f4941bd94089df8c5e03dbb40e
SHA1 78856908abceb71ad1cf92be75b1e1f9052d906e
SHA256 9d12386e11c0d56613f6878c656a4ffa5333b1eeae83bf7cf43b489e29dd4bfa
SHA512 f6e9989ee96aa9a330351351d1e8727fd8b8bd87d5511fffea17796e8983c653bdbf21053d01e84e0acd6f19c54260ecbfd3cbd10c70f839ffb33e1c28517488

/data/data/com.sj49jdxy.com/databases/ss_app_log.db-journal

MD5 38ade904a7f71204194b1c3925136939
SHA1 6766f697117b07c215c75a1cadb648e26ba1de84
SHA256 307193971295403da7eb8602cd4185750dc13560d510564a540de6cd80cf626e
SHA512 754a5f2afb819b437374d6b3a88cecc5b22f2290ee574c52d23e9a33596d4dbe72d91e23bb384d96047e5b12edb8fde038aeb6302943ef23b3f14a3cded74ecf

/data/data/com.sj49jdxy.com/databases/ss_app_log.db-wal

MD5 0a9847eea40686896fe3ca8964fa375b
SHA1 883d2ca62a3119b8137bdd16001a5d14223e9d8b
SHA256 6d593db9f7a39b025c2187c35fe9d70bdd2352fbea8f6f79b7b0e62cc705ec64
SHA512 9ffeb9f95f474e537b49d1d5d37dd8d43f830e137e91c8c89b593b595391a94f686aab84cd6a2e5ebf318832db69fa31bdfb0bb957c4012ac3206ee50bea2d80

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 22:26

Reported

2024-06-14 22:29

Platform

android-x86-arm-20240611.1-en

Max time kernel

179s

Max time network

131s

Command Line

com.sijiu.gamebox

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Checks the presence of a debugger

evasion

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.sijiu.gamebox

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 count.adv.49app.com udp
CN 114.55.233.230:80 count.adv.49app.com tcp
CN 114.55.233.230:80 count.adv.49app.com tcp
US 1.1.1.1:53 api.rt.127xx.com udp
CN 120.27.129.137:8888 api.rt.127xx.com tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
CN 120.27.129.137:8888 api.rt.127xx.com tcp

Files

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 f9e9e3a3a461657f9e38327bad893fd1
SHA1 58ab53e7ab255573c802fa4e74ec4dadab317a8c
SHA256 ff73840f6dae4cd292a7b0237a2865984434c59f33519be3dd6ed1a3b2072f31
SHA512 f36c95d258f9ce664764a654ae2cb5126acc89b58f6059c847e0a24e3899540a6e5d29892888b25b7150d4be801a0cecd0f637534afac9b90b58f32f75ace07b

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 b0465e0d741b7a015956c8ae3a75f924
SHA1 90e6f6968491028d77c40a9c2939f6c041d8b777
SHA256 52f43cc65238cc99792fcd8f248978ff8d04ff98b72bfa374476593cd90fb797
SHA512 3b76887aaabdf6cc06b8ee27b17d3891bc31aad533949d74288c3cefeb998c5218e76c9626afdf45c70280bcce98a5c56cd0ab2ecd880d3457b6bc643fd6d25f

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 fe749add9f3b14c7f0c5372a5cf00a9b
SHA1 2dd83608f66c7d223c3a8fed6eac8047cb87a9b1
SHA256 d80a63f10f4228ce8efeeb56da9a4ec1dc32e1ce6d62f631917d453ac6f91c54
SHA512 0885201e4572c186113fb768d3af7b45e76d9a7d52e2bcee684c6f0db2f8c3e79aeaeef7f2103909a753bbaad8748ed83efcebf4a2272cf4af90f516f7fa83b5

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 453e11f12be09504afb1c620a2b10297
SHA1 f3d3022e7f4234688307774307f5b855dc8f67b4
SHA256 f2f361d79dffd587cbf72cd125a074a77eb5a3258b576a31b64fe1ff9cebf9fa
SHA512 4ba6496f5637d8359387ec7621cbaea71d03bb5ba8a8118a819dc5e9535d6cb3100e489eb1075a4829d19ac7af2d041fbc49423e058f4d54f86be69de2a4c1c6

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 16ba8c2ed21d849c98d8d3da2d3fb521
SHA1 aacb517c0353d868eccacadeb77b73b428401075
SHA256 c4638c15088bcad545ea769f671cf16b4e85a4b1693dab33cdaa103261056505
SHA512 0ab4f0659e7b28d7dd8e9bafbc827bcd60807492dc258575a537125d30416430965f6f45a21b4361a64dbf012d3e6e94c6636825e39e7f1a2ab249426213c427

/data/data/com.sijiu.gamebox/files/DEVICEENGINE.dat

MD5 a334aa77518c744bd75b77f84674854b
SHA1 8ae1cbd82da2932eeaf5beeab335339df4b744c7
SHA256 4d683cf5ecd9909683d2db5a2f24b21ae0780ac6b06a928e70dc55c67f5b1e04
SHA512 8f3f2e9dce641b210a095688fa1de5653b704033d5e30f0653ce462330d9e4f9a61646fc128c558ad20a527c19868eff403ad26dc691820c56d9b61d86294371

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-journal

MD5 4397abac789d1caa60752fd871e399d3
SHA1 15dfcfe8eeb0ce3772dc738c27577193a6469da5
SHA256 e81a1fc8741899fbc2cc6efcfd74e6bf06c4e8a7d23de61e7c4aac217f45906d
SHA512 011943cce5bd9e71fc3e7b70665e75a5f5068e82017ff3a93ba2f7fdbabe70db7b88a394a25dc0124ee28755aa0786c29e8cdd05f84e4f08aa45161c58bfdf33

/storage/emulated/0/49app/hzagent.txt

MD5 4e80486dc41f017d0428abda26c2d304
SHA1 9722f674d2d736ce0f35705a0643e520f9eb7069
SHA256 0f8871df9d642c091d60dc52a11b22a6e8ce84d94740fd4a483845bb8c9f326d
SHA512 c5bede277bd049f0689e05eb9b9e9e7ce8e48df05e545e51bd7199cf3bd863dbbd2ad04fbe0fd6c1132cb858fdacd513b2f31662481668bcff210b96e62b1b62

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db

MD5 079f4234b18facd8134b892074ab1712
SHA1 50ed2983b9e1dade5a8ab2db92c21b4f27b60ac6
SHA256 0e933a62dfc2b6dac7daff8dcf0f2f8126fb3958e923e645d79946aade40f7f6
SHA512 dbfb3fc2cd2b7dab9c54f071a347ab6067b29ec6da3bbabd433ff4e8fa6faf8f63636cca719424de2a3902921aaba603baa271dd026b787f218f5d131ead05d6

/data/data/com.sijiu.gamebox/files/guidesjconfig.def

MD5 7f39bb731eb058b0fe09678d0380bb55
SHA1 d884f5f9b14f58a9e74f514bb121dbf8c9c89435
SHA256 1fd5c30831f9a6738aff5f81c37b629db1112e4180a4d5fb43a2508037479add
SHA512 7dc9bd0f4ac6bbde816b74cc536a179722fd7fde0d4e1ff9cfed5b6c751f6e40b2c6fbc3dd792cd2c995276e7d51784e92efc77ee69183ffa5ebb1dc241f41a1

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.sijiu.gamebox/files/guidesjconfig.def

MD5 832a74eb62c1f35cda7b2f21e4075483
SHA1 843a834928bd6071ef831d202a8869f71a07fad2
SHA256 3c36c6a52b56bd8b51df7505f30eca0ae0ad44fd187fa7307a8834980e064876
SHA512 46aab84ec8fda689ea9dd515c6ad80cbe3cdc3006fdbf8b33bb3b5c5fca9d5cf6a2d1670f111badb66625921466359b46676649b007195fb12f17a1dd79f250c

/data/data/com.sijiu.gamebox/files/guidesjconfig.def

MD5 8242f7db30ae22c8b07d09cc6e5ace2e
SHA1 87db4b1fa016c6dbec067e1c102c74f10e557312
SHA256 f11c7d17ace578e0154f7272fe7adc525e83a5b0efae2a78e8184ed1e882086d
SHA512 3bcd661f5c3450a602e890b1118bbdd28e1f13bd20a55814490965d7ebc105cafcd201f250a4265000a5055537778456cc27e0278475d65c6fa79934c7ba55ff

/data/data/com.sijiu.gamebox/files/guidesjconfig.def

MD5 1dce7e697d6214fbca32fd974829ae2e
SHA1 5fbe0002f221f990a677c371744febcf2c5976ca
SHA256 425f60f2b75a09ee7ae46201da65dcfa3d4867c1ab289d7b3f738096eb4bd821
SHA512 c122a0919be85db2b68f58a0bd7b28dba10dd8efd5ec1103d30de1c4a5cd0b28f5525ac415b5ce39ac40223a85410ed1853be47e8784581325698459021eb260

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-wal

MD5 36c4d1d9ce0954fb5c8ba0b51186f67c
SHA1 ba9992e5e41590ea429ed984ff21a64bb80f8b3a
SHA256 492ce93ca1ea4a15aff933e8eb07f870bc0d13a8e68e136ced5340efb0692fa9
SHA512 dec20aca2541e398653a791464d8d25525e7dc34624ec48ae0394f8c1e8ae0c064af413f78b3873d7d65772feafde2ce1a3f94cb1ff01b75814b2d9f1103fbc2

/data/data/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 bcac9b47753295dc27c63677608ea406
SHA1 a44bd98c447ad49471ed6b3af1edcdcf70f91aea
SHA256 ec31a21edea1acff3aceb49422db7233b20a7b374f3c22632363ffd920da43e2
SHA512 f20d579b44ba8555a619f54899e8d9dd4e6802c12d84012b39c95970c90363ad459f5ce46cd5cab908015e725a4cb5a4fe822fc16fa8b3e6baaa580e9928bb5c

/data/data/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-wal

MD5 ea697fbf535992e60a444027c9d0b62d
SHA1 047d7f9a3b97c54b827287657d2e8e461e22bc95
SHA256 d9f9120c488ec44f49da8268f4ac8216b69c048e60ce584dd06100c17b11f092
SHA512 7127a70e96c02057b6f4181b7855c6b372ca8ffa8920f2842b796c77db054d3704ce3f51a162be43ffeea3acc91543113fc6ef1d48a2c8a6f4229e0769abddfa

/data/data/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 01ca052add474f75dabba823b4368535
SHA1 d08edd1b85ab57846d707c5c0a2565fd24b4f707
SHA256 ffa7a725c3c6e30a44c6453e46ce5b7d201b7bc31760ad12a880f1d454023aa3
SHA512 e30030c85e7ccd6e1978833c7be2884160afb5d5eabc7562446ae06f5dfef699d28be7791a0ea97901b70207a4ba199c66eca7ae06f5cc1408459e40fb4392f8

/data/data/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-wal

MD5 f62e045577328a053ccbe692a161d6d7
SHA1 7cc27cd2f6b1dbf56f7333a728527f411b000286
SHA256 af23ed8c1e746b283a7f3da676e84d95cfeb8e697e7cbeae20dd2090c09bee3e
SHA512 7d61d6187d9c4bcaeb171c9f5faa6c2cf0808bdaf943948d2854aa912e0d36d97d7e4ac44514f32c51dcb3abb605148d3102e59aaef2a3a38339f5cd6611c44b

/data/data/com.sijiu.gamebox/files/guidesjconfig.def

MD5 65cc25744e63bccada4c04283c35d599
SHA1 18c05f96dc0b55034c427143cc0ae1fd0b463ce8
SHA256 da0a95b8672ce0b422e22498ca928f75e8e3391733403abbae2210f87ef32597
SHA512 98901c6cc4e97af69c1cd7a6d73b771ca31e07b72b4004df77c6f984f4bda16bea969acc75eaa0c7f6b4dc562666266112992b33034d8fe699c6aa52bc149ae5

file:///android_asset/www/cordova-js-src/android/nativeapiprovider.js

MD5 035f17302807fd50b779d529b2fe70e6
SHA1 155c16f2ae695cdcaa762494a0081f7afe4d4c7b
SHA256 6b93ab749d3a38c3c1aefd24af7258ee164a7dbd59126be5ee1524951a1ea130
SHA512 c4ed56089d4eb1e5bfbbf5b10ef2964922307f28e12cd6320c47bd3cf87746da271e515c494c80a0ae76308fbbc3ad65bb0ad998860a2bde11ed6032d1cd3d0d

file:///android_asset/www/cordova-js-src/android/promptbasednativeapi.js

MD5 f4b029f0e91729c970ff421b8f9bd22e
SHA1 598eb729123051f0494fb00325a8c76801a550c0
SHA256 af2dadc21ddb52cc372ef0aef8daefe2648ebb225f492d01e54baea5239aba32
SHA512 2f3c451e35e576495a37f24e50c97e8c0b3f9bec5f8e402717876962b5e51c664c5f68ca4b07e14256a3ae91dbc8aed56ccde8db4f487422a395425441408ff6

file:///android_asset/www/cordova-js-src/exec.js

MD5 4d368f4918f938b17fad3f819bdda568
SHA1 03b042e1eb52f5b148cca2a37fcc60e231f7a2a3
SHA256 72e84bc4d80d9b0f6e32dc8104dd1f2de7fd35a86a22c370f50c5f971abb264a
SHA512 ad93bf20c6fa494c9f276de5f33b8547044c0ca34f41552416ae2d96d8204809ff975c3a3f76d258ca3c32d12e58509b08bfdddd0f8f4df175885e5ea47f65fa

file:///android_asset/www/cordova-js-src/platform.js

MD5 6e1fac8e69e82cb27178bb5a01f1d36c
SHA1 fe62791f6a9347d062d8b8d4b2911583194107e8
SHA256 89833028f58dda9d34dba705bd4d8d6fca3afcd01e204dc4a49f8c41867ccc1f
SHA512 e13314380830c4abc5dca2b1c0c99fec17df7ef0d3c83639d00563fc266c8a1f7fe5a50a7637b37b5c04f121ddf7ac788a8ee158981360a82c625102a6ae5c18

file:///android_asset/www/cordova-js-src/plugin/android/app.js

MD5 58b79c9693166d44fc65d57979fcdf28
SHA1 7fba75ac7c3a901aae9da749633e6f522ed91253
SHA256 0409cf6e37e6723bee88c6c4250b3d6722137f140df47f00ff0e91d6615da04e
SHA512 6d560e27c0975f3a1172a7b76231f92d081a0e99106fe72a4c74b4e0910faba7b6d0f0b75182bb31ac411bdfb72e1caf930e620bf4b0c7148a241a476bb6476f

file:///android_asset/www/cordova.js

MD5 1bc4b531cb2e17f1de25757c1f5cd78b
SHA1 4839134354531b15898065db314b9447be5b4a0e
SHA256 89744a2449109499939d277ed0efd4da2342ec815bd292567b7800efa5c99a3e
SHA512 83e2cd6ad1b437344edfb814c8dee47e8b6b7eaf911de9f9cdba32e65cbace2706806b389678a7a35ef744c2e2d8ecdee648c9850aabf12f92ef6f3c7769c366

file:///android_asset/www/cordovaInit.html

MD5 e9b4ef7dad11a692b2c735151561b0e9
SHA1 3bffe403b051f90123a61459fe8a2941a9373c50
SHA256 48dc53646c992b4e95b40064088650c6b15ab1e03e67b3298729a121196306ed
SHA512 9df8b2fc1d83030dedf40a9c780a309d7a83b5b50ea0dcf45156a6420995f5a3e7751476573c86d33b1b8c18a222ca98b9e67256c08ac4aca9a15545799cf033

file:///android_asset/www/cordova_plugins.js

MD5 56023ff434157fe047e57ac62d90534e
SHA1 379f63b68223057cd603d351ebeb376297dd0988
SHA256 924d121a07090456d511ccdef651dd8084af90212b62bea5529a472629bf876e
SHA512 8ce5529a4924bb4426fb517ea5f6541da8f265b36a396c6fe56b375e8002ca666d3ae5ef025cfc4723aa6af7786f328c2f51b40085bea9ad583049c1be0a2127

file:///android_asset/www/css/bootstrap.min.css

MD5 c72f441f0a2f2221077953cdcdaca032
SHA1 b561cdad30ed2a91f7a840973c422cbee83e24b7
SHA256 8f12e090f818bc184a71039927186bc9ca39f89f2284249f27ca0abb4b824238
SHA512 88ccaeb8b523274a31499a94ea3a0448aad2aa1c17567fec1cf686daf14f4eeacf40286ec722e1c08d038081d5675350c875ba0d019a7af47ce7f26ec859398f

file:///android_asset/www/css/dropload.css

MD5 8ad4a022e8f47039922f9f3a7c660204
SHA1 561855af46c6fe111580532ae5536c0c44980c39
SHA256 4375b501b6384114f062fd732b95f8a4e94adaec2aeb5c5e67c41b279d0138b5
SHA512 d1e0df4d752e5dafa4ac051c27495658117878e8ddc99319865714fd02a2668b85761b215c70415d0014241f5fac242a617bbaec7bee705b3e080966396fb801

file:///android_asset/www/css/html5.css

MD5 703f53e69a44ce4851e3f2b94b2e7d95
SHA1 97a429e00c17bd1d69f6ec0a76bf99e453e73df3
SHA256 cc18eb505e18e5a8f530114aa7c7d6936f201f3a511dc420e6dfeb0465e29b32
SHA512 3bf50267878fbc4e7d7bbb4fb540578e1f8d8331fb394cb8707334f61ecae910acd55f6ae93af3d3f5345f796ff3224f2ef0a825d0669571754f558aa43e664d

file:///android_asset/www/css/style.css

MD5 13de10f673ebc0c32a5f58a6121da729
SHA1 541f12338edad940fbaee6f335d9d1b4b23ac594
SHA256 e20661b16b6667951ba57e09704d9d3482eeb8134d890d995d823c00dbb19fed
SHA512 e3f0a9fbd5b390363a82947d52427247e29c27211e3a3c0a8d911fd545bc915de9a6c7a7d2ac2d59c29d126593d179362f7f536916bc804881716a511917e71c

file:///android_asset/www/css/swiper.min.css

MD5 98573643595f6f3f5412dab472e8ce63
SHA1 ad65ddcb57c369d918d154c545b3df6a6037236d
SHA256 cb1eaf0e8b4b4ccf1fb9841b232069ecd85471347ead2d2c587b5f00ec34f609
SHA512 2561b4441e8b5b190a02ea5b5589c6a6423aa0da0132238dd4c6dbff5731864fc57a00eb9b4e1d834dddb2939c7fad1ff3f2b0b97d8cca69d6572bc406e18a7e

file:///android_asset/www/djq.html

MD5 ff8dc5c39b7ae2e5d43e4e7449dd2790
SHA1 5c40957fd411ff20c2abf3136241d97288fe28a3
SHA256 0b813a612a6340436aeea348a1d847ca35bf60a7e8e37f1c534265309511317a
SHA512 7ad88f1f26cd7beb864a22aa210133417591d84034aff626c8adbd9deacba00da892f0b6809007f49ee21e257b38b43be6412488d4f9ea1b6fa892b866932fdf

file:///android_asset/www/djqxq.html

MD5 6f98287655d254086cadcc5d99398a62
SHA1 26d3f81547dc48a6e0e61ccc3e6ce1cb3b5beb61
SHA256 05a7ef7020b02c0282ff5fa6eb852bfa07d6fe87a9b97360db9561b644b48ca0
SHA512 c341e81f1b3b178f42183723c1b9ec21bd809aff58571ee5d32aa51b7feefc6510518572650b50690965a1473e9ba24519acf2b6ab93c2d074fd31cce52c3fbc

file:///android_asset/www/img/icon.png

MD5 5879f8b2daec505125d850b7af0b190c
SHA1 9a1b7b3b5161157c077163b84e0090e9b53fffdb
SHA256 6daae314e38a029ceb1148ce2dd15b22b6369bc3cddf9f137d8070147b745a45
SHA512 416fd35121e7df0414e068c9ded6973d6fe4671c0aa03cd3d96885b04b70482fa1a88286b9c8ced64cfe39affba6c8a3eb8827f2b043c88a212dae4259f4aff9

file:///android_asset/www/img/screen.png

MD5 315d8e657f8e742f66c99ce64e0dd00e
SHA1 7780b3f479b197278618a293cf8ca3e5c1ccb542
SHA256 417f829d8dddf26ff1e61fc6cadfa3bee2a95a19b0124de64a48269568a98c34
SHA512 99effc397905703b8200c05215fa585a2db4f9d1537b5af94a21ab81b3175719f350d729de0c4f493fed6c5c73590074fe66c79229af40aa258e84d98b0cfbe3

file:///android_asset/www/js/api_common.js

MD5 f20a269a9d5645f8a411975f658e4a10
SHA1 9991de5f18de3e585feab7edfd796015da51cc51
SHA256 dad1a1f2563e3d348d15f377c52f55271e3c04c5a529277f0ed173c9b27d75d6
SHA512 29d548d258ba51aed489ae6dc30611ddd960b3e423bba45792e9b3265f8510bf920dfa7be35ee43b66043f4aadc01fb163bd47cd5781ec7706e41f33c16beb3f

file:///android_asset/www/js/api_common_banner.js

MD5 30781d8cfca25e247d290066d3cb41d6
SHA1 62aeb06b529da67d0da5ea6dfb2bd2da7e3dc93a
SHA256 7660e934a6c60dc6cfc7bf4af86691176564aa215c97dfd0cc11f4a311dc50eb
SHA512 2c5185558c8d65b81f794e5dee86dabb669aa2a6702e52b108fd71eb8c701795887ca6c572a753d3eb8053f5bb96f7184fddf136ee9a9893c49d4ebedb322a07

file:///android_asset/www/js/api_common_cordova.js

MD5 172b1d6ebd066037f340ce294fae4f4c
SHA1 2eb6d1782458fbe960d3992b405fe0d731c8e7c5
SHA256 92e5f6fd0692fd587745f3e5db5bda872039547678021db74a12c6bf523fbdac
SHA512 b0c114b866bb8564bc2009c3cc45cffd06383299230466b61a4fdbab8aa0a764bf50a56fcc02a5dda8da702791a0887dc95c46d8d8d5a7765dfb5c9dcc828c4b

file:///android_asset/www/js/api_common_game.js

MD5 d65bb18c47c4d2fd4aaf7af3cbcd57ab
SHA1 e8d9c0b6fe8618135174f501a8eae3143ebc8ee9
SHA256 b77e70854bc947af53297341cd5f5309e13a7a17361641a518dbdcd29f3ebc1c
SHA512 bb9799383b2a499b53d5437a4a18e8341e3cb8ae15ac4c0e7e0508504480d42abe014b172bbc0c3b17cc68c7ada0e33e0c07af1ed40185fd0230d4dcbe1f0a7e

file:///android_asset/www/js/api_common_login.js

MD5 89db34f38c9868b09137e25370f2b3f7
SHA1 058dda02c16060f140f848240577a2bbc6bedc01
SHA256 af994c9b037359a501614f7a8f97e71ba2e44ca386c8bb55489094a304f54c95
SHA512 4199aedcfc3941e7af69746e44d8309fe92394b1817ba00a905079a0be167db2fd5cd548190719bca887eaf43ed3d8b980aaf981efeafe0be596f09113fd5dfc

file:///android_asset/www/js/api_common_open.js

MD5 6f042d774614785e598b1240058886ff
SHA1 11ee440e308c2ec3c5022cd04d193fb4412a2f6a
SHA256 eb2089c13858fc0e3362aea245dee1b6eaa548fe222aeee04968c8738502ec5f
SHA512 c830517f775e0237726f90a30da655e94d9267efcbf552955422b5d39832a8927a2168659eda26c71479114c136a04977ff2a4608c427464b14a9f327c5ec362

file:///android_asset/www/js/api_common_share.js

MD5 694a2aef70edc6f174cd7b082fb743ee
SHA1 40829532411af71070386857b59b0de737ea27c1
SHA256 d6e0ead7cd574975bb6a09d59b09d809f366dd9fbbf869c4a8065dba7e72f4b7
SHA512 c42b45827b64d79ae971a040cf2ab31ed3be3579a2667f7ec72d39291919580957820b6018c04a4b6fdd03cd1463e68cbec1058f9a8ef776406fc49e23834e7b

file:///android_asset/www/js/api_common_time.js

MD5 1bbeaa8596e723dd36e7d13ef0995352
SHA1 a0abccf2962ded9c3a670b8d214c9baaf13f6f0a
SHA256 bd24c7cb5ba7ea1bb2c2be03a485e668f1dcf370ba299e1cdae715da5b065819
SHA512 1ca5f02dc6c266af86cce980e50692732035869a954598adac14c8c72f4b4de7ebfc266c58be11f22605eed7c8b1fc0c54e2dfe36bc52f65fbe39c2ba40d19eb

file:///android_asset/www/js/api_content.js

MD5 5d958c82e43ae7ecb5cf5ea1e4221267
SHA1 fe21d33a2be0893120ed77c5ca4b76500c219493
SHA256 d666b2b4e5f5b3daada3be668f0433bb857e7f032d9649d0d14112a1ebd57ceb
SHA512 7bf95fd239d99ef4cfc4591b5fc7ab97100d75dd3dcc631923215e4170208067201db5b56923cdc1ea302597e3f10b8b11d8b3549e3541a9f429001d10ac3e9a

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 22:26

Reported

2024-06-14 22:29

Platform

android-x64-arm64-20240611.1-en

Max time kernel

176s

Max time network

133s

Command Line

com.sijiu.gamebox

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks the presence of a debugger

evasion

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.sijiu.gamebox

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.234:443 tcp
GB 172.217.16.234:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 count.adv.49app.com udp
CN 114.55.233.230:80 count.adv.49app.com tcp
CN 114.55.233.230:80 count.adv.49app.com tcp
US 1.1.1.1:53 api.rt.127xx.com udp
CN 120.27.129.137:8888 api.rt.127xx.com tcp
US 1.1.1.1:53 pingma.qq.com udp
CN 119.45.78.184:80 pingma.qq.com tcp
US 1.1.1.1:53 pingmid.qq.com udp
N/A 0.0.0.1:80 pingmid.qq.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
CN 120.27.129.137:8888 api.rt.127xx.com tcp
N/A 0.0.0.1:80 pingmid.qq.com tcp

Files

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 59a3931b9079714674a8832a1aaabf27
SHA1 50eb88c1f2f0ab18b2b410692b48693f3775e3b8
SHA256 f49e4a118f252c8c319a7c3583a7fb9956c6ff87c58ba0fd3a389c19b7980034
SHA512 46a982997c64db95aed802987f4a6c4d9c06af02aac66e7aee44f3022d1973184bf82ff1a55951b92dbfa06785a61f4597e4af40c7872864e2b131013c95b152

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 25843d12ade2b97487e5b336c8b583f5
SHA1 860e41e0617b841b0308dd6122bc0db5f2d0cac1
SHA256 32bb0c5c71bfa65994503c0eb4d6a45bb6962842fb426cea41e1665cb14ba9dd
SHA512 2189c5626efd14103a4f90a6af8b614430f2b77bc92597df4908e24c4c1891b5df971e35ad583fe96620ff4ab08c706afc1cc2a9281ad8861e32f400b9d6c138

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 1f633a8733372424b1c0e17c7b05635e
SHA1 a9aaf94151b991a53b6a6beea03e92d2aec5752f
SHA256 58d9adaacb8db4e4e715f1ce46b172339ca90b44f946fc85096faac835478bc9
SHA512 db765224535f8b77bee134ba1fdc50c96ce35ace215f59e3aa6e3929e3eab2eaf03a06de557de09dd520c19115016b6f19389927585cc72773bd59cb764b74e1

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 dabe582666f732b9f8c47ee37facf8b7
SHA1 487232d1f5d93351e23e310721b2dc3f8fe283ad
SHA256 8c57e02fad913a9b3d54098916ef23f6c2ab5a2a80a9752dc02f487f74a1c283
SHA512 c62b14f98d5105a72140f79972ad589d4ac771c932936d85e55cb1fd5899590b55f967fda7e3a5a5d5627d5314ce31c64385aae233ce96eae1f93bd0199bb835

/storage/emulated/0/SJLOG./2024-06-14Log.txt

MD5 bb0d764cacd8d3c96e7ac35197fb4687
SHA1 348bb3d685bd91097997efdd2f483513abfe4196
SHA256 20f9cce361c30604d168cea0358bf79b112a6e177e3a1880c16482c7e744d46a
SHA512 1e17af249616b3cfabf08964ab2e57f722c564c1293f7da4048c1399758dd04ae478fae4e26f47b750f0aa483ac9b0832a25de442be9d88fb1715ab990759b59

/data/user/0/com.sijiu.gamebox/files/DEVICEENGINE.dat

MD5 139d555d82650bff25f66e651b6f9462
SHA1 e66a01efd1a8c7336245cc230352b43e98717f0e
SHA256 e2060f644d9b4a567ac4e34c046bbac45002a6367f9d0df649be293d6fc1fd9b
SHA512 2917b9be855e16f9243da38e0527f238bc21c947c805d2a3d8c127a4434d6f5dc1deb08376e27edcd3b79f148ec0b683458280fe3127419e3dbac89e1abb5929

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-journal

MD5 896b8e493cc68dc52dbbd291e80f0750
SHA1 35d55a424abb29e995664845f9ae0ece24b0b7bd
SHA256 5cb8a7bc3abdc3a2110239d6933b6ebe7d0ba0cb6c639ca9fec554fe965f1a52
SHA512 720578ca40f05b438f2fc539f9805f0b947d1d0cd2f308ec3dda9e0b2bbbbd7f43781e185c9ede284f99d772aaf58926ed9aeeb8618a105cbfd9ecadd7b80784

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db

MD5 cce8bd435e5b2722be1adb6eb57b8b1c
SHA1 81630e1aa87fec283b41ac163bc86520a3964d61
SHA256 b2c04f9538d00a46eaf09c900977268621c272f42c2aefd16a43f82b8594a696
SHA512 b5c0e55606ccf5b9ac60455e67b244c75aad376910b0f641ebc553c9d6e71420d05b559f7f8a18eaa073d74d2d8ab3b8ad39f7833ebaf30199a7b9e18d512582

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-journal

MD5 035f2f83a4420ea06606d4bd8a20e168
SHA1 6e5d3d2b07220699750e571c7fe0f750b010d636
SHA256 6e71fb06de9c6ebd20f69d36442be0b6244a910dcf68b9624cc6deb4a918ecc9
SHA512 c1bed9bafdbc4be88a319c4980c5fa8ae7716b5a958bcce3b203d224b4c9d280016d926c2cc6ef82b7c818d0b2e2e0f500ddcf3823ed40323136dc7e13d06220

/storage/emulated/0/Tcom.sijiu.gamebox/tExternal.db-journal

MD5 e79e83dccc648220e3afdb9a7a6f8088
SHA1 89e7e240f9121508cebbab29567fcd5b5a82a38e
SHA256 b10bb68036942fc367a7886f04cf5a947223512970bca8d746127e8cc92c3594
SHA512 4ba2533fa7275061759616c0cfc55af736b7c2c75cfc33949533e9587b6ee81171f638af1e813cadc0687dc0fb06f5773a04621e6ad31a574730514996447e8c

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 72e0ff128c71ec27fdb39c8a43d64b9b
SHA1 ed915b896cf4bc8eed24d8db784bbaafa20e4a8c
SHA256 cb30cdde38340be4a8fcb472e5b3db300b79f6d3247e96ff18499510adb82f01
SHA512 f27f93e34a8fd4ad5fdfccd893f4327fd3001c053edbcea946fb52972c34247b592f3ebb77c12bfda1c5c9da059ae64a166bd7d907dc55e1a013bbd780813677

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox

MD5 5211cec4c70f3b59ded243a3cd0e8d00
SHA1 0005fac71dac45f3d428ed4cb77717d28b188e98
SHA256 e4d9075829e01774066595ec1602c15873268965c4a6e02d11cac8ae19768a0e
SHA512 b82888efe5c64659c7bebf1b365edd0e1a636f2246a4a423948701cc8a70d25f9a9432ac6755f5dd74f044ea1f294475285fc89d2606946d81600bd633ed5d58

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 756841d29d8cb48f4cc5ac3f22f96f23
SHA1 4d18556c202dbf47e06cdbfa2a8cc9e0b29c0a7a
SHA256 3416ec5bb82d2153b88eebd3fa4ae175dedf00f618fe6f983f584ab973144245
SHA512 6646be9b47fe05df4a30517c303863d775a87019f9c7bd3103c26d2de775e4d5dadffed6469e223326a6d037743be28e5c0023c4cf52bbb708123d7e7e913e72

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 b7fc4119a50cf7f4efc921608ac34d0b
SHA1 360419b58e7b593813caa667a5a61d0caafb0fa4
SHA256 b085e108ff64dc66023b8c1c8bceb4ec1ab6ef056ab46db2367b51257c9ee7f5
SHA512 bf55c22d1d803350dadf74c1c5d8197181a75609c57e88c75073e241d79c62e2026b2a47f58524f1681816d0471d47ada752cd69953fafb1c040ec39ecbdd032

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 201b80b352b7d7be61556949f367c696
SHA1 84afee7d470b2acae29818cd22a1a226e79ed91e
SHA256 7462270677d2f8f8ba15b93aa3f9f387f74bcd7bb0e96a0649a046b4e7fbc71d
SHA512 c772cc0d166d2dc6d7f30822e2ef723007fc7c961ca6290565c220291137418019f0d929edc387e2ed2fd83f3471fc29ae83d43437da42440fb43f3ee58b0360

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 bac2f9d808134d91dbf693e780de8615
SHA1 9180f6f1fb25ab90da62c665f56796b93ffe76f1
SHA256 f6c3fa77d8b570b4c1ac0e6b3b149ee5de8ef6240730cfc14dbaa5b8ca82d655
SHA512 bfb331adbe7141fc6b77e37c4311b9105c69363c978173b4f558e087d448c10b689d1336f2a5eacb5f0c8af0fced9685f7a33e28224248e22fa9c1266f6af5f0

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 8e145865664713e01cf5abd97bbca053
SHA1 0d659a7ac5bb3344109e3ef041d1293b1edf4426
SHA256 e97f4f9a8dca6e906a0f0d616b0a74762df5de6d74f849128757274ef0ce39db
SHA512 e9dd5b12c46bfbfc650204426120f9017b91920f27804b74d2d7f3950729b8096f326da4b41f5a97ddcfaadcafda78824e5b392ad4d992e46ff0def85d438543

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox

MD5 45176c3d17a8fdc95589913768ba3156
SHA1 8522ebe8e827b1468d1d6759b870f59c3c5691a2
SHA256 f66593ea341b34f023b4afe8c5b65726d05c721cbab7099c7239081a522ff1ab
SHA512 1e3efc725c736fb1c063d8714f3067a703be164f946e8d7fab0de42ea3234b34adca20dcc4da2f4bc8522e35e52ca42d4a48ef015bbce387bfd6a34e0b0af0ed

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 6973483ff852acc441097a78c114020d
SHA1 991f1c798e86b609243c19e8fed9ca8ffa4a6964
SHA256 8dba4682834f0c86c9b9ac35a37215edd1902bfe9a47535739898b0a41b8a797
SHA512 f8a4a0f77ba8cb52467acece8758293544ee4e69dc2e54b5dcbd5b08739ff607e706caa1b95e82e57357fb56cd1cf432d597b8520f7027b6857a9151162cac48

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 f5e252f6ca9c014806101c1747a28c35
SHA1 3285ce9ca6862643bb7d57db02a6e86f615def03
SHA256 e6a931d407dbf161d568e94fd77ef261d6d775b13c47aca75974207452d3347e
SHA512 32369a348172a715a0c9bead0352001a4a5032e9614e35c36e1c52be042243101c9a40d68f0c9cbbe8ef848f40968c7e32b2abbdd64ba56e074519976727fc14

/storage/emulated/0/49app/hzagent.txt

MD5 4e80486dc41f017d0428abda26c2d304
SHA1 9722f674d2d736ce0f35705a0643e520f9eb7069
SHA256 0f8871df9d642c091d60dc52a11b22a6e8ce84d94740fd4a483845bb8c9f326d
SHA512 c5bede277bd049f0689e05eb9b9e9e7ce8e48df05e545e51bd7199cf3bd863dbbd2ad04fbe0fd6c1132cb858fdacd513b2f31662481668bcff210b96e62b1b62

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 8043f9740b9bc32598e6b774360cf885
SHA1 ff102fe62cb78ffba18c8fb9bf2ecb8008a2242a
SHA256 d9007ebdf24e6073266a9dcb5c0780327fcda54e224e08f921c97315c40b5e56
SHA512 70c7c02d7590f85b2335075997b50e91e01ff9c03e994efba2e283d1345268ea360b6a10ca023af7a263b4e78332574ef779e62b2e8df4a2053b12ac60b77a38

/data/user/0/com.sijiu.gamebox/files/guidesjconfig.def

MD5 787cf6995d4c3ecc5985340334e7078d
SHA1 33d172d16bc7f86d67e5cf829a49b6f1af5df1f2
SHA256 f23c005189d87174e7d960c1a25a54033709b5bab1ff3d8499a0f847f6e40b4d
SHA512 aa65cd1b1faf08f64e106ead38e1b28ea579ab29a163d20f7d1c42c7d4414fe2fb3a097029c03d3e6622128e44609b60143c3a208dd9f5b2c7c6994dba16b7b4

/data/user/0/com.sijiu.gamebox/files/guidesjconfig.def

MD5 39d6681de3cc4d2f59c5cc7ee64d768b
SHA1 84badf50e2c13cce14071e6c80ea89b530c0f8e7
SHA256 c571d8f05beccb3158b266088e46ecbbdc300cc588f2120d477b79960a28e914
SHA512 3a0d799c0398eb7c50d24b1e8cd3e85abe909a718937ae45a99f24744e819e3161d8877a999166cdeb796cf79420ae496b6d8b62b939ee0c999df37ed8d68d12

/data/user/0/com.sijiu.gamebox/files/guidesjconfig.def

MD5 b3971e9d29160e999a9f614bdb67656b
SHA1 332a4a135a61b8de13b4fabb59d80a94d2eddec6
SHA256 d998929a574df54ab47e8ffb76436b7f955efc312f335e33d0d75b9a1a0ed015
SHA512 c92ac60db8c2867bc1d8ebb278b482ed5721e73158117f8e406f9bf4fa3d5b152309caba641f49966263f847c20d9871d1e371b19c533b7edd4cd2193d96d5a4

/data/user/0/com.sijiu.gamebox/files/guidesjconfig.def

MD5 2a5f67dda4f259102c9a3bef2f5ccdce
SHA1 f38431a419db0ce9be452e05bc78b53fd260fa81
SHA256 c3a632f5f2234b1c1f24d4270e0e6ae7c0a8bda5d2110a1ff827ddd3e0dcc20d
SHA512 ac87f4d41ced85ce5e0bc270e8c0914df4af932d207054e95d97e718dde4d46b47e23331e9c1ba2e9cb4b9e2aa0280a3b83698dd99fe1a7ee02aacb89e080900

/data/user/0/com.sijiu.gamebox/databases/pri_tencent_analysis.db_com.sijiu.gamebox-journal

MD5 ae35688ea8351b816a568e5cd7086130
SHA1 8d4679170ce380b93cb18d18e10225e9bc511769
SHA256 c2b4bedb5c07aeb8745b6b8094eb592bb774aaadb4d83aaa480d55dbfed6e5ec
SHA512 a69b3d4b11be873c41b6cae9bf77f2a6a2b2c41908227d041cc2681f87ff518cb6bf6417a8ef7c51a329f5218beac519bc4b2d297f6cd6e32e6b5034fb4fd7ef

/data/user/0/com.sijiu.gamebox/databases/tencent_analysis.db_com.sijiu.gamebox-journal

MD5 adc907a0ee6d1b50fcba74adcd269210
SHA1 0e8843f0491df623983e53842636223d344e97f5
SHA256 1ca13a54f9ef44b9f7bcdcb926b80b3c5b15c3381febbf41d20dccac2aff5024
SHA512 710099c4b6f7916376b69d3be6660caa308acc81a7000b056eaac5c5daa6f8db206f42aa1bbd91e72de9b70d1ae66f4e97583ebb7be8b69c20efcb4d2fa9b997

/data/user/0/com.sijiu.gamebox/files/guidesjconfig.def

MD5 ce0bdbd0c8558efb3da6bc35966bb441
SHA1 c9020612259d47faf03f71e03e7c5c40ce41187f
SHA256 4ae7e573e01c5ef1cd3432699742d9340d6b2807c2e09aff167b717c404cf091
SHA512 f4c15ff62cb2764add6701f6d6ced817965cd4c76f70bf24966ba7f4503c478c637b1a6cd246e6bbeb2ef1d1568fe544d30d37ac9930911742bc401cd90fb39d

file:///android_asset/www/cordova-js-src/android/nativeapiprovider.js

MD5 035f17302807fd50b779d529b2fe70e6
SHA1 155c16f2ae695cdcaa762494a0081f7afe4d4c7b
SHA256 6b93ab749d3a38c3c1aefd24af7258ee164a7dbd59126be5ee1524951a1ea130
SHA512 c4ed56089d4eb1e5bfbbf5b10ef2964922307f28e12cd6320c47bd3cf87746da271e515c494c80a0ae76308fbbc3ad65bb0ad998860a2bde11ed6032d1cd3d0d

file:///android_asset/www/cordova-js-src/android/promptbasednativeapi.js

MD5 f4b029f0e91729c970ff421b8f9bd22e
SHA1 598eb729123051f0494fb00325a8c76801a550c0
SHA256 af2dadc21ddb52cc372ef0aef8daefe2648ebb225f492d01e54baea5239aba32
SHA512 2f3c451e35e576495a37f24e50c97e8c0b3f9bec5f8e402717876962b5e51c664c5f68ca4b07e14256a3ae91dbc8aed56ccde8db4f487422a395425441408ff6

file:///android_asset/www/cordova-js-src/exec.js

MD5 4d368f4918f938b17fad3f819bdda568
SHA1 03b042e1eb52f5b148cca2a37fcc60e231f7a2a3
SHA256 72e84bc4d80d9b0f6e32dc8104dd1f2de7fd35a86a22c370f50c5f971abb264a
SHA512 ad93bf20c6fa494c9f276de5f33b8547044c0ca34f41552416ae2d96d8204809ff975c3a3f76d258ca3c32d12e58509b08bfdddd0f8f4df175885e5ea47f65fa

file:///android_asset/www/cordova-js-src/platform.js

MD5 6e1fac8e69e82cb27178bb5a01f1d36c
SHA1 fe62791f6a9347d062d8b8d4b2911583194107e8
SHA256 89833028f58dda9d34dba705bd4d8d6fca3afcd01e204dc4a49f8c41867ccc1f
SHA512 e13314380830c4abc5dca2b1c0c99fec17df7ef0d3c83639d00563fc266c8a1f7fe5a50a7637b37b5c04f121ddf7ac788a8ee158981360a82c625102a6ae5c18

file:///android_asset/www/cordova-js-src/plugin/android/app.js

MD5 58b79c9693166d44fc65d57979fcdf28
SHA1 7fba75ac7c3a901aae9da749633e6f522ed91253
SHA256 0409cf6e37e6723bee88c6c4250b3d6722137f140df47f00ff0e91d6615da04e
SHA512 6d560e27c0975f3a1172a7b76231f92d081a0e99106fe72a4c74b4e0910faba7b6d0f0b75182bb31ac411bdfb72e1caf930e620bf4b0c7148a241a476bb6476f

file:///android_asset/www/cordova.js

MD5 1bc4b531cb2e17f1de25757c1f5cd78b
SHA1 4839134354531b15898065db314b9447be5b4a0e
SHA256 89744a2449109499939d277ed0efd4da2342ec815bd292567b7800efa5c99a3e
SHA512 83e2cd6ad1b437344edfb814c8dee47e8b6b7eaf911de9f9cdba32e65cbace2706806b389678a7a35ef744c2e2d8ecdee648c9850aabf12f92ef6f3c7769c366

file:///android_asset/www/cordovaInit.html

MD5 e9b4ef7dad11a692b2c735151561b0e9
SHA1 3bffe403b051f90123a61459fe8a2941a9373c50
SHA256 48dc53646c992b4e95b40064088650c6b15ab1e03e67b3298729a121196306ed
SHA512 9df8b2fc1d83030dedf40a9c780a309d7a83b5b50ea0dcf45156a6420995f5a3e7751476573c86d33b1b8c18a222ca98b9e67256c08ac4aca9a15545799cf033

file:///android_asset/www/cordova_plugins.js

MD5 56023ff434157fe047e57ac62d90534e
SHA1 379f63b68223057cd603d351ebeb376297dd0988
SHA256 924d121a07090456d511ccdef651dd8084af90212b62bea5529a472629bf876e
SHA512 8ce5529a4924bb4426fb517ea5f6541da8f265b36a396c6fe56b375e8002ca666d3ae5ef025cfc4723aa6af7786f328c2f51b40085bea9ad583049c1be0a2127

file:///android_asset/www/css/bootstrap.min.css

MD5 c72f441f0a2f2221077953cdcdaca032
SHA1 b561cdad30ed2a91f7a840973c422cbee83e24b7
SHA256 8f12e090f818bc184a71039927186bc9ca39f89f2284249f27ca0abb4b824238
SHA512 88ccaeb8b523274a31499a94ea3a0448aad2aa1c17567fec1cf686daf14f4eeacf40286ec722e1c08d038081d5675350c875ba0d019a7af47ce7f26ec859398f

file:///android_asset/www/css/dropload.css

MD5 8ad4a022e8f47039922f9f3a7c660204
SHA1 561855af46c6fe111580532ae5536c0c44980c39
SHA256 4375b501b6384114f062fd732b95f8a4e94adaec2aeb5c5e67c41b279d0138b5
SHA512 d1e0df4d752e5dafa4ac051c27495658117878e8ddc99319865714fd02a2668b85761b215c70415d0014241f5fac242a617bbaec7bee705b3e080966396fb801

file:///android_asset/www/css/html5.css

MD5 703f53e69a44ce4851e3f2b94b2e7d95
SHA1 97a429e00c17bd1d69f6ec0a76bf99e453e73df3
SHA256 cc18eb505e18e5a8f530114aa7c7d6936f201f3a511dc420e6dfeb0465e29b32
SHA512 3bf50267878fbc4e7d7bbb4fb540578e1f8d8331fb394cb8707334f61ecae910acd55f6ae93af3d3f5345f796ff3224f2ef0a825d0669571754f558aa43e664d