Analysis Overview
SHA256
a42047238b06296d7cee6bb2a8a2c81ef76ed83f4e7af3e9564eadd56f3bce19
Threat Level: Shows suspicious behavior
The file a77c62c7c74a47943bb6a60eb725ab98_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Requests dangerous framework permissions
Queries the mobile country code (MCC)
Reads information about phone network operator.
Queries information about the current Wi-Fi connection
Queries information about active data network
Checks the presence of a debugger
Schedules tasks to execute at a specified time
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 01:14
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 01:14
Reported
2024-06-14 01:18
Platform
android-33-x64-arm64-20240611.1-en
Max time kernel
3s
Max time network
179s
Command Line
Signatures
Checks the presence of a debugger
Processes
org.vv.homemade.tang
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.68:443 | udp | |
| GB | 172.217.169.68:443 | tcp | |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.10:443 | udp | |
| GB | 216.58.204.74:443 | udp | |
| GB | 142.250.180.10:443 | tcp | |
| GB | 216.58.212.227:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | udp | |
| US | 34.104.35.123:80 | tcp | |
| GB | 172.217.169.68:443 | udp | |
| GB | 142.250.179.228:443 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 01:14
Reported
2024-06-14 01:15
Platform
android-x86-arm-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-14 01:14
Reported
2024-06-14 01:15
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-14 01:14
Reported
2024-06-14 01:15
Platform
android-x64-arm64-20240611.1-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.187.238:443 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 01:14
Reported
2024-06-14 01:18
Platform
android-x86-arm-20240611.1-en
Max time kernel
142s
Max time network
178s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/org.vv.homemade.tang/.1/classes.jar | N/A | N/A |
| N/A | /data/data/org.vv.homemade.tang/.1/classes.jar | N/A | N/A |
| N/A | /data/data/org.vv.homemade.tang/.2/classes.jar | N/A | N/A |
| N/A | /data/data/org.vv.homemade.tang/.2/classes.jar | N/A | N/A |
| N/A | /data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar | N/A | N/A |
| N/A | /data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
org.vv.homemade.tang
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --zip-fd=46 --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/org.vv.homemade.tang/.1/oat/x86/classes.odex --compiler-filter=verify-none --class-loader-context=& --zip-location=/data/data/org.vv.homemade.tang/.1/classes.jar
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --zip-fd=48 --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/org.vv.homemade.tang/.2/oat/x86/classes.odex --compiler-filter=verify-none --class-loader-context=& --zip-location=/data/data/org.vv.homemade.tang/.2/classes.jar
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=54 --oat-fd=55 --oat-location=/data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | xshield.baidu.com | udp |
| CN | 106.12.1.64:443 | xshield.baidu.com | tcp |
| CN | 106.12.1.64:443 | xshield.baidu.com | tcp |
| US | 1.1.1.1:53 | sdk.e.qq.com | udp |
| US | 1.1.1.1:53 | mi.gdt.qq.com | udp |
| CN | 43.141.43.110:80 | mi.gdt.qq.com | tcp |
| CN | 113.108.27.88:80 | sdk.e.qq.com | tcp |
| US | 1.1.1.1:53 | qzonestyle.gtimg.cn | udp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| HK | 203.205.136.80:80 | qzonestyle.gtimg.cn | tcp |
| CN | 43.141.43.110:80 | mi.gdt.qq.com | tcp |
| CN | 113.108.27.88:80 | sdk.e.qq.com | tcp |
| CN | 113.108.27.88:80 | sdk.e.qq.com | tcp |
| CN | 106.12.1.64:443 | xshield.baidu.com | tcp |
| CN | 106.12.1.64:443 | xshield.baidu.com | tcp |
Files
/data/data/org.vv.homemade.tang/.x86lib/libbaiduprotect_x86.so
| MD5 | dc0a07f5f30b244af1195bd064c12542 |
| SHA1 | 77ff4db99866b13092e40e1bcc7a95097a66eca7 |
| SHA256 | 348d8af1aa9cfd2f76ab58323a5afb28a5e02d89d81a107fedd4df72ee5be659 |
| SHA512 | 03ce79bb10edbf30ec3152496820430e830ca826f1ede2b1a7c350555f2bd6984cab6b725dd54d020b55153f0e8cc0044d3844df1c53db10791e4e6c2172c7f0 |
/data/data/org.vv.homemade.tang/.1/classes.jar
| MD5 | 63033848437fb00ae65419d8a25e5827 |
| SHA1 | aa444c485ca5e95cc15ad635dd52d678dbb98b85 |
| SHA256 | be5750f154e0e52ecdd6cb201d73daeff2178c6e524e4e9c2a50aa0d46a83e65 |
| SHA512 | 981634a916f1527fe57fd840360aaf3ad9a4a26399085f889187c9af3c33672c100900ea750bf3c063cf504a66b3f3dc62b76297e6e311afda92d945612bacef |
/data/data/org.vv.homemade.tang/.1/.config
| MD5 | 53ae7967a3196d632caf532696685ae7 |
| SHA1 | cf85eb87a9a348a8973469048301b165f1e116fe |
| SHA256 | e2b83ec87d436f1d7d52e0f530d8bb2678ef996199cfe919d3ae5a1c7b08a9a0 |
| SHA512 | 86ea6d149b2d6238a068c7f4d0ec603af06cfc491968439b1a8662113da4ef17b6a7e28eb4cc5e0b689dc552c2a7ed059a78466edae2c0f152affec74628e649 |
/data/data/org.vv.homemade.tang/.1/1.jar
| MD5 | a79bd7cf250e163855e2cf7168f12243 |
| SHA1 | e7b4be187ba8546f87b9a3587dfec70134ffb6e7 |
| SHA256 | cf37f6ecb79fb320ad8b6964fe8e0f40d016947fd5017eda518323fe71524309 |
| SHA512 | f7f9b7c92393f197ee1234a0b26fbad5b13eeefab190b375a8742fb80fae8a62708a1bd43a3fedd79a2879bec224451ac17f7d62de5e5b3fe00fa469a5998831 |
/data/data/org.vv.homemade.tang/.2/1.jar
| MD5 | 6773503fe18e9c5d1a8eae8c9a7b0495 |
| SHA1 | cb025d884f1a27e1456441b30f7515e1170ee6df |
| SHA256 | 7a47d97c52c1d03a540e96e482b05841b2cf2896b0cb2e628763f450e1e84445 |
| SHA512 | 427e3f97a8fae9d9211c14d7a3852ab4791cbd95799360179f960b2e191f687fdb0d22c982bd0cf7566be76ca08571a40d68e1fc64081d8e9e3416dc3acef0f9 |
/data/data/org.vv.homemade.tang/.1/1.jar
| MD5 | 50e16858f7a0cbb1e0c6eabc5aa82fc6 |
| SHA1 | 792599403633ff419d129a2500ba438fcbb64fde |
| SHA256 | eb2035a612446de0225b400c61cc7ffa02406119ca3f4f67e331de296e3ff7f4 |
| SHA512 | 60778bfb3aee3dafe4e299812e5075ac265b0c0eb4f06668a16ff78a961a7d4e265d137ba2398255b1afd4c6bc8b95c21cdbc7e2f02b79294758e0bab3ed4bb3 |
/data/data/org.vv.homemade.tang/.1/classes.jar
| MD5 | 474c47ce323aac717be67d302c539f82 |
| SHA1 | 584551e1f93b3f2032b83bfc0aaedf004cacf71e |
| SHA256 | ebd9ee9613a036a7a57f37c8177c64e0e14f04e3bd3d060a5b3deaa5c24db197 |
| SHA512 | 79083fb18b4a7cfe38725f9623071bba77ef6d9e3884b91d67b6e5ba211a95c000831881230bf3fc2618f54ae90a0ca43751faf5e3e934925df8b87059667291 |
/data/data/org.vv.homemade.tang/.2/1.jar
| MD5 | ed358896791c2e50a9464869a441003b |
| SHA1 | 854641a531cb97951b05753fc4bf44ce22524201 |
| SHA256 | 7316f5dc9745c8864e2227f797c874eff004a291033903018a958d83cd485ee8 |
| SHA512 | eac2a719244ec5ab3551e6ef2dd004b4c3196d671d7c6403b5e6a0a164253338736a3066ec0dc2361b6b0adabad96e7d8371c0cde7cc8dd245123e0f7efc7fb9 |
/data/data/org.vv.homemade.tang/.2/classes.jar
| MD5 | c44ecde7b26ad68dc8e1ca7bfe81df80 |
| SHA1 | 50a985625ba45af16d3431f859a746f59e18f51f |
| SHA256 | 89260271621b671cb58500c714a1fd88b36fae5c1976d83eb36f82f9b88b4fe1 |
| SHA512 | a8f3ec9535bbbe1b9af4bc753e84b8572c165bddf9ac2d32daafbe9a87022f47de4066bd5f49692ddc9f9a2648c5ffa436d0e3c33606150d4f1fb149a8d1181e |
/data/data/org.vv.homemade.tang/databases/bxshieldh.db-journal
| MD5 | c92622df2251f261a9639240490a832b |
| SHA1 | 6f410eb4f5723c95c8b5bb14800b14c7b0346079 |
| SHA256 | 78f4993dea07d93292c5a7ec6926f65cce86048bdff16ddaba2a4b1b477f9810 |
| SHA512 | 31319f23baa4458fadae4e60a2a7e9d6af8a2d907e6cc4c0ad29556a0f09a895a3d28d5e15e4bbc7ffd3c3c15edfc9f5fa6f1edd20ed26e756d32dc50f522df0 |
/data/data/org.vv.homemade.tang/databases/bxshieldh.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/org.vv.homemade.tang/databases/bxshieldh.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/org.vv.homemade.tang/databases/bxshieldh.db-wal
| MD5 | e07a15f7c8f92df2a446d6654f41b49a |
| SHA1 | ee694627de1c9d7118a4f7cac49e2d9cffbabde7 |
| SHA256 | 604a5fd6ae01d11a959edbaf412ce8c06362b5ab9a253fd51931d573a93c02a4 |
| SHA512 | 22c822440f079b9d37986b86448d9a89b5661e3f376f5aab84b25872e929da63a430abd41f7821a30b948222bfde5ed61b7f3cf1484349c1abd03794e378aa61 |
/data/data/org.vv.homemade.tang/app_e_qq_com_plugin/update_lc
| MD5 | dce7c4174ce9323904a934a486c41288 |
| SHA1 | e117797422d35ce52f036963c7e9603e9955b5c7 |
| SHA256 | 0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f |
| SHA512 | d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143 |
/data/data/org.vv.homemade.tang/app_e_qq_com_plugin/update_lc
| MD5 | 0bcef9c45bd8a48eda1b26eb0c61c869 |
| SHA1 | 4345cb1fa27885a8fbfe7c0c830a592cc76a552b |
| SHA256 | bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec |
| SHA512 | 91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812 |
/data/data/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar.sig
| MD5 | c279dbbd54a414557a4e016e9859de13 |
| SHA1 | ff2c921090de406118ea776056241922b67e1af6 |
| SHA256 | 78bd558fd3a6a9d297b839aad6b3b9e9ce2e4b94a24f6b92c765b8141c07b42d |
| SHA512 | d1f23fd2ff7dfec8d31527003e797bfaba07d5577dbe11db80241ef48655577e11509f9a41c948d3c7993856558f4acca394147fac5dab13769fc075d17ac9ae |
/data/data/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar
| MD5 | fe50e038470eb25f973224e6ca586b06 |
| SHA1 | 49f78513677212a23c550ed63c411877f8ae559a |
| SHA256 | adce8b6675d87b74a231bdd317bb98cef24e536c48683a30ddbaed7ae6d7b207 |
| SHA512 | 0865e3894fa253b835c322f75930af5d831a055561600555c5042783f6e1a9227d8b6a3263ae9ef67c4a1310e2979bddcf4a1ac1be1370e8a4e56e26b0010fc0 |
/data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar
| MD5 | 39497151382b5ea3c871783702d30804 |
| SHA1 | b9ddc58a20909b4047e705c37a1517ad85cd51c2 |
| SHA256 | 05e4aece3b01a98e87c9257a25dfa485c886d80a85d4051ec719a73398d2f944 |
| SHA512 | 9774e83f62ff39fa38c3ca47441ab1708513bcbd3dace3e460461dddc8fae948c467a5b765848706492b3fc9450731ece409905a583100778b851511ec4f1a4c |
/data/user/0/org.vv.homemade.tang/app_e_qq_com_plugin/gdt_plugin.jar
| MD5 | a279ccc3cfc946ebb41a0df2bb4de3f4 |
| SHA1 | 916892603c1713ad2d6be270fd7c6bfafca0b96e |
| SHA256 | 388977dc0405f850a697773f311919eb9716bb9b5c6582ce2f851ca6ba884394 |
| SHA512 | 0e0f40213d7cd68deb82eeb9eb25e5a16a5904da3a7f6fa8b4897ac088a6d6c749c9c8b34e131807e18b66d5feda1f7a33dc2fef6c1f86cd833dd83bf751cfe9 |
/data/data/org.vv.homemade.tang/databases/GDTSDK.db-journal
| MD5 | 7609130da0fe60b60429b6926eb32c1a |
| SHA1 | b601fa8ef022a38840f66a1daae23832666ef38d |
| SHA256 | a0aeac3fd9af7216f48126587bae089cf5e2c9b5eb6924f14d2e91780baa7b12 |
| SHA512 | fa6a0c62ee6304c70c68801d0682292f5f66cbcfa8895d294c45541ab1e7a776477ac5425f0fe92190c05b064728a7c816c6557b15b046645d239f4e89ffa925 |
/data/data/org.vv.homemade.tang/databases/GDTSDK.db
| MD5 | 755d1d1b0599d7be973031b5a9ed3373 |
| SHA1 | 3b13cffb97005729fc20cd9b9a8547e0fa32632d |
| SHA256 | 90bc14445f887f7dbff548bdcc44145362d7fd20cc8ad8568b4d5c9372ee9b46 |
| SHA512 | afbd3a1c76a41015b2d4523d1c08dc14a3a75dfea3a5082b5e0552d750a498fd316bc98055b9f0ad2992f28b820ef15254461fb5df4cd6c21573a96f17b24ae2 |
/data/data/org.vv.homemade.tang/databases/GDTSDK.db-wal
| MD5 | 60d7d7dce54af75c0b366cccd5e63472 |
| SHA1 | fcca821afa9c16770dba477ebefcea02054ce93e |
| SHA256 | ef62f950192116503875dc75a1c86eeeb598477ea20f0bafdf40d1e63ed7e1f3 |
| SHA512 | cecdb4a9ca36a161d5d1e6c9043b00d7e131e4363094acf4cc4856a0bba525ad32abac794c8af151bcd93511323866b002589992c971e3f9641aef423510a336 |
/data/data/org.vv.homemade.tang/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof
| MD5 | 9e9d6c5f3ce459b50fa118885b7d7f3e |
| SHA1 | e8c398f70b3b68ee178153895b39125173039313 |
| SHA256 | 30c4b884f25553dd57241f25a4e32b47048b99824b320b3d87f537ab6034cc84 |
| SHA512 | 089f0bf364af865f45c55068788e98b02f83304a61987c7b486b33f4fc604bafef910679d3519d056187b8f78bcb37dca0c09a52c90143ff06109aad7a8c5418 |
/data/data/org.vv.homemade.tang/databases/xshield_d.db-journal
| MD5 | 579909bb72af271841e81dae345e5319 |
| SHA1 | 75ad026f300cf6ed2a91951dd79fecc83fc6b515 |
| SHA256 | 92e4f6a53af1dde0f8392653295269e3b5a6ce9b2b6481a02093fa78f7e21a1c |
| SHA512 | 1ac34b986f282f56f6d0ffd0e698b08a845440ab516b4e3eea87b15f9d97009297e12ec11b74c0aa0fa0dbfb1a32cf9fd352119b91db146cc5c52fe297bc3713 |
/data/data/org.vv.homemade.tang/databases/xshield_d.db-wal
| MD5 | 3f35d5043ef1bac1e7492cc30bbe823f |
| SHA1 | 004aa6805f3fc0b1ae9ac08d8f21c890487b3cef |
| SHA256 | c60cd84c814d3019efb68a7b4687c16601344a1292193679a7ba823c1dca80e8 |
| SHA512 | 584b5a00639a5b9dc0d9e9523f92379f020b919c3cb38340b57738b3b35b70563a19159d31ba8a65af1e0be165cd568ae60f3ec1523e066373110f26ac6d11f6 |