Malware Analysis Report

2024-09-09 12:53

Sample ID 240614-dxfblatcjf
Target a7d62d48d02d73890dc1606a2e2b8f36_JaffaCakes118
SHA256 8037391f242da972b4fa63660d521f580046f35f4cb7aea5a52ef5f25cceba0e
Tags
banker collection discovery evasion execution impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

8037391f242da972b4fa63660d521f580046f35f4cb7aea5a52ef5f25cceba0e

Threat Level: Likely malicious

The file a7d62d48d02d73890dc1606a2e2b8f36_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker collection discovery evasion execution impact persistence

Checks if the Android device is rooted.

Queries information about running processes on the device

Requests cell location

Queries account information for other applications stored on the device

Requests cell location

Queries information about the current nearby Wi-Fi networks

Checks known Qemu files.

Loads dropped Dex/Jar

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Makes use of the framework's foreground persistence service

Queries information about active data network

Reads information about phone network operator.

Declares services with permission to bind to the system

Queries information about the current Wi-Fi connection

Acquires the wake lock

Registers a broadcast receiver at runtime (usually for listening for system events)

Schedules tasks to execute at a specified time

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 03:23

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A
Required by VPN services to bind with the system. Allows apps to provision VPN services. android.permission.BIND_VPN_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an application to read the user's calendar data. android.permission.READ_CALENDAR N/A N/A
Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:26

Platform

android-x86-arm-20240611.1-en

Max time kernel

170s

Max time network

191s

Command Line

com.qihoo.appstore

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.qihoo.appstore/files/sllak/opt/4213/finalcore.jar N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries account information for other applications stored on the device

collection
Description Indicator Process Target
Framework service call android.accounts.IAccountManager.getAccountsAsUser N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.qihoo.appstore

com.qihoo.daemon

/system/bin/sh

com.qihoo.appstore:critical

app_process32 / com.qihoo.appstore.rootcommand.persistent.CoreDaemon --nice-name=com.qihoo.appstore_CoreDaemon --daemon

/system/bin/sh /system/bin/pm list packages

cmd package list packages

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

/system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 show-m.mediav.com udp
US 1.1.1.1:53 openbox.mobilem.360.cn udp
US 1.1.1.1:53 sdk.look.360.cn udp
HK 101.198.192.67:80 sdk.look.360.cn tcp
HK 101.198.192.67:80 sdk.look.360.cn tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
CN 180.163.247.134:443 show-m.mediav.com tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
US 1.1.1.1:53 m.irs01.com udp
US 1.1.1.1:53 p.s.360.cn udp
US 1.1.1.1:53 www.google.com udp
CN 180.163.251.224:80 p.s.360.cn tcp
GB 216.58.201.100:80 www.google.com tcp
US 1.1.1.1:53 sdk.mediav.com udp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
US 1.1.1.1:53 update.api.sj.360.cn udp
US 1.1.1.1:53 s.360.cn udp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.251.231:80 s.360.cn tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
US 1.1.1.1:53 api.kuaidi.360.cn udp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
CN 180.163.251.224:80 p.s.360.cn tcp
US 1.1.1.1:53 sdk.s.360.cn udp
US 104.192.108.22:80 sdk.s.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.224:80 p.s.360.cn tcp
US 1.1.1.1:53 recommend.api.sj.360.cn udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
GB 216.58.201.100:80 www.google.com tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 218.30.118.222:80 tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
US 1.1.1.1:53 track.mediav.com udp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 218.30.118.222:80 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 123.125.82.206:80 tcp
CN 221.130.199.88:7 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
US 1.1.1.1:53 profile.sj.360.cn udp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 218.30.118.222:80 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 221.130.199.88:7 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 218.30.118.222:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
US 1.1.1.1:53 md.openapi.360.cn udp
US 104.192.110.235:80 md.openapi.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.230:80 s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp

Files

/data/data/com.qihoo.appstore/files/sllak/opt/4213/finalcore.jar

MD5 2a6aa62c2c62f6b427e6ab2512db04d8
SHA1 016b9631f532a3c146e22674cba8af216a441119
SHA256 e4c29335a53c0d6f321a6cd47e6e64bc5e07abe5e87c15cf11b9beb703222783
SHA512 b47e4c1f5190e7b09db56711c6f5cdbc33850e32a596e3efea7fefdc9af81aac159e5a3d03aa525667f41eaa5b5235a60af1faf4be59442a07eb08c1e745e528

/data/data/com.qihoo.appstore/files/sllak/opt/4213/finalcore.jar.tmp

MD5 e39ee0fdf8aa1a4e246e7ad6894fbebc
SHA1 1047c8e3fa81fad5733adfd6f8ca8a4b44b3cf0d
SHA256 13df46bc2c52aa5f0893092ae93287fb34b01b5a0e95500a992a3b0e419bd5a8
SHA512 f3417311c680fcfb908ce291cbc54222a3709e9536c07ed7e842d66855244ef014d9641ccde6f7b909d45600e2589661e98ba9fcc2dd77c78668488a275360b6

/data/user/0/com.qihoo.appstore/files/sllak/opt/4213/finalcore.jar

MD5 b667ca71e42bbeb899566c8834ed085e
SHA1 053a3f889e326efdfa0d3ae7e5b2655f0b7376d2
SHA256 536678202267f95d80480f15065e784d7ec609922a0963d935e9c5a4b0f62bef
SHA512 52255d3d7066d01bd47a9da788f86c707af14e7666a918737fa5ffb4bb003e97b28dd84a7cead3439ee39e10b568c97e80174a80bf776c7dd58335b06656f8f2

/data/data/com.qihoo.appstore/databases/filelist.db-journal

MD5 cd9c7d257eb15821e6b751680129b207
SHA1 252e24b52ad8e971251faf6611ac2d799ff4090f
SHA256 0e37410b9f261d2b5e77db3c8a9afc0c0f770b923ddf0ec5078feb83d756494b
SHA512 c3b52af4fbaf6ea3a803e369c518cbca8e1a2261dd881031f24890109272a60eea6c1c4089f7566e62f3c4825c94a3e01f00edd620d40991224e36764b14e04b

/data/data/com.qihoo.appstore/databases/filelist.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.qihoo.appstore/databases/filelist.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.qihoo.appstore/databases/filelist.db-wal

MD5 a60865db9db70942110880a546c230b8
SHA1 7237b756b144a7831743ae64c913ca03f66449cc
SHA256 54f4b7fab10c2bb88b9246b79c52e9c9784e698b713a6ad5d27abfe22086ae00
SHA512 b63a25577b95954a065b8138b098d515b6416a849dc7672bc1407b787975445b6e2a1436903f648f551f278eaa8e9501a073e79b9d8f4ac6bb7d6256e96fcd97

/storage/emulated/0/.sfp/.sfp

MD5 a7475e568a5415ce73dfcf50556c8926
SHA1 2db192ce1b7ca96dab99878c7b45364e9852c2e6
SHA256 9267b8856abb3b129e3b87cc1b294ae701c9f9923ee072c867b6291b3ee25c07
SHA512 9337b9516f773e8f1ec7e6ea3ffbe858761fcd0038b37987083223655e0da6685860e7a79c4f46986be9c66f345cd4a3893c62f98c9be53a2f00cb88b30e3763

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 a85a1d7fed1cec2744e18ee5ed417455
SHA1 ca682b6111fb225146205bf4548cc4580eeeb613
SHA256 1e1398c62c02bf0e93155d1aaa5329e762443730bb9f2dab8642761e94295935
SHA512 aa2745a6c47207a821fb11ecf6f6e38086d82f0f087de0853c7d02324df48177a3cc0cefa50e5638653a4a5cbd8a7cf3b1e4aede3fd0c3ed6e9e275471e4abf8

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 3fe30614d7e0d11db870b4624f6c50e0
SHA1 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA256 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512 c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

/data/data/com.qihoo.appstore/databases/download5.db-journal

MD5 5b1717e5cc23813e41181473d19240e5
SHA1 76f4e50813d00efa1b6910bb34f009952a0c6c39
SHA256 f9ebf81fb0dd9a463f1662e549b0826647d3a314b2b98add7244dd7df9572569
SHA512 6cc2175cb90dad5cff17bfb907abfee1dbabadce9c05d070f760011a21f8c5a660d3c3b62d48987aff1ea7105d7c59a7392f88086e095f4ed7f42bf30ec2f54f

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 c267a15b00c0b45b43e836c5c00698c5
SHA1 35ebb8895d284f676ca9d5664978c39cdf76be20
SHA256 80c1c8d236c12a7f510c8ff2c3e9927c8608cfae9a5f54c9e5ca10bbea8327d1
SHA512 9670fb8cac279f2920a374b85a91fa483c0929085fb388f12eefd25335b756e9eccb59b8ef7d17d9f0b5e30e2d8b0c39c38de6066f1ad235b9d47b4f39f029b1

/data/data/com.qihoo.appstore/databases/download5.db-wal

MD5 542e9f4a49b5787510850fb43ef6b0e9
SHA1 be237d2e28864522017684ba189f0c43569fe78a
SHA256 05c74d9bf2d56837e68fd1adc87d714cc4b8a455ed7eb7d7f5553f3b4ef63dcf
SHA512 d53e8be86ab0b299baf01c1cbf5d20d2dcd2042e0683b6bae231e820a6be3e8a27f96c7237cdb79824e65519ca778ff609c69572cabd46828fab08d57f14c15b

/data/data/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 96fc2be42aa02a5e9539584d147fd748
SHA1 573e3b0e844e5d51146280d6f98fced2472404d3
SHA256 19c212ec468133c307b76e3f80f7d5a23b87720c85727e3e5f4c1da9d84de793
SHA512 91e5f48a605dab2e439e6c235058e31ac6f9c9aab9444606fe525852f403ca476913eb2dfb01858a33e282966a4e69df9f69b0f23b8d2936f493e396117b313c

/data/data/com.qihoo.appstore/databases/new_downloads.db-wal

MD5 0fe42cb48a43830dd0c9019a75b60331
SHA1 0afecd46795b7e2069475e71fc8fcc884920fef6
SHA256 5544a3e7f0651f5808c5c41bb0c3bf5dd9b865e7f218d77ed20084e4e300579d
SHA512 f85fd9efe68ba516207a50d4cbe0dd7218bfc8af6108e47ee2c2c78b5998df10f961604e3b7547dd6c65d56647ea4a137dbe8fbabb5517625fef58425e8740d0

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 cb30281a0c1c1058baeea63cc3b34d91
SHA1 1f397e3f577d1a0d2f6f96fcc0ff618a0bd7890c
SHA256 9922250e96e8e1d7cea0be348a55058537c50339e7e33a2ad82e902225f222ed
SHA512 5942cef0407df33279daec2b2fe7ad7694de85dcc3de06b884ecc8a743b5912ba541c7ad1385da3efadcf2edb7fbdcd4637ee4c429875dcab3a4e700c1238a3a

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 60e4cf217e77c56efd3707b603797c5b
SHA1 816247b4883d3adb30c4db39fda16d2288e27de0
SHA256 8e2b8343f703045fb8596dee1888f65fc66b64d10304a4a49fd4ad1f63bd67ea
SHA512 22a8cd2974663e8caa220177e7bc64aaf35735dc8abc3870a7e47ea86b02d8b06b041000e5505039b3116290aee67e9645ad2d9c26218749f5b5b2e332712af2

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

MD5 28ac29be8e93df34aecfb4b0237e4b78
SHA1 c794b2c361f2a509765b292db95b97486fd1eaa3
SHA256 dc2a2fbee1362649ed95134ecd9e6b09287b3f51f6ae4fc17269b1a39337da27
SHA512 2d8ffd7dc48cab049f66ba314ecf19c25edd37e432172d7f9f53e7c7651aa7e3d65c7bd058f461fa6351600a13ddbddcc7f3578c7c9bf88008e5f17841af02fa

/data/data/com.qihoo.appstore/databases/_ire-journal

MD5 89ece6c624816bf08542744ae28d9ddd
SHA1 68c05c9b786d1372e471bad9501cca55fb61e388
SHA256 4a99f4b0785d1a658a91a486865eb8825287519925daa3e7b356fca14a10e0a1
SHA512 d4488d92a291d1f1a7b808f77d79f6e3a0922ecfb250b572a8fe84819bb4374d301e77e09d1f580a8e2be91c9e06d77719c6dd46740bb893c9fd3acc39d47b9d

/data/data/com.qihoo.appstore/databases/_ire-wal

MD5 ebced1ac00f5523ac57df0e6244328b1
SHA1 2316ff1dc342c26ab0f8b5eaf5325c653429b1f9
SHA256 07fb8d5be43b9e997aaf0ae35f82229c1ea5ed9ca45dc42cb0d3f322950cc7c5
SHA512 1b8a3ce492463d019e890d8be5d4afc6807834b3414401df45ca3bfc773d4ce8ea1d03c6b91ef83c32c13a53c970a3ebd54b3a0745769819a327c2b261567c08

/data/data/com.qihoo.appstore/databases/update_history.db-journal

MD5 50d295cb1505c10428f748123051de9d
SHA1 4307b18b41484f57b2b38434c43919b74d91549d
SHA256 4cdbd1ecb1b7028bd81081a103ff96bab27afdea486b63459a98ae4b96033d03
SHA512 cd7187c974af20731798f5c3e7a13c373cba62730bf889f9c5565e62e0ed31c5306a41f9ce267353ba40454bdcac67dab4b975654bcb5f4876f8e6a7158a2d79

/data/data/com.qihoo.appstore/databases/update_history.db

MD5 e0ddc29dccfd6312689ea105cf0434a8
SHA1 59191210f5a80bc047f8155ea92544f4095c38c5
SHA256 3079b5c02af6b7ddced940086bf7095b1205bf0f396b87da0d5c5f6d8b5b6143
SHA512 d5ec8a2bd21928c07ada4ab4df8e72b6905872533d01afe4eb243ef06674e630a9834a03dc5fc2f8d487c3cee8aa3b3117e73379ae64e6f4dcf3f8dd0145fdb5

/data/data/com.qihoo.appstore/databases/update_history.db-wal

MD5 5671e8f8a8399447c4e8c2a46215761f
SHA1 014c37abd71866d56bfde6d13604599a0b359f26
SHA256 735d5365b2452b5ffa895ba3c1b8c759086eff0a8baef58682c8ae639392aad4
SHA512 e909f6c63e1a3ac927da95e378b9e7709f2b56dd13fb1f9f40f61d6309be296c068fc9ecee1ca5e275e7ea0a96dd19a38d90ee3b740dfc4d81bf8116a8904205

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 5940b61f59bf969e46b81d198484cfe7
SHA1 4f6d6d79cfbe29ce5faf212fe113c88e5f9834d7
SHA256 ffa76f6b60e20a720bb3b9140b51f8c2f875355c47a6c5f2e1adb7d9993c923a
SHA512 b50ea2797d5288df676f4bf0de89d2c845c57820a9e95cdc82bc76380f5f2a02802a75f18e4feb22908f8f885fe9fd92ba33fbdb850bbb78c76e6cd3fc572baa

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 5634fe0d984ee3a474d0751b751d21f8
SHA1 00ff81f985ff5a4a2c60721c5271b100c691201f
SHA256 f4151dce577f96b71ea630f62e58495dd0b109d8febab9bd3c2fd5c1d9de9af6
SHA512 db05fd38fc386d9c5bff11e804fffdba92f4762f8fe1fb3e142e40de104f53cb68ee07f3dd819e908060ba2ada569be1bd575ba4770893833a954708e96d624f

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 faf43d4e4c5ffbb53897111877362621
SHA1 c0dd56f3a8f7c89e5761eaf9c9affbb8336ea198
SHA256 524dda775a9501ca7ae41a174453376220f957a373e0ffad17d010a4a1785772
SHA512 1f4810f6d8e828ba49c6213e711ea0a9475fc5d5d16b460e828f7146376e2f287143c8d0759cac5b99faf6e37f4775fc53f319e6030a8f755c482d3e43a117ab

/data/data/com.qihoo.appstore/localApkInfo.json

MD5 6214bcdcb03c3d37352dfac294c0ec6b
SHA1 a290fae0842d8d4fca6dc0da12a2f46662b98140
SHA256 702be56b12863581768890c2af945c1a873d05d69de26796c0e0fa1031e08d34
SHA512 0eb72fa2907860a199867705d2f04fe188fe2898cc0a619b7c3b62ef6ca267958427210bbd83cdb6379466e3c551eda3359eb7e50e647a89a0f76cbd8ee430e7

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 ff7f7422ceb2006de68441abc2ca039e
SHA1 05e07d5855d08fcf56cc92567c25eae67e49b910
SHA256 4180f69ace41f4a8f3b244baefc8bf74b48104f2b9e4dcabc8680b2644eae306
SHA512 6761ebce51f33fcb38e77f591be6fc4be492e5d8041260223623f9269108b74bcd3f7789e322cb46e5210fd610159d220af320da3bc9eb2630d69a3aec5c3dcb

/data/data/com.qihoo.appstore/databases/account.db-journal

MD5 2c8e6d84996ac1d3e80b05d6576ee1b8
SHA1 3712c608759842577f5acfc75d06a0fea0f9d472
SHA256 c12c7ec7787ed62ba8eefb76d983c0451c17b99c088c0e4f73aeec65add57487
SHA512 b078f8e60ccb62ff0b2fa42093d0a943b08558d24ba08dd2ad323c623744aed7296fff082b60c6a046de711abff322eac8bc5a149f62e372f7598b18ddd08b52

/data/data/com.qihoo.appstore/databases/account.db

MD5 924e8d876830616bfc401ee5a5e64225
SHA1 1caaa4b15e0e9bdb7bb540c37f5518ceadf80214
SHA256 6a912b040955c84b13cd3b7224673d8cf96746689840d2b3bbe6d5dbdb8c63b9
SHA512 974f9e4d4bd724308a2a066bb8ccdd8355c69c327dc034f8a742d0cdb012e5f4d8544aae43ad8a2ede8e3d41c942262de3dd1c13399677447882fb394b168c1a

/data/data/com.qihoo.appstore/databases/account.db-wal

MD5 ea57e668a411b36ae6b941034607b5bc
SHA1 87c776e7c1d52367c3e769872622f0750c0cd626
SHA256 c22d49ddfc6dc809a526aef3155b1ae545d6f7f551a83ccc34b8d17d0b8676ae
SHA512 d49310e14752bd912fc33310cf63347c353cfde744c5a0ae7197a490da79b16919ce1addbe322b2a9b368eafd1aa5cd519fe4aed58d22285b853b287d5941183

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 d4a373c9512ea0d9b2da159f3642ac6f
SHA1 18ea9703d57f3700eb159d9cc72fcb5dc95081f9
SHA256 117402914f35d9ec1ad06f42e485c46b398eef95bfd720cfd0a7cf1c12da0e56
SHA512 566ff515472b34e80e0cbb641409253dffdde8c1972dec19361908d24fe49a186e26ca28c5f7cb323e5bedc5268557ba343b030c86a8f1f0e807fdabc927a2c6

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 82112c3c20633cdc76b34b8fefcaa109
SHA1 685fb233183fb029f65aca6805e723fdc544656e
SHA256 1d4db1bf597f777a2db1843a4bb82c16ed7e3f065793529dc93609843021cde1
SHA512 b322980ee747c879da51bfd4874d93bb9d5f4da2839f9b82fa839172b161b0239b036cf77679b0ca9a0cd4c0fba5745790c7c26ae8192b8e022b594202631530

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 2304dd698be3705c85ca097304ce7de2
SHA1 325882522ae26bc42927f6e46c489b93799aaab1
SHA256 740e5bd0953670bcc14c80bc032c828420f9460dd3ae0f165774c5ec71584e3a
SHA512 eaab8bda28fd30544fb9d413695cbfe42d3f2f184a77e6c73ec5fbad3621127a01b27f1a5675439a5314d2640ebbdf118f58bc90ae864a2923055ef9f10a31bf

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-wal

MD5 20f4a8f10dd44656918e99882870d6b6
SHA1 c9741646d9eb58aaf666f35d85f1356b08fb4092
SHA256 b7c089005cbc83a74ee581af0ea0b331aa8c78523bc5c7f30ef0ee8559576d71
SHA512 898c318f2813597941a29891817e7cd6394e873bed56403032c0b244d36b35073d1abf2e4913baebc70b1b4c73e80a0f77110cbc2978d505455db5d781dbb435

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-wal

MD5 a8053a9512a5e986ca6b1e32a156f431
SHA1 e5a77753d0922545d6eb8263c9db1b41a1dc60cd
SHA256 7356f8a77148ee8d08fb41ac2224694526f94a8571cd4f27b1cb2ec077d848d6
SHA512 1fa44fc28507bf78d015a78fd4d4a12981ddde78adbf2a5096a4a1c7d34bec8b8a51fc036e99bb1cc1250f88f06aaf1b552c4742eb42333f0bac2ffc0bc6c3a7

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 04183d28d08d24a5b03704e8a44f1e0e
SHA1 3710a7d4f4a50e9a8a14d1cd312291d99fadf7ff
SHA256 cbcd94a175e1689d50dc1d42f20d9238dc71ff218539f8eab55da964e5190695
SHA512 817f91475b63f1e8feb1a11cf55f0409b6728bfe8db1b6fc6db63a7dbb091a144c607b2f339993d79b0a7ab338d02c9612af63296624a1ba1f6de03b96fc245d

/data/data/com.qihoo.appstore/files/sllak/opt/4213/oat/finalcore.jar.cur.prof

MD5 bba60a2e85bf08c8409da051664f75bc
SHA1 99b474734e97975a5689051f43a12eebbd13bd55
SHA256 e745b9dd07b3c04bd5c10a75d668e29eb3045729b58ce269ae7606b2fa09eb85
SHA512 1cc63edd2d3f062014950847aa51d75b642ca2170e614957550db329ca09b1166eaf27b7a19445b7f5fb33bd9e31c1dc45804e88aae2e3e9e9e52ce46b5749c3

/data/data/com.qihoo.appstore/files/sllak/logcache/log1718335405437

MD5 18d9e237e07803cc48955fbdbc6648b2
SHA1 cfcf22ee52825b6dd35b6f7b63293b6fbdd9ea9a
SHA256 8b5f1437f166308a12c3ad20e174111ff7bf98ddaf6c6c0b95a43e2a8f9656f9
SHA512 0fb87968ff23287f4885b706e7c1cd12f6931fe128497ead1cab1a6b3afd85db300175aecdbba6c4e169485adce485db6ae11d7005e0454491bf90e8dcb1485f

/data/data/com.qihoo.appstore/files/sllak/logcache/log1718335405338

MD5 6ad8487d58dae94ee9f08e765f664df6
SHA1 c4bede3fe9053d6007b3ca50c2dd5bf7d29c6e9c
SHA256 c1572b9f09f15947f220ade696ac7443b003775c8f19129c08a15836c295280e
SHA512 c8d29df15e30fb73c240f92025d11f6010c8b504b99e3131704cecbd95f6ec35a62a48688b3460a2de3a10ad4bb7923f8e03e951f90a900d16be035ad81bdd6e

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 a84c15f10b743350ae0ebaf7bc562b85
SHA1 d580f4217fee8e3279bb30fb30710f7f0409ffff
SHA256 ef73ebe0033dfbcb7d8fc80cdfee38269aa35bcfc36bbeb349034ac264065d1a
SHA512 50cc85de9c74ba555483a63051e9283520fa9727721b5ca59d3071d3c1e7997f9e6db6ececb811ccfb8827b139631729115d80578550363cab40fd4400dd875f

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:26

Platform

android-x64-20240611.1-en

Max time kernel

170s

Max time network

191s

Command Line

com.qihoo.appstore

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A

Checks known Qemu files.

evasion
Description Indicator Process Target
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A
N/A /system/lib/libc_malloc_debug_qemu.so N/A N/A
N/A /sys/qemu_trace N/A N/A
N/A /system/bin/qemu-props N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.qihoo.appstore/files/sllak/opt/5073/finalcore.jar N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries account information for other applications stored on the device

collection
Description Indicator Process Target
Framework service call android.accounts.IAccountManager.getAccountsAsUser N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Makes use of the framework's foreground persistence service

evasion persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.setServiceForeground N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Schedules tasks to execute at a specified time

execution persistence
Description Indicator Process Target
Framework service call android.app.job.IJobScheduler.schedule N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.qihoo.appstore

com.qihoo.daemon

com.qihoo.appstore:critical

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.232:443 ssl.google-analytics.com tcp
GB 172.217.169.10:443 tcp
US 1.1.1.1:53 show-m.mediav.com udp
US 1.1.1.1:53 sdk.look.360.cn udp
US 1.1.1.1:53 openbox.mobilem.360.cn udp
HK 101.198.192.67:80 sdk.look.360.cn tcp
HK 101.198.192.67:80 sdk.look.360.cn tcp
CN 180.163.247.134:443 show-m.mediav.com tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
CN 180.163.251.81:80 openbox.mobilem.360.cn tcp
US 1.1.1.1:53 m.irs01.com udp
US 1.1.1.1:53 p.s.360.cn udp
CN 106.63.24.127:80 p.s.360.cn tcp
US 1.1.1.1:53 sdk.mediav.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.196:80 www.google.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
US 1.1.1.1:53 update.api.sj.360.cn udp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
US 1.1.1.1:53 s.360.cn udp
CN 180.163.251.231:80 s.360.cn tcp
US 1.1.1.1:53 api.kuaidi.360.cn udp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
CN 106.63.24.127:80 p.s.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 101.198.1.205:80 api.kuaidi.360.cn tcp
US 1.1.1.1:53 sdk.s.360.cn udp
US 104.192.108.22:80 sdk.s.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.251.81:80 update.api.sj.360.cn tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 221.130.199.88:80 tcp
CN 221.130.199.88:80 tcp
CN 106.63.24.127:80 p.s.360.cn tcp
US 1.1.1.1:53 recommend.api.sj.360.cn udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
US 1.1.1.1:53 profile.sj.360.cn udp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
GB 142.250.187.196:80 www.google.com tcp
CN 221.130.199.88:80 tcp
GB 172.217.169.78:443 tcp
GB 142.250.179.226:443 tcp
GB 172.217.169.10:443 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 125.88.193.234:80 tcp
GB 172.217.169.14:443 tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
CN 180.163.247.134:443 sdk.mediav.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
CN 180.163.249.138:80 p.s.360.cn tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 1.1.1.1:53 track.mediav.com udp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 180.163.251.224:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 123.125.82.206:80 tcp
CN 221.130.199.88:7 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:7 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 218.30.118.222:80 tcp
CN 180.163.251.224:80 p.s.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:7 tcp
CN 180.163.249.138:80 p.s.360.cn tcp
CN 218.30.118.222:80 tcp
CN 221.130.199.88:7 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:7 tcp
CN 221.130.199.88:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 218.30.118.222:80 tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
CN 125.88.193.234:80 tcp
CN 180.163.247.134:443 track.mediav.com tcp
CN 221.130.199.88:80 tcp
CN 218.30.118.222:80 tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 180.163.251.81:80 recommend.api.sj.360.cn tcp
CN 221.130.199.88:80 tcp
CN 125.88.193.234:80 tcp
CN 171.8.167.69:80 p.s.360.cn tcp
CN 101.198.1.205:80 profile.sj.360.cn tcp
US 1.1.1.1:53 md.openapi.360.cn udp
US 104.192.110.235:80 md.openapi.360.cn tcp
CN 125.88.193.234:80 tcp
CN 180.163.251.230:80 s.360.cn tcp
CN 180.163.251.224:80 p.s.360.cn tcp

Files

/data/data/com.qihoo.appstore/files/sllak/opt/5073/finalcore.jar

MD5 26ac5cb4c2a0e81b97afded7cd789d23
SHA1 60b894c6812bcefd4007ec647031e9772d217010
SHA256 86d2dc12b65a52c32a1a84b0a875ed89e0ee0898b1149f8daf7200b77a750631
SHA512 24914f78e94b77488268513ab156f33363f11299be7246c31f311590ccaac321a1126a605c71f9f8ba7fd2265e7e93ba42e175439c37ebb415e6043a84781622

/data/data/com.qihoo.appstore/files/sllak/opt/5073/finalcore.jar.tmp

MD5 b7636cc1c67a191328d24637c6aa3c9c
SHA1 dd75df0885829cfacc5199a5c678ebe5607ec845
SHA256 f8b720d6348eb4cefb1256625d9dbdca4eee712195c97919ad732c34ab9cd7a3
SHA512 84706786594b9f3e25b9f288b766817a4a9985daf529d01ac975a8a017c85e428d059931edf664b8e1c27a002718e758d3d34b5948ba6b1d9d9b07b875f12422

/data/user/0/com.qihoo.appstore/files/sllak/opt/5073/finalcore.jar

MD5 b667ca71e42bbeb899566c8834ed085e
SHA1 053a3f889e326efdfa0d3ae7e5b2655f0b7376d2
SHA256 536678202267f95d80480f15065e784d7ec609922a0963d935e9c5a4b0f62bef
SHA512 52255d3d7066d01bd47a9da788f86c707af14e7666a918737fa5ffb4bb003e97b28dd84a7cead3439ee39e10b568c97e80174a80bf776c7dd58335b06656f8f2

/data/data/com.qihoo.appstore/databases/filelist.db-journal

MD5 9955a7c935deb5e3fba24f329bddadd7
SHA1 c27104ec11ba919a0d531aeb218dac835e08ed4e
SHA256 e3804cbb6353c864f79b12ed8511c4be854c074ffaf7f06009d6d9c2fd80cf16
SHA512 e78a96313d04dd03aac9e735ddbe35f6d4a566a275f58b244c77be9bb8154c7a331e572befd0c993fcb8c1d5e3c223cfe274c45d6cee497c335108aa5e0998ad

/data/data/com.qihoo.appstore/databases/filelist.db

MD5 7108959bf1bd714b4a1dc59019da33af
SHA1 c93cfdd0dafca60ec6228c356cace07bd17b8a64
SHA256 66545ff7e140f97006a64c465a980d9005cc35d9a0163c399c53b228eaa5a8ff
SHA512 01537f7cc69996346b2b286be974d47a9cbbab103c12bd3831c178d712a135fb9638d7eb5dbb01b750296f5a7aa815d3b97563fa07c90ae224e34fc79f9f8920

/data/data/com.qihoo.appstore/databases/filelist.db-journal

MD5 52d30fab9c44e03ee0aa05b29ef2178a
SHA1 9cf7780a3e1283ab039dd3e5aad60cad2847f618
SHA256 23ad0663737a5f689fdd530fe590d9ff5b3bbfee158ff10655db102412d3c3c8
SHA512 ac7e774d92af7e380c3253400bef1dc2902a30de083a85afc8a1a8199a96408f910940b86f57f3429a4d8ee8b0756bd479fbe17f09474799e858dc8f2ccf4de1

/storage/emulated/0/.sfp/.sfp

MD5 7b4404dcd41c943221cf69785f8005c7
SHA1 a923897e10aae4d24d998baf44be9974ad7d5419
SHA256 8ba2815f7d1c8fb3f5f23b671fada61bc02e07f9158ce7926ed8465851f27c5a
SHA512 d4d016df07fe622eb52f0c1e4a23c9c4c3cce3b9166afb406f25c62030dde1c5c358c26734e542310159a00153ae43b250203c2f62a8255ea4197396418a0e43

/data/data/com.qihoo.appstore/databases/filelist.db-journal

MD5 5d3aa317ba5c279ea22ee8221669f6fc
SHA1 1ebfbd63cb67df3ae318c39a492feb6f03e879b8
SHA256 c761e026e2689944d724eb300717d72243a9d73030d1da4aa05e25f5bfdc1a25
SHA512 c62e04a34fcd38fdc2de6d6b64f9fa1f35bc697a57979181f69c7bace825f776ba0089131b0ec90c0f6bc87feb94fc451dfcaef2401510981f21e8fd7184637c

/data/data/com.qihoo.appstore/databases/download5.db-journal

MD5 b83b17cbf252785822caa79a463df999
SHA1 69b212e3ba20704568662a670eefc170e7293c18
SHA256 906b3eb2c03137300f0ea78631a3f2e4a36ce881cc194e50c5afded3ff4ae075
SHA512 b56c5a5a2e38cf63c98a8197de1872715abad5a09c9b300a2f56ecd63d7b8eaafb9be6a698bd33352117a4b89cc575b7c821db91b3b31d1ec9332cd674c9dd23

/data/data/com.qihoo.appstore/databases/download5.db

MD5 fc8157c20aff4c65d310c8b1495a6c09
SHA1 527adb90ff40b74b6b0268a5018d8af7faf53c8e
SHA256 d3ac468ba80900c4780701925d0a9b119be2317ba08a41b5c7084965195d56ca
SHA512 d962ea97226a5f9937a55dc46fb1f3ba4fb0782dc9a34ac362000d7e2abb4d9c2cbc7bde310708a4462bb5e8af7ee0d6a4b87c0410804a71d0848537ea6b9fd4

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 841d0cd08409217f592a7fedc8cd2614
SHA1 e72ce091ccfd26fad0911084544b40769921212d
SHA256 78397f7f36fd9ddb50e4be32cc43ad1cd2859b9d61a43e27d81a85cf6bacc731
SHA512 34524ac78932f5d12dfdfc520e8d970961e5e318d86b612e25415656220b22b6fc1953f0a3f61fd0eeacf239ab4f20decaa7b44e7d1b0c1d418584c9d80cfc7a

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 ea628e04765adaf4238a5dcdff4bbd51
SHA1 a801947619ea8c368efe9c006a324dc6339ac60b
SHA256 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512 c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

/data/data/com.qihoo.appstore/databases/download5.db-journal

MD5 e05711aadc551b5041e86845021a3f51
SHA1 fc91c3b6f1d506824aeb956c3c632df081b992fa
SHA256 310db09ac9fed0ba0d267362450a3efa3cbdbc0db6c83fbd37cc96e324976e84
SHA512 2762bd53550750ea854baa497dd6ed5aeb917fed7ea2150bd69c51fd27e9cfdb6065109b93e3a4d7a27dd0d479032507a85cd6c3d5b4a17f79b44ac20e480916

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 3b9c0f172b6628525f56f0a7db3c3954
SHA1 6889aadb2e50857081d1edd338b7a668cecf29b5
SHA256 154816a50b6b61ee8613ea14b65aa5bf7d75fe2896b8a2a1779165c7e95aabdc
SHA512 0c4651e63f819ea68408654a5596b2e707a316209a418c35bb250eb170c19c97fe5d41e74079e2f74ef1541f8f5d2bade6b80cbde4ed278c3317496043e6c79f

/data/data/com.qihoo.appstore/databases/download5.db-journal

MD5 776a98955d5b86cdcfb31748c39e1341
SHA1 3b70a79317f87eb4a4d073a45a29c40fdf30cdf6
SHA256 f24e3aefbd4996b154e89047e141be58e5d422ac9694e38a2a2ea99421a14066
SHA512 04e729d095df36aca2b70ff341d50e29dc376fc28f795fde6c1ac056acb5b3ea6ade89744b332a653373424e49a2b49ca47c212e6e850d58c5c5e03dee48fa77

/data/data/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 1df1103b9d32d74578f9efde8f90214e
SHA1 06457c3a0f96d70992bc625610de3899f2656f07
SHA256 656cbfb4c9e9b25af814c054778f1ac947abb7cc157a42de52c1618f550600cd
SHA512 76cdc11f4286a4e08ee38f4d4bd7d22c468c8681a62466a31ef929d10a4aa9cb5f7800f7bbaf44db081318998aabfcb08a2923547e52a87474cc4a824bcc53bd

/data/data/com.qihoo.appstore/databases/new_downloads.db-journal

MD5 291dc13836eeac0177760feff8dabace
SHA1 5083b95e9c3ca1d4a309fb747b5b05436147bd79
SHA256 abb9880141e6de31120648ffe0a21af7df2de2424c55b7522dae3968c8c35e5e
SHA512 4f60c377251188a62e34cbc9dc55e41f0c25f3e5bee2ad76315304e68a967dd6d7dafb1bbbd17a0319fb9a80da9d6bd67d4053f29ba546f33132ebc9189991ac

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 82f8355eaf6db5014f292af605ebdf88
SHA1 aea770a240a86c8c30c6a6bf639c3f5c85bd5a6a
SHA256 f25070348711dec7c8b17554f1e592fdda7b52dc3542b8904f36e6927defebaa
SHA512 d465a175672befb4e4eeffa1246faa7fd7078735de19caa2f5edfb4f6811af69b1d530c5d2f08d341d0bb29182f7396142118315245a698dd48939c685ffa3e0

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 932058c83d1f903c515b112590a35051
SHA1 ee90cb29f0554168077f60ae66d458a22218824a
SHA256 ec21c5db01d91ef738a7d990bcd11337bae4b475d9127eb5675657c68e881676
SHA512 940b6557f623b18787bd549a84f5483da73a46429d5949f74bc7f13d0dc74dc620a40ae5489508f85463c256de5f71751c72e3852c6a722a7ade4b98ee2b072a

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 be2a6d8756a20af5d3983f89d9f91b1c
SHA1 1eec79bf4d4d664e37d287460ea6c7e0e0d9cea2
SHA256 faa7561bf31ee9bc54655700b3c5ff6dee69a4be1e05024fd6288ec7dba49c3c
SHA512 ff8fbe4458cb969908994b86120df0e304f453908c35d2cacf0b94d1a472a66861c5eb8c181d07c4756db2127acb24eb070dfc5d00415238523c953745337a8f

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

MD5 7e9b7aa44757137accea7e93924f1ded
SHA1 6facca2cbe6c1ee3686b37fa796a6e1746034cbc
SHA256 dc60f3e6c2805e9a91ac51dd093a8e84dd4478ca278c98cee95b65deb775c701
SHA512 3735fd571c1b9412e6d612277ef6d9f0a1f86240504bb700ef55ad797677685197bdefb6c86b237554b85a406254cd425143bdb13f00db1dc83a96bcf6588b2b

/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

MD5 0685bc716a586d0f6b849b97d0fc2d02
SHA1 fb3ae859d35e4e5c86af4a045c8f7126bbd4e73a
SHA256 c7f6ba4fe586c85516bbefb4e5702ce81e8b5b573f413fc5304f38f2dab69c3f
SHA512 04cf6da457e89dd0061334477ee24b39925fc4bcde182692732cbf9694a81ca89bfefec38ebc56e02555630ffe8f7f0e5033168294d8d6751c6aba914617dd00

/data/data/com.qihoo.appstore/databases/_ire-journal

MD5 cd1b776fd10aaedf4831d810213d8298
SHA1 ec2e09e295134cad57187b1dc062954e4b6586f5
SHA256 d7ae9bb0bd9a7f7359ec2d821c07573ab4093c679f7db8fafd1991a238aa0b0a
SHA512 416256b00931783bed78bafc5babdc724ab3ed31bc94a386f50afec78ec41c8a20b0ffa5d37a2bbd33804cfdab80f8ce16d1c55ae07f9752bb92f52923300a07

/data/data/com.qihoo.appstore/databases/_ire

MD5 6da302a2e5fc0263420684f38a00e3fd
SHA1 9e1c35e91c3b84600dd8ebc10e072ccb91b5895a
SHA256 a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2
SHA512 6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

/data/data/com.qihoo.appstore/databases/_ire-journal

MD5 77b75900dcce92e8ee9f79fef9909d52
SHA1 d8217d007ef072aeb8f338eb7657323094bed57a
SHA256 f581c6f3e138e80bc6af4ab51de31cfa9e26a8995a9215263780d545f7bc5bcb
SHA512 481c441c8d1637012e166cd33a1bb275dd6b90f576ae84df41e489ea574d48cd5f87cfa795c7fad93da7235762a360ad8925581ddc0814f47840ae80dc8cd119

/data/data/com.qihoo.appstore/databases/_ire-journal

MD5 1a7450d345ca891557244250bbecadfc
SHA1 aa971c7fb86e1118870888775835443d41892f8c
SHA256 5f5d2bb568bc8137f7a093cdb372532f92ab93fcfe3445e4c8d896916e185106
SHA512 e4bc1d40c10894257aec1bd5d36a42de524593f0af595a5e332a215a1299ae0d7f89286540469afeb46f8ad9f324546471018b8f049eb744547538b373d0b1b7

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 c06ff9896162c28b8e567fd9c42d0fee
SHA1 74f058cf5dd512c1d66f768611f185108c3afcce
SHA256 726a31fdb415181ba383d914d335d99c6217086f49810911ec5eb9dd34dfd875
SHA512 1ecf677b30918e854c36b2c80223374fdebf9e3009ae2645d3b12caed1911f577a4363515cec4bea78db91ea9c8ecad3630b40240119ee90311abfd8408c075c

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 744f58e6f5e2c7233e7666bba1eb7348
SHA1 d1e39994b6fb03e2fd4ba21245fc06d38956f1e4
SHA256 92754061a016731788ebb854e0a6fea5e8969aa0735fb828d7fc0481e9597cb8
SHA512 fd95fab3b2e7920ccb710056f60374c6cb34f5a25c07b0dbbb575ffb44e996b96647c6098ff848711ee9541c2cdedf88476d69b6463fc83c64eb1bd77c6b09ef

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 7f5647fbe854314e9639c8da0207c04c
SHA1 36200b89188d9ca1ca64738e078e79670045be1f
SHA256 39c609809375e46ff896bb217dc80d7d85b72dfaad9732a809ca8206b96d9ae1
SHA512 c1b0e54c70060af8e092850aea2e31cec26d13ed253f411384f3bc59b673b9067cb86603f4541f959f8ac4ceed7952bd16a7c76640a70fd4653ba1d2cca29c71

/data/data/com.qihoo.appstore/databases/update_history.db-journal

MD5 02cb60f7cba8a88af55cdba1f2663b61
SHA1 289e44692e7c1a35a7cae2cd8f688d2436fb3aac
SHA256 15b65a33b09acb9dba03acbf8b86efa1f3b7c8560af8f9c0b143015fba338921
SHA512 68ea13cf563f0400fcd2b4aafea4f89df503258a47ff5542ceef25b9e260f9485f3d00e3b53ff1f15b8ecef05d51994b412ea74e4f651d589e0c50bb995d8a33

/data/data/com.qihoo.appstore/databases/update_history.db

MD5 63034ee19c8ac183f4be94f0e4350592
SHA1 8bb94ab357099476de70fa34031349c4f82c8f12
SHA256 fc8213a10a4907987570701d47828767ffd9517ac55111519fb6c909b015ec7f
SHA512 14f6fb8b3648f247bb1c675f5e10f0259845c7a6c559d960ad74759634c1bfc92e0f41cc4cbc973cec45395b2269c885f9dac07d926f490f505cf2a89bb93aaa

/data/data/com.qihoo.appstore/databases/update_history.db-journal

MD5 9cdd3974a38e7c0bce4d4a297d93b36c
SHA1 ed238c3637118ffb6536a74cd8442328dc3069ce
SHA256 2c8d9359991210e2ddff232f4f7dc479785d1f2b0a6db5561b1f26858a22e0e9
SHA512 586b65f871ce8fa29f3396d0926d00a06227fbce8a0aecd6179c0b36d39b230482057d53a444c237e8f459dcca1072d3316543276c0b2e5cd1b1ae5584277341

/data/data/com.qihoo.appstore/databases/update_history.db-journal

MD5 6d1c08e60b205a27cad9891bc36776e2
SHA1 2c7b61d3c300c473b64113a9187a9f21aed863b7
SHA256 107925550efdf85f1711ddb91e5358920808007db19b12f569396f5de0fc50ce
SHA512 4d312d5eaf765ac652fdeb118b4d39f90a9df5681b91226d6deadcb0d964cad04e70b0196af674a78c5979de730a8864bbc900e6a8fc18564bec066f78fd19ec

/data/data/com.qihoo.appstore/files/360/sdk/persistence/backup/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 939ce8ec2126a87c457f3f07feaa0af6
SHA1 3bf888b5c1ca8a99ebcea3252fe0ced93079cea3
SHA256 05c3b66806b7192c797657ce5277a7f3550fb9a15308d3a820e1adf996e90836
SHA512 d0550a6a929a31be2cd8005f322bb048c710cb0e2aa2ad5ab5859a415f6978d73d141253055813c6d16efeb998e6ff96943c2e6e4ad7368a5ef6a9932c7aded1

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 b342a97dd39aa29d338d88b2ea5d7e6f
SHA1 6c5518520016473d456ccfcad49d161030f01b40
SHA256 320b604569c045696c1b07be0a4ceea6e576132ced1e3317821bf7d50daff547
SHA512 3f6a7783f97c115aa0cf23c360f81317a649bb19581dc3e652eaa6872cecb655997d74af98ffdad9ef35bd48859fab9befcf1dc6f151e364347ad868fcfc9782

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 fe15a7ecff0f12374142aba32795f926
SHA1 3e04da88abb48e05bcf2adefa982e4a4f14ab1b1
SHA256 f6dea24f0e22dae7536b02cca68fd8439b651690c71a9902210687d9ee263167
SHA512 68bf12f585976576678fbcf0bbae2207bd5615dfcc91f5328937be9274b5b9c3b4372ab92337b22442724fb74eab704737e0369b3c37122d6b8043b7150c9a68

/data/data/com.qihoo.appstore/databases/account.db-journal

MD5 3d5c46e682f4988b9c6b6b5e52ec7294
SHA1 cf67d3ffedb26f7d11f5e3d3dec36675df6081ea
SHA256 9c34d2e6a40671aba51f97873cc3a2a63754025b63b1b726e1090e2d4234d55b
SHA512 6f7b4fdb6ba4624e8d6c113d21a77c70d7b44e68456c2afab67a2da62a07fdfa08606ddaef6229c3913e07c8d7b9bdae13c3bc3ffb1b65a980c94828afe7eada

/data/data/com.qihoo.appstore/databases/account.db

MD5 f630f8cf9174c836248b6d30cbdd5779
SHA1 4db6d82e8e17de9fcdf0ead09e97123cda1ca86f
SHA256 ae606221ff789289e1c69cd9f79ee035d1c587a96d556ad8ac6ee91fe6741041
SHA512 c5045a96a9214932971165424348327e2396c204839749884ab3105c7d185693c6900acc3d52cdc1463633890cb123e21abd7e68d71907c043d37f4b52a7ec5a

/data/data/com.qihoo.appstore/databases/account.db-journal

MD5 73a9948b123fb4c30eb9aa096727fc0e
SHA1 488bb04fb3f2a4d5061dc90543de0b84a07c01c1
SHA256 5e3235da93009d3ca0c98134eaa4803c39cbf7971200625137647aa19ef7359d
SHA512 ef1ce17e8fbdf6954290f2870a40a865383f6ba3279c102f825015bfb8434440b906ac53b4477a03e1650c28679be0bffb64d200e03f045c5e3c070ace800be7

/data/data/com.qihoo.appstore/databases/account.db-journal

MD5 cb5b325a0c38e0f3cf6df539a216d5ed
SHA1 1cc914cec980c43ba1cee07894b42655386b8195
SHA256 69468ef8c69de7ce308faf6ce5f224d99cfd2d89708bcb98751ec6be7925b944
SHA512 2441724168995b13b7fc93bc063bd9b3b2a4ab331b4fa62c249fc67366d5ed8729bb45b9287889386485f3af446b99534ff45fe05bed4d69523c6eaf2c609600

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 8e0aa7b67f79936c13ef76ae944dfd40
SHA1 f94e573321309e41ea9183d44dfcc39a78a974d2
SHA256 b26913a2dc93429cb46be08459f793dceb27677b16f8bfb63a88629b5fbcd9aa
SHA512 6787f394dfb8d3d9d2269dff2136238f0ae8bddd515b5b2153607feb6da924938eac9d08f019332f8df01a13419b89d983ad465b3d826aa2389d646897b416e8

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 1c47f75e9a4e8e9d6683b7e28a12d3fe
SHA1 6e1f2af227dff289dbb0e43d61aed7d89cdb74eb
SHA256 b88a7bc764a7d524046e8d6d8ca9dd6ea0cb399d8ae05dc1fd9ed33e67e7242b
SHA512 feeda846637e3eab6b6da6ab9002009b290dd1e74463819cd51f8505cdfcf7ca1b414c052dc334337e6dcc43d23ceaa7d1aa72e45357877f2aa3b0d089ca5965

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 073bf578f358397eb0890a40280081ac
SHA1 3ef956e97836079ef32105e6f84b401e7dd4d10c
SHA256 c48a18c175de831a21353fb0bdf0d3e43b83ba7655982152df5cf0100b2bf37b
SHA512 22c8bca8429348bf9c0614ba55e6e8dc865cae42306bda2d05b588d7ab34ceda0071695654efe0a429cdf5a6ee812db8d18ba794a80be2512c5305bcdb314134

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 10ca9d2099c05695912ae439839a6426
SHA1 33a7d46dafe627fa26eec05594e859c7bcdcd5a6
SHA256 d939e65c5cae57eb1e571a438e1a8b38645e2447cffc0e875fe6d98a589c5529
SHA512 386af0f16f24777d44f8da497c9c30099e0de15753870215500be5e13c7d9ccfa64db17f894865b6d5bb1ea612a9765ba6428f4a541295ac26b77e7e2b6e00a8

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 0fad9e23ad8dd71eec50763713619e53
SHA1 87c1c84ee76aa818986ad539bc7f0ca5206506c5
SHA256 8f3648d422d180f8ea6d7f8887b56b43c20ffbbdeeb589c396990797c09bbc72
SHA512 59f8176e71bcc764219da35af5c21c67c38306c0ec77a225a60931d33dfeef92ac7c9902c5fcc3e23d4f0ab71d25b4d4a953bc06cb97c2b01bb59d680aefbfdb

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db-journal

MD5 f2fae6ba5cad98d11d131033d52b2554
SHA1 d0e4d02b939c5941ae33d62c6a610ea23a8e2177
SHA256 581c16b800f22a579b812de89dbf7be0fefa02f9e71f2a502b34d3c7d4d321e3
SHA512 62de68263184265463111d74186df6ec602efda02b79df108f8fc9ae44d618b7a8081382bedcf7582cd3c59faab22efce5fbce7523cdbafb192751d07c23cbb2

/data/data/com.qihoo.appstore/databases/360appstoreInstallHistory.db

MD5 68a663c3f95568e27a9480c447c29c1b
SHA1 bdbd0c162d679fc3e2f96beec7b3fc21be4cf78b
SHA256 442847f7a12c988f83a674323cd5da163d5ec79152b658abe27baafbf70935c4
SHA512 b3317e0dd3be80101b53bd0eca193f4654baea2c8682e0d880afc248f142c6e34c22f5ecd689e56914954bfbc842cc450fa2efe01f668cc8315250c3b4d706e2

/data/data/com.qihoo.appstore/localApkInfo.json

MD5 59054972761dac0f8009b820774600bd
SHA1 2ad3c2371964ee054048286a43a5a9275cef5cb2
SHA256 69ca2977b2d2e8b6bb65025296d2353ca3ef41d7ea0929e77f4baba8bb8c5012
SHA512 7ead3d9947471f810c074de65bc22097a2ca9c5099f2c5d764e4817b6066f8ebae284cac2677163c365f57f9868e49d235f8fb617b0b261b468676f44b51f8b8

/data/data/com.qihoo.appstore/files/sllak/opt/5073/oat/finalcore.jar.cur.prof

MD5 3e18d7736f37f4d7aaa45759af8cabef
SHA1 a50d75b2ed7b1c211ce49fee102e44418ee65037
SHA256 0b845dec37de9926614c28e54383baaacc9315a7ec8006a27163c2ec0a2941f2
SHA512 91d7606bb1620ce9c88d7ed8553b4bc2e1dde50d245d3f0ed31a468ab636809f7506c7cb3d8a7957e2f72efc08e0348789fa8e64f3599c48307867fb3e1d8fc1

/data/data/com.qihoo.appstore/files/sllak/logcache/log1718335403606

MD5 a0de6f1bb088550bca12ff07e1949e75
SHA1 d3819b15345f54698ba433da7fac276fb6a164f0
SHA256 5c89e1f9e1c5f598aa2d3888bc77ffc6b14c7893a7f1f54f5209b50e26391cd5
SHA512 0e5ec236263d496288b3fa832a4fa998756269317ea1010cd1934839f86b0cdbc51bb8801e498a2d80adc8453258b7ad1c0d1b5aec7c229d66f3ce0dbf2139dc

/data/data/com.qihoo.appstore/files/sllak/logcache/log1718335403891

MD5 9c0713a6cf631328aff4d3803d54d115
SHA1 0e9192942d2827b58c2248403d74c04ce3dc798d
SHA256 3c72b77b7517f2aa123ef5f1357669b2f106ee8d13882e6cd9cbf92a43039b28
SHA512 4ea103c79fc7d774ad697e67cd5340719b3797dca8e09cec4d3f384b5ae3ce5eea265155cc1e6f7a7db26abe79d93156e57c6e79f69a19158f31615c5f2ae018

/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

MD5 177babcc00428b75313185133dde5b5b
SHA1 3daae99e2d84020315bca310bac5b42a562ced50
SHA256 2f36d4f4b234290d37cab526c5a235c06185657f8b09d1c0bfb2a932881c2928
SHA512 89158978cbf47087b553603dde9cc34ac6674723566de49da549dfc7f348a428d10657190272c7e779cfa7764d930096a52857174f1814bb1908fe61dbb441e9

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:26

Platform

android-x64-20240611.1-en

Max time network

133s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
GB 142.250.178.14:443 android.apis.google.com tcp
GB 216.58.201.98:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp
GB 216.58.213.14:443 tcp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x64-arm64-20240611.1-en

Max time network

9s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x86-arm-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x64-20240611.1-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x64-arm64-20240611.1-en

Max time network

10s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:26

Platform

android-x86-arm-20240611.1-en

Max time network

152s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 172.217.169.74:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp
GB 172.217.169.74:443 tcp
GB 172.217.169.74:443 tcp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:26

Platform

android-x64-arm64-20240611.1-en

Max time network

159s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
BE 108.177.15.188:5228 tcp
GB 216.58.213.14:443 tcp
GB 142.250.180.3:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 1.1.1.1:53 growth-pa.googleapis.com udp
GB 216.58.213.10:443 growth-pa.googleapis.com tcp
US 1.1.1.1:53 lh3-dz.googleusercontent.com udp
GB 216.58.213.1:443 lh3-dz.googleusercontent.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 1.1.1.1:53 lh3.googleusercontent.com udp
GB 216.58.213.1:443 lh3.googleusercontent.com tcp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.184.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 1.1.1.1:53 mdh-pa.googleapis.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.213.4:443 www.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 172.217.169.67:443 update.googleapis.com tcp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-14 03:23

Reported

2024-06-14 03:23

Platform

android-x86-arm-20240611.1-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A