Analysis Overview
SHA256
af7d7ad5718e1f2b319073395ac9a8b4331a1f6a7f0a21e7e5cba8354ed43c18
Threat Level: Likely malicious
The file a8a91b51afb1cc174ebcb207d5ba7129_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Queries information about running processes on the device
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests dangerous framework permissions
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about the current Wi-Fi connection
Queries information about active data network
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 08:07
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 08:06
Reported
2024-06-14 08:10
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=46 --oat-fd=47 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.xgbuy.xg:pushcore
cat /sys/class/net/wlan0/address
sh -c ps
ps
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.sobot.com | udp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 119.3.253.130:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 119.3.253.130:19000 | s.jpush.cn | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 124.71.170.130:19000 | sis.jpush.io | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 124.71.170.130:19000 | sis.jpush.io | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 110.41.53.90:19000 | s.jpush.cn | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 124.71.170.130:19000 | s.jpush.cn | udp |
| CN | 110.41.53.90:19000 | s.jpush.cn | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.92.77.21:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.31.166:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 110.41.53.90:19000 | s.jpush.cn | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.31.166:19000 | sis.jpush.io | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 110.41.53.90:19000 | s.jpush.cn | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 123.60.31.166:19000 | sis.jpush.io | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 110.41.162.127:19000 | s.jpush.cn | udp |
| CN | 123.60.31.166:19000 | sis.jpush.io | udp |
| CN | 110.41.162.127:19000 | s.jpush.cn | udp |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| CN | 123.60.31.166:19000 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 1.92.77.21:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | aa01dd97609092ce310e17bf791069ce |
| SHA1 | f000840a8f68ea7beb2e29ea466088daf55609db |
| SHA256 | e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2 |
| SHA512 | 766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 2a9391172256c79ef8abbea96b7b1450 |
| SHA1 | 25b4e1b87a12410abac9b6931ac4045c3b09ab76 |
| SHA256 | 057524f76c6240486c41ce6bb5004173c81552e9a6019452025c8e28ba1e3559 |
| SHA512 | 1c53da79ecbed23afe1f7031d5d8029049567279e9297ca335fff52004b74f8d66bd00e3d2ea8f9f32faeb051617bbd686f05ad8e691cf5b78f450ad8b1cdf4c |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 87cef9b102aaad85568ed5ee5a204093 |
| SHA1 | 27adae802d638c1efbe07557afae0f3b1c1ede13 |
| SHA256 | e9c4e1b3287e667d1999f5c892b93be28b8305bf21eec2da29fd59cfae6bb1c5 |
| SHA512 | 5d0a8805d4fde75e5a9c256ac13015ab15fec4e19e812eabde3f53fb66e678524809d15c928d7afecd9ef47318795aa03ac3dd625a565959f2ccb763ef19d01e |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | 65ed291041391a1b6c0ff144294f991a |
| SHA1 | 4671c8cddbadf45093b4ca5b6b76f136acbfa113 |
| SHA256 | 17566bfa92a31333736ef97ccecf3452705b8c8ebf4b9a76eb3d68d26ab98633 |
| SHA512 | fc72d30fa6e33ae66bd2fe48947a890e8b4b67612bdf1e9ebd9ff3b4c2ab292a62e51019c6465e9d8b05a8a11059b61a3ebdcf2ee8d8a2b17584d84082d6515b |
/data/user/0/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | 9aa3ab46eee6fb5cdc33cd55151c1513 |
| SHA1 | ae69847969f519b4140da13b2b3cfe17aa8d1f5b |
| SHA256 | 18190b59e0ebf193fe76239b78d50ccd6724a1e90bf7bc992c81d3813f779668 |
| SHA512 | 2f871033d5156d7aec85260b2882e4f402014c022fe68c63095ab5a63a91712051ae6339279d50efbfc4cced73776f8e8a0a275bd05d83cf160122366da29ea0 |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | e55c7417bbe93fb7bd3d667711f837de |
| SHA1 | 3554e28c2da952d90ccd20a84720a64e41f5d1b5 |
| SHA256 | 6ce35149a94df6e0db563b0759c62b68e5d5710e35be7ffd71ba3722b29ee586 |
| SHA512 | 38f5d5c898b48e8cd38a26da05adb4787f06649ca3617a8094217d3abe11a2a30f750bdb1236753b5e5bdcd623bbb69e72884934497ef322644ef9d919be7e4c |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | e64a3665cf7c0618323c6fa3e4252b6c |
| SHA1 | 1f86f75deab64a7094da0ad65cc88c4b3a80b766 |
| SHA256 | 58603efc4c072d623653119fa4ca621d2af3b225c2a5175f7b7eeea9b013ad56 |
| SHA512 | acfdb551833004837687b06be92e65c6ae162fa8b7796c0b8ec017530e92a5a6273435bfbf48a7b7c224935154a36fdaa94779a06a6331bf0cc9e646e6c81e5f |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 0bb7c3a2ef9b37873f0fd46738beecc4 |
| SHA1 | 83a05b54fe10a8acefb3472fcb6d7339e6d3778c |
| SHA256 | 6d0161fc56783e13b8a09b09d29ddb20b229a52a1c6c4ec70cc3b0bd6b745ff9 |
| SHA512 | 59cddf24fce0d11ce43310f41b6659d49c215586925ff8216f512244ebe58d2a6d1bcebd8f8539463d30399bd0945ef4e43d634bbf3ddcabc6ea3da7ffb307e8 |
/storage/emulated/0/360/.iddata
| MD5 | b443c49cdf8cea5b3af432d1ba454733 |
| SHA1 | 39b20314401df6f9a9e161c194a54d5e17eff9d3 |
| SHA256 | 84e4a233eba35244b14cfdb47a65cd8eddc1f65f251a6f802abf70e0ad8dbcfe |
| SHA512 | b911c27955e36d236518c28ed0a84c1ee118a66d4a05d7680354feed3e425a0ecbf7304f1560f02343d1d47e51daf967e497cf115c2117f43c9346c8ed95cfd1 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240614_log.txt
| MD5 | d857ade3951ae644fd726b26e1c6bc3a |
| SHA1 | 002ec40b697988b20bfbc6e8a4bebf7b48f111a8 |
| SHA256 | 335b0d4c03ad25df5500a917ffc641e378fa8c909d837e347fb6e28c8aee6d47 |
| SHA512 | c81cbe1886810b19776f2b8a1c36ef62f09933a6b92cc6234f42c7846d371cc7fb9c5294103ef3dd906b291a26da51e98edd072992f042bf78ec77133441655c |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 509fd1d14ee805fc7542cebcabfbd03a |
| SHA1 | 1c3d6cde4084384c6ff4b2d9b3b493bb4d2f3af7 |
| SHA256 | 0749e30c8aebba50cff8223e020a42e8c416320f98653370adb00385324d4a8a |
| SHA512 | daf40c3f6dd27ba7b6e9f2228590cbcf03dc8e73cd4fd2388d8a2c667786b1c59ebbdb7f1952ef11710ffaf19e756b51bc9b2653232269dbab752f57ad737059 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | e80f02e3185881472852608a206eb5f2 |
| SHA1 | 50cfe14e4de8e6f8165c05dadd470aacd0c3289c |
| SHA256 | 2e68fb4f140ffb5422fea343fa92a71fd14410cab7a3b73560393c3feb9d13a1 |
| SHA512 | 7107cc0aea43f164690104bdf29929c8bce210bc02949357b541df9665db2d588fd4bab40331616bf5d28adbb556c212ebf92a6a948a05a210e9aba730b7f476 |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/storage/emulated/0/data/.push_deviceid
| MD5 | da98e123a6210c5fae8dcdabd4c3b159 |
| SHA1 | e035ef66591e76f91b0bc2c735dd6600fda57a31 |
| SHA256 | 718aedf5bc58290f5fa09029c565b2883ea1715fe31f35b8919563dce3b4fed9 |
| SHA512 | 9a547e00bd4852a695be0e7e923819e021747963e4a782f0730c8b8f8c882aedbc921591a25b3d88ca1e6e9a63b6905ef8c533197cbc84d6ee80311005bdbbee |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 104d03c261a30b4de6e8e000df56143a |
| SHA1 | adacc74b1a98e4c7e9635c9e0ce989a5a513c0cb |
| SHA256 | 9c852f891faa7fc46fa78235d73ca7ec85776cdd24ae40bed5027547965198a5 |
| SHA512 | 89773c5850976ed749efba9f8b52c47f7febbc729afb5a2828cb2915dcbffd604d43cfb9bc76160b5dd16cd5d5da1a5031933c22dcb53e3b6923b233dcd1a4d7 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | b217743ac2109e6d1b9145f4190294e8 |
| SHA1 | 3dfc286cd4e25580eea1523dfbb85ff6e90b0502 |
| SHA256 | 785e0545fc54f32d55a30fb48a33b0a002167928a80f9f4ccb7f5633178571b4 |
| SHA512 | 15b696ea1c87893c36ad619d39a0343a114d7bd59891308add8f03e0543cbf9ff0c71f963a3b024b0f8331e860360970a7e2e178580233f8baf82b6459dbb7c9 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | fa40f016296c6b16ebb0ae68b78834d3 |
| SHA1 | 529372fcbd6b0e4af72c278fbf590b6db251ad57 |
| SHA256 | 18c927c72cdfaed66dfb96c69592357436288f653497b12a683e839f7aae602a |
| SHA512 | 5e1cbd40f5d12fe8d9e4d6506d819a74756e27b98968c2dd0841c0669d8d0b2b22fa714f8f0a00fb382a659b422b12c23cbdf366e9c4ebcc3ac6a01f91ee1cbe |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | 572e99e56905de66bd575bbfb70c07ef |
| SHA1 | 9c450ebdf2a4591fb24ba098b7d83e7cc6b1ee8a |
| SHA256 | 48781da7a8683a58fbe4ec6bb4291c553e94b87c81e81b52fa94a3db6f8f614d |
| SHA512 | c6e78adb63e30af05f6915f2e8416460235d888697c62f0e3dcdf48803143e5052c2d925607cd61e7a273ce684bb021e4db9c0d15082d27b87a50ce0c3aabaab |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/6936001b0843c9baaf6a3f320fef658f74b649cd15210e9aafd88153117e16a1.0.tmp
| MD5 | 3ccf674803e2bcca74d940a369b98a1f |
| SHA1 | b82beb53b74476af3563d05f4b49b4628611c19f |
| SHA256 | 897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274 |
| SHA512 | b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f |
/data/data/com.xgbuy.xg/databases/cc/cc.db-journal
| MD5 | 4e3a676a4e91714e4563077470d55183 |
| SHA1 | 63d7f84711e4487f8c34a195c86727e48909b014 |
| SHA256 | f09ffb3dac62c61d6a720847c5285f7b6f4f8b35cfd3673ba5af1717dcbe0670 |
| SHA512 | c931260161bc2223a23d19fa30076c9c346ea8b0c5ae2e19ec4051b2f65bce0127a15fea91a3d27dfc67a5f074e50bed730cd1e6ce43d6292806f5b832a5fbde |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | c238699d3141a00acf54abe4ec616e68 |
| SHA1 | 2abdc0a852c0225fb19c8d9a1e95ac569b100aa2 |
| SHA256 | 802b6ee91a25270c96e4759db5842e1e4d3831f785b4f8f04edd700947b9021d |
| SHA512 | a68636b8463705200921d45d09bb0db6734e37057dd22eb4562ecb902420e177d003b6e245d1f01746757364e1e0ad3338f1b3580b1aad97a69baffda9c7bef0 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | ac350075380202777164398261a0de00 |
| SHA1 | 442118f4ad5befe03152a2c19c3f232863ae5cee |
| SHA256 | 93e8470fa42e155dde0e1509307b87c075c3f1387e74b0346cff72e2cb351edb |
| SHA512 | b5126612a8e6db059fff7fb28c44267284a254e10923da805cb7fcd609aa413e260a674b48ab19822a8a76c4dc2b9ff8d4d487c7c878a73c36a256db08622b07 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | d5dd55f3eee38ce77fcff63bacd4a841 |
| SHA1 | c911902d9ce3f5707903b8c52340e56f8dd3fc0d |
| SHA256 | 08cc6031bcd8d34f0902f370b3f7edc3c4a324a26a3072be52bfec938a7e7b9e |
| SHA512 | 74e85509e9456cfd35891de709d9c4a79c44cab1a4780bf3f881e7be4685a6bd5af7f09c1d0c0dfdbe92b67684b9e2a01074398cdfb645f5a9bae47fe1157637 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 75bc09d1d85eee3723d0468ce0a78c28 |
| SHA1 | f8c20cf1ac99c0d3b557258fd1c9365499db686e |
| SHA256 | 13b9fef682ad1c58729aeadf6470383f1e86fee80463903247ae0b747ca04029 |
| SHA512 | b7bf2b09e1aebf112fbb6a48e95dc50fe425c37d744cd88dee0c521dc6de4397b246e25c91e7813632983b87d0a02848a244ed63929e10fd81fe6ecc53e0d770 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | f7fb91f55e8414e98048eb6393a8954d |
| SHA1 | 8ff3c0b726a29cf2f4c9a1faa880a45fc245d656 |
| SHA256 | 4eb8e0acbfbf969904e217f549af16ea4de86e09527f3816a77f366a6f8c8028 |
| SHA512 | 640f4e3d9ef2a7619d0999b35acc2d1a5d419510c35aa7acf6cc59559fc2c1c6ee587db7c252ed8bfc293843c832718ca4e3471d5e7514b9087b4446b1169e59 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | a5537108bfb619ea01400c9a60df911e |
| SHA1 | ea5bb6d86f731ba001165266b41442011398f595 |
| SHA256 | 3e8681ab415322316d9ca9350db67515a20354bd556fae51780fc64cef28bc6a |
| SHA512 | 447f32d84c97728be3ade978ad4d663bde6efe796ea4c5c012fed1789e2cdae52549cbd295b2e018ff57aa8cd216aed2e5d0ed9581774b0518d0c43fa8dbbfe2 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | ec9ff9df3c096e34b91770d4b2e1ab50 |
| SHA1 | d26cae8254319086e263e774bc1a295f6ad20ff2 |
| SHA256 | f8b549f85557e1f385a52f2fe0b397e62b29a7fed81f62653cb9c1ce08f1967e |
| SHA512 | 7b57f3397fc587a4057f8d2570ab69c6052f964ded3c40af33e313019d231509ff9ee1c9c5a0c860f26ce630cf5bca0bd64b1e85fd501a361e0bc9528e7fd313 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 4a18adf0d7e69aaeed2b57fdd13a3c1b |
| SHA1 | 6c76db5e4f519a668d4574b5b031443d68e93273 |
| SHA256 | 8513fb513638f575d1a705857fa733cbc44542f21ae379c9f8b9d75db15e0f40 |
| SHA512 | 973cc1d8f2c305d5c21e46100136c637d26f7c4721b4b624f4c9b61318dce93589a9a76259516c75613b356f3cd71ae93142d34676b0b433ac126c6b06620552 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 90cad8be1ad4a8c3a49b763b3c7dbe37 |
| SHA1 | bd5fb96c0619b9c6603201c7fe840a2e7e7f2f76 |
| SHA256 | 02fefb6b3d206c1a3ec8cae2c673fb91090840016ed01e1c895e6d697ccf3ce9 |
| SHA512 | 1c1a8f1d8a242e869f2a08b530217d5299495eca2df45024e572f858ff4edd278842f35f429fa855e4cca37f5cd0fe4f8515c06c048906f42a022702811d3ce9 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | df75ec7b58d24cb9716d249e14611221 |
| SHA1 | 92c5cb9af785fe78037c7971d98e3f1c9fdc6ddf |
| SHA256 | 9fbf9e1b2f4c765033bf3d5172e771de4cdbfbd5fb314d988d1e00bad31863c6 |
| SHA512 | 5c28c0d0e75155b40a6eed66e4294fa4240081ff08eb3d681c2534588f85d742568b9ebab0c42ecfca15e85fdef59423948771d102e5955651084058d0c91382 |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | b5489f94e71de3c8e334370b31bfa54c |
| SHA1 | d0701d7671478ffb86caf35bb73040923cc1f56f |
| SHA256 | dc1c1960fbe0fc32369798ba68dce21002951edd23181b6682dbbc9a6bcb5f7b |
| SHA512 | 2b270abf1f5088faf81a91b2bbd61baf68557d1e6c072cca4ba0da55a39015d2eef425af711085a6f769ef3a643ceeb55bcd956f10c8916a2f69585469fc4cf0 |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | 664fc8c499e175511e48239606c1f404 |
| SHA1 | f2062707f1e5aaf6fcca4210d6b55f1c4fff3862 |
| SHA256 | 56f77e614ad04d160ec0f07abf441c14aa9ffac9b59b564e4b3576022eb48213 |
| SHA512 | 57367759b5f38876c008eec244514193ac0e3720e5868b47294b673854862fb07cd593036163a24f6f286e3c9e89a6ff60ff944e30cab6861f972a29bdb6bbe4 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 26872eeb7b5e46cf811aeb0f21fa7774 |
| SHA1 | e727f9256b36795f8eb8af3a259c83c344008c48 |
| SHA256 | da1d46e40625dcb26e8277e293ed316bb84961002bef8aa5485b7107c2b1b4a2 |
| SHA512 | 498fb81aa728a5f870f8519eb0ad82ebbf72e84791865f1010b85e8c30c65bb774e6719e82e5f122af29a641242650612f0e013d75162eb6bfa3ab1e4e54d702 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 7a64550bfdb57b6eb0d058d5e4ed7c2a |
| SHA1 | adecd24fca91f3172726212af1d0afd35dbcee35 |
| SHA256 | f62a043c6594a24ad2e17af5e096766c0a3a49efe3c9d41c95f5f11e64602b1e |
| SHA512 | dca54294b293da7a528fb7478a3f1072f31c6fe4854a79ee9ccff817fc97940e27cb25bac5931829cecd451b8e7410a603a5c62e92f44c2a97981db5a0f12eaa |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 4bf0021e406c8d3978ef44fe72af7c43 |
| SHA1 | 946c64cda43b0f70acf567aaa47228a0742ab2ab |
| SHA256 | cc206d818d6335b822158a12df27ff1f235d4090eccd4eac15b44703d33bebb7 |
| SHA512 | 04f33d0923fd68ec5a55964ab56b3895789e1e13ae79ecc65cb33fe832bab1d54d274abfd8de344ad2527aa30c91a2348d5afaa23715cc5228cd7dc7b3333e19 |
/data/data/com.xgbuy.xg/databases/cc/cc.db-wal
| MD5 | 96f09b8ce2548ed1d317d7180d05af30 |
| SHA1 | 70a76b3ad9147d86b64c41ce7f271bdd8e14f681 |
| SHA256 | ba211cef4f28d325bafc4f1946e1b77d57e0c7e204348f7c1dcb4d5276589f6f |
| SHA512 | f1e7688090082043bf403bf1e1f2534584ef3e16dc6e262a057b38c97a31de081e7675e979e3022d99465f075555bac57720e34447687fba8ecb2b67a7bd4e84 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | da1223286e8343e1cc222daebb90c116 |
| SHA1 | c5b365e1fafa75cf759526f6c46912f9fcc5564b |
| SHA256 | 0af44f683ac6aab488c6f1d2e3b410662f78ef9d3ac5f3f7d121ead8f1324c27 |
| SHA512 | d02eb1505523494fdf702f5f3881cc4ed9cf20ed67ef18c708de01b7ea7759e0c5024741d3f096610cf690818bdf3c2c32e7e302f06f84c1536632911d8caad0 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 892e081b694fb8bbc8143a945a37461a |
| SHA1 | ab1c3a2f46cbf15b4bd4edc1c996c06c37daed49 |
| SHA256 | e8f94f4cbbf7b2d6fe22bb1062480a6ad24eed9511781b522819048626bc4e8c |
| SHA512 | 416b954705913997f1bf44d1960bdb0166e46d3cf026c725f3d79055a300cf2997ae15e30573ea926dff195200a947a9463cf98707f10425d7e29d265fb45f1a |
/data/data/com.xgbuy.xg/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest61734289485615521022680076755503589452-journal
| MD5 | 0f7787acfc8ecd3cc850d4e3e243b53b |
| SHA1 | 913b9ef3ef28cba552ca8aa6704298196ec3154f |
| SHA256 | 2f39cffb4c60f05d338d0f830f2291f33fa4d56d61235d9a7340339af265f2f2 |
| SHA512 | 362e93776cf011bd374effd2689677de6a6edc3b3b7a5c773668e7aee801fb16d2dc3769ecc4e9f29346d3bb5aae48f0e228edeeac803232ca4b839d0313ae3e |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest61734289485615521022680076755503589452-wal
| MD5 | 61960bfbe78ecf70eba43e3a95c8d284 |
| SHA1 | e60fb2ce7fa1fa937d7c8af612e1564c452eead3 |
| SHA256 | 58082bd60fd9550d466bc82e943f60515c3a61b00664a3ea0ca120bdc611615a |
| SHA512 | 48b16f84a0a873034781ed8a7ae2ab590c6912818799e8feff06ff6ecb2bad0402ce7ea002354f0c217bdb74e45f55f42850bf68c15d7c1caa078bdec5423995 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 20494cafc45f208fe91868114b320ea1 |
| SHA1 | 8f751e0cf8fe6dc0d6fe5ab908eb1c8accd001db |
| SHA256 | 18d4f707c0969d042d5c15d6938f12016a16bfb9592de7458fcb6368de1ed3fa |
| SHA512 | 269d23abd8aabb53af1223f81e0b2eb87e97212a1e5385f1f62c17323ccb6d24bbd53baf000598d79700d799fdd6322e1cb60cc4b305d31f0124e86277faba33 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 95d413246bc457b5b89cdd9315650ee2 |
| SHA1 | c3783f3cd2b5c6b150642eb30e843612348223aa |
| SHA256 | b157e0f8a745696ae44367f26a08f1ca3957a8e6de07ffcb79397857d373bb8f |
| SHA512 | de5c717539741138498717dc189731fe6fb1489fb0a79bb3a3b0c887d00c815a2acb8a9ed1fbbf2a08256124da3bd1e130baf4807ffa81a47d2f9237cbc7e174 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | e8313ece66e1668b0f4e5889d1788f3b |
| SHA1 | bb0cfce750feeac810c207a35419fa6f7d01a773 |
| SHA256 | 9049c63b155c68da2db7ad9844b5a2f84031881424d0a09f87aed70dfa026f52 |
| SHA512 | 3ad2588b2fec7648861df25552f895af9ef3537675bce41b10bd42e5f695c971455a6e3e2e770bd877fe6310cdff8869ebedc95046456a345bf82a4d7cb71958 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 723a499071d1e8d7958a7ebd6b50c8b5 |
| SHA1 | 942156ad4d1b888c2df56981c39facac3cf15b84 |
| SHA256 | 70eead4ebc7b41d473bbd768bc101fd7fd86b7197020840ab9eb48d27adf8e83 |
| SHA512 | 52b4a2e13cce913ea13fda844a236f00f95e5ed82983eb2a851846bdb593698ac5e2c441b4093ac9a9dc35bd5dc5a52e37ce489a16e810b721b4ce9bdf78de4d |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | c51ef43381120adf64d514a9256cacfc |
| SHA1 | 39e245786995fd234a202562c3f46eff10bede9f |
| SHA256 | 93e48f7bd6f7400f855e2716e24be1532ef1cec7b8d4a95b157f53119aac0416 |
| SHA512 | 99e581bedee057e007590a16019ce8beacf7dfd6b72628a99ffaf7d15f53a53f225a1b3e148ae5db2620561ca4767df0ffdbb3e3fc936ceb033dc5995eb25945 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 63211d62691b52db001db4e8fe925d16 |
| SHA1 | 83d60d623f2a104794ee950e26d821fca51ae6f8 |
| SHA256 | 95a3d890cb782e1862e5f59c649bff6a9e04559e9c8b7228a1a533709aa73e98 |
| SHA512 | 05bd7e9e9979eb168b8fce52410376cf12f3d422dbb57e2f1c217f741b8974faa63af205561935a310fb6022a63c9f490b1491371d8b8ed868445de2dbf9a57b |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | fb6087569237c1e0287c15f1f1dcb034 |
| SHA1 | 04d0ddedeb2f31e96d282dd79a80e5ce70891420 |
| SHA256 | 2d5f57af67bfc9a59978517dbc53c6c23d8fd49487a420f581bfae3ab0138e1a |
| SHA512 | 6e29f7818f2d57e106f62ef609cf26afefbf289e2974c1c592e7c8f675e1aad5f2f34790d32b0ed5860510cf8d46c1b3b81ac4c148727924d69e2ce1fabe6703 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 2bf1170a6e1928ebc9a04cf3662c8fb1 |
| SHA1 | 0d9215b8aa1ee54df213748f5e610ceddd9985e0 |
| SHA256 | 0598fc7294ee177c26c9097735bda7bf601892fc569141ed301fa19ae8d36270 |
| SHA512 | a54a01282ae75216f3f137d506a2b979ac746625e44b0adbf3f698115f8f86435496a08d58e3ea8f2aaa20b16d00ac6df919f9bd46c2ff399e880707a58cdbbf |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 9ae7e07a674bf05c0549197f191b8a3d |
| SHA1 | 9a4f1589e705288975b2edd1bfd159af14892683 |
| SHA256 | 67fbf1ae091ddb6fa3cd39833538c968bd040c1a4a08f68ef0dd9267de2313bc |
| SHA512 | e1673f913b1a41a28b89d98fba287aa24dead3e4f7bec04407b67106df954c24613b0ef0766a071ffc5be686f503866f2f6c3bed4a56eacbfb5a4ff66f72bb24 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 3bcd1be77748fb947498c28666659720 |
| SHA1 | 7a44b0d5928766f7971b356cacd0d3ac405b5452 |
| SHA256 | 39c14c56eeec25308d900b729e45deeaee69f567402767c3338d2187c7be074f |
| SHA512 | 290b95f999dc8a7f57ae5960e45f105e321ba993179a02ebf3b473771b2522efe39776b4f885bf59168a0ad462286399a1acb6b4e47561a6599991142205d3a9 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 58333d49c3db5f28420673f577093224 |
| SHA1 | 6b93144859b46ed782a8c9cb6c767f404647c7be |
| SHA256 | 7f73dae2130e4fc735cfaf13a53943fe3d2421f997c7e515aa538b2c854d628d |
| SHA512 | 0cbfb01a38d36efac09e60bddbaa7e7bacca9ce1c4dfd6f254b75de173135b2e547612935ac9ea7411b0b829bb207fd1df18e9f4a4b92039d71a146c3a4cd719 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 6ddb59748048e2722cc2d542126624c4 |
| SHA1 | 537eb3945c2ce4d8bc5314cc52cdb1cdc08e32d7 |
| SHA256 | 03bb33f41e7b54ef658b491057c0557523bd34ce676bd7346e066daddc650c3b |
| SHA512 | 1062c83442308d79a2c01404f7dca253d1d52bac2581580a5ff27eced81b89c0ac560534b17ec9b33901fd2c8864c84bc33354384abf59eb296ceeb94fbb77a1 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 06d1051e1070e16924f5661db6832851 |
| SHA1 | 43f09c9ddf2a1d480a33ff22cc65521238b4279c |
| SHA256 | 9a04296496d4514f74fdb307df12e3776703e84a680c18f6ea657228cfc8dc53 |
| SHA512 | 5bcb18a3e9f422918852612365e27ef3f4f229c8c13f3393af16e3ed4610197d11802917dba3b8bedacef66abc9ae718ca79e7becd47d91c05fd58ed591fa77a |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | b3edbfceaa3d514fe2e1965d3168d04b |
| SHA1 | e04b2ca314724b5776ef6d889f957813074e0a25 |
| SHA256 | 5286c004d33d5129c513d1184bff9f2621be901d65dc24912a3f701dc6cef459 |
| SHA512 | 68a9fa5a3d084b6d58d00d36a9fa5877eb97f07196a9c8a81411da1f014c1121f4a08e816a9a7272ac77306b6ffdce80a17de08086e8376e193ac7f662b3bbd7 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 19fc1a4d57694247cb3f741e16c6517d |
| SHA1 | a2253da8b4029540045f4f4ddb8c6e1a004dc743 |
| SHA256 | b1f02e3e91baadd1d5a2372f1d57123039783d6cfcda893d0228411b342722f8 |
| SHA512 | 1072b1eb22c8cf81a115079afee1b6d9a65c5833f36a9b0651ee5c4a27293cc2509947342b7f842d489993b56f7a271e965e69f85f3f30d15838daaf278e8c28 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
/data/data/com.xgbuy.xg/files/.um/um_cache_1718352569311.env
| MD5 | 37b83a4e7052df3bda295f16cf777c10 |
| SHA1 | cc623b34f63e0a02a50b69ee6ef3cc6ac3bdf537 |
| SHA256 | 3f41cda46ae7fa5054d6501ac3dcdcc916d2801673a8f7f922cf4c2decc4d767 |
| SHA512 | a4ac303bca524a951d4f991a0f7d23bd7abf97e9aa2c405d3306ac4525f12eeb01c110afeb1e1dc88ed12276cac92ed52217c1843cc0ecf08f5c2ff78ad1c092 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 08:06
Reported
2024-06-14 08:10
Platform
android-x64-20240611.1-en
Max time kernel
14s
Max time network
131s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/[email protected]!classes3.dex | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Processes
com.xgbuy.xg
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 172.217.16.226:443 | tcp | |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.46:443 | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | aa01dd97609092ce310e17bf791069ce |
| SHA1 | f000840a8f68ea7beb2e29ea466088daf55609db |
| SHA256 | e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2 |
| SHA512 | 766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 2a9391172256c79ef8abbea96b7b1450 |
| SHA1 | 25b4e1b87a12410abac9b6931ac4045c3b09ab76 |
| SHA256 | 057524f76c6240486c41ce6bb5004173c81552e9a6019452025c8e28ba1e3559 |
| SHA512 | 1c53da79ecbed23afe1f7031d5d8029049567279e9297ca335fff52004b74f8d66bd00e3d2ea8f9f32faeb051617bbd686f05ad8e691cf5b78f450ad8b1cdf4c |
/data/user/0/com.xgbuy.xg/[email protected]
| MD5 | 87cef9b102aaad85568ed5ee5a204093 |
| SHA1 | 27adae802d638c1efbe07557afae0f3b1c1ede13 |
| SHA256 | e9c4e1b3287e667d1999f5c892b93be28b8305bf21eec2da29fd59cfae6bb1c5 |
| SHA512 | 5d0a8805d4fde75e5a9c256ac13015ab15fec4e19e812eabde3f53fb66e678524809d15c928d7afecd9ef47318795aa03ac3dd625a565959f2ccb763ef19d01e |
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
| MD5 | 65ed291041391a1b6c0ff144294f991a |
| SHA1 | 4671c8cddbadf45093b4ca5b6b76f136acbfa113 |
| SHA256 | 17566bfa92a31333736ef97ccecf3452705b8c8ebf4b9a76eb3d68d26ab98633 |
| SHA512 | fc72d30fa6e33ae66bd2fe48947a890e8b4b67612bdf1e9ebd9ff3b4c2ab292a62e51019c6465e9d8b05a8a11059b61a3ebdcf2ee8d8a2b17584d84082d6515b |
/data/user/0/com.xgbuy.xg/[email protected]!classes3.dex
| MD5 | 9aa3ab46eee6fb5cdc33cd55151c1513 |
| SHA1 | ae69847969f519b4140da13b2b3cfe17aa8d1f5b |
| SHA256 | 18190b59e0ebf193fe76239b78d50ccd6724a1e90bf7bc992c81d3813f779668 |
| SHA512 | 2f871033d5156d7aec85260b2882e4f402014c022fe68c63095ab5a63a91712051ae6339279d50efbfc4cced73776f8e8a0a275bd05d83cf160122366da29ea0 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 856360495b0c39b55eb6df1d90e65503 |
| SHA1 | f8365b9ae80e0cef9aa6a559c1eacd0d664a9ca5 |
| SHA256 | 12a192602e5a54e9d5a8a0debfd6cb8096e0649d106f38abed8109fa5ba5eb12 |
| SHA512 | fb5b47c4c2808935c2edf2633859d7712fb2d0d7bed79ea219975bd95091e20caf1dfff16b865f1f911b952cba2a430caa921af46721d89782f92e5d229a93d0 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | ba34905877cf46cda59d5ed1d09c39f3 |
| SHA1 | 1fb1a373201a595947316471c250bcb35bebbe87 |
| SHA256 | e41a425db0a0f3bed6cdccdf6e682564372c66dbdac4054b39610fa016d804b9 |
| SHA512 | ac02ab5a165c290c3e673c3565f571f93d267bee8450c5b3aeed4509c0e96ac8ca9abe76dd676c404068cf159f1d6d0a94e1995a0d8ab827e541a0eeb2163076 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 1264f30db5bc978090c891fc9ba97820 |
| SHA1 | 22a1664ca5bac8af36bdaf8e4098c02c7fc9c1fc |
| SHA256 | 6383110e70c2cf20a67539bbf759d99229ac2dcd214cae6a3c5de840497bab2c |
| SHA512 | f3ec53223344ea4763479b39ae62a3dde4b83e0db05d4707c9e2c914725943063706c6c53e6fc043ee13640ac98242775c901b84ec76eb3edf11615bd0084488 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 9afbf0dc0b4a4fd0a874cfec2c55461a |
| SHA1 | a42766499eef11be1120ff87588b7f715c1b2a7f |
| SHA256 | 75c6a927b6cffe50b1a48e8aff766f5d543dec5aec8010b835ab4c4d8dd3da37 |
| SHA512 | 863cdc25dd26bc2db5a80480a5d5bd16965ce02afc94f732f31c24bdcd3daaae24d41504f0eefead9a8ecc402aa2e798ce100e8a225b13b38b05aa433456185d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 9844817f155ae1a9613956b982c80cdd |
| SHA1 | 4e999682695d325b777bd0e8eb3dc7f1766636c5 |
| SHA256 | 1062c4f5b1f33d569e1122f9e1e0818727fc4c6389fe512d127f0f9ee4fb8b5c |
| SHA512 | 97c121e449b4bd041a2198ccc2bc2805281ef5bc6ece0e3c5f5ccdf093f5b75ad2aff5e2e14df80d703f9f7b8bd84e080c115bde2613f56622f0fae3dd2eed16 |
/storage/emulated/0/360/.iddata
| MD5 | bada03a432cfd2e5d21786e5a3477fa7 |
| SHA1 | c15f8d1f6543539bca95138283b6a35ce6322cc5 |
| SHA256 | e796eb076476a61f6e62d7af26326309bec299da1b491307004b8f3e943d7837 |
| SHA512 | 16a51f49ded006fc35f85650a4ad46f348a9f8b5190ff0c3ee933b00ce7c8cd85342b0d2373bc6ee75441eb2517dbffbd6d288ebe7de1f86bf64299d4db02521 |
/storage/emulated/0/360/.deviceId
| MD5 | 4c4c5285293d5141f582aefa4e038669 |
| SHA1 | e01852a72e5a8e6f7d63a21426b515118196047b |
| SHA256 | 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731 |
| SHA512 | 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399 |