Analysis Overview
SHA256
b387a0ebe68de7f402a0f4100f59f4f35d602faff645e2e2cdfe1755447d1828
Threat Level: Likely malicious
The file a91c56dad9ed8320e45d0f30b7dbbea1_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Obtains sensitive information copied to the device clipboard
Queries information about the current nearby Wi-Fi networks
Queries information about running processes on the device
Queries the mobile country code (MCC)
Queries information about active data network
Queries information about the current Wi-Fi connection
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 10:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 10:05
Reported
2024-06-14 10:08
Platform
android-x86-arm-20240611.1-en
Max time kernel
2s
Max time network
131s
Command Line
Signatures
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.yxxinglin.xzid13172
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 172.217.169.10:443 | semanticlocation-pa.googleapis.com | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 10:05
Reported
2024-06-14 10:08
Platform
android-x64-20240611.1-en
Max time kernel
158s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.yxxinglin.xzid13172
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | open1900.open.7724.com | udp |
| CN | 47.102.225.24:80 | open1900.open.7724.com | tcp |
| CN | 47.102.225.24:80 | open1900.open.7724.com | tcp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.78:443 | tcp | |
| GB | 142.250.178.14:443 | tcp | |
| GB | 142.250.187.226:443 | tcp | |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
Files
/data/data/com.yxxinglin.xzid13172/files/umeng_it.cache
| MD5 | b27031759bff0f1326775721182bf442 |
| SHA1 | 7d174dfa463705fa71de19c5cb0cdbf659696dee |
| SHA256 | bc737bc9d461500695f79d8f54f3c428e14e9a447c72559397b13ee9a3c2bdb5 |
| SHA512 | 9c054614bd0cb6e969116ff974ead88f71a82e5912523b77d3956786563a7c84119380dc1c716e173e105d7dde9ba0a91b12e9c968817adf8dc9fc7a24ccde37 |
/data/data/com.yxxinglin.xzid13172/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzU5NTE4Njc5
| MD5 | 61c39ce5cb4f6e61cab3a2616c0fade2 |
| SHA1 | 8bff7bb9c2f7433db551c6f4680ba7794658a5a2 |
| SHA256 | a33c38123e545f6a7a279aa25ff4b22c3aa59099958900f7a30296a24be7e44b |
| SHA512 | ec4413c3946bb7171a6262565a2949ef8208dadb567d1c2352a001db6a15b24c4d8ae186d91231889c489ff0e0acff847b1d12af6cf41adf94522dae891aa81f |
/data/data/com.yxxinglin.xzid13172/files/.umeng/exchangeIdentity.json
| MD5 | b885a6e20fd75127ed3c19becd47a36f |
| SHA1 | a41b7da1e047f29f9d50761ce913e57495dad642 |
| SHA256 | 2497e1c49c5e67fca3ec8d7bbee9db298a1a8f98b3d7636da999181ed1fbac4d |
| SHA512 | 1256900198adf656ba6e3d13b9812cc46a603f7947a6278476d3e19c17aa99cbfdf4d89bf2e6c7c098ad8890ddaa08a2db1a57fe6c82c5e940bbc1ba7666f3cc |
/data/data/com.yxxinglin.xzid13172/files/exid.dat
| MD5 | dea092318ca7acce21a65ac85c9d2b11 |
| SHA1 | fc24ec3a8fbcb48a2e9141ba61da0fda5ef6d398 |
| SHA256 | 425bf26238882f2523d92eaaf10e61134c6ab0f370bd688375765f6a23ecd946 |
| SHA512 | 8649bf0d9a7949d46190edea839c2ce17ca4db1b7babaa22310386cfe92db83b0885815b0a6b8fd01254d1ad58f098a0089e068e1f67123fd38a72f635e45d18 |
/data/data/com.yxxinglin.xzid13172/files/.envelope/i==1.2.0&&1.0.0_1718359519051_envelope.log
| MD5 | 681d5b7b685cd5156637b6ca4421fcbf |
| SHA1 | 6dd1e90ac1392a8a3b67e147578a1304d8ba99c9 |
| SHA256 | fa73c9214b83a1a2b8b8377fd55cf5f620ad162a0cbf73be9f9a52e76ed2c1d7 |
| SHA512 | 1507436e22d8086b6ac3d5e9453175385bb0eb4fbff7770362a580a45adbef46b928d8902d32289647b6f94360147ae9c9c9379e2edc02482df11f26ba0176ec |
/data/data/com.yxxinglin.xzid13172/files/.imprint
| MD5 | bc6f4f6b9f545ae225a6143189840e2f |
| SHA1 | 6eb0b40f8840fdf0f927e03a8ef3ba7b374723a8 |
| SHA256 | 31d67fc83070d177f93504a03af9045b8b16b5b34e7b5067c78801756c624f04 |
| SHA512 | 7eb825c358e95b5b21aed4df1012dc8a5fc0131cab03ea345421ad5767da8bfeb52f333537dc572fad8137171e3ed3e1f1e2f38754eb5c02bb520a8602293f43 |
/data/data/com.yxxinglin.xzid13172/files/umeng_it.cache
| MD5 | 0001603c299fe6cce8b94cd8c7569ffb |
| SHA1 | 7b745d14e3a7baf568eac74310e8e41cb1c6784b |
| SHA256 | 5a1fc6b475e07a39c188d55cd54f71ab7c14fa28c1a10cd9bafbf37018d171ff |
| SHA512 | 82a90238d006ef9ef7653775d0d7eac9ad801d57acf9683d7c3d2a9a2a6a7784474aae1224c42dc612ad1f6bd82e7eaacd5b6dfda0ca8a6bc434c1190798abf5 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | ea23798460d8e7efe53d58fa90fecc28 |
| SHA1 | 65e3bdb5133d1803144c2ebd2a7f8197717f9673 |
| SHA256 | 0432468365a7eee5b145ea14410638b11cc1bcc966dd9ccf5c1f70310a8096d2 |
| SHA512 | 9cbfd8b8ba37717b17ce2e390ea6962c07554971ef60817329353bbdccb904d732051697dc1cbad6914ebd33733351db6d0139f31e262666c03e9c448a0f2889 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db
| MD5 | b7036131b84bdf2b66c67fde18d62308 |
| SHA1 | 18b1e5a358d68c846495cab5cfef7c6679659093 |
| SHA256 | c2c0bc8842203ccf1665dbb5b3333b22ae5a6ae3ef8eafe83e7f43adf32d0295 |
| SHA512 | 256bc83e1a516a58f5d1d024d27dad3c26723df0f96e0deca6baac86d84518000212570b06996a14bcbeadff05fed05125862aba2d4aa08c15a6999563dac067 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | 94d6504ad91ad35b8bb7185140a3bc1e |
| SHA1 | 0039151119beef10d6f317bfe75a416d2e3b89d3 |
| SHA256 | e3bc6e9e7df1052f26ee782677732f2c03b1cd5cb8da34387df32061231b106f |
| SHA512 | eec412f721a16c09d7d78388c863e5b641d74962ddf1fa37ac3f64a24a906c434f9b6d9d620ea12402124dd8fae092d98663cd4d2bcc15156ab6c4db03d0fcb1 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | c2d0383a01fd2f87f209426edbdc3f68 |
| SHA1 | e1f69e9acb2c3839248a1ba837a0722a1504374b |
| SHA256 | e8c678961b3ecd60a4b7e335b64ab84750921410d0ed58ed78cc826c77bbba30 |
| SHA512 | cb5e244f52fb5256557eb2c0f8d5f8c3890d966250367e1ea8b2bec620d70b789cabb7a8b9a3787f0b833b68c4e1a9aec95d22073a7bd6b6263fa9b43c5679b0 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | a617ae307a0b8840e021250d4145e09d |
| SHA1 | 1e409f69d18d14af0150e5e9d2726e15d815963f |
| SHA256 | 1e76263f99432474e04a2ed406d63c13c15d12adf859874340d5b41187047962 |
| SHA512 | 9c49a9a1050b26c545abf04ce25c80f2c4408139e77d93e7ac2dc2a58c368950d5e11ea381a87ec0b3167bd76c522175854f789d46c2cda0e6287fbdedddcd7a |
/data/data/com.yxxinglin.xzid13172/databases/ua.db
| MD5 | a3c2ff0640b97827108f9203925ed5d0 |
| SHA1 | 9ada11ae195769dfdb46ac3c61e02e32658b7a5a |
| SHA256 | 751f3b4e6e2b191aaa2daee553a8a12d98490407c255d04b7dbc21f612be5291 |
| SHA512 | 1346f0aaa874123880ecb2ec592d21253798ab13931b854fa2d8c12978d7e05aecab96475265b87834d1b70d6fc013e866fc4b348bbe30c6c6c1f306a6a18ffc |
/data/data/com.yxxinglin.xzid13172/files/.umeng/exchangeIdentity.json
| MD5 | ef44759c26b62024957a336ff79dd993 |
| SHA1 | 6505340fd57e7c1bf79f26ec14588c093092a302 |
| SHA256 | f293fa731e9f03d495d66f371f677d410e0dab4369485e650ce2d79840347132 |
| SHA512 | 9ac4e44a3cfb93b205ec598b53f64750c40034cdb982fda6d5f37f3de6279cb5955d08970045244ad86e5f7ea8d56b9b960f341f753db37fcbd0ab789750112e |
/data/data/com.yxxinglin.xzid13172/files/exid.dat
| MD5 | 0ed966ac335fb30a30dafc93410d4f4e |
| SHA1 | 3845c1289e1ac1bbad6765653799d738e6e1fe45 |
| SHA256 | 0039b29f5aac688500167ae8a6ff1ae4c69b3724a48f6b36051c6889d32f397d |
| SHA512 | ee97287cf7ab3d7027f86e1c2b26583d0914dbbceee6ace007d4b32c8d8fc9c8b48dce1876ff0df5533eb8f090f8b0444fb7f50dc863072c6096fb597187c488 |
/data/data/com.yxxinglin.xzid13172/files/.envelope/a==7.5.0&&1.0.0_1718359523915_envelope.log
| MD5 | 01a2d1224a1dafa90a9c946e432cd267 |
| SHA1 | 261741cc49c52f9598a608408d6b020b8ea7a510 |
| SHA256 | 980f0c023869ccdd39d948f4be30f62ba8c63eb4cd760efa43e24dea77981094 |
| SHA512 | 1e2da28a107434eb5b597474fa80f2eb87ec967b86b66c20a8b6dee1d76a0c4be64ad43e440b003a591a19ae214d5d35716538cc1c626a78649dce089501d231 |
/data/data/com.yxxinglin.xzid13172/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzU5NTQ5MDY3
| MD5 | d9bb3f7008a80e2ae5d2377e68dd3ac0 |
| SHA1 | 8b66efc7bf680d1a9dd955e3ceff76b4507ca81d |
| SHA256 | 0ba07831a62962cb2f018e8c6f2c387d61ba85209a84b1a695474ce93816f958 |
| SHA512 | 3aaf1761d585cd5fecf5e33bce421daf1a8cd0027e3d8cf50ff7650542a9133162208fb695f3e98c72997b9316f36ab41a4dc72e03b05ec83e6426855cc0a09e |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 10:05
Reported
2024-06-14 10:08
Platform
android-x64-arm64-20240611.1-en
Max time kernel
159s
Max time network
179s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.yxxinglin.xzid13172
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.234:443 | tcp | |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | open1900.open.7724.com | udp |
| CN | 47.102.225.24:80 | open1900.open.7724.com | tcp |
| CN | 47.102.225.24:80 | open1900.open.7724.com | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
Files
/data/user/0/com.yxxinglin.xzid13172/files/umeng_it.cache
| MD5 | cbc14038e694fd733342b910be586fd1 |
| SHA1 | cd5e6af2e5c18b0021b2e0edeb8a4b96ed787f3d |
| SHA256 | 9a38a685ca0d7d3ed0d89e8b2ca937b407fc80ccd91ac486059d6db05bf11ea2 |
| SHA512 | 8430ef23103d96302e9962d28fdf32804df14e85a78696c5be1c54dcdcac8bf41a0b95fba6be001475bb252f6c3c38d6ed8fee8037ab8a45c2c43c44fecdce8d |
/data/user/0/com.yxxinglin.xzid13172/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzU5NTE5NDA4
| MD5 | 748302a137bb8d1f7fbdbd4dc8521120 |
| SHA1 | 8ee366d2c041de713f7e19fa242819814398638a |
| SHA256 | 09249572b550c598cd38b09bbeb3f74124edeaad92b3c90915e0896d1335e294 |
| SHA512 | 8c2a3f799cc7267d31a25bf6a464ea297dc8177a9ef40d7d3fe9027fa782b63e920eb6051e8af7a98e5b7cc525fda695a212b2b49c6368bd1e38ff50ddfe7836 |
/data/user/0/com.yxxinglin.xzid13172/files/.umeng/exchangeIdentity.json
| MD5 | 50dd75f4799e426e102af43801f42646 |
| SHA1 | e9f271a5796f272a7bc81fbd635edcf45cd2185a |
| SHA256 | 520aaf9d6995643c17e307bb2b9f404d1f3ba93b620340447b0e9cef60398d41 |
| SHA512 | a7d0b9a040004b6cc6842f6e9d5b281fa5234c68e717cb47ef8c7775231a029e73d021a29565b62e31234886735862860e40f1044d838af400e6f9a39f6d80b5 |
/data/user/0/com.yxxinglin.xzid13172/files/exid.dat
| MD5 | dea092318ca7acce21a65ac85c9d2b11 |
| SHA1 | fc24ec3a8fbcb48a2e9141ba61da0fda5ef6d398 |
| SHA256 | 425bf26238882f2523d92eaaf10e61134c6ab0f370bd688375765f6a23ecd946 |
| SHA512 | 8649bf0d9a7949d46190edea839c2ce17ca4db1b7babaa22310386cfe92db83b0885815b0a6b8fd01254d1ad58f098a0089e068e1f67123fd38a72f635e45d18 |
/data/user/0/com.yxxinglin.xzid13172/files/.envelope/i==1.2.0&&1.0.0_1718359519472_envelope.log
| MD5 | 2203577a345e20f59e421e102a3ca83a |
| SHA1 | 4981c63987c3d4844d10857f9b4e18865d99aa2b |
| SHA256 | f0ea160d4d2fd04a9ab46af9cfeb491ed83e25915b3c2d877d1cd7067211a05d |
| SHA512 | 3b44a22a21a94770236615f6fefbd9330e6f1221ee35085885733c4afc0dc3b8012f77b90cf1a8eefa3864c7a89d393beb1ed0c2434ddfbf46e1a937682c82f0 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | 06b68d26b15e83a6f0751fdf8d55ff55 |
| SHA1 | 4c2b46e93c8d40bb400bad9e9e36bacf7adfa21c |
| SHA256 | ff19ab7c3a7d57b1e6b12f3872d2eea6dfd495e167a9f57e4fae256642ec7dfc |
| SHA512 | 158b3b3a8acf37637a7ed7c61d48f8794c8aef13d8d1ed6543a3c5bb9a0ba3fd4c1332e18ebf6b121bc402d47cca5caf2be14aee6f462747da8d4eeb54547186 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db
| MD5 | 4a8120c91e3143b2db43971dbc77cf8d |
| SHA1 | 37c5700d35059c4e0a718ced73b3d73ba5d2b277 |
| SHA256 | 1fa1b6e6bd75bcef64d35785e2fd6f2e73dcdf92dce73c8b2a8fed49746d53bb |
| SHA512 | 465cd282927e30a0a894a75ad261feddde5a31869c8cea6b548362afce08fbb7cff7a784bd1d62c3e4c95916ce30e758d3919dd4cdc13176f29d68c2620c185c |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | 15882de06bc6393bcd14605f2e5b5eee |
| SHA1 | 06daaf35096945d397cc7ea56622cbfafc4f313d |
| SHA256 | e0010e78efc61f8fc4b203d982ca0b1a371caf8ca7898a101c9c4bb582596f60 |
| SHA512 | c965563de1a2c54cdb10727dea6673835afef0ac58f4167620dc5b731b787c0b30dddd5b12b409170b2e9f6e996e6b65e5384de79f5cdc6a4af1dad4ac14930b |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | 9b32c8b530b7910b53542e68ec1ef336 |
| SHA1 | 0d3f8764a9427227ff620f3ba0a836eb37bba51a |
| SHA256 | a8122a1f68a19aa9de0060ded325778c7b2ecc626b449049b4202d744abd64b8 |
| SHA512 | 99476b5172c13b197f86684b2b48bb738fe8089229610dae003d0aeceb700893bac8be9f7791fe4c8104efc7763c56d9159de16db386772f8622510a47d66936 |
/data/data/com.yxxinglin.xzid13172/databases/ua.db-journal
| MD5 | e697cad7b3ba63dabf6b1e85afe8983f |
| SHA1 | e84c4478f5eaa6a83c7515f74d419739124ae67a |
| SHA256 | 5bde69fc6adfc0559ba1a7e1503e033c7d46af443a02f0c5156660542cc8a884 |
| SHA512 | 757903cea36ef2a75af0d7db406731e683beb2375bfc615be9498d848c9cadb096ebd45830ca52eb3d1d05a6b34976c1c738752feb06a96865191d0c140a783d |
/data/data/com.yxxinglin.xzid13172/databases/ua.db
| MD5 | d247d8af344acf30d4a65fe408ce6327 |
| SHA1 | e3668c2ff5fd92e784d799568462214659f383ad |
| SHA256 | 7f0d1edc338508bdfa77dccf7f85322ffcf5a10156ab77d3435f123349be00d0 |
| SHA512 | 25ba65bda718c29f766c70d989220635d86b84f97a940b46b06f24c527056d6611191549274414df917aee30e1522cce54856e53b4f41954dfc6239ca18b9dca |
/data/user/0/com.yxxinglin.xzid13172/files/.envelope/a==7.5.0&&1.0.0_1718359524586_envelope.log
| MD5 | 91c4ea075b2cb08252d9d01e2a12c321 |
| SHA1 | 96ace7b69e7c82ffd01e97dcb9a76c463bc951b8 |
| SHA256 | 3e41161420dcd4a97acb652e962f790d0a0a0665ac6665cbd0d7e67fd03fbb1e |
| SHA512 | a4cc411ecf0706533b3baaf1ca6b2696240d982ec25c6e2c660f617df9f3ee09eea55d352d05792cbd4d64fc71a93f6b8a79ce5f08d0be697423827402609218 |
/data/user/0/com.yxxinglin.xzid13172/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzU5NTQ5NjM2
| MD5 | 77bcb5656fadcf886fe15505f2ac9662 |
| SHA1 | de9ed9bbd900f8d416ec01f776d3c56313f6b143 |
| SHA256 | 042c2dcc5e495a01485ff5fbaa1aa0c755f38b6fb3b17253108bd7ac440380e5 |
| SHA512 | fba2a0585a90daebd6f59a49ea5ecf52535b25845ad071c5ba717f6d7f84ba202bb1e52e05ec9399049c8937e266b2bf7761b0afbb77ec9ebe53dab24237318a |