Analysis Overview
SHA256
85493521fa2e6fdb0bccfe0ae5ebd19bd8e215713f777e669261578933978f2e
Threat Level: Likely malicious
The file a9000c449a9cfc91122147759d0964e8_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 09:37
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 09:37
Reported
2024-06-14 09:40
Platform
android-x64-20240611.1-en
Max time kernel
128s
Max time network
149s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.smapp.habit
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| GB | 142.250.178.10:443 | tcp | |
| US | 1.1.1.1:53 | api.521app.com | udp |
| CN | 119.29.27.226:80 | api.521app.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | tcp | |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
Files
/data/data/com.smapp.habit/app_crashrecord/1004
| MD5 | af5cb07c509e545c406e3a7638040b34 |
| SHA1 | 135cfcc0df1bc2d4de851c196a1be6a33969a4fc |
| SHA256 | c96133c45b21d104042729a8e284905c739d83f2c4cd277f56ef1197ed747393 |
| SHA512 | 38f7b3427bb1bb60f893b94db90143ef14bb58589757e316c257ff002e69ea23a20174ce2f1dbb1d92d5b4d6754b1327ce0f354ed32a010949ea33251eba1f30 |
/data/data/com.smapp.habit/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 712f49ae4ecf6d13b5285c10e089c396 |
| SHA1 | a0d32b600358efada6e284e17712aa4b7096755b |
| SHA256 | 5390ab1125e83dd103838e41e9a932d444744e8cc7087bfb1c99be5533c79b75 |
| SHA512 | ca2ec468ece5e5da5566489a262d119e366ca994855df82cbcf00e394ab2e8cf7e1d7ed794857a97eafa3fd9835a2e630518d681500ca9bb6b65ea0e1c99f7e6 |
/data/data/com.smapp.habit/databases/bugly_db_
| MD5 | fba587ad00c39b395bc9598405f1a5c3 |
| SHA1 | 9d31f345069b163d66df2e747a98f25ff85e2992 |
| SHA256 | 44fc589bb9f2cc1bf4750c9fdd5843b21f0e5550edcfd903562590939915f1d0 |
| SHA512 | 89181aaffa05b0ebc66f0958958410508dc366af78cd28937103581784f5a178321f0bb1e2be98f97e64889e5d4dbf61d6e27999d48b88353016de8c77ef6fae |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 1c6cecae160b2b65ff69c56bcf5e5580 |
| SHA1 | d39a17d7db84081d4cc260bdbd3f5aca732d904e |
| SHA256 | aa46b6734ba7e8ec596d593c40561050b18a3d789f8dd29e1fc467b8a7bf26c7 |
| SHA512 | 8e4ccab121e42def011545076c9e42e9ee699474c263c75385c10ebf4bfa4a5e1d89e684179c3c18a1392e969f21d4e590aec5300c695b821f09ef19eed47e04 |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 48e69fc3fc2aa18d96db86cefda2414f |
| SHA1 | af871a1e7d7c1916f4e431bc4ab1e624c81adb7e |
| SHA256 | 1b1c50482efd730e9bb6730be078ad210acd4b974bdb7abe3dc656c1135ecc9d |
| SHA512 | 62c95367e05a5a2b4e3c204c47e90e2a61cbdc5d924b4a1cb78ef0957ca6aacd40655b12b8cef2c907e9b5f56b7f4ffd15f6230f6f39b56365f20efc1a575e3d |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 8b208f1a7d7b3d100172fe8955af8c91 |
| SHA1 | 4eda3af99d4e891a6f69644cadb3ea5d9f8cba51 |
| SHA256 | 29b8f40478b06b13b2597fcf1a408005645c19749528a545e2976a5ac6086578 |
| SHA512 | e4eafd032dda14ae4704e656883eaa933a7cc9af54ccc4dcebc8f758eaca366864695a70909bd3b454e7928d14e0a36bed27e6585e1e64417763057c640d1812 |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | a841bdd9264b3cd3e9d0a6ace3a6456d |
| SHA1 | bff99d71b048bea247804b3e27da76e7e745a81d |
| SHA256 | 0a7e54172f323f3506d7b96015f7c8c401d155f19eaaaafd6c1df1e7a3fd0432 |
| SHA512 | 8cde54087a977957c3eb2d5463b43373e1a9a5e7e5ab288deb94348e8d5bf6d95dc2bb27d4d36657172d9d8cedf0131d0f9c270d7f1e2ea0870750b1f5509be1 |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 4ff60e768ea9f2cf5fcf1d55497776ea |
| SHA1 | b9079f4136e61e0b803f12f981bbc8c56e446ca4 |
| SHA256 | f8ed2e9307a7f1ca52c3880c9ef695dcc4bbc6ddea910179dcdbabec996a12a0 |
| SHA512 | 0bcd02daa8d098d599d621b6dfe119d3169c657633cf2cfb3723f66684d7cb02820518db2218754b59aefca95588efa496022becb0ab47783580c8654981ab45 |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | 0908e924aa236931dc7166fef6e00862 |
| SHA1 | 7782648d6d8f6e835bd47058d4852932c096a467 |
| SHA256 | 38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f |
| SHA512 | 3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 316fd6ad7557642f3bf0f2b097b2a019 |
| SHA1 | cd1dc4663adfcb9f625435addc566dde81238c70 |
| SHA256 | f73952ea6f3cf20c9ec1eed6896faeb4aadf1a2956e2d683971349d95d0d9541 |
| SHA512 | e720b2a004041d5bf92e1fb2a1f17952cf1c9fcd9785778c45e3f223b18185e0a7d9e9c21234295e781164d26d3bb7b851226f7ecc1dd0ae6c750988a97d927f |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 0dc8b96786b2faf3d90f7b186415e40d |
| SHA1 | 3ce3e0d4969687e9386a324eea8cfe2e2d082301 |
| SHA256 | 90a220eb7ba38ea24b9a2e4332bfedab0d79d629b0ebbdf758180bb0faf59a48 |
| SHA512 | 42a3becc69563a95adc0b96860ea6029aaa04868d39aee2a8c92ca80d71637ef667d743a5883e4d32a805572f7d88d5890571af8a20dc621e6eba17330971d5a |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | e6787d42620e533b615c7ce517852d6f |
| SHA1 | 1ba1c22bea00f628f1d580aced8affa59179972d |
| SHA256 | 6542494be321812ca086fa4636e6ab92bdbbea21a78ae51f1d2b7ff7250b8c09 |
| SHA512 | b3465374cc7fd0b6c90ec1003bd47d1d35b6d970401443aa5490fc6c3221f7a23a761ff62e5377ebc0124796ac9e5897dcde719c46863ddad729c037cdd9e9f2 |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | 8a83f7ecf20987f05052d52dfe9681cf |
| SHA1 | 100d516fc6a7cc3bfa4434b4d9e531f5eac2dd39 |
| SHA256 | dcbe186a9202ead289667476df61dca890062ef4d91a9fde2e53d24244d60c38 |
| SHA512 | 333b5bdfa2077fc0582e300ef59fa777a7370fd85d54c78fd46e98abb7593a3810960cb146b75ca35d717df03fa08fc3264a712f51f69ea81f1b502f690ede23 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | b868d182a8474e3ac5d29d430cc7b954 |
| SHA1 | a1db61c73c8865177f51ebb8737548008acc76d3 |
| SHA256 | 2f2e63506f92c334aaae0a744a90ee7f7541f10842ae6dfed7b0719c0448346f |
| SHA512 | f7858bd0c80c9285d55b5632a9ba9372d2e722aea184cc04f8407d2d66fe69f1dfab94d0f72b7a1774d0b8528b707a3a216268b4e64b82fc9936ed957fb11903 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 8784a7ed10228abddba9a6f46ef559d2 |
| SHA1 | c2b4bee8f650653f11976897031768925b0246b2 |
| SHA256 | 6de31ad49a47cb62787ef0a7b424dcde932d222cc4c29d5344a7fdea72df60bd |
| SHA512 | c66dbc3733b6b0c0887d1bab8731becc5efcdb98d460df9961186c8486a4ae36b4a96561d03c5fbcd6dc40e593a55b03a3c582c0baeb7720cd36accc26866a79 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 1dd00dc3149a0a6f5b29034796c8db2d |
| SHA1 | 9cbe0a13b42d7125f027394203048b5069305d33 |
| SHA256 | 6cb9ef9e2ec429d46a5bb42d5d2ba8b61609e1021b317ce5ba243a5b52deb732 |
| SHA512 | c15c9e1795f72ef555ce61ed18781588b44fa0fbadd9a5fdf7bc7191b529b50010499fd64e891cca0ad8a135ec7af7694194bc5179135b96b13fe36bff83d4aa |
/data/data/com.smapp.habit/files/umeng_it.cache
| MD5 | 59f0b387f318363fdeb8ceff7826161d |
| SHA1 | d52812686dfe9b62aa9bb8437b4fd6eb32855949 |
| SHA256 | 5d6bc0e7b580135f085335f9b71c9cf7831e6c945d7e01e4b26c5a9f3dd31ecc |
| SHA512 | 25dbddaf86a23fb7757cbda29c909fd9024e9fdb5043ec4ec1d700c03439858b5644a4998e5f537bdf37d6be88cce689b177083ddd6333de4f3bb9384ad5fc0d |
/data/data/com.smapp.habit/files/.umeng/exchangeIdentity.json
| MD5 | fb41769b18fb015fd51271f58315e685 |
| SHA1 | f92ab7ca03545d317ab8aadf458824d44facc274 |
| SHA256 | 06f2cfbe7e31fa19271b13705c51d715b177eb059bf783faebcd5313b60babf0 |
| SHA512 | 5f90bed560d32849ebbfe128355e00304e7b3236bf194d724e1d72c07a7ef742dfa2bf4918d92d177cbd4907a162bccd47f8aecd09c2697f2410261f6275279d |
/data/data/com.smapp.habit/files/exid.dat
| MD5 | 5938cbde4e676e4766d623c3ec3131d4 |
| SHA1 | 11971a6f670e8636810c6ca7fdde699e2548f632 |
| SHA256 | 4ac5e5bb56a900abb5932831680140e9b016f8a8171c80175e8ed646645e3bb3 |
| SHA512 | 3b22210fa0891dc17c6c1fd53ba89df91a0406aba0325d96b9473e1c0db7c7db22ced050765cc68ed1aa008f027d03be215fa316b62d10f430c31be3e154430b |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 68c4223193060f3162821671d56ab49a |
| SHA1 | 11401abfc7c00f9d00bba5d7d45715249ff3fa37 |
| SHA256 | a185e993040e6528d7198c917cd616fd2ad059cfe2ecb7c1f923fb82ffe52ab7 |
| SHA512 | 7424f89739d97503f880f8a15fb2ed69a6f2fb7cad95f1fe8a8ca1d3c3ddd3ddce7e18b5b33e00aa316dc19ac2cff75edceee37adc34e752cf662c02fe66699e |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | 38564ad4c73e5619bc2264b0c44997a5 |
| SHA1 | e55f6fe1b20347ad4cd58d77af0b0feb149f63d0 |
| SHA256 | 1820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8 |
| SHA512 | 30d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 5a217d8ff73717e790173bf41a51a9af |
| SHA1 | 3c9e2f54cd8378ad52a9f0683613f805d4d9b642 |
| SHA256 | 6030d94ce0bd0019302dbfd3d1faa58f64217d83697451455d1c5457cefaec71 |
| SHA512 | 800094c684c626df9784c7332cb86f585b2f5e3aa66a2a211700b4bbeab5bfa961e36930ea78cfdc00c41c08c6c3c18781e780d21e1973756037166f4049c5d1 |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | 67c12933d1e0e63d9801a6aa43092ce7 |
| SHA1 | b6936908554e4a1986b8eb08289e2d3545e8ff74 |
| SHA256 | abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40 |
| SHA512 | db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | ee8cf33b157ec51de492a489129a17e6 |
| SHA1 | 9e665bc94967cebc7dd7c69de8b8246ee656d2c0 |
| SHA256 | ff6af4ea5d0bf667374587fd9090b209d1708bcc158b90330f89536b2fecf23d |
| SHA512 | a9aae8af476279246d0aca5ddb6ecce3244dcd2e138c19d6e2d77d64e48238f753526daac394d71a794d484ba2b0c8b006c023a4dcc0ecd81aca41dd311e9bea |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 4910fa362e469a50547ae6956f0bd41c |
| SHA1 | 1dc0532fbfab2c2fc630d1deb03c3353f6188e91 |
| SHA256 | 32f50b6bc05b469e05b7993d9384b8d63f24c40e5a534c0d52201a07258e7327 |
| SHA512 | dde6c93bcaef61d8a21f85f2c8b41e83240d11b7bef28142f2fcdc639692d8bd7ebff60566fe32f4bfc05fcd33576e2854d651c57695ee98e2a210a8b7db3a51 |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | fe38f4029f1581e38ac154dadb2dc8c8 |
| SHA1 | 0dc28b30e590b846bc234653bc91e0e555ed7dc0 |
| SHA256 | fcb30572d24435ca567bc91b20be7ead0de2d85d17f988ffdd65c8c7f5a0dc40 |
| SHA512 | e6f4fc97c7d6afa8cc670b375a258ab81edb8104871d7a802051e852ee642707fa8a70a3f453eb22e021ade826ecd44f76fdbffa5201210b24d27f78b5ddf638 |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db
| MD5 | a852ebc3321d2bc807b23175a6a71edc |
| SHA1 | 645a7fd33cf75a23628d576e6c6fa5b454d16f13 |
| SHA256 | 256fb4171fad95478a5a6615ef2bf8cdbb9948eb7f60ee6c909cf5480436128b |
| SHA512 | 145ecea475401cc23e175ae5410fe8bea6f2b2aa7f9dcd40ea048cc60f57f48395cf6aab3681c35a3d275d20e79a342de3e8e2302ea2ee234e53ec9f34b5a831 |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | ccd440fe7cefd71ed124140e8c51ea14 |
| SHA1 | debe379a9f5a699af45640f55db44ab727aed343 |
| SHA256 | e362a271e060c0f11d37c03b7b55af35cb10c4a098fe811688767ae4dc9482f1 |
| SHA512 | 525987d768a3318c56cf824ce94aa1e25242c8c7b89f93b0448d8f12582ef05b4c2cb63f7d98492293c33c9a152bc9a5f0a4590700c462f50a75cd5484faaf1c |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | 3e6b204bb773719fe62d821357746163 |
| SHA1 | 03873abeb7a3923cc63c0c08a4045720c58e0495 |
| SHA256 | 01769dbe4033e3ce86fd98ec7a7d6ccbbc7c172ded1a98471ad6074483929298 |
| SHA512 | b0dbea21154603639e6ce894a992accf6e7b00900435e6b83a84e44f37dadd7c048bc2c0c0ba44211ec6efc3d3bdb7d686164ff0db80334d16e9b64cf3b1a9eb |
/data/data/com.smapp.habit/files/.um/um_cache_1718357984123.env
| MD5 | 8ea1a9df65c9ab8817035cc4b947996e |
| SHA1 | 6451b50b29ac6b3784d2a7329124598012fbac7c |
| SHA256 | 8e72814a03dac30d692433cbfc49313a4b03ec51a9aae38627f86ae494e0a086 |
| SHA512 | b32424d0be7f553dccac05350e5158f287287f3cd7abb390e46ccb58bd81a8d35d8a952a0f71e122f29abd23c4b4acd6e861bd8b8c8aa6a2c9d43684a7c36bc0 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 09:37
Reported
2024-06-14 09:40
Platform
android-x64-arm64-20240611.1-en
Max time kernel
87s
Max time network
171s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.smapp.habit
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.234:443 | tcp | |
| GB | 172.217.16.234:443 | tcp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | api.521app.com | udp |
| CN | 119.29.27.226:80 | api.521app.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| GB | 216.58.201.110:443 | tcp | |
| GB | 142.250.179.226:443 | tcp |
Files
/data/user/0/com.smapp.habit/app_crashrecord/1004
| MD5 | e287e921ff6958cb0cb4eadf99c0ff24 |
| SHA1 | 3e2578a472b101e5a97b62184da5186bb4086d84 |
| SHA256 | b18046c0a941742fb650ef5ba3707a7d2c795b09def72a3178ff2e7cf4568c40 |
| SHA512 | 384aa14b699d428e16d850c3b11bd55e345a68413f8f666c07a34297a373c8249cd9c0f68729a1064be1d4538f92c44d2327a8991e33137ecc3f554207edca2d |
/data/user/0/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 6cf0b830899443569c607b767f35ae91 |
| SHA1 | 9582820f0ee95bd84a65c179b84275804b5c2c10 |
| SHA256 | 16c3b56f7566a551d5feeb1a670600e20c7d69e1b8cf72adc6a931abbbd9afed |
| SHA512 | a294b53ac0bff83435152a6e62a0073c986170e8d4ad1a2cfccf0ffd5b6af1fa5205e726d65bd825c2a3a5b180adf1e10847f60aac608e725528fb7030ef4660 |
/data/user/0/com.smapp.habit/databases/bugly_db_
| MD5 | fb5127b812ce2183401cb637e587bc78 |
| SHA1 | 8ce6cf53bf821baffec575b09fd75579d6770ffc |
| SHA256 | 6725d9d263e413e14d4d8cb0ab131f907b0c2b6b0a6a94304f9096b04c13e0fc |
| SHA512 | 8b9cf192771e6b3df1b6974077af1f6f7b17324c5caf5fa59abdcd70c75c6ef2ef22c012ade607c4496753577980b74da79a0f3c49bbc9669c20eaaa79f1b13b |
/data/user/0/com.smapp.habit/databases/bugly_db_-journal
| MD5 | e0e247907cf61d6b53364b09dccd3097 |
| SHA1 | 7397f314aaf9d850daba631b47eadf51458427fb |
| SHA256 | bc81fbe0adef0c12803d19c783a638986794e1f4da95c95ccc461b2951ee1594 |
| SHA512 | 23d501f3ac269eaf2f0236a54616ca63871119eab1b865026db3e3a61af3e4ed21033b502a3dfd3ec7b256b2ab61763bc67d4d35480685c3abaf8193cff4e24e |
/data/user/0/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 7c027f3021c1d8306f9e851932aba09a |
| SHA1 | af1a669b62317eebd44a54a6e35282d1d5a6c34b |
| SHA256 | 3ed95aeb01a3324320fe3509a0df26f20e77ebdc81856c4302598fca44c4ef2b |
| SHA512 | 8e6d8959d6cbca861797d42375a09805f0fc537a4eb6727be75024d25c555f944499206643e4f71b19bbdbc8e9014e0a0201dd8837979738547b2daa76e00494 |
/data/user/0/com.smapp.habit/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 73b713a5a65ae8addaa4e82e6e870edc |
| SHA1 | 83045a4a229c521f6ba743feff996b9bb8e51329 |
| SHA256 | 1d6fde4696fbeec3a01297871e8018e4539502c2bf1b4a9165db02e20c68e578 |
| SHA512 | 735ee51ba26140d648b8ef466c894f7ddd8cc13a2ff8b0cce4e0f1bea08559d274dabac5a9014a4eebc42af80e5928f9e487ce7a85c87a1735e96704b88f3afb |
/data/user/0/com.smapp.habit/databases/bugly_db_-journal
| MD5 | b412d9a17df635cef5401667032eb895 |
| SHA1 | 11514135e388139ee32d38e27a9fdc509523edb7 |
| SHA256 | 01ea576a3ecbbff6b449a212609c0adaa5697aed213db36ea2e4393915afae42 |
| SHA512 | 0f7429ea381ee932e7ad1370f980e4ea0a9bb568103d486ea636a6eba607c23e4ed488e69080526a3d7c000c6e8af1109285cc6b3bb61e659320a230f82df579 |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 614666c0dc96ad443693a48176e8f06f |
| SHA1 | 1fde240987584d899c330680fa8ea7c4fbbca609 |
| SHA256 | 29a87b77051cb7d5b33bff7e81b69314bc2c532baeabe03d7dc8a9fcd9556f52 |
| SHA512 | 690d857cfe0aa13764245d5e94b1e2e6b42b94219f38c1307bc2b169c989bd364f70dc314fa73612c7ede134819e3f4da0cd851a4546dedd04b8dbe1b73a80ef |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | 4cfe777c9f6e7859f5efe2197401d8e5 |
| SHA1 | bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a |
| SHA256 | c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231 |
| SHA512 | 6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | c2f30b6f032d1756d20f4f1c4ff577c4 |
| SHA1 | 47a15457f5126e610505bf5ec25607a6146c1b11 |
| SHA256 | 6a1ce86e2484dcbe224f35d648b49520e6d35cf0da27160e19c7101808f3a844 |
| SHA512 | c0971ed6b8ca6e7cfe0bb9dfd93540663b962c3ceb309cf33034b3d09090ba17cb0610b3953765a7c57a866c9a507d628ac8e93d8f5b3810a261026716b730d3 |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 0272290d428657920af1b3bff9689358 |
| SHA1 | 5bb49393609b53f377698d4a320e966a901af641 |
| SHA256 | 1bf2a2dd4e0d06beec3c23a33116b993115e95b6ff258ddfbf96aca067e206e8 |
| SHA512 | aa8b808c7c5de264ab1b0529dba66f65a34462a77529901c19188411d24ff8e0d1062086863ca0b4d1b809ac7d1c727955d1d08fc3c203ed20b18de2643f9865 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 939a199a8641aa4e560444ed8422b31f |
| SHA1 | 733f78904d368e687103690e15ce0bd8fb7a4e35 |
| SHA256 | 98e7c254153a451603b8c6bf930d6fb15ce744c7089a61368060ea3742710ad4 |
| SHA512 | 0817c6b8c31a7198f68956403a259bd1213bbb475a0534d42edc85cdcdbac3bdfc164eec31c0153e47a7b1f9915bdec4706701a188e005e72005a65684b29be0 |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | 7bf7ab1da9d209b4b12f27c31be31d32 |
| SHA1 | 10c719fb8105c79bc789561cba80a5617e2414ce |
| SHA256 | cce58820e31cf3a3915dce7232b87d97332193cbbd694b71d3d1bec2c5270fb7 |
| SHA512 | c95e5ad939bdff9387f6dc512dfdf8c18201528b23f459c9fc2b47f608ae23066206c1a28cb87a2bb36f9eb9552b0117dd3965e7756bf5658055cd1bcd91b507 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | c9abb7350a67641172f99178cfdca9a5 |
| SHA1 | 3a27b3218eef6d82630e21a17415cb2483660184 |
| SHA256 | 79524a138ef55d16410191b5109638a2fe96e2211de99368471cd79f5d7ef655 |
| SHA512 | d944b6796ca2b8708665df17153b88885b3b82b855e5c596cc978eb2eec322c6e2c5b26ec0b8f89381e65a4a2c3cdd7a5340910221fc65dd26635e0d1e1d72df |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | a194eabd392faf98b15249c52b6c5e5a |
| SHA1 | 8e389dc5a364cd33839b693d99743f05b7d4a9af |
| SHA256 | a1f6b465d8fbb41f59315559ad8c871ac25dc01fd0cf5299bcfa89c800af4537 |
| SHA512 | be410a1a1d74e73eae436c23c2afbcf47cd99fe5d6f688c1c861b4ec3e73c4921f4b1635a4e09b1154e4214dfd2ac6226ad55faba9cab8c4a073e4283222f883 |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 360c9d662f5f0f17c77294679120bab6 |
| SHA1 | ce9717d704c480bc66903f95a7b169b5b1b00487 |
| SHA256 | 98070f791040a958466c0de860fdd25a9edce201da0dd8b051e4bf1f1b2cbd72 |
| SHA512 | 109603e63660b430e856655a6e0dbe59144c38c2975efc7320d14c81f2c88e75fcf27e9c177c1a233b05c2b5d095a0d429a14696c2a814f9a47deabe3aa66f22 |
/data/user/0/com.smapp.habit/files/umeng_it.cache
| MD5 | 1041e2c315edae3a3a2f0aaa24766ad5 |
| SHA1 | a9668bf831e209a25cb2c24aad4df8760345eeb0 |
| SHA256 | 507f0a65719de1116a3ecd18e77ec14365ebb838386cb3aed24f165d18961855 |
| SHA512 | 41f879b4cefca14b4675e45904bf235b23f0ecbc4228a8e1ee00474586bc3853b512371319e6976b8ed6f6969ef2de085480edaac54efc3220c565ec99a8ab77 |
/data/user/0/com.smapp.habit/files/.umeng/exchangeIdentity.json
| MD5 | ed5a138f2ae6a17032c5572a4a6bddfa |
| SHA1 | 5c8996625d5cec48c79f4dad8276c2cdd6f91c5c |
| SHA256 | 756c4eeea4988ab93a34db1a467063cdb49998cc382360f2e05ad5f16672962d |
| SHA512 | fdc05636313f9e67636d03bbaa59ef770a7b8d25cea0c53c6f52cc7142b8c4580a809feeff0edd3881ac95b8bc5e73dc2a770ad7279a21ff6ee6028f856dc15e |
/data/user/0/com.smapp.habit/files/exid.dat
| MD5 | 5938cbde4e676e4766d623c3ec3131d4 |
| SHA1 | 11971a6f670e8636810c6ca7fdde699e2548f632 |
| SHA256 | 4ac5e5bb56a900abb5932831680140e9b016f8a8171c80175e8ed646645e3bb3 |
| SHA512 | 3b22210fa0891dc17c6c1fd53ba89df91a0406aba0325d96b9473e1c0db7c7db22ced050765cc68ed1aa008f027d03be215fa316b62d10f430c31be3e154430b |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 713e3bfc82c089babfd716e785cf8267 |
| SHA1 | 8511ff4beb821fc0ad7c1c6d4c37e5a233267338 |
| SHA256 | 74e486b636a0ee358f9cd8c22f0a05444023da83f048109b528925f00eb378b7 |
| SHA512 | 80a856c96a6652d9c324fb68343e6efc8d0c49a2ff08f495aa98bbdfdf7394b306c64661fc1742983d5d2e6ce8e28f1069227659282439c3ff2fe73a4b84a298 |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | 4cac7d31fb94d5c9581893537f64c5ed |
| SHA1 | 96bef3288546196ac3058b5eeddbe9da1d999fe5 |
| SHA256 | d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5 |
| SHA512 | 0ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747 |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | df921711a4463075605d031367a7066a |
| SHA1 | 3c3d1c14ef6f69f0b941cdde295a1afae87d2999 |
| SHA256 | 4287aca35463ddb09839c3be085335c76a534d4618cd7f780d17facfdef5ade8 |
| SHA512 | 57bd5314bed39cbacbe7676490bf2a0ff2f374bdaa94039e24805d19eafa45eea4efdcd5904f506f5bbad62822e54e38df0e1d58074e01df534085d1606f514c |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | 86752a4be6564d8370f2f0e403995003 |
| SHA1 | 29f7d50675f6e59f3b808eb6dcc8619384412115 |
| SHA256 | 50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c |
| SHA512 | 79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 76ce81d91c49af34fb951412a0f05cc5 |
| SHA1 | f7b68f8842b89f97b3fae10e335dda1f74881e89 |
| SHA256 | e0b39f8e61305e1865fda8450ff5b2f9bd70a55164a9e009173c9821c5058f12 |
| SHA512 | 27eaae4a3ebfcb95ee0165fb107ff0c700a7021dc7e6337ea7a916437357487ab3ae18e64ff35b9ae10cfd73611d6f38c92cfd9cefbd4ea071bd7e7acae825da |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | bd4202043f7b9292424024d6ec362879 |
| SHA1 | 182151ecaa7f3ce63180221e4403946de8e4ea01 |
| SHA256 | 49e87db49a43475e0253a1c3898a60112138ab926fde5d236efefb3c03534a6b |
| SHA512 | 9be51987d3162d9a3dd8c1c19fa190f77cf669163778f30679cd91699403cf8c4a0911427d46a9d9e238df6e8dbd18d3210908e6d2f108a9ca1c5bbbd12c0893 |
/data/user/0/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | fb0641132a7a4c5c8f4d3281cb748d64 |
| SHA1 | cda86c8f5523a4e3c24a8685eaa88e916b784f72 |
| SHA256 | 74b6050527b9144782b75afd4c5b81b1fde525eb3f3ce373d3400054e4d46397 |
| SHA512 | 5566de6451f3283a298f07776ca516bc6cc511d63f2a8013b3a38171a0533986e987db4a20cb2c76ade2bef62b083ea7f8687022386e1a8bc3cb2e0c64e7e3fd |
/data/user/0/com.smapp.habit/databases/ThrowalbeLog.db
| MD5 | 61c6e06afed0ed244319a8b366ccac7f |
| SHA1 | e22ae75378d506a7b13191e12b48341f5d518091 |
| SHA256 | 2d8d6058ca911211fed5562ac88fc34a45718dbfd2e6b8aa26b52f121a48aa9d |
| SHA512 | 806f9ad0077c1f3b8a71eebc3a327eb7037717dc9c33b71219c54d7ccf955fa5c60fbab06dbfae8d022cf0acd0d8eb6bee231d74afcb926a923b9f32f39785fb |
/data/user/0/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | 0e734ceae6961c887b62e8b8243f7074 |
| SHA1 | ed10416020d233cc0d637298e4e4f9494fffa95c |
| SHA256 | 1cb87058398b3ad5ab74d05ad2b9958c30421d083fa4168e74f3b94750477047 |
| SHA512 | 221546b194a7493adedbb10c1ac6636294e77ef67487a6a71af26a8482636e1ccb9c24d82670f809abdbace78974890405c737172a2f24a8baee2f01189769ef |
/data/user/0/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | 06871f210dd4906f2fdbeb8030219b2e |
| SHA1 | df93bf77900afa89797d44bd702a34276458c15a |
| SHA256 | 37a5046c0c37fe9e7c8b02ec9fa9b6912ec12c4d33bc1c6c3ba4cbfbd3c49b30 |
| SHA512 | e1404a92f5f9a3af38df1c66f3af6d2f8095c307a92dd280b5e1bc6e928543b5be0eacf66293c8622b80fbd2e25c1c267e713fca5a3d8307a08318cf9573d973 |
/data/user/0/com.smapp.habit/files/.imprint
| MD5 | d1f06a10c5285fbd0a14de90b101a7dd |
| SHA1 | d421475ee50631f0dfb4b2ab81c4453403459c30 |
| SHA256 | dd7beaf504cd613d393f359cdea1fea53920bc71256bb4efe69fe8605b6f6b4c |
| SHA512 | 1c1a5aa58591ed3f59aa14f677c46b51ba87a2f39b8aaba27b4082727e0cc777c9782e7937f06d04ab8317bb00bda3e3899db1e4dac2cd7145324209df4e7641 |
/data/user/0/com.smapp.habit/files/umeng_it.cache
| MD5 | 9f5fc05ff8ea19d5eef81d32e814e52f |
| SHA1 | 0ad9b155e3a3f9dc088b5d5076294f4e06d2c222 |
| SHA256 | 26c44b3cd2ac49ac6c979348059f6e511e23a2f5870acd75dca50979a5a94edd |
| SHA512 | 0ab8cc4af4db732fa9ce3d6957c87bf00ef90748b298537128d50c7141d3f432f20395c23e5b812ab573737dd1c58d8cea3757953b1e46dc99dfe29971b9eced |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 09:37
Reported
2024-06-14 09:40
Platform
android-x86-arm-20240611.1-en
Max time kernel
159s
Max time network
182s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.smapp.habit
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.521app.com | udp |
| CN | 119.29.27.226:80 | api.521app.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
Files
/data/data/com.smapp.habit/app_crashrecord/1004
| MD5 | ea642e94f50604ad9aab30b7f1f4dbe0 |
| SHA1 | 7ce37ca91b1845eb5bda6050ec658e32892d105b |
| SHA256 | d0040b36991c61f9136cb00b2dbc01e1f41d8a07f53c46dd542c8da76653ae6c |
| SHA512 | 8ac4468cecfa69a383251576993ef7d65d36d3b35dd2ccb6cab8a62d4529f1fd44bcbe477038c7b66d19b982b8bb5d6d81967dcb91eee42f0b5b3b237b4f5112 |
/data/data/com.smapp.habit/databases/bugly_db_-journal
| MD5 | 9d51160902e0d64b8d1c1f15a72f5e31 |
| SHA1 | bc71e17ca59e5b5d861378527027a071b8d377a2 |
| SHA256 | 311d6608f427a16bdf1325c8ae64ae826c6a38b33f2d35310454f203271f5a0c |
| SHA512 | f2df76fda58e9eebd71377c63c0bdfb2de92524bc22699e024359c1814b075662c3075a985c69f19849a15e758a30f5c79646589bcdab297243c2a739c946c6f |
/data/data/com.smapp.habit/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.smapp.habit/databases/bugly_db_-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.smapp.habit/databases/bugly_db_-wal
| MD5 | 14d3e7e143ac92719ae0c1f16ac4ecd3 |
| SHA1 | b8420a6ee99e4091978edf99d4b4c8a7cef6f3c3 |
| SHA256 | a0dcbfb1de5d5d086294fbc761e2c9405d0ab37867682ac6051d254d852d8b49 |
| SHA512 | 7ce024212b4322d609017774ea527d2047b0a0e0983ca089fc98a2de0bb10351e316424353e2f4e30c156674bc90ee5600aa9dce0fa296f608b0324bcc9473da |
/data/data/com.smapp.habit/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.smapp.habit/databases/cc/cc.db-journal
| MD5 | 6d6dc2171c6c2517ded7ee759d5cf42e |
| SHA1 | e0bb6cb98b9581a156377742f790289c588fa921 |
| SHA256 | 487b571e3884f6795e24a0a613e76c3cead03aaf62f9271094112676fa14d690 |
| SHA512 | 453aaa6f942f82a0bd66b1726b59dee3a28f9d9c0ed0c72d36498f0d7c5072bbd254c73f526ce043c09ba48577fc3248f68a5e0ef58c97b8f50e5215c5032e6d |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.smapp.habit/databases/cc/cc.db-wal
| MD5 | 5149677fa3240c5288b99ab701296cee |
| SHA1 | 8ea8aedd2c14a86d6d2e9b56e7e6f297b47f9503 |
| SHA256 | 318d9e959c3dd0525bdffcbffdb6900bbd940031a651b82a74d3bdb67fb2ba33 |
| SHA512 | 4a7fe3802cca579d853c549d9268d7a55d7f9f46e30df44260a706080d4d255c1b9951df2edfbfbe6f6e583ca2c0ac7cb22fa83d93a4fe4c431675084309d14f |
/data/data/com.smapp.habit/databases/ua.db-journal
| MD5 | 4d4329408aa9aaa37630eecfba11d0a7 |
| SHA1 | c1d26940ad919b549bc11cc1db003b2252c1069b |
| SHA256 | 021d7f86cf0cac87a0388e951e267974a8c2de63bd37ec17e59e7ffaef14fb79 |
| SHA512 | b8ff8e4089f567f674e1d9a4c2d18bf539b49e971544a0ab57c5a1b01c146a40f453143193fd47ecea5ae799decf6daeee784363eb11abb597fd247c114fea16 |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | 6fba823c325c83038e873e8d004aee4f |
| SHA1 | 7a89bc2c9b804a7bddf8ea381e168015a9018a01 |
| SHA256 | 1bd6df19ace7b22140bbdaed0b36c97b48b1a48dfe85c028030884bee6f285ac |
| SHA512 | 764d80791342345cecebbc4719f5f1688025a5b81ca69c72566697498fcf5a07c259ea851e4a0ab51f299cf4d315fb37fa759a454af190c1c6fa6a8105de6a7f |
/data/data/com.smapp.habit/databases/ua.db-wal
| MD5 | 555f8a2a5673c8a677e47a1e8eb08588 |
| SHA1 | 15fcfa3cd393592cddeabb246231377bc6f4f684 |
| SHA256 | a2e620b3cbb9fd6c1da9a767177077cb953d043e5b831fce0bf5372c804d4c51 |
| SHA512 | e95ba06e39bf6d26b6242891a5279e9ca0d95433216d6ef20c607da464a4639ccefed534364f4aa9b269fcf36dda85892266d26dab9e8f29c6ee0312ae43eaa5 |
/storage/emulated/0/Mob/comm/dbs/.duid
| MD5 | fafe258d036588a59290ed19e603e749 |
| SHA1 | 8381e96291a9c71c7491803b32b9cfdb6d4b4256 |
| SHA256 | e40adc9b3348205f33ef8b9476537c4412fd618a5179ab7cb87d68887cc68071 |
| SHA512 | 2a049d60df4fb04a326bcedd7ae631fa52b7abee86fd38322c5b8b9e1693a0c283ca2f08dcb503ee4bc69ab0a75afbe3dc33762ed248402ce87fa214162a694c |
/data/data/com.smapp.habit/files/umeng_it.cache
| MD5 | 778b189701306e61be07b01ea22a55fe |
| SHA1 | 9e15aebf4e05d2ddf2d2fc1f88fbb431131c85e9 |
| SHA256 | e3ac7dea0ea4c6b384b49f28285d77e656a5db9262190ea64a7451a4f6bc4388 |
| SHA512 | 2ab2075460ce47056557a691917a0a2b52c9f671a9e16f5a6e3b379642075f526f463c9fb52d111f6ffe47a7cd5545a5771d2eceee486ed9d054489ed1c1c73c |
/data/data/com.smapp.habit/files/.umeng/exchangeIdentity.json
| MD5 | 9937e9d52ea7a10b260750a334c8b021 |
| SHA1 | 1ae45a4cf9a3bcca018d169d83a5818df0970fdc |
| SHA256 | d1fa59c1864ecc488599b698fdab39bb4e884ddfb3fb4e0bd3c65156cc78724a |
| SHA512 | 7ce8f5092ab81716ecda83df2a46492f3b783296d49317e5d94e9ccd86077fea82f485ffd10353179d4e828b7661a5f25e700b2f10fa4b71958ae4af5b17e971 |
/data/data/com.smapp.habit/files/exid.dat
| MD5 | 5938cbde4e676e4766d623c3ec3131d4 |
| SHA1 | 11971a6f670e8636810c6ca7fdde699e2548f632 |
| SHA256 | 4ac5e5bb56a900abb5932831680140e9b016f8a8171c80175e8ed646645e3bb3 |
| SHA512 | 3b22210fa0891dc17c6c1fd53ba89df91a0406aba0325d96b9473e1c0db7c7db22ced050765cc68ed1aa008f027d03be215fa316b62d10f430c31be3e154430b |
/data/data/com.smapp.habit/databases/ua.db-wal
| MD5 | 3ddcd9b7e4b68ff490a8654e99a35281 |
| SHA1 | da77cd7b5be5ebbbb0e56e471357d1ec5b9f6235 |
| SHA256 | a266f4189492cf81c837e65fcb84b2645964aaefa8a7a9619616b5d2358e7287 |
| SHA512 | 0e0fff7ee5953412bdcb5f55eb8acf857daa69deb5bf6b3d8ccbbddf813017ffd9c7ddb45c12784b634f89b8cafcc43cf5e51d2e90735cbfee99dc941818a998 |
/data/data/com.smapp.habit/databases/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.smapp.habit/databases/cc/cc.db-wal
| MD5 | 672959d141a7cc353946b5b271a2eda0 |
| SHA1 | 68b5720f238723c3be747ab996ebe2cf57ba0883 |
| SHA256 | 1a5f5b806858573389f889705da2877cf0461ba51fd6bdcecd4b2da98349fcc6 |
| SHA512 | db262f880fb4f492febd6e3cf27ce5909cadb157f25a8a851f6d1d12baafcea6a65a762a41b5669c737dc2c9748627d46208e205c287665047a93794b903605c |
/data/data/com.smapp.habit/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db-journal
| MD5 | f020e4c12ef25bea28de65ef4fddc1be |
| SHA1 | 8329a5b3e3677ceafc56f48c5fe90dceb1e27949 |
| SHA256 | 0be728d5e2ae48c3039798bfd67190062f2bc3ba1b98674f7a5790cf6dc25c19 |
| SHA512 | da978a3b217132d0cf8f7a2f1aedb59ec479cbd1b0019b3d35cab1ab3ca30fbf2f66828c55ba76349401a9dc657490224fffe1756137c6a0b69d9834b59ccfca |
/data/data/com.smapp.habit/databases/ThrowalbeLog.db-wal
| MD5 | 80efb2909d0df683980f39051d9ea631 |
| SHA1 | e3388e8896ab80bd3231bb0bc2678e68ca8992d1 |
| SHA256 | 537642f47f87ff7025d7261232ec108cfab6a96f0e3d62dbe80464edc52e896b |
| SHA512 | cacc89291814b70196a31c993bac272a823afc9d46d6dc8bc1ebb7f1d273411f4dae13301b45977f366ef1d19b8d4324cb04db21ce36e0f9e356aabe9e1ef897 |
/data/data/com.smapp.habit/files/.um/um_cache_1718357980185.env
| MD5 | c5dc1100749c4ce5e1f14e70ddcf6308 |
| SHA1 | b54a17e49b5ad442a3d52f424b728b8c53321dde |
| SHA256 | 8f214bddb795472a7b6b70ec2d1f600ad763264018fb877b9654bce3e0850632 |
| SHA512 | ec589ddc6b002740fc1cde248b9ac096560e813561a15b97c0e607505d1474b2a88ce6dca463356e3e8e55a7eefb2c5666a02f1d275b78cc8649e5792a6e49cb |