Analysis
-
max time kernel
106s -
max time network
175s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 12:00
Static task
static1
Behavioral task
behavioral1
Sample
a99131b703b8d06c433c2c1ea442a426_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a99131b703b8d06c433c2c1ea442a426_JaffaCakes118.apk
-
Size
1.6MB
-
MD5
a99131b703b8d06c433c2c1ea442a426
-
SHA1
8fab91f4e0d46e8d07952ea4c53ee54fa8a7ba4d
-
SHA256
3b01b63ab05a8a912f66df75aa26f16fc8660273f0cf3f2783d58520bd804add
-
SHA512
e0434944b2bd58c41083cfc53d58fce8e0b136c52ea96a6007162a7bc7319f43fc492f5ba7e0ed39e71032f3328ce728f3f2a548b854f5be09a8dab8808a778d
-
SSDEEP
24576:sj0DR/wncPcOFdCp3VtBL9UHjUqZVCnm+wuttBQRVT+CDjORXMWp4poK1hZ:sUYncUko3VtcLaWAuBDSRXt6nZ
Malware Config
Signatures
-
Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process Accessed system property key: ro.product.model com.zap.sfrfqt -
Loads dropped Dex/Jar 1 TTPs 8 IoCs
Runs executable file dropped to the device during analysis.
Processes:
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.zap.sfrfqt/files/cua/oat/x86/XZXINnVuu.odex --compiler-filter=quicken --class-loader-context=&com.zap.sfrfqt/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/Pdd.apk --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/Pdd.odex --compiler-filter=quicken --class-loader-context=&/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/app_dex/utopay.jar --output-vdex-fd=75 --oat-fd=76 --oat-location=/data/user/0/com.zap.sfrfqt/app_dex/oat/x86/utopay.odex --compiler-filter=quicken --class-loader-context=&/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/yl_plugin.apk --output-vdex-fd=77 --oat-fd=74 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/yl_plugin.odex --compiler-filter=quicken --class-loader-context=&ioc pid process /data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jar 4264 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.zap.sfrfqt/files/cua/oat/x86/XZXINnVuu.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jar 4238 com.zap.sfrfqt /data/user/0/com.zap.sfrfqt/files/Pdd.apk 4408 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/Pdd.apk --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/Pdd.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.zap.sfrfqt/files/Pdd.apk 4238 com.zap.sfrfqt /data/user/0/com.zap.sfrfqt/app_dex/utopay.jar 4441 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/app_dex/utopay.jar --output-vdex-fd=75 --oat-fd=76 --oat-location=/data/user/0/com.zap.sfrfqt/app_dex/oat/x86/utopay.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.zap.sfrfqt/app_dex/utopay.jar 4238 com.zap.sfrfqt /data/user/0/com.zap.sfrfqt/files/yl_plugin.apk 4558 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/yl_plugin.apk --output-vdex-fd=77 --oat-fd=74 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/yl_plugin.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.zap.sfrfqt/files/yl_plugin.apk 4238 com.zap.sfrfqt -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process URI accessed for read content://sms/inbox com.zap.sfrfqt -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process URI accessed for read content://sms/ com.zap.sfrfqt -
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zap.sfrfqt -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.zap.sfrfqtdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.zap.sfrfqt -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.zap.sfrfqt -
Requests dangerous framework permissions 17 IoCs
Processes:
description ioc Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to send SMS messages. android.permission.SEND_SMS Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Required to be able to access the camera device. android.permission.CAMERA Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to send SMS messages. android.permission.SEND_SMS Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.zap.sfrfqt -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.zap.sfrfqtdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.zap.sfrfqt -
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.zap.sfrfqt1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Reads the content of SMS inbox messages.
- Reads the content of the SMS messages.
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.zap.sfrfqt/files/cua/oat/x86/XZXINnVuu.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/Pdd.apk --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/Pdd.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/app_dex/utopay.jar --output-vdex-fd=75 --oat-fd=76 --oat-location=/data/user/0/com.zap.sfrfqt/app_dex/oat/x86/utopay.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.zap.sfrfqt/files/yl_plugin.apk --output-vdex-fd=77 --oat-fd=74 --oat-location=/data/user/0/com.zap.sfrfqt/files/oat/x86/yl_plugin.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.zap.sfrfqt/app_dex/utopay.jarFilesize
30KB
MD5eb6089c1acfa9f12535e533aebee845e
SHA1165e39ee07dcd9ed00fc2dc1ff466bc1d6b813c9
SHA256b825cde84e3dddfc147c71265d2259c422d51a7e56d1dcdba1321e3119b1df07
SHA5125b1bc26bcbcf05fc331865fb4dd572b673a52650d68ab4d9b028ea15219e0d93c1ec17996953436801913388d78e25c67ea33aa93544d65e96a799eb06cc70f5
-
/data/data/com.zap.sfrfqt/databases/740410100062013-journalFilesize
512B
MD550b7ca820800f63e45d4cb644a7cc595
SHA1b4670459837be92511a6d77e3e2775367d60d19b
SHA2569ce671d81fe2399d1871c1733805c92e4b0ab0a7dd84de7bfff6b43ad2bde721
SHA512a29c50aec32df8fd9eed87f8df18e50f6e037c684ffdd0ad29a64949459cf5658dde025f306ed53eda31a58c63807fc8f93f0ff41cf814691c856acad639e620
-
/data/data/com.zap.sfrfqt/databases/740410100062013-walFilesize
16KB
MD522de8ab9cfdaf4b306137a0f0b7cfb3d
SHA19db289cb26bc0386bf7d892b33ab2b7a8993876b
SHA256d1be2cc374b0b6191fed72f3d26dc43dadbe7a950818762bb0f9cc216fe78642
SHA512c10f2bb51fa16e69538b83db084e493285b39467204a62444ceff6386d21e970ea1af9d1ae6887e93d7adc481dc4af2918fc552418283bf743aecec1e975eafb
-
/data/data/com.zap.sfrfqt/databases/wochi_v4.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.zap.sfrfqt/databases/wochi_v4.db-journalFilesize
512B
MD516154e801b23041a2f9b8239735acb4e
SHA144e936673badb157183dd83cba25534e660dc6df
SHA256ebab4d9159e81f4bc38ddbea07d91aafe460d5bb05ef738bd199fc5aee5fcd8e
SHA5124471155e578d8e6c8ed6d5eaa16d587819173ed6b729bd9d92e11fb007fb81f79e7a15f5771651baa2238daa319440fafa90c47a3704573e76ad9ad6f5ca33a4
-
/data/data/com.zap.sfrfqt/databases/wochi_v4.db-shmFilesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
/data/data/com.zap.sfrfqt/databases/wochi_v4.db-walFilesize
20KB
MD5a5614c229dd2f0cf5704a006c4fa497f
SHA16fa8fa51703492d791994895c5a2e68722c21c6d
SHA2560c142edac36f331095d087be36c46ead1c39f56562f4d051dea48082d4af2710
SHA512a2cfdbf558ea3da15e475793e3bf5c57b4f83aac7eeec054a46548ef074f19a5538f09507c826095ed5a5f46120618546d1fb61bf076c112bdfb28904a8dbad6
-
/data/data/com.zap.sfrfqt/files/Pdd.apkFilesize
99KB
MD5e8fbf92c750dbd6fb316be82a6b7b7ae
SHA12a6ae9568698807cacc8cf4349556446c996b136
SHA2562a3cb93d0ca14a1d0b0820c2a26df502a461fb2546ef4587524087c130553f10
SHA5127848191878b5b8ba2d5020c7be953e70ccc4d392d29e400a65a57cd3731604933125de1d81b3732d251b3450fd4766a814ccd01f3975beda2499a9ba585a26e0
-
/data/data/com.zap.sfrfqt/files/cua/XZXINnVuu.jarFilesize
776KB
MD541bae40da071bc36f48340e97bc058a3
SHA11bc64ce894bf7d5fd8f7ecd30b685aae271a5867
SHA256d7a9441b7500f946a068e97f10cf93192d87f1aa6f2d3e5446fec9af94e2fc33
SHA512fb8d52c2282282821c6a59618e0c583672ffc32b9ca49116061b50cbba4648b17e6cdf83c33f35b311d9860483a32be04a0ac3226cbd9867e9c3b0b834d9ed31
-
/data/data/com.zap.sfrfqt/files/cua/oat/XZXINnVuu.jar.cur.profFilesize
374B
MD5663bd4956531ceeb2ba9df905901239c
SHA1d1840a37651864c08e33a0970cde066e196f3635
SHA256496edd2855b6beeeaad80779f7b384b0c9fe2d1ed6e3d65a51066e7b69495b5d
SHA5126915464f4efe1ff5ef1cb6e803ba92aa6a31b44edfa9a119482b3cdf203bb1cb0b9432180c9eba21eafd249680dddd9a2ea9f236426b8402bac9367e0cf29777
-
/data/data/com.zap.sfrfqt/files/log.datFilesize
221B
MD5ff9229f8e7c92d44d48e25206d43b021
SHA1be3d75050c16c5b7484652ba292fdd6510f205d3
SHA25677fc3599be409f7e73e643de843c0ebcfa20662964c498fc59e245c7f5e003a2
SHA512be7b3aa8d670a2873c6b7bfd4ca93121fd2450723cbbc36d9d06d152fafa3ce90451f0a60ab56bc96bccb81cf5aae0167b404073db14dc17b9513ac73d455c58
-
/data/data/com.zap.sfrfqt/files/yl_plugin.apkFilesize
58KB
MD55a4c666b43ee7f2b6995aaf3527e4a4d
SHA1b205bcb022797f3b16635db139c7524c0c388adc
SHA25605eb3e1ca331b8c6a1f60f92abb2bddbac54a7b2c229ac07bf26c756297fe72a
SHA512c84fceddbf9928110fc3b85e0989b9cedd06383007ff99dea5a25096d8f892ab52d30ed9b52b72211449041f1274ead85bb42929ec269b58b6b0e616a8545e17
-
/data/user/0/com.zap.sfrfqt/app_dex/utopay.jarFilesize
67KB
MD53b8bb9a8679ac8c24e8d179fc5bae999
SHA1e6ea7a1095524087f481ba04321c4cb6fd2426f3
SHA25683c996c0d067b5f516897480f427dfffdcfb49ab7654dac9b805376bbd49e1db
SHA512abf1cbed7a8cf4a29d7a32a83f15aa0a6c9e2be8484c2dd8d9bf16a76e337b17b9c05efa0773598806b3d3da4fe3a9217b583abb9aaf5e3dc054dc77b10cae63
-
/data/user/0/com.zap.sfrfqt/app_dex/utopay.jarFilesize
67KB
MD55220524411d0bacd600da60814d1ee9f
SHA1fef7210ff44e757328bc0ff7aae7bb2191cbf634
SHA2566286a800597b845785eb664710253ebd20771737dddd5b80067e0e9d37c804b2
SHA512b2d8af5019c176d682634747d83320e609fb6122ef850f4069a0c78c2415d242087099cf60ecb03039a9ab71902a4e3b22e9cf144de89e506991fb93280f6a5f
-
/data/user/0/com.zap.sfrfqt/files/Pdd.apkFilesize
201KB
MD5b91783059376e2bebfd7c24802289350
SHA19e0f855404908f993a3beb146e7a4e83789674bd
SHA25646245d65e1d96038918f77ed8412bcde6a72b513c94a72369a751251f568e73c
SHA512c50af3f34a519fdb34aa9be70128c55c57df169f8112887f17f9dece581a15cd9b6702939ee4f77370bb33a5d2fe449610c42e699008d4233344d406c3563f30
-
/data/user/0/com.zap.sfrfqt/files/Pdd.apkFilesize
201KB
MD5a4237ef36f11c2db307f6d9701da0062
SHA15d11008a4b9275034db8904e538f7115a429ef0d
SHA25632f697f7444c79efe23be55fdcdab52c8e6f5cd43474cd1735602675feb5639e
SHA5126921b3cbb4e6a062eb9408c06e46e6d6cd7554f6e485b8f6275d8df3b7a8d23b26220c0cb979d3fe919fb6622d5d49160769b0567eebe61488cc4c7708f3b34d
-
/data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jarFilesize
1.8MB
MD5c72e7678f08ec9b12a6c8b022dec2fe8
SHA1f28169b45c516c159cd669e55b02233a3b3dc948
SHA256513b0c0da6ad0388addb00e36877f9f11787ff895c63cdb1738255ffba9455e1
SHA5124b728901ac22eed516e9c0bd28d8846d3683701f0302d2ff2535df564b45b21f0b64538ab0934b12d8a86d0d4ef01afa61e72efab36be68dcba52ce9d01ba860
-
/data/user/0/com.zap.sfrfqt/files/cua/XZXINnVuu.jarFilesize
1.8MB
MD55198d7149fea3a3658fe78de729743d7
SHA131b88bf4fbd4773dd38738acef666aceee43195d
SHA2564eb39771f7cc3865d97e151a66ae434661dcf7025f706405fd27f673b736ba6a
SHA5126a19f847bb8d2acc5621c5fe2ff1ffae8d031c261620ed3cbb5eae472638388baecbdbeac3ff9720ec44d1b870d2f0fd7bef78fee9431f6178df7f5b44a6230b
-
/data/user/0/com.zap.sfrfqt/files/yl_plugin.apkFilesize
123KB
MD59fc68c74fcdf2ca6c0252ed39de275f0
SHA184438de24f01ade937d2f1a0f70c797e616b7199
SHA25687751b4f40f3cf03b3e2a1e5eb9ef248ad79a8f47304d2a527939ed634ac8f2c
SHA51210feb413b7a89f92339dd1d1a9538fdb22009279778d985f6649faf0af7cd1d5998adff439cad6b99ec2aade6b235b72385a83d9943e5b5898eb7ecdd7a398e8
-
/data/user/0/com.zap.sfrfqt/files/yl_plugin.apkFilesize
123KB
MD5918890b3fc5a3dc184a57d027ead24da
SHA1c638f375f49bc4731b633bdc001aeeadf9462039
SHA25657d03ac2189851d5069515da6997e12ca307c145aa21679da001477df5f81836
SHA512fd9bfe41ce4041dc8c7db17df2a2164a24ea96372c212399c499f94d1fb7d95d430b8a7eb86041b9b2db88dfca0cf39e53cba2dad1e346aebed29e4ca5deb2ef