Analysis

  • max time kernel
    178s
  • max time network
    184s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15-06-2024 03:05

General

  • Target

    acb193a82e37f03ac70be3e717b41f8f_JaffaCakes118.apk

  • Size

    16.7MB

  • MD5

    acb193a82e37f03ac70be3e717b41f8f

  • SHA1

    9b44327610bcaef68bdbe87d78d57574ef2331ab

  • SHA256

    6c8a194343f9ef2f99bb3e550bf6ada2f6193c5f30016d8419ef46f94a840993

  • SHA512

    3fe4903f22379faa7ec9dd79180516ffcc9bb8f3baf43a9b4143fdf851ae0e115916bddbefb29f6fc52ca4a33e2022a1b072f3bb38e26d8bf5c30617b5a97823

  • SSDEEP

    393216:RjIxaDCZEBoLxkNPmvcWo4Foyu2tlcBku1awFgfv2:RMxaDqCP6cWoyDul6G

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
  • Checks Qemu related system properties. 1 TTPs 7 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 1 TTPs 10 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 2 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4175
    • chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
      2⤵
        PID:4201
      • sh -c ps
        2⤵
          PID:4587
        • ps
          2⤵
            PID:4587
          • ps daemonsu
            2⤵
              PID:4614
            • ps | grep su
              2⤵
                PID:4633
            • com.xgbuy.xg:pushcore
              1⤵
              • Loads dropped Dex/Jar
              • Queries information about running processes on the device
              • Queries information about active data network
              • Registers a broadcast receiver at runtime (usually for listening for system events)
              • Uses Crypto APIs (Might try to encrypt user data)
              PID:4255

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.xgbuy.xg/.jiagu/classes.dex

              Filesize

              8.1MB

              MD5

              7a721ae9582f8c3dd4d25e2f850bb3f1

              SHA1

              603b497c3a6810192ffeb78ae9f8134bc5686702

              SHA256

              5333d3967ddd5ac789b4544ffcd80d2661202c01c04f01d9319813cfb0ceee50

              SHA512

              1c2d397e59956c96d41478473447d9f846c8eb6ef2a585322f98adc6cc4f3273605fc5728f608e8140bbe19c4c3f83201c09c51e85c90f7f6ac428f7f76d6ff6

            • /data/data/com.xgbuy.xg/.jiagu/classes.dex

              Filesize

              6.5MB

              MD5

              8294f2f81db54ee61aacbd082fd565ce

              SHA1

              0c726749fb05c8f687bb5274e097e0d33f4e3394

              SHA256

              f7e28f4705fcca718a9d973763928039e8f7df1bac4088d8b08cf356d366c115

              SHA512

              d3c45de73a5b8ce733dc29f1c390b7a14678079d67e94f4915b25f65bf538b206df3ccf5cfacbe4d0e011aa06a6dc0159fad407ca16af87b2bace230c54c754e

            • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

              Filesize

              6.6MB

              MD5

              5321485d5bc4b58bced4df4646e66c6f

              SHA1

              aed5f5694b4d1bddbebd77bff43e5c75f8b4f555

              SHA256

              44276d7e3c28fe84fe0de44f11124016846d0620be4be1ca82ebf835c6cce139

              SHA512

              29f57b81af94feca855d8af4191714e053de9f0f974246b32cf4856c88596fed0f7a31f47eb0fd2d48dd35f0f0f65eb6b9e596d2029f791346d923853469b2c7

            • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex

              Filesize

              1.9MB

              MD5

              c89a7bb0027122b831fcc546fe65183d

              SHA1

              7b0e11c1141539623648a051b6de07f3152045c9

              SHA256

              f6672688f527dc0e45ddfb3137055fe21029ac3124c50686c95913f8daf58f54

              SHA512

              1cf1bec0ab53d44c177f51e081caff59bd1a9e1fb4e020295a6d5d6a5c76e222b9ffaebf707be70ef328aa1d0ddc2e3ef87eb52ae68e88eb94f40116c3757166

            • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

              Filesize

              446KB

              MD5

              8f55d5deb281d8aa1a0b9f72f7185e58

              SHA1

              5ce262af6a74a11931bf4b1e92a59b9acab27f37

              SHA256

              b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944

              SHA512

              4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6

            • /data/data/com.xgbuy.xg/.jiagu/tmp.dex

              Filesize

              284B

              MD5

              f1771b68f5f9b168b79ff59ae2daabe4

              SHA1

              0df6a835559f5c99670214a12700e7d8c28e5a42

              SHA256

              9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

              SHA512

              dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

            • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e0bac8c3c005c727bb9b0b2d00be3d7cf020743113c01c46c33a507d6275519a.0.tmp

              Filesize

              79KB

              MD5

              3ccf674803e2bcca74d940a369b98a1f

              SHA1

              b82beb53b74476af3563d05f4b49b4628611c19f

              SHA256

              897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274

              SHA512

              b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f

            • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal

              Filesize

              179B

              MD5

              558e7c199f33a5304e4801764cd264ec

              SHA1

              9e9960d6db26ea7b066101023cb69041c6654ea9

              SHA256

              3c3af02a5f4e4d2b1334666d91e97bdfab7454f30723623c079f4cd9d0ba81e9

              SHA512

              fbd1e67831ef14fa6776c1b265eec6670b9be62e77599609cbbfbc6cba254d219392d37a5ec4d796349d954f37610579de457d005af864e2ac36a8cffb0d297a

            • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

              Filesize

              31B

              MD5

              8c92de9ce46d41a22f3b20f77404cc1d

              SHA1

              8671a6dca00edb72be47363a7071be65cf270373

              SHA256

              68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

              SHA512

              30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              20KB

              MD5

              9532e3f20fa551bcc966384143ae11d9

              SHA1

              d48fd90a1e30f3a3e1ad0d5f5e9ec49462c8d598

              SHA256

              4c42492690ebed9a0c2dd124f94070676520265662766326d8207f741cd65b16

              SHA512

              42c2db124c5b94bd9b863cdc8dbaf3317e9dfe5438fce530e7f62f71e2d6906efe83273960d2969df52e68c7ea7ed15a77fa4aeff728324b327ac0ef9adc75ff

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              20KB

              MD5

              e10b255c05a16a8eb7aa54f76c06ff11

              SHA1

              da73c8adfb76c75d0625152766403c20f2f99017

              SHA256

              4d8eaa79614e9d7f692583f2fe8a6ee00c3952f3ca65850458fe2cd02ee551d5

              SHA512

              12a282d8450e1a33586c7a1e880b2ab1fddb3a2ca4f04dacbac83f79173b30af132599fe9568c1eca9800200a44c32e8e53f853abcbff0cdda262ac0ca24440d

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              20KB

              MD5

              264824d3e05d8a8ace2344a3df2c8db3

              SHA1

              717078aae8175f1fc16628c7d9543c481f25010d

              SHA256

              0fbd8d3ac134fd5c479360ba53c269725e2f2c52b15544d2b7c3f73945841a39

              SHA512

              efbea72e953a70fcba8dfa78099c406306043cc033ccb8c3c7c9bf80885f32998d2e7cd5f90faeb63f81841c1c0d530ac64bad26f0e7687b5d6b90e8f09d2411

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              20KB

              MD5

              7ca573a71c181a9fa57424f8ed245ef1

              SHA1

              a45556c23a1fc72d5aab1d621345117e9ed7edc7

              SHA256

              a5dcb52f9fd65d19118aee322d5a4e5afd131f175ea5a5e3a8bc722af5fdf583

              SHA512

              7da171becfaae4f6bbcfaab2b6b453f7eaefb3475c629949ab90442dcebace73ac10ad3c1beee01568e084edc314fd29d7fa18e644b52c23ba95b39118bfd61f

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              20KB

              MD5

              539768bac0d17bd690fd31eb1ed86cfa

              SHA1

              c6a9aa1adae34458d8569c4bac6b7087b6faf2fb

              SHA256

              c2a08f47ab562941eed50e1a5f2be9fac50a8cbedfd6508ebd5bd576d5bfea0b

              SHA512

              ebf42092a9a3187830d1eeecc5dd459bd88d5eb0e5465e1a4332ef893262fed9fc59f0c2f8fa3e6f0f64686c3303136391f64b6671e1443c110314dca404ccd2

            • /data/data/com.xgbuy.xg/databases/Reyun.db

              Filesize

              28KB

              MD5

              23f9f29f907ce046d1ba26666020ca39

              SHA1

              b6c903757ae05fa6e31e7c516c2a934942b3584a

              SHA256

              3da16d52751db0154989c7037819defab7a9216d44e677a3705b8a7bc5d7fcac

              SHA512

              e9b1bfcb5cfd85a76684436f0bc20d7d23478d84bd89f59148e3748d4945cfb28d87219f0a4e94e1015e6c51a31af2da248eae03cf0624d8834c460fdb3e5a4b

            • /data/data/com.xgbuy.xg/databases/Reyun.db-journal

              Filesize

              512B

              MD5

              024b33214d15c7476f71411eec835967

              SHA1

              f7b98d80d0752fffaea4b2e33688884be73c2e56

              SHA256

              c72dd1114eaaced3ef617f0271ddb7029454e19d51e8f01e17639db8073c1725

              SHA512

              1e31b89f7f079385d13332702a05aaa266e372f5ed5f75f26b022a3fb7824c2cb0e2091c4050f517dad60a1a28443480d8dda0f045159bda4416437da22c6030

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              44KB

              MD5

              d1e7734f418edb6774d2fcd7b754fadb

              SHA1

              720891675d816c3ea7b08dad33c3c82c7c101e74

              SHA256

              a976646e0186761a4d8f5b7482fb8779a4ea619f4c1ca66a7f4668e3d98f1b72

              SHA512

              5414e176f1450f4311f6f8401200ae9b858b3de8b9ea7dc0a837121a109e1f4ec3f9156927260514e6cec63383286fc9d50c7cca2d2f0a3cd215199d45308b9c

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              8KB

              MD5

              fd0963b60e0e5ee03e53dc32f1772831

              SHA1

              f3d725fd4c87f70eac4bad5d4fd6c0c3304326b5

              SHA256

              60e24efb6f7813020840ad2de3ade5234216503278983cdeba72e689d72b56ac

              SHA512

              a0a0d7b6219b2a25838717ff30e173b6b6c436bdd79bba1b39eb0e32dbea90e20908b90eb16db13681ca149c676ef6b1d0be3e8bea07575fccda2864834b06a7

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              8KB

              MD5

              b124db8e2ae9a77f7f79b35f633e55dc

              SHA1

              ee942c6ee5a6b4630f712743e901a5f77055fe6e

              SHA256

              abd5b5e4e55c362af4cdfe8ef8fb9a14c154cf31efbb25360ded13b70b2aab47

              SHA512

              50cf126e9305580352455ebee5e8bfd051c5d1b89d54b395ca7b94576aebe105d2bf9b334bec6ef9dce0a19ebcb8ffdae144f692c892a68b32e212febb24773c

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              8KB

              MD5

              f755bdab825b26aa740d0c8c28055fe6

              SHA1

              d1bb1c6024d03a10db12e5bb6ac89c0408e467ce

              SHA256

              8c111e84d559bd270f8a946927bf0b2fa9fd115377d26d2c09f77fd67e3b14ee

              SHA512

              87d6d2e785c0b5a8c4a2a63ce707415e84ac34f6fd5b0ac0e62ef666046e7b9a9914c72e51b5b7419db46d5bc1f0a015d2e08edcd650c70c39e2e5786c1e0164

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              8KB

              MD5

              57422503c3179fd6f39521754ccdb8ef

              SHA1

              e7a750d2b64f5b46023320e9114265336fba4a84

              SHA256

              2e155cf7d3009425c64dad12ee595b541f6ea1e503ebd4a1e18a3fca4f887189

              SHA512

              b8f6e6fa1f34dd916762c90ced8f61fea1326d3490c348320a8e3c5ae2a64e7d0ef1a04d2c0fa3a307ec6c337c82db73ce0de92892f25d9e1eaa2514f04fa7dd

            • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

              Filesize

              24KB

              MD5

              c7b2966be1b5d9361a9e40c4cc244831

              SHA1

              3b488680d3d6d9a1b6bba06d51cb9fe321b820a9

              SHA256

              b8f6c3a3d8f2060682e2364276551a886a0d108e451281b6ea5c1264a42ee45f

              SHA512

              cf25e95d6e82e167324aa69317a45c5262157ffaf0e95dfdffb0bcb95b579951e3e5b54f019b6f2292a17133044c02f741ff2124e5d8edf4596071e54f4e76ed

            • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

              Filesize

              512B

              MD5

              783de2d254a4033a399d3d684a236a84

              SHA1

              6578551bb2f2ab53ab4d03cfbab0d55d0f357a50

              SHA256

              4477a06d5c066d944dbcfec68562d49e9dd12d144e1d35dd91d1c947022b8252

              SHA512

              fe414865d4fcfc4b31c4ef35b9c6cace5f1e3e92709e005c026928a4d676af980c3e3117075d450f631cae480517b3ecbde4bfdac5bb838c5ca7b5b5dae65c09

            • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

              Filesize

              80KB

              MD5

              90a5bb281e7cd279901459d1a4833f20

              SHA1

              22b0be7002e3b71ec4d3dbce0ffbc58b35ab0d98

              SHA256

              f3a032b67a71926da324d672d4e77b7fc0a57d7d20352c987338658a6c0e87c4

              SHA512

              1e0538b916c7437117b2e9d0873a327b3a4a57d52fab333221bdc71fa46f130d095d1a7b60a0a383c797c400fce4746febfd7190e17101262668eafbe5b26b83

            • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

              Filesize

              140KB

              MD5

              13aa9f9de0f0c25490d2e0e794e46d4a

              SHA1

              dbc52efa34767979653d380588f766c8a9cf5d19

              SHA256

              801e63d9dd09c76862534fa54c52c3a7acafe978de2333dc43f576a92efaf616

              SHA512

              a4d790b586a54f43d460b3c8dad0789cfe69a443a08a7a4a96d6621ed9f4ad2493b8b810e3092da0d022376337be4484cdee663185e08892504faf297bf85458

            • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest56577538813782747619772596600333470916-journal

              Filesize

              512B

              MD5

              592e070538a7b29e18e6036f20dc8258

              SHA1

              f4744fc395a4741fc0086145a3928687c64ca586

              SHA256

              88051b90f92913ca130a4c73e55ede40de1a362d7b0b498dc57a98d54834ce54

              SHA512

              0d8e29cb62a55a95a5983a45709934095ab1e4da2b29247cf8bb02acfe96d47d3d0a90c8e6e14d8e054e270518eb67ec44226d3da30d9d7bf46f1ffa7134153c

            • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest56577538813782747619772596600333470916-wal

              Filesize

              48KB

              MD5

              8d64b9425c702d2cdac84c16388485d7

              SHA1

              aeba2416197d419158836c6e7a505b513c677980

              SHA256

              4e47f93cb5cfce1b8b8877b8b9b2a8016fb4067ca60669bdaa01ab3f95c673b0

              SHA512

              22f84e901ed001dfd42b880f19eb823601ad7864258923b04554b0c60f5e7069e9242001db55a704cc487b09859b27eaa6e0622e28c7b85578b2fdbd605d08b6

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              36KB

              MD5

              0adda9c85a5e4808f5b1b74c0a8591a5

              SHA1

              5048107883ab1e345af9cf2e6849ce46e0e612bf

              SHA256

              1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

              SHA512

              646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              24KB

              MD5

              ee296c29af1f99f094616d2f7c031659

              SHA1

              a88d12335c7d75c7d83b57c8394ddf8f8fed4216

              SHA256

              ff3913543f5c837cb8976f483bb9625737fc74c319982d3c3fdad7ea684f54c0

              SHA512

              90f3e972d440efbf5aa5875a2e64b4194a55020606e76baff6056a2335df4a74400e0d91b295fd5d72815a5e37170d20bab2fdb8838f66b58826e2af7801b20d

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              16KB

              MD5

              f77b4ab39144684e524e88865a324442

              SHA1

              c276378fec96f012beb3fc86b7b289c1cee8d9e0

              SHA256

              9d9188b0ed14adec4c07bdc784eb44791876be9dfa4885edc3b1971d45d08371

              SHA512

              3f803c215a86bcd7d06a5c16f2dc0c5c745cc4f24eaf2911833a2570f30be8563b760392d84895c9d2ca9464b0fb23695fa9952f614d1a3ae085cd4e2cdf7b67

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              16KB

              MD5

              2a989c4104088ea8fd9235bd931167ec

              SHA1

              81edec59e348b712005490d40007eae09e047319

              SHA256

              8edab88edfb222620c3b58d164b47bb705cfc9f7fdaa4eea519e75db0bf425cf

              SHA512

              e8ff94842efc193871209c9088fb01759909099474c75acb83404c65ad8142a28bef676544e376388f2e243856c21a0a0aa8590130bb011d537039dbcd531c46

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              16KB

              MD5

              b4dab092e6769a211388a5f66457ea04

              SHA1

              a9e85ef6d5a1a452e9184fa31975b594906fdbe6

              SHA256

              372f5a51f7c5934410459a54327cf15bd29c40ad2e0fb51704c05be88181b77d

              SHA512

              1d602afc5774681c43cb6664a541899ff411a5b0585b3b90353b8c19e6eb63c2f186a3cb1610612a0c3219b3447ca1b4d403339acd71142adde5f3005849335e

            • /data/data/com.xgbuy.xg/databases/ua.db

              Filesize

              16KB

              MD5

              9cc282f628f39a8b3f4ccc9ec3b5fd48

              SHA1

              25f13729d04e970589f08c5e3b4490e9fd3022c7

              SHA256

              bc27fd3aa8375f6314be5d218d0d3666cf2fce05be1f9dd87b8b44de138ae965

              SHA512

              6778ae295e4ad88d663407b60becff4c6a852bb1658a2ccc21f8751b2580b323bb09b1799b3c8d7f250e356bf7e15e0b39ce0d046fc002e3183f4d11ad7d6c50

            • /data/data/com.xgbuy.xg/databases/ua.db-journal

              Filesize

              512B

              MD5

              57e918ae20bffa2d7610ee618369fb56

              SHA1

              5ba51a946b3491521d3f234015764471d0ce919e

              SHA256

              e5b8b6cda0103ad82ad59b37ab0421583964f4d4db066c68088303afb7dba181

              SHA512

              0e4baf8f9b6c3587e6774d0f765e64a9f4f7b5187a7c2e4b8aeaa5f449252daf585ae57ea7c1ec16cfadb90ab0b19c0a335fcb6693696708abcc69740632fddb

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              48KB

              MD5

              dd530bad0d4dbbf69c203d34bea36127

              SHA1

              98883eb7f7837158c1279030d348b1b9ae8c992b

              SHA256

              b71273c8c203cccf5da08c23760a3a8f05a3a71f7f2995cbd60d32536698a3f6

              SHA512

              8f75c3ab3353d2a0b435e5fe309f361cd1fe768c1fbff67ec76b686023fe1cd1538d5e769537883145fa5cb9e853fc5a1a7756a5947676e182a742212277acfb

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              12KB

              MD5

              934cfe9ca2a27e071b28d939a205397f

              SHA1

              85c1f271dadaa7545283ee09ceacda6dbeb8ee0b

              SHA256

              f7912e38766dd5f7e26e2d085785d95f87e03064a66b604b684510c982242bb6

              SHA512

              32d0f1aed55b9ceeafce92c2b73230fffee3dc483384a4f2a4ca6e56d74d6454ed65a2e8dac809c60e2c1e292a35b1469a9ac1bb01bf500c00bba32ae79deedb

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              4KB

              MD5

              41f70df10401a2b042999e1009a9c95d

              SHA1

              bf4f6fdf9fa97c5d383472b6dde42c3d60f3faf6

              SHA256

              8a04f074a830f691d20ff8a23ae3bafc0ea1fd52bcc90d8a2c36e034f7a16321

              SHA512

              65b39278365ad067e95ab5d547c9a8b8a243ed505248bcb3f68399f31ba240bc67f2580d7a8200e0c34769977a921b4a06e7ef4760457bf0f8abbe5df362986b

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              4KB

              MD5

              cecdac649f26b7112c33305df7623527

              SHA1

              8c17e84233718fec72fbcf2403a6b98cad573853

              SHA256

              13bee088cba5975fb6af31a96726b99447d2edd341146ae38522d470c8742db5

              SHA512

              1b65271eb642829f3068f933eca5b4901ecb583a96328a1fec584c36de58119209ceb014c1146e179029379982bad95fd236e92ff32fe1242ecd585d9c9812dd

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              4KB

              MD5

              90d63523b74d46028f728aa75a937a5e

              SHA1

              8b663041cb0b82e02a3907afe0ac742dc03960c4

              SHA256

              9878ed86f1c8b81ac39739bac52e12a8e6c91fac0f996de92cbbd97ff915f109

              SHA512

              4a17dc05c7e508f6a9b602f94c06b833255bdb5d91e324f864e57f645d594f46e111a621722462a1904b254c2f1c8334342982b81c236e86b611ae25036f37e0

            • /data/data/com.xgbuy.xg/databases/ua.db-wal

              Filesize

              4KB

              MD5

              c884fdca148f66688e4e3e342337d2bf

              SHA1

              d2de363554b360183256b3d0acd0250093e9535a

              SHA256

              fc6855573c17ecd1cccf3e8dcf8ed71ea1657d84144f6f676f646a09bd337e91

              SHA512

              1e81d6d77fc216449311688462ae9c4089f3586bf4951afd78887d208a6c22af56bcb3a960f9980025edc994560e1c6239376aafc66be0c8e2bc9dad6ff75e5f

            • /data/data/com.xgbuy.xg/databases/xinggou

              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

            • /data/data/com.xgbuy.xg/databases/xinggou-journal

              Filesize

              512B

              MD5

              ab4e022e4120c82e64245999dd6f8863

              SHA1

              1858a69d855c41289ee0bd204d57f0d25f5954f5

              SHA256

              3a35ce183b1f4a98976988959b79395a34f9b143d343e22f4ffc1de69c9359f6

              SHA512

              643a444df49f8851d4b7ef4be7b0db82bbf360117bfad1a63a9664963ebc812faeeada2a55ee13d1d2823c57aaaca88809ab162c6bfcadfcf81700436be37c8f

            • /data/data/com.xgbuy.xg/databases/xinggou-shm

              Filesize

              32KB

              MD5

              bb7df04e1b0a2570657527a7e108ae23

              SHA1

              5188431849b4613152fd7bdba6a3ff0a4fd6424b

              SHA256

              c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

              SHA512

              768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

            • /data/data/com.xgbuy.xg/databases/xinggou-wal

              Filesize

              96KB

              MD5

              8a9f376bfb1938f48cb239e1ea658703

              SHA1

              70b371980c1c90c466cb63f483c9fd3a69457bbe

              SHA256

              11150479a01a3789042a07a016310d3baf4ad15f5d96e2a3907049ec935d301b

              SHA512

              8e3a80287396c4c1bd015e599a70c5d48685caf6a9e57cc17b251c65ce0daf70193f12797513b2bf12ad39b88426066c329fa2e05bcbe38532e0146c0a0e86f2

            • /data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.2.9_1718420774216_envelope.log

              Filesize

              1KB

              MD5

              2ae6a7ab1130995a1ef6f05aa384b105

              SHA1

              1bb280fc5c53d43c9e923b99e5ad81b016665095

              SHA256

              a05eb06fc49e98fb96c058b844fbae7ab28bcc0788300c69f59e8aa2e60eb934

              SHA512

              e4c38f7715fd2e4f12beec36b13cab347f287fc97a24530a0b1f3c8ccd860cef52b43101d2ecceded062d192cd96d8e5e266958a4c7b482328e0591aef49e5c3

            • /data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.2.9_1718420770782_envelope.log

              Filesize

              2KB

              MD5

              fb32519c76da84834bb7aa9c21594011

              SHA1

              c54cc75579b2509d37156610fe6218bae4fb3ab1

              SHA256

              c24ee12a27118c2ef2f09e977065350e1dd0fe4ac106d7b6ab88c052ffc0e965

              SHA512

              dfe27da48c494f3f7df67ea6ede11a9d467059adf3e26de9a13620afb3ee8cc9a71e475fd80ba9c9f4db5781f96ec1f7296d3dafce91835078b617becd5f2101

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

              Filesize

              66B

              MD5

              08402591a5b4057a425d2cede4801eb7

              SHA1

              7304da68e97c6907ebadad9ef956f3cf70df568f

              SHA256

              b87ebd0db6499261ebcac217d6f52e505a28c5ce07f94b63122ad090f3e7bdf4

              SHA512

              32cf61a4d1c054a053484ddff27e4b215c77989b2ef5ac445991b40618c786374228aa64afa972dc9b4fd0eeacdbf9a47500b0e45b4c23aee3b3e02bff71fd09

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

              Filesize

              40B

              MD5

              81024874f926b0c0c9e613997c9370b1

              SHA1

              a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

              SHA256

              da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

              SHA512

              8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

              Filesize

              340B

              MD5

              e2144cb258a564242e36826a0e96f7b9

              SHA1

              ce459b785b8a007a2b665a0148e2c58f7a05f463

              SHA256

              64f05cd256796c465fdccad0fb0749ff5f620bcbcde3479d447ff3d631c3143c

              SHA512

              304d7a2c85a7381cae063e9b8775bfc74a5d2af453613657daf66944669450f9179868cf9b98c038090998e5971e5d3a151c5e8461e1dae5dede5f60035d52a9

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

              Filesize

              340B

              MD5

              a5bea94bc008e62f7f2bebb3c890bc37

              SHA1

              b8077bb5e997ca8693c365af2d08a4c5afaec500

              SHA256

              218adee4aea2b8d5c875dcf9eedd49ed149aa72a677fa8015ac79c78388197e0

              SHA512

              5649e7746f6f9df04012036426205001a81f0012c65abffa0693fc01497060179282f958ed05ae90013a48070e650faec2771fad3045a33ff634f916e7cfb649

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ic

              Filesize

              40B

              MD5

              1bd86b90e1b355f123e5ce8c93c3de53

              SHA1

              bee5683d6124650c8be0b3740ad66e771f29b178

              SHA256

              3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152

              SHA512

              6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe

            • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

              Filesize

              314B

              MD5

              0f10db480b14ff2fedb19d957b03a795

              SHA1

              b7b7d93ccef87f1822ef272de213d73e39ded571

              SHA256

              eb4c547a3e8af3565911db42e1128ec6830c29e33579e5fb8b074dcd3c7079c6

              SHA512

              cbbea393e788273b511d4cb8242593d9e2e2772b1c88ca4237343e45df42a21ae9d4e03250cc4252500dc4d6577ab95135cce6f8aa4e02292939994d9e2573b3

            • /data/data/com.xgbuy.xg/files/.jiagu.lock

              Filesize

              27B

              MD5

              aea96a44eaefc9d9a807571426038dc5

              SHA1

              7b16b4f2b19c4ffc329e411455717172600f50c7

              SHA256

              b0c890758ae93e90e9e4285338230f4ebec68c3014272e469b347e58f0a61a2b

              SHA512

              63bbd23758d173f1d4be21da8dbd8f52ca7dc7e6b92449e810f1d3375d063bf37ddda37e39a25df991d468357f05c1262e09fc1ed1cb1903eece099cd754a093

            • /data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json

              Filesize

              162B

              MD5

              73959fb2410178ca2238a44086bf9310

              SHA1

              624d0f236bd9bb78b68ed5b273fcc89be721a11d

              SHA256

              4aa5713fac50146a5d3efcdc9dadbc8b779be9b9b3847590b294ef53754cd4b9

              SHA512

              bc5cfab052aecb93f91dcda3a212bf97f4cc22595dda984ab8f6770c43f3b8adb183354ba7853b6371cd2f79359ff4dcae056ad1ff59fa01e0d174b07e543ea7

            • /data/data/com.xgbuy.xg/files/Mob/mob_commons_1

              Filesize

              2B

              MD5

              99914b932bd37a50b983c5e7c90ae93b

              SHA1

              bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

              SHA256

              44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

              SHA512

              27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

            • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

              Filesize

              23B

              MD5

              8e24e79baab91c4d0604eaa9006a0cb3

              SHA1

              e427afc94a4b957a7096f73e395a10ea404c076b

              SHA256

              65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

              SHA512

              45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

            • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

              Filesize

              62B

              MD5

              2935f328818c28600d38c744ba11dda1

              SHA1

              460be1c6b676ed7cd6765e0c884554588e8c9730

              SHA256

              27427e6c29b9295627047a9c9501fa4f7b4096991113d2067aa73455dc5ca333

              SHA512

              37279ccbcd362e0e75aac2f8588639d22ea1acd941cb671efb70aafa9eda311d13bb2b548134852daf99bcc170c9d3635808730c1a78bed8fcca18903d49ff67

            • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

              Filesize

              86B

              MD5

              4173b087fe41c1c6954223be6aee951d

              SHA1

              3be7ca91ad19a96a086bc538f3f941dfb230c6b8

              SHA256

              9dcad1fffa51c959b1d81903512a4c31c243f2f27cc0afe477331d9d4b867d62

              SHA512

              5cfc83a3d7ee79e97d81194599f66acd87f1355835a9b18b1e71cfb001bc30d42da877ede43ceda59784fa8f32d9a8fdb6afe3150737112724010be5d63c2abc

            • /data/data/com.xgbuy.xg/files/exid.dat

              Filesize

              62B

              MD5

              b18432c223620de1fa6a0e55ea20dfb3

              SHA1

              0adb8c59d16d25ea6d21ae0fc7d77c3f270851c3

              SHA256

              6dfe552c3e4c0b75072f5bb28fd45d54b2ee0a61f312f9e477de6b20c921ea2c

              SHA512

              9d731fcc3e4b40cb059a7d705a3633e8ee6519bccd526fb0150d03bb3a56a07533e09dc83df4d291b2bb8a0b511490b2b58be3dc0806df6938ed0e96ebce5e58

            • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

              Filesize

              131B

              MD5

              c1ad0c0784e22e8fae9f15c5e4a60fa6

              SHA1

              9bcbf017bcfc3fa004925776def6b1a63bb7d598

              SHA256

              39cd55ccb215fbb708a6d86852709815a27be8cbb9dd26faacb92d44a60fb83b

              SHA512

              3e08c55dd198119857671643efd31c13d8ad27705b63c44a4b6b8084be5d322201d2a412c894c6ed67b2ad80292e5c28512b472d663387566994ea8e6bd3c0b0

            • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

              Filesize

              190B

              MD5

              a8bea5208e3bf00b42a3c2a9202e14bd

              SHA1

              249369d78f0cd5c63b9e64a193d16d2b05e51bfb

              SHA256

              7c65d1e101681831a91497d41e99cacee8e4425729673943b9c4f1cfc8557554

              SHA512

              4680943038ea586227b041f8c3eee660eb7d8e3bd2d300acd7ec14f3115c733445423baccf43b3fb904ffef3a93e4f5732c92c3515340baa956307d4807d35ef

            • /data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240615_log.txt

              Filesize

              201B

              MD5

              54514725934729588b765a22ebdbc2e4

              SHA1

              16818ae731c7c30d0de217b15f5c63331ed9bf83

              SHA256

              20c2ebfd8f2a2b2e11a0d346e6148bece233c46d39cae256112afd470f000ddb

              SHA512

              078882c02d0acf1c0ffc327607836060ff553035b31788ed4ca0a71ed1e2ef9d939909742c97db605f30fc92faf4460b0295358d52c74bf8938c44567a309e9b

            • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NDIwNzY1NjEx

              Filesize

              1KB

              MD5

              b318b96de9fea560ff62c2c79ef77694

              SHA1

              737be304e8f652b26c0f101b31a0069daf54202a

              SHA256

              3adfa5034aa880c1b9a4dace353d7c481393b55986fc34488561f9b1d69c5f14

              SHA512

              8c78e6245c8cead34fbbd9f61853991c69bdc7f603951751fc6aaa18d3d192663ac879e79a47804707c9ea1f5b8f04c6fb7a7ae8d34189d5a6955a91d1254f24

            • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NDIwNzk2NDM3

              Filesize

              1KB

              MD5

              c15a8439f24c81d520f1a406b02f2ae0

              SHA1

              d1d4e9439335c5bebf109c5727590d83082c439f

              SHA256

              90413520fcb1874c14edd2dfe340b03cdfbdc6f2ff57c2a3950b43ad5a8063be

              SHA512

              55a581da25e697c1eccb67aee76eb07edb0d6b70a0997b7fd45dc1520ede5061622aff6dfc7b3d143f84ab0b67600db253ebbaa49bc9d619ee881577e6a74869

            • /data/data/com.xgbuy.xg/files/umeng_it.cache

              Filesize

              415B

              MD5

              31362a1d1d602e0b2a536cc8ab96793f

              SHA1

              3c89a2078b7a8fca4aa9fe4e8bcbeca6fdd67e9d

              SHA256

              01c6cc3da037b9cadd3f683b4ee1098208e00de7f64641393a926ef0be2e12ea

              SHA512

              10b6cafc593163380755a81378ec57021d1a59a7f830e43f6417fc450e159ef2e2790006b352c18f8567a8a39ebff18aee319203f7db66cfd107d122ec7adcf7

            • /storage/emulated/0/360/.deviceId

              Filesize

              48B

              MD5

              1d8d16c4e3b19ebf18988530d9b9a757

              SHA1

              bc94c1cce05cd848a53271ecb9c5311e27ffebf5

              SHA256

              abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

              SHA512

              4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

            • /storage/emulated/0/360/.iddata

              Filesize

              32B

              MD5

              b0f92190d0288550093ff4222e616ef4

              SHA1

              135695d21898345cd27a2be5212e46a019492a37

              SHA256

              49b24a748aa4dcf023a6ff9ad3a31349437094efafe7f8cc6b16f8041523f774

              SHA512

              7cf5a8e2047b11ab94fc88f77034ae605fd7bfde2b592f3a24425d5687d0493e00be854f28d72f0ef0d993e0f0fbe16fc4bd3354ed76be9fb01f1af27c1e2933

            • /storage/emulated/0/Mob/.slw

              Filesize

              66B

              MD5

              19402718bfb1c685a726b4e1d846ad98

              SHA1

              02a7e30044a67085f2f1da24e16e4ecfede65b72

              SHA256

              079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

              SHA512

              25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

            • /storage/emulated/0/Mob/comm/.di

              Filesize

              57B

              MD5

              acc2a2f5cb76c41d2e97e0d409b53bdd

              SHA1

              ed06f22ff10e0912f50d53bc775ed2ae70f85d5a

              SHA256

              12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448

              SHA512

              faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419

            • /storage/emulated/0/data/.push_deviceid

              Filesize

              32B

              MD5

              96503a394ad8c52bc19493e253023c60

              SHA1

              014a16b4e1e24a47300f1fa6fb9c237fbee8bff1

              SHA256

              e580bcbb2353fa82bc172c5b6a1d6d20bd3289989e6b403a0d4cba1ea9bedbb3

              SHA512

              b4ca344a01b35c0c59a03a396867cd24abea5a28def7bc2d920aab6e0d9e8539913123fd0e1d905dac43cb29ea8642650645741a23a459f4a2d53ca064445a21