Analysis Overview
SHA256
6c8a194343f9ef2f99bb3e550bf6ada2f6193c5f30016d8419ef46f94a840993
Threat Level: Likely malicious
The file acb193a82e37f03ac70be3e717b41f8f_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Checks Android system properties for emulator presence.
Requests cell location
Queries information about the current nearby Wi-Fi networks
Checks Qemu related system properties.
Queries information about running processes on the device
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Loads dropped Dex/Jar
Queries information about the current Wi-Fi connection
Queries information about active data network
Reads information about phone network operator.
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-15 03:05
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 03:05
Reported
2024-06-15 03:08
Platform
android-x86-arm-20240611.1-en
Max time kernel
178s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.name | N/A | N/A |
| Accessed system property | key: ro.serialno | N/A | N/A |
| Accessed system property | key: ro.bootloader | N/A | N/A |
| Accessed system property | key: ro.bootmode | N/A | N/A |
| Accessed system property | key: ro.hardware | N/A | N/A |
| Accessed system property | key: ro.product.device | N/A | N/A |
| Accessed system property | key: ro.product.model | N/A | N/A |
Checks Qemu related system properties.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.kernel.android.qemud | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu.gles | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu | N/A | N/A |
| Accessed system property | key: init.svc.qemud | N/A | N/A |
| Accessed system property | key: init.svc.qemu-props | N/A | N/A |
| Accessed system property | key: qemu.hw.mainkeys | N/A | N/A |
| Accessed system property | key: qemu.sf.fake_camera | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
com.xgbuy.xg:pushcore
sh -c ps
ps
ps daemonsu
ps | grep su
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.sobot.com | udp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 120.46.84.108:19000 | s.jpush.cn | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 203.107.41.32:443 | api.sobot.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.46.84.108:19000 | s.jpush.cn | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| CN | 54.223.95.86:80 | log.reyun.com | tcp |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 120.46.84.108:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| CN | 110.41.53.90:19000 | sis.jpush.io | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 124.71.183.120:7002 | im64.jpush.cn | tcp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 124.71.183.120:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 124.71.183.120:7000 | im64.jpush.cn | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | 8f55d5deb281d8aa1a0b9f72f7185e58 |
| SHA1 | 5ce262af6a74a11931bf4b1e92a59b9acab27f37 |
| SHA256 | b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944 |
| SHA512 | 4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 7a721ae9582f8c3dd4d25e2f850bb3f1 |
| SHA1 | 603b497c3a6810192ffeb78ae9f8134bc5686702 |
| SHA256 | 5333d3967ddd5ac789b4544ffcd80d2661202c01c04f01d9319813cfb0ceee50 |
| SHA512 | 1c2d397e59956c96d41478473447d9f846c8eb6ef2a585322f98adc6cc4f3273605fc5728f608e8140bbe19c4c3f83201c09c51e85c90f7f6ac428f7f76d6ff6 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 8294f2f81db54ee61aacbd082fd565ce |
| SHA1 | 0c726749fb05c8f687bb5274e097e0d33f4e3394 |
| SHA256 | f7e28f4705fcca718a9d973763928039e8f7df1bac4088d8b08cf356d366c115 |
| SHA512 | d3c45de73a5b8ce733dc29f1c390b7a14678079d67e94f4915b25f65bf538b206df3ccf5cfacbe4d0e011aa06a6dc0159fad407ca16af87b2bace230c54c754e |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | 5321485d5bc4b58bced4df4646e66c6f |
| SHA1 | aed5f5694b4d1bddbebd77bff43e5c75f8b4f555 |
| SHA256 | 44276d7e3c28fe84fe0de44f11124016846d0620be4be1ca82ebf835c6cce139 |
| SHA512 | 29f57b81af94feca855d8af4191714e053de9f0f974246b32cf4856c88596fed0f7a31f47eb0fd2d48dd35f0f0f65eb6b9e596d2029f791346d923853469b2c7 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | c89a7bb0027122b831fcc546fe65183d |
| SHA1 | 7b0e11c1141539623648a051b6de07f3152045c9 |
| SHA256 | f6672688f527dc0e45ddfb3137055fe21029ac3124c50686c95913f8daf58f54 |
| SHA512 | 1cf1bec0ab53d44c177f51e081caff59bd1a9e1fb4e020295a6d5d6a5c76e222b9ffaebf707be70ef328aa1d0ddc2e3ef87eb52ae68e88eb94f40116c3757166 |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 0f10db480b14ff2fedb19d957b03a795 |
| SHA1 | b7b7d93ccef87f1822ef272de213d73e39ded571 |
| SHA256 | eb4c547a3e8af3565911db42e1128ec6830c29e33579e5fb8b074dcd3c7079c6 |
| SHA512 | cbbea393e788273b511d4cb8242593d9e2e2772b1c88ca4237343e45df42a21ae9d4e03250cc4252500dc4d6577ab95135cce6f8aa4e02292939994d9e2573b3 |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | aea96a44eaefc9d9a807571426038dc5 |
| SHA1 | 7b16b4f2b19c4ffc329e411455717172600f50c7 |
| SHA256 | b0c890758ae93e90e9e4285338230f4ebec68c3014272e469b347e58f0a61a2b |
| SHA512 | 63bbd23758d173f1d4be21da8dbd8f52ca7dc7e6b92449e810f1d3375d063bf37ddda37e39a25df991d468357f05c1262e09fc1ed1cb1903eece099cd754a093 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 08402591a5b4057a425d2cede4801eb7 |
| SHA1 | 7304da68e97c6907ebadad9ef956f3cf70df568f |
| SHA256 | b87ebd0db6499261ebcac217d6f52e505a28c5ce07f94b63122ad090f3e7bdf4 |
| SHA512 | 32cf61a4d1c054a053484ddff27e4b215c77989b2ef5ac445991b40618c786374228aa64afa972dc9b4fd0eeacdbf9a47500b0e45b4c23aee3b3e02bff71fd09 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | e2144cb258a564242e36826a0e96f7b9 |
| SHA1 | ce459b785b8a007a2b665a0148e2c58f7a05f463 |
| SHA256 | 64f05cd256796c465fdccad0fb0749ff5f620bcbcde3479d447ff3d631c3143c |
| SHA512 | 304d7a2c85a7381cae063e9b8775bfc74a5d2af453613657daf66944669450f9179868cf9b98c038090998e5971e5d3a151c5e8461e1dae5dede5f60035d52a9 |
/storage/emulated/0/360/.iddata
| MD5 | b0f92190d0288550093ff4222e616ef4 |
| SHA1 | 135695d21898345cd27a2be5212e46a019492a37 |
| SHA256 | 49b24a748aa4dcf023a6ff9ad3a31349437094efafe7f8cc6b16f8041523f774 |
| SHA512 | 7cf5a8e2047b11ab94fc88f77034ae605fd7bfde2b592f3a24425d5687d0493e00be854f28d72f0ef0d993e0f0fbe16fc4bd3354ed76be9fb01f1af27c1e2933 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | acc2a2f5cb76c41d2e97e0d409b53bdd |
| SHA1 | ed06f22ff10e0912f50d53bc775ed2ae70f85d5a |
| SHA256 | 12ee2ab25175281fd1efab755eb5a5b442e91d263646c52118e6b1e97856f448 |
| SHA512 | faed72411dfb1546a82a302b6aadf921bf66a09aa4641a6d1d523e5b58c063d5210089ca2d7dec8aadbe1efec4748a8abb36ab9fe1ab18539a92b76730b85419 |
/data/data/com.xgbuy.xg/files/sobot_chat_log/sobot_chat_20240615_log.txt
| MD5 | 54514725934729588b765a22ebdbc2e4 |
| SHA1 | 16818ae731c7c30d0de217b15f5c63331ed9bf83 |
| SHA256 | 20c2ebfd8f2a2b2e11a0d346e6148bece233c46d39cae256112afd470f000ddb |
| SHA512 | 078882c02d0acf1c0ffc327607836060ff553035b31788ed4ca0a71ed1e2ef9d939909742c97db605f30fc92faf4460b0295358d52c74bf8938c44567a309e9b |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/storage/emulated/0/data/.push_deviceid
| MD5 | 96503a394ad8c52bc19493e253023c60 |
| SHA1 | 014a16b4e1e24a47300f1fa6fb9c237fbee8bff1 |
| SHA256 | e580bcbb2353fa82bc172c5b6a1d6d20bd3289989e6b403a0d4cba1ea9bedbb3 |
| SHA512 | b4ca344a01b35c0c59a03a396867cd24abea5a28def7bc2d920aab6e0d9e8539913123fd0e1d905dac43cb29ea8642650645741a23a459f4a2d53ca064445a21 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | ab4e022e4120c82e64245999dd6f8863 |
| SHA1 | 1858a69d855c41289ee0bd204d57f0d25f5954f5 |
| SHA256 | 3a35ce183b1f4a98976988959b79395a34f9b143d343e22f4ffc1de69c9359f6 |
| SHA512 | 643a444df49f8851d4b7ef4be7b0db82bbf360117bfad1a63a9664963ebc812faeeada2a55ee13d1d2823c57aaaca88809ab162c6bfcadfcf81700436be37c8f |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | 8a9f376bfb1938f48cb239e1ea658703 |
| SHA1 | 70b371980c1c90c466cb63f483c9fd3a69457bbe |
| SHA256 | 11150479a01a3789042a07a016310d3baf4ad15f5d96e2a3907049ec935d301b |
| SHA512 | 8e3a80287396c4c1bd015e599a70c5d48685caf6a9e57cc17b251c65ce0daf70193f12797513b2bf12ad39b88426066c329fa2e05bcbe38532e0146c0a0e86f2 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 31362a1d1d602e0b2a536cc8ab96793f |
| SHA1 | 3c89a2078b7a8fca4aa9fe4e8bcbeca6fdd67e9d |
| SHA256 | 01c6cc3da037b9cadd3f683b4ee1098208e00de7f64641393a926ef0be2e12ea |
| SHA512 | 10b6cafc593163380755a81378ec57021d1a59a7f830e43f6417fc450e159ef2e2790006b352c18f8567a8a39ebff18aee319203f7db66cfd107d122ec7adcf7 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | 558e7c199f33a5304e4801764cd264ec |
| SHA1 | 9e9960d6db26ea7b066101023cb69041c6654ea9 |
| SHA256 | 3c3af02a5f4e4d2b1334666d91e97bdfab7454f30723623c079f4cd9d0ba81e9 |
| SHA512 | fbd1e67831ef14fa6776c1b265eec6670b9be62e77599609cbbfbc6cba254d219392d37a5ec4d796349d954f37610579de457d005af864e2ac36a8cffb0d297a |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NDIwNzY1NjEx
| MD5 | b318b96de9fea560ff62c2c79ef77694 |
| SHA1 | 737be304e8f652b26c0f101b31a0069daf54202a |
| SHA256 | 3adfa5034aa880c1b9a4dace353d7c481393b55986fc34488561f9b1d69c5f14 |
| SHA512 | 8c78e6245c8cead34fbbd9f61853991c69bdc7f603951751fc6aaa18d3d192663ac879e79a47804707c9ea1f5b8f04c6fb7a7ae8d34189d5a6955a91d1254f24 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e0bac8c3c005c727bb9b0b2d00be3d7cf020743113c01c46c33a507d6275519a.0.tmp
| MD5 | 3ccf674803e2bcca74d940a369b98a1f |
| SHA1 | b82beb53b74476af3563d05f4b49b4628611c19f |
| SHA256 | 897e90108102b4d93eed118fbc62f4bd208a2651c52da15431f3ece36f4ff274 |
| SHA512 | b98a53d48cee9d8d4fae804736e7b66c28beb429d4e84cad49f4f3e92f5a226c99eebe093fabee98d657d41729eab74fdf6081cc29b693e076b213e0e8e60a5f |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | c1ad0c0784e22e8fae9f15c5e4a60fa6 |
| SHA1 | 9bcbf017bcfc3fa004925776def6b1a63bb7d598 |
| SHA256 | 39cd55ccb215fbb708a6d86852709815a27be8cbb9dd26faacb92d44a60fb83b |
| SHA512 | 3e08c55dd198119857671643efd31c13d8ad27705b63c44a4b6b8084be5d322201d2a412c894c6ed67b2ad80292e5c28512b472d663387566994ea8e6bd3c0b0 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 024b33214d15c7476f71411eec835967 |
| SHA1 | f7b98d80d0752fffaea4b2e33688884be73c2e56 |
| SHA256 | c72dd1114eaaced3ef617f0271ddb7029454e19d51e8f01e17639db8073c1725 |
| SHA512 | 1e31b89f7f079385d13332702a05aaa266e372f5ed5f75f26b022a3fb7824c2cb0e2091c4050f517dad60a1a28443480d8dda0f045159bda4416437da22c6030 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 9532e3f20fa551bcc966384143ae11d9 |
| SHA1 | d48fd90a1e30f3a3e1ad0d5f5e9ec49462c8d598 |
| SHA256 | 4c42492690ebed9a0c2dd124f94070676520265662766326d8207f741cd65b16 |
| SHA512 | 42c2db124c5b94bd9b863cdc8dbaf3317e9dfe5438fce530e7f62f71e2d6906efe83273960d2969df52e68c7ea7ed15a77fa4aeff728324b327ac0ef9adc75ff |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | d1e7734f418edb6774d2fcd7b754fadb |
| SHA1 | 720891675d816c3ea7b08dad33c3c82c7c101e74 |
| SHA256 | a976646e0186761a4d8f5b7482fb8779a4ea619f4c1ca66a7f4668e3d98f1b72 |
| SHA512 | 5414e176f1450f4311f6f8401200ae9b858b3de8b9ea7dc0a837121a109e1f4ec3f9156927260514e6cec63383286fc9d50c7cca2d2f0a3cd215199d45308b9c |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 783de2d254a4033a399d3d684a236a84 |
| SHA1 | 6578551bb2f2ab53ab4d03cfbab0d55d0f357a50 |
| SHA256 | 4477a06d5c066d944dbcfec68562d49e9dd12d144e1d35dd91d1c947022b8252 |
| SHA512 | fe414865d4fcfc4b31c4ef35b9c6cace5f1e3e92709e005c026928a4d676af980c3e3117075d450f631cae480517b3ecbde4bfdac5bb838c5ca7b5b5dae65c09 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 13aa9f9de0f0c25490d2e0e794e46d4a |
| SHA1 | dbc52efa34767979653d380588f766c8a9cf5d19 |
| SHA256 | 801e63d9dd09c76862534fa54c52c3a7acafe978de2333dc43f576a92efaf616 |
| SHA512 | a4d790b586a54f43d460b3c8dad0789cfe69a443a08a7a4a96d6621ed9f4ad2493b8b810e3092da0d022376337be4484cdee663185e08892504faf297bf85458 |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | 73959fb2410178ca2238a44086bf9310 |
| SHA1 | 624d0f236bd9bb78b68ed5b273fcc89be721a11d |
| SHA256 | 4aa5713fac50146a5d3efcdc9dadbc8b779be9b9b3847590b294ef53754cd4b9 |
| SHA512 | bc5cfab052aecb93f91dcda3a212bf97f4cc22595dda984ab8f6770c43f3b8adb183354ba7853b6371cd2f79359ff4dcae056ad1ff59fa01e0d174b07e543ea7 |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | b18432c223620de1fa6a0e55ea20dfb3 |
| SHA1 | 0adb8c59d16d25ea6d21ae0fc7d77c3f270851c3 |
| SHA256 | 6dfe552c3e4c0b75072f5bb28fd45d54b2ee0a61f312f9e477de6b20c921ea2c |
| SHA512 | 9d731fcc3e4b40cb059a7d705a3633e8ee6519bccd526fb0150d03bb3a56a07533e09dc83df4d291b2bb8a0b511490b2b58be3dc0806df6938ed0e96ebce5e58 |
/data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.2.9_1718420770782_envelope.log
| MD5 | fb32519c76da84834bb7aa9c21594011 |
| SHA1 | c54cc75579b2509d37156610fe6218bae4fb3ab1 |
| SHA256 | c24ee12a27118c2ef2f09e977065350e1dd0fe4ac106d7b6ab88c052ffc0e965 |
| SHA512 | dfe27da48c494f3f7df67ea6ede11a9d467059adf3e26de9a13620afb3ee8cc9a71e475fd80ba9c9f4db5781f96ec1f7296d3dafce91835078b617becd5f2101 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 57e918ae20bffa2d7610ee618369fb56 |
| SHA1 | 5ba51a946b3491521d3f234015764471d0ce919e |
| SHA256 | e5b8b6cda0103ad82ad59b37ab0421583964f4d4db066c68088303afb7dba181 |
| SHA512 | 0e4baf8f9b6c3587e6774d0f765e64a9f4f7b5187a7c2e4b8aeaa5f449252daf585ae57ea7c1ec16cfadb90ab0b19c0a335fcb6693696708abcc69740632fddb |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 0adda9c85a5e4808f5b1b74c0a8591a5 |
| SHA1 | 5048107883ab1e345af9cf2e6849ce46e0e612bf |
| SHA256 | 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1 |
| SHA512 | 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | dd530bad0d4dbbf69c203d34bea36127 |
| SHA1 | 98883eb7f7837158c1279030d348b1b9ae8c992b |
| SHA256 | b71273c8c203cccf5da08c23760a3a8f05a3a71f7f2995cbd60d32536698a3f6 |
| SHA512 | 8f75c3ab3353d2a0b435e5fe309f361cd1fe768c1fbff67ec76b686023fe1cd1538d5e769537883145fa5cb9e853fc5a1a7756a5947676e182a742212277acfb |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 934cfe9ca2a27e071b28d939a205397f |
| SHA1 | 85c1f271dadaa7545283ee09ceacda6dbeb8ee0b |
| SHA256 | f7912e38766dd5f7e26e2d085785d95f87e03064a66b604b684510c982242bb6 |
| SHA512 | 32d0f1aed55b9ceeafce92c2b73230fffee3dc483384a4f2a4ca6e56d74d6454ed65a2e8dac809c60e2c1e292a35b1469a9ac1bb01bf500c00bba32ae79deedb |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | ee296c29af1f99f094616d2f7c031659 |
| SHA1 | a88d12335c7d75c7d83b57c8394ddf8f8fed4216 |
| SHA256 | ff3913543f5c837cb8976f483bb9625737fc74c319982d3c3fdad7ea684f54c0 |
| SHA512 | 90f3e972d440efbf5aa5875a2e64b4194a55020606e76baff6056a2335df4a74400e0d91b295fd5d72815a5e37170d20bab2fdb8838f66b58826e2af7801b20d |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | fd0963b60e0e5ee03e53dc32f1772831 |
| SHA1 | f3d725fd4c87f70eac4bad5d4fd6c0c3304326b5 |
| SHA256 | 60e24efb6f7813020840ad2de3ade5234216503278983cdeba72e689d72b56ac |
| SHA512 | a0a0d7b6219b2a25838717ff30e173b6b6c436bdd79bba1b39eb0e32dbea90e20908b90eb16db13681ca149c676ef6b1d0be3e8bea07575fccda2864834b06a7 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | e10b255c05a16a8eb7aa54f76c06ff11 |
| SHA1 | da73c8adfb76c75d0625152766403c20f2f99017 |
| SHA256 | 4d8eaa79614e9d7f692583f2fe8a6ee00c3952f3ca65850458fe2cd02ee551d5 |
| SHA512 | 12a282d8450e1a33586c7a1e880b2ab1fddb3a2ca4f04dacbac83f79173b30af132599fe9568c1eca9800200a44c32e8e53f853abcbff0cdda262ac0ca24440d |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | b124db8e2ae9a77f7f79b35f633e55dc |
| SHA1 | ee942c6ee5a6b4630f712743e901a5f77055fe6e |
| SHA256 | abd5b5e4e55c362af4cdfe8ef8fb9a14c154cf31efbb25360ded13b70b2aab47 |
| SHA512 | 50cf126e9305580352455ebee5e8bfd051c5d1b89d54b395ca7b94576aebe105d2bf9b334bec6ef9dce0a19ebcb8ffdae144f692c892a68b32e212febb24773c |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 264824d3e05d8a8ace2344a3df2c8db3 |
| SHA1 | 717078aae8175f1fc16628c7d9543c481f25010d |
| SHA256 | 0fbd8d3ac134fd5c479360ba53c269725e2f2c52b15544d2b7c3f73945841a39 |
| SHA512 | efbea72e953a70fcba8dfa78099c406306043cc033ccb8c3c7c9bf80885f32998d2e7cd5f90faeb63f81841c1c0d530ac64bad26f0e7687b5d6b90e8f09d2411 |
/data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.2.9_1718420774216_envelope.log
| MD5 | 2ae6a7ab1130995a1ef6f05aa384b105 |
| SHA1 | 1bb280fc5c53d43c9e923b99e5ad81b016665095 |
| SHA256 | a05eb06fc49e98fb96c058b844fbae7ab28bcc0788300c69f59e8aa2e60eb934 |
| SHA512 | e4c38f7715fd2e4f12beec36b13cab347f287fc97a24530a0b1f3c8ccd860cef52b43101d2ecceded062d192cd96d8e5e266958a4c7b482328e0591aef49e5c3 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 41f70df10401a2b042999e1009a9c95d |
| SHA1 | bf4f6fdf9fa97c5d383472b6dde42c3d60f3faf6 |
| SHA256 | 8a04f074a830f691d20ff8a23ae3bafc0ea1fd52bcc90d8a2c36e034f7a16321 |
| SHA512 | 65b39278365ad067e95ab5d547c9a8b8a243ed505248bcb3f68399f31ba240bc67f2580d7a8200e0c34769977a921b4a06e7ef4760457bf0f8abbe5df362986b |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | f77b4ab39144684e524e88865a324442 |
| SHA1 | c276378fec96f012beb3fc86b7b289c1cee8d9e0 |
| SHA256 | 9d9188b0ed14adec4c07bdc784eb44791876be9dfa4885edc3b1971d45d08371 |
| SHA512 | 3f803c215a86bcd7d06a5c16f2dc0c5c745cc4f24eaf2911833a2570f30be8563b760392d84895c9d2ca9464b0fb23695fa9952f614d1a3ae085cd4e2cdf7b67 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | cecdac649f26b7112c33305df7623527 |
| SHA1 | 8c17e84233718fec72fbcf2403a6b98cad573853 |
| SHA256 | 13bee088cba5975fb6af31a96726b99447d2edd341146ae38522d470c8742db5 |
| SHA512 | 1b65271eb642829f3068f933eca5b4901ecb583a96328a1fec584c36de58119209ceb014c1146e179029379982bad95fd236e92ff32fe1242ecd585d9c9812dd |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 2a989c4104088ea8fd9235bd931167ec |
| SHA1 | 81edec59e348b712005490d40007eae09e047319 |
| SHA256 | 8edab88edfb222620c3b58d164b47bb705cfc9f7fdaa4eea519e75db0bf425cf |
| SHA512 | e8ff94842efc193871209c9088fb01759909099474c75acb83404c65ad8142a28bef676544e376388f2e243856c21a0a0aa8590130bb011d537039dbcd531c46 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | a8bea5208e3bf00b42a3c2a9202e14bd |
| SHA1 | 249369d78f0cd5c63b9e64a193d16d2b05e51bfb |
| SHA256 | 7c65d1e101681831a91497d41e99cacee8e4425729673943b9c4f1cfc8557554 |
| SHA512 | 4680943038ea586227b041f8c3eee660eb7d8e3bd2d300acd7ec14f3115c733445423baccf43b3fb904ffef3a93e4f5732c92c3515340baa956307d4807d35ef |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 90d63523b74d46028f728aa75a937a5e |
| SHA1 | 8b663041cb0b82e02a3907afe0ac742dc03960c4 |
| SHA256 | 9878ed86f1c8b81ac39739bac52e12a8e6c91fac0f996de92cbbd97ff915f109 |
| SHA512 | 4a17dc05c7e508f6a9b602f94c06b833255bdb5d91e324f864e57f645d594f46e111a621722462a1904b254c2f1c8334342982b81c236e86b611ae25036f37e0 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | b4dab092e6769a211388a5f66457ea04 |
| SHA1 | a9e85ef6d5a1a452e9184fa31975b594906fdbe6 |
| SHA256 | 372f5a51f7c5934410459a54327cf15bd29c40ad2e0fb51704c05be88181b77d |
| SHA512 | 1d602afc5774681c43cb6664a541899ff411a5b0585b3b90353b8c19e6eb63c2f186a3cb1610612a0c3219b3447ca1b4d403339acd71142adde5f3005849335e |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | c884fdca148f66688e4e3e342337d2bf |
| SHA1 | d2de363554b360183256b3d0acd0250093e9535a |
| SHA256 | fc6855573c17ecd1cccf3e8dcf8ed71ea1657d84144f6f676f646a09bd337e91 |
| SHA512 | 1e81d6d77fc216449311688462ae9c4089f3586bf4951afd78887d208a6c22af56bcb3a960f9980025edc994560e1c6239376aafc66be0c8e2bc9dad6ff75e5f |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 9cc282f628f39a8b3f4ccc9ec3b5fd48 |
| SHA1 | 25f13729d04e970589f08c5e3b4490e9fd3022c7 |
| SHA256 | bc27fd3aa8375f6314be5d218d0d3666cf2fce05be1f9dd87b8b44de138ae965 |
| SHA512 | 6778ae295e4ad88d663407b60becff4c6a852bb1658a2ccc21f8751b2580b323bb09b1799b3c8d7f250e356bf7e15e0b39ce0d046fc002e3183f4d11ad7d6c50 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest56577538813782747619772596600333470916-journal
| MD5 | 592e070538a7b29e18e6036f20dc8258 |
| SHA1 | f4744fc395a4741fc0086145a3928687c64ca586 |
| SHA256 | 88051b90f92913ca130a4c73e55ede40de1a362d7b0b498dc57a98d54834ce54 |
| SHA512 | 0d8e29cb62a55a95a5983a45709934095ab1e4da2b29247cf8bb02acfe96d47d3d0a90c8e6e14d8e054e270518eb67ec44226d3da30d9d7bf46f1ffa7134153c |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest56577538813782747619772596600333470916-wal
| MD5 | 8d64b9425c702d2cdac84c16388485d7 |
| SHA1 | aeba2416197d419158836c6e7a505b513c677980 |
| SHA256 | 4e47f93cb5cfce1b8b8877b8b9b2a8016fb4067ca60669bdaa01ab3f95c673b0 |
| SHA512 | 22f84e901ed001dfd42b880f19eb823601ad7864258923b04554b0c60f5e7069e9242001db55a704cc487b09859b27eaa6e0622e28c7b85578b2fdbd605d08b6 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | f755bdab825b26aa740d0c8c28055fe6 |
| SHA1 | d1bb1c6024d03a10db12e5bb6ac89c0408e467ce |
| SHA256 | 8c111e84d559bd270f8a946927bf0b2fa9fd115377d26d2c09f77fd67e3b14ee |
| SHA512 | 87d6d2e785c0b5a8c4a2a63ce707415e84ac34f6fd5b0ac0e62ef666046e7b9a9914c72e51b5b7419db46d5bc1f0a015d2e08edcd650c70c39e2e5786c1e0164 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 7ca573a71c181a9fa57424f8ed245ef1 |
| SHA1 | a45556c23a1fc72d5aab1d621345117e9ed7edc7 |
| SHA256 | a5dcb52f9fd65d19118aee322d5a4e5afd131f175ea5a5e3a8bc722af5fdf583 |
| SHA512 | 7da171becfaae4f6bbcfaab2b6b453f7eaefb3475c629949ab90442dcebace73ac10ad3c1beee01568e084edc314fd29d7fa18e644b52c23ba95b39118bfd61f |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 57422503c3179fd6f39521754ccdb8ef |
| SHA1 | e7a750d2b64f5b46023320e9114265336fba4a84 |
| SHA256 | 2e155cf7d3009425c64dad12ee595b541f6ea1e503ebd4a1e18a3fca4f887189 |
| SHA512 | b8f6e6fa1f34dd916762c90ced8f61fea1326d3490c348320a8e3c5ae2a64e7d0ef1a04d2c0fa3a307ec6c337c82db73ce0de92892f25d9e1eaa2514f04fa7dd |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 539768bac0d17bd690fd31eb1ed86cfa |
| SHA1 | c6a9aa1adae34458d8569c4bac6b7087b6faf2fb |
| SHA256 | c2a08f47ab562941eed50e1a5f2be9fac50a8cbedfd6508ebd5bd576d5bfea0b |
| SHA512 | ebf42092a9a3187830d1eeecc5dd459bd88d5eb0e5465e1a4332ef893262fed9fc59f0c2f8fa3e6f0f64686c3303136391f64b6671e1443c110314dca404ccd2 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | c7b2966be1b5d9361a9e40c4cc244831 |
| SHA1 | 3b488680d3d6d9a1b6bba06d51cb9fe321b820a9 |
| SHA256 | b8f6c3a3d8f2060682e2364276551a886a0d108e451281b6ea5c1264a42ee45f |
| SHA512 | cf25e95d6e82e167324aa69317a45c5262157ffaf0e95dfdffb0bcb95b579951e3e5b54f019b6f2292a17133044c02f741ff2124e5d8edf4596071e54f4e76ed |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 23f9f29f907ce046d1ba26666020ca39 |
| SHA1 | b6c903757ae05fa6e31e7c516c2a934942b3584a |
| SHA256 | 3da16d52751db0154989c7037819defab7a9216d44e677a3705b8a7bc5d7fcac |
| SHA512 | e9b1bfcb5cfd85a76684436f0bc20d7d23478d84bd89f59148e3748d4945cfb28d87219f0a4e94e1015e6c51a31af2da248eae03cf0624d8834c460fdb3e5a4b |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | a5bea94bc008e62f7f2bebb3c890bc37 |
| SHA1 | b8077bb5e997ca8693c365af2d08a4c5afaec500 |
| SHA256 | 218adee4aea2b8d5c875dcf9eedd49ed149aa72a677fa8015ac79c78388197e0 |
| SHA512 | 5649e7746f6f9df04012036426205001a81f0012c65abffa0693fc01497060179282f958ed05ae90013a48070e650faec2771fad3045a33ff634f916e7cfb649 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 2935f328818c28600d38c744ba11dda1 |
| SHA1 | 460be1c6b676ed7cd6765e0c884554588e8c9730 |
| SHA256 | 27427e6c29b9295627047a9c9501fa4f7b4096991113d2067aa73455dc5ca333 |
| SHA512 | 37279ccbcd362e0e75aac2f8588639d22ea1acd941cb671efb70aafa9eda311d13bb2b548134852daf99bcc170c9d3635808730c1a78bed8fcca18903d49ff67 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 4173b087fe41c1c6954223be6aee951d |
| SHA1 | 3be7ca91ad19a96a086bc538f3f941dfb230c6b8 |
| SHA256 | 9dcad1fffa51c959b1d81903512a4c31c243f2f27cc0afe477331d9d4b867d62 |
| SHA512 | 5cfc83a3d7ee79e97d81194599f66acd87f1355835a9b18b1e71cfb001bc30d42da877ede43ceda59784fa8f32d9a8fdb6afe3150737112724010be5d63c2abc |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NDIwNzk2NDM3
| MD5 | c15a8439f24c81d520f1a406b02f2ae0 |
| SHA1 | d1d4e9439335c5bebf109c5727590d83082c439f |
| SHA256 | 90413520fcb1874c14edd2dfe340b03cdfbdc6f2ff57c2a3950b43ad5a8063be |
| SHA512 | 55a581da25e697c1eccb67aee76eb07edb0d6b70a0997b7fd45dc1520ede5061622aff6dfc7b3d143f84ab0b67600db253ebbaa49bc9d619ee881577e6a74869 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 90a5bb281e7cd279901459d1a4833f20 |
| SHA1 | 22b0be7002e3b71ec4d3dbce0ffbc58b35ab0d98 |
| SHA256 | f3a032b67a71926da324d672d4e77b7fc0a57d7d20352c987338658a6c0e87c4 |
| SHA512 | 1e0538b916c7437117b2e9d0873a327b3a4a57d52fab333221bdc71fa46f130d095d1a7b60a0a383c797c400fce4746febfd7190e17101262668eafbe5b26b83 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-15 03:05
Reported
2024-06-15 03:05
Platform
android-33-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.212.196:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.187.202:443 | udp | |
| GB | 142.250.187.202:443 | tcp |