Analysis Overview
SHA256
c9a205fa92493d44f0d589fc3373857c8a48599c22ee257961cdfa35674a1a80
Threat Level: Likely malicious
The file ace37f430a65489135f2ccdd5756aff2_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Checks known Qemu pipes.
Checks known Qemu files.
Queries information about the current nearby Wi-Fi networks
Requests cell location
Queries information about running processes on the device
Queries information about active data network
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-15 04:32
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 04:32
Reported
2024-06-15 04:36
Platform
android-x86-arm-20240611.1-en
Max time kernel
12s
Max time network
186s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks known Qemu files.
| Description | Indicator | Process | Target |
| N/A | /system/lib/libc_malloc_debug_qemu.so | N/A | N/A |
| N/A | /sys/qemu_trace | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/socket/qemud | N/A | N/A |
| N/A | /dev/qemu_pipe | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.duowan.xunhuan
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.3:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | crash-reporting.yy.com | udp |
| CN | 58.215.180.63:80 | crash-reporting.yy.com | tcp |
| CN | 61.146.73.130:4002 | udp | |
| US | 1.1.1.1:53 | aplbs.yy.com | udp |
| CN | 61.146.73.130:4002 | tcp | |
| CN | 61.130.29.215:4002 | udp | |
| US | 1.1.1.1:53 | wtaplbs.yy.com | udp |
| CN | 61.130.29.215:4002 | tcp | |
| CN | 42.56.75.12:4002 | udp | |
| US | 1.1.1.1:53 | xhweb.yy.com | udp |
| CN | 61.133.52.174:5002 | udp | |
| US | 1.1.1.1:53 | spec.wtaplbs.yy.com | udp |
| CN | 114.236.143.48:6002 | aplbs.yy.com | udp |
| CN | 221.228.248.99:5002 | udp | |
| CN | 61.133.52.149:23 | udp | |
| CN | 218.98.23.25:80 | xhweb.yy.com | tcp |
| US | 1.1.1.1:53 | fts.yy.com | udp |
| CN | 113.108.82.187:443 | fts.yy.com | tcp |
| CN | 113.108.82.187:443 | fts.yy.com | tcp |
| CN | 113.108.82.187:443 | fts.yy.com | tcp |
| CN | 113.108.82.187:443 | fts.yy.com | tcp |
| US | 1.1.1.1:53 | ap.yy.com | udp |
| US | 1.1.1.1:53 | conf.argo.livemediav.com | udp |
| US | 1.1.1.1:53 | cgi.connect.qq.com | udp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | ap.livemediav.com | udp |
| CN | 183.36.110.90:6888 | ap.yy.com | tcp |
| US | 1.1.1.1:53 | proxy.livemediav.com | udp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | proxy.hls.yy.com | udp |
| US | 1.1.1.1:53 | ap-malaysia.yy.com | udp |
| CN | 218.98.23.25:80 | ap-malaysia.yy.com | tcp |
| HK | 43.154.252.110:80 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | gray-component.yy.com | udp |
| CN | 113.108.82.187:443 | fts.yy.com | tcp |
| US | 1.1.1.1:53 | ap-russia.yy.com | udp |
| CN | 113.108.82.148:80 | gray-component.yy.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| HK | 43.154.252.110:443 | cgi.connect.qq.com | tcp |
| US | 1.1.1.1:53 | ylog.hiido.com | udp |
| US | 1.1.1.1:53 | dlog.hiido.com | udp |
| GB | 216.58.204.78:443 | tcp | |
| CN | 203.107.1.97:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | mlog.hiido.com | udp |
| CN | 117.185.226.53:80 | mlog.hiido.com | tcp |
| CN | 36.110.128.176:80 | gray-component.yy.com | tcp |
| CN | 182.247.249.100:6002 | udp | |
| CN | 61.130.29.214:5002 | udp | |
| CN | 112.90.175.157:6002 | udp | |
| CN | 61.133.52.149:4002 | udp | |
| US | 1.1.1.1:53 | hlog.hiido.com | udp |
| CN | 14.215.84.167:80 | udp | |
| CN | 220.170.50.135:80 | udp | |
| US | 1.1.1.1:53 | abroad.apilocate.amap.com | udp |
| CN | 175.20.84.154:4002 | udp | |
| CN | 106.120.191.81:6888 | ap.yy.com | tcp |
| CN | 59.82.44.11:80 | abroad.apilocate.amap.com | tcp |
| CN | 112.90.175.158:23 | udp | |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 58.215.180.63:80 | gray-component.yy.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 117.185.226.53:80 | mlog.hiido.com | tcp |
| US | 1.1.1.1:53 | short-yypush.yy.com | udp |
| GB | 142.250.200.42:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/com.duowan.xunhuan/databases/MessageStore.db-journal
| MD5 | 555be0c97a6922e79c0789fd7be7b3b3 |
| SHA1 | be9b6ac74505473db30c19b0d764f80d550e4ca2 |
| SHA256 | e7b8bf7dc6d4efed06f117978026b0bbc97f5c32f9bb6df3358afe702129a745 |
| SHA512 | 6267d9390e8607d1857956c952338857c6f5964bcd17186058774f8d09b1376827f7d39004a7bfc28773d273dea324d06d00a8c2dd44e719a5a2ced705561f34 |
/data/data/com.duowan.xunhuan/databases/MessageStore.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.duowan.xunhuan/databases/MessageStore.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.duowan.xunhuan/databases/MessageStore.db-wal
| MD5 | 90fe2d8fe7fa173bbdc4c0d6f598a3ea |
| SHA1 | 7198941faf181b90d7ed4812e10a193f09994b9d |
| SHA256 | c1e4025e465b403cea53b4ab63b05b1497e43786dca6745d36c95f2eb40edc65 |
| SHA512 | 29c7990dfa7d0f0f32a43b60353c6d0c7f682823bbeafdb69bb35a6dc80dbeb07ea0e136048f9001fa2c222db0dfd086a8aca85c7c281db2f5ab35f11b62b10a |
/data/data/com.duowan.xunhuan/databases/MsgLogStore.db-journal
| MD5 | 327a24f2cd3bfa63d598428c3b645e20 |
| SHA1 | d1b8299111237e74e8bb569fa808a3ce85bc3253 |
| SHA256 | e58e352d36b9db30ed4bab0ac352cc73b46b43d64f461bc04b57c4578acbd672 |
| SHA512 | 783be7e38b4275093ca831e81b7cf74018c221023099afd6b5aabdf54e4d64c4e94cd764b51418d38ef503bcc08796ba73b4e701b1cf3bbcd067f1f6cc39a139 |
/data/data/com.duowan.xunhuan/databases/MsgLogStore.db-wal
| MD5 | 696de32fe2b012b25d63de2928e2adb9 |
| SHA1 | 2724a49652a5eb0d351dfb4a012ccf8e651e4481 |
| SHA256 | 9beaa6d95df43e4d54ba2c0d096e7bbd720e8fee07fad9e8eba0c64abb94a439 |
| SHA512 | 0d04e3b2895bd2947aa66f1ca8c5fa65cbdcf11d0382e0c0d89d4e47202d78dc0ce009f5153b6c420cbe910546d2fa940ded4caee7d815bc27092503badce8a4 |
/storage/emulated/0/Android/data/com.duowan.xunhuan/files/tbslog/tbslog.txt
| MD5 | 2aa03764eb7eca841255e707f9c493d3 |
| SHA1 | 819a361013530c20536d2e69d25b2ca33224d334 |
| SHA256 | f413448e7aba4ed5fd104affbe3a2914ce9ba42f8baa118044180f81b5aa1567 |
| SHA512 | 8f5f0b1519c2b9f9c019abea1487f27b0cffad9866592b82160d99c2851177a075e267bdd10a150c9652fd3561ad37e1fd057a0919887179f0b026fd5bbd7206 |
/data/data/com.duowan.xunhuan/files/hdid.bck
| MD5 | 2a205b76fc9fa3df65457b8896108ae0 |
| SHA1 | ec913a22adb7bf7eae6ef192ce2aa01e1832b0bf |
| SHA256 | 545f4dc4a517fc713c422b3726428ffa4f1d14a8c394484580ca7cd365117c11 |
| SHA512 | a055003ee16ac602f3fd444ac9e91241b82ad49c7c5c4d6b9fe5051923017e111f51d7087e5d9b9cfe6ee6725e39e4af50b494b7608d6904235c84b4825f2f34 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_9dbd321e.db-journal
| MD5 | 886e186e16449ba303ce3dc1c6109de3 |
| SHA1 | 8ab6c7236187ac5786a223750ca037b27f10c344 |
| SHA256 | e4532c26aaba85471925d52aa900b31cec05d1e6f1187d3c4d5d52e9b5c872b0 |
| SHA512 | edae5a1018e59bc11c2fa9977332e476e11e87f432a2802d11aa9d39cbe8d4d68567cbd47c3e7e0b966befd16f3526f2a276c318e1755d9681485721adb4a292 |
/storage/emulated/0/.android/Global
| MD5 | 07648e10fbe8e6385483f755d4880f56 |
| SHA1 | b83be61491bffc009a3c8fb6ad6b7986ee153ff0 |
| SHA256 | afa488ecfa0ce8f9689e149e0e1ad0ee0111074d9992e6cfc2ce9eeae34147d1 |
| SHA512 | c83559f110b494d69747f5d5898d6323fca184f23d6955c95fd2866f584bff9767148aa44d81f1ad09214ec607e26df7b7abab8af8396e4321a9a59364c57466 |
/data/data/com.duowan.xunhuan/files/hdid_v2
| MD5 | 68b6339ed9562f5e0623e1b5ec395d62 |
| SHA1 | ebc2f326372b0db484711b61c907f975b5005e4e |
| SHA256 | 3d2030242f7153061df4dcedd4fe657a131c7d57137d1b94710a24fe40e56cf5 |
| SHA512 | 7546e55e9f00aa1113d9cbcf891e019c3bec823340cfca44f1f81b27b6295735d51be4ad8618ab8b511ecb43e9ce2e317b70a2b46bf35a1559615c1145ed3be3 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_9dbd321e.db-wal
| MD5 | 92f746cd0b00c972f51e78247b0e06ab |
| SHA1 | 2d8aa6b08c5d957134312af9f96231eec31fe692 |
| SHA256 | 33e7ba4c7e80c2082e00fc5279785ee37bfc174e3668f40f85d7e9ac7c1b8f1c |
| SHA512 | d20bc6a2e48bb879aeecb1cd3770572bbbbd872b0ef4095d2d03f9ab43390604806740ccb4ece718dcbcbde87c2b9b1653ac6defc29612ae78899dcc436be11a |
/storage/emulated/0/yysdk/logs/yysdk_adapter-06-15-04-33.txt
| MD5 | 1d9a8b4e8310bbb9df1d02d1c92724fd |
| SHA1 | a1c75f303afd752903c641c2a97238568a6b0847 |
| SHA256 | 11b5b6478e7d2e232c10ebf8c55ef13204bd0b59568ba3e8282aa5b59f71de73 |
| SHA512 | 46ecc22e5dadc9578d8da3da4a17f5eede8e010a3bd05bd24d344949b0b2a69ad0dcafd1544f29559c28db36500208706b2822dd9e8f63d2ee5bb1ce28e6879d |
/storage/emulated/0/logfile/log-jni-makefriends.txt
| MD5 | 8b6e5bd9c31afdb2a1133415f484efc3 |
| SHA1 | 61bd10c66033ca126bfa9c3a7fadbcea70755bfc |
| SHA256 | 26a46b56031a966414d29e5727d6f6872af8b445383bacfbbe797e6d96bd1bc5 |
| SHA512 | 3e2d644f3032c88aede5943d0d42e3049e512dfe9cd44e8677df4c2215f91620f08ca0819c4c9b5faf8574470966ed463ef29a7514f734f8cddc6408477bc194 |
/storage/emulated/0/yysdk/logs/yysdk_adapter-06-15-04-33.txt
| MD5 | 2a450cde2047b1025ffe82173aba173e |
| SHA1 | dca890c11721e96b3723db18fcfdebaad080b718 |
| SHA256 | 2a8a645ab87663ec170db5ae88bfb0560048f831460723ae70b87fde7566e12f |
| SHA512 | e5dac12e760bdd00e5c330c0708fd43485dcf0939a0dabd38a8b6454ed2569b9f92fabc168f74e13228083fd2dc6e51121427b47e6bf3b90fa5ff94d79cca16d |
/storage/emulated/0/yysdk/logs/yysdk_adapter-06-15-04-33.txt
| MD5 | 2d5ffaab34df1d727449022a299a6513 |
| SHA1 | 168d4bd26ae9a38f1da5426657bfa7e21f2910c8 |
| SHA256 | a013551596316e6434f04e36ac59210b2257f37135b9cc03202cf84c8498c06b |
| SHA512 | e782223ea83e264e39d60bc92c2953a72d3a391dbce3669675433008ca0d8bece265cb6ff44de65d5d5007bc3dbc4c5d19aafa06da219cd9bcb3e80d6ff07df7 |
/storage/emulated/0/yysdk/logs/yysdk_adapter-06-15-04-33.txt
| MD5 | 70e7f8e452f74530a6a2400a4172441d |
| SHA1 | bf3fd7022d39f7aa456a4f7a6f3d342fe3e08c42 |
| SHA256 | 6c00e7c1565205a0cd37ce790f2731f673a41987e80c8005237280b39426b601 |
| SHA512 | 5af4d799edf5ebe0bd4dabe738b1144ce588bbae5f825891b7abc6749abc00b4f03ff5ed6383c480030df41dfdda43602a46dc2bfd727e1ca0b0fc3185b3e2d7 |
/storage/emulated/0/duowan/d2b08ce4-1e6c-4515-b320-680ecdd98da2
| MD5 | 748d9beeaa1899252a7365b780b95fb0 |
| SHA1 | 2158cbe9044f2b138df0094615afe6616e526c9d |
| SHA256 | 59290d2d5a77605f8140feb82e44e8438115fb2f93dc56ed4c225b88c21baaa8 |
| SHA512 | cdeb0c4cebf1cc96ebda6940763a940df76120ee991bc7f003480caf055a970f16e4a19ef2ba2c56fa056d539b981e16542ec7239a7b91dd3828585bc2d1e440 |
/storage/emulated/0/yysdk/logs/yysdk_adapter-06-15-04-33.txt
| MD5 | 4fa6cd519567d03bd74bf3b512fb5479 |
| SHA1 | 206bb5818c683740a4e970c953cc1bdb1deb3748 |
| SHA256 | bf76bd8adc47f12bff8f9647a545194aae0a920550fbc625e12c802ec5fcf285 |
| SHA512 | fae6d66b23f4b433f5da242d65cb37e9db0f7a589ee4b89ed4f39c88c44ff443e4fd491767efdd72276f9a8996bec8d6a87224bf32f23e32e132a998070f3a63 |
/storage/emulated/0/yyxunhuan/log/sdk/udb/yysdk-yym105and.txt
| MD5 | 9a2dd7ebad316316249d1f185687c04f |
| SHA1 | 7a0b3437f104041eb1ab8e015d774d6e6a41b9f3 |
| SHA256 | b1837f5d01d2577b5fdfa325aa59b1af34cba9c10e7e21175ebda25bab118c59 |
| SHA512 | 093fa6ab6a65f40de5b2a3a91c653e77e63cb8534acdbb53b8c5657c694d12da75e202fa07a6970be031b6b3bafa2e27e2866d9152410dfe6e5d7eebf62426bf |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_f4df5118.db-journal
| MD5 | de045080e5415a998492168f84c15185 |
| SHA1 | e616cc855635dbfddc4f2e3c8032743b163ea8b2 |
| SHA256 | db08e010c9dfcd814ed78ff5c264570913b96940dda9982e31bd035b696b2afd |
| SHA512 | a4e893cfd7208c60f2c948dcefcecc03d7cd44991d6c431875446d62bb92ebb2e9c471700e87d6e9d09905164577d6339435090c1a450e805808b81eadaf34a6 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_4bcbabc0.db-journal
| MD5 | a653107b18a7ea42936413ca5d862b90 |
| SHA1 | 81d9d56514b26dcaac4160800ebf70131d683f1d |
| SHA256 | ae28ef07931b22639fcba2cf0faf3f370a17d821573855ea649f4d1828653384 |
| SHA512 | 9c8cffd79af6e517c53ff2b1750a94db7fee056616cf64ea4167fdbb945a0410e06cb01710b33ca2b750114a3d855036f0e58fdcc2cc451b1cf7d7c596710808 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_f4df5118.db-wal
| MD5 | 7d319a59d8c68e240fe98605920a4bed |
| SHA1 | b76acd68589d90d00129835213d48f764aeb2e4f |
| SHA256 | 5608759f35086983a9ba3358a58bab7c5b5ee35755bdacfc1cf7458208ef5c4a |
| SHA512 | e538adf112cd5cac7cd22d6f52b8facc619d6f26aebb19e6281549cafd03d02d1c729e7549b4ea081aefb743355f3b2d3701d39302eaddbcc84dfd24a46d0d1c |
/data/data/com.duowan.xunhuan/databases/user_account-journal
| MD5 | a1413b5948a2e4fce7a3a208f4a7ca0f |
| SHA1 | 8b377452bc5647285a84cbfe3264f29ac4e1fcca |
| SHA256 | 0c5d3521bee9d4b94fd54cbbf90548ab54e74d0bc1abca2d6a0969842f835b08 |
| SHA512 | 89033181fdd10459ec4dea75beb739305c7ce2978ebcf006923224fd649920988ef1a2850855140cd86613d29a6aa859ab6aadef7399270acd15501078a80fb4 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_4bcbabc0.db-wal
| MD5 | da955f64e7a9405d711de79bf48d3d6c |
| SHA1 | b9fe2f2ba71177085a53db1a44181033eb86be06 |
| SHA256 | 355fd728023ff705610dd8c00f97d3934f79dc3f665903783ed3a1de6ea7687a |
| SHA512 | 43f4c124d01603cde2a658f44c75ae4814b9738383b2a523bac9129a5ec2dbb99459b15aeef1d60c0cfbadb69e8aa80fca3831775a980814198bc1628f8a3f75 |
/data/data/com.duowan.xunhuan/databases/user_account-wal
| MD5 | 41fc74920322ae8d26bb82a2d553df93 |
| SHA1 | 93d6d57c58d127dc6504dab768a0a0e94610e6c6 |
| SHA256 | 1ee38c52fcdd1bb6c7d2306d3659abbb79d9ddf552447cd5f5331ac9e75cb03d |
| SHA512 | be56f16866f8713968f5c56803e59df13495274078249815bde4c7977c7c8e301bb1a24d76ae9264d6136cb48718aa639b8608193a0c552e714b3023d157a35f |
/data/data/com.duowan.xunhuan/databases/makefriends-journal
| MD5 | bbfcf259557a973823b1de4aad2b190b |
| SHA1 | 80c0d2a19015b74bad5194e8699e80964ac43d27 |
| SHA256 | 9c64fff7b6d9193aba67dcdf0a82a5a71c531e8a53bfbce1bc1bf1dbf4088a14 |
| SHA512 | aa90ac212c58cd182e8d17f7e1fb2bccebdb8cf53bd11e3b1d66cffe8805a8d5894007b719764f3541dbc3accf424f734698e9d5af53f0317db884276685f3ba |
/data/data/com.duowan.xunhuan/databases/makefriends-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.duowan.xunhuan/databases/makefriends-wal
| MD5 | e64a25fc3461611b6a132e3e9ed09a95 |
| SHA1 | b6b8ad553cd1f680c3d535929a654b19611dacc2 |
| SHA256 | b22afb1401e65c29b6367d09bfb6efaf3a894967d2fadd4480576781a4e30a7b |
| SHA512 | ee237776b9d204639f56faac02200e1de71e63e883a6bfc4fca1c1ed138ef531995bd78dcd4e2e7d12bc289011286abac5a724dd382bd97af987e7f5ad5b77e3 |
/data/data/com.duowan.xunhuan/cache/http/journal.tmp
| MD5 | 37e8e716e0e2f4a0b05cd9571d95b84d |
| SHA1 | f8d068f6931707bddb8cd69f706f2224ad1fea3c |
| SHA256 | 7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca |
| SHA512 | e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6 |
/data/data/com.duowan.xunhuan/databases/tencent_analysis.db-journal
| MD5 | 10966751edb8436948dd0da33f2e4c24 |
| SHA1 | 17904d0b76ac2f76acfe5a24f9ff56a3221b5da1 |
| SHA256 | 7841e01635b524fbee9b49de90176bb41e0d198c40d8bfa6f03fbb9b1481dfef |
| SHA512 | cd83d5ac78b6d8981a9f7772b66efc30f1c3c5222bdd151c7705921eb514ab655c11e6b9b86981c2f0e42ab73e04a5aa820cbfd131bf262fc87cff4b476f25f5 |
/data/data/com.duowan.xunhuan/databases/tencent_analysis.db-wal
| MD5 | 2c683182b4bc41203f7583a8ec34e160 |
| SHA1 | 751688676ac7f21b18036c74a46d66e767f6176d |
| SHA256 | fae59bad98156371133d8f311461a293f2ee16eba90a92b3423c4c67e662ac44 |
| SHA512 | 8e6ae0232305388c3983bc69ffc4645857c51a0ebbb22739779b38b1cddde69a6a7d847a818ee97d1c6d2d6aa23561f53a726ae102879dc8a84d31d2f4502a94 |
/storage/emulated/0/yyxunhuan/log/sdk/audio/YYLiveSdk4Cloud.txt
| MD5 | ec52f27524408674f6c70e99da8c8964 |
| SHA1 | 172fd10e24d01a8132b0d04aa10861be9d898aab |
| SHA256 | 49e90964355b50194df9da53090241a2c0fe2cc99275cd6ae8734858f1d15f46 |
| SHA512 | 17e4696efe1713b858ba70dc6ef3b222129a7adaf5848389242c79fc897a191f34a0d58a652d49cc8cd21497372c46c4b7c78b48f9effdebb4fa36ed2c6f279d |
/data/data/com.duowan.xunhuan/files/com.tencent.open.config.json.1106049545
| MD5 | f526172de1566b34fdcea744710d9559 |
| SHA1 | 000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d |
| SHA256 | 8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940 |
| SHA512 | dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d |
/data/data/com.duowan.xunhuan/databases/logdb.db-journal
| MD5 | 77863a6e2860de0e959160b399f52f08 |
| SHA1 | 288717305c49c85b09d9e065b26df0d69e3d504c |
| SHA256 | 352b90f6dde7a28911babdb07bbdf31c5757d309e51ec23791c61376ada563e5 |
| SHA512 | e31ae774dd5740e618e6d66dc69d0e01a5644e080f3badc56112ccced75901d81a2415757ce83192e005dbf7997330ba8ab82a33a6e31505f4e923e9e92ca458 |
/data/data/com.duowan.xunhuan/databases/logdb.db
| MD5 | a7b5debf648af8527d38065f285c6754 |
| SHA1 | ad8513c878ca1483a2472c7f8dfc8a416418517e |
| SHA256 | 0d8f1987d41b042ee7aa1ae97d1950a40884ff4ed620fd02371017160e50eaf5 |
| SHA512 | c879b912d723e9c382e547f605dea4d77830d9300c3cdb1a14c2758cf4e895000c7ba2afe37584ed2fb94a9893e8ff47bdfda4dfbf2dc47aca75efc5d28984e4 |
/storage/emulated/0/PushSdkDefaultLog/com.duowan.xunhuan/log/pushsvc_log.txt
| MD5 | 525e1254f5b15f87c296b01d873bf6a8 |
| SHA1 | aa934b021368fd2a39e419086b122baf688dabaf |
| SHA256 | fac9fc08f9194b1258833b2c179955aa5e6dccee6e533cbca7a3836e5e15b034 |
| SHA512 | c28ead3a3042c74a4faa2b4e4c1b9cbe4f1dc9e3d92e1aef76948a0670dec6bb6d534b2f1e9b28be8ee5030e92cf199524522a8ca7d8578d795ca955a062cd50 |
/storage/emulated/0/PushSdkDefaultLog/com.duowan.xunhuan/log/pushsvc_log.txt
| MD5 | ec9536eee03827ed0487da9541dc62e6 |
| SHA1 | 92f1ee51af4f8199f803068c5d55b9590991b456 |
| SHA256 | 0f23148cfc58ecd8557aa889bed4aae7c6055e1e9d39f91ccf1403205857720d |
| SHA512 | aa57ddc78bfd469565959fb39fbe76c818a4fffc0f2333e0d8c7f9265a6f3262377c1967d342866d3c0291c469780b29fa52e721bc3e28681803c7c2760841e7 |
/storage/emulated/0/PushSdkDefaultLog/com.duowan.xunhuan/log/pushsvc_log.txt
| MD5 | 1af3e7e37a14c5c809d14938adfb5812 |
| SHA1 | 427983b8a86f62dbd120c7b2d991efa83a87f1dd |
| SHA256 | 35ec5a34854583441413ea404cf3abfe05d91d6e30efced625bf374e3750d1e7 |
| SHA512 | b96826d058866671bfadf7aac850061091aa0d73f998c4be30447f3468fdf5cc1c6ab533998436881b20bfd3b4a479268141d2c4e6c3f7698deabc4dbee4bb05 |
/storage/emulated/0/.android/hdcltid.ini
| MD5 | ef8c1468ca781d49e9d7d35bdc0dbfc9 |
| SHA1 | 9ba8acc077c8c029d796d609b9719fd518b4dfa5 |
| SHA256 | fc8ce91c58b18930c49772a961efe76b39b913c6be2af0dd63c5ccaa7e860caa |
| SHA512 | 0033b473042d6f4d1d1731086c31813b9bfd28ee8ec2c74641bf3ea40ee601404a71ef6aecdd8b757b66586f53ed9f5c10b0452da40c00289d364165f5a5c7e4 |
/data/data/com.duowan.xunhuan/databases/logdb.db-wal
| MD5 | 6f914011eaf16616d282abc9f04bf8d5 |
| SHA1 | ec38644d8c18f688f58f10a2e2fffacd5a5f835b |
| SHA256 | daf4c540b61988994c17479f8415296c1028e650fe43373503f81b23d75ca681 |
| SHA512 | 2a5ccc27762c206ad05279ed7c93c5220f442e3836e986e0db07d6947ead6aa1c7a8675e426dec232af9a791f590acaba1c891f6e6ecfba7beff624277bfda49 |
/data/data/com.duowan.xunhuan/files/hduuid_v1
| MD5 | 06962dc5123a22b1106497a39323c625 |
| SHA1 | b4d765d409acff5c810e221626c73961bdeb7df7 |
| SHA256 | b58c951bb9d2376a51c63bbbce92a7cc1441c4e3449b78e92b26b75b7277fb44 |
| SHA512 | 4ee761009ed324a2f87ea7db8ae3c70068b6a1e85eac6d421cf697d82797d80de2d0caa7f336a6c5f7b6d06bf2de5929626b8a630816722cc58975aed951a4d0 |
/data/data/com.duowan.xunhuan/databases/logdb.db-wal
| MD5 | c014a0ea243265e3822a53c046355157 |
| SHA1 | 0699d42a7f48a552f365cc0937ac4ed51c711733 |
| SHA256 | de17a9aed750c9d00ecf4dde3cc6afb4a6f4844411b54d9a872c6b7a969a6fde |
| SHA512 | d349d7a8425ac1d4ae35f7acfb6b2d4bf22890acd1827d8e9709398663ff8c30ab42e22460eec1e5b7f06ea58d744e3732c0792b9b9f049e068371a323ac2a6a |
/data/data/com.duowan.xunhuan/databases/hmdb-journal
| MD5 | d43b1c29894bbe55619c064de1dd049b |
| SHA1 | 3ed02cc89829044942af263ee1a5bcd62ea4a569 |
| SHA256 | a409492cd85d4a3d4d607376c0a767fd341c72a873e00548aeb23edf96219ccc |
| SHA512 | 07db4fa0037e9ed5287f3ccdfd86889acf68a11bf60feaa188da18dcf7f4c009af0146e0d4add314365e7296e7c7650a322ab174a3fe174cfb6416724d3d6996 |
/data/data/com.duowan.xunhuan/databases/hmdb
| MD5 | 3fe30614d7e0d11db870b4624f6c50e0 |
| SHA1 | 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533 |
| SHA256 | 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d |
| SHA512 | c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae |
/data/data/com.duowan.xunhuan/databases/hmdb-wal
| MD5 | 77b8030cbe084a06379035d49fb61d7b |
| SHA1 | 8df659ba45f71953a93654bec2f0ad6516c8eb97 |
| SHA256 | eda8f3b66bc4873e6e827ccb0150e78fb63481dee5610b9d4cfdebdc31cd6502 |
| SHA512 | 999fb71c6abdf3b6b1932fba6ee465451289d1dc9e84cd86175f3d33b745ba8befd43b7e9dd5a477c1b0461b2ed918b51b95530ea6ea682a752fa61df52b3ac9 |
/data/data/com.duowan.xunhuan/databases/logdb.db
| MD5 | be5671c81eff187a640eae8b1b07c320 |
| SHA1 | ab35edf013dbaaa267db3c871bfc2c18ba68ca2d |
| SHA256 | 4351472efff537a26a79e22f26d027596234d9d5245342161103a33215494a40 |
| SHA512 | 24658194aa0804bd1057a7f449ad7693162054519746b6e326730f5c6d4539ee9c31307d74bb81dc3c42c526dee84e257799fa6bf4b98409d1ab27c24c730bb4 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | abc81ab80feed79683fdbbeec6e67119 |
| SHA1 | 96885aa8a46edbeab27384acdc2bf963ae195865 |
| SHA256 | 1cc89c5f1d3ff9c609bc6f2430666ddaa7bbe9639de990f863df859e8dfe8487 |
| SHA512 | 986f80eacfe38d72b8b2377014a1dcde50958f7757f5b8a96e101757e98e566e0d21e6eee596ac05864410fc200d5d16eef412519b2ab31f28880e377e557a74 |
/data/data/com.duowan.xunhuan/databases/com.yy.shortpushsvc.db-journal
| MD5 | 6897a611cf71834845566fed63d3624d |
| SHA1 | eb3e2bd13624528bd12fcdffb54774c358beac64 |
| SHA256 | fa3773004489fbf0fc2e690e36682db5831945c4890a7bbf9b17fe3d39b982f5 |
| SHA512 | 99163e8f45ec271fd8735fe19414eb256abd77978a5446e616bcd7f70a118e9b0109c2a10110b28812930b68cbc3b5f109a74cedac6d2d773de31bba75b140d5 |
/data/data/com.duowan.xunhuan/databases/com.yy.shortpushsvc.db-wal
| MD5 | af68381a57f31e91851bd7c22eeba739 |
| SHA1 | 87b835522748f2cb849520b8cebe8b1b700c3f64 |
| SHA256 | 48cf985be85262ae2ce715a506c655bfd51269cf26bd65b8f69aecbcf850a0d7 |
| SHA512 | 252fd414c5ea3bbb61f3b688300f9ace1bc13194e48c5545ed1fd74b7b0c5cb3adc117b422d9a20ab942741e6f27ec776d13612b1a112a6b2987a2f90a15d1a2 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | b2d517131b3f237154ed3165a343e785 |
| SHA1 | d174a9e4163983165ed2b1d0be783c9247efef47 |
| SHA256 | 0dfafd4d4841d59109227c2579e2caf96f150cf06a3c274d0b90251b91bbcef0 |
| SHA512 | 14c64aad95cd0ad4227404d0d2781787a1c2a8f42bfbc38495bce55317ba9f17ad8f4802fc8965c7964696d508f45f029d6c14dcf5b19dd98c2006fec7f96801 |
/storage/emulated/0/PushSdkDefaultLog/com.duowan.xunhuan/log/pushsvc_log.txt
| MD5 | b6692188ba5801a9e35a8f0b996f9ca8 |
| SHA1 | 00709dce17903957a38db5d530c6c7c98e6afbf3 |
| SHA256 | 012186b33dc0faa26266e43fbb79eeae4eb8399a90e24b1093f3c424bd71fead |
| SHA512 | 91ca801d472aacc5d4167c2b37d32a53c7e730546fadf223ffa3d782ee82075b583d7d9b934c25acaf5d795684ed6b8b562ba348493d24554ee48d2aa26e2586 |
/data/data/com.duowan.xunhuan/databases/udbauthlooog-journal
| MD5 | e8656913085256949cf637da011e07b4 |
| SHA1 | 8bb5405f983e553373df20e816dc731f1b271112 |
| SHA256 | 36b2c1198c76a6a2bef03d801786c2d69fc5296a04899ec3270116d4ffaba9ce |
| SHA512 | ba97e9facd0fee86bb82f857584b6559b85165883b252400345fcd089d4c54a9a391912bbb168a553db0cdaafe39fa5e300e29faa93b7df5b541cdfc128a110e |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | f3d2bf99b1ed8854247794523e5ef7e3 |
| SHA1 | 09e6357648ba998b38553f585c29224f1db159e9 |
| SHA256 | d22a5985eaf86e8d84562efeab07aeb66eca7f50625d737a21f8b3fb85749dc1 |
| SHA512 | 0d880d4e0e52dd1831077d3f972fd31e8b756a52cb1f0c64861a414c5ac7c7866a4b6363944acbfac57533c209b34ae00bdde742fbbe8505262950a6f7af0b68 |
/data/data/com.duowan.xunhuan/databases/udbauthlooog-wal
| MD5 | 22bff205865a7366f543ea083d153211 |
| SHA1 | 1a70ca4ddf89219ba77df39e01e955a9189bd24c |
| SHA256 | 7f9ad936821116169e43a91b65fc5256c1e9b385d049b77a30e3ba7eaf7e4efc |
| SHA512 | 46398fbd4c5982d120af104a09d2932ba76eac5581185c67a2b34b7e22426b81da65d06ede3041f1a5b0e81e20b68deea04575546b96e8207e503bbbd6216f2e |
/storage/emulated/0/PushSdkDefaultLog/com.duowan.xunhuan/log/pushsvc_log.txt
| MD5 | d3a8af267cd3ac842fedf246b1310bb7 |
| SHA1 | 3f5a1aa2286e66fa8df4a0286c6325babef8d1e6 |
| SHA256 | 49393c289cda8728dc59d13fcb8e8799a469acf95cb19b50e7040454c26182db |
| SHA512 | c8159edd7ab6604722ba68006c557876dd9b50bec2a1ca439b4d750be5f061b01a278b06ccd9071e732415a8e18fae766fecde75694fdf24e307517d366b2503 |
/data/data/com.duowan.xunhuan/databases/hdstatis_cache_4b04df0e.db-journal
| MD5 | 7f26171616bc1fc5e0ef730fb41d9507 |
| SHA1 | 6c9b1d06a6612460680c06d1e188d74b69acc439 |
| SHA256 | 05a796be08a57cf06f6a11782d6e5085388cdcafaaa1232857c4389725821670 |
| SHA512 | 3a40aa02547c69be3aac0c1de6aa959090e73ca26abf029471d19b3379b4e652bf5b2f84a1cec43a3740820640638f8f3ebe739a3d2a3df134df16c66f531fbe |
/storage/emulated/0/hiidosdk/hdstatis/com.duowan.xunhuan/hdstatis_20240615.log
| MD5 | 00e3d4ff80d166c92bc6f5d15b3e7352 |
| SHA1 | 74b9f4cd1879eb12620009be41465cd91739bd3a |
| SHA256 | 84f56208ff1f2988f7b291c3c60e744c59367d89e8ad7b00a1a9543886111a15 |
| SHA512 | ddeca5c18ec27f7a7add7146b1a5c17570150baa84ebafe74df0bc84d618bc984173543c40cab92c9b2506728dfe1cf15a9aff91f9b93f369a264e9d442ab386 |
/storage/emulated/0/hiidosdk/hdstatis/com.duowan.xunhuan/hdstatis_20240615.log
| MD5 | 1f3e5050b62040e9b832b31c225501c1 |
| SHA1 | 6df463dad86a796590e5b6bc225b75f5b085e6c8 |
| SHA256 | 2fc80651535155d20613ad93f35209c9ff737aeea512b22f7b5a81cee3699113 |
| SHA512 | 0054935f20e675f3898097d6007f41eafc56d20bad857867b16a2304a93c587dd88366f1f038410807085c8e51dbc007b5dcb7956fa01bd25a80c334e5cdcad1 |