Analysis Overview
SHA256
0b856786a7ad267eb4e50c806cfb7dc348baaca8e1bdbc6f2de05fa7bdb001cc
Threat Level: Likely malicious
The file b448cbd1206ce374b9c2d3911e61c13f_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Queries information about active data network
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 15:42
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 15:41
Reported
2024-06-16 15:45
Platform
android-x86-arm-20240611.1-en
Max time kernel
176s
Max time network
185s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.imib.cctv
com.imib.cctv:pushcore
/system/bin/sh -c getprop ro.board.platform
getprop ro.board.platform
/system/bin/sh -c type su
/system/bin/sh -c getprop ro.miui.ui.version.name
getprop ro.miui.ui.version.name
/system/bin/sh -c getprop ro.build.version.emui
getprop ro.build.version.emui
/system/bin/sh -c getprop ro.lenovo.series
/system/bin/sh -c type su
getprop ro.lenovo.series
/system/bin/sh -c getprop ro.miui.ui.version.name
/system/bin/sh -c getprop ro.build.nubia.rom.name
getprop ro.miui.ui.version.name
getprop ro.build.nubia.rom.name
/system/bin/sh -c getprop ro.meizu.product.model
getprop ro.meizu.product.model
/system/bin/sh -c getprop ro.build.version.opporom
getprop ro.build.version.opporom
cat /sys/class/net/wlan0/address
cat /sys/class/net/wlan0/address
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 124.70.128.38:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.111:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.137.47:3000 | im64.jpush.cn | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 124.70.128.38:19000 | easytomessage.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 1.94.137.47:3000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | devs.data.mob.com | udp |
| CN | 180.188.25.17:80 | devs.data.mob.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 124.70.128.38:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 1.94.137.47:3000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 124.70.128.38:19000 | easytomessage.com | udp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 1.94.137.47:3000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 124.70.128.38:19000 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
Files
/data/data/com.imib.cctv/databases/cctv_db-journal
| MD5 | e75ef96af24bb01618062034d2e1c976 |
| SHA1 | f08d46fccbc24feba7c21b807267c6903fd5ff6a |
| SHA256 | 59c00a9f1b1a531ec931f2b1e3c3528333fcb4b5298f8617b2a693e2eced7500 |
| SHA512 | 1908be74dd13637b13f300adeca8246150f4b15aa1f189fc2bb98773bbebad4f0ec49de63337c5db823304a3f39c4d69f946f5189d5f541ddaf96e1ecd0fa22f |
/data/data/com.imib.cctv/databases/cctv_db
| MD5 | 4ab97c329ae083d36faae95190603fb2 |
| SHA1 | 3725e7aee0c1115181164e1e0e80f5c38dabcdb6 |
| SHA256 | c20e0b8294eace8b7506b1f65a02f50455dd7aaadbd0b0ac6536f75daadd1e74 |
| SHA512 | fd755f48385f1713d919662400b0281740a99e472a47473c71cea1bba3748e5e562119538e9b67ad5a0517d97d059f0053c4278b4b693a523d187ed930d82bb0 |
/data/data/com.imib.cctv/databases/cctv_db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.imib.cctv/databases/cctv_db-wal
| MD5 | 3e64204d4194860ac0e69ec4360913bb |
| SHA1 | 7c8cb8864ba86febf2c50904c1433053801dea4e |
| SHA256 | 669ea4f023045f8697558d207c118304c3e31257fa88fbcda340c90a38b35d01 |
| SHA512 | 52ee3271358b1cc835561af1566454d1b6c19e492d0a5eeef1574c485954d48f795de9e5d3f4f6490d19a295f244f22df1cabe875f7f36f6f848fc048b3bff21 |
/data/data/com.imib.cctv/databases/bugly_db_-journal
| MD5 | 107f4c462684a7ce9f4a48761c73806b |
| SHA1 | 15cefcdc8791535962998d5ca14924f8fab29fa4 |
| SHA256 | df74214bdbe5cb61f2f9ab28e25cd758c0ea89b714d3d928b80e8e2fa8f2a69a |
| SHA512 | c5e49b31a33f916e64d0751384584977f0b7f16abab5b9e55d89c129d13776c7bcc7328e4f9ff19c64a829329e08ba552c83f6e673ab7e78d3c2a83b1f827855 |
/data/data/com.imib.cctv/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.imib.cctv/app_crashrecord/1004
| MD5 | b7be05065f60015f28af0561837b63de |
| SHA1 | 2f8252e09db5fac1c517f3e26b320beec440b5a8 |
| SHA256 | adde84ed15e3850a6a5b1038846e1bd32e2488ee2b6cae22c1aec37e261104be |
| SHA512 | 360179a75c6f47ca3aa100aed928b6678178edbe76c70e8559af523b624a1339693e7ff7859de6e1957ae7113d47f65ccded0e86b9e58e0b0a066e36b6b157cb |
/data/data/com.imib.cctv/databases/bugly_db_-wal
| MD5 | 6b2bb472fffaeb85caabd080e9feb93a |
| SHA1 | 2a6f5e4bdb1a046353de1ca85cdf8fe35d70494f |
| SHA256 | 8ad478454ebfd672de28fc93aedb602c03a13f90586c748c54fce8989d2457ac |
| SHA512 | cbfde9cef2cc03f78db0583835548a8be9b32e826fd14a460641fce0386c8b55843c04f9985aa24e5a16fd5bf97183d051c7e168436be56f46dae7900cdc16b1 |
/data/data/com.imib.cctv/databases/bugly_db_-wal
| MD5 | 0547120cba9afa36cbd63fa5e188bf46 |
| SHA1 | 9e371f21e28dc5aa1bef6d010c7b242c963e4209 |
| SHA256 | b4a5e55a8283cd53331fcf922cf9aeb2c701d4b0534ec8723c83c7193eb44c1a |
| SHA512 | 9357c90b0171a45266290ce0af2cf4d879a5dfb9811f173c3b2ba2ad50c84302dbe9a2e1ace3276c9e4ab7b85f667bf25dad8c362bcb1b60e0613b993de81f25 |
/data/data/com.imib.cctv/app_crashrecord/1004
| MD5 | 823ab16305474af72381fae87911cfe4 |
| SHA1 | 2d4e923293b2ea7bbb24fab0d2bb129df445d3f4 |
| SHA256 | df4c46480984c43fe343e6fbaf9806b2645392ff4c4e9a0bb6032d770d76ca27 |
| SHA512 | 49ac118cc512556c06181c1f9bb1bb95f0abd79764138f5c291065923f0b1369139cb58b6fbaf13d6c7c94847805954402290a181c7c2d48aecfe31669aa84ea |
/data/data/com.imib.cctv/databases/cctv_db
| MD5 | 816f3178daa9104ab0bdf747c3efe04d |
| SHA1 | 688a74b63693fecb43ceb430d3e313fa09fac4b7 |
| SHA256 | 48212144ecec46c8df0ff072ac3908bce04a80ab23e5586d4eb39cd0ce63b920 |
| SHA512 | e54dcc5ceee552cb9183015ae165ccbf35a4d3aa717124ee1fa70d886f65c112f1a08a62153d467bcfc14f7fc1ec14b9ee318ac3111b9a7d37bd4a72c25c0578 |
/data/data/com.imib.cctv/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.imib.cctv/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.imib.cctv/cache/image_manager_disk_cache/journal
| MD5 | 7a6eb2055b584e898bc58693fa93ec82 |
| SHA1 | 9df21d14a6fb149b7fea0c46408bf84a6331f41a |
| SHA256 | 6f62d4cc0e5037dcb292772a8e754f657e169506d2f7609ae8f8a5988deb1edd |
| SHA512 | 3e3096f7aa9044165f4385c5f3334a3fe40801eca60e3a35a4dbde7afb6639ddaeb78529c768c727560ea756c7b32e53084af6632b681181e8d8df44a7739662 |
/data/data/com.imib.cctv/cache/image_manager_disk_cache/a49a7c949cb3688a073149700bb8178fc1c6c59f1548231f457baeb319debac8.0.tmp
| MD5 | 1f6110d07bb5beb71c4651c854180493 |
| SHA1 | 1b478de7a0ac6e6b961bb597998625aee744c77c |
| SHA256 | cf1e247a9a7240d458d6bff0b3805ca8d0b8186e57cedcf5b24d8912efb3948e |
| SHA512 | 78e283df3a7f107f897e0c4aa005de6be7b7d009cf0fec7bfd75f78c05b5a97f85924297097c33584b93685d16263f80b73e9eccc46d342ee013ce7026af1f10 |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | 63c24f80e543556e86344a69c22a01ea |
| SHA1 | 4c610d492aa0849de12f4a5648ddf62283b2cdd3 |
| SHA256 | d14911c503d38a2c1e1f811136f3260b500785b1b1bd168fabd5ddaacee35120 |
| SHA512 | 96ed586487c49aab0445627c8ced13b34bcf73f9617d0dba45b3d2d22cc1f8197ab6d675a2d8d2d73d2088abe8cbe04e69f295ba77186c833ca817eb25f8715c |
/data/data/com.imib.cctv/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.imib.cctv/databases/cc/cc.db-wal
| MD5 | 4f5b873fc41a5c210950f30554efa710 |
| SHA1 | 4d0c587de67f25b17281232db70f273f5259f120 |
| SHA256 | 7218d4df54f9df41d93db419d79d9453915f13b7f24402288c2bda7e7a20b266 |
| SHA512 | e04b93d003572810bbd5dee889440a610c892903a97cb252e41f39c251abf1dc54a59b09a4d2afec67af698d1c85a018dbb61be84b2ad535b0e63a5e21b6b9d2 |
/data/data/com.imib.cctv/files/umeng_it.cache
| MD5 | d4748a9f9b2e370fc49c3d36812492d5 |
| SHA1 | 1118bf0685de9424ab378d84bd571fd287451d29 |
| SHA256 | ce84f89d4fee0e9338496d8bd75ac78cc32ae64a78c984dae2a648c92faf5032 |
| SHA512 | 615cc21a3cb7783af1cb4eee866b2db74a0f3f960fb933ba4e18887edfaea2a2351d4608187d79a4136c4fb1050f487a59263f6be13e610347eb40bba785de0c |
/data/data/com.imib.cctv/files/.umeng/exchangeIdentity.json
| MD5 | c442e15a3e3b8bed905a857f64d35ace |
| SHA1 | 2fe10c4aaeac8e34d761a5aab1ce6d06d2760527 |
| SHA256 | 8287a180ccfab37ef1acabb99d6d8f0d7127c2516a34c46de1ff6df837aef517 |
| SHA512 | 4e4f40493798ead747715e9ef2233db7510254fc2d1f1aa5344419992ff5f7e1a26e64ba03022ff4945d7f31a4bd888f3495601cf9937d24a0bb49200eab7cde |
/data/data/com.imib.cctv/files/exid.dat
| MD5 | ce9622b0225d9cc2d0fec80ac98fbc08 |
| SHA1 | 2daeb8547ded8975a55ee20e3d30ac864b6ecf7e |
| SHA256 | 8f32c2197888ab8af8de783e15f142238f57708da169ecd58727d58de84428e1 |
| SHA512 | f8faa407df14cf33150dd421fe7e99cedf046227fe3e0f4d512a7f607f395193aa0b168a5fb17010bdd814dca57fba94809a1ebf344c97f365073f6d25124958 |
/data/data/com.imib.cctv/databases/cc/cc.db-wal
| MD5 | d7dd3b18da199880d95618dd55929942 |
| SHA1 | 112c8b6a944aa3f7155b28fc6f25f5b2639b52ad |
| SHA256 | badee7840d17a25bbed68ae77cc4dad561657a2fea1b91ec4a892250128257ab |
| SHA512 | e15bfa11d6836477964e36a00bf49b99e2db2668d87ac7cba88835331f50fd58f0e1652c634792e915f7bc41eb7c26347d421cc699716f4cc7f2ee1183cdae2c |
/data/data/com.imib.cctv/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.imib.cctv/databases/ThrowalbeLog.db-journal
| MD5 | c27302501243011cd1c2b928af1ee61f |
| SHA1 | e000ab912f123ef6f79a2d007e76c0045318c236 |
| SHA256 | 81cf35dab4a2983689c867ae0676bdf02651ecddc4aa9fc1c490d24bf0f3cf45 |
| SHA512 | fc4a6bedcce68562196557a073979f6502dba408a9f0f3f033d869bc561f6f68d29644f675cbad82377ec605b7a2a395cf0e894e25d130dd827e34e5779c8348 |
/data/data/com.imib.cctv/databases/ThrowalbeLog.db-wal
| MD5 | c813ff6a9a3c876150cacd3b3398645a |
| SHA1 | 093705f0237cc78d22af41ec8f6dde6156de22d9 |
| SHA256 | 9bb00751c7a28e8e96b4cc7ac336e31a24ab553ca747264fd77db9fa9f5b5043 |
| SHA512 | 9592715b6d0511993e489c03de37f90934019bbb6c13442bfefbde55e9f52663585a5877bf6279af15c0acc0145f01c99ee5e9fd2e5da8526708ba6e2cd0cd1f |
/storage/emulated/0/Mob/.dk
| MD5 | 856e82c643b0855479fffdecbcb5d55c |
| SHA1 | f69377430634346518986ba1e03f0811538f68ed |
| SHA256 | 984d70b6a50e81113d4721d7f6aabe0c60021ed6b8470d383182fe7dbafd3f84 |
| SHA512 | 44694c8a4ae38388cab4b9e1f9c447d629d5ead08f92639c331eded984277cbf77dc004054eda1982128dcc32a36fe71cbdb547c53a1d01faf3a832028a63b4d |
/data/data/com.imib.cctv/files/.um/um_cache_1718552664419.env
| MD5 | a4a243f095d965217b3fa194c91109b3 |
| SHA1 | b3bb8623ffba98810725b9a56475cb0901643bec |
| SHA256 | 113d2b177bf2355bfb90068580cbcbf865e80f816cb2a5e2fa40d6a0534210b2 |
| SHA512 | f4fe5bc1e61e3849895ecf4bbf8ec0b9886c8c0adffab1b8feeb0ba0143e0e4bb6e8bdd4d0b1b67e824783f331e595d7a0810112f91d5942c8b63ef852c49dc2 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 15:41
Reported
2024-06-16 15:45
Platform
android-33-x64-arm64-20240611.1-en
Max time kernel
111s
Max time network
139s
Command Line
Signatures
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.imib.cctv
com.imib.cctv:pushcore
com.imib.cctv:pushcore
com.imib.cctv:pushcore
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.212.196:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.187.202:443 | udp | |
| GB | 142.250.187.202:443 | tcp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.111:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| SG | 47.246.109.109:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| GB | 142.250.179.234:443 | remoteprovisioning.googleapis.com | tcp |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| GB | 142.250.178.3:443 | tcp | |
| US | 162.159.61.3:443 | udp | |
| US | 1.1.1.1:53 | stats.appsflyer.com | udp |
| US | 2.18.190.71:443 | stats.appsflyer.com | tcp |
| GB | 142.250.178.3:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| GB | 142.250.179.228:443 | udp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | t.appsflyer.com | udp |
| GB | 216.137.44.128:443 | t.appsflyer.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
Files
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | e6ee706f3e4c4be3d9416a0bb04ff3d7 |
| SHA1 | cc912af3f496743fcdd96f9230397e3e95fbf658 |
| SHA256 | 751047ae209745da60fe33a8d4422e7898329764628bfcc3d8679678a788975b |
| SHA512 | 6362f84e9db0e4b2fc667c8408a6bba969a75d3b87f5e54109bf05b2fbc36ae774ff497a49ad2e53eae3b55d6c59b75fa3b478d4001af67fa9e9a285c3419a59 |
/data/user/0/com.imib.cctv/databases/cctv_db
| MD5 | 98c888a83a388352355eb1673d984be8 |
| SHA1 | 956e6f50b02ea1a44dc254df0821659bc26ddf60 |
| SHA256 | 0f660e0398936d857db0f624a008d168b414cc0cf467daab8d1ccc25c12f0fa2 |
| SHA512 | 87b2007628f84f4f50421fdad7fae2526e428dc5accb4d8a58aa665d46b2ccc2eb34d8b911f8de069e1e10e89917b6295151a9b76000011ba67ce0da4630c840 |
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | 5e65cb6d04796827f34d3e2d5097986a |
| SHA1 | 94436f9741aa53fab4f306829da042a3cdcbc443 |
| SHA256 | a99ac19989df3f2302a4a1a7d34aa973d8aa4c8109b6c379e8e0d1e56a6b1f38 |
| SHA512 | db9e5a7c30491faba3a317f3db65722b565ae88bf4ff17df338708fb1eadf961909795ed14c705bc185f974bcfd5ecbd97377c187f48e4ae4ccf47ddf14c601f |
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | 6426b68400cd46d48f618928dbf0e6d0 |
| SHA1 | 46028ac669c8661f4d926f58e997fea9e4b19080 |
| SHA256 | 3e073805230842eb4792ecaec45917bd33017288c40624898176d47a0b0d1b05 |
| SHA512 | 64dac7f52dee15f9c04288862adabdc311b36a9cd87ef42eadc429afbb29a130758e2f638db132aa01961abd85d6fd3be174637c2b7c2e067f2bd5fafd430d51 |
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | b60abaf11ba108e2f0b92ce48d8d15e0 |
| SHA1 | 23c6a2cf7b9b147d6884d921dbd16745cdd9ea8f |
| SHA256 | cb7e0844d3fb7c934388db3689eb95504c9ad2fafe2c374f1aae92e1a34de6ce |
| SHA512 | c25ae43717996828e44df099fd4a016f89d69d335709ed9ccbf36c5acee574915e749326e31ce046a3ec546561aab0a166e07c3827c9f214f51899d4886e7f5d |
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | 1d8c6b303828c59fbef00ec3698da78d |
| SHA1 | 1c903edd680ced6fc4ae79c6520ef6f39a79ac8e |
| SHA256 | b49f8329aa1a294b767ab6605ff82d0d4d1dfc9d9c395c321f187463fd113a61 |
| SHA512 | 2167144a75c10b38db8dbfd1ec6e826abe96fc16cd28a26ee56744036641c6f5e45efd00285b854b11f0b51edf25b8a48f2beca4d5ce53a829b728230462c05f |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | cde536f3fd98a6087f067621f85dccd6 |
| SHA1 | 75008dbd1c9ed32734bc8df147605b0243e4d375 |
| SHA256 | ef17f9f3ae321847d0373568d4a1e5947e94e3f58f30c77560fcb2eaddc89cfb |
| SHA512 | a0519ce3944c7fb469db56985363e979a83cad7aeb0901485c095a95eae116b3c0236481554b55e1ecfdaca937f2be819863fbda76195fb7c835f43dd01a2e61 |
/data/user/0/com.imib.cctv/databases/bugly_db_
| MD5 | 7a2cfdf364ffb81e8fba60a4990111be |
| SHA1 | 71fe376c2682d5bc176ba2889d4e064a47ab223c |
| SHA256 | c8f13c07cb5af4d2a6ce135468e05bca9da9f2ec3d0519385bf0054a5b475e0a |
| SHA512 | 9cc6dab6d97314732dbb5519c48b697f83cb521e825630d727552289f0cb1ec5a031bbedf878a8a40c3bbe5dd41820e298d510315dda2aa56ea106bf292943f2 |
/data/user/0/com.imib.cctv/app_crashrecord/1004
| MD5 | 6aaa515d7db8d84ed29791982b0e0a79 |
| SHA1 | dd3ab8a63761c467f3d4782ac17b63d8e01418a5 |
| SHA256 | 3188711cff3827025d1ef9034962b2c2f66db32dfce2d8b039557bd61a2be020 |
| SHA512 | aa2a0682227c4105ff5624f7898305ccecfc1d5c0819a11c73a61ef5d77fb63385bf991aef39a4734db81bb15fb10aade20ba325cc41b1a4a3b4ee5edc11955a |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | 4d2c56d77cd0802eb6287e2fefc7b2a2 |
| SHA1 | 0af824b73af6cba75659aed5f811c364ac1c40dd |
| SHA256 | b7ee6f90f47fb474a935d1b41184aa49d821c3c3e2f6bcffa9b8fba71a6eb713 |
| SHA512 | 0ed568172ecb599a2474a10faa8c57e9a0b9e8bc775d01467bd853f03a3cb7fa7080d369140e693541376e50f80d2d2cfce159eb5a76161e81b717edef8e3b02 |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | 80a943a23ec646a54f03b9f921339712 |
| SHA1 | f28667fed61601929c5edaab0e43aa4a987a4570 |
| SHA256 | e06454a0ec9b31242ef15505fac3569d2ec551cfdd856137dd68af02e6eb5364 |
| SHA512 | 29ba213601080dad33fa65c3b4054818386b8d1a84dab6640800f95218aaeaf93ea19e688f9d8ee8326ecc887fac42e6c611b4fdcdd87b1569361b6a7ad66ecb |
/data/user/0/com.imib.cctv/databases/cctv_db-journal
| MD5 | f531c77d9c25a7e3cbe39e93fdaf5cba |
| SHA1 | e29c6b48f59ae118eca307db1e1715c9296cb4d3 |
| SHA256 | 5b94dd5027308b7931708a00225cf8cadf09b99e3017be2e919c71c0b9422ebd |
| SHA512 | 0bb5e561d832a4b53a33a89ec67c2c7f3e04e58a37929aeba67dae973dfa6a31d16fbf65beedb7d9bb1f276cc14b4928907083fa7c8e0b7ab9e9fc5639dfba80 |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | c8ebb8fbe65fa2612c7aa5eab5b8b06c |
| SHA1 | e1a1b070bfe1ec91dbc2482def4d652be9d15447 |
| SHA256 | 6b13309a819a0e98c761023fcb99bbb6a1df00c203b09345959177aec782e4eb |
| SHA512 | d7997179445016c9c283bab325db8850340f74a80ad88a308340c7b5ec2ddc61e02c37cad38fcc461fbf98c2641acfd5a689b13f9b7904325b960e25b988a0b9 |
/data/user/0/com.imib.cctv/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | e1219f561fb7d3ec05359c1569965624 |
| SHA1 | 95f6511fe282ce96a7ded75658bc4ec0210c02e0 |
| SHA256 | 171e50f3bb91d9afb693421ebe5c9a4a6cfd6b0dc2014b123d04d870334e4292 |
| SHA512 | a552be85780912fdd654b58c9327a48e4c0d06478f8a58a03da059be09afe46d63006e63340994e9d1eef5cbd5cf7fe603afbfa91d9873da99812976d3f3e71e |
/data/user/0/com.imib.cctv/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/user/0/com.imib.cctv/cache/image_manager_disk_cache/journal
| MD5 | 701e6208a509377c41ed03cd6b72a1d5 |
| SHA1 | 70476a45830a1487fcf4cb4c9747ea75a858c2a1 |
| SHA256 | 634f322c53bc6cff539cccc76142583eed4330918159de23dc20c105af78b60d |
| SHA512 | 558995b38f351b50e997a285c511d6d4fd6db675e69b71ffe1d6a75d54ef8207122e84b655c6b73a2be4566c291e9a7297f79c8fbc3bcbffcd9186aedc391271 |
/data/user/0/com.imib.cctv/cache/image_manager_disk_cache/76f665ddbe2360deb04e97bc6247553c29327c33328f6929b16b5a3239c2c2ad.0.tmp
| MD5 | 1f6110d07bb5beb71c4651c854180493 |
| SHA1 | 1b478de7a0ac6e6b961bb597998625aee744c77c |
| SHA256 | cf1e247a9a7240d458d6bff0b3805ca8d0b8186e57cedcf5b24d8912efb3948e |
| SHA512 | 78e283df3a7f107f897e0c4aa005de6be7b7d009cf0fec7bfd75f78c05b5a97f85924297097c33584b93685d16263f80b73e9eccc46d342ee013ce7026af1f10 |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | 717d2789472f990d8693d46067b4ca4c |
| SHA1 | 2326a31fd2dbf7e7b3275877d6166e0384d47962 |
| SHA256 | 8d5815dc036a96c86b8fefc698fd412ffbdac60f91d09b0042e696bd59e9f6ca |
| SHA512 | 6a9cbb8ff1b386f168448604a992aa5cb9af054da03aef5cc3faa44b355ceed6707848f068e46448c578ae038b9c4c67656570b983f3443ab7acb4f67791fa38 |
/data/data/com.imib.cctv/databases/cc/cc.db
| MD5 | b986a138e325f9ed31653e246087baa6 |
| SHA1 | 1cda06c101efbf7c89305f44b552e38282225064 |
| SHA256 | 6945d75275af161fa082eab8b348f4cdccbab03854963f5e861fde210447e058 |
| SHA512 | 5894180006885af44962dcd92c6f33a640d6080060a51a38ee4e348ee2dafe9abdcf2a931cfad4c395ebe20e08b96f810ca54b5b1f584fa232cdabc76be0740d |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | eee9a41de46fbb803f1036beaa5c94f3 |
| SHA1 | 4f409e0baead8be81899a60a5b177255ba7ac533 |
| SHA256 | 3e3734fbb4586f94468e938f79312ab947ed6c495c96fb3989d72e7cee1a10f9 |
| SHA512 | c61f87bb7703b6cad799841a6afa949fd283f6d485f69e8b8554d2011438493ae4351620186e578afd6b4126594b544be114eeb6370c6a4a152fa76bf6f84d94 |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | c08cda9bd4c1bcdd687c9f923f61e345 |
| SHA1 | 22019adebfc196fe4870e3e72d5d91461399cf3b |
| SHA256 | 45c4166a0e01fd17320474dd227a346d5e4d03d79aac4fa577ebb215bd365c92 |
| SHA512 | 0dd9f268ce6737b85daffa196ee61e5ae6ea229420c2685ea443ca6d3ace4e415b5905ca7dd243d933c3b55d81eb9a7ccd3ffea21069331432366b0e8658d2cd |
/data/user/0/com.imib.cctv/files/umeng_it.cache
| MD5 | 184f932bbbd87ed65225bd09f7e92d6b |
| SHA1 | a9d52ae90c085821d59c0261573a98aafaf16838 |
| SHA256 | 301f5ac6c8e62cdfbb374e2eb1f4977596997386b7130ef4d3ac55bf20c15ec2 |
| SHA512 | e236226b3a9c6c7dabe0d5890a4a4b712ec8ec012429758e101d1422f93d0c2baeafece5d4ab0a91fcd7bbe47d2dbf0e310354a2c12dfafcd2eeee8dadd99f46 |
/data/user/0/com.imib.cctv/files/.umeng/exchangeIdentity.json
| MD5 | 14fd36d9b7e98dd90bd9dba21fc643c1 |
| SHA1 | 04338572cd0f81a1dc2a6f429ec1393221768af1 |
| SHA256 | fbf644cca5803272fa746b67d39236bdba8e81ac1b7d1be7eec62e741e1bd313 |
| SHA512 | 690dd0f34f317de47b479c866a316ccbf1561a8bbe5fb0b26bdaa0d695947071a5d1260e8a3299372425d291fd18d2fe57b6ffe171c22f616b777071d69ead17 |
/data/user/0/com.imib.cctv/files/exid.dat
| MD5 | ce9622b0225d9cc2d0fec80ac98fbc08 |
| SHA1 | 2daeb8547ded8975a55ee20e3d30ac864b6ecf7e |
| SHA256 | 8f32c2197888ab8af8de783e15f142238f57708da169ecd58727d58de84428e1 |
| SHA512 | f8faa407df14cf33150dd421fe7e99cedf046227fe3e0f4d512a7f607f395193aa0b168a5fb17010bdd814dca57fba94809a1ebf344c97f365073f6d25124958 |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | 07faecadf53f325f44d242c0ea3a8541 |
| SHA1 | 57bd8bbbb1769e3ac49efe949aa292570d08d317 |
| SHA256 | 361aee244a0d3018de5d7828c8c8d24dfce39745473baaa6449a7baeab031901 |
| SHA512 | f30555e6bdb719099e36d7009719134996fdf9dc90e4ad029b46bd3497877d4ce4e36b905e0980a8bb93b6f70ffac91f143049e42db62e34fdd9b634040943ab |
/data/data/com.imib.cctv/databases/cc/cc.db
| MD5 | 1b77217d803a7c04af9466680b92d104 |
| SHA1 | 0cb959f4773c6730e8aed5746706c0f3ecb35c1f |
| SHA256 | 66c83ae35e997c33eaffe9c0557d98ee31931c18b99585a64eb6cc8f63d303e3 |
| SHA512 | 39ea189895ca93855bb71b4a5447815e9373ffd39b50611ac172ae321ee7716fd4af5f86c1fd0d17e12b771f4016a86184620a7c5d07f57b88f017c4ce8312ec |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | a75d22750636c72e85bc72a55ac40b46 |
| SHA1 | bb53d676da4222cacc97389e35e5000f279877ec |
| SHA256 | e8eec8858da8e9ec9808377636d9d00fcacdaf37f40e9b301232517cfa6c59a6 |
| SHA512 | c71374524346f07145ce10cf3eee8ab3c73b6a5902029ebb9a1359a10bca4ff253b031787971ea871315736412394698ef286ccda3234be4b1c8c43d61926eef |
/data/data/com.imib.cctv/databases/cc/cc.db-journal
| MD5 | 3fbb55897f2957d9e213649c692c3728 |
| SHA1 | 6671c024f7d446605f317b15d13ac1a923c2bded |
| SHA256 | acf22a041fce38f0f9db97ca3590d4509f62da2702eb25f0b27565510e81e734 |
| SHA512 | 4dec6555d1aa4b51fdadac70352c50650d15ef57642aa568e7e2198fe0c70e2083a66734cae9f256753db26e37abd68c7b07aa7dfe89d23b881052283282222c |
/data/user/0/com.imib.cctv/databases/ThrowalbeLog.db-journal
| MD5 | 45cc07605cad95ebcbaf131363c14b6d |
| SHA1 | 79f33ad9424e9415bd3d0725de331e5d46d773b7 |
| SHA256 | a41677531cbb311249de25f369aace98de301940234ecdafeabcab28a5c0bfb7 |
| SHA512 | 4185f03490378a42f487a88a694edf487d550fb391b0de4893f473228f5d253528d89352f28232f23584417e3930e6c5500869a09bfba97a5b4b5083e96814fa |
/data/user/0/com.imib.cctv/databases/ThrowalbeLog.db
| MD5 | b4f2ad0e77816305a082548936075fc8 |
| SHA1 | 966f3a8c028eaa0be92bcc8b8dd05e29f49e1815 |
| SHA256 | 89816897722d907af52f046a1a16d1016cdb2297b9246ab3047314c3612d44bb |
| SHA512 | 8733221508f42378dd85416e0cbe60366104cde7a3525a7e5403ee91179d81397510fe1c3320ded97fea00dda0b0490e7db4b53b7cd1a0eb70dc6b6296c922e1 |
/data/user/0/com.imib.cctv/databases/ThrowalbeLog.db-journal
| MD5 | e9b227c63809bddc06a8825e8c9669a0 |
| SHA1 | e8a407fefc5d9084113585b694c7c8e0d3c5d2d9 |
| SHA256 | 16ac16f54aeacc8cf5795d0e7d8fcd5eb3a3e97cca3c4ad2da529957ee5383ed |
| SHA512 | 5551456b1a8597680b84f821571dbf457decc4078998b89b007c4416026a6b4201a4805817d8fe2442db13122b302065b4b1edda930ad1d304c976f537bbfdae |
/data/user/0/com.imib.cctv/databases/ThrowalbeLog.db-journal
| MD5 | bdfd9891f1c713c9391a9f59655f4a00 |
| SHA1 | 77c316f23dab5c1311fe1496728481894aab16f8 |
| SHA256 | d8c4c910cae76f14563e661d8bacee8d8ded3023d3d0d720bffe161c7dc6dccb |
| SHA512 | cb2cbd8d8dbea600acadacfdadae79d5ce6edffff8411997b2d74926c29590d9ed77cd63e02e76ca3740ad7d2d6b24318f1972ea0a6bb150fad9c7e77c21c315 |
/data/user/0/com.imib.cctv/files/.imprint
| MD5 | 8a79022862ee69c8a1930d0c0907d516 |
| SHA1 | ae61fef07240dc8de812b9c1c5693b20e8ce3149 |
| SHA256 | 4b14871ce79257b319aa99ca63609fcf6854a5eaaa08526369729a5ce79a02b8 |
| SHA512 | a5037118fa24c9849ca3e9976b5b43b3eebafe98f5b9f85b4f211a0dc17357344ed5f2c671ce5bbc35e8f63417db5a131bc5d9b62df26136904dcb33a440d171 |
/data/user/0/com.imib.cctv/files/umeng_it.cache
| MD5 | 2aa101e9735a03ff2696a458acc80861 |
| SHA1 | 426d144a4be1a3aae7539c2684e360babfa66cb4 |
| SHA256 | 8231d0bd5ba2ef61965b7973ac58fbff3802144d1ce4674d434fe3f6ccfabde5 |
| SHA512 | 5e356d3c24e25905a87eddbffe32ee5ea7ac0dc7037e2674964300510211c11e608a9f907cfa067d026e5be0e0a56e22d67ebd4fe6b2cdaf831e20192e5ec960 |
/data/user/0/com.imib.cctv/databases/ThrowalbeLog.db-journal
| MD5 | 835870832f935fed5919c67620c97653 |
| SHA1 | dcd3a7a1d27d2bf854be4b326d66665a6a221103 |
| SHA256 | f826ea942e1fce47a58a4eff857304ecb5b3b39100c6aa364e494c2acfdbf0e2 |
| SHA512 | 6feac49f7c579da411dc374e400a52c1f3e1238e32c65be3cc57bc929e479facdb7356249217d82fa87bd49a5679a755ca876478aa523cf49bd93fd541501c94 |
/data/user/0/com.imib.cctv/databases/bugly_db_-journal
| MD5 | bb837362bfc0cbcf017f3b7ae2e242b7 |
| SHA1 | 971a7497dd4e76af0caee3b732ebb243c6a7dfc4 |
| SHA256 | 4f63bd0ab1c5693caece9fb10d31047674dfc77548d40f60a0a321bb4373fe84 |
| SHA512 | d9dccef74eae709d392f13dc8b9f0649b8704230440269bfd96409296b54170582a786488534bf73bf2038ed00fd4a78b745628a793e483cfab5f917ea7cecef |