Analysis Overview
SHA256
cc8e2f2d9507d60d638765fa69dfc89c616e5788bf4375184bceaf4ad2422418
Threat Level: Likely malicious
The file b4ba70cd977b023fe9637f92898edeec_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Loads dropped Dex/Jar
Checks Qemu related system properties.
Checks Android system properties for emulator presence.
Requests dangerous framework permissions
Queries information about active data network
Queries information about the current Wi-Fi connection
Queries the unique device ID (IMEI, MEID, IMSI)
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 19:07
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 19:07
Reported
2024-06-16 19:10
Platform
android-x64-20240611.1-en
Max time kernel
6s
Max time network
168s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.wsd580.rongtou/[email protected] | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Processes
com.wsd580.rongtou
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.234:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
Files
/data/data/com.wsd580.rongtou/.jiagu/libjiagu.so
| MD5 | 4a453408e767c7470384d0a7454169f2 |
| SHA1 | 9bbaf32ce857bd9d4b82a77c84c2395df9556a3e |
| SHA256 | fd26cf273da2889704549a1fac6020ba4e0022f282187db0f0aaf3771b1d3f52 |
| SHA512 | 98e534c96fe08fad56289b74ce12981666fbf3af6346c58d9f8888854c9dfc178363626c2fe00f74a5bbff9222859472197ef69b8c9f46b8fb6bbcae2a07d859 |
/data/data/com.wsd580.rongtou/.jiagu/classes.dex
| MD5 | 3b50f83ac9c670ceea8fe07085b638cd |
| SHA1 | 33967029f32ceba80b886af4707ea9bde57f0415 |
| SHA256 | 6eca0f76b9299ca75656bc6c1458017d1f7d5615ed6b13ef19716814da7cbde8 |
| SHA512 | 996293efcf4f6a10b84a9241fdb3486109a737b18bccb90df54a16119e69bbde3dabea5353cabcff4ab40d65aca09a18c5f5ce34c53326d3d9a10d7a730103eb |
/data/user/0/com.wsd580.rongtou/[email protected]
| MD5 | 4ee9da4c91467b6b703d720074f0813f |
| SHA1 | b783618115a3ec8d886a219937250753110a9b46 |
| SHA256 | 2531302c9a90204efaa7ce81d47d7df8162b758a4ad49cea8e4a8b654427a927 |
| SHA512 | 97fc7789434abc4fff754cb5a363ffdc6ba5f1b2f0311f4d02cba8e846f8e773327c1701ec4924764ba0845e2623ee0cbb511ba327ca89a071f5f77d47f84f58 |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.ri
| MD5 | 5bb9038988baf2296bb9e27193663481 |
| SHA1 | a33426694ab994f39b41880d204e6d5d5435b39c |
| SHA256 | cb6da78ffefc0627dabaf25cbc948ac7887f8e2992e2964fb01cb1816e48483f |
| SHA512 | 77dd40c813533b4cbfba1e5a557c21c55577328a4b36bd258c8e70d9eafe98276313a45ab023077c1fa8b8f32143986b01269f958d3beb95015e9b916e4fbd40 |
/data/data/com.wsd580.rongtou/files/.jiagu.lock
| MD5 | c77f20a16e2928a5d7dabc9e332c55cd |
| SHA1 | f2f47cdc1c85ac204b85ddc0d1930a69bff0c026 |
| SHA256 | 5c486e01b184c2a05059d7526e0efe33f1939f4e4b7ddf4a558016ed5767394e |
| SHA512 | d6c450322907628b2d3885bf8304149825013a36c56ceb69a0826370fc5dbd681e468e2448d434962d32ad519525d89e1c84de9e2ee555203b2854d4b5dd0aae |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.di
| MD5 | 3d8b2e13cd3cc10dadb3838f7e74d84c |
| SHA1 | c754d0ae1f5012a3e805fdd79523174f6af2949f |
| SHA256 | 95d5356c42d5a5374eff3db84bec636c27e840644994e6564fad2a83e2927a9e |
| SHA512 | 30002af59992712a6742a1ca77f85ade351f24b66d4985aee68f8616b33e6e2c6238c70f0f44ac5af500c0c97f6890dd6e0f997b1d5c3c98187e58b3788977d2 |
/storage/emulated/0/360/.iddata
| MD5 | e2f2a9d8496bf0cdb6b207fc6ea881c7 |
| SHA1 | bfd0792f2f056c1c553671f137b6ab14523aad77 |
| SHA256 | 562fcf0c69d89eb27e4df1b43a0090e6fe458ce3679ab2e4d11d06433495f22d |
| SHA512 | 1daa8ce8df7d4f647eaa25c0b6e77c4adfa212c165e94352c5287719db0e19248a3a7a9a74e7a2ac684cf7ac9fb795c52ef1d4ae1cac48c70dc003298a50a027 |
/storage/emulated/0/360/.deviceId
| MD5 | 4c4c5285293d5141f582aefa4e038669 |
| SHA1 | e01852a72e5a8e6f7d63a21426b515118196047b |
| SHA256 | 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731 |
| SHA512 | 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-16 19:07
Reported
2024-06-16 19:10
Platform
android-x86-arm-20240611.1-en
Max time kernel
7s
Max time network
143s
Command Line
Signatures
Processes
com.allinpay.appayassistex
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.3:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 19:07
Reported
2024-06-16 19:10
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
184s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.device | N/A | N/A |
| Accessed system property | key: ro.product.model | N/A | N/A |
| Accessed system property | key: ro.product.name | N/A | N/A |
| Accessed system property | key: ro.serialno | N/A | N/A |
| Accessed system property | key: ro.bootloader | N/A | N/A |
| Accessed system property | key: ro.bootmode | N/A | N/A |
| Accessed system property | key: ro.hardware | N/A | N/A |
Checks Qemu related system properties.
| Description | Indicator | Process | Target |
| Accessed system property | key: qemu.hw.mainkeys | N/A | N/A |
| Accessed system property | key: qemu.sf.fake_camera | N/A | N/A |
| Accessed system property | key: ro.kernel.android.qemud | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu.gles | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu | N/A | N/A |
| Accessed system property | key: init.svc.qemud | N/A | N/A |
| Accessed system property | key: init.svc.qemu-props | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.wsd580.rongtou/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.wsd580.rongtou/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.wsd580.rongtou/.jiagu/tmp.dex | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | s.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.wsd580.rongtou
chmod 755 /data/data/com.wsd580.rongtou/.jiagu/libjiagu.so
/system/bin/sh -c type su
sh -c ps
ps
ps daemonsu
ps | grep su
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.wsd580.com | udp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| US | 23.225.65.238:8001 | www.wsd580.com | tcp |
| US | 23.225.65.238:443 | www.wsd580.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| US | 23.225.65.238:8001 | www.wsd580.com | tcp |
| US | 23.225.65.238:8001 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
| US | 23.225.65.238:80 | www.wsd580.com | tcp |
Files
/data/data/com.wsd580.rongtou/.jiagu/libjiagu.so
| MD5 | 4a453408e767c7470384d0a7454169f2 |
| SHA1 | 9bbaf32ce857bd9d4b82a77c84c2395df9556a3e |
| SHA256 | fd26cf273da2889704549a1fac6020ba4e0022f282187db0f0aaf3771b1d3f52 |
| SHA512 | 98e534c96fe08fad56289b74ce12981666fbf3af6346c58d9f8888854c9dfc178363626c2fe00f74a5bbff9222859472197ef69b8c9f46b8fb6bbcae2a07d859 |
/data/data/com.wsd580.rongtou/.jiagu/classes.dex
| MD5 | 3b50f83ac9c670ceea8fe07085b638cd |
| SHA1 | 33967029f32ceba80b886af4707ea9bde57f0415 |
| SHA256 | 6eca0f76b9299ca75656bc6c1458017d1f7d5615ed6b13ef19716814da7cbde8 |
| SHA512 | 996293efcf4f6a10b84a9241fdb3486109a737b18bccb90df54a16119e69bbde3dabea5353cabcff4ab40d65aca09a18c5f5ce34c53326d3d9a10d7a730103eb |
/data/data/com.wsd580.rongtou/.jiagu/classes.dex
| MD5 | 4ee9da4c91467b6b703d720074f0813f |
| SHA1 | b783618115a3ec8d886a219937250753110a9b46 |
| SHA256 | 2531302c9a90204efaa7ce81d47d7df8162b758a4ad49cea8e4a8b654427a927 |
| SHA512 | 97fc7789434abc4fff754cb5a363ffdc6ba5f1b2f0311f4d02cba8e846f8e773327c1701ec4924764ba0845e2623ee0cbb511ba327ca89a071f5f77d47f84f58 |
/data/data/com.wsd580.rongtou/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.ri
| MD5 | 31289c32f6ae0a1b480c9aed1d2968bc |
| SHA1 | 3e9c624560d2544eb2f9d7e0fed7833c879af219 |
| SHA256 | 760b1da02923aaf80a683923e7d16159c1e183d71c76d41a4d54f32109f53188 |
| SHA512 | e3281cccfafc77185d3d05370e2abeb94be2e685eebb385ef898dd88c7acb35932c0b1aba1716562e22283cf950ff4f55c1025cd410970f8d2d151b5765ddd6a |
/data/data/com.wsd580.rongtou/files/.jiagu.lock
| MD5 | 99040d2939fb066ca03688dd42afa412 |
| SHA1 | f2516e23bce10c2a455b6e33984a5a42faff27e2 |
| SHA256 | d20527a94d1708d7aca8584f6bbea3819449de823759d823a86760d0ee22694a |
| SHA512 | b81a75af3fbf0754d25acbabc7b7c9e1a3018c6b0f9576d247ce9d8a06d64a98cd38c4530ad05b030c469646924e65ac615a48343b312c9e83a5f09019e7d425 |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.ac
| MD5 | b87a6c95bded67ed0dea5924eed6c2b6 |
| SHA1 | 80fee5244c56646578bf25feed6c5b1fab1365d4 |
| SHA256 | d6410afbd9a5fe63616713cc143a2ec67bc853faa521772c49a604536c1e23f0 |
| SHA512 | ab2c8de7b707133ec13104202297ff5d96b92dd6ad209d08cbfb180b2f850ff15884c1ad073f8969e316d4d78ad87378be492bed23ef179745e00ba6bccf0e24 |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.ic
| MD5 | 3f9b6fe3b0d2caf0de98458fade29457 |
| SHA1 | a6a97bbf2ef135cdde4e04dd252468e4dbe0f781 |
| SHA256 | 1d10ba348433d9269c33218be346493b6a8f051b730213618ffc4fe2204d5711 |
| SHA512 | 862f600aac52a507d473461935259dd944055f4bdb8e8c297368d93181d3542504c06e812f73bb7be58000ad90206377589c1ee6c6165f4e8f17c3b8471f6f5b |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.di
| MD5 | 51bd1362b9014c179aebbcf2539ae651 |
| SHA1 | cbf6a01370f036efc025acd56f228bdd972b2121 |
| SHA256 | 8d138a2e478dc880e1486cca123cc6bdc01f55de59146290395a4c9758fd50c1 |
| SHA512 | 7a657e2611289169c759a51472030cf02a66851660276c18f1762b07a141e5f25e243a114afb7bf056658a654346bf6071672a72284d900aa5eaaf9ed62bdcbb |
/storage/emulated/0/360/.iddata
| MD5 | 2e31529efdb5b31a3617169e33a20fe2 |
| SHA1 | c14297663cc839b2910972344d140475802a3400 |
| SHA256 | a6350eb5e9d8dd05d179c4098937f7ed34ea183339887d428ad8e9176a296dbf |
| SHA512 | 600bc6117fa049572c0042541334b6760365b9991c0bb5ee9654005d2520df2f88108de52fd6c7658741c33b0e59928dbb1f6e8874a9f8cd75fe8039b8c48cad |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/data/data/com.wsd580.rongtou/app_crashrecord/1004
| MD5 | b5aff2a5cbb8b91421794a12c6ee3b7d |
| SHA1 | 603e446fd7fa9b17a0856a34a3c99a6be8c94489 |
| SHA256 | 35dfe428d017b73b22fd4d8e28d51ab4d9110450e8ca2868eb2acb6af0c113a5 |
| SHA512 | 8d40894e3575892e3c70fe50de10664b67f0aff80d1c1e73c08592e7b15254fd9efcb722ec341af7edc6a0d2df7036e42cfdbe19a60f2153a951f1373fc828ba |
/data/data/com.wsd580.rongtou/databases/bugly_db_-journal
| MD5 | 0eaef7327b490d609d29c3ec0cd2bb0d |
| SHA1 | 31e2949ecda2c50ccadfc4c5fb33def0759631c7 |
| SHA256 | e9ebbb3f56f98b0f423e23e0306911fa7e3421c11cb522b7d387419aefa3ddbf |
| SHA512 | b7cf740ccf200337ebe9da0dd39b8acd53681598966a6547cc9bd0031cc589e19f8a86954c5c35f2e6f0708bb5a5ef9e8e89ca8c097309803ba06dc40773a0dd |
/data/data/com.wsd580.rongtou/databases/bugly_db_
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.wsd580.rongtou/databases/bugly_db_-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.wsd580.rongtou/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.wsd580.rongtou/databases/bugly_db_-wal
| MD5 | b4f89db9adac6cd3130aa53fb39eac23 |
| SHA1 | 9d9f7b9a2a0841a5282f831afcea13272473a9c1 |
| SHA256 | ddeb3189d4f696026b4f2c014810431fd4c8f13d6252f65716ac04ba8d1b7127 |
| SHA512 | 886c5121d49d88218ebaf9b10a0554130848c074ecab38ec959aa93f73172416b1bd531b404a4cdff64632cd1df0c3ae589ccc396839dbd531e6511975e1f63a |
/data/data/com.wsd580.rongtou/databases/_nohttp_cookies_db.db-journal
| MD5 | 9f7e5caa71dd62f61de0a941abaafccd |
| SHA1 | a93daedaeb22d14860b6a577fb3d242486c7e0d4 |
| SHA256 | 0fc8dd40599fc10050cba46e122b149aea9d93a7bb4dc2f9e38deaf1685bd7d8 |
| SHA512 | ebdea16c345d760ec5209f5fb5c9fbbd4097d4c8b916ee66ce63b2ab61fa1fa763ad4fcdeaeda9a16bed0fb02fbe09983eec6fb742862cdd3da56da7e6f3134f |
/data/data/com.wsd580.rongtou/databases/_nohttp_cookies_db.db
| MD5 | 692957a8f6be4a25986a068c449b83ab |
| SHA1 | 04223c8cbcf0032443488e3f5f9bee9f91eb5f7d |
| SHA256 | 4895bff14c71a617ca75f6ce7933b28332ee06a1b2aa431ee3e108db693cdf0a |
| SHA512 | 0617a88df6a60252050fc5403f6d01936bbcba961d707474d62bf97cf1e2034999befd13fac5e58d430ce43dd45dce8e2e6c8b6b125ea53dada382aebcfa3742 |
/data/data/com.wsd580.rongtou/databases/_nohttp_cookies_db.db-wal
| MD5 | b4151053daec6b444dbb783426ad67d1 |
| SHA1 | f9c8c236a5550ae44da52bb04b1a58c31336f81f |
| SHA256 | 4d78d73d58e61ad7dc680d8927b3224ee86631df1453c816673bf5a1fb4552d7 |
| SHA512 | f8cd43cbabb87ae64800c76d42f86f350c2da12a175a73ec332a79a5dbe08d3c7f70afd80477e197349ba2ba2796ba9671ed8a4881e81b70959bdbb46e0e892c |
/data/data/com.wsd580.rongtou/databases/_nohttp_cache_db.db-journal
| MD5 | 323ea00cc84e86ed31b3c548b459ec8e |
| SHA1 | 42aba4055433194d75cea6e7ea363f91e821cdfd |
| SHA256 | 3e5d98bfcd35ab3e208c82a573db1fd860c3f22614a8af5e81c82a5bc97e0636 |
| SHA512 | a545899963e5a077efd92bae9c88140305bd03d736048b92f2d7278f08d89404a44a62a184ccdbfb13f3e85138c19cf2cece28c667bcf69df3e45daaf7f88dbc |
/data/data/com.wsd580.rongtou/databases/_nohttp_cache_db.db
| MD5 | d8513ad4477a6311d4faea7b49b18a01 |
| SHA1 | c26834167d1bb135cb62a2b33b1930776cbdf3c6 |
| SHA256 | c5852b70583d9316d56ed07230a7350a48e98eb1cd2bc9a3df07709ff82d6ec7 |
| SHA512 | 32bbab99954f7ea0bfb57ebd53c9f154c1271e7c4ab36bea7bda33b7325b91284bf097b27004a36fb3fac91edb4296b5fed079270f80d1bd1555ef6d6a8af63a |
/data/data/com.wsd580.rongtou/databases/_nohttp_cache_db.db-wal
| MD5 | ee6051eba18ae4398a773de99af89d49 |
| SHA1 | 6baae8d4c8519f43c25f9735dfd710723eb6802a |
| SHA256 | 019985a702b25b57fca2a1f38f1b2af3b41455c8260d636679696dbd74f4f550 |
| SHA512 | 8b90f7af2ee56e9b71f0cea9563e2cd48006a2cf5472e131ea56eca8762f5668799c469a195329d9db9c0aa0e3eda678fef4f284a0fe730809c211e465c95db4 |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.di
| MD5 | 2dbca73d2046eb7ebed5a8a9eb4c5cb2 |
| SHA1 | a5eb7f9843583d6f70612bc537d2495c0fb45d12 |
| SHA256 | 549ab47227bba98863b2deabb17ecfb707986d0646cf7ebbd2c4d206e0d51f7b |
| SHA512 | d93398d0397ba56f52b21e6c751ce2b93ddd1e21e052a576f520541aa93c704d269d78d5e1d8f78bf08d96fdc973eee423fdc0498fdd2c89c2ee0b638737699b |
/data/data/com.wsd580.rongtou/files/.jglogs/.jg.ac
| MD5 | 1bbb18d1794fd806593666d4898c79d2 |
| SHA1 | c316919e29b58a9bdd6c561f678b76af6ff7826f |
| SHA256 | 9bdfda1b747234c8b25670f8577e54c6965b46a293ec7e34714eb26d18feb5f0 |
| SHA512 | 26e9b9534fa0d891b289169f842a42c8522385d8349916b0bee26226ae26ada0c75ead39222f34f5e92e2ad2bd763ab7f5061e568cca0c9efc31d7004d52b926 |