Analysis Overview
SHA256
b283a7573149259deedd678e22cf5fe05a3012682de0d06d9362e168bfd0fd5b
Threat Level: Likely malicious
The file ba2b69d1af6627ef3c035bf816b6743f_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Checks Android system properties for emulator presence.
Unexpected DNS network traffic destination
Queries information about the current nearby Wi-Fi networks
Requests cell location
Reads information about phone network operator.
Queries information about the current Wi-Fi connection
Queries the mobile country code (MCC)
Queries information about active data network
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Schedules tasks to execute at a specified time
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-17 23:48
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read the user's calendar data. | android.permission.READ_CALENDAR | N/A | N/A |
| Allows an application to write the user's calendar data. | android.permission.WRITE_CALENDAR | N/A | N/A |
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x86-arm-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x64-arm64-20240611.1-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.238:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:51
Platform
android-x86-arm-20240611.1-en
Max time kernel
176s
Max time network
191s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 119.29.29.29 | N/A | N/A |
| Destination IP | 119.29.29.29 | N/A | N/A |
| Destination IP | 119.29.29.29 | N/A | N/A |
| Destination IP | 119.29.29.29 | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.jifen.qukan
cat /sys/class/net/wlan0/address
/system/bin/sh -c getprop
getprop
com.jifen.qukan:pushservice
/system/bin/sh -c getprop
getprop
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | digitalassetlinks.googleapis.com | udp |
| US | 1.1.1.1:53 | api.1sapp.com | udp |
| CN | 47.95.53.13:443 | api.1sapp.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 203.107.1.97:443 | tcp | |
| US | 1.1.1.1:53 | mazu.3g.qq.com | udp |
| CN | 14.18.202.195:80 | mazu.3g.qq.com | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| US | 1.1.1.1:53 | recall-push.1sapp.com | udp |
| US | 1.1.1.1:53 | api.weibo.com | udp |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| HK | 36.51.224.49:443 | api.weibo.com | tcp |
| CN | 203.107.1.97:443 | tcp | |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 47.95.53.13:443 | api.1sapp.com | tcp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 203.107.1.97:443 | tcp | |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 14.18.202.195:80 | mazu.3g.qq.com | tcp |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| HK | 36.51.224.49:443 | api.weibo.com | tcp |
| N/A | 10.127.0.1:137 | udp | |
| N/A | 10.127.0.3:137 | udp | |
| N/A | 10.127.0.60:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.9:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.32:137 | udp | |
| N/A | 10.127.0.36:137 | udp | |
| N/A | 10.127.0.45:137 | udp | |
| N/A | 10.127.0.56:137 | udp | |
| N/A | 10.127.0.101:137 | udp | |
| N/A | 10.127.0.14:137 | udp | |
| N/A | 10.127.0.24:137 | udp | |
| N/A | 10.127.0.41:137 | udp | |
| N/A | 10.127.0.57:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.49:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.2:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.12:137 | udp | |
| N/A | 10.127.0.20:137 | udp | |
| N/A | 10.127.0.38:137 | udp | |
| N/A | 10.127.0.52:137 | udp | |
| US | 1.1.1.1:53 | ddd.1sapp.com | udp |
| US | 1.1.1.1:53 | umengacs.m.taobao.com | udp |
| N/A | 10.127.0.13:137 | udp | |
| N/A | 10.127.0.19:137 | udp | |
| N/A | 10.127.0.25:137 | udp | |
| N/A | 10.127.0.30:137 | udp | |
| US | 1.1.1.1:53 | msg.umengcloud.com | udp |
| N/A | 10.127.0.58:137 | udp | |
| N/A | 10.127.0.66:137 | udp | |
| N/A | 10.127.0.37:137 | udp | |
| N/A | 10.127.0.62:137 | udp | |
| N/A | 10.127.0.238:137 | udp | |
| N/A | 10.127.0.29:137 | udp | |
| N/A | 10.127.0.18:137 | udp | |
| N/A | 10.127.0.33:137 | udp | |
| N/A | 10.127.0.47:137 | udp | |
| N/A | 10.127.0.67:137 | udp | |
| US | 1.1.1.1:53 | log-sc.qutoutiao.net | udp |
| N/A | 10.127.0.237:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.46:137 | udp | |
| N/A | 10.127.0.51:137 | udp | |
| N/A | 10.127.0.55:137 | udp | |
| N/A | 10.127.0.11:137 | udp | |
| N/A | 10.127.0.35:137 | udp | |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| N/A | 10.127.0.54:137 | udp | |
| N/A | 10.127.0.34:137 | udp | |
| N/A | 10.127.0.65:137 | udp | |
| CN | 124.239.14.132:443 | msg.umengcloud.com | tcp |
| N/A | 10.127.0.22:137 | udp | |
| N/A | 10.127.0.50:137 | udp | |
| N/A | 10.127.0.6:137 | udp | |
| N/A | 10.127.0.28:137 | udp | |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 123.183.232.33:443 | umengacs.m.taobao.com | tcp |
| N/A | 10.127.0.16:137 | udp | |
| N/A | 10.127.0.27:137 | udp | |
| N/A | 10.127.0.176:137 | udp | |
| N/A | 10.127.0.59:137 | udp | |
| N/A | 10.127.0.68:137 | udp | |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| N/A | 10.127.0.23:137 | udp | |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| N/A | 10.127.0.42:137 | udp | |
| N/A | 10.127.0.48:137 | udp | |
| N/A | 10.127.0.21:137 | udp | |
| N/A | 10.127.0.39:137 | udp | |
| N/A | 10.127.0.63:137 | udp | |
| N/A | 10.127.0.44:137 | udp | |
| N/A | 10.127.0.53:137 | udp | |
| N/A | 10.127.0.235:137 | udp | |
| N/A | 10.127.0.7:137 | udp | |
| N/A | 10.127.0.64:137 | udp | |
| N/A | 10.127.0.239:137 | udp | |
| N/A | 10.127.0.8:137 | udp | |
| N/A | 10.127.0.10:137 | udp | |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| US | 1.1.1.1:53 | amdcopen.m.taobao.com | udp |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| N/A | 10.127.0.236:137 | udp | |
| N/A | 10.127.0.5:137 | udp | |
| N/A | 10.127.0.61:137 | udp | |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| N/A | 10.127.0.31:137 | udp | |
| N/A | 10.127.0.15:137 | udp | |
| N/A | 10.127.0.17:137 | udp | |
| N/A | 10.127.0.4:137 | udp | |
| N/A | 10.127.0.26:137 | udp | |
| GB | 142.250.187.202:443 | digitalassetlinks.googleapis.com | tcp |
| N/A | 10.127.0.40:137 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| N/A | 10.127.0.84:137 | udp | |
| N/A | 10.127.0.155:137 | udp | |
| N/A | 10.127.0.122:137 | udp | |
| N/A | 10.127.0.89:137 | udp | |
| N/A | 10.127.0.156:137 | udp | |
| N/A | 10.127.0.81:137 | udp | |
| N/A | 10.127.0.160:137 | udp | |
| N/A | 10.127.0.120:137 | udp | |
| N/A | 10.127.0.94:137 | udp | |
| N/A | 10.127.0.73:137 | udp | |
| N/A | 10.127.0.103:137 | udp | |
| N/A | 10.127.0.76:137 | udp | |
| N/A | 10.127.0.154:137 | udp | |
| N/A | 10.127.0.115:137 | udp | |
| N/A | 10.127.0.116:137 | udp | |
| N/A | 10.127.0.86:137 | udp | |
| N/A | 10.127.0.253:137 | udp | |
| N/A | 10.127.0.107:137 | udp | |
| N/A | 10.127.0.92:137 | udp | |
| US | 1.1.1.1:53 | qfy.innotechx.com | udp |
| N/A | 10.127.0.109:137 | udp | |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| N/A | 10.127.0.117:137 | udp | |
| N/A | 10.127.0.152:137 | udp | |
| N/A | 10.127.0.79:137 | udp | |
| N/A | 10.127.0.105:137 | udp | |
| N/A | 10.127.0.96:137 | udp | |
| N/A | 10.127.0.69:137 | udp | |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| N/A | 10.127.0.118:137 | udp | |
| N/A | 10.127.0.83:137 | udp | |
| N/A | 10.127.0.87:137 | udp | |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| N/A | 10.127.0.106:137 | udp | |
| N/A | 10.127.0.99:137 | udp | |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| N/A | 10.127.0.100:137 | udp | |
| N/A | 10.127.0.162:137 | udp | |
| N/A | 10.127.0.159:137 | udp | |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| N/A | 10.127.0.75:137 | udp | |
| N/A | 10.127.0.111:137 | udp | |
| N/A | 10.127.0.110:137 | udp | |
| N/A | 10.127.0.114:137 | udp | |
| N/A | 10.127.0.112:137 | udp | |
| N/A | 10.127.0.77:137 | udp | |
| N/A | 10.127.0.119:137 | udp | |
| N/A | 10.127.0.72:137 | udp | |
| N/A | 10.127.0.85:137 | udp | |
| N/A | 10.127.0.102:137 | udp | |
| N/A | 10.127.0.98:137 | udp | |
| N/A | 10.127.0.80:137 | udp | |
| N/A | 10.127.0.74:137 | udp | |
| N/A | 10.127.0.233:137 | udp | |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| N/A | 10.127.0.93:137 | udp | |
| N/A | 10.127.0.88:137 | udp | |
| N/A | 10.127.0.70:137 | udp | |
| N/A | 10.127.0.157:137 | udp | |
| N/A | 10.127.0.153:137 | udp | |
| N/A | 10.127.0.108:137 | udp | |
| N/A | 10.127.0.97:137 | udp | |
| N/A | 10.127.0.91:137 | udp | |
| N/A | 10.127.0.78:137 | udp | |
| N/A | 10.127.0.252:137 | udp | |
| N/A | 10.127.0.104:137 | udp | |
| N/A | 10.127.0.158:137 | udp | |
| N/A | 10.127.0.113:137 | udp | |
| N/A | 10.127.0.123:137 | udp | |
| N/A | 10.127.0.90:137 | udp | |
| N/A | 10.127.0.71:137 | udp | |
| N/A | 10.127.0.121:137 | udp | |
| N/A | 10.127.0.82:137 | udp | |
| N/A | 10.127.0.161:137 | udp | |
| N/A | 10.127.0.95:137 | udp | |
| N/A | 10.127.0.234:137 | udp | |
| N/A | 10.127.0.254:137 | udp | |
| N/A | 10.127.0.125:137 | udp | |
| N/A | 10.127.0.167:137 | udp | |
| N/A | 10.127.0.184:137 | udp | |
| N/A | 10.127.0.150:137 | udp | |
| N/A | 10.127.0.178:137 | udp | |
| N/A | 10.127.0.126:137 | udp | |
| N/A | 10.127.0.144:137 | udp | |
| N/A | 10.127.0.147:137 | udp | |
| N/A | 10.127.0.185:137 | udp | |
| N/A | 10.127.0.131:137 | udp | |
| N/A | 10.127.0.141:137 | udp | |
| N/A | 10.127.0.140:137 | udp | |
| N/A | 10.127.0.143:137 | udp | |
| N/A | 10.127.0.164:137 | udp | |
| N/A | 10.127.0.190:137 | udp | |
| N/A | 10.127.0.142:137 | udp | |
| N/A | 10.127.0.148:137 | udp | |
| N/A | 10.127.0.166:137 | udp | |
| N/A | 10.127.0.175:137 | udp | |
| N/A | 10.127.0.127:137 | udp | |
| N/A | 10.127.0.138:137 | udp | |
| N/A | 10.127.0.174:137 | udp | |
| N/A | 10.127.0.135:137 | udp | |
| N/A | 10.127.0.137:137 | udp | |
| N/A | 10.127.0.191:137 | udp | |
| N/A | 10.127.0.133:137 | udp | |
| N/A | 10.127.0.212:137 | udp | |
| N/A | 10.127.0.136:137 | udp | |
| N/A | 10.127.0.173:137 | udp | |
| N/A | 10.127.0.189:137 | udp | |
| N/A | 10.127.0.201:137 | udp | |
| N/A | 10.127.0.195:137 | udp | |
| N/A | 10.127.0.145:137 | udp | |
| N/A | 10.127.0.183:137 | udp | |
| N/A | 10.127.0.199:137 | udp | |
| N/A | 10.127.0.149:137 | udp | |
| N/A | 10.127.0.130:137 | udp | |
| N/A | 10.127.0.172:137 | udp | |
| N/A | 10.127.0.193:137 | udp | |
| N/A | 10.127.0.151:137 | udp | |
| N/A | 10.127.0.196:137 | udp | |
| N/A | 10.127.0.198:137 | udp | |
| N/A | 10.127.0.128:137 | udp | |
| N/A | 10.127.0.179:137 | udp | |
| N/A | 10.127.0.192:137 | udp | |
| N/A | 10.127.0.139:137 | udp | |
| N/A | 10.127.0.177:137 | udp | |
| N/A | 10.127.0.129:137 | udp | |
| N/A | 10.127.0.180:137 | udp | |
| N/A | 10.127.0.132:137 | udp | |
| N/A | 10.127.0.188:137 | udp | |
| N/A | 10.127.0.200:137 | udp | |
| N/A | 10.127.0.146:137 | udp | |
| N/A | 10.127.0.182:137 | udp | |
| N/A | 10.127.0.163:137 | udp | |
| N/A | 10.127.0.168:137 | udp | |
| N/A | 10.127.0.187:137 | udp | |
| N/A | 10.127.0.165:137 | udp | |
| N/A | 10.127.0.169:137 | udp | |
| N/A | 10.127.0.186:137 | udp | |
| N/A | 10.127.0.124:137 | udp | |
| N/A | 10.127.0.194:137 | udp | |
| N/A | 10.127.0.171:137 | udp | |
| N/A | 10.127.0.197:137 | udp | |
| N/A | 10.127.0.170:137 | udp | |
| N/A | 10.127.0.181:137 | udp | |
| N/A | 10.127.0.134:137 | udp | |
| US | 1.1.1.1:53 | apilocate.amap.com | udp |
| CN | 203.209.230.23:80 | apilocate.amap.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 203.107.1.100:443 | tcp | |
| CN | 123.183.232.33:443 | umengacs.m.taobao.com | tcp |
| US | 1.1.1.1:53 | umengjmacs.m.taobao.com | udp |
| US | 1.1.1.1:53 | umengjmacs.m.taobao.com | udp |
| CN | 110.253.189.208:80 | umengjmacs.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.107.1.100:443 | tcp | |
| CN | 14.18.202.184:80 | mazu.3g.qq.com | tcp |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| GB | 172.217.169.10:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| CN | 203.209.230.23:80 | apilocate.amap.com | tcp |
| US | 1.1.1.1:53 | httpdns-sc.aliyuncs.com | udp |
| CN | 203.107.1.100:443 | httpdns-sc.aliyuncs.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| US | 1.1.1.1:53 | log.1sapp.com | udp |
| CN | 203.107.1.100:443 | httpdns-sc.aliyuncs.com | tcp |
| CN | 14.18.202.245:80 | mazu.3g.qq.com | tcp |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| US | 1.1.1.1:53 | api.1sapp.com | udp |
| US | 1.1.1.1:53 | api.1sapp.com | udp |
| SG | 119.29.29.29:53 | api.1sapp.com | udp |
| SG | 119.29.29.29:53 | log.1sapp.com | udp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 223.109.148.176:443 | alog.umeng.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| US | 1.1.1.1:53 | amdcopen.m.taobao.com | udp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 106.11.61.135:80 | tcp | |
| CN | 106.11.61.135:80 | tcp | |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 203.107.1.97:443 | httpdns-sc.aliyuncs.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 203.107.1.97:443 | httpdns-sc.aliyuncs.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 14.18.202.208:80 | mazu.3g.qq.com | tcp |
| SG | 119.29.29.29:53 | recall-push.1sapp.com | udp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| US | 1.1.1.1:53 | restapi.amap.com | udp |
| CN | 106.11.43.113:443 | restapi.amap.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| CN | 106.11.61.137:80 | tcp | |
| CN | 106.11.61.135:80 | tcp | |
| US | 1.1.1.1:53 | umengjmacs.m.taobao.com | udp |
| CN | 110.253.189.208:80 | umengjmacs.m.taobao.com | tcp |
| US | 1.1.1.1:53 | sdk.open.phone.igexin.com | udp |
| CN | 115.227.15.233:80 | sdk.open.phone.igexin.com | tcp |
| CN | 14.22.7.199:80 | android.bugly.qq.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| CN | 120.198.203.156:80 | tcp | |
| CN | 59.110.123.81:443 | recall-push.1sapp.com | tcp |
| CN | 47.95.53.13:80 | api.1sapp.com | tcp |
| CN | 62.234.59.63:80 | log.1sapp.com | tcp |
| SG | 119.29.29.29:53 | ddd.1sapp.com | udp |
| CN | 223.109.148.178:443 | alog.umeng.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | mazu.3g.qq.com | udp |
| CN | 14.18.202.195:80 | mazu.3g.qq.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 115.227.15.225:80 | sdk.open.phone.igexin.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 14.18.202.208:80 | mazu.3g.qq.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 223.109.148.130:443 | alog.umengcloud.com | tcp |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 115.227.15.6:80 | sdk.open.phone.igexin.com | tcp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 110.253.189.208:80 | umengjmacs.m.taobao.com | tcp |
| CN | 14.18.202.245:80 | mazu.3g.qq.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 115.227.15.229:80 | sdk.open.phone.igexin.com | tcp |
| US | 1.1.1.1:53 | android.bugly.qq.com | udp |
| CN | 119.147.179.152:80 | android.bugly.qq.com | tcp |
| CN | 62.234.59.63:80 | ddd.1sapp.com | tcp |
| CN | 14.18.202.184:80 | mazu.3g.qq.com | tcp |
| CN | 223.109.148.179:443 | alog.umengcloud.com | tcp |
| CN | 39.107.209.114:443 | log-sc.qutoutiao.net | tcp |
| US | 1.1.1.1:53 | adash.man.aliyuncs.com | udp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 59.82.40.77:80 | adash.man.aliyuncs.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 115.227.15.227:80 | sdk.open.phone.igexin.com | tcp |
| CN | 110.253.189.208:80 | umengjmacs.m.taobao.com | tcp |
| CN | 14.22.7.140:80 | android.bugly.qq.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 223.109.148.141:443 | alog.umengcloud.com | tcp |
| US | 1.1.1.1:53 | amdcopen.m.taobao.com | udp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.getui.net | tcp |
| CN | 203.119.217.116:80 | amdcopen.m.taobao.com | tcp |
| CN | 39.107.112.176:443 | qfy.innotechx.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 115.227.15.241:80 | sdk.open.phone.igexin.com | tcp |
Files
/data/data/com.jifen.qukan/databases/data_tracker_v2.db-journal
| MD5 | 7c4acf8da0b109b54f55e3c47eaa8952 |
| SHA1 | 507995687e9b7e67f5c8444cac9777cefdbee97d |
| SHA256 | 34ce2188dbeef0404fe1c8c6104d651673ae80a84ccf4d57b7ca416418ce651d |
| SHA512 | bce894780c1109e22be77637b1b07e4f099b93da9f58799649a89abead370208c0c50a05151145915c53b59d58017239b0ff0ca3d97ed4559972c5e14faa272c |
/data/data/com.jifen.qukan/databases/data_tracker_v2.db
| MD5 | 7ecb14ec2b1b7b498869d95d180b1a24 |
| SHA1 | 46d01a2bf5033d305305fb8f9c720dedb07e9d3b |
| SHA256 | 20cc80348a32b6ba81c0055f2e12bdba4cac681df25813f8837d6ad7e5020410 |
| SHA512 | 3f7fa7c852044c0725bd596d485c34d0bca98685fda6273a2fd4768d10577a62d00e13e7e081169ac18cf62c22732b419a4d5f8132bda2badd53af85f27655a2 |
/data/data/com.jifen.qukan/databases/data_tracker_v2.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.jifen.qukan/databases/data_tracker_v2.db-wal
| MD5 | 0e62a6a1cad69067ca0c00793007018c |
| SHA1 | 7d9fb88e7a251ba8e67d5674a33745b0af11d077 |
| SHA256 | c3ad6937052eebe3b829aef2c3bf485f946e48b8d42ed4346e711e89fc599982 |
| SHA512 | b3fc8a57f4daa264cd634c16e8370c7771faf95adf708d9e7193b0157a6ad4b5bcad1f09a3221bbdf78b6798d48e1f9ab6a68bc5eb0fad6fe144e013a98a2b88 |
/data/data/com.jifen.qukan/databases/cmd_data_tracker_v2.db-journal
| MD5 | 1b29406cdfffc23105403c2ad386bd82 |
| SHA1 | c52f2080df8ba6bc92d879cef5575b77a15dba6d |
| SHA256 | 49d28408327147fb39c268f96163faf627303f4d0216909df8be9d4f06e6f1d9 |
| SHA512 | ccfeb983433b469ce671ad8e649422d143f13c3359c431ae3da65dc474b8f8dcfe9432c100e3e05d8c3201854d123b7d3f509c34401051ac08e9a192e7575fa3 |
/data/data/com.jifen.qukan/databases/cmd_data_tracker_v2.db
| MD5 | f66fa91cad8b1ba98d2feea6be709a42 |
| SHA1 | 148e8e365f79dd222ee44c202a412e36837d3eae |
| SHA256 | c5e549733f9083fe090d305849ad4560f8c865aac66fd2f3410b57c8a9f91f84 |
| SHA512 | 67819cec17a50be77466d11640cb1daf0c0f8eba5619912645a4a513cf58abf9e10af89513f79e543c2d96408591ecda53c6aa2844fccb7bafd8428a8e9a101b |
/data/data/com.jifen.qukan/databases/cmd_data_tracker_v2.db-wal
| MD5 | 5d803219b8794e2cb2c1fb6a8afc4089 |
| SHA1 | dfb94a657e5711e5d6e900f22f7a89fd9a8f75ef |
| SHA256 | 49bd8d649fa6f64f384dca95263112bea10dd93543bb084a2b4caae29954904a |
| SHA512 | b885c86fb21f1ea92b6d0fe94d092ab26855fc176ff7b9d2c339ed497db6311fb357113f5fcc8f89eeb182708b93bce9acbcbc5613b938e935c7c03fa5cf3f9d |
/data/data/com.jifen.qukan/databases/bugly_db_-journal
| MD5 | a410301c37678220aa0192d78e9b44b3 |
| SHA1 | d767700abf4ba48548d44e97ad16d0b95c9a2384 |
| SHA256 | 3f07b2133c953d2527328e93010657d88fedd162fa28cf7107435237515ddf2b |
| SHA512 | cca3c2ba504f5c0bcb12c3d0a0770dbb73dce2799f75d022467e33d90b47be110648947a3ec1ee737a6d86b9f278ba8956f440286f389f27b03a7b50d3ec919a |
/data/data/com.jifen.qukan/databases/bugly_db_
| MD5 | aa99281ce0cd69a9302f8b64b918ad75 |
| SHA1 | ccafc0e5fb16198e466b209a888301f4100fafe8 |
| SHA256 | a3cde8388c50e78c7b3c8dab1d0c46c64c375248031adbb6a5802e3da65bb431 |
| SHA512 | a8b80f09a555652d3e4b9775b6aa58341dad7fb120509e128df417533ba361353b19530306e8691f1ce5fc0c69f1a89d29bd2eb176291a5e85b945d14c9eb085 |
/data/data/com.jifen.qukan/app_crashrecord/1004
| MD5 | fc2ae253f232a897c9d2b0687b13f6a2 |
| SHA1 | 7f9838b8ffe4e053b5bc9be7fc1d783d940dfc03 |
| SHA256 | ad93da0b8b9e7a00f45e4708e5e34175b5e8c2590f237c33afec6fdde1212bf9 |
| SHA512 | 498aaf1c95946119e292642086a87c1bff2d77a0aa2de788021004657361cde4f50483717fb70539a5ed1a5562f781b60dbdc13eb63f87572f6ffa1d7ee4009f |
/data/data/com.jifen.qukan/databases/bugly_db_-shm
| MD5 | b354a3798d70ae0a36c4359aac6a5a58 |
| SHA1 | 591bf4d73a4ea2ede29f25db14d53f0a63b0323d |
| SHA256 | 9e3ca451e62c6db03da38f24710d89f83aaa89b5278cecaee6931edb367c249f |
| SHA512 | 96a1831defe9bf18c8a1b5b22e7c102da6f63c2e42b30ddc9a428fde7a986d877f0fa848ba8d860946007557146c7d94a87ca9e967dde46e53574b56318eea96 |
/data/data/com.jifen.qukan/databases/bugly_db_-wal
| MD5 | 69d752e3693d130fc68318c1b523e5f7 |
| SHA1 | 2cd62ae43ab3a1046956495464edacbd9793c38d |
| SHA256 | 4b8771cd8a10207926da2adb56d580bc8f83af0426a8a532af6d8d3a97e024a1 |
| SHA512 | 8c1bda1db112fc9bf8814d6371df6d03d5cfbef37726c9c32f605755e9bbe28141f70110317d3c3c218a6ba0c6b79953a5eb92bf903b2fe061148293310e814d |
/data/data/com.jifen.qukan/app_crashrecord/1004
| MD5 | 0d210bfb2a0e1f1b4c082a6a0f79de07 |
| SHA1 | bb8ed9e364db79d1d9f2fcde3f15091893222faa |
| SHA256 | 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d |
| SHA512 | 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1 |
/data/data/com.jifen.qukan/files/libquid.so
| MD5 | 0f740a04d2a6d0d94c8f774e08aa37e8 |
| SHA1 | d9f7ac33f93046aef55c7d8cb8b76a538ba668a7 |
| SHA256 | e9cc3ff8ae3dae23eaa89b6738fcd21497802dee2bf0f491f3b64db85b7e995d |
| SHA512 | 3134a99274eca353ef615d2bb0fa13c7ebc7c7d5b9b1c80492b372e85eda970c2ffd6bb5a8a3c1b794d97b14d98754c86269062fa852c05924de85bd4b440a12 |
/storage/emulated/0/backups/.SystemConfig/.quid
| MD5 | 2129d1b18f3c5b4e753e31df5339f8fe |
| SHA1 | c77407adbde3176fcbc4401e3bf9ced94bd92ae6 |
| SHA256 | 07e9933dd69790669aba038674108dd9d00720c6c3d8dc4b6f0467cdab080e38 |
| SHA512 | 511e561fe152e9f272d02d9ec27686f6aa5de81a086fb5f05ce9ea490af941440fc1025a7cbc7538592e5eebb7aa3ebc9925a3ef878d3cd0ead8782de594105e |
/storage/emulated/0/com.jifen.ac/.com.jifen.ac.cuid
| MD5 | f7bc05662c0e8a416826b46471bc3b66 |
| SHA1 | c0ae06ef4ca8c600c92f9e24b8054623fe0e973a |
| SHA256 | 1f939dbe2ca25f63127939831148c69d1608fb47d4c856c8e16a457c46beb13a |
| SHA512 | 298549a1037701efafa58856df15fe7d4fcd15d5e640c7846ddc903f6aa87912f5f3efcdf0b623edc939d61efc1a0ce873db40d7fd67f4e5c76ca2a0a0f096ff |
/storage/emulated/0/Pictures/.b11dd.cuid
| MD5 | 274063f63fd2b295ce21098155d20e0e |
| SHA1 | ffe872a81bdef262439dd592f61ea16919d96e36 |
| SHA256 | 6a95f32f953cfb912e0ed575221bc44e93c4f6258b5c5d709dbf9b546e4c1b8b |
| SHA512 | ee7530821b0e621009ab61810920e6d9b0bd9a76d90bf7832a522503815f02ad698680fcd4304866b55c6b48eb2e0fa6c40af0ba025b9347a4ccea6ab976b4f4 |
/data/data/com.jifen.qukan/app_plugin/main_metadata
| MD5 | 4690f71aa31cf78a189475672f475214 |
| SHA1 | 5543c0951a6296b896b2c58fe2285934749f9b57 |
| SHA256 | 5162e60f09191bdf5a726ca745056c4ff5707fc1807e88b8dec92f6e1c490e73 |
| SHA512 | feae81e26e1db1d60aa6cdbac7a2f43225ac5c5008baa5aae1116d4556fbc44209774c8e109d9f13161840b939315cc51c0e95cf42789c57f1afb41eba24a605 |
/data/data/com.jifen.qukan/app_plugin/main_metadata.bak
| MD5 | 090b7f779c238785117a0043b5705bce |
| SHA1 | f952282c2f305c8b4ef578fcbf803ca1d660e260 |
| SHA256 | 64c0363f2b74a52d212e2cdfa47eb1cccf2e2c085b46a22fb026d937ccf123b8 |
| SHA512 | 9e39d6758416746154eab535e97bc9ad10628f074dc8e6451ff310f0621d5914006ccceb9a0252e4b32492c2c0b4e9df4b1b3014d807da040e6af5c59dd4e44a |
/data/data/com.jifen.qukan/databases/MessageStore.db-journal
| MD5 | 3691a386305b30a750f756fed47580dd |
| SHA1 | 7e4dadf8d2427e701e76cea33435f551e15d1538 |
| SHA256 | 0a86ee38ffe8a338933483f7f991b418aa271c19fd0a35a68166b6e8e167173f |
| SHA512 | 3ab07ef4d081b3e95f088e9c3f0d70f252c9351af067bb0d097f9f74949499a5c7114a0a6b0e3b9e4168b340e715490c81d5c9207050d2141084171e3aab05dc |
/data/data/com.jifen.qukan/databases/MessageStore.db
| MD5 | e6dceb47e74ee754bc6961c3001803d8 |
| SHA1 | a096dca22f278fcef162eb08d37e408f0e794d77 |
| SHA256 | 1971ec0ff0fcc347654d7841f6069e4909d27d1669956ddca53457a97c65a4e4 |
| SHA512 | 01ae529f9958477ec87e437b9c6de73babb7b299b6ff8bb86a81d1004bd073d721374142d32f51ac01ba1e70b52d2ecb15f59938cd3b4f67d4e491d35a76aac5 |
/data/data/com.jifen.qukan/databases/MessageStore.db-shm
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.jifen.qukan/databases/MessageStore.db-wal
| MD5 | 814602d3fca2f20a5025aed5ef638a1b |
| SHA1 | 37cc413ff008e435306bb5580ab8c2d069c3454f |
| SHA256 | 03d3daa2612a565d06e6e76a716d9304d1025a675037e8d615510f5727a1ff3c |
| SHA512 | ec4c13cb14ea78e11f3c743f5da37fba133334f570a0c490e2cc82afa0b7c1853286cd5ee2acb19640ada9fd51a426f27a353da6a5b930c124fb8802c8c91f58 |
/data/data/com.jifen.qukan/databases/MsgLogStore.db-journal
| MD5 | a2477829aecf0d9aa2ea69fe16e3fa25 |
| SHA1 | 02f5daf8fefd060306f2578b993e2bb5ed65dd24 |
| SHA256 | 66622b041491413f2d2ea570fdb84f583eb3d9705c43127e32f6089bba818367 |
| SHA512 | 73609eb28f4daf78e20e1316cc156444d09902a0464ecda9e73605fc745ac0df91658db5d2680ae181600424c73920bcbc9396f8c7f1068576b6ad08799af94c |
/data/data/com.jifen.qukan/databases/MsgLogStore.db
| MD5 | 7ad7c82461d44a57a9f650dcea348323 |
| SHA1 | 87d10dfbe6b1ee11362579a32e63f10a44bb5b98 |
| SHA256 | 16d28a31f0625ad079ba60d31656c932d4a5f308f69935350f456ff447cf1000 |
| SHA512 | 677055cffbe96948fb42fd35c276f898130f88de6659e6d6f57edb767f9f0caebec5dafba862b6dfe2db8f38417a8b02138432cd946f0f9c3f6a2f53c846c8dd |
/data/data/com.jifen.qukan/databases/MsgLogStore.db-wal
| MD5 | 48f85f0e6dbd95e8f32710c02070b23b |
| SHA1 | b5cdb9c246cd01d3ce8c5f73963a8cca4c814d45 |
| SHA256 | d93ded8592c996018f173c210e775650a9ea9d1a1765f5607b9a4eb5a5efd1b3 |
| SHA512 | 44000b57d111c896f0c15b59ca18a92b0186bd0510f765f9fbddfb5591ae850b331c6b3481d8e30ea87790b44261cf5ecc37e9733e678dbc24e7b667620d5cd6 |
/data/data/com.jifen.qukan/databases/pdm.db-journal
| MD5 | 328134698d76d4783c1aa502692ad17b |
| SHA1 | 65a5928d9e4feb0ffc1f2f8dc24bf2ff5a0bfb55 |
| SHA256 | 5dad50634af1b459d9675e0959354ba3a22f1dc8612cc21ec93b33c3472806ee |
| SHA512 | 80e79e3bd189427a9a6ddd95517a1e9ce4b6cc06e058ef4faaee3f424a12a0803d97ccb6d233596371019b1c12a061deb983d4f4e45324b816211bf19522de0d |
/data/data/com.jifen.qukan/databases/pdm.db-shm
| MD5 | 244638aee240f0f739097031649076d2 |
| SHA1 | e03e0aba17570c4fce3fdf2d243727641f32e81f |
| SHA256 | 2aad19367146cf648730ecec32d2ceb67beb74122f7dd583c0b4d6e3bb19e2cf |
| SHA512 | 309707ac5e7c056916d97250b95ab7ddbb0727367cb94f2e8e5efa24a47e440f810a95e9235f40f6812a419caf7580e23d2374d406fd4f246addfa0e0b35c972 |
/data/data/com.jifen.qukan/databases/pdm.db-wal
| MD5 | 2578b7e32d86a04bf51dd64888eca485 |
| SHA1 | 7bb4963dd0129d4087b7dd2ed10c5d7236594319 |
| SHA256 | 3e8199b0a1d35813ba92ce8a8bbd67e61db48007a5ba0045b39ac96819b24ac8 |
| SHA512 | 069130522337d31bd923ab2c123e6f65c092aebd9e2069ad5db1e5241c4f256f04cf009b01556e439f5f3d0f4ccc1ff9270d74b105dc5dd3020a28830c23999b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | d998482a39ddd7e42f1fad38aeed1594 |
| SHA1 | 43cae27e0034f9bbf959638d1dbcdb8cea5fa635 |
| SHA256 | b1a203d7e6093cf11f1f8ca3cb27321de3f110dcbf65b7eb5b9c23ea0ca81b3a |
| SHA512 | 001e581f2746c720fa236b8b9421bf61447c1196accc1d5895c8182aaa76bf8b820763bdeb8c80d338350564f19302dea2979dad38eb42cb7b6d9ef0373093aa |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | a7b5debf648af8527d38065f285c6754 |
| SHA1 | ad8513c878ca1483a2472c7f8dfc8a416418517e |
| SHA256 | 0d8f1987d41b042ee7aa1ae97d1950a40884ff4ed620fd02371017160e50eaf5 |
| SHA512 | c879b912d723e9c382e547f605dea4d77830d9300c3cdb1a14c2758cf4e895000c7ba2afe37584ed2fb94a9893e8ff47bdfda4dfbf2dc47aca75efc5d28984e4 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | a3a61dbf41ff04e22bd4ce3741d6e0e5 |
| SHA1 | b4171d429f1ab534193b756d664fd9607941a3dd |
| SHA256 | 7dcc32f75f69b42003a0e7db96eb9be2b02aacd701f71db39e4a274d04811c17 |
| SHA512 | cd93f53657d493952aedf37856604d3348617c0d5313fb9eb3e657bea9dabe7880129bbdf24567e0a74c339e9e6a99e234a9e2098e5550fff40bed49231e3961 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | ee3a7360521891d57d0ab7189dd34568 |
| SHA1 | d77a18349ad16e9cf1f6224e821bb3ce98b61478 |
| SHA256 | 315dcc723e029dca9972f7b36a8eb602d4b3fbd8f73e23230a283769ca0aa46f |
| SHA512 | b26b5195b8aa53194017177af95dc5c8fd2d5572ef0b26bda6c8f31e0c6854be36e1047d387ec9f1713aaf8b1ac1bbdd0c27c264f745f94a6d7f6b3019af7ea3 |
/data/data/com.jifen.qukan/databases/bugly_db_-wal
| MD5 | e123cfd7927b521e48f60e042e69fdd7 |
| SHA1 | 2d1feb3ad297a2d315395268d647ac0509df5a7f |
| SHA256 | 00a678ea81fd1ae5d1f89729a0a01ca089d1b0744bd3a74698828bf662a7c302 |
| SHA512 | 13e87145b7adaa78ec75ed6e409830d8d4a1067ee6d355841d781c2aa99f6d31dd3a5cfb45d91548c685948c908515c027d73926503f65205a17959c26b00c53 |
/data/data/com.jifen.qukan/files/init_c1.pid
| MD5 | df74f9592dcc059d4bd03cfa80450f9f |
| SHA1 | df763b391b88a0368690638e7e27bda151ceb338 |
| SHA256 | cca00b0dbc67c64c7219ba13b5b4ea70fc27a267f295b58e73f82c610ab069dc |
| SHA512 | bceab700c982455edaadb980eece0a067ebe114896438a0a85ec0978ceee0dac4f4a1ccaaf0c1df15059dfba7a944ea62a7e9108f71f74ee802e72e2a2712285 |
/data/data/com.jifen.qukan/databases/logdb.db-wal
| MD5 | 046a6bf0e75c7f61e8aa90f747a04cac |
| SHA1 | 478a02fc391e62acfb7cba09adb36f9cef40c100 |
| SHA256 | 6a2ddb63e5a55143c444d854ef573a8a591577b1a3a461924098a252e27d0557 |
| SHA512 | f8685fe73902e838d78d544da7392ebf20a0d81713c2cce175567106a8fc091296498f27b5432b5c9d5dd1064461b51c4cb3e8563131fb7361a22b3b70eae6cf |
/data/data/com.jifen.qukan/databases/logdb.db
| MD5 | 3e4cdcc6c1c28a2ed61821b4e5b2470b |
| SHA1 | c61f1bed26fed081e2bd724e12cc0dc0a70b2028 |
| SHA256 | 75d75e12087108ce15bf1f2ea00453129a4255a674d392e76fee56ff54b3e6c9 |
| SHA512 | a8047606e96ed4693f7bfa47885e0ceb4beb19cf114a7ef164be6d1831a48602dd0b4edce4886b22e808690358169487f8cb187d3e0d55a284487629ae7b6e5b |
/data/data/com.jifen.qukan/databases/logdb.db-wal
| MD5 | d82641124249ed4d0a9d6c774dda238b |
| SHA1 | 6fd439c69f8f3199d7132feccc1c823de53c446a |
| SHA256 | 95fb4c76cf1352e476a9d36c27d0029c02e6e8926168a6eb7f5cb1e9603c4e62 |
| SHA512 | bb24533da32d2f3c009db1e5ddf1c4ed4c787b844d119b6810a2e5d8161453fb56de77650c53748639cf33d72090bb857ce78c9edb77efb34a426115b397717a |
/data/data/com.jifen.qukan/databases/logdb.db
| MD5 | 60e918a66670488ae5e111bdcbcfa95d |
| SHA1 | ee81e2f5ad9a7301adfce5999095370e532a43d9 |
| SHA256 | 0126f776c2c01bb621001c4d80787b706902fa8fdd89fd1f062d063ec74d5313 |
| SHA512 | 1abb9311fce204649d299a19efab820981c427a8f3778a9848fdfe99aac19fbb3d62bdc4f5fc93bad66c090d198e9db33c23066041207272f2942272167796d2 |
/data/data/com.jifen.qukan/databases/hmdb-journal
| MD5 | 33c3733b1db6282aa468761818a881e7 |
| SHA1 | 201cc011567f747a00ae015b4625f92d1efd66c6 |
| SHA256 | 18be6e27d00e751cca5851de38a64fa61b2c219aa702a2736ff3e76220e6ff73 |
| SHA512 | 872b4c78483469b82a2235a1492068dfa83b6804293ece3c602bc3b2159b1ac9a1b1f6bdb3845f70503e6890914619ef7bd75b7d75ecc5c6a428fc3bb6219874 |
/data/data/com.jifen.qukan/databases/hmdb
| MD5 | 3fe30614d7e0d11db870b4624f6c50e0 |
| SHA1 | 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533 |
| SHA256 | 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d |
| SHA512 | c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae |
/data/data/com.jifen.qukan/databases/hmdb-wal
| MD5 | 961b1edd8b06604b18057c863a9ee151 |
| SHA1 | 252597a2956132c74dd3b28b934e7599a23c75f4 |
| SHA256 | 41a03aaedc0f5c064f8fe66f474940494fafd8365dde4320d7f5e667a8a54d41 |
| SHA512 | a975fe3284bac2cfb9ce6aa6a234dc20f3618fb087ca88976d436e1b6e14eae8efc00a59111aff278d589ab1e985a8fcc9114769a4775bc60151cc2522a67f66 |
/data/data/com.jifen.qukan/files/agoo.pid
| MD5 | 573f7f25b7b1eb79a4ec6ba896debefd |
| SHA1 | 121de4ce4752102b997ffde2b35846ed1c0d02a9 |
| SHA256 | 961290276708eea73a92095181a7d4c20bee233d6aef7c8b4dbbdc067487ecc4 |
| SHA512 | d1cd76e484996048384f0fafadb20198cf04f45dc86dc6e455c569a199d908d42e767e6204c3e0797d0b2974d47b05d080a8a16aa7f374dccbd77c5abdd123d5 |
/data/data/com.jifen.qukan/databases/message_accs_db-journal
| MD5 | db44bac2c45bbceb48a354956e60008a |
| SHA1 | 03d52f8d7f16022fc48eb1a1ee54184e47d12e4c |
| SHA256 | 7030bff25666291301d149cdbf5380c76f091c03ccab33175fedabc25c952b47 |
| SHA512 | 6ff74cd850ebbee56eef5c58f22f913d1a28bc6c967eee911ec3d21047e9dc1c3fe8f9491e03b19abee46d9be53e6288884a18df0a123e4ea4e3a13f1b87a729 |
/data/data/com.jifen.qukan/databases/message_accs_db
| MD5 | 486e2bac2b3e9e1cb411d2838a4854bd |
| SHA1 | 81dd0a7537f4af319b830ae834908986be85da8b |
| SHA256 | 5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57 |
| SHA512 | c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681 |
/data/data/com.jifen.qukan/databases/message_accs_db-wal
| MD5 | 8a3b8bc0b9afbb67d1b662376cc389b6 |
| SHA1 | b1443a080a740880f10a5d9108f5070cf5e3f95a |
| SHA256 | 8cb9ff6396c3ec503dfe8e97a1f094d91549301c01807d2636042fd5b2c515b0 |
| SHA512 | 6d6c3549b9a9bf15b4ff6d7befec90167e2dfce4b08389ae350cb183290be26a8482398f303a01e7f4d253ececbac280042a8146c5410c9062862311e05ba908 |
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal
| MD5 | 869e5ad31aaa13837e501db2216a8781 |
| SHA1 | 294e96eeaa86b628289c3174a1bb50415c6cbddf |
| SHA256 | f7374ff19f0cb29db6646d9af9f05d2d969e23ab6c19e802d66142216607d00e |
| SHA512 | 2320d5745fe9bfcda396e701b117ceb010f3fe509e4e6c0973ccb2fcac39180e62e2f6d81ad1174cdb00a65287b3d2a715738e238dc5fcea462b6803e546c774 |
/storage/emulated/0/amap/openamaplocationsdk/alsn.db
| MD5 | 6999293712000d597b4cf4f0d42316fa |
| SHA1 | ce64c005f5f516ec4c491eabd907423b0fbe2a1f |
| SHA256 | 3cd4e50816e59adfdddc5d5ea2bff7068bf6fe711302b4820f6a79f132f0fedb |
| SHA512 | 8638503a6e9c40c8025722ce266ca4314804c7d74546938464253a136f230921ecc990343541f481d317c6823ae519a5a33d279b363a1457bb105a6de49656e2 |
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-wal
| MD5 | cc70791e13b6f6e3a5113d62eaab5eaf |
| SHA1 | dcec3ac4459284024addc24412511832db067438 |
| SHA256 | 178d5e1587d5fc442a7cd8d6ba432c21f92fa137b147229287c51dacc20e9ef9 |
| SHA512 | 4feb95b976de536bc8595d1c730d3138e4aeea034b1a56094f16b0950274ba43ed51d85dbee8e72f35749125b9d1127bcf86a63aabd51634a862227a55e119de |
/data/data/com.jifen.qukan/files/a/b/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.jifen.qukan/files/a/b/journal
| MD5 | 8681b4e05aabbea596270b1295fd6daa |
| SHA1 | 7ae619e1e63ae4cc09f849a23b8fcc9a1e60593e |
| SHA256 | 6ea9fd6d617df2801ea7659bab9e779093e7ba9aa043a1dc74943bf524cadbf9 |
| SHA512 | e6d3e2d0111770be6df9d549f9fa623767af9a45fc52f413a45137766c253123083306b44e0332d2d4905ae6264879481fb3d337b9ec8e085c9a15d9bb2d6af6 |
/data/data/com.jifen.qukan/files/a/b/d4b5b8d8c6bcb55b97dab1997c80c3ce.0.tmp
| MD5 | 84965845a52a1cf169dde788325b6dc3 |
| SHA1 | d4c24c44a82cd246430efd7de4949c018e26c145 |
| SHA256 | 04b0d26b590c473ec3636c49d67d9de707c1f684d7199b2eb686d1e48660125e |
| SHA512 | e9a00d380d23016207f81ecf0e545347ca7f129bd4419d5aa9a85ef1499d8c651ae5e922ec981892a743ba79a2804e048f7eecd66712c9b051f15e55e8d205f3 |
/data/data/com.jifen.qukan/databases/logdb.db-wal
| MD5 | 25b4e958d8aa5375ba6159152a6e4c85 |
| SHA1 | 7ffb8839019999362a5e7ce00593c70fcbf8ae8c |
| SHA256 | 8e6e54652c78275a33ce3e340579a29ef217faa9f85395804eb7a1e3a7ae7b18 |
| SHA512 | a0d5e43a500272687c8ab2ebbc5cc727f3c32de7a0b8b9a68f598e66eb1febe6b0a772e422456fd79015e1546e814cc05e5c9781fc3b5ee16e20dc507d193901 |
/data/data/com.jifen.qukan/databases/logdb.db
| MD5 | feca235485e9671c6ec4b55a34504a79 |
| SHA1 | ec888ac89783598d2885284f6ab44b3fda4c5238 |
| SHA256 | 5f8babc15931062d8f7cf8787ea03480335ac3ee32b835753903ccaea92e07c1 |
| SHA512 | 209116c9ef0848e71163c99336f78c0e70af55e4d9035f5424f14a9580d2e260e98011f821a9db5391bf83b79f982dfa90eede8b18934683e177a38b1b3b9a78 |
/data/data/com.jifen.qukan/files/a/b/journal
| MD5 | e554e8f795944a47211affdb5aca621b |
| SHA1 | a77e4fb586b165c4fabc421738fcd35ed006fda7 |
| SHA256 | 1689c9e949bc089d1563575c1278c8c52304f17f1401857b9d65d716020f8ae8 |
| SHA512 | 02722d742c4d81f50fd1a01e1f8a323283d18324fce8ef1b24f302b76b121241b9952454ee9e529d5ddce0e49d4153643395feea50cd99d0f4c39e954a17ac30 |
/data/data/com.jifen.qukan/files/a/b/1fe0ea22b2e87d25ff9fd9c678ff83d9.0.tmp
| MD5 | b05ee1c5c86b717878c29bc290cbd30b |
| SHA1 | 649ee6e9e3a11ccbedfd4e0ddcc1d7e69a8abf4b |
| SHA256 | 16cdfc7f4f9ff36f7e04ddfe99461cc6fc6345da9f3ccca142a38fb7482a84ab |
| SHA512 | c5ca6579a1c43246f245c184fc6669827e824102b74543761d3688823d1dbfb5bd32b244035f87f03069acadacd2f264129f105ac8b5f31c4d751f8537e468b7 |
/data/data/com.jifen.qukan/databases/logdb.db-wal
| MD5 | ba0fe003cfe6a056eccf56f5929b0549 |
| SHA1 | 5a85fdaa4c46f27501c0bd1ec80fb542067d9f87 |
| SHA256 | ebd50f305cdbe764d9245193bb2d42a563ade299805ca656189c262cfc859490 |
| SHA512 | b6308627ee3f224e7bb66fd7461e304899192778138b0f4ba7f6e5e12437ff2335679b396d43b5b5648e926baf5aee92ea23db5dc0d9ed13db0f52eff6457e62 |
/data/data/com.jifen.qukan/databases/logdb.db
| MD5 | 240215a3e960cb7a0596800d8b3a214a |
| SHA1 | 56aef2d8aaef6d89ddaa82d3e2481efe188b1013 |
| SHA256 | c11c2448aa0685e5f2a28f68e0d58d5c0404f49d3e7a06a549d01075322a2974 |
| SHA512 | 12590492a4bc2021e2930a4198d8e7cd061213275f77af9bf1b1719b7618bb3bf792db815a6427583d3bc77421a58cf420e6b90aa663c5e92e6b755e18b81a1e |
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-wal
| MD5 | de26fa56626b9d6fc2064b876d5fc575 |
| SHA1 | 624def73703713ee0308e3086d23a603e4c06bc0 |
| SHA256 | c08e116797662e1d1d5853b7aedfbe5ab0c8e7a1f782f19f98e4a42d7f3557f4 |
| SHA512 | b5feafe3c7436c25d5e364f192d1c31ea3182996666147792abd287a781ff29e48c3f915a50df897f35ffb2de1d573ea48a1e66c5a03b79ded6bbfdc1d58fae4 |
/storage/emulated/0/amap/openamaplocationsdk/alsn.db
| MD5 | a22d9b53bda0f7778f3d24257fcf4441 |
| SHA1 | 71a3202820a5d72b61c6a9185a225ad483faf94a |
| SHA256 | 888492242c42413ad12546ef19324233a05469b6c6883c49dde8415d06ef5982 |
| SHA512 | 5e3cef7d79e1a41c55cb92b79cfd5273207df202feb742653462e98a600c0b2c6df0e63be1fc84201a08de83301c2b1a999973e37c3ab25fb0e8f32f94e15d08 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x86-arm-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x64-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-17 23:48
Reported
2024-06-17 23:48
Platform
android-x64-arm64-20240611.1-en
Max time network
8s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |