Analysis Overview
SHA256
b88de01da3d3df21603752cc6f1ea395581f631ee405a4720e397c9099f18cbd
Threat Level: Likely malicious
The file ba0e0681c84ec3096f168848cd97ccc1_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current nearby Wi-Fi networks
Queries information about running processes on the device
Checks known Qemu files.
Checks known Qemu pipes.
Requests cell location
Loads dropped Dex/Jar
Queries information about the current Wi-Fi connection
Queries information about active data network
Reads information about phone network operator.
Queries the unique device ID (IMEI, MEID, IMSI)
Requests dangerous framework permissions
Listens for changes in the sensor environment (might be used to detect emulation)
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-17 21:08
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 21:08
Reported
2024-06-17 21:11
Platform
android-x86-arm-20240611.1-en
Max time kernel
177s
Max time network
188s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
Checks known Qemu files.
| Description | Indicator | Process | Target |
| N/A | /sys/qemu_trace | N/A | N/A |
Checks known Qemu pipes.
| Description | Indicator | Process | Target |
| N/A | /dev/qemu_pipe | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xgbuy.xg/app_SGLib/libsgmain_312768000000.zip | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/app_SGLib/libsgmain_312768000000.zip | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/app_SGLib/libsgsecuritybody_312768000000.zip | N/A | N/A |
| N/A | /data/user/0/com.xgbuy.xg/app_SGLib/libsgsecuritybody_312768000000.zip | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
com.xgbuy.xg:pushcore
cat /sys/class/net/wlan0/address
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.xgbuy.xg/app_SGLib/libsgmain_312768000000.zip --output-vdex-fd=73 --oat-fd=76 --oat-location=/data/user/0/com.xgbuy.xg/app_SGLib/oat/x86/libsgmain_312768000000.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.xgbuy.xg/app_SGLib/libsgsecuritybody_312768000000.zip --output-vdex-fd=94 --oat-fd=95 --oat-location=/data/user/0/com.xgbuy.xg/app_SGLib/oat/x86/libsgsecuritybody_312768000000.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.74:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 120.46.131.222:19000 | s.jpush.cn | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | nbsdk-baichuan.alicdn.com | udp |
| US | 163.181.154.229:443 | nbsdk-baichuan.alicdn.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | adashx.m.taobao.com | udp |
| CN | 101.226.27.166:80 | adashx.m.taobao.com | tcp |
| US | 1.1.1.1:53 | acs4baichuan.m.taobao.com | udp |
| CN | 59.82.133.78:80 | acs4baichuan.m.taobao.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| US | 163.181.154.229:443 | nbsdk-baichuan.alicdn.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 123.60.89.60:19000 | sis.jpush.io | udp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| US | 1.1.1.1:53 | ynuf.alipay.com | udp |
| US | 47.246.136.189:80 | ynuf.alipay.com | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| GB | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 59.82.133.59:80 | acs4baichuan.m.taobao.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | adashx.m.taobao.com | udp |
| CN | 61.170.78.160:80 | adashx.m.taobao.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| US | 1.1.1.1:53 | adashbc.m.taobao.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| US | 1.1.1.1:53 | wb.110.taobao.com | udp |
| CN | 59.82.121.55:80 | wb.110.taobao.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 59.82.133.4:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 61.170.78.160:80 | adashx.m.taobao.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 59.82.133.36:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| CN | 61.170.78.160:80 | adashx.m.taobao.com | tcp |
| CN | 59.82.133.157:80 | acs4baichuan.m.taobao.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 59.82.120.124:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | adashx.m.taobao.com | udp |
| CN | 101.226.27.166:80 | adashx.m.taobao.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 1.94.2.18:7000 | im64.jpush.cn | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 1.94.2.18:7008 | im64.jpush.cn | tcp |
| CN | 59.82.120.166:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 101.226.27.166:80 | adashx.m.taobao.com | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 59.82.120.171:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | adashx.m.taobao.com | udp |
| CN | 61.170.76.178:80 | adashx.m.taobao.com | tcp |
| CN | 120.46.131.222:19000 | easytomessage.com | udp |
| CN | 59.82.120.210:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 123.196.118.23:19000 | udp | |
| CN | 59.82.120.252:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 103.229.215.60:19000 | udp | |
| CN | 61.170.76.178:80 | adashx.m.taobao.com | tcp |
| CN | 117.121.49.100:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
| CN | 1.94.2.18:7003 | im64.jpush.cn | tcp |
| CN | 59.82.121.172:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 1.94.2.18:7004 | im64.jpush.cn | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 1.94.2.18:7007 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7005 | im64.jpush.cn | tcp |
| CN | 1.94.2.18:7002 | im64.jpush.cn | tcp |
| CN | 59.82.39.255:80 | adashbc.m.taobao.com | tcp |
| CN | 1.94.2.18:7009 | im64.jpush.cn | tcp |
| CN | 59.82.121.215:80 | acs4baichuan.m.taobao.com | tcp |
| CN | 1.94.2.18:7006 | im64.jpush.cn | tcp |
Files
/storage/emulated/0/Mob/comm/.di
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9781ca003f10f8d0c9c1945b63fdca7f |
| SHA1 | 4156cf5dc8d71dbab734d25e5e1598b37a5456f4 |
| SHA256 | 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793 |
| SHA512 | 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 3dce2f8fc72abc9630c11b4d1ddfe94b |
| SHA1 | d2daa6d16fb0e23c688ebe778293bc1b6b0dad26 |
| SHA256 | bf6cccb3b3fea75182a5d27194b84557cfc9b3f8904591dc78c3955cfde9ddfd |
| SHA512 | b4cf4da15dc21ea70c126116b3a8b064bafa4b0be09addfc1ca0baff7295db370cee3a00140351acbaee6d8ad60f12efb93c665c21bc97394682379e6ccd5b76 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | a9f551df9557f5d557a61b9e55bc435a |
| SHA1 | 393eaa0354271a60025d81778e08de3dbc98245d |
| SHA256 | f55cfd342371b7aeee71faf469d6df35e30011f3671ede9d30d60fee7f780944 |
| SHA512 | be2120a76c814c4226c4f566a266321f8a23d92b1cc7780751955a38a12e9405c305cbc1a9f0df0729ec23fe928627f330414442674506a5712707f0e93a8767 |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | 9d1268f77cdab52905e364d9d72761e7 |
| SHA1 | 1f0586264ffd4e238b21f6f0e2a3557b735666c2 |
| SHA256 | 61cbcdc6dd7809312769fdc949f33c53cab44980b8bf4de6d6177485c0b6e05f |
| SHA512 | 8dc949e79fed2c3bcb3dd98dd49168a746471daac013aea29bb3efd158fc72e7b71d4b938ca3c326e1261f97ecad1ab4846c0be72448a2c71a9b67db496fc616 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 66e67cddbf700fdccb991b61e6ce06f6 |
| SHA1 | ea30f81d701f15cada0c987d8e4ceee3ac0bac4b |
| SHA256 | dbdbcf9161b7197df6a18e6a52c417b73e8354365f013cec5dddb286f064cd37 |
| SHA512 | 389b2e6c43e214e3c0d4376cc1bf10ba5d71b9c3d0e3fe3413f7ae4d22c2a86a8b84204a302be1a3150b8791ae93f1720a9b95f26de220b4123b049b6154210f |
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
| MD5 | e71738ecd1de22a74a2141444bce93ae |
| SHA1 | f6ce453c51391a41a6189420b2f9aec678d9cf38 |
| SHA256 | 403186d784a6ead716c468cfc7d16add2db72d7b4e7f0f1fba35511e76d3cba0 |
| SHA512 | 41c8bf614df3db280ada335e2c36b4247e83b984bf341ab942ca899a6124d362b7db36b76bb8ec4c5bf8ef5d696288e151a69a6e271a4bb6c66495cfcb91fac2 |
/storage/emulated/0/.DataStorage/ContextData.xml
| MD5 | 98993daacf50b7ea34f62c62fe796cf6 |
| SHA1 | 9d9fc0016bd128f5f0667fc1be07a2290c3c5254 |
| SHA256 | 058ddf951352c4110b86a6498462f0f7e6a6781d1664d5e228d1b361bbf6c3f1 |
| SHA512 | e2e58c1999fdabbe38733051802236fda6c118d3bc89ba82be2a13dab003c3f3abae086bda5529dfd88a476483db9f14dc7261fc11a5fc60d5e82eeebccf94d3 |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | 62b1705f13fdcf8fc450a4faf7e5b65e |
| SHA1 | b9ecb8369c81659fb4b7758872efeac5c6059e98 |
| SHA256 | 6fa8d683e66ece85b6ce12a540181f883ad77a92e7d0e188e8c35444cd6f78cd |
| SHA512 | 21a69c96c9d333d810d16e22ef0ede2ddc9c99166c69c7015be408de531ea80f4876a50ad7b1a2c0212d864893941ea19b1445259e28397363110ae95a9837b7 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | 65a326fd158898b56c7a33e86077bd2b |
| SHA1 | 848c9c67aa849c12b5b7988e28238dcb24fea0f5 |
| SHA256 | c22645ccfdfe589a8f819eea4057eceba7bbdb8d53cfb8603d4be47b75a8706e |
| SHA512 | 9aae831f73b2fe1f31aae11cabcf8104320679dda4a19867141ec8506f58e3674a023c9713876912b795da05e8de0ff071d4e96143b78cda034d5d8992f66d01 |
/data/data/com.xgbuy.xg/app_SGLib/libsgmainso-5.1.81.so.tmp
| MD5 | c85e8919765cc22095d1b8e40601e34d |
| SHA1 | 22d48933b9f30a028cf4c9d993f59c767f9e8e35 |
| SHA256 | f4ab50b1188cc9913c106f1f661162cb7db90aa288a90fa6bb41c5938b6afa8e |
| SHA512 | 6715ed9290b868a5733f6c6001e9de1375a381b5f61552fc0adfd825c72977cbd34a347f7fecad8cbc798af7b5ef59f4a23bbe6fedb714e4dda65a1e5921c08e |
/data/data/com.xgbuy.xg/files/jpush_stat_history_pushcore/normal/nowrap/c62c6a01-bc2c-4348-a247-7438ab012ff7
| MD5 | d0b3e63c049cea8b14baae487de22cca |
| SHA1 | 0424eee2a1e18f83dfed9b1bae7b97f7b52f4704 |
| SHA256 | d5966d56a73226b4d8efa4d40d5383945a0bc4df6e256279fae042fb9f079c2b |
| SHA512 | 04b0f5a6ec576b26cb1a40d8d2ce5ff03ece4d3d133ba28210f79b4b8606f26cbbfc6a17afd73cb2eb6d3a19792f876f39fe14680514c42aaf5df76cf175e0ef |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/user/0/com.xgbuy.xg/app_SGLib/libsgmain_312768000000.zip
| MD5 | 522947eaa37b029a247e3973f3be3621 |
| SHA1 | 31c88e0d7c9b51904c0f598e80245bba41b1c7d9 |
| SHA256 | d06601f9eb8d8c991f00426ad30bada9d2bb7886a6de21d78cd0ccb7b7e62156 |
| SHA512 | f5eaa9ccf08096bf0df8f004fbfc1b893ae08fed3e6722e0adea1fdea2719a45876314b765134905841f440c27216c897876e3ac6c8903fc44b697854eb02c0c |
/data/user/0/com.xgbuy.xg/app_SGLib/libsgmain_312768000000.zip
| MD5 | 0c2f2989749ff3910446998637c28286 |
| SHA1 | 054aba5cdeb4e66a4473b0a81680bc50f6a0cfc3 |
| SHA256 | f3c52a07c3cb0a749aa880b5819ce43a5b76065396037f5f50c4577ae522d49d |
| SHA512 | 72acb607e89f7dd62c21e9449ceba58c8917afcf4dc32c789f515d6a866e6549b2fd53e90cffbdfb7a62d577534bd9eec052d1ec9a912321f9bf25e7f719a70f |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/009193b7dbb23f674b5f1823e41a487236d37c09b01fa8bc30947bb276b22133.0.tmp
| MD5 | 66c0c680753df4ee0641951b8cb1d613 |
| SHA1 | 9573fb478fdd97f871e9019c3b88f27adb879a29 |
| SHA256 | 97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b |
| SHA512 | 0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0 |
/data/data/com.xgbuy.xg/files/jpush_stat_history/active_user/nowrap/e9f8674d-df21-49ae-99c0-c0d8c447040b
| MD5 | 8585370ed5763777535af5b206599082 |
| SHA1 | f3b398087bf4592561d9a9b512e3cf91b9071c45 |
| SHA256 | 0e9056baf57ffded63bd94b11349a025f9aff90b087755e3e9a2fd000ef0af35 |
| SHA512 | d7bbb4b41e0410aa18c717c88b23d3ef8a9258614ac73a4d5ddafb136ea5aedced6477951c9b9c0e919d59e63b421d336bc16f4b528f4640f88f39c7e4ef3e95 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 99c91a4bdb7e7c017d9a97caede42ada |
| SHA1 | 7e219205a93fc6cc779bd9f0bd7a38fefa6b90bd |
| SHA256 | a85405a8ba0927f013ee80ece0547aa9ab5643e65f467e57447510545118660d |
| SHA512 | 0727234188141e6cae385d24725ac9631f1e13f0342ae60abbb7b61dcfac0213d827b8a272689a2b66c90530fc02d6f42e0c550396154223036db1f18b6fb8b0 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NjU4NTE4Njcy
| MD5 | a230e7566e5a2b41a4ff351050bca64e |
| SHA1 | 2e62b5105080fb84fd963930e50ab4fd49d34799 |
| SHA256 | 47e8d60bbcbe9c064c801312b7fd33002f2fd57fe33bde0d886c3752c95c888b |
| SHA512 | 8aeaa04b7d0d6d46d79c98659f64c5e1497f51095aff4a517a23e32c57323d50a889537aa0aefe0b3dd7f00bfaac64b7b2de13f5737b3b9dae7dc2a50d11a3f0 |
/data/data/com.xgbuy.xg/databases/ut.db-journal
| MD5 | 4696e23e4cc2b8e48e3b8f071fd97ee0 |
| SHA1 | 63dc0a2eff06da832c29bc2491c08882f7f93ff2 |
| SHA256 | 3488b3e036195110eb8285b9f8eb9e5c68df515d5701b5b6c776918d4b6b310f |
| SHA512 | 40e768bb43722f73cd533f6f4b151211d69b4cbad2045360baa9a97cc0e815e68c4483afef0117271859593ea680c3c68a2d4b5f0e395a51c389caff0dca6e52 |
/data/data/com.xgbuy.xg/databases/ut.db
| MD5 | 38616785cca0600a03205f84fe330b4b |
| SHA1 | 6ac41a6bdcae297d56dac5fdde70be5faccf0832 |
| SHA256 | b05c698d5827005da5e04b4fbdcac53cfc83405247353f8e9e145969a820a4e8 |
| SHA512 | 7ff2901c032607f5fa1f24a48056ae85fe8d67b6c5649233fdad7b66950d359b2fb933344bf1e2fe6255a00c593de7bcf959d201fe8b6ad214249bb31f855a08 |
/data/data/com.xgbuy.xg/databases/ut.db-shm
| MD5 | 4ece9fb87ca2b29896c671814e2f061f |
| SHA1 | d1d704c363807686d50994eb540598a710161e79 |
| SHA256 | 6fabe2a97585c2553ff8a69f30ddbc90dafbb5c3297fa80669223358401a784d |
| SHA512 | 410fc55d3fdbad5000b06b8ce7ba80b1c4b6e96230b41fc73c50b3f694bb59570a6218513c874d5e1bebef37aa5add80cc8fb4f18a82819f3f5a349df384ae94 |
/data/data/com.xgbuy.xg/databases/ut.db-wal
| MD5 | d674ff99b08b2e81a07ea0eca6fb4a0d |
| SHA1 | 4d501bcac5eb26398446e919e0bd625061cf837a |
| SHA256 | 6fb0364d912fc21a9e6af49f987b8fa4e35e3ae30d124ae057b22d085e7c943c |
| SHA512 | 0e325c2d50536f85fe06bdff12d89c1abccdecdb57f4ddaa0844b0dcffe9be3f16508929112bc987a1164d5d840da4037b47c4d1fb10fe90cc77e825a5d6a785 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 10760142380b34e358c396ca8d606a91 |
| SHA1 | b8d7f379c3e25bef6f24636fcb243d3baf2cbe46 |
| SHA256 | 8a25b66e15f4054d677ad667d8eeb4db31ad09188884ae20cff78bfcafdd042b |
| SHA512 | 72105e76a0b2252434453074a966bb0f2ba849399bd9b3093004f3af47663003af614ec87ee3dd6d12cce0de9816bc1504a9859ced15c389c18601c36d66f9c5 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | e1c7d91477100d54422a8403ac9ad252 |
| SHA1 | ea7ebecea392d751549dc24e1072fddc9628515a |
| SHA256 | 0c99536b93477d23e246a0c26924f05139fd38242a5260dc9b484eba6e210328 |
| SHA512 | 0d627882dda0517ecc878070f70489a8be92c36a9a84b6023133a373c07bb9d96bbf0a09b1b930505d124bb73fe609aa5c7c5b715bec646de02f2e9124493288 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 55f02bcf220f65f4cc666506d59b1871 |
| SHA1 | bd2fe62da9584df4ab652ae87b1f8cba2a2b5549 |
| SHA256 | dc588b4d8160a610540bd72cb77a1a92476c2e0fd5fe1082648c020bba7b5358 |
| SHA512 | e1a781ab5f268987bfcd50c7eaee4e3b207996562217f0e9a97aec7c0d4d7649371393fb6069bfc9fe9f707386cf04ccf6de52458b1f4cfc6cbabddd0188c59b |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 734c735ee8ab256452d21e1c70b8ee9a |
| SHA1 | d1b6227f48de09237aa7bf8817e3ce62642cdeaa |
| SHA256 | f419a2d7619d05f6475122fef222e6b1a870f24112eefa75cf5f139fab748d34 |
| SHA512 | abb8361893a38062e7aae836742202df5fc3efeaee24624a2b78d2430d2c4a61ff989c78104df55e10f758bc5fe355247cbc777eb898141e3191b9aeb6688d5f |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | dae90654a18493d1d04f67b55be3a87f |
| SHA1 | 337c661c1b949d8a547683453aa4da110a3be7af |
| SHA256 | 2b59f812f0448cc3e1578fb98bdc8387c1dffde4f1fcaf7a0ccb3577ec0aa201 |
| SHA512 | 01e7c32247be8400095d7207a85e1c139efc5b5cd2e3b9e72160a59dc024997183e6d7c49f0a65e8edf90cf30996fc7f11b69e35760971e595430c301b19a36b |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest96463246857011657883432562051944112086-journal
| MD5 | 8a0f0d0049d3331685954dbd10712db9 |
| SHA1 | 018ec43ed004b6979e753288c967def7d95c3aac |
| SHA256 | 03d526345950c11e8da11ac7eae22b3e37752d00f17fb9e0d38be6d4ea6a057e |
| SHA512 | dac6514ddae11795147b3679a7f82736a09910ac4c9ed977dfb055c2b09054062c835e9842987d7adc48bca9ffcac9ab1ed4f674d0cccabbf4af7bd149209c0f |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest96463246857011657883432562051944112086-shm
| MD5 | b2f027c1d7d919f13789d209d11f0f4f |
| SHA1 | 44c2f1e470cff3660f3102035fe30faa10df1ddd |
| SHA256 | 2eba8a85e37f37491645f8e8e8d04b2b83a45d4c47610985531e99863be1437a |
| SHA512 | 7884e7575de595a6e9920dc59cb8c7ec958e9ebb420b6e4513df56ed12bdefa742cc19828ddd4219661f590494d4d1b9f73d301c2f1ca3f0372e18536dc1d5e8 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest96463246857011657883432562051944112086-wal
| MD5 | 2425281099898635554b2f5297a5489f |
| SHA1 | 0815a4314f4560a880dccde8da9b4083cfea1fcf |
| SHA256 | d4cb241e66ade4b6d519096ed607069a2d53ae522e9f9a3a10a9ed2209acfdc2 |
| SHA512 | d8c0d71781bdcaccdfd4d1aca5bc0212b407232e931cf31b56c6123feb992a7fa5ec0617df3f1a44250f9be512a44935042cfbcd2b889301eef82633c5a70510 |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 00a4e5a3b704d25011bec6740650d940 |
| SHA1 | e51764f6cb21e395d18151c6c4859334d4d5f261 |
| SHA256 | ba53e30d7b3afc9cc0b26f8bcf9aa31a9a947acdd80aedde314e9a65237489a3 |
| SHA512 | b910cdf05252bbb7ebf3569a282ada4cdaba4d60114962126f507c3e3ac8c029e178fa392cbf16237108251577ea85bf22a3ca5818395f2bca69bf6e0729f5be |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 917bb972d9b3f4e6160218482a97cd77 |
| SHA1 | 9da048d740230103b42cbfe08d5bdbd54ec96353 |
| SHA256 | 5ab2574306b3c6aafe7ad41c734d8191fa7cdfe2f37e3a621c0ab41d4f60dea2 |
| SHA512 | 651fa92a3ed9855f9070002e80e745d7d014eb9b68364ff03d7ed7bbaeeb41cd00cff4bba678a33bf240d3327886ac6e0fa61191087c9899fb8b3121f2535c6d |
/data/data/com.xgbuy.xg/databases/Reyun.db-shm
| MD5 | ffc5a1199b2b5d2635397cf853f82d38 |
| SHA1 | 2c5d7f3d4ad63794752f4584bc2cc9cb5889a371 |
| SHA256 | e57874b78b28375c8ddc4c5d91694b993a2896fa15b69e324b32d728106cc393 |
| SHA512 | 5f5ad064111deaee37a7096518552f02e83a5d1ad3fd19ae426b108df85a3c708d51344c75986fef1c0f9f024b6b088883c303f87d4c2d52ea593384ee3d2f72 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 5160787e65221285f12a58ddc6d94e85 |
| SHA1 | 03163a6cd9a432a0f5479db29e710082c496ea81 |
| SHA256 | ac5007b63182ddd10db445b9878f0ba5b0478280d7741617bc525232cff0fa48 |
| SHA512 | ba8ecf7f218d73ff563dcdb365163b3fa6cdcba929219f188ad4c197248a5f0e4f7b27ca475a814240afa870b421a56e13455f240a71e5ecc168c4893fdd7c25 |
/data/user/0/com.xgbuy.xg/app_SGLib/libsgsecuritybody_312768000000.zip
| MD5 | f59597732a9069b73e16c027faf78d05 |
| SHA1 | e3558f4e5041a6c6d4372001bed847f2ef77958c |
| SHA256 | 9e416ffbeda9461f3efca490dfaaee955f68fbc1f3e455f2394bf4c4310b83d6 |
| SHA512 | 7a8dae723cf5fff494cb2fc16a75bf347732ee3da99f1cbda99d8c6d26a47e4a7526c5340fa33bf9ee98463a84c1fe276a3683ca8e7bfbc50206e589a82aa6d2 |
/data/user/0/com.xgbuy.xg/app_SGLib/libsgsecuritybody_312768000000.zip
| MD5 | 3204fcefcc0eefb1fa76bc6f0fda6264 |
| SHA1 | b5a5fa1723ecc6c531d7728163489d72ab20cf6e |
| SHA256 | 15da7c769b4a6b8c48e85a27c3e052d6b2c88c53e4098ff4713f5afbc591102c |
| SHA512 | a7ae4bcc5dec798d8b6934a361068698bba74aaae0e4443b73ed31f9696ca6f1953349e385172a5630f587ed64a17801ed3e1651c3a20d7b20ff3b6b33711a2b |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | c708c6864fb3804d26c8a6d354ac42b4 |
| SHA1 | 8ffd883f3ab6422dcf64fc7d5de4472da71d292d |
| SHA256 | 758fa6324c4e4ec55259e739aa466e7a1752effe513f53538c8cc3e11b334995 |
| SHA512 | 265023074716e3e0b696ff1af00aa942da1c2c9d3cbf9a9496db85ab6ca3281cf946202d5ec311676b1e314080e01220eb849a279ddac72bf996eb879aeb27ac |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | f0ac998c816f46efc7143f848ea194f4 |
| SHA1 | ce2ec0e57b1f2f560b751727d0cc5062c3c8d07b |
| SHA256 | a5e8f28f87bf52aad5c4d6bcd897f59c85f1c3e9b4ba8b7271045b2cf8ef9ac1 |
| SHA512 | 38e515a56dd0fd36019eb7975e30eeb75b42b53be53c09b101368174366ed35e33d8e91d6428b957fd6a3bbcc5a66665f87e1a4746dc196d0e1d3a3c72ad97af |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | eab1f3700a2283adc279fd3f3dfc96b6 |
| SHA1 | f9375d4531d1015df291480fce3483ef9dda2f8b |
| SHA256 | a820b135ad79d944e4082ea8ecac70fb4cd18b4c867f75233fbd131b8dda7d58 |
| SHA512 | 903e556d38279941a3a731644fc692b979e78f9f9c9d32b2d21c4f04ba026dc978492d36a6bd0cf4f7317970c599a1bbc685a3bf36940b704f30744c2da971d6 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | b9815df6a18e33359263e036f8b33263 |
| SHA1 | 751e0ee522d865a3bacfbbd28eba0bd02c2a7b98 |
| SHA256 | e62834424b0488b4323bb7bb95f3ce313a8c0ba02ec70058b6f6ca0eb83693cf |
| SHA512 | c84dc72bdb45e55eebcdab9b6dd0d363bde3f7f8f23f0d87d55c55d7008d715b35626f31cbb3dc6decc25265b3664f76f20a821e346173f5305911f57a0c27b6 |
/data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.6.1_1718658521702_envelope.log
| MD5 | 12bb78e5ded529c723943128d0a58a76 |
| SHA1 | d814e1f52225facc1c23e78c65311f9661e2f784 |
| SHA256 | 5e9a8b959264794f8e928c1e43219aa27b57feb2208e7000b94a4e768efa3ebf |
| SHA512 | 47cc2817381dcfe7068d7409a6e96abadc2180ec59ef73741ef13c54ffd3002abca24f5626ad7dd3092e26b275f2217ea3ad1e661583565cb6a864a327b6f20c |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 1b040cf6a1a0e28ae54e8eef3085d972 |
| SHA1 | 71bdce72ef1a3d4987c47774ff40d803e4382aeb |
| SHA256 | aca29d1cfd91bb39dac87c73b56ef2e7e7f1bd5699dba7e7b970e390e08b778b |
| SHA512 | 5dace1cd40198e8c49fecd55bec68de9a40f65a9c9cf0ba6a5bc976b8a91dd0cb7a5da72536ce2c040e3cec85569a2c9abc4b152a43ec565a71febc951a1319c |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | a0a89c4caa628c0351444ba368b3e6e4 |
| SHA1 | f6af27b5c7583d9ac11c56395a1ab6a8012840f0 |
| SHA256 | c627938baa4b5cb1bf7372fe32aa0580d716c85c950fe9e017beacca82a9ec1c |
| SHA512 | 1790f64063523855fa058f264654d2dcf69527ddbe7d8aa01b3ece37233e3ca18a37e690d3acfa88eff4b90db3d0abe8b16d8b947df6dd82bf063fff2f8e76cc |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | e05dee1a8a8a1f2cf210f8c24c30ad70 |
| SHA1 | cc38278881bfda66fc42603bbf21f43275fbc3b5 |
| SHA256 | b98270e522d938ccddd374c2b5233e21ce4421aca61bb3c49606c40eebfae227 |
| SHA512 | 9567ecdb4009c67c147a426b74ce877e9045231d731d1f71c7225c0dd24d9445e46972cf671e757e3510b651a2a3bfc8d67b1fa6d00ec4d23b1852d210d0b2a7 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 0c0dd85e2622bb736a200f3e079e90ef |
| SHA1 | e52b5e9b7e7fad35ecc3b4bce3754c23e0350ac1 |
| SHA256 | 3d9a72c1da86053d2526829e5546b9673a138cec42e9e47c35040c22df711c93 |
| SHA512 | 2ff97a5034e7339b598eaf25cc9d536eeba5ee0a5f02542e21b5730a03cdd58f2b7dc47f03ea52e4842c943a8ebd471eece00e1b30408fe36f579927895970d1 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | f445a7e15ed2897545b95239a9c7a650 |
| SHA1 | 074d71899c704688cbf08f77e1a94745bf9a16d8 |
| SHA256 | eff7cd7ea1a09b2df38a0b69771c63c06c107bbd1b8905784181cae9007b451f |
| SHA512 | 7da4419b2126233de77da533897c81866e0b9e2e784d3a8d8ebe14c8182f64f4e15f1e8ffaedf6693e7e445abdd1ac672bb3aa74941fa898b7fe094a28a38f84 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 7787492a91f7d5f01a97147ea9d1f1c6 |
| SHA1 | edb73fd4d6f8cbef7d47cd68c40316c750677e1f |
| SHA256 | 9d81e87112a2567730035c38383734ec42edfe658f28a240632600d89da64836 |
| SHA512 | a6cd3456cdd14aebc86265ae08d9f679be278f92822fd93a2119ece60cf79ff6d6c4ae77e6172201552db85f16a7c662ffd01b6302300e8320aea814280317dc |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | a546b89f84036a22068d56d5bacce3d2 |
| SHA1 | fa04b6cb0b5f79a2b088d8e9e07c815b64d34388 |
| SHA256 | 1c906ff82d8a04c9c1ffad521d4675e5b5cbba00f2b242054e949ed8f48c1ec3 |
| SHA512 | 4341df517d84771ce07adcea9e43140182df2367d5d21f9be9e89058a3ffc381c50ca7b85529cda9e5252c4e0b0df4b786d097d85c1ef06fb4eb636cad94f6be |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d03ee0d2b7e0140579f7f0229afed8a1 |
| SHA1 | dbe94c084179c12627529f2f3004d957de19a92e |
| SHA256 | 68234c5b6acf436a6c0d85b3562bc0357fbc48e8f01eda290727d7010f828900 |
| SHA512 | 809719c5bb036969687d8cc9d6c1764e87b1530c2f621ca95f4a85f06c595f7d11a631b8e97e77a8cceaacbf5744fd3a63ee591ac7792e08209a319281d895c1 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | eada231bbfba9dfd4b5b99c33c513686 |
| SHA1 | a8d6a94b253ca9487a6716c54c7d794c07171282 |
| SHA256 | 647cd233bfa08eb59d819c26dcf409e0265f3c9889d8d24c6ebf0ff882661ab3 |
| SHA512 | 6b529c955b0e47c3052c9866adae886568e6a740c8de9f2478bf276919f5efa7138080aca4f042403c99248c51787b6b6cb5424c8a872d6630e013496ad2a2ea |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | dfcd85f5cc24ce1a8fe20e0469b65ed3 |
| SHA1 | 199807a153583bbfb9755e43af1c3b26d9c434f5 |
| SHA256 | f3990810d29bfa81f67c0596086063e09e05dcd064af249f2db3bb17205dfceb |
| SHA512 | b09805238481afcb6e42d5d10cde50d7a6cfd01053294967ce545251c5f5f66acfc1bf799c31a187217600296d1bb2a05e1759090b1601ac51ac9f8100bb4bdf |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 0351209423a1087a1f01c8a843c0d132 |
| SHA1 | 82a52aa20aac6dc0909fea7bb71686dafebc5abb |
| SHA256 | 5955b3220c7f1cdf4439dde0026606c425d729a404c3345a4387d253c1fbc907 |
| SHA512 | 1679114f61421b586e170f129c455e578fe4013177a9bf9252ff0a2e60f42a5b7383cff89dac239843203de41328bf605e5a8898a8db37a60e0a1d690199abe3 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 23bf721f9a793b966069fe32acfd35f3 |
| SHA1 | 1d5fbdd7df574359fa2e7e028d515833f2e086a7 |
| SHA256 | ef0c93269b6f7317543dacd8ce2b7e4c87ee6428dc992c0ccaf432c9b90ec27b |
| SHA512 | 8f15c4de7d1ebce11e10254824b38df5d7a93be17b997f6795881c6d971378af1b68db105d0b7bd22c91683a7c4d3d2279b35a939d69f2a7b98086c9bf446e6d |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | afd531937c596a1579d6f6ba59ba178a |
| SHA1 | 1ec6f166988b31663538e3858a50539e164563d0 |
| SHA256 | 1131c15e29d417c1011cb877a34e53fbe8341dbc8d2cfd4c97481def2094f8ce |
| SHA512 | b9acd702b2539cad385bccba15162ad33444de97d295106031269956f4cf5579cf2eb0009b544d7ce61fe93841053196da32aeb26eeb4f609062e9ac07c9e6d5 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db
| MD5 | b0b254e10c81a34773a77b440fb3d1e4 |
| SHA1 | c68f72390b63e4834341e647833cf15ed20b1079 |
| SHA256 | bb16e927536ab45b8bb45bb7c6466dfceba8975d5f0bef721b2492425706d557 |
| SHA512 | 264bc29d4cb8477e08be75e417bc15982efa54440cd13638455592d0ea5c7e16844e650b80e51f82af382af90f7b04c86d2c02f357a05be08a4f6be603d28a73 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-shm
| MD5 | 5125e5fdcdad1af6897c3469703d0c8e |
| SHA1 | 8034ab0e680f71326e4ec10010f74fc5be3668e1 |
| SHA256 | 21603b7c5671116a24ee88536ea37f347319ec779b339f563033f5f080e8a15c |
| SHA512 | 65b55c4acea3f3a49daf13be8c6ecb4a394c3a8377cb2e8133fc68b44675429398b9ef5b2e05698cba53be735a29b7e84a4b579626dff703d5790947383da281 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 4dbf197286ced91907f954e8dfd544a1 |
| SHA1 | 36447de4281295e1c2f5be645e19be0b0a13dc64 |
| SHA256 | 50552408c0c7dda21878f369c4553d14d2d27c5faf07aff83876bd8ba9b40f05 |
| SHA512 | e4c343d0cc17302ba3b5dc52e8a4df7437ca42d38228ef91ce3c46d0aca3a7f292fc355060cfd270c92d793dbb15f62d458fc225e3b4a7af20aed2704e966769 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 7fb6182ee6117d72313d762c6510fce6 |
| SHA1 | 57922182b76fc89601bf810814e94ebada555fc6 |
| SHA256 | dae56725618ba6ee545b5e4a4ab45ecdb0da85539097b7c38c22acc11398f9ea |
| SHA512 | 5f1e4e3f8d49106a72fffe9847b1a978a51682822718218d58609a3bdb4da6c32c43d4a5665b111d6c010effb358612cc9fdb8c11cc2cbe34f00785a89de795e |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 3f1e2b9007747da233db0614348980f8 |
| SHA1 | 6058e28de1c0b30fb9b7562d9f694666d8921852 |
| SHA256 | 154235461d61166b14731080be6dce3dd1d580d7288985b9879d235fe51d0052 |
| SHA512 | 31a59989604a905614fb24f4625f831c118990170c9d2730de1539cfc00d8377cf06e7a7a7eaf9c6af5f302b4b59e88249ab5f3b232e23aa0a8f4d7372a64e6c |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | b39b1b091717f4d9dc7d26710878a05c |
| SHA1 | 041579b80bce6819fef74a950fc5e7bae753e043 |
| SHA256 | 0be24e57360fecedd2aba033e6311cb6cb966ba84fce8e38f4f7823daeb69052 |
| SHA512 | 161209b63a00d718ccf6c24988a3570074d7e8646ccc95e3ec00d559cee8918e608c8bee4fa6b432560996f81d7130fc4684e721ed2bf0c10aad9de2c9b58c79 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | b21b1a6899ead826192c6a10d3c40d06 |
| SHA1 | 9b9222795e84cfbb677bec56dd598ebdd8cb1fa3 |
| SHA256 | 80736cc12e394c1c96cab0622ad46e34182571b587ee087a3dc1b405f2e950b4 |
| SHA512 | 64375bbd4dabf2fc0a9372a4685fa2a8e54ebd0ac54e5b1307084b4307f215b34301a23e3f9743e572263a16021f345069f639e1762360a09823d58812a76b40 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | dc4495afcf4ae7c2aac50f0e37f13f4c |
| SHA1 | 5f8ca90541cb45298578dd988a241735acf2697b |
| SHA256 | 35fc72b1c07ca099ee6710944602fcd46c2bb973d4b9d3cabb371ca1604c448a |
| SHA512 | 6202b9e22e0caea1ebe44fcfef588e88b105e3f254e560beffa749a5bbf886cc25232f105708e2bbad511025d0930a35433a30723717eea2ba1e686c2096ad78 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 9ae7c68494e5b439123e21e63f8f7404 |
| SHA1 | 3c523d115bd94e789b3e93567dc90d4cef35ecb4 |
| SHA256 | f94aa049fdc81dd11d1acc0f3fc94988b4d26ad8440a7441e69ebca357f4dea1 |
| SHA512 | 70d71a6be90809e2371a734730a302dc248de866caff42e25b8f6075506487e2c3c6b22c821f06343191b1488d631aad193d001256bdf0b29fb7256a9fd20fb8 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 0653822444a6768cbf2ed9c076287f9a |
| SHA1 | 75d3f755035e473fcb2fa84abf3f8eed35d38a87 |
| SHA256 | 95fb56667b637cc371145d327c812b5b46c50117f9f44e653e3662aebd9318eb |
| SHA512 | f07aee6b4b5b0f43308f39f92a754d68c84e5a7ae380388423cb1ca34a0f4cfa1020364be48a4379fd5d03598172aa114523855929d4c7120010269d853d7187 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NjU4NTQ4OTk0
| MD5 | 66786b62260dbea41ed0b2df121a8a7d |
| SHA1 | b36141f38554ec1cd967eabb3474afa800a03d94 |
| SHA256 | da1a1d61edff723ade787f9a9f532d4ec5038362b5fbb5cac59dca4818c76f48 |
| SHA512 | 6c0e257aa7cec3f1ba417011215e79dcf51347aea678078bab955d24ccdbf4d47fb7a8c84d7e0630b1b5d1237441345d510a337618cd0eb77fd59dca1f527c47 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-17 21:08
Reported
2024-06-17 21:08
Platform
android-33-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.68:443 | udp | |
| GB | 172.217.169.68:443 | tcp | |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |