Analysis

  • max time kernel
    171s
  • max time network
    181s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    18-06-2024 10:43

General

  • Target

    bb820c404720d5cb2ccf9fe234986e11_JaffaCakes118.apk

  • Size

    17.9MB

  • MD5

    bb820c404720d5cb2ccf9fe234986e11

  • SHA1

    ea4dbc79a93bac37deb13606688da7798350138a

  • SHA256

    7c8e574ec7e510fca6280d3c42ec758c873dd63d83653eada229ded09fa8f1d0

  • SHA512

    7942c685b4526a1624a368beb8ec9e6955bf232fc29c9a3351cfdc180443bb285774a1ca749c6bb58e667ed52edda0853cc775b75c1ed0064724f5635e628bbd

  • SSDEEP

    393216:Z6jAdZ5D9opbZBIPerHcV+r2tF9YC307gf/dgXRJX94I:Z6jAdXDAZBIPeryF9/Ec2XzXKI

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
  • Checks Qemu related system properties. 1 TTPs 7 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 1 TTPs 11 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 2 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4231
    • chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
      2⤵
        PID:4258
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4318
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
        2⤵
          PID:4641
        • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
          2⤵
            PID:4666
          • sh -c ps
            2⤵
              PID:4722
            • ps
              2⤵
                PID:4722
              • ps daemonsu
                2⤵
                  PID:4749
                • ps | grep su
                  2⤵
                    PID:4773
                • com.xgbuy.xg:pushcore
                  1⤵
                  • Loads dropped Dex/Jar
                  • Queries information about running processes on the device
                  • Queries information about active data network
                  • Registers a broadcast receiver at runtime (usually for listening for system events)
                  • Uses Crypto APIs (Might try to encrypt user data)
                  PID:4365

                Network

                MITRE ATT&CK Mobile v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  8.0MB

                  MD5

                  5e99738dac60d8528303c05236b49521

                  SHA1

                  09defe8e673554d1fbfb6818d7f6b06926ef21e3

                  SHA256

                  e4d0cea4069552ea69782c90b6d51278d0f422dfe2052e7f78c992e07186b109

                  SHA512

                  7291923d241870717b7ea2d2f8672dc37248b3bb8070056ad923465e55e347a3da20620e79edc8ce0939083e2d3efb3d574ab9cdf4ef88364d1164dfbb49f49a

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex

                  Filesize

                  6.5MB

                  MD5

                  343543170cadbcad918429d62ea0b7a2

                  SHA1

                  9a55aefb843427a4fa43fb62e9fff30ee674b04b

                  SHA256

                  d2c01fef1bee484e1ee39420ba919522325c02eb4809c799fbc2b3262f2c447a

                  SHA512

                  d07071e13fcc2c80e2ae4bca90e9b4b23ff7a212353050ea600b3bccfa6f1ed93584d6c5ef84addb07fa418214a1b7431c8fd037edf3c7de44391ad8bffc04bb

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex

                  Filesize

                  6.5MB

                  MD5

                  09623bd5b2ce2e506e8dffcb2cbc3e8c

                  SHA1

                  e49e1b0d7af536becc5e4701b663ca1923b09c80

                  SHA256

                  e671a6a2653b372037b959916daf955753b4cef04d60fca7a2728c60cc5656a1

                  SHA512

                  c5ffb5d4b6e41531768e4635626b1ff26d8b676166d5eba1baf195d92cdad8c0ab4ccae5236897e9eaeaeb2e2cf2116d3a62790ebdbff45ede9e201139c70450

                • /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex

                  Filesize

                  2.0MB

                  MD5

                  668702b0562aaaae77078af0889b6745

                  SHA1

                  eb46db301936ec7c0433aec9512786468d593988

                  SHA256

                  744961b59ffd06c0769febccd0c634a0bbc36a16c8ad8715d177b4a737fa3123

                  SHA512

                  00d36a6f14c526c5524ff1cf13eb46364397b464def62f99df58716f49b4b80e448cc3c16b056a1d4f3c2cd888dd1b31636cd56e86adad286643dafa3526df62

                • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

                  Filesize

                  455KB

                  MD5

                  e5a53000766ebc433b27d6a66ec4f555

                  SHA1

                  2c8f53f1c03aec2005bcad67d731f07261dabde0

                  SHA256

                  78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

                  SHA512

                  370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

                • /data/data/com.xgbuy.xg/.jiagu/tmp.dex

                  Filesize

                  284B

                  MD5

                  f1771b68f5f9b168b79ff59ae2daabe4

                  SHA1

                  0df6a835559f5c99670214a12700e7d8c28e5a42

                  SHA256

                  9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

                  SHA512

                  dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e84cbdaad0bea86b8f06f31ce85248e6e03a01185b91fcadc419580375fa75c2.0.tmp

                  Filesize

                  106KB

                  MD5

                  66c0c680753df4ee0641951b8cb1d613

                  SHA1

                  9573fb478fdd97f871e9019c3b88f27adb879a29

                  SHA256

                  97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b

                  SHA512

                  0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal

                  Filesize

                  180B

                  MD5

                  7a0abe94eb8764a5e5ca9d60922b7518

                  SHA1

                  be5eeab0e80f1fdbdd1e8c02800f7a9e5bf62716

                  SHA256

                  0865e7d19478dcf5ed9299774f3478f45d9143650290881de844ecc4b8716a08

                  SHA512

                  34d420cfe7ce35d403a8dd78642938113509facc926f7fb54d9473d74099b70d2e5a6682c5b6ef4e2ab4261fd9e5eb0eaab682f45a8dfaa54b320a7c4b6a5b48

                • /data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp

                  Filesize

                  31B

                  MD5

                  8c92de9ce46d41a22f3b20f77404cc1d

                  SHA1

                  8671a6dca00edb72be47363a7071be65cf270373

                  SHA256

                  68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

                  SHA512

                  30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  402632a1a1e5cd6ced8039ce79da3c69

                  SHA1

                  0c4b7d8dbbba250f89c647d4bde424d84e01e97a

                  SHA256

                  310f8eeda427aafad423dc2d68779e5232acd8d3341b23b8b455cb663d235d22

                  SHA512

                  1f0aa33409a1a7843e603cfdd5b5bfe6e94a7f08f9afc12f3517190cbfe2e953650523d0cc1f1c9cc1445418ac298b6c70e2a48c2aad63049cdcb68638b4b683

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  68e8d11752a8d4777774342ffcb14489

                  SHA1

                  01176a76782a20cd6fc6db64fe98def87f71572b

                  SHA256

                  4db243ddecebd7cc4315c83d1a07e44cc8d4d1295f65b9bfc198b9e567ccd45d

                  SHA512

                  787d4d886a4ba3b37d631844f2de8a5422710fe85f3cb08fb2c54f1b53824dc41e476456a311dbdcf65edb1c97bdfdc915cfd72f29b103bc5582843e31a82d59

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  eea9ee50b0b73f831b01639234d27dcd

                  SHA1

                  9af14562bdfc99803aa6da740f86695f45022453

                  SHA256

                  c9cf42fd7050797a21ccce748f502f64584612d0b05ff1b39dc4d8b06ec44f3f

                  SHA512

                  d8f58c9f3307b028d968a6b1fc052c55caef75ded7ddda0f03c04c9a780cd037b59483a7ecdb4e4d9c7c1fac2140eb98209eb54a4d0a7a7b0d698ca675374337

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  3be2427fbfe42a8725fd8cfb97043e3a

                  SHA1

                  930d980756089d623ef3bb480526d2e62fe2ad55

                  SHA256

                  e69f72d2c1204d483b682856f516525bb140a729f97d828d43f4950fe1120cf0

                  SHA512

                  2b04844be1005f925db9b5d0d82b299a912143dff6ccfb4f8b7657314f36d6d7f2821101bcf9fa10608a018f94874a55c11914c1f2742ac2ecfce2de4b6c165f

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  20KB

                  MD5

                  183c318f0707455a1f47530c4380228d

                  SHA1

                  c6f2a62f411ed6b7f1dc5d9b4ea0d2cf20333fa3

                  SHA256

                  0fbf958a6c505022fdc05088ab1b5e0b05fbc3b6064a38f29df9732ae6ec9124

                  SHA512

                  a61c7667de4b8ca409abf13004e693351475c7535e17675a28277688c1035ca43b7df4cddcdec4a96b1a8fa5e1fc81945b92ad6c7d4b5a412a53759fb5c48d3e

                • /data/data/com.xgbuy.xg/databases/Reyun.db

                  Filesize

                  28KB

                  MD5

                  3e063cea61595b306f08ae47a995269b

                  SHA1

                  d22a319b401425ceeaf0de0086d378cd7a9715ee

                  SHA256

                  a5efeccc45730c54e2bc57183ea4623ea8e77f9d14b221f71ed42669859505da

                  SHA512

                  0f3133e77d6cc3dfb3ea57eb4dca0ab6de1a56d3866ed3cb5c4d9675fd58e83aa98424755bef3d36d132484387ef536100d91035b57d755c6822229150411c7e

                • /data/data/com.xgbuy.xg/databases/Reyun.db-journal

                  Filesize

                  512B

                  MD5

                  988cc7e649eadadf9d91d12691dbfe32

                  SHA1

                  de503ef42e97cf412d3409a816b3c7538b2fcf8a

                  SHA256

                  89f42568bc57b45cea35ed65f60dc2da32e3a1a43d4cd28d10efc74bcc2a30c1

                  SHA512

                  a079f47dd0aed7cef4ad16b0f9354ee8b386681f6cf68c130553534156bc28ec70b371c845c7b365a79863ed2a0615d5f642264065727c124e286537e930d973

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  44KB

                  MD5

                  c2552c4b843c201e1ed1c14a33413259

                  SHA1

                  4d278f92e78ec6f7055e6094fb5d087e79f2a7d3

                  SHA256

                  e1076a92d39a8352543f07d0e2ad3c07fd3c50e83af30bd236ec37d1d3c4d49e

                  SHA512

                  b16ee839505ca154f14182f5e549792e27a0004e19ddcf1a2d721fd45b5a058d7fde5f3523ddb7583ea59dd37d9f14dc3b1bf435983a7a694ca88cde381f4a3f

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  336cc78025e9749af1868d05eb73f288

                  SHA1

                  5e118def2fb3e9b6310272a532d89349cd427252

                  SHA256

                  b12ea5f2f65e54376bf791fae996fe03495a6583ba4b66fd14e8e602e5eb6051

                  SHA512

                  768835201f499c7fd6db42234d1278ee8d16c91aea35c308c9ccbcaabaf76aa8021122e85159d6ee7c70501762c5fe485a1e0073f6815625ecf31e961addca0a

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  086ade14fdf69285438a7939154d00bb

                  SHA1

                  030bda1066727f5f918ede3cd6ec858c82cfb56e

                  SHA256

                  6040b2dd13a35b2771ee249b1fffddf7af6cc0da41f2ddea11e5dcb412d23157

                  SHA512

                  c568865fb63643af29a7628792e18d90b0ba1e8474fd41633d65eb0852f8f15f124c7aae11df7004abe72cd85c97b55f589a4710fcb942c6c7f877975338ee8a

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  3d5cccf30a222999c3b6197a498ae469

                  SHA1

                  f9082fb624a9e85fd73eaa10031ec30bc408f2ac

                  SHA256

                  768d152a9c3fde60d7c6c8723324fecb92c26a71b24d8c5cda2a30e609188d23

                  SHA512

                  7f3f32c89d907727c18e3e7b39f13aae9f4ae6ca49485c8df57d9f1f556168c49e1d26f4342ede96bce78a9deccc52aa613322da23478b9e686dc05477620a2e

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  8KB

                  MD5

                  fbdcbeb2c5ad7c33ba094f13e3121f29

                  SHA1

                  4bc8e1806df3a3295971e56e23ae1e27e35d8792

                  SHA256

                  c0373ab50773bbebec78296409f77f6976e5ad9e192ee94f6d16eb1acdb9d5c3

                  SHA512

                  3c55bc4a86dbd9eadb32d2fe400fa0105f97c869b0c04ef7e6ced764c557c63b9078047c31e91d2a335b8eb3f51976c06ae1a08eaf569f6fe25edab681449b39

                • /data/data/com.xgbuy.xg/databases/Reyun.db-wal

                  Filesize

                  24KB

                  MD5

                  c2cdb502afebaa7c5d59ac195d4e1b00

                  SHA1

                  b775a6955d447c0c1fb0644d15299140a07dad4e

                  SHA256

                  61cfb49e62bdbdfbf4846df1bde99b15f48bfab579ce1a09e30c8ce99059e930

                  SHA512

                  581ebef28c21512d2f33cc5011f0ccfb86e80528a889d67623dae050e37b4d388a0216039cac66b0a64b20e85adc228122adafb458b2b2b12bf84e7397391d94

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal

                  Filesize

                  512B

                  MD5

                  604e509132d5bffc2c551db39732ba64

                  SHA1

                  9cf80f9556c77b055a56399828769d71380ecb29

                  SHA256

                  9c811be932b18064c048e0390a7b1bc9aa21989a223bc54a78004bf42884fb50

                  SHA512

                  b124cb8e64016fa9e123bb8197404b05440614865df1a251b13ee4565048c778b6791bd45c96086945593f4b3226727c7fcfbbd12320f950e6b249e9f121ac55

                • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal

                  Filesize

                  140KB

                  MD5

                  9f7ffc652cd7e38e94d039dd3a048480

                  SHA1

                  2f940789e40211662058de364cdbac254a867bc6

                  SHA256

                  ca91e7341598c398aab74eb8de64778e6fcad929a441e519bcdf3e2ff0562355

                  SHA512

                  5b80f6714522628e852ca30b745e18f4fe96546842f8a750a78116b9eddd306c14b0daa12b248fadada008c12015d16e8c570e384b3caa294dc06588db911638

                • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest62976665737367198995336569022442421051-journal

                  Filesize

                  512B

                  MD5

                  04cceb2250b8805963317c3bcb60ff83

                  SHA1

                  7a83968f62ee4506ba43b41b712e2045a866c99a

                  SHA256

                  648f90239be153bfe4018d82f66272c9b4cc7fdb7a0d791356493b6dd61380ed

                  SHA512

                  2da9f8bf19c64dfeabe6ed93832fa4e2930a1f1f935d0fb80c57ffd522ca52ff2e93774f6765eb2f13732baf6f5bce512efd5e36d68a5b9f359378290dba48d5

                • /data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest62976665737367198995336569022442421051-wal

                  Filesize

                  48KB

                  MD5

                  e648be4b245271e32582334f375102c5

                  SHA1

                  ee14a8d8bab78a9a7d196835f2a943e07e7bc71b

                  SHA256

                  bd357c2a15d32b5245d74381192cd7658b65ba342b2d6d51a865c5eb1e97ab2b

                  SHA512

                  a70c315a5763fcf5db9db696d04db29760ee768f2a730a07de1a04ac8ba5d9eb85df768374e0edca273c6cb8191e55a19a590e1924fae4efc746cb6dee4c605e

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  36KB

                  MD5

                  0adda9c85a5e4808f5b1b74c0a8591a5

                  SHA1

                  5048107883ab1e345af9cf2e6849ce46e0e612bf

                  SHA256

                  1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

                  SHA512

                  646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  24KB

                  MD5

                  cc448e670f2882f0c683cf38950e2056

                  SHA1

                  09254873b8a63fc832f61fdde9cdde780694b365

                  SHA256

                  b759ea032ea0eb60de0c9f9c0276ff4c175a61a36c5ab168a4ecca2b07586b89

                  SHA512

                  cc90f344c4c5f88fe7e281e7e849f67df36ee730c3963c6fcf24df0987220875ecbebad2600028cdafd259a9580882b1b621caa0600d865af1cdce3486bbe445

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  71781d047c08e0703f76d2347611d69c

                  SHA1

                  4bdeba715a97146a9fc2a7e9054a907925203738

                  SHA256

                  fe0180018ad3961b37902917c522d9e10fc0e1c6ade33111393c1387c30fcb82

                  SHA512

                  55ca1643bd7364d912de27fca74c5ef5ff9279179aeb82ab33e63f6c1e0aa420436101c3b7a20621b6b041b2d86160d2d358fc18dff391249183078579ba975f

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  d6c20ffa1b18d11675e99e9efc54e6c6

                  SHA1

                  5baca14e5083aeb2c1e791dc3f0a93903fa17daa

                  SHA256

                  7bfd7302f929005ad44f7ec72b8aa8bb84a56b03e898f3cda40c4a45d0a7744e

                  SHA512

                  63b3c21aa522742694cca7581e622f2d1d6b9d1432431a9626e62addc7bb3c867375820e06eedbbe3ab40837a53d23220f594b5ef1b3376c970c1813d86cb7b5

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  5a2e0f5b9647a77bef2a5657ca045a99

                  SHA1

                  6784e20509874c988d9bbf6c086f1a31a7a5082b

                  SHA256

                  7316d6e881d81e04c3e19d5b076f572455309fe6639c8b92d82c5b93f7b9e19e

                  SHA512

                  3fc7f6dbee0ae1fd165a46aaf9687c1464ea630cf1c6d3ae23c76aca9fbe986a9fb4bb67c15f5d4b5713683b96a1f76a761f7610db50a0adff788351d0b4e627

                • /data/data/com.xgbuy.xg/databases/ua.db

                  Filesize

                  16KB

                  MD5

                  6ac63b3bcb5591297d142063eb903fd0

                  SHA1

                  6b3a9a4d1bc2caafc4222a1fbff9d15b7db89624

                  SHA256

                  2f3ccd1bbd478dce0c52d60dcb0a72eb6530c91e2f4b842ec714ee4c1365cc83

                  SHA512

                  87ddc46ccc80b7f36ac2a1d384d07d39f455e1d42dd49e0ab3a40eced072ae22bd71aabac5dd0df5f76a73e0c6820d36f7b2383f5ec6ecccc4dd288211b1644a

                • /data/data/com.xgbuy.xg/databases/ua.db-journal

                  Filesize

                  512B

                  MD5

                  3729cde23ed0d2aa85253b98ef700a6f

                  SHA1

                  6554e761176a6cf85076d6fe861a0b1a17cdf6a4

                  SHA256

                  eb1bc7b8bba15e8d934fc2133c8fca33cb3697d3ce5682af6b79805e6eec3620

                  SHA512

                  e3d6898091719fde8625c5644fe81f0e9ecc955a8e7749bbd5c01b32b1dd855831a05add856da0c20d06d8188d2649272b65ddcace0dd44c349dfd15e41d9b70

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  48KB

                  MD5

                  cba40c85c32e42fbc96f358cb90f36ca

                  SHA1

                  0063f44e918e25579172aa4e2863cf3fd279c119

                  SHA256

                  e84ee7d190e6ad9ffebb97a5f291de67cda90b4a1ec9c984e9a72d22162bd91a

                  SHA512

                  f7c160f58a06dcb04305765e57668048e64bf136ae7cd30202c7f50ece06c8d930a3402943542c6313d56af76b37965568cfea1186557bbd9f1365f5019b8a21

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  12KB

                  MD5

                  7910b764100f2c4853bde1940592e677

                  SHA1

                  50b55f1d95f954b2aee38a80c1d85d917cda8eff

                  SHA256

                  d14dbc3f1623f4f968a8f320b0e9a0d4e3a1e9722c6b5579fef1c55c7484531a

                  SHA512

                  5cc21191d7b600360dd6f77d35feaf66b86231d4c21a3cfd6d61c2525702bb05e9189e67de4001d794fdec7182841a19cf14526c7f3d5e1888169384162e057d

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  7a163b3006b7309bf922540b35cce198

                  SHA1

                  24a57de58919d4e9c3a796bc26cbcc448935cf0f

                  SHA256

                  c5273acfc5eabf74f2a42d339d22f39652d7befa56a981dfe8802edf0ab99eaf

                  SHA512

                  3ea6b9dabaadef3751bdc6b20cd43f9feefd9a7d922d1f302f78cb1d625c05843014d3646c81100ae5c92622b17a0d0d779d223cce90bafbf68fd5e2d9046109

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  39191273911afb45f18ab6e70c86db5f

                  SHA1

                  c6a04bf5982085142fe42e662c60f9386fc075d5

                  SHA256

                  eff9a8fcd47ca7c411880f67225d49418609a8b2b20ecd8d18418862df9df5b2

                  SHA512

                  73599d56221bc73303aa0170d892c0717b5fb9cf84c8c4caf44c2dd2c982c1f03a0f0faa76fe5bcc39bd79cd6341f67ee0b666f3da6c052555523f953e5fcbf2

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  fad82fc6810dced200393c2ea2d3f15d

                  SHA1

                  9390989a1ff494bc7d432111d1f4921938f322fc

                  SHA256

                  e38d99924564d282c15251b3c0ab3ce356167bb24890e0823297f6a81a34f3d2

                  SHA512

                  ea39e2029d8f9277eaa74129143aaf488a14f1b598030dc4086afa2c6f5014f2a0d2982c2f354d50ec1d8e0bab92f82ebf3215c2d3a8a4cfd9f934ae5ce5a796

                • /data/data/com.xgbuy.xg/databases/ua.db-wal

                  Filesize

                  4KB

                  MD5

                  a61fbdcc87aeebeb70d26e3f161761e5

                  SHA1

                  958919423db9adea36f5d32e459d9186c9bf91d5

                  SHA256

                  8f180d8a997221e4e258ccf8a6de153ca507afb7b9e28c54d5c15db1b602b268

                  SHA512

                  bb4aba157f12d3fe32aef92aa2e91e4c461beb2a60b5f02bf7b96dbd9203c2fac9c49bff937cd440b8658d60e9011aec9ca8cafc1091a6438b321020d34fde6b

                • /data/data/com.xgbuy.xg/databases/xinggou

                  Filesize

                  4KB

                  MD5

                  f2b4b0190b9f384ca885f0c8c9b14700

                  SHA1

                  934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                  SHA256

                  0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                  SHA512

                  ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                • /data/data/com.xgbuy.xg/databases/xinggou-journal

                  Filesize

                  512B

                  MD5

                  fe245bb341bbe1c634ce3f0cbe95c994

                  SHA1

                  4aa31eaf0fa3c0e59ea53504c8be486bfd96655a

                  SHA256

                  817cb27b2dad1ffd7654792dc5af171781a4bd17dc197761fab24983cd67cab4

                  SHA512

                  f31ca9e0c79c2d8511e8a37f564aa83545007b28d04842cc33e4b6db85d8ebcf1e1b7926cd4d88efb2c8f2b197ee6396f2767a0f8b0876ec3fb82846760606b6

                • /data/data/com.xgbuy.xg/databases/xinggou-shm

                  Filesize

                  32KB

                  MD5

                  bb7df04e1b0a2570657527a7e108ae23

                  SHA1

                  5188431849b4613152fd7bdba6a3ff0a4fd6424b

                  SHA256

                  c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                  SHA512

                  768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

                • /data/data/com.xgbuy.xg/databases/xinggou-wal

                  Filesize

                  120KB

                  MD5

                  19e122be333746be3f577cb31e35894e

                  SHA1

                  74f96078274f554b5b5a784c19ef9014615fd642

                  SHA256

                  215995df0f84237cf68b1f6870b02499330af54152f0891d2d3c67ec8881177e

                  SHA512

                  14ddccceed14d7de701dab89e3cbe05897567bf4d1e67f4221a4b717337d33c27f7edbc6f671d36ab48bde4425e01584569e080013c12a7c4fe21acc7ae0db81

                • /data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.5.2_1718707427388_envelope.log

                  Filesize

                  1KB

                  MD5

                  5cc336b0612ef5bce61e4c6bed1343b7

                  SHA1

                  84110c2d95d47d17bc5789fe730ce2296077abd1

                  SHA256

                  b35c4a016f758a87819cd4cb1ba40138b91cd423203b331b170e0f15947330f2

                  SHA512

                  129db14c4edd1b5a730e49c629f0294891877d7d058add307841a755891315b1674ef48710a12a95197ed95cbc8287fbfbf552f727b85b0c183626ad086f1adf

                • /data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.5.2_1718707425821_envelope.log

                  Filesize

                  2KB

                  MD5

                  0738d522519eb42673db0519dcbb14a2

                  SHA1

                  06b7d0422b9c4e937132bd9b6bb0506ab981f096

                  SHA256

                  33f52c9782a79a7f86c1a5d01a5e87fad1d3b3aa28c4a490292ca08ed05f4b4e

                  SHA512

                  ccbe8c4ab2f1fa4e5efc9d6d6555c1b0f24c96e8c9c096579adcb1696de4d4978cddbdc71edc34c2140e985548353b9d08f68d17272da4ede54175e729ab45f0

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  40B

                  MD5

                  3911ad10a2d9a4f7ef7a09639a1b8cf3

                  SHA1

                  d8d5dae863fe04bef8d987202e25e065efce1e1f

                  SHA256

                  0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d

                  SHA512

                  d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ac

                  Filesize

                  40B

                  MD5

                  81024874f926b0c0c9e613997c9370b1

                  SHA1

                  a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c

                  SHA256

                  da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6

                  SHA512

                  8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  703dbb10a719690ee1da4a8189f743aa

                  SHA1

                  79fd02b9323ff3599fa1c0b0afb698940206c693

                  SHA256

                  6349a4e4a26aa582fcd04772c09098db2ccd3c5bf6bffcecedd6b8243ae98bb2

                  SHA512

                  321d7e2375d513a0ec48474458948d111733386fd37d24a92dc433a5171eda108ad86d027aa9b926c3bedd2ca4448c10cb3e56acae5fbfee9949f767658f5498

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

                  Filesize

                  340B

                  MD5

                  3a018968643ac2e0184a1f238f9142c4

                  SHA1

                  419f851c144770a2fdcec277ab749ef064cc8b74

                  SHA256

                  879d23a2f1de15930e38ec94c7ede13774ace3537d33293a0381483424781094

                  SHA512

                  70923f9c1a87ccf1974aa175f34bd8fe76f1193a79e5a2473dbc8f303bfe71858c08e0e6bbb41322c3fe58d6a66c6a8c55612db4d289c29f05341a4b8904f122

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ic

                  Filesize

                  40B

                  MD5

                  1bd86b90e1b355f123e5ce8c93c3de53

                  SHA1

                  bee5683d6124650c8be0b3740ad66e771f29b178

                  SHA256

                  3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152

                  SHA512

                  6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe

                • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

                  Filesize

                  314B

                  MD5

                  92ab819c20af2ac0718dbcc966203534

                  SHA1

                  a0c045607de3248ba571858913a4085862796a5b

                  SHA256

                  f1740e2ad2e6a29f990a646663265bafb5a02a707ff02d61949e33ff27c0ff49

                  SHA512

                  31fca6b29db69c7f52f3ebe211ac55a475f20948cdd6b8ba86f415f973f3827a7aedcba4a5b0302ae42b721f9dc6a0bf6790cfb2949abb51b5893019947c5e3b

                • /data/data/com.xgbuy.xg/files/.jiagu.lock

                  Filesize

                  27B

                  MD5

                  311c50dfabee65749f1c86197b483a9e

                  SHA1

                  57f48ad415d3be6eecc12dc2dfa3b6523b869634

                  SHA256

                  9de40b72721a1c2ffe63bd88287c3bf02d5eff482204d7e5824815300f237224

                  SHA512

                  4f7cd3fb05e76c89b2d94dee31733d18900771d1104fcd51b299bc5f8ebef9b8deaf61450ce26f5258c831122230eadcbf20fa69baf66beb083be6f5257ba30c

                • /data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json

                  Filesize

                  162B

                  MD5

                  89800948bd3c6e88799d16bab2d79a34

                  SHA1

                  36575604ca33842454a6b2f80778733b2c1fd48a

                  SHA256

                  6f0c779926396b19088557daa725a9df17421c26987c7b7bf645871af6e6bec2

                  SHA512

                  4fd589f68923e19d655469a825a0f9bac78c0d93a3bb8d148671e4704313186b8cc603eaa17c2e4af25950d3aaf250cb2959158dbd7f0119f75eed3a955f0b2b

                • /data/data/com.xgbuy.xg/files/Mob/mob_commons_1

                  Filesize

                  2B

                  MD5

                  99914b932bd37a50b983c5e7c90ae93b

                  SHA1

                  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                  SHA256

                  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                  SHA512

                  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  23B

                  MD5

                  8e24e79baab91c4d0604eaa9006a0cb3

                  SHA1

                  e427afc94a4b957a7096f73e395a10ea404c076b

                  SHA256

                  65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

                  SHA512

                  45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  62B

                  MD5

                  079b8e87b9995e02a2ca0d29bfeb183e

                  SHA1

                  bfb2542a432f979b64e46c93bd771ffb85ac7aac

                  SHA256

                  8f84838f8dbefbb1f24f35fdd513f036568ed0587ebf05ceecd9697616eff5ea

                  SHA512

                  5b7631c279410ffae51493238e373da56abc8c3eccf4d34f9e4dc66ef30f3f73165eb1bf821a780e081f9d7b39749e1d12ba95d4dd6dcb87e08f17bc5141bfcb

                • /data/data/com.xgbuy.xg/files/Mob/share_sdk_1

                  Filesize

                  86B

                  MD5

                  eddac4742f4d47398e39375ec9a651cb

                  SHA1

                  2f74ba0ce6f2f2c57117f5e7674e77070994ceb2

                  SHA256

                  0ee3f6f762ce54ee70df7ee466633217b5cb698d776a9895fb4355a33f1f4d7e

                  SHA512

                  e9ba111b39bdcfea1a68e452667fd5c4f6199fb8f302c8829c7013e8c9b0664fa602802187dbf71602a10b08c6de7ff668b052c4cbe01e22cb109f14cfed2d67

                • /data/data/com.xgbuy.xg/files/exid.dat

                  Filesize

                  62B

                  MD5

                  db84625d2e9a390da3a9a475e2bcfe23

                  SHA1

                  1053137dd471081e2f3dddbf758432687a8735d9

                  SHA256

                  d9155bf0623b52a53da0078242bfb295b99107602d28c7e3e3a511a13e09c397

                  SHA512

                  90b86191570b1af23a49a2d308356176bf024f03f2f683f7e88b85db0611caa7c9324be79200bd3e719a8ae6f57430106f9fc8af426b405668ce3b120c0ac636

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  131B

                  MD5

                  95f40de7d2271e1531f56c199f41da61

                  SHA1

                  0d88067d9310644887453ca8cfa9158a2d0b24c4

                  SHA256

                  5f959cb5182c076aa9ba0eae45c118ab8900c5ab1ee067adec8491410b061e06

                  SHA512

                  ca20b4cae6a10e28b6b94e4793745865ff1702bb3d54728cae290669b8ab9c49fbd81bba01d2b9d19f1065e9ef5575932458c9c1f14e4b7ad197152604055c4f

                • /data/data/com.xgbuy.xg/files/jpush_stat_cache.json

                  Filesize

                  177B

                  MD5

                  b681171990619ed26148674208733b6e

                  SHA1

                  b024c4328639248b816531b4719c62a799db2741

                  SHA256

                  333449e90ef3b5ccb0e7dcfee00011f2875d4929e2ad86053cfbf8110d99e85a

                  SHA512

                  e9ff3428a364063137c69b8d148b072ef2bf11b32852d5b6649be4ae030d96eb5ec6374f1505cdf9fa40c7d34308acbb6920f7d7a4705eee6ced5f4dc5ec18cf

                • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NzA3NDE1NjIx

                  Filesize

                  1KB

                  MD5

                  b57ad609e340e2a54c99cebffd6065f8

                  SHA1

                  2493c8b3192b84ef774ca67dd286981e948eb493

                  SHA256

                  1ae854d983aae34ab1333b43b20bc728a38e864d67472e28d1ca3e2a203c0e4a

                  SHA512

                  5bf468552ea0368f17cc0e0c26569b85b2cd5dc4499f1573d31e3947df641bed4b0c4fdba205ba966cc898e4209961345d83fb493df8a69be2c25323048a6ec1

                • /data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NzA3NDQ1ODY4

                  Filesize

                  1KB

                  MD5

                  c60399d22305bc166b9f5e1fba7fb1cc

                  SHA1

                  af13355baa1a5eb04b5be19fc067be0533c8e744

                  SHA256

                  ba07610c5c8dfb238a15d09f6d8d738946e6bf992320e76c2c48a98782c4b415

                  SHA512

                  fe229fdf83db1c10de017f5640590a714a95835a4d1c6a3047df7811dd401823932c1f4b0aa1b4cb49dc913e5f0b715803cdf685e9e2d36a43e8b2e67f457268

                • /data/data/com.xgbuy.xg/files/umeng_it.cache

                  Filesize

                  415B

                  MD5

                  0ac93b9ed6079234f1eb7a046870b997

                  SHA1

                  c8512e6fd011e526b84db7ec2b5e131dd14a59f2

                  SHA256

                  a7d8d769cdce8680ae13813176900337e17d05837504195d9d8081c6f1aa07e8

                  SHA512

                  a7bc1277918dd3a19a090230716cfeefda576bec2d8d854e2037227d70e407b806b64fed133802d76ec8b05a2aa16490e253583c6a64288cea6f40416ff4faad

                • /storage/emulated/0/360/.deviceId

                  Filesize

                  48B

                  MD5

                  1d8d16c4e3b19ebf18988530d9b9a757

                  SHA1

                  bc94c1cce05cd848a53271ecb9c5311e27ffebf5

                  SHA256

                  abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

                  SHA512

                  4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

                • /storage/emulated/0/360/.iddata

                  Filesize

                  80KB

                  MD5

                  d2c8953e4758f67c3b174928509e7b6f

                  SHA1

                  d1be0cd18c67288fbbcc2d98911d949f3999af65

                  SHA256

                  0bce8346182e9162b18c4abe11e17c3fd0cf93a3278ec78f497d2f10e321d6d8

                  SHA512

                  15ffb64e2bd1b59d7a35678b03f26d75b6b0f06da926270c8d23197e7b7295dc567b5250795b1b49a1fd614baf76be658b81720aeacaa6e77cbd0cf0da428cb8

                • /storage/emulated/0/Mob/.slw

                  Filesize

                  66B

                  MD5

                  19402718bfb1c685a726b4e1d846ad98

                  SHA1

                  02a7e30044a67085f2f1da24e16e4ecfede65b72

                  SHA256

                  079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

                  SHA512

                  25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

                • /storage/emulated/0/Mob/comm/.di

                  Filesize

                  57B

                  MD5

                  70a42cba408700f9a6c01c7941a8829e

                  SHA1

                  eab01cc2c0671538795fb0b1146017dc099d0984

                  SHA256

                  499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

                  SHA512

                  8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

                • /storage/emulated/0/data/.push_deviceid

                  Filesize

                  32B

                  MD5

                  196f050c766b14c66333e6fb281e8c30

                  SHA1

                  97c7e7590468bd37a5cf32c9ac2fd9d13e4fea08

                  SHA256

                  61edd9e7c001f6970b9a2798d8fbaadc8b346d9a02f071b8d913a7b77216343f

                  SHA512

                  be21f68ee13d9ed9c1c5bb6c1b9466a958ab2b52c8f8472b3e17ff1c3796dcc3ada7143c5b7c2afa796cb93378750330a0d71a7d1f27df9a8b72fab413076044