Analysis Overview
SHA256
7c8e574ec7e510fca6280d3c42ec758c873dd63d83653eada229ded09fa8f1d0
Threat Level: Likely malicious
The file bb820c404720d5cb2ccf9fe234986e11_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Loads dropped Dex/Jar
Checks Android system properties for emulator presence.
Requests cell location
Checks Qemu related system properties.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about active data network
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Uses Crypto APIs (Might try to encrypt user data)
Checks memory information
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-18 10:43
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-18 10:43
Reported
2024-06-18 10:46
Platform
android-x86-arm-20240611.1-en
Max time kernel
171s
Max time network
181s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
| N/A | /sbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.device | N/A | N/A |
| Accessed system property | key: ro.product.model | N/A | N/A |
| Accessed system property | key: ro.product.name | N/A | N/A |
| Accessed system property | key: ro.serialno | N/A | N/A |
| Accessed system property | key: ro.bootloader | N/A | N/A |
| Accessed system property | key: ro.bootmode | N/A | N/A |
| Accessed system property | key: ro.hardware | N/A | N/A |
Checks Qemu related system properties.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.kernel.android.qemud | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu.gles | N/A | N/A |
| Accessed system property | key: ro.kernel.qemu | N/A | N/A |
| Accessed system property | key: init.svc.qemud | N/A | N/A |
| Accessed system property | key: init.svc.qemu-props | N/A | N/A |
| Accessed system property | key: qemu.hw.mainkeys | N/A | N/A |
| Accessed system property | key: qemu.sf.fake_camera | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.xgbuy.xg/.jiagu/tmp.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.xgbuy.xg
chmod 755 /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xgbuy.xg/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.xgbuy.xg/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
com.xgbuy.xg:pushcore
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
sh -c ps
ps
ps daemonsu
ps | grep su
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | api.share.mob.com | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| US | 1.1.1.1:53 | a.xgbuy.cc | udp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 1.94.137.180:19000 | s.jpush.cn | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | update.sdk.jiguang.cn | udp |
| CN | 180.188.25.42:80 | api.share.mob.com | tcp |
| CN | 1.94.137.180:19000 | s.jpush.cn | udp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | t.gdt.qq.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| NL | 43.152.42.165:80 | t.gdt.qq.com | tcp |
| US | 1.1.1.1:53 | sis.jpush.io | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | api.exc.mob.com | udp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.178:443 | ulogs.umeng.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 180.188.25.46:80 | api.exc.mob.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| CN | 123.60.89.60:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| US | 1.1.1.1:53 | im64.jpush.cn | udp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | 139.9.135.156 | udp |
| US | 1.1.1.1:53 | 139.9.138.15 | udp |
| US | 1.1.1.1:53 | 119.3.188.193 | udp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 36.156.202.68:443 | plbslog.umeng.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 120.55.96.240:80 | a.xgbuy.cc | tcp |
| US | 1.1.1.1:53 | s.jpush.cn | udp |
| CN | 110.41.162.127:19000 | s.jpush.cn | udp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 110.41.162.127:19000 | s.jpush.cn | udp |
| CN | 223.109.148.177:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.180:19000 | s.jpush.cn | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 1.94.137.180:19000 | s.jpush.cn | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 123.60.89.60:19000 | s.jpush.cn | udp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| US | 1.1.1.1:53 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | downt.ntalker.com | udp |
| US | 1.1.1.1:53 | log.reyun.com | udp |
| CN | 117.50.198.131:80 | downt.ntalker.com | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 110.41.162.127:19000 | easytomessage.com | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| CN | 110.41.162.127:19000 | easytomessage.com | udp |
| CN | 1.94.137.180:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 1.94.137.180:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 54.223.175.26:80 | log.reyun.com | tcp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| CN | 52.80.223.174:80 | log.reyun.com | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 223.109.148.141:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | tcp | |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 110.41.162.127:19000 | easytomessage.com | udp |
| CN | 110.41.162.127:19000 | easytomessage.com | udp |
| CN | 1.94.137.180:19000 | easytomessage.com | udp |
| CN | 223.109.148.130:443 | ulogs.umeng.com | tcp |
| CN | 1.94.137.180:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 1.92.70.140:19000 | easytomessage.com | udp |
| CN | 113.31.17.108:19000 | udp | |
| CN | 113.31.17.108:19000 | udp | |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | _im64._tcp.jpush.cn | tcp |
| CN | 1.94.137.47:7002 | im64.jpush.cn | tcp |
| US | 1.1.1.1:53 | m.data.mob.com | udp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 1.94.137.47:7003 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 180.188.25.47:80 | m.data.mob.com | tcp |
| CN | 1.94.137.47:7000 | im64.jpush.cn | tcp |
| CN | 113.31.17.106:7000 | tcp | |
| CN | 223.109.148.179:443 | ulogs.umeng.com | tcp |
Files
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
| MD5 | e5a53000766ebc433b27d6a66ec4f555 |
| SHA1 | 2c8f53f1c03aec2005bcad67d731f07261dabde0 |
| SHA256 | 78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e |
| SHA512 | 370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 5e99738dac60d8528303c05236b49521 |
| SHA1 | 09defe8e673554d1fbfb6818d7f6b06926ef21e3 |
| SHA256 | e4d0cea4069552ea69782c90b6d51278d0f422dfe2052e7f78c992e07186b109 |
| SHA512 | 7291923d241870717b7ea2d2f8672dc37248b3bb8070056ad923465e55e347a3da20620e79edc8ce0939083e2d3efb3d574ab9cdf4ef88364d1164dfbb49f49a |
/data/data/com.xgbuy.xg/.jiagu/classes.dex
| MD5 | 343543170cadbcad918429d62ea0b7a2 |
| SHA1 | 9a55aefb843427a4fa43fb62e9fff30ee674b04b |
| SHA256 | d2c01fef1bee484e1ee39420ba919522325c02eb4809c799fbc2b3262f2c447a |
| SHA512 | d07071e13fcc2c80e2ae4bca90e9b4b23ff7a212353050ea600b3bccfa6f1ed93584d6c5ef84addb07fa418214a1b7431c8fd037edf3c7de44391ad8bffc04bb |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex
| MD5 | 09623bd5b2ce2e506e8dffcb2cbc3e8c |
| SHA1 | e49e1b0d7af536becc5e4701b663ca1923b09c80 |
| SHA256 | e671a6a2653b372037b959916daf955753b4cef04d60fca7a2728c60cc5656a1 |
| SHA512 | c5ffb5d4b6e41531768e4635626b1ff26d8b676166d5eba1baf195d92cdad8c0ab4ccae5236897e9eaeaeb2e2cf2116d3a62790ebdbff45ede9e201139c70450 |
/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex
| MD5 | 668702b0562aaaae77078af0889b6745 |
| SHA1 | eb46db301936ec7c0433aec9512786468d593988 |
| SHA256 | 744961b59ffd06c0769febccd0c634a0bbc36a16c8ad8715d177b4a737fa3123 |
| SHA512 | 00d36a6f14c526c5524ff1cf13eb46364397b464def62f99df58716f49b4b80e448cc3c16b056a1d4f3c2cd888dd1b31636cd56e86adad286643dafa3526df62 |
/data/data/com.xgbuy.xg/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
| MD5 | 92ab819c20af2ac0718dbcc966203534 |
| SHA1 | a0c045607de3248ba571858913a4085862796a5b |
| SHA256 | f1740e2ad2e6a29f990a646663265bafb5a02a707ff02d61949e33ff27c0ff49 |
| SHA512 | 31fca6b29db69c7f52f3ebe211ac55a475f20948cdd6b8ba86f415f973f3827a7aedcba4a5b0302ae42b721f9dc6a0bf6790cfb2949abb51b5893019947c5e3b |
/data/data/com.xgbuy.xg/files/.jiagu.lock
| MD5 | 311c50dfabee65749f1c86197b483a9e |
| SHA1 | 57f48ad415d3be6eecc12dc2dfa3b6523b869634 |
| SHA256 | 9de40b72721a1c2ffe63bd88287c3bf02d5eff482204d7e5824815300f237224 |
| SHA512 | 4f7cd3fb05e76c89b2d94dee31733d18900771d1104fcd51b299bc5f8ebef9b8deaf61450ce26f5258c831122230eadcbf20fa69baf66beb083be6f5257ba30c |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 3911ad10a2d9a4f7ef7a09639a1b8cf3 |
| SHA1 | d8d5dae863fe04bef8d987202e25e065efce1e1f |
| SHA256 | 0ae3380b0712c9bcbb362bcdf7b72504b9e495fe2987cfc20aec121977dba19d |
| SHA512 | d58dc5e805e0e2d11a79c725285dbb3f75d351d456c87ce79439af68c3a6c2506f5814bc16f09fbf16462c93f5c781437a5bbadc4d48977782899ce9d741dec8 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ic
| MD5 | 1bd86b90e1b355f123e5ce8c93c3de53 |
| SHA1 | bee5683d6124650c8be0b3740ad66e771f29b178 |
| SHA256 | 3ba28c4fe20d74ea96f6ced27333f04a01e03c50092717eed1b6e30152a8d152 |
| SHA512 | 6ba3d7ac2b9da3bb2f7ca50488782bfb9f12a38bf17debc4f2853a161551a932885bedaedace0ecd3da9777e1cddbb407ca2360c13512b1b804bd6242e767abe |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 703dbb10a719690ee1da4a8189f743aa |
| SHA1 | 79fd02b9323ff3599fa1c0b0afb698940206c693 |
| SHA256 | 6349a4e4a26aa582fcd04772c09098db2ccd3c5bf6bffcecedd6b8243ae98bb2 |
| SHA512 | 321d7e2375d513a0ec48474458948d111733386fd37d24a92dc433a5171eda108ad86d027aa9b926c3bedd2ca4448c10cb3e56acae5fbfee9949f767658f5498 |
/storage/emulated/0/360/.iddata
| MD5 | d2c8953e4758f67c3b174928509e7b6f |
| SHA1 | d1be0cd18c67288fbbcc2d98911d949f3999af65 |
| SHA256 | 0bce8346182e9162b18c4abe11e17c3fd0cf93a3278ec78f497d2f10e321d6d8 |
| SHA512 | 15ffb64e2bd1b59d7a35678b03f26d75b6b0f06da926270c8d23197e7b7295dc567b5250795b1b49a1fd614baf76be658b81720aeacaa6e77cbd0cf0da428cb8 |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/storage/emulated/0/Mob/comm/.di
| MD5 | 70a42cba408700f9a6c01c7941a8829e |
| SHA1 | eab01cc2c0671538795fb0b1146017dc099d0984 |
| SHA256 | 499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f |
| SHA512 | 8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c |
/storage/emulated/0/Mob/.slw
| MD5 | 19402718bfb1c685a726b4e1d846ad98 |
| SHA1 | 02a7e30044a67085f2f1da24e16e4ecfede65b72 |
| SHA256 | 079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0 |
| SHA512 | 25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b |
/data/data/com.xgbuy.xg/databases/xinggou-journal
| MD5 | fe245bb341bbe1c634ce3f0cbe95c994 |
| SHA1 | 4aa31eaf0fa3c0e59ea53504c8be486bfd96655a |
| SHA256 | 817cb27b2dad1ffd7654792dc5af171781a4bd17dc197761fab24983cd67cab4 |
| SHA512 | f31ca9e0c79c2d8511e8a37f564aa83545007b28d04842cc33e4b6db85d8ebcf1e1b7926cd4d88efb2c8f2b197ee6396f2767a0f8b0876ec3fb82846760606b6 |
/data/data/com.xgbuy.xg/databases/xinggou
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.xgbuy.xg/databases/xinggou-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.xgbuy.xg/databases/xinggou-wal
| MD5 | 19e122be333746be3f577cb31e35894e |
| SHA1 | 74f96078274f554b5b5a784c19ef9014615fd642 |
| SHA256 | 215995df0f84237cf68b1f6870b02499330af54152f0891d2d3c67ec8881177e |
| SHA512 | 14ddccceed14d7de701dab89e3cbe05897567bf4d1e67f4221a4b717337d33c27f7edbc6f671d36ab48bde4425e01584569e080013c12a7c4fe21acc7ae0db81 |
/storage/emulated/0/data/.push_deviceid
| MD5 | 196f050c766b14c66333e6fb281e8c30 |
| SHA1 | 97c7e7590468bd37a5cf32c9ac2fd9d13e4fea08 |
| SHA256 | 61edd9e7c001f6970b9a2798d8fbaadc8b346d9a02f071b8d913a7b77216343f |
| SHA512 | be21f68ee13d9ed9c1c5bb6c1b9466a958ab2b52c8f8472b3e17ff1c3796dcc3ada7143c5b7c2afa796cb93378750330a0d71a7d1f27df9a8b72fab413076044 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/journal
| MD5 | 7a0abe94eb8764a5e5ca9d60922b7518 |
| SHA1 | be5eeab0e80f1fdbdd1e8c02800f7a9e5bf62716 |
| SHA256 | 0865e7d19478dcf5ed9299774f3478f45d9143650290881de844ecc4b8716a08 |
| SHA512 | 34d420cfe7ce35d403a8dd78642938113509facc926f7fb54d9473d74099b70d2e5a6682c5b6ef4e2ab4261fd9e5eb0eaab682f45a8dfaa54b320a7c4b6a5b48 |
/data/data/com.xgbuy.xg/cache/image_manager_disk_cache/e84cbdaad0bea86b8f06f31ce85248e6e03a01185b91fcadc419580375fa75c2.0.tmp
| MD5 | 66c0c680753df4ee0641951b8cb1d613 |
| SHA1 | 9573fb478fdd97f871e9019c3b88f27adb879a29 |
| SHA256 | 97d7cb4c347498221f9b273a11449ce621cfc8c6b2770f4d57a8b3dfed67188b |
| SHA512 | 0c169a3f5dbec49a8e14d3381e4e71aab60b454365e84879f1892335ba0294be71950eb9bd0de528cfaa51f702384a66361972875dad163d46b7ab05c23881c0 |
/data/data/com.xgbuy.xg/files/umeng_it.cache
| MD5 | 0ac93b9ed6079234f1eb7a046870b997 |
| SHA1 | c8512e6fd011e526b84db7ec2b5e131dd14a59f2 |
| SHA256 | a7d8d769cdce8680ae13813176900337e17d05837504195d9d8081c6f1aa07e8 |
| SHA512 | a7bc1277918dd3a19a090230716cfeefda576bec2d8d854e2037227d70e407b806b64fed133802d76ec8b05a2aa16490e253583c6a64288cea6f40416ff4faad |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NzA3NDE1NjIx
| MD5 | b57ad609e340e2a54c99cebffd6065f8 |
| SHA1 | 2493c8b3192b84ef774ca67dd286981e948eb493 |
| SHA256 | 1ae854d983aae34ab1333b43b20bc728a38e864d67472e28d1ca3e2a203c0e4a |
| SHA512 | 5bf468552ea0368f17cc0e0c26569b85b2cd5dc4499f1573d31e3947df641bed4b0c4fdba205ba966cc898e4209961345d83fb493df8a69be2c25323048a6ec1 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | 95f40de7d2271e1531f56c199f41da61 |
| SHA1 | 0d88067d9310644887453ca8cfa9158a2d0b24c4 |
| SHA256 | 5f959cb5182c076aa9ba0eae45c118ab8900c5ab1ee067adec8491410b061e06 |
| SHA512 | ca20b4cae6a10e28b6b94e4793745865ff1702bb3d54728cae290669b8ab9c49fbd81bba01d2b9d19f1065e9ef5575932458c9c1f14e4b7ad197152604055c4f |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest62976665737367198995336569022442421051-journal
| MD5 | 04cceb2250b8805963317c3bcb60ff83 |
| SHA1 | 7a83968f62ee4506ba43b41b712e2045a866c99a |
| SHA256 | 648f90239be153bfe4018d82f66272c9b4cc7fdb7a0d791356493b6dd61380ed |
| SHA512 | 2da9f8bf19c64dfeabe6ed93832fa4e2930a1f1f935d0fb80c57ffd522ca52ff2e93774f6765eb2f13732baf6f5bce512efd5e36d68a5b9f359378290dba48d5 |
/data/data/com.xgbuy.xg/databases/je_1000_ISME9754_guest62976665737367198995336569022442421051-wal
| MD5 | e648be4b245271e32582334f375102c5 |
| SHA1 | ee14a8d8bab78a9a7d196835f2a943e07e7bc71b |
| SHA256 | bd357c2a15d32b5245d74381192cd7658b65ba342b2d6d51a865c5eb1e97ab2b |
| SHA512 | a70c315a5763fcf5db9db696d04db29760ee768f2a730a07de1a04ac8ba5d9eb85df768374e0edca273c6cb8191e55a19a590e1924fae4efc746cb6dee4c605e |
/data/data/com.xgbuy.xg/databases/Reyun.db-journal
| MD5 | 988cc7e649eadadf9d91d12691dbfe32 |
| SHA1 | de503ef42e97cf412d3409a816b3c7538b2fcf8a |
| SHA256 | 89f42568bc57b45cea35ed65f60dc2da32e3a1a43d4cd28d10efc74bcc2a30c1 |
| SHA512 | a079f47dd0aed7cef4ad16b0f9354ee8b386681f6cf68c130553534156bc28ec70b371c845c7b365a79863ed2a0615d5f642264065727c124e286537e930d973 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 402632a1a1e5cd6ced8039ce79da3c69 |
| SHA1 | 0c4b7d8dbbba250f89c647d4bde424d84e01e97a |
| SHA256 | 310f8eeda427aafad423dc2d68779e5232acd8d3341b23b8b455cb663d235d22 |
| SHA512 | 1f0aa33409a1a7843e603cfdd5b5bfe6e94a7f08f9afc12f3517190cbfe2e953650523d0cc1f1c9cc1445418ac298b6c70e2a48c2aad63049cdcb68638b4b683 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | c2552c4b843c201e1ed1c14a33413259 |
| SHA1 | 4d278f92e78ec6f7055e6094fb5d087e79f2a7d3 |
| SHA256 | e1076a92d39a8352543f07d0e2ad3c07fd3c50e83af30bd236ec37d1d3c4d49e |
| SHA512 | b16ee839505ca154f14182f5e549792e27a0004e19ddcf1a2d721fd45b5a058d7fde5f3523ddb7583ea59dd37d9f14dc3b1bf435983a7a694ca88cde381f4a3f |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 336cc78025e9749af1868d05eb73f288 |
| SHA1 | 5e118def2fb3e9b6310272a532d89349cd427252 |
| SHA256 | b12ea5f2f65e54376bf791fae996fe03495a6583ba4b66fd14e8e602e5eb6051 |
| SHA512 | 768835201f499c7fd6db42234d1278ee8d16c91aea35c308c9ccbcaabaf76aa8021122e85159d6ee7c70501762c5fe485a1e0073f6815625ecf31e961addca0a |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 68e8d11752a8d4777774342ffcb14489 |
| SHA1 | 01176a76782a20cd6fc6db64fe98def87f71572b |
| SHA256 | 4db243ddecebd7cc4315c83d1a07e44cc8d4d1295f65b9bfc198b9e567ccd45d |
| SHA512 | 787d4d886a4ba3b37d631844f2de8a5422710fe85f3cb08fb2c54f1b53824dc41e476456a311dbdcf65edb1c97bdfdc915cfd72f29b103bc5582843e31a82d59 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 086ade14fdf69285438a7939154d00bb |
| SHA1 | 030bda1066727f5f918ede3cd6ec858c82cfb56e |
| SHA256 | 6040b2dd13a35b2771ee249b1fffddf7af6cc0da41f2ddea11e5dcb412d23157 |
| SHA512 | c568865fb63643af29a7628792e18d90b0ba1e8474fd41633d65eb0852f8f15f124c7aae11df7004abe72cd85c97b55f589a4710fcb942c6c7f877975338ee8a |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | eea9ee50b0b73f831b01639234d27dcd |
| SHA1 | 9af14562bdfc99803aa6da740f86695f45022453 |
| SHA256 | c9cf42fd7050797a21ccce748f502f64584612d0b05ff1b39dc4d8b06ec44f3f |
| SHA512 | d8f58c9f3307b028d968a6b1fc052c55caef75ded7ddda0f03c04c9a780cd037b59483a7ecdb4e4d9c7c1fac2140eb98209eb54a4d0a7a7b0d698ca675374337 |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | 3d5cccf30a222999c3b6197a498ae469 |
| SHA1 | f9082fb624a9e85fd73eaa10031ec30bc408f2ac |
| SHA256 | 768d152a9c3fde60d7c6c8723324fecb92c26a71b24d8c5cda2a30e609188d23 |
| SHA512 | 7f3f32c89d907727c18e3e7b39f13aae9f4ae6ca49485c8df57d9f1f556168c49e1d26f4342ede96bce78a9deccc52aa613322da23478b9e686dc05477620a2e |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 3be2427fbfe42a8725fd8cfb97043e3a |
| SHA1 | 930d980756089d623ef3bb480526d2e62fe2ad55 |
| SHA256 | e69f72d2c1204d483b682856f516525bb140a729f97d828d43f4950fe1120cf0 |
| SHA512 | 2b04844be1005f925db9b5d0d82b299a912143dff6ccfb4f8b7657314f36d6d7f2821101bcf9fa10608a018f94874a55c11914c1f2742ac2ecfce2de4b6c165f |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | fbdcbeb2c5ad7c33ba094f13e3121f29 |
| SHA1 | 4bc8e1806df3a3295971e56e23ae1e27e35d8792 |
| SHA256 | c0373ab50773bbebec78296409f77f6976e5ad9e192ee94f6d16eb1acdb9d5c3 |
| SHA512 | 3c55bc4a86dbd9eadb32d2fe400fa0105f97c869b0c04ef7e6ced764c557c63b9078047c31e91d2a335b8eb3f51976c06ae1a08eaf569f6fe25edab681449b39 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 183c318f0707455a1f47530c4380228d |
| SHA1 | c6f2a62f411ed6b7f1dc5d9b4ea0d2cf20333fa3 |
| SHA256 | 0fbf958a6c505022fdc05088ab1b5e0b05fbc3b6064a38f29df9732ae6ec9124 |
| SHA512 | a61c7667de4b8ca409abf13004e693351475c7535e17675a28277688c1035ca43b7df4cddcdec4a96b1a8fa5e1fc81945b92ad6c7d4b5a412a53759fb5c48d3e |
/data/data/com.xgbuy.xg/databases/Reyun.db-wal
| MD5 | c2cdb502afebaa7c5d59ac195d4e1b00 |
| SHA1 | b775a6955d447c0c1fb0644d15299140a07dad4e |
| SHA256 | 61cfb49e62bdbdfbf4846df1bde99b15f48bfab579ce1a09e30c8ce99059e930 |
| SHA512 | 581ebef28c21512d2f33cc5011f0ccfb86e80528a889d67623dae050e37b4d388a0216039cac66b0a64b20e85adc228122adafb458b2b2b12bf84e7397391d94 |
/data/data/com.xgbuy.xg/databases/Reyun.db
| MD5 | 3e063cea61595b306f08ae47a995269b |
| SHA1 | d22a319b401425ceeaf0de0086d378cd7a9715ee |
| SHA256 | a5efeccc45730c54e2bc57183ea4623ea8e77f9d14b221f71ed42669859505da |
| SHA512 | 0f3133e77d6cc3dfb3ea57eb4dca0ab6de1a56d3866ed3cb5c4d9675fd58e83aa98424755bef3d36d132484387ef536100d91035b57d755c6822229150411c7e |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
| MD5 | 604e509132d5bffc2c551db39732ba64 |
| SHA1 | 9cf80f9556c77b055a56399828769d71380ecb29 |
| SHA256 | 9c811be932b18064c048e0390a7b1bc9aa21989a223bc54a78004bf42884fb50 |
| SHA512 | b124cb8e64016fa9e123bb8197404b05440614865df1a251b13ee4565048c778b6791bd45c96086945593f4b3226727c7fcfbbd12320f950e6b249e9f121ac55 |
/data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
| MD5 | 9f7ffc652cd7e38e94d039dd3a048480 |
| SHA1 | 2f940789e40211662058de364cdbac254a867bc6 |
| SHA256 | ca91e7341598c398aab74eb8de64778e6fcad929a441e519bcdf3e2ff0562355 |
| SHA512 | 5b80f6714522628e852ca30b745e18f4fe96546842f8a750a78116b9eddd306c14b0daa12b248fadada008c12015d16e8c570e384b3caa294dc06588db911638 |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 8e24e79baab91c4d0604eaa9006a0cb3 |
| SHA1 | e427afc94a4b957a7096f73e395a10ea404c076b |
| SHA256 | 65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d |
| SHA512 | 45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae |
/data/data/com.xgbuy.xg/files/.umeng/exchangeIdentity.json
| MD5 | 89800948bd3c6e88799d16bab2d79a34 |
| SHA1 | 36575604ca33842454a6b2f80778733b2c1fd48a |
| SHA256 | 6f0c779926396b19088557daa725a9df17421c26987c7b7bf645871af6e6bec2 |
| SHA512 | 4fd589f68923e19d655469a825a0f9bac78c0d93a3bb8d148671e4704313186b8cc603eaa17c2e4af25950d3aaf250cb2959158dbd7f0119f75eed3a955f0b2b |
/data/data/com.xgbuy.xg/files/exid.dat
| MD5 | db84625d2e9a390da3a9a475e2bcfe23 |
| SHA1 | 1053137dd471081e2f3dddbf758432687a8735d9 |
| SHA256 | d9155bf0623b52a53da0078242bfb295b99107602d28c7e3e3a511a13e09c397 |
| SHA512 | 90b86191570b1af23a49a2d308356176bf024f03f2f683f7e88b85db0611caa7c9324be79200bd3e719a8ae6f57430106f9fc8af426b405668ce3b120c0ac636 |
/data/data/com.xgbuy.xg/files/.envelope/i==1.2.0&&2.5.2_1718707425821_envelope.log
| MD5 | 0738d522519eb42673db0519dcbb14a2 |
| SHA1 | 06b7d0422b9c4e937132bd9b6bb0506ab981f096 |
| SHA256 | 33f52c9782a79a7f86c1a5d01a5e87fad1d3b3aa28c4a490292ca08ed05f4b4e |
| SHA512 | ccbe8c4ab2f1fa4e5efc9d6d6555c1b0f24c96e8c9c096579adcb1696de4d4978cddbdc71edc34c2140e985548353b9d08f68d17272da4ede54175e729ab45f0 |
/data/data/com.xgbuy.xg/databases/ua.db-journal
| MD5 | 3729cde23ed0d2aa85253b98ef700a6f |
| SHA1 | 6554e761176a6cf85076d6fe861a0b1a17cdf6a4 |
| SHA256 | eb1bc7b8bba15e8d934fc2133c8fca33cb3697d3ce5682af6b79805e6eec3620 |
| SHA512 | e3d6898091719fde8625c5644fe81f0e9ecc955a8e7749bbd5c01b32b1dd855831a05add856da0c20d06d8188d2649272b65ddcace0dd44c349dfd15e41d9b70 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 0adda9c85a5e4808f5b1b74c0a8591a5 |
| SHA1 | 5048107883ab1e345af9cf2e6849ce46e0e612bf |
| SHA256 | 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1 |
| SHA512 | 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | cba40c85c32e42fbc96f358cb90f36ca |
| SHA1 | 0063f44e918e25579172aa4e2863cf3fd279c119 |
| SHA256 | e84ee7d190e6ad9ffebb97a5f291de67cda90b4a1ec9c984e9a72d22162bd91a |
| SHA512 | f7c160f58a06dcb04305765e57668048e64bf136ae7cd30202c7f50ece06c8d930a3402943542c6313d56af76b37965568cfea1186557bbd9f1365f5019b8a21 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 7910b764100f2c4853bde1940592e677 |
| SHA1 | 50b55f1d95f954b2aee38a80c1d85d917cda8eff |
| SHA256 | d14dbc3f1623f4f968a8f320b0e9a0d4e3a1e9722c6b5579fef1c55c7484531a |
| SHA512 | 5cc21191d7b600360dd6f77d35feaf66b86231d4c21a3cfd6d61c2525702bb05e9189e67de4001d794fdec7182841a19cf14526c7f3d5e1888169384162e057d |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | cc448e670f2882f0c683cf38950e2056 |
| SHA1 | 09254873b8a63fc832f61fdde9cdde780694b365 |
| SHA256 | b759ea032ea0eb60de0c9f9c0276ff4c175a61a36c5ab168a4ecca2b07586b89 |
| SHA512 | cc90f344c4c5f88fe7e281e7e849f67df36ee730c3963c6fcf24df0987220875ecbebad2600028cdafd259a9580882b1b621caa0600d865af1cdce3486bbe445 |
/data/data/com.xgbuy.xg/files/.envelope/a==7.5.3&&2.5.2_1718707427388_envelope.log
| MD5 | 5cc336b0612ef5bce61e4c6bed1343b7 |
| SHA1 | 84110c2d95d47d17bc5789fe730ce2296077abd1 |
| SHA256 | b35c4a016f758a87819cd4cb1ba40138b91cd423203b331b170e0f15947330f2 |
| SHA512 | 129db14c4edd1b5a730e49c629f0294891877d7d058add307841a755891315b1674ef48710a12a95197ed95cbc8287fbfbf552f727b85b0c183626ad086f1adf |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 7a163b3006b7309bf922540b35cce198 |
| SHA1 | 24a57de58919d4e9c3a796bc26cbcc448935cf0f |
| SHA256 | c5273acfc5eabf74f2a42d339d22f39652d7befa56a981dfe8802edf0ab99eaf |
| SHA512 | 3ea6b9dabaadef3751bdc6b20cd43f9feefd9a7d922d1f302f78cb1d625c05843014d3646c81100ae5c92622b17a0d0d779d223cce90bafbf68fd5e2d9046109 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 71781d047c08e0703f76d2347611d69c |
| SHA1 | 4bdeba715a97146a9fc2a7e9054a907925203738 |
| SHA256 | fe0180018ad3961b37902917c522d9e10fc0e1c6ade33111393c1387c30fcb82 |
| SHA512 | 55ca1643bd7364d912de27fca74c5ef5ff9279179aeb82ab33e63f6c1e0aa420436101c3b7a20621b6b041b2d86160d2d358fc18dff391249183078579ba975f |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | 39191273911afb45f18ab6e70c86db5f |
| SHA1 | c6a04bf5982085142fe42e662c60f9386fc075d5 |
| SHA256 | eff9a8fcd47ca7c411880f67225d49418609a8b2b20ecd8d18418862df9df5b2 |
| SHA512 | 73599d56221bc73303aa0170d892c0717b5fb9cf84c8c4caf44c2dd2c982c1f03a0f0faa76fe5bcc39bd79cd6341f67ee0b666f3da6c052555523f953e5fcbf2 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | d6c20ffa1b18d11675e99e9efc54e6c6 |
| SHA1 | 5baca14e5083aeb2c1e791dc3f0a93903fa17daa |
| SHA256 | 7bfd7302f929005ad44f7ec72b8aa8bb84a56b03e898f3cda40c4a45d0a7744e |
| SHA512 | 63b3c21aa522742694cca7581e622f2d1d6b9d1432431a9626e62addc7bb3c867375820e06eedbbe3ab40837a53d23220f594b5ef1b3376c970c1813d86cb7b5 |
/data/data/com.xgbuy.xg/files/jpush_stat_cache.json
| MD5 | b681171990619ed26148674208733b6e |
| SHA1 | b024c4328639248b816531b4719c62a799db2741 |
| SHA256 | 333449e90ef3b5ccb0e7dcfee00011f2875d4929e2ad86053cfbf8110d99e85a |
| SHA512 | e9ff3428a364063137c69b8d148b072ef2bf11b32852d5b6649be4ae030d96eb5ec6374f1505cdf9fa40c7d34308acbb6920f7d7a4705eee6ced5f4dc5ec18cf |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | fad82fc6810dced200393c2ea2d3f15d |
| SHA1 | 9390989a1ff494bc7d432111d1f4921938f322fc |
| SHA256 | e38d99924564d282c15251b3c0ab3ce356167bb24890e0823297f6a81a34f3d2 |
| SHA512 | ea39e2029d8f9277eaa74129143aaf488a14f1b598030dc4086afa2c6f5014f2a0d2982c2f354d50ec1d8e0bab92f82ebf3215c2d3a8a4cfd9f934ae5ce5a796 |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 5a2e0f5b9647a77bef2a5657ca045a99 |
| SHA1 | 6784e20509874c988d9bbf6c086f1a31a7a5082b |
| SHA256 | 7316d6e881d81e04c3e19d5b076f572455309fe6639c8b92d82c5b93f7b9e19e |
| SHA512 | 3fc7f6dbee0ae1fd165a46aaf9687c1464ea630cf1c6d3ae23c76aca9fbe986a9fb4bb67c15f5d4b5713683b96a1f76a761f7610db50a0adff788351d0b4e627 |
/data/data/com.xgbuy.xg/databases/ua.db-wal
| MD5 | a61fbdcc87aeebeb70d26e3f161761e5 |
| SHA1 | 958919423db9adea36f5d32e459d9186c9bf91d5 |
| SHA256 | 8f180d8a997221e4e258ccf8a6de153ca507afb7b9e28c54d5c15db1b602b268 |
| SHA512 | bb4aba157f12d3fe32aef92aa2e91e4c461beb2a60b5f02bf7b96dbd9203c2fac9c49bff937cd440b8658d60e9011aec9ca8cafc1091a6438b321020d34fde6b |
/data/data/com.xgbuy.xg/databases/ua.db
| MD5 | 6ac63b3bcb5591297d142063eb903fd0 |
| SHA1 | 6b3a9a4d1bc2caafc4222a1fbff9d15b7db89624 |
| SHA256 | 2f3ccd1bbd478dce0c52d60dcb0a72eb6530c91e2f4b842ec714ee4c1365cc83 |
| SHA512 | 87ddc46ccc80b7f36ac2a1d384d07d39f455e1d42dd49e0ab3a40eced072ae22bd71aabac5dd0df5f76a73e0c6820d36f7b2383f5ec6ecccc4dd288211b1644a |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
| MD5 | 3a018968643ac2e0184a1f238f9142c4 |
| SHA1 | 419f851c144770a2fdcec277ab749ef064cc8b74 |
| SHA256 | 879d23a2f1de15930e38ec94c7ede13774ace3537d33293a0381483424781094 |
| SHA512 | 70923f9c1a87ccf1974aa175f34bd8fe76f1193a79e5a2473dbc8f303bfe71858c08e0e6bbb41322c3fe58d6a66c6a8c55612db4d289c29f05341a4b8904f122 |
/data/data/com.xgbuy.xg/files/Mob/mob_commons_1
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | 079b8e87b9995e02a2ca0d29bfeb183e |
| SHA1 | bfb2542a432f979b64e46c93bd771ffb85ac7aac |
| SHA256 | 8f84838f8dbefbb1f24f35fdd513f036568ed0587ebf05ceecd9697616eff5ea |
| SHA512 | 5b7631c279410ffae51493238e373da56abc8c3eccf4d34f9e4dc66ef30f3f73165eb1bf821a780e081f9d7b39749e1d12ba95d4dd6dcb87e08f17bc5141bfcb |
/data/data/com.xgbuy.xg/files/Mob/share_sdk_1
| MD5 | eddac4742f4d47398e39375ec9a651cb |
| SHA1 | 2f74ba0ce6f2f2c57117f5e7674e77070994ceb2 |
| SHA256 | 0ee3f6f762ce54ee70df7ee466633217b5cb698d776a9895fb4355a33f1f4d7e |
| SHA512 | e9ba111b39bdcfea1a68e452667fd5c4f6199fb8f302c8829c7013e8c9b0664fa602802187dbf71602a10b08c6de7ff668b052c4cbe01e22cb109f14cfed2d67 |
/data/data/com.xgbuy.xg/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4NzA3NDQ1ODY4
| MD5 | c60399d22305bc166b9f5e1fba7fb1cc |
| SHA1 | af13355baa1a5eb04b5be19fc067be0533c8e744 |
| SHA256 | ba07610c5c8dfb238a15d09f6d8d738946e6bf992320e76c2c48a98782c4b415 |
| SHA512 | fe229fdf83db1c10de017f5640590a714a95835a4d1c6a3047df7811dd401823932c1f4b0aa1b4cb49dc913e5f0b715803cdf685e9e2d36a43e8b2e67f457268 |
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ac
| MD5 | 81024874f926b0c0c9e613997c9370b1 |
| SHA1 | a7b4c37570f3e5aa7bd575d0dbcc71ff9079a95c |
| SHA256 | da5ea38fae9a292777936eae50a76aae4d2a589550448aa6970383e44aabe7d6 |
| SHA512 | 8ae3ca2a1a4ea6c514fffeb911f4c42ff173433a7fd82980193d883196e748e458e83ee42051ccbabfa7f49792dabbf1eb8a72fea3db16c2f157e7ada4182830 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-18 10:43
Reported
2024-06-18 10:43
Platform
android-33-x64-arm64-20240611.1-en
Max time network
7s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.68:443 | udp | |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| GB | 172.217.169.68:443 | udp | |
| N/A | 224.0.0.251:5353 | udp |