Analysis Overview
SHA256
c6597211b68d47393bc2686426574ad6167e3a5ee78a51f9c86598eb48d614b1
Threat Level: Likely malicious
The file c08227a5edb8585e200ca6bb6330c126_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Queries information about running processes on the device
Queries information about the current nearby Wi-Fi networks
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Loads dropped Dex/Jar
Requests dangerous framework permissions
Queries information about active data network
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about the current Wi-Fi connection
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
Registers a broadcast receiver at runtime (usually for listening for system events)
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 10:10
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 10:10
Reported
2024-08-25 10:13
Platform
android-x86-arm-20240624-en
Max time kernel
151s
Max time network
152s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/xbin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.live.xxlive/cache/gg.dex | N/A | N/A |
| N/A | /data/user/0/com.live.xxlive/cache/gg.dex | N/A | N/A |
| N/A | /data/user/0/com.live.xxlive/cache/gg.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.live.xxlive
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.live.xxlive/cache/gg.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.live.xxlive/cache/oat/x86/gg.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | api.78nm.cn | udp |
| US | 1.1.1.1:53 | app.avohwtpgb.com | udp |
| US | 1.1.1.1:53 | api.iavbobo.com | udp |
| US | 23.170.49.209:80 | api.iavbobo.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | sdk.cferw.com | udp |
| US | 1.1.1.1:53 | anquan.luomi.com | udp |
| GB | 216.58.213.10:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| US | 104.238.128.165:80 | tcp | |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| CN | 223.109.148.176:443 | ulogs.umeng.com | tcp |
| CN | 36.156.202.73:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | sdk.cferw.com | udp |
| US | 1.1.1.1:53 | sdk.cferw.com | udp |
| US | 1.1.1.1:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 1.1.1.1:53 | api.hclyz.cn | udp |
| HK | 109.206.246.131:81 | api.hclyz.cn | tcp |
Files
/data/data/com.live.xxlive/cache/gg.dex
| MD5 | 45fed4c5a279c6fa22258ef963916cc7 |
| SHA1 | bda125976f40b8fdf84580d3e0600b3071c6091e |
| SHA256 | 1354684c547ddb91f703160e0111818458b32381da21f1fa103b90b92539e34f |
| SHA512 | 798651fc48c856c564d92e48aa4c75e30c2cef08815648d11312b08d366618ac308d0d4e25426d2514cfa74b08e4b87ecc98f17ed24ab01ca7e1f8098c0b1d29 |
/data/user/0/com.live.xxlive/cache/gg.dex
| MD5 | 8d18eae9199c1931335e8e4b720c098c |
| SHA1 | 77d13dca11a7b022633abbbd8f236247183d001f |
| SHA256 | ee3ca8c648ffbb0b6551ca8f6985f1c724cffa593bf1e98c8da107936f48941f |
| SHA512 | 086786978fd5ce87453d4f520d19de97efee0da20621e488150b6b87742d57a022024dae88156be2f8ac9afd7921c534c5dff80f5578136ed80067a1711955e6 |
/data/data/com.live.xxlive/files/umeng_it.cache
| MD5 | 9549f40fe1f3d2bfa17a9125ee7c7b92 |
| SHA1 | 751817088e88b00871930188f9d3e3a1e1a5bfcf |
| SHA256 | 650384a8cafac1e7ba97a08e853da185e86e24d92b2c2717423f3ed7bce519ca |
| SHA512 | a0ed12ecc21404ff8c10fb9ded4a3f02c7c05a4a900c1f9c5cc30ed2b6c3a33371d681d10b3c3c3892928aa9a61285bbe32d7b119bcb62bb1f1d2dfefa3baf05 |
/data/data/com.live.xxlive/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzI0NTgwNjYwNTIy
| MD5 | a0c522efe8f266d6da3c24744dcca4b7 |
| SHA1 | ca9409c42202d9f1f61896d21e2560f935254123 |
| SHA256 | 2d21d000d0ff8d50ea8c0ef7cfe10ccd628244c1e8f2746af1339146c5ea449c |
| SHA512 | 5229bc6be062e0e5cd9a544930fe8c568003bc3c27bd9f6d701f7b6b582b0937539f404d9de80001349d507cddfb3fd8ad579ac8ac1449a80fa6615bb5f7d204 |
/data/data/com.live.xxlive/files/.umeng/exchangeIdentity.json
| MD5 | 5da9384629fc59e416dd625f74b3c4ee |
| SHA1 | c1eb268f7cb9b419c4cde96fa30ab767c0c06c52 |
| SHA256 | e5b472def159649948b1d3acd1aa83556a064129deb3028d2cc7aef84bff5d9a |
| SHA512 | f461ad12c2e5173123b3d0a009aa2a8a3b7319107deae1a8e930b2a4d4ac9cadbabac98316303dca419ed3f1e90008047666555e6b2dc748a75314df016b3e78 |
/data/data/com.live.xxlive/files/exid.dat
| MD5 | 7f5b373ceacc275bd9fe6cb9d1dd6dac |
| SHA1 | 6a64c15903d39fcf07ca0525ecbff1468e8b549e |
| SHA256 | d443c8dca51c12c563de6811a4500487055d4fdabac330620509be20adb998d7 |
| SHA512 | 84e34619434180bb9ef70a78876ccce7b01ad24880777af6519bd864949c72b45cd2afc8d62fcd061a0434ae1b0805e7237b3700295af2a862947a4ea305d8c2 |
/data/data/com.live.xxlive/files/.envelope/i==1.2.0&&2.2_1724580661508_envelope.log
| MD5 | 0b72e1919bee87046d9a9215c963e6a4 |
| SHA1 | 472e16062ac16343614e6cd4f1f7679e7579fad6 |
| SHA256 | 00e90811e82a13ec420c38ebf866458048d5ba2e679797d9ddd5c64aa8d764ed |
| SHA512 | 29bf161d458a5da646446b0318289b6bd64b7e29f218b0a312b15e852459f1bd7dd81ea07bb1041cfaa28c63dd9727c150c587a88675ffd811e5000d1be92b60 |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | adbfaee8fa3e65965ba205b8c6046548 |
| SHA1 | 4dbad1dd1ee4a7ae74d3a64c4aaa31c819a60857 |
| SHA256 | d0dc47202cc73f5af7be1e3550c8cd6b6bf550480860e05bd2ef992751dd4348 |
| SHA512 | 3d53eb94de11d287846a941d600fdb1a27bda4bcad615d5ffa0d9c66e6330b9720c95bc8338b7a398d65dcbc3394a460aee04dc8009b43b15365640584305cb3 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 0adda9c85a5e4808f5b1b74c0a8591a5 |
| SHA1 | 5048107883ab1e345af9cf2e6849ce46e0e612bf |
| SHA256 | 1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1 |
| SHA512 | 646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1 |
/data/data/com.live.xxlive/databases/ua.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | abd225af2923d16a80db0a56ab3a4557 |
| SHA1 | 1b8c7ff8bf29863c1682a0300419c27f72b10917 |
| SHA256 | 70247b2e22e9a11a176e98af25ae7a99c74736dfb3d036b15f3ebe926954ca45 |
| SHA512 | 2b34ac5ae2f3436ac1867affa9c80f6d8009b79b1e266a08f0a0086b813564e9ae47ea766647c8ba99a36513b620b41810e0f1020a9fa7d3fd21a59194ff1568 |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | 7c9fc0ad4fde4fc92de651943db87e3a |
| SHA1 | 7439d922d498dd2df69bc39bd114896f49ccecb3 |
| SHA256 | ee47100e32f3d2c869ec87a17a27337823d369d0b643437486f08b0406b5f525 |
| SHA512 | 5119a4d1a445e2aed8c49d4dc906da8250b0fc1a181a3708a9b45886e86fdcbf1d32199ce8314c7e5dadc8543b028e8e217711eb38902baf2281b323ab10671b |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | df0a5a1d70574c8b8909da23088c3d42 |
| SHA1 | c25b272eef28cf562b7baf3b9a2301ce73bb4f89 |
| SHA256 | b6581910b9a8cb5f577b783bd222f4507edefe0f5f56472a9bdf25cbafb9e4ff |
| SHA512 | 0578ade8016155e3b9f8c61d107fef26581dfa440796fc8a6e7be2e1158f340852e88013c9157de01873f00dc3381d1ce2d6d762a84dd96ddb30e2ccef4017d5 |
/data/data/com.live.xxlive/databases/share.db-journal
| MD5 | b0bd0d47f7ba8103b4baea255db1499f |
| SHA1 | e96953d07495ab40801dc71dc572e8a6ede0dcfb |
| SHA256 | 0f8a3cf189b5e86f2fda4404fa728cd878784ca46f90db442b3d4e7b006b9502 |
| SHA512 | 3e6effa0065af99773f7148869a9621596528383602a9003351de768ba8ccffa786953939391ddee1e40e9fe91dd9621e26015b5794a46802f8746d4de6757cf |
/data/data/com.live.xxlive/databases/share.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.live.xxlive/databases/share.db-wal
| MD5 | dc837b578efb4383c23c81881aaca4d9 |
| SHA1 | b607b82df7982de95c0d8a8df0102e5d7b693825 |
| SHA256 | da7f6336a69cf61a8c02e019e0f0f9dc76ec3bbf4fae4efcd0ebc6569384632a |
| SHA512 | d04f3b2bb86f3b98d1b47fb0a5c3cbb75c2a791509e4be03f015ed81e7683153bbc4ef899a3115d8fe5e011944d667f0bbd5384acda320f5558ba5da5f37b2f8 |
/data/data/com.live.xxlive/files/.envelope/a==7.5.3&&2.2_1724580663100_envelope.log
| MD5 | 22690495a8f65d5ae079508d71a0498d |
| SHA1 | bc84fc54e2b270e27b8e2d1341eca5178b79ae62 |
| SHA256 | 1eaa1a8ecd2f12ec0c19455d0d3aa7d87fc59c044c033adaca3c145cc823c1b7 |
| SHA512 | bac6ef683e5fca67a809b2a82b4ea7f2f96360b16536e144ac4d5da7f7d5c2e87b94bbd8598f6c60cbbe0ab1112b496146a38047a76c119fa44a04d63263c85c |
/data/data/com.live.xxlive/files/stateless/dW1weF9zaGFyZQ== /dW1weF9zaGFyZV8xNzI0NTgwNjYzNDM0
| MD5 | c2879d13dd0ba08b41f8678c64ac74fa |
| SHA1 | 7546a5e16b985c8061a38fa54211495abdd87665 |
| SHA256 | 6eaa7e13f7294a8c39419eafb173a7f2f5c0249d9e6a30366c4716cfecb71a8a |
| SHA512 | 74636af5de4cde2b701baa2e66aa5616d4c0ba69bf0f97d169cde76345abddf40e8d0eac352f19d11fbef270fd681d7f312ef25aa64ab25141791b873035d219 |
/data/data/com.live.xxlive/files/stateless/dW1weF9zaGFyZQ== /dW1weF9zaGFyZV8xNzI0NTgwNjYzNzQz
| MD5 | 4df658fecb056279603e45b2a7cd3a97 |
| SHA1 | e6a7f1ac4c034611a304033b06c7c3792496251e |
| SHA256 | 373bf877a2ddd4f241a94324a14e55ca49ba75398b6532bbb869a9d4a453515a |
| SHA512 | 779ab20e7900a8f82c689fefa4aeb4fb01addb3361924f1fa37a5b90998969d01e8f2d8cf3fd3640b2787c76e9dbb5e1d9a1df4f6473e13ee5b0fbcb34c531b6 |
/data/data/com.live.xxlive/files/.imprint
| MD5 | 33ada69b370db0101801364a0158e0b9 |
| SHA1 | 0b1d08f03dd060758c075c7a16f7ded22de4b7c0 |
| SHA256 | b7438df0a28c81448250eb3dbb83883f567db86e5d17eddb0330186df51e3c62 |
| SHA512 | 90c0d2f67842623d151cae32322b5e9f89321b5e37226db9adfd7f6c8aa22820f5a22c67041becc71da00286843a525c78ec2cd6cec82805764fa1f5fc081fe9 |
/data/data/com.live.xxlive/files/umeng_it.cache
| MD5 | 224e466c4c7f840b28692e4f3e7cf642 |
| SHA1 | 803f8adddd6765faaca9361a7af8c61a85385edf |
| SHA256 | e91f45c30a666948683c1c165bd5f2ffbe33ce62a1f539cab988913b2764e433 |
| SHA512 | f3abe2aedc0e054ad5c414bddcbd10aa76d0e5915e9d4affad4573c46341233d5455453d5b638f47fa37b5bccce24860ef2d214e2d6b9e7eed1f236a386d51e1 |
/data/data/com.live.xxlive/files/.imprint
| MD5 | ba64ea3cdeed3a57d0388aca11ad0f58 |
| SHA1 | c140154205b1f762707dcfb2edb636351567f3ec |
| SHA256 | 2d1f0bcc797fc198ad9f1e3bb6956371ccd8053939c5ee877cf40d9859b79269 |
| SHA512 | cc49c3026efb114d050009cd9159f834e078823b1c79745c4a1c62aedd2094a9a22ad9f3cad79021151c9020a0fc11065b93d5a3e0352a46a848cc0e2be4916c |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | 7dbc492e0186efb91fd8286121c01f29 |
| SHA1 | 6ca871de2d159e45272e7a2a5082b2afaabfcd82 |
| SHA256 | 192f111f0d059f02c9dff0dd4677e97add13d6bca92a3471f61b2caf50b3dcb4 |
| SHA512 | aec1efa4612d76827d4df3b0e310df87bf09c2b7f3513d936758d85f15d70408e2e7b56626ad229cfe1706c3223e00c85643892544f7afa595d424f2dee299e1 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 7969ee1a379b0ba8fc44557da4941cbd |
| SHA1 | 72075cbd6138c65ed06270cd9d34dbf6895ed8eb |
| SHA256 | fc84526ac6381bbb6f7b5bd2ba3bffd3f837ea2e064d7c3f20a6fc525d39c180 |
| SHA512 | 7f22983896bab1e9f61b4a98533a9010e56881d6d638a54f8c00a5dc572d8c5da0715e19dd7b739eb0f4bcd0cebab951a20e3ec4b0634264d34067fdf86ae1e0 |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | 6a7382ca2bb534c0aba005295e03d08f |
| SHA1 | ac70665bd3fd451cdac26dc9224c653bfcdb2d8e |
| SHA256 | 3374aff5e9416a05f149ea480d65b37d9533a70709175ca2d552920cd43c0476 |
| SHA512 | a5b620610e6b6953d22e1187f075c4f221ed66434861158cb3c25f46910320ffdc3dac8227ada64eea7d83ef38db5316baa3af464dbd1c99c2545a8ddc16ba1d |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 771a03b6d8187b1c2f8cc70806d57b91 |
| SHA1 | c85a7d8731a096c0f94b4381748da88c53d5ec5f |
| SHA256 | 157a69297e2cc76bbea1de577a019f49ac10712c6ca464c37d11659fbccf9377 |
| SHA512 | 100a01b9386f167dbad681ca8e38a285d41e2c45cf5c1f7d6c8780c8beea02aa422177b0c7f02601cb73c8056a436946f33ce9ac8ef076e6fc1cd5f5b899d5e6 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | 4b1f897d2705f5bceaf312cc22c5d688 |
| SHA1 | ac6c6eafe08d293d1d945b9932091a18e42548dc |
| SHA256 | 1e36aaa354e1e1980d0b48303321a5e71ed9685cbc81faf0eb32ece1094bfddf |
| SHA512 | 301cd7081a55af0f4d57921a9cf1e97bda4283f8323cec51795bf715faea980ab7e74bafbc400b22bd96df71547ada881ac0463fd3f445b810743697e58a930e |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 6f2fedc16a2f8f4b0f01057b8771419b |
| SHA1 | 17005037de2bfc1268847858e1745b8c70633fc0 |
| SHA256 | daabb64ac12273678d56df953cf509d8d908635a4d5f2454f14d29e965c3a20e |
| SHA512 | 574c458295fe92c12ef752788498ba20b77a3bbe97a1103bf3a5ead3ea760b09048cccd09f29f970ed6b1fbbcbbe8a7cc715ed0a03f6251a8eebb775b0c5b00a |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/journal
| MD5 | 5c0cbf042e3c73a98f9f7c9bea44a8b2 |
| SHA1 | f65be0fd8e5a2e5476872e6a318cb2b87f872bd8 |
| SHA256 | df027d17975ceea8922c57fabb51593012f8302022520d7fa52c2a0c6aa350a4 |
| SHA512 | 12796137a7948dec90f5a961ddb49f71df9d23994bd50f27eae1407934879c98be68edab2eb9c3abcb9c28a1b613a0fcc44ec45920ea5c6b75cc13b3fd3205f5 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/1a63c68bcaec41ac164115209013ddfaf5389b4d21763b4fdbd9059b88cff7f8.0.tmp
| MD5 | 44c3902f8d1a5726ea8533868719e71e |
| SHA1 | fb875d8a486c184d3684d00047dd67282d0ab400 |
| SHA256 | a451bb00c03a27c7f46489d84cb733eb492c549b0cba065201f05d4bafef27ba |
| SHA512 | 20cb3587db296d8cce3bbe737f4d05e194fee0d8010ce7a93802093ea189de2e4d090c261aee67ba02e8e63da68227c5300aee0c4bae5aaf8a88647beba979ca |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/dd40762c624679e4d00997850b9e566b6c83f29c33e00a5d032bed7810ebf7a6.0.tmp
| MD5 | b873a0a933a8864137127d10f497eaa9 |
| SHA1 | b2357789b095bca7b484103b7e0a925934d077b3 |
| SHA256 | 7f00d005566fed003ec25621210750af19fb236512d7a0e14cdbb5f1b3f1a6d4 |
| SHA512 | 9f29212dbfd8ecfdc822db4b5e3c9dae7b1245e5dd636368f83ffeb56a5a29f2ab66f650d14f54b7ceb26935db3120339bec3221532a26d0ad2deee85168b533 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/afb31af1a661a689b76a95d09f06400c074680400221a858975f97b8894d860d.0.tmp
| MD5 | 6578078da08ed55cadad0b9769a1328f |
| SHA1 | be10279ccbf9ee2fd34d61a1fd3d1a7f48f6c351 |
| SHA256 | d7a62ddca22fcb4a8d591c84cd4aa62cc1069b1478009eabe6d5d5163beb1542 |
| SHA512 | eaead140a05d72736a7720a7306550fb80d7551dc977e05224dc9d73a4598fc539cceb45c2554fbb057575d010bbd8c1a6d1c66890a5f1fbe5257919f6d43e66 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/9080f86f56a8887876ed4fad507cf2199a2b894c113852e87f2bfc35717e1a5f.0.tmp
| MD5 | 8cc53a91707edc8a2506da6f5a1a18a1 |
| SHA1 | e332a191de15617c5006a3950cb7086624e37b06 |
| SHA256 | 7bda784216be14e68c906c39031c42b8be17dc4d0a4467968987cac471e711f9 |
| SHA512 | 121cd0377dbe4dbb82218f988c8f5a803d88455d0192fa54441dccb9c90c8c16cf77328cb1cf29ca59bef48f45a419c7d8171eae3d4b6a7facb4a03cd9b74134 |
/data/data/com.live.xxlive/databases/ua.db-wal
| MD5 | bae65ec46927263434b0b5977554bd63 |
| SHA1 | 7c7c77079d552d56afd31c076674b110cdb5f0b2 |
| SHA256 | b2c1dabf848c160bde135380d4d761f570e19db29033de93aee7a11bf10d78c8 |
| SHA512 | 03de4295aa4a1880c85138614d55ba989dae974879f69587c8ea93df0d10ec46f6b4de3d7aa375e8063ca2cb8ec8c145130b6ce9a657911cd73548fc7a1a6a31 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/50c9224dc5cd8e5f496e9b1f44d1030e35a9e8670a106f09a6d8ab849d7ea5f9.0.tmp
| MD5 | 2a1b201c3b5d2d90a68459a60a9ce671 |
| SHA1 | a723842a9f6b2c7eb4ebd6865aca3695ae53eb03 |
| SHA256 | 74a9d4a207fa3a97d2c160dbcf43c11ec6d5be457f240ea232b9ddab7f83b643 |
| SHA512 | 24dea8c93349e9fc34eb81a0e77ed938a4f831d313ef0c1ab1d1e25684252996de90326288909d8f3dc1b9b35dfe1987962cc2325024d652cb3ae5a0ec1876a5 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 2bf57792a8ee6e17a88fa88113cbcbc3 |
| SHA1 | d0790cba149604a49112e2e25a1a057f165d7840 |
| SHA256 | 764a538fad9c1ff0402520e9199860d9d88deb96b8beb14610eda4e350e4ed13 |
| SHA512 | e160058392998ed828eab797893ab330cd46a0c1101111f6fcc9c9bf65183ee85454149b88901da58cdd2aa550f0a2f80e8e2fee7ae0c0832a20918218587198 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/70050b75bcce6efc36dc6e03db67d8a559c1efa04af3ef1ff02b04052b9c70bd.0.tmp
| MD5 | 7d1a8429377f2276af3eb71dedc41b08 |
| SHA1 | 06385223b02bcd0e7d7b136365217412fc084ec5 |
| SHA256 | b966888a3e63cc8318eeb1bbe8d24a3b66bc53dfc8f2b13fe5bdfb643cdec01c |
| SHA512 | 5bfb5a1c644f395e18b1fdc2abb90e6b49cb01aa0c1ee4e91a2c98336a8a5fd1c40332b64483cac549cbabad505732045de146077cefb5ca4491b7a0cfbdf9f2 |
/data/data/com.live.xxlive/cache/image_manager_disk_cache/2413994b1212be5cd69945f46a3ae842a985d3560acc3827de5c395dea67afe2.0.tmp
| MD5 | 1ff046be5445940a6fe0cb71d1ace55b |
| SHA1 | c70ca2ade978aa5efb38c2bb88edc96e658cab68 |
| SHA256 | 58c62d05819a0fefc4772b718a8f5717676c56c896e6c494a8c7d80ec08ea43e |
| SHA512 | 4700e97f879b50ae07477b2d5b78fdec7c735780458a3322cf84f17f8d23af7ef75f3576855c3ce6167349944e8dcbf8de5a98e5a452af7fd15bdcd8732adefa |
/data/data/com.live.xxlive/cache/oat/gg.dex.cur.prof
| MD5 | 0a30646199a1000b284c96a6c917cb17 |
| SHA1 | 78c84066d81c8b116001b42453e240f17e775228 |
| SHA256 | e1e93f0af017519eff9977e3f0bc277f6530c1473ed242f1d7349fdfc13b6d7f |
| SHA512 | 2543f72273d97b0fe921ea6d4c10675b04a3b038c5a57c8082ba11282c9a551e1cada65c97696e025ba720da8278837251fcd6d2c196d20dbd7d06188b755c9d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 10:10
Reported
2024-08-25 10:13
Platform
android-x64-arm64-20240624-en
Max time kernel
159s
Max time network
132s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/bin/su | N/A | N/A |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.live.xxlive/cache/gg.dex | N/A | N/A |
| N/A | /data/user/0/com.live.xxlive/cache/gg.dex | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Listens for changes in the sensor environment (might be used to detect emulation)
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Schedules tasks to execute at a specified time
| Description | Indicator | Process | Target |
| Framework service call | android.app.job.IJobScheduler.schedule | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.live.xxlive
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | api.78nm.cn | udp |
| US | 1.1.1.1:53 | app.avohwtpgb.com | udp |
| US | 1.1.1.1:53 | api.iavbobo.com | udp |
| US | 23.170.49.209:80 | api.iavbobo.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | sdk.cferw.com | udp |
| US | 1.1.1.1:53 | anquan.luomi.com | udp |
| US | 1.1.1.1:53 | log.umsns.com | udp |
| US | 104.238.128.165:80 | tcp | |
| CN | 59.82.29.162:443 | log.umsns.com | tcp |
| US | 1.1.1.1:53 | plbslog.umeng.com | udp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | ulogs.umeng.com | udp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| US | 1.1.1.1:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 1.1.1.1:53 | api.hclyz.cn | udp |
| CN | 36.156.202.78:443 | plbslog.umeng.com | tcp |
| HK | 109.206.246.131:81 | api.hclyz.cn | tcp |
| SG | 47.246.109.109:443 | ulogs.umeng.com | tcp |
| SG | 47.246.109.109:443 | ulogs.umeng.com | tcp |
Files
/data/user/0/com.live.xxlive/cache/gg.dex
| MD5 | 45fed4c5a279c6fa22258ef963916cc7 |
| SHA1 | bda125976f40b8fdf84580d3e0600b3071c6091e |
| SHA256 | 1354684c547ddb91f703160e0111818458b32381da21f1fa103b90b92539e34f |
| SHA512 | 798651fc48c856c564d92e48aa4c75e30c2cef08815648d11312b08d366618ac308d0d4e25426d2514cfa74b08e4b87ecc98f17ed24ab01ca7e1f8098c0b1d29 |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | 69b97bb5c7a27ceeb34d0605c40870d0 |
| SHA1 | a4efb2a824de392a726358c2dbace1b941671dee |
| SHA256 | 1236720ffd886fb7dc115a8380ca45054a6825c6c95e34812e47c232093436b0 |
| SHA512 | 2aeb1c3bf85cd7e78b1f6d0367cc65ae9c9a905527a0b0a6e70354bcee3a368d0d52081a92bc9edb2fce9d46ee958b52a1b47db363aaf154dfc4655ad94352bf |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 4a8120c91e3143b2db43971dbc77cf8d |
| SHA1 | 37c5700d35059c4e0a718ced73b3d73ba5d2b277 |
| SHA256 | 1fa1b6e6bd75bcef64d35785e2fd6f2e73dcdf92dce73c8b2a8fed49746d53bb |
| SHA512 | 465cd282927e30a0a894a75ad261feddde5a31869c8cea6b548362afce08fbb7cff7a784bd1d62c3e4c95916ce30e758d3919dd4cdc13176f29d68c2620c185c |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | 558128bce6a4649570d20d9359a34315 |
| SHA1 | c12f1803e0a8261aa3f4bb7f8d26def1ed2eba3f |
| SHA256 | 8a06fb1b85eab0f1cc7d896fbb1d00e7aed9a5fdc9e3d279fc4003a28211800e |
| SHA512 | 304998cd070df6846dd60cf41fb850f8c75be2e49042733f5573a94ab89894b2c94ea4913a4677b6bb4733ee37c6ca5c0624818b726f9a8f10ee450608670f77 |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | cfb6d7db035e58dcaa2db342bd151098 |
| SHA1 | 6306903d9c50c325f16daeff50d4f9a56524274c |
| SHA256 | 611a3d823565e0dd654d6d9e8058892c7a31c56907690c1098a15821710d955b |
| SHA512 | 1e86caad7b98ac005ee72071aecdafd5df5c8fabe11a5515116897ccf3a8d014a05fb054ab0cf3149c5af9e036a6113828dd52ab32f5efecf25f003a98f8ba61 |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | 4f9d3d9611bb3ed73c6ef84ca9a18428 |
| SHA1 | a02749d1261fb035ea09aa350803867d69921fde |
| SHA256 | da1f580b45a76afa41cb7db9a88697e7621814054e7447906dfa0adfae074a6c |
| SHA512 | 858e2ed039d13d6081ec5a8963ed355f6a318ef792e714db1f375926acf99a5732e2261cc7b95b6aae7dbb6bf1866148568cddec65f45e99bb98bf0a171fd300 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 730e25303def4d28f8e90f24ee986e9c |
| SHA1 | 8efc867fac54df7fe08775738fd7c2c61f10c80d |
| SHA256 | c50d9352885aef24478c86ffbad9475f4c20827166e41617aaf352bef1ac5ddc |
| SHA512 | 838271d3a298ebac2b02fdd689d436d3ecc25ef82d93333bd2db501a26d1de90dcc8e5fe5ec9d2e1a32b9bfbf90c3ae8038b6a490984640ff963d39891c96fd9 |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | 74b8eb4c618e6003c721a7669ca244e7 |
| SHA1 | 1ebce8ee42b555da6a5aa9b3bcad0be3768f5c19 |
| SHA256 | e47baa0352bf1c59341d1374320ae899ebd97fb46d00872a803bbefbc1e4baf5 |
| SHA512 | 0f58c16f070cb6681010dfac77df46e74361b867aacc96e7e0d82e44433c1c52f4e36eb9f70b91b4f6048a612ab9b8973b9628603afd5e2947d76cf9220e1909 |
/data/user/0/com.live.xxlive/databases/share.db
| MD5 | 4d8d2af5e79ba08620d0ce8f8f470958 |
| SHA1 | bb8acba370eae0dfc619b5f3e6084adf23b888f4 |
| SHA256 | f3129fa04e905e8a600038448690da9e69854eabb7321350a2fba4649108d4ef |
| SHA512 | df9fcfbcfe051751d88db9fbe0925483cf950d451ee915b1cebabd220dc3169b7d2b22f17e2cfaeabbbfdec7076907eac4cacc60491714a4343a4ce4fd75b6ab |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | a603caf0e4bdccd4be38902fb1b8127a |
| SHA1 | e07eade4bdebd6a0db7c6881b0aaf6d469bd4490 |
| SHA256 | 36998e5561b1e6ab61cce12a53254dbd48382ea79ef7008aba3193c4f9dc24f2 |
| SHA512 | 35ad7d38f3504d52c7311ca8187535795715a5027e41618188f18b34045d8a5a7bab15b412f0fa91c42868614b7bec38960fd0d59de97a954b4b6f641584e2ad |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | fe82b6a35b0055ce3715457ee91e6540 |
| SHA1 | 7fd2b49489e6dbc5a309ae715f812edbdfe97f7c |
| SHA256 | 104d642b6f2bfd22eafabbaa070ca34cb9f85bacb96f14317a2f6f4e4bc171ab |
| SHA512 | c68965733430e3633237adbc26c8ab0a33f200feded118715288eaa8f0d1ffe36c04c07d49c7e6b5a4116c851ca42ae6ff1e89119c8931041d1cc4d0668308dc |
/data/user/0/com.live.xxlive/files/umeng_it.cache
| MD5 | 41a54cc2c30b5260dc6f1c4bf8214886 |
| SHA1 | 49aac086b3123be403f1983a5732bd7e5c6dd199 |
| SHA256 | 1e82201944fbc6d1ccaa623b0f76006cce9df3bfc60ef2b1f07e549f6d1e1078 |
| SHA512 | e4609fc06246cd45a85ddc92d42eb02b4476b5bb8ea97f01a2bc5e6f15b303d3c7b2b751c02a4041e223d8b86b269821acd080243240e15d4c92a8f2a385f089 |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | 650d8633d672937e0c367b3be3755662 |
| SHA1 | 86e51d918dfcd480b5e21d907b45b154d206bf9d |
| SHA256 | c5714a659ec4f6fb2a6bf807f123413dccee91b85b9475d0beabc48c91074e1d |
| SHA512 | 7c0c5d9f642c06cd23224ffc8fff03341e3c0f550fbe28a7f31bbb408a4f4bf0efecee1eac603b1b339d02dad5a877465b650cb1a52f21fbcf079e0e3abebace |
/data/user/0/com.live.xxlive/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzI0NTgwNjY5OTQw
| MD5 | caa341c5caf9ee3860199d440f73f9e7 |
| SHA1 | 6387eddd2d56f6cd14289f04a33177b33e2b574d |
| SHA256 | ecc674735ddbf4f53d4eadcc286aa0304b4b8f190434447395504556b6640c14 |
| SHA512 | e16d19db8c3e012e173bba4acc06bf59318675a9def7753a5ba336b514c10d7a325ea2edb99909ac5bcb47c47f9f33fe15edb5a41571773764479a978f94367e |
/data/user/0/com.live.xxlive/files/.umeng/exchangeIdentity.json
| MD5 | f44e9e233700274fcc7fce08165e365b |
| SHA1 | 4b10057eb8b0d192ee2465e817cde377a6f2be73 |
| SHA256 | b4d3b59aee42cb5aec7df47338938674f09a15b2bceda231e2c6a1f7897e0099 |
| SHA512 | 7a7fd2307454210ecebf33181af9ff77fe628add4ac6871eaa630afbac86c62e592609e9895edd47c6cd16d4b6a1c2eff2e78273455feb8457607dcd18ed7e0d |
/data/user/0/com.live.xxlive/files/exid.dat
| MD5 | 7f5b373ceacc275bd9fe6cb9d1dd6dac |
| SHA1 | 6a64c15903d39fcf07ca0525ecbff1468e8b549e |
| SHA256 | d443c8dca51c12c563de6811a4500487055d4fdabac330620509be20adb998d7 |
| SHA512 | 84e34619434180bb9ef70a78876ccce7b01ad24880777af6519bd864949c72b45cd2afc8d62fcd061a0434ae1b0805e7237b3700295af2a862947a4ea305d8c2 |
/data/user/0/com.live.xxlive/files/.envelope/a==7.5.3&&2.2_1724580670319_envelope.log
| MD5 | 6d05a9e6c3901fa0f636a187685e675b |
| SHA1 | 7e4c233f781de1506f7483a3b9e422ed8cc43bd3 |
| SHA256 | 82b38fa1271a83f8c4c55de1e15b84a6068f8c9073bc2377d6ff85b6a5caab35 |
| SHA512 | c32f460ee2a9654d1bd733e92a9fcf4a2ed7c71a826054e5f51bd3a9934a74f2b82f7778fdb8ffd241c7f50107961c2c7de3b550428aba55f01b42ce52a0a3a7 |
/data/user/0/com.live.xxlive/files/stateless/dW1weF9zaGFyZQ== /dW1weF9zaGFyZV8xNzI0NTgwNjcwMzYy
| MD5 | edafb49b3125d050c725f22a0707c31c |
| SHA1 | 15b07b588dab189382e62975362693c76876b510 |
| SHA256 | 2c5bdce55958d698fcb93c2f8c4b0110dd6cd88daf7cda02f4777e5bfdd0881b |
| SHA512 | 10b8a9cedb52179f7190a6eab4d3a6117243cad0ba17aa70b6be1e62556bd5e4b54a87a27f68d847f996295f4543485183f5b69f9fb44058fc991c1b777a3785 |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | 0d56d03be3581396e30a5fbd909a631d |
| SHA1 | 7d55d84745d93281d4ec8aed19c182dc2a942fda |
| SHA256 | ed4037e2dc8b536502d42cf5b56e3176d409f7cc217e84b1c73b8d578d23a7fc |
| SHA512 | 428143e4be3e5a6299e740eeda94994a9db7211500c0bce285f846e64b5bcee4bc76326537c9e509401c1bfabe3df08c6c6d22b8d059542dad887e5a1f4bb082 |
/data/user/0/com.live.xxlive/databases/share.db-journal
| MD5 | b109dca2bd1e44d87c3f60bb2fe68def |
| SHA1 | c02345cc583df091e499de577e8172ea4327b686 |
| SHA256 | c892a70813f40052cd9888fdf0a94839aea2aa3044b4b4819cbf0f52baa1d0e8 |
| SHA512 | 77e6d935d9ff3d6a4c2ce3578abe13442b072c2aa12fa6e6d035c999d3f69dd438d43785e730addf8352d6647447fc837c0133eaa9be027cdb1cadbe1d112c65 |
/data/user/0/com.live.xxlive/files/stateless/dW1weF9zaGFyZQ== /dW1weF9zaGFyZV8xNzI0NTgwNjcwNzg2
| MD5 | 446caadabba20c26cde8dd0a6ae76099 |
| SHA1 | 963b7f8d727cf77e9accdf1404db5acd863f5cd1 |
| SHA256 | d3a3640a4a842ba9a1b29f9e5dc3181d59852b8fe0cb59591bfcec82a4b2d7f9 |
| SHA512 | a788c714f0088a4589da0e11d22bd49d271c2cfb9c709d1dff08660aa9c52033f5ea467e5abddc9bd707799ef891e754cb7212cb42b2a09de29dd2a834239805 |
/data/user/0/com.live.xxlive/files/.envelope/i==1.2.0&&2.2_1724580671205_envelope.log
| MD5 | 3e8ca1a7eef23440b13da75d40e535dc |
| SHA1 | f7d77f109b8d612f383ede516eac76bde78d8519 |
| SHA256 | 32af23a30478247f184a565d25b3b1759df0e829a84f5e3ee8ee88b514006338 |
| SHA512 | aadd563490b03ee9c8a7b16ce9e1ac71e16c361f78e398fa0e40a855df4cf8ca79d84ad4e9922eec6fa741486160950b98ec60d337d88c8d011ea82fbcc9aebc |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | ecd62d9f272ed33d0e02255fda86bca4 |
| SHA1 | 9e7544e3986a480a65cbde50096ff919d6ab56d4 |
| SHA256 | 00561219e78bce905eb2e4847e04c8812020ad99ef3cdf13a74cb44e56946d75 |
| SHA512 | c62dc30ce218de0dc39c1de03538f2269d59d1ae871de06d484f936b74414878f1c1f0d2ed3562e34c27997a2b997864ee4f3da38c9c07f11a7dee4cba980855 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | c4d08a7e6713b987f29c13022d1b951d |
| SHA1 | 5ac0c9fbb2448d1614d18de850550b7f42d747bb |
| SHA256 | 5400b33b588069511a36d3cefb4a1984061f7851bd748b1f2c2e7f8cfea4076c |
| SHA512 | 5ad3a144c2934cd3e2e0cfecac5fcfe3c5f266842ee0b63e7da593fc3fe50d8b84305ebda4e3cc75409fd5bb75c2b1c384093a5fc1367741cd92e9f0987a205c |
/data/data/com.live.xxlive/databases/ua.db-journal
| MD5 | f837d8bc311c4170b5734a840e5d707f |
| SHA1 | 7f5b7c631bf9f2bee855afc018fcc588600dd636 |
| SHA256 | 86f4a12141f540c4ca77565ba898240667bc9d39c32ef2f6d8c6117d9ec99b30 |
| SHA512 | b17b445edd87b7d4b95cc9346966591f4c0885ae81db7271fb5960c5a25da19ae64cb857e9f771bce027345db6377f458b634de7f01ca5fd3a05f3f26549976e |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 721ea0acaee0c72818707ee5eb42a6fa |
| SHA1 | f79b3b24882609bac9cc8e38f12ed55c4dbe9e7b |
| SHA256 | 15bad8f891adba3050ab36e94d52cf554be29afea4bf4dd0623370fcc4268793 |
| SHA512 | 750f473dc88397ee13f47a3665ae9d868d197e0cfa7f4cbbf82f98230e2203d04c76b17dc4a1eab34ca98f1c463061dd00f789768fe3a0981b49a1d34bd69622 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/journal.tmp
| MD5 | 8c92de9ce46d41a22f3b20f77404cc1d |
| SHA1 | 8671a6dca00edb72be47363a7071be65cf270373 |
| SHA256 | 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274 |
| SHA512 | 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/journal
| MD5 | b65896c7e6e9564acfadf75ebb6b9aee |
| SHA1 | 0175af5aa2b24c5106d77eb1909258bcf7d70cb9 |
| SHA256 | 4c485d3f6e8d67bc0e7e1ffacd337ed5f1e58d7d154eb7c3d28134ffdd7b6f47 |
| SHA512 | e92ed6d6721cdf15c85fb1629b199bd36c567a8146f0bd298f0366b76d012e55db66840885988de26b402ea02e695e47ee2d383db06ace03c0c0a6ccca987829 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/9080f86f56a8887876ed4fad507cf2199a2b894c113852e87f2bfc35717e1a5f.0.tmp
| MD5 | 189e069aec5f5cb86fe08c108384aefc |
| SHA1 | 288509ad7e23ae42cc57d92553d3060e35be91f3 |
| SHA256 | 010654100d889ee9495d71b99509fd9aad655fe1d476fbc029cec340295bdf64 |
| SHA512 | 3f93ed8aa90c1e4434ab632cacf06a4e95e86b6435e8922511932ead3b65ccc151388c6e0a65a524dfdfdc6065a36c95d4daf2cf389cf95698f401d0d2f51649 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/afb31af1a661a689b76a95d09f06400c074680400221a858975f97b8894d860d.0.tmp
| MD5 | 2b943d25eba202d2ce4e5674da234997 |
| SHA1 | 4597839edef2117c409d676e4ad48491405ffe1c |
| SHA256 | 4b5efd5689c8e4ec1ba66b934e55e0c144583418d37a106c5740a46073e3fe1e |
| SHA512 | 35dea0f244fe5a3ee7e86775d94937ba3a44ab73abe3a51ce0fb0e8f4eec79d793636a6faf27d5b246e12d1541c11e56730c5c24789f320ef496dfdfb9a709e7 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/1a63c68bcaec41ac164115209013ddfaf5389b4d21763b4fdbd9059b88cff7f8.0.tmp
| MD5 | 8bc3d52d1e3451da7c072c098afbbb1a |
| SHA1 | 33fa661b08835289e6442c17c36da97ae66b8314 |
| SHA256 | 269044af24942c7a6f591cc1c005557dbd9bf908a5cfcc7eb171ec8b5be30efb |
| SHA512 | 48c28d7060a758af7a9f0876262c2ff52273a7a770fb3632f472faac28683ee1fff6ee2c03161ff98e8c82c73bfd5f4728713d202bdfb2d7e322e14d5fdce209 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/dd40762c624679e4d00997850b9e566b6c83f29c33e00a5d032bed7810ebf7a6.0.tmp
| MD5 | eb8fb0d44a02db94d9507b8c6ca1a812 |
| SHA1 | 29162e1fe059b6cc848d72ff656325d687744922 |
| SHA256 | 21a2a5c58e4b5de54b32f1db1f009f49ec78aeed878383f2f34584572758e724 |
| SHA512 | d4b46580bf0f5bdcc71f11e27efbb62c85e64653e2c0702f63d5cb141d5935b2869c299e61574a1005b02577ee2afe5933e7faebf3b475ee757737f5bc6b56af |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/70050b75bcce6efc36dc6e03db67d8a559c1efa04af3ef1ff02b04052b9c70bd.0.tmp
| MD5 | ae8222aa8b5f0e0a2483a02999dc4d5f |
| SHA1 | a70207547a6a1b41f924bbe2ddecdd8a0ee9d081 |
| SHA256 | da0db1bf885919a160459fc5308f60c63c9ca4f90913785262c354fc8f1c08d7 |
| SHA512 | 847858ffeae526c9dbb5dc72f8ee70d29f0612a758e556b64106af0376ff459abd935ca4bcbc8696d0b691344b6681247ce91d1b5d703b1e60ed745ccd74a2b9 |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/2413994b1212be5cd69945f46a3ae842a985d3560acc3827de5c395dea67afe2.0.tmp
| MD5 | f918daa936d009a1b744d1fe09aa659f |
| SHA1 | ad754502f97b28b72970d6fcbef4dd5d7e3350f8 |
| SHA256 | 3850d105ff6893ead69f2f8c199e32bc987c51c4574052be68593678cfbe7c3e |
| SHA512 | 7e05016c4aa34fef7f72f6754943ba69eec59773c62d7106fbf4056824a15d08cda936f6e1ba79eb78ea0a52e245d08b8eda348855aaf05ddf2491bda896cd3a |
/data/user/0/com.live.xxlive/cache/image_manager_disk_cache/50c9224dc5cd8e5f496e9b1f44d1030e35a9e8670a106f09a6d8ab849d7ea5f9.0.tmp
| MD5 | 469b41b1cc377a5915f0ac49061a9587 |
| SHA1 | 071725dd543b8ab27e1120e362103de111a64070 |
| SHA256 | cb7c270801cc00eedb3a00a35f6adcc47920111b4aaa287763115cb30b9e498a |
| SHA512 | f8f95da30a112d9a8ae743576aa1651fa80fd5005a1056aeef94c38a9e01215af5da480828ff1bbc15b4c2bf5e29593d560af1471233018ae9650ac7bc74878a |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | 3f6e8cb1ff09793cf3f3de24681653b8 |
| SHA1 | 99ed5163ff526e2f669514eea999b8dfcd20a9ce |
| SHA256 | a7b292a0f571b7d8532c8c15d2cb1bfc1d0fa984e91f267b1f1b4cc1477a9867 |
| SHA512 | 0f5878e9fb91e905d16d33b62d80ce2679e0cec2d8cb79a574494d54dbd10c6470df36f8121039489ad4b2d1e03bcd963df4626cdee3519b81694fb4265a6450 |
/data/data/com.live.xxlive/databases/ua.db
| MD5 | a327e220b7a012bba8fd1f72bc463414 |
| SHA1 | 55e19921b3be1ee1f353f9317200cf278a844005 |
| SHA256 | 026361ad3976cba56a27e226871648c9f113be1826e05170eac85ffa776c6c2f |
| SHA512 | c82229853bbb4f3fe7618102a9d6c2cc53d3f3f2884f8a1aee4412e8b07a55b936ec9d237fdb1b892665ff2fa7e967d0194d57fe91e3b127633656281260b26f |
/data/user/0/com.live.xxlive/files/.imprint
| MD5 | c428e881104fcee1e612fbdd8b22bcbf |
| SHA1 | 1ae3e8cf82c34e44bdf73284ec4e77d3533870f6 |
| SHA256 | c91259ab134b1f0e1fbb44c856f483e301441d3f3bd1310b4e4bd3a1a4120eaa |
| SHA512 | beaec0b97a1e0dca2e3b48a1646cb18e35a797d3a78cc68d7af82a9c023e26eb8dd058b7dbdef4eb3505e81095106f7f99b683750ce860574632b499728833d8 |
/data/user/0/com.live.xxlive/files/umeng_it.cache
| MD5 | b8fc4677a5bc1a87bee67a2fd2f9edad |
| SHA1 | ed10fb4eed03fc4129922f842b1dca566774bc1b |
| SHA256 | bc0714c841f0017634f7f0aace16d11d49e060154a2169c6398e0348761844f4 |
| SHA512 | 32946e5279f3bbb30e4ebf1fd0ac137f4b0d1c9ef446e0ba0b0f80375da306ba2344e422f7f9d59ebd4a46b720034e9cb89be1b958c740001c10bab53a37cf05 |
/data/user/0/com.live.xxlive/files/.imprint
| MD5 | 5138d855a52bdae81a7f577f6eec1bcb |
| SHA1 | e0e7f98cb552f69ef7eef30c2b145506d96bf692 |
| SHA256 | 434db45fe58878f468b59bda5d68b3f7acf9bea1cccb7dcc00fb164392eb94ce |
| SHA512 | fcdaa59b3425a530bfaff0bec2eeb4a25e7dea232738e4bc79fdf6207dd7a2c7d3b1e5e0c86bc2219adff4efc5f0355d448d05c4b53dc12b2fc7782e6a273d69 |