Malware Analysis Report

2025-08-06 00:57

Sample ID 241016-2j6tdszgpn
Target 4f663349f35f52cbfc2eda0bfc5f28a1_JaffaCakes118
SHA256 361d36741bb94d69a20e8ff4554a663805f629bd9d0ad59ab1d691e231811b55
Tags
collection discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

361d36741bb94d69a20e8ff4554a663805f629bd9d0ad59ab1d691e231811b55

Threat Level: Likely malicious

The file 4f663349f35f52cbfc2eda0bfc5f28a1_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion impact persistence

Checks if the Android device is rooted.

Queries information about the current nearby Wi-Fi networks

Queries information about running processes on the device

Requests cell location

Queries information about the current Wi-Fi connection

Queries information about active data network

Reads information about phone network operator.

Requests dangerous framework permissions

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-16 22:37

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to monitor incoming MMS messages. android.permission.RECEIVE_MMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-16 22:37

Reported

2024-10-16 22:40

Platform

android-x86-arm-20240624-en

Max time kernel

123s

Max time network

127s

Command Line

com.greenpoint.android.mc10086.activity

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /system/app/Superuser.apk N/A N/A
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.greenpoint.android.mc10086.activity

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

com.greenpoint.android.mc10086.activity:pushService

com.greenpoint.android.mc10086.activity:remote

/system/bin/sh -c getprop ro.board.platform

/system/bin/sh -c getprop ro.board.platform

getprop ro.board.platform

getprop ro.board.platform

/system/bin/sh -c type su

/system/bin/sh -c type su

chmod 0755 /data/user/0/com.greenpoint.android.mc10086.activity/app_bin/daemon

/system/bin/ndk_translation_program_runner_binfmt_misc /data/user/0/com.greenpoint.android.mc10086.activity/app_bin/daemon /data/user/0/com.greenpoint.android.mc10086.activity/app_bin/daemon -p com.greenpoint.android.mc10086.activity -s com.leadeon.cmcc.cservice.PushService -t 60

Network

Country Destination Domain Proto
US 1.1.1.1:53 apm-collector.qtestin.com udp
US 1.1.1.1:53 sapi.map.baidu.com udp
HK 180.76.11.208:443 sapi.map.baidu.com tcp
US 1.1.1.1:53 clientaccess.10086.cn udp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
US 1.1.1.1:53 loc.map.baidu.com udp
HK 180.76.11.229:80 loc.map.baidu.com tcp
CN 117.128.1.81:443 clientaccess.10086.cn tcp
US 1.1.1.1:53 rqd.uu.qq.com udp
HK 180.76.11.208:443 sapi.map.baidu.com tcp
HK 180.76.11.208:443 sapi.map.baidu.com tcp
HK 43.135.106.212:80 rqd.uu.qq.com tcp
HK 43.135.106.212:80 rqd.uu.qq.com tcp
HK 180.76.11.229:80 loc.map.baidu.com tcp
HK 180.76.11.229:80 loc.map.baidu.com tcp
US 1.1.1.1:53 sapi.skyhookwireless.com udp
US 1.1.1.1:53 dns.map.baidu.com udp
HK 180.76.11.229:80 loc.map.baidu.com tcp
CN 182.61.62.50:80 dns.map.baidu.com tcp
FR 15.236.15.186:443 sapi.skyhookwireless.com tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
N/A 10.0.0.172:80 tcp
CN 182.61.62.50:80 dns.map.baidu.com tcp

Files

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-journal

MD5 a1302ef5e4e044ed2c87c691127cbdad
SHA1 e16f10f9a7bb7bd5a7b4ccf7262498f4d3f1858f
SHA256 12610b65d44b784e25674a7d4aa4997519666b4a26c3dcb4a98ec75b38cb595d
SHA512 dc66df778900e8730e16146bd04fe8e7cefc51a046f284d7e63b5fab4821a19137559abb0536677bc09fe278d1995a3aa6fe00429cea52615bdb527429428d22

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_

MD5 8525d3a3110d88136867fd375eaaccf3
SHA1 a4fafd8d6b0a834cfde084d53924019e63d909f7
SHA256 b74818dd5e8e726204df648516f7ad6dc6b42b68a5cae15a2ef30bd493caa028
SHA512 81202417692dce57e0b4b2c6b342661edee5a90c1ab7748bfbb2e057159e9ca2365c1874e870bbb78a13e5fc08f0a6d27f2f0bc55e843b12f42856529002fc69

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.greenpoint.android.mc10086.activity/databases/bugly_db_-wal

MD5 3e4aeb8644096e075660b2dbe69fe5b7
SHA1 5942b7db04f17c19ae3e53054ce0b660500902c9
SHA256 2687d94d72878f08d9088ebc411fb30820cc552b0456807a363f63b7a97ac834
SHA512 38a50e0e00ddae64dd1f2fe8621b7877dd8968242023ac0021fd4859c31e3044a54b6bbe4cb616aa508ae2222bb9abdf2190f9cc3a2d84d8437228572d8e01b6

/data/data/com.greenpoint.android.mc10086.activity/databases/TestinAgent.db-journal

MD5 f9e5862533e62a0c6c0efcae72443950
SHA1 3f6a7bba980b56e69ca93edfdaac8ceca98b6a8e
SHA256 9e5a8882d333baeb70a25eb12eafe147cfa5167250905dbee01cb846af48ed7b
SHA512 11710d28bf42134d98eca1367662cd137d677959fc526706a34f20ffd269e51ef27622594ae3f2e7cb25dd508691b0b3ae56166fba8f756b488202ddf9e1ca33

/data/data/com.greenpoint.android.mc10086.activity/databases/TestinAgent.db

MD5 2dd0a9fc1f76574a97b74775fd3c0e8f
SHA1 23f02f838102d34c51aaf992409130df3388b0f2
SHA256 d6fa29a447137eb9675535c56f81d2face431da3bbdc6b6bcb7c55cdb6a09ba0
SHA512 b961bb9a3a785231de2b64d5aa0478314903aa0c4d2dbe506ddcc1587656604ef3e2c0f580c566f17c161571ee9f8887efadb7290416f92ec644a4c0e4757086

/data/data/com.greenpoint.android.mc10086.activity/databases/TestinAgent.db-shm

MD5 b98da1473175b3df100f066bade0b2c4
SHA1 898cfa6d1e88ee036fbb73fa0d0d80fcf4611dac
SHA256 d219af6af85f7f2935612f1b42d695ce1b289ab337537262d6fbf98165b68b03
SHA512 bf74152a7177962a7a4f5a6282460cba0da1254babf3b86c584dfef12a6bdd9a209299ba4c69cfd47c2c01af39cfd0b8b6b64f1c155dd6efb47b6b505713b5d4

/data/data/com.greenpoint.android.mc10086.activity/databases/TestinAgent.db-wal

MD5 72edd2dd971035b5f75da69eaf165953
SHA1 3efe645d8f65b6439f4551a4bcc7d1943066dc6c
SHA256 c3b707001a7727e76cf6c6f73a99c0c319a22a87b0490143b320739988520669
SHA512 65399dcf7081e40383ca1001d8f1a607746f715137ab0205c60d4c70d5da847e5afc88f707f2276a4a5fbf952560340569d56496dbcde89fad9ef8bb7ec93bf3

/data/data/com.greenpoint.android.mc10086.activity/files/ver.dat

MD5 b280ac415425cb9673073cc8202c3837
SHA1 b83eec2e972a0ad85d37ec8a2f842a59a58076f9
SHA256 154c6972c567f563cf7fca8a4f266e79d432073aede6c761fefdba26ebe8c446
SHA512 785d707e987a12e59335b7b06cf438a44bca6ef32f71e51d5d4543c824efbc12168207d322e3d5729272194e03c5ad4c1059b194c8fd6a7300fe919c4121fe17

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/a/ResPack.rs

MD5 0357e8edde36315c0e0a4f5385de625f
SHA1 2e6c6f15010e88dac5078f34e31a8ddf5e032f2f
SHA256 44764ad74b21113fb17b21899bd0d4c81740544e868eaad680553b3bd0cb016d
SHA512 497385b4e3b512f6a4365486d40bf1ed298422087f23a352ed2cec96331b9b012814ffba9c3ba83af5f777df16b53bbe1bf3ab8313902db49011f01a3024cf93

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/h/DVHotcity.cfg

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/l/DVHotcity.cfg

MD5 1eab7b21d4075f7a73f66fe11ad94805
SHA1 3e9b2abdbec51cf6057b7635cf7e1ab683ebbc5d
SHA256 bc587f1f8d48e8cb0dd197bd8912a14b3cb57ea095426c62e069d5a378c9171b
SHA512 3ea619e35552efb72fc009aad9fca88ab2180cdcd7afe3c2a9de08a85025758a144c1ac8645fe61290ef3a0193385830175060def0ca4425d3a2f5db4178b310

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/h/DVHotMap.cfg

MD5 738193b0cd65a7dc3d2d55c8164a96ea
SHA1 d229846228036af00a6c65cf96742c2723f2def5
SHA256 b7b687981d7b9cc9cdfb92b28d035de4918a337733ad594d38c02d5fc9d61d11
SHA512 e23f3ccc0f883204b9f44b8581ff7e65a19be78655441499c081f336ec240f6268a09e75cf31b95c2b9dc1093dad467e8115725387393768f86fe467ee6116dc

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/l/DVHotMap.cfg

MD5 3103f26f544c15d30122e13876b57535
SHA1 a78696de90cd36b0d698c848feca61afd7b07ca4
SHA256 cd145eb1b32d09dfe4a2aada0acb5ac4019a5d30838e6e37ba068bc2f35c54ec
SHA512 589871d0e77923c2aa3cd0aea85058beb7e66eb17f05f9f55f1adae87ee811f0c8d7c13313908c20d58cdc31171da912275184eae3d0e051123d854836b63b5f

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/l/DVDirectory.cfg

MD5 65685a117c72fe8fbf5a92b07073c99e
SHA1 b115b527f74e4c291edcaab19b316a446aca8f5b
SHA256 19bcea79613a5c3bb71dfe6b311241fcbf3534b538f0b147c7e849b58b24b2b8
SHA512 e5821a5212f0790db33ec7274f018b08f499557ff7f2f118021a7905573e8dd66e716fb02144919d96eeec7da9db921c756a88cf0a050f65a9f8de3894dcc253

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/l/DVVersion.cfg

MD5 d54b7b380a5ff46c78283013a07d8e0f
SHA1 f697c5f7028ba2679a96d6bc5291c38ff96d7982
SHA256 c7ad837b097687d92e0d944815fc70adcb0e1cdc82db28f728d13e8a48d7532c
SHA512 ade792589c33179c51305f201bfb6db28c05b2ea098d12bfefc1a5cf9bd3014d53830ce2e71f027719ee1b83b2394c7654b5ddf4fdc7f678840869d2a2787ef4

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/h/DVDirectory.cfg

MD5 4e9eab735928758b860e48b2f9befd7b
SHA1 7223dfdd00f8059d3b83c28c6f7d78d2dcaa0569
SHA256 1a5650bc57e525ff23c7f0cd058d4574142e772c51a89867a13f89e13b93d6b4
SHA512 c7465fab9518be687ee63cbe044f28a4d5c60f1c043fab0ec66a856b2b542c9d99d9ef5812c7eb2033f797805ba37b821572b83eeeebdaac4854a4bf53977599

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/h/DVVersion.cfg

MD5 298924848d2517a508f43ff0cc51bd3b
SHA1 b9fcde7b86653ead6deb57280a6049cf87745710
SHA256 0b6eb1f518059d8c472bab90091bb26d9ab877f6c70fac375412ff1582b8ca3b
SHA512 63b88c5b9b971ec52a5f724485d9998bfedb073e84ed63bcf0337e726923510d97a8ddf87371b5620f89ba788af01db58300638fff5031856c77dec8e18b4342

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/a/mapstyle.sty

MD5 46a9f9a5221dbe4ff71bfcd2ee045c5c
SHA1 915cb3bc2f0096dede38afc1cd7f09c8782360a9
SHA256 ad3067eb308a9420b727b4f24dc5134bc75b36bdda7a7a7c5651090698dd10a9
SHA512 185530752b639d743f99e28369f75626900420dccf598a639065ecb08c562ff98c4a1f6abbec9724d1684ed053774d60402cd2f20e3586a534c8715e7cec2ac2

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/a/satellitestyle.sty

MD5 67b719e998c862148de935da6e35a7c2
SHA1 d820d24e78cf0e27521dbaba3b9385eece40c27d
SHA256 c478601caf18648d1e1a6e60c55b78a339ffb4fc08787e9e9cd3afba431e35f9
SHA512 a0467404fba9742285a831b911e489c0918b267e5f6641c9220e0db85e098dcba9549f67d74606ec6d5af23a1e0778796648d71a065424114ac7dff10e3ba663

/data/data/com.greenpoint.android.mc10086.activity/files/cfg/a/trafficstyle.sty

MD5 801569018411d42139df805a73cf5d54
SHA1 a1ee203fafa0ab36d453611efbe019c3356e946e
SHA256 1e2dffef13b99f9b1c752466f373a8ce0237d9aa7a4e608f7e3b34178fc41b1e
SHA512 04a23381fd606be3ce7089eb0957e05b96ced1c84ccdb16ba4ccc08154493efdb73f659bccd1e0cba0881cc03a32a574b5efd704ad4fd09c7d7bfccc640f2a67

/storage/emulated/0/baidu/.cuid

MD5 d5bf0b6e190357dfcd67a046767aa131
SHA1 62d53e588a15be1f22f81966b0219fc0550138a4
SHA256 e0cbc0cf021243911b258213d5032a21a145b2aea8ea6f9b38c05f5a65364871
SHA512 aaa998a493fc3c22b9a7a1929a3f27a51a3aeb34928dabddf2921bcd9e610758e1a5712b5c9319db3e3a017ddb468d05f9f834b911abb7af203dc19128d12c14

/data/data/com.greenpoint.android.mc10086.activity/databases/afinal.db-journal

MD5 16961e300cf669fde7aafe089e2cfaa8
SHA1 e7b7675f1954dc74f31d7bb755b46f059a9cc83e
SHA256 674efa7d3d2411fd970b44cfc1cb0b4640940c8d7a2b2c598dc8566a7ad24a9b
SHA512 8ebad74402ebd47741dee913e0301ddfcf66b18964a1e59709371d1517e297526602568966b046996231a0fa99dd69b61cedbf6d5d641791ea1ac5c525b16b77

/data/data/com.greenpoint.android.mc10086.activity/databases/afinal.db

MD5 ba5d2f05aa26300b5f9b784fed65d863
SHA1 f5b509ffd71a3b49d4722562d385916eeab27a9d
SHA256 337eefa80afb2b636dd771c80b0a4d88b27eb5923007890ca57474c1a3a4ba42
SHA512 c3d1ec369c9a95b12b9548e39e06d4e272b7124a496e611db5894d135b67ed2047d22672e6e8bfbe50d1ae85787bfc98c2e15553d69e0846557abe8cbb29de24

/data/data/com.greenpoint.android.mc10086.activity/databases/afinal.db-shm

MD5 8bc8185be2162588b5962c9132f1ffc5
SHA1 65767d3a5fe4dba61bf052fb2584c174bb21e1ce
SHA256 dd818a5ddcec10dcf95ead817b6c155f2d735610fe16cbd719834d513c4e0e4e
SHA512 3aa7075a9ee72a4fbcbbeb5f4e52ffb842c4d50bc04417a877cc9d7b396f6d1d851e3faa1d77bb4c1f3578eb67bb8928892b63d70b664c73cef21508ea4cd094

/data/data/com.greenpoint.android.mc10086.activity/databases/afinal.db-wal

MD5 0d0decb63465cf16bc68f49dda9502b3
SHA1 154482cd2e55fdeaee84e1a4112e2c09e210a0f0
SHA256 590294048d74c41126a5171c5c95cd582398db43aad221cba32943dce5a946b6
SHA512 23b6b6b7ac75a52782f456fb65800dcc955e531375a2155fbae65d39d2b7cae2b9e3435d2e608e729d0226f8ef0129e3e503e411b73ce7d1a3807128875102ca

/storage/emulated/0/baidu/tempdata/ls.db

MD5 0d3e99204c6401ea499fe9e6d9855497
SHA1 09829f00ca458eab7374d5079393a2cd69a2348a
SHA256 63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca
SHA512 8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68

/data/data/com.greenpoint.android.mc10086.activity/files/ofld/ofl_location.db-journal

MD5 aed8d0b713b09789e377b5c597405318
SHA1 029d0cbde3f4808fb7093fe79596056838d1a04d
SHA256 c5a7c52ca5d2def7143ff7a01c7739080e3863d04930a1d283f693bdfbedf9e3
SHA512 b7ed97d4853e8490313f1ac8f0956b99c0e0ccb0a6d4531eabea2b4af990ab2cc6408b180e962f3baae367bd237fec4f22271377321072e5efe9a6b70528929a

/data/data/com.greenpoint.android.mc10086.activity/files/ofld/ofl_location.db-wal

MD5 a8a426c69dce2fda7737cdcf4fad36d7
SHA1 f28c6ef7d644bc7345902d2f250aec2c0d04b416
SHA256 515d70650e167be6d0cc840cac13824e5432e1289ea9a427d3fcd50c95cf70f1
SHA512 a26d65d7921b05ae16bddfa7442e4a5ebe094c1f62ba915deec964f1759f3a38aa205f6cea5997c622430918432793894b053a8c4695422b135151649514214a

/data/data/com.greenpoint.android.mc10086.activity/files/lldt/firll.dat

MD5 1dc0a9b824b8159c3422deab8454c36c
SHA1 c4a837fb5616ba97d78a6c8fa376b8fe92f07975
SHA256 78dde75babd75a1f48b64f8def8f327ed14a2095db0ea9f392076a8285d96221
SHA512 a76d7b8e0b5481a6c1119ca3f8203f0f58cfdde270c9374779c7df73a7b6650773ffb7baf32eda5e949a77ac8eb241da962dbe23862ab398a12e9edc8289d5ec

/storage/emulated/0/baidu/tempdata/lcvif.dat

MD5 f9c06bd5dc8756e7504cb18521b99dc5
SHA1 e0c261afba6228a186fea61e77f731b547741875
SHA256 a83bf10c1e905b8aa512c75e557fefe15e307218b6e4dab8751a966f72846482
SHA512 467183964404e0d665fab45cadb58a6918555efe79acf66509c1ab1ab1c7d0883bd6567958eceeed5d3a1844ba5592a6001d0e068b8b5d4c169b078d440fe7ec

/data/data/com.greenpoint.android.mc10086.activity/files/ofld/ofl.config

MD5 6935026bbe868e7e0b577d442ea48a8c
SHA1 9e1dbf4222079186d639a6621fe5608092e988d0
SHA256 b8971c6b26dca82904db087bfc769cd5bd63e5caba3aae377d1b156755a237fc
SHA512 37bb97caca1cec8c0f495a978ff3a88bcbb34535419b83022babacae5334135a4da959f534d9ec7a333c9dd8753d8a6427778ca09e085f26ace72593bf3aa668

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/baidu/tempdata/llg.dat

MD5 161557b06b4a4d3ce095528dea370eb7
SHA1 8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f
SHA256 f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4
SHA512 96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/baidu/tempdata/conlts.dat

MD5 8d80bc8ea90e9cac010d3ddf97bda5f5
SHA1 f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07
SHA256 f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93
SHA512 9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/baidu/tempdata/llg.dat

MD5 25508135b003127ddf28ce28710ef5e5
SHA1 aaf6a3be6bef07aea1de85cd1f39a0010681d4a4
SHA256 ab560f731d35ab2e26df87c02e0f98117bc6febea22a7ef88c8d890d3858171b
SHA512 7b3c8738196393e10436ae2a98452098f996b9710d3abb09a3747f046424f1d113d35c826823d1580e2a8be930648ad9f541ac632c76fc9153635e7d40bd3061

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/baidu/tempdata/yom.dat

MD5 1681ffc6e046c7af98c9e6c232a3fe0a
SHA1 d3399b7262fb56cb9ed053d68db9291c410839c4
SHA256 9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0
SHA512 11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5

/storage/emulated/0/Android/data/com.greenpoint.android.mc10086.activity/files/baidu/tempdata/yol.dat

MD5 a936690571e9104e1922dda4a0ba5bd1
SHA1 65f49c57edde2f96be2a1dbdfc3f7351f1e66554
SHA256 f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412
SHA512 3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394