Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    03/11/2024, 21:18

General

  • Target

    8d8c9ed9ce3e312be5bf31498882332e_JaffaCakes118.apk

  • Size

    20.4MB

  • MD5

    8d8c9ed9ce3e312be5bf31498882332e

  • SHA1

    f9c232e00e3545c1885ecfdf885f5f67e9945348

  • SHA256

    e0288d76767030e73e8c9f9438db1107165b07390eab63ca3c1a6a465803ae47

  • SHA512

    a5a6e4c122250735d230469ba5db87d81de7ef87847351670cfb29051051ec03e8388eaa73288164348ded45cf364df6ebc36187ee9eb33f542365b1a9a00e82

  • SSDEEP

    393216:Nq6Rjnkd0Dx4sAEAqeys35Cw0F04fUVES9BI4QeUI31miJU:M4jLDxSqOGFIEiB6eh3Iiu

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
  • Checks Qemu related system properties. 1 TTPs 7 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 1 TTPs 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 2 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.yyt.customerapp
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4253
    • chmod 755 /data/data/com.yyt.customerapp/.jiagu/libjiagu.so
      2⤵
        PID:4278
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.yyt.customerapp/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.yyt.customerapp/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4302
      • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.yyt.customerapp/.jiagu/classes.dex --dex-file=/data/data/com.yyt.customerapp/.jiagu/classes.dex!classes2.dex --oat-file=/data/data/com.yyt.customerapp/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
        2⤵
          PID:4605
        • sh -c ps
          2⤵
            PID:4652
          • ps
            2⤵
              PID:4652
            • ps daemonsu
              2⤵
                PID:4678
              • ps | grep su
                2⤵
                  PID:4696

              Network

              MITRE ATT&CK Mobile v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.yyt.customerapp/.jiagu/.jgck

                Filesize

                4B

                MD5

                4719e3161d4cd6c280a77cce2e54ea61

                SHA1

                b9d41046060de647f8ab3cf629add98099895774

                SHA256

                0983a533b20b314d3a42e89e54908dcb76d256185c50ca51fd96d4695e77bb3f

                SHA512

                18e43d297b62c222ee78da35d4555d6981ef31e16dccf5aae99e94a649f9b04b6343ea4aba99e0206fc8735e831ef9785c828e4cd5b68181a2e1a68b61b2141a

              • /data/data/com.yyt.customerapp/.jiagu/classes.dex

                Filesize

                5.4MB

                MD5

                cb6547051eb26fcfa52a74b152857d68

                SHA1

                ce1c4b18e25bb14d2b3ff5e0dbc698081bf6cb03

                SHA256

                e149b87affdc79666c49ad6876397a50245ba534efa0941b6665dc160898d240

                SHA512

                1f810e8a761ebc3b6a7a5a2658d4651ccc63046654b29d1fe59da1ab412bccd8bdce80b0ffb02106cedd477eaa4b2d99653c0f2fda82a023feefe00d1b4b4021

              • /data/data/com.yyt.customerapp/.jiagu/classes.dex

                Filesize

                6.3MB

                MD5

                907387d989770d240441336e60800490

                SHA1

                6f98a909a755339a5594669c1406a67eb29eb646

                SHA256

                565922761325a78efd6f781cdc145cdf973132522d5fd6e2219520681fbc4824

                SHA512

                69916ec2b7e94d447815a36670e07de9384a887a27b4286ed41c41c6be599e50007932ac0f55ae0e849a73224cf723f5eea32f994f12dadac22d54a07f683e56

              • /data/data/com.yyt.customerapp/.jiagu/classes.dex!classes2.dex

                Filesize

                4.8MB

                MD5

                dfa24c442eb5768811792f9ec6df4689

                SHA1

                8c726234b5ea3892159d655434235f55e210dad2

                SHA256

                c8f83349ed09d04d08fc9ec71cf4df3fea38210ad4c3068f4bedf8be7789d888

                SHA512

                8dbf32dd0f95b755cdd7bb4b9db4b721dca9d0933fe25d15522caa7b20a2a3efa2f48367ce2ce9251bf4b5ffe170c51216da312cf6740028799c658e46b1c6b7

              • /data/data/com.yyt.customerapp/.jiagu/libjiagu.so

                Filesize

                455KB

                MD5

                e5a53000766ebc433b27d6a66ec4f555

                SHA1

                2c8f53f1c03aec2005bcad67d731f07261dabde0

                SHA256

                78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

                SHA512

                370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

              • /data/data/com.yyt.customerapp/.jiagu/tmp.dex

                Filesize

                284B

                MD5

                f1771b68f5f9b168b79ff59ae2daabe4

                SHA1

                0df6a835559f5c99670214a12700e7d8c28e5a42

                SHA256

                9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

                SHA512

                dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

              • /data/data/com.yyt.customerapp/databases/RKStorage

                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              • /data/data/com.yyt.customerapp/databases/RKStorage-journal

                Filesize

                512B

                MD5

                6596e49aec999e09a38cb52d64a1cd6b

                SHA1

                e86325ba270dadb265bae4f04b24a3c6275c50e3

                SHA256

                4571af41bfc51792a07a498ef9b24c4370e59de964526262f15d184ff5f589a7

                SHA512

                45b19f5b080a16280d17a894499258177e00242d56ad8830cf5d17d9fcce83312d613aa1ad9f5b597c78722fea610b7642edd4fc3976012c655078a6e682ac93

              • /data/data/com.yyt.customerapp/databases/RKStorage-wal

                Filesize

                40KB

                MD5

                54dfe371556d1410e8b1f37b9ae94348

                SHA1

                f9a9afbf8c8e274ba2fa55ea77a7b0a8fcee4463

                SHA256

                5c5ae44969a03c87559affc1159f10f806a9a3b58e5f072a6451ab07acb5facd

                SHA512

                dd23b583f04ac30248c2aff1e3613672c38ea96f6c92209a366bc9c166df332b662fec03213be795cbe6ac0efe43fe3d24ea6a0ce1e9a7727739c91f3827320b

              • /data/data/com.yyt.customerapp/databases/offlineDbV4.db

                Filesize

                36KB

                MD5

                0d7b45dc234412017fcb3672fa94074b

                SHA1

                304352a7119eb800c6f04fd2a4dd5e3f1fa6c390

                SHA256

                5b2be5172bd08b4db8d7658c8a7d2b1f331a81f53e6c7fec04868b6272c98e6f

                SHA512

                8c1bf78ec1793c622f19de45b253ca600a7d8623c941b3cdef97720154d58afb89b06a0d711b6838903bbc10c1abfdf85d11dee110600d64393d3362121fbe1c

              • /data/data/com.yyt.customerapp/databases/offlineDbV4.db-journal

                Filesize

                512B

                MD5

                2b343d6fef422af97378719d89ad2f26

                SHA1

                1b3de0808071795f07011fb8760c17b30687c933

                SHA256

                be14ca2c6eb387178f0bfa243d0220bb5ad71e10068523208538c8210dbcad52

                SHA512

                e9d9b9dd256f0789567026d6c859bb64a82b1db1da7539bf598b9035c4b8b82091e987500902e5da8e47f48b4a3823043a04b8510d37db8f37c67395ad05360f

              • /data/data/com.yyt.customerapp/databases/offlineDbV4.db-wal

                Filesize

                48KB

                MD5

                ac1b5f2460d10072738d06c66d6e6a0c

                SHA1

                fa6adb0bf4300258dc6bfb7bd27b8bba126ee512

                SHA256

                365f5a468262c1507af650a74d7bdf56f22a57fef57108c42ab9c487dcdab1fe

                SHA512

                f537803d14987c83178ba9c15fd147a2f213ebf5a2f3411db6fbc6bbc30ed987ca5c33e72ac1c25884a289222c52a55370f813161ba3af38093151768a235103

              • /data/data/com.yyt.customerapp/databases/ut.db

                Filesize

                20KB

                MD5

                38616785cca0600a03205f84fe330b4b

                SHA1

                6ac41a6bdcae297d56dac5fdde70be5faccf0832

                SHA256

                b05c698d5827005da5e04b4fbdcac53cfc83405247353f8e9e145969a820a4e8

                SHA512

                7ff2901c032607f5fa1f24a48056ae85fe8d67b6c5649233fdad7b66950d359b2fb933344bf1e2fe6255a00c593de7bcf959d201fe8b6ad214249bb31f855a08

              • /data/data/com.yyt.customerapp/databases/ut.db

                Filesize

                20KB

                MD5

                dc72b12f8ad39f7e124378d86cd7e5d3

                SHA1

                5cbcf03d17b4ff8bec596c35783de503631eca62

                SHA256

                95ce5eb80149ab526cc0c1fcee36e02738d81657e7424b1faa81f72a107576e6

                SHA512

                9665559295a0e491ca14600f574372799e1c5a08fcc8746ecaf1f7fb08ff8aac57ca49d3f5e6597f52e89fd051ad59a7f73dde4a6ee71f379ff55d2423c971ea

              • /data/data/com.yyt.customerapp/databases/ut.db-journal

                Filesize

                512B

                MD5

                077e29c5deadc05179b34452cbe9dee1

                SHA1

                29bae75407802262adda143f09a8bcad767708ec

                SHA256

                ab32b9621bd6e1473c3d5382f7741e6b8a22e202f4c7817557cc0203917b1ed3

                SHA512

                a2a365449f17c30aaaf368130e6ca7b9a70db3a6225429cdc60973b612fd9ebd751dea4da19e486c20da9065c06cc5f0219709feb03be2478e6491cf037926a2

              • /data/data/com.yyt.customerapp/databases/ut.db-shm

                Filesize

                32KB

                MD5

                bb7df04e1b0a2570657527a7e108ae23

                SHA1

                5188431849b4613152fd7bdba6a3ff0a4fd6424b

                SHA256

                c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                SHA512

                768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

              • /data/data/com.yyt.customerapp/databases/ut.db-wal

                Filesize

                32KB

                MD5

                ddb520f2a9b88e770f0565cdbeb5066d

                SHA1

                9055588c32c4a647ef3026c5f209253aa629cd3c

                SHA256

                5518d17ea3b49425a6d6687ee961bd25d44843c489d1a8bf1dfad95a72d64ebd

                SHA512

                bcacf57b8932ff8dc9031f83b9cbd5f2bb3756e64ed269a94d6d3995f2e0d83eefb1c70b7ce9e11b73874bb31c1468d96b91154bf35431751a2714246b703089

              • /data/data/com.yyt.customerapp/databases/ut.db-wal

                Filesize

                8KB

                MD5

                bb009a3094f01c39e3570930cc722576

                SHA1

                ae7b7b308fab683154f2215a0d34d1b57e897780

                SHA256

                0eafd51f8f6be10c193d20fc3ba0116dcf82aef563d0bc3c1bc9bb03df91c0ea

                SHA512

                4d8430a28570ad1f3e3d319dbd09c0b4d4238cf99a7021acfca65522a2f73f764b089ed4ac210d6332590b268d19a8edf6075de03b5bc28fbcc6a8122eeb6ffd

              • /data/data/com.yyt.customerapp/files/.envelope/i==1.2.0&&1.9_1730668721558_envelope.log

                Filesize

                2KB

                MD5

                5e53d2d405a46c94c50ca0e075f44fa3

                SHA1

                e01c5ced2a42744e8b122f4e94a7e9d02ac4a505

                SHA256

                3b322a634c3b74d301afba9c06fbdb53d22f66e21a61d334f3f369fe5dd67e77

                SHA512

                e6f4f59a7f437e3caa9c15187147e0b35b88d053bca652a745610a132cda62038362e6dca2b270e19574293ff0ea19a8e0d2345b7cfe44ca6341e9d7f2dd854f

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ac

                Filesize

                40B

                MD5

                356a62d6b586cbc0f43a61a5ef82582a

                SHA1

                93f52b0b9001cbbc2e1dacbc2e67ab7758cdd2cf

                SHA256

                04c54488829a0157a9195a26b01e9fb8f6d43cd4c69fc97d8571c70beca134a2

                SHA512

                f06f385ded3ecfd147572189af3e9bd3efb8b539585d9143524326a8cd1aac57dc02c70da5549205761819547b0397ba183903bd1302deb602124cb6323b0238

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ac

                Filesize

                40B

                MD5

                cbc4b9813d55b2d2a2b38d7c8efe8c23

                SHA1

                704440d06333bd852318310e5f42c5196110bca7

                SHA256

                f61cb2cad15ec12fa295dc57baad4ee537c934b86d2c0b56fd4c911cafcc91c7

                SHA512

                d1321a2a9e6e53aae23a5d858598676805523190a5fa6cf789f061cca2d48af0888995fd4093997dc853bd8474f7b85bbc2e89b018efc06bbc21fac268420dc8

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.di

                Filesize

                340B

                MD5

                2ae91de62d44f824f1513835040456c6

                SHA1

                7b0f957fe1c3d1add60ef49fc98e5bb968dc1c6d

                SHA256

                0bf40df1a787ed8a78fc11e68420f1bbf414c65af299ac0715027a94650fd681

                SHA512

                e9d448f6deafcfd02c9d30e036b5649f6cdbfd7db8d69c4f5d41a6bcdae20acc82eea3d65ae5d876a42169bfd04dc4be4c5b0b18e3f572335c73b54fe0209b3a

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.di

                Filesize

                340B

                MD5

                f11864631ee1ddf412d2ff595c0a3776

                SHA1

                dd93fddd7f976701ea2f977989c9379cfb3b583e

                SHA256

                2b28a5989ec5aaf003d4f07709307320926957c6fd4e05b2b2fb9ac66404a1d3

                SHA512

                93913583b0a4bd52003d06a1756041c59a1762c257fffede892d393a43c1f6d60eaa833c3f7cf62e24336887112db9829db52ad04704f3a2c4058b1ea88da93f

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ic

                Filesize

                40B

                MD5

                d792ca0f9767fb77230205dc927ac294

                SHA1

                0b219e25f168894470468bebe15122617cd8738b

                SHA256

                96fcbc57f0fe3e210431455c651e4ea7f1621306434c172aa71d25244e25f6ef

                SHA512

                400ea029c7a184d547bebfcfaf781d4f60a297134c2f728dde17b9a266d86f729ba1fd501e28e37b97a63efc91dad25b55e254105197f2e7892d0312293a7085

              • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ri

                Filesize

                314B

                MD5

                7a7afb7c5ba5c78ef3e9453bfdb75dcc

                SHA1

                0fced495f47081d1a0e83e7187bbfd935709f65a

                SHA256

                d0a43cfadd56b255d3cfd158baa1ecb8c76718ef719c58f96d81b3bf3451c18b

                SHA512

                97ffb569a96a74adaa969ac3c46bd6c8df66c2f97e975e67ae1d4720fd874cda8218d78bec9271dbf54175832e44b0fe0830ba1e8ab1ea709585ec00f06a5aa6

              • /data/data/com.yyt.customerapp/files/.jiagu.lock

                Filesize

                27B

                MD5

                f8e78992966d5c5f16f825bd002b9beb

                SHA1

                18068db20a6cb2c74d3af29494352e8fa8212042

                SHA256

                3b0f62af46418a89bc254f138ce7533adde7bd66748a11c715ac99ca58182a6f

                SHA512

                ee4b5a09ef18a7462e1e2e657d3cf6e555ff3f42742ab7024d35e6fa76c971423533d2c7749baa6db62dbb5f1c044cffecae05454b644156fef32afeb3beff05

              • /data/data/com.yyt.customerapp/files/.umeng/exchangeIdentity.json

                Filesize

                162B

                MD5

                1d13412fa5aeccce8ae0d6095faf5c92

                SHA1

                c3aa96dcf7c4361437a51bcbe982b2d92875e614

                SHA256

                e2748d479b1ac09a440d3a6a18ce60525c6d7c5397ed6e5e5968ba1d8bddcd2d

                SHA512

                b2d806bd883841533c122d2a263c00d7862744e6d285c8b6a6225e72319c0e8a1af0b47f503cb99eaba1f494639a52524327195936a4b45ba795602ee58dff1c

              • /data/data/com.yyt.customerapp/files/exid.dat

                Filesize

                55B

                MD5

                12dacca6324680f9933f134efef21a8b

                SHA1

                740f08e710cd3f6e9685d98534f0bf125656e826

                SHA256

                97d4259f4177bc54c2a7f00e59b934a46f3aaae92b6d3718e9d98349282bef26

                SHA512

                33fe79f17877bf278738cddbcafdbb6857abbba0a90a341ad80a3c031258dc9fc896b66215bde638cd26ed426bd84d6b2d18f6b313c87bfe3d4b7dadfe1f70bc

              • /data/data/com.yyt.customerapp/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzMwNjY4NzE2MDY1

                Filesize

                1KB

                MD5

                f22921336a755cb03f52e125071450cb

                SHA1

                84bb69930649800bbfc90385e2f180ddcced6267

                SHA256

                278bd0ffbff237e4ce0c243fd50d1ac62fe837b95d8d6ce1d5331490ad3bae72

                SHA512

                d66d36436caaff15aaf58e2ddce581a9af56c292e7e6d08fa5a16bf0036359a2205d5b5f9ae4e6c29ccc5f275b75654b8c3964b15de863b47fa8719c74d18cfc

              • /data/data/com.yyt.customerapp/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzMwNjY4NzQ2OTMy

                Filesize

                1KB

                MD5

                d26791b8984089092fe2492faccd6cbd

                SHA1

                4f3c90ee2337fb8e8a4d0646b219217d38c418a0

                SHA256

                7fb290f6d265baa90f7b7795781234a91e36dc9ed1ae26dab740b55483fde935

                SHA512

                c2542e9f6e94b17d080a782dfd7d488ea550465f3647173f7878ea0d8bb6edd04a60a27d7324c83000a2fe3e9b360bb0067f46012e038c985d9ca7c63d8dbba9

              • /data/data/com.yyt.customerapp/files/umeng_it.cache

                Filesize

                498B

                MD5

                1692198ad75416ded4f4b0fd0182b97d

                SHA1

                bed7a447f11643c5f0dd4aed986e62ff28f7ab5e

                SHA256

                7d5d6f7779908f7c2e67eb4c4bfd20692bcd3f139952e97d3ac7a080c7826deb

                SHA512

                5d84961b643700d33de3a948a412b928073c2074c9cf16a78f31f74f10b5979aa02b46915adbe84cfc97753ed60036125e1679f0ee1f1af923ea4842ee2585e9

              • /data/data/com.yyt.customerapp/lib-main/dso_deps

                Filesize

                144B

                MD5

                b2fcb94e6468472bb5325830e8e30678

                SHA1

                6c610fc7e97a115e4580a8afecb2e7904021f17b

                SHA256

                d1d8bc7194304f4bd8bc71469bf1c526758d097abd0f0945c1bd31992f1c5fee

                SHA512

                266298cef81eb423717451cc20caa9906eced6ead15de58c7ff0022b98f52a8d6edb8a407dc24d72ac77a9a28ac9038287ff8639c4e9aedb0211f633ae63702e

              • /data/data/com.yyt.customerapp/lib-main/dso_manifest

                Filesize

                5B

                MD5

                c06857e9ea338f3f3a24bb78f8fbdf6f

                SHA1

                c5a0a2529d2deb60fec041b4fbd722a2ebe31702

                SHA256

                957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

                SHA512

                29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

              • /data/data/com.yyt.customerapp/lib-main/dso_state

                Filesize

                1B

                MD5

                93b885adfe0da089cdf634904fd59f71

                SHA1

                5ba93c9db0cff93f52b521d7420e43f6eda2784f

                SHA256

                6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

                SHA512

                b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

              • /data/data/com.yyt.customerapp/lib-main/dso_state

                Filesize

                1B

                MD5

                55a54008ad1ba589aa210d2629c1df41

                SHA1

                bf8b4530d8d246dd74ac53a13471bba17941dff7

                SHA256

                4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

                SHA512

                7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

              • /data/data/com.yyt.customerapp/no_backup/com.google.InstanceId.properties

                Filesize

                2KB

                MD5

                63ac35fbaf3cfbf79b9c473e22257fc8

                SHA1

                f29181baea62f1d0143e6b8ed5ca2be338f37faa

                SHA256

                0ee68ac34c9a0dd85b6e1896711f730fa5c2dde5e79a792c970e486ac4953c3a

                SHA512

                86a78d01c4c3406cd925de187af0e995dae2c4cce91504c826ea549d68c205781a8f3ba65608f63bc280f45e5dbd6f9c200522d630d90a16aeaaabb16a611a02

              • /storage/emulated/0/.DataStorage/ContextData.xml

                Filesize

                111B

                MD5

                88804bbc4c70e86bd82c1f0764fe317f

                SHA1

                d81518763db0a0f420b1eec940945a26e96a5de2

                SHA256

                8dc810ff5700fcdb33a9d318d66ff56dafe8c4453478b2ef2e5f49c40d59dc8b

                SHA512

                29a79657d07b7cdd23e6602b0f588dc64d0bbb745d49add3127e0ec232b582b4b5f5acf52289a638fc955b047ad3f917c2c4d63a4bc5d65a4b1432203776a25a

              • /storage/emulated/0/.DataStorage/ContextData.xml

                Filesize

                213B

                MD5

                c347e5edd33343e41a6c5305b96a8f98

                SHA1

                510f44e6224242431cc47c14ddcc5bac85e9d5df

                SHA256

                6dbc0160dd5239ab65a5df37e20921a6e74766023e8508b3dbd7b57ed466a90d

                SHA512

                cf76ed9fd64309f5b295c991fbeb4ed35573a89bd6b10132bb9f8a5ecb268f87a9d80b7a3d4a9b0061f7b8c021ce125ae7b1408f77a55781a7f55afd5f21c83a

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

                Filesize

                65B

                MD5

                9781ca003f10f8d0c9c1945b63fdca7f

                SHA1

                4156cf5dc8d71dbab734d25e5e1598b37a5456f4

                SHA256

                3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

                SHA512

                25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

                Filesize

                111B

                MD5

                e285c1c63af58a54d5015bd63dc4dc7a

                SHA1

                482d91864b60e943b0063621ec326ca0d4c3bb74

                SHA256

                cdeb29f4828b669fee6a12dd3fa49905d578dd88a6261d13716cb6b8be411503

                SHA512

                0dd14ea3115d564acdbe1fe3f8f611ac6f21ef25297c27da5a48793399af3e46d1270dc85d18edf9e8a07b51ba388373ffcfba9d154a8c52e1cf5366c55d957a

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

                Filesize

                167B

                MD5

                d3e8c0f07fffb20537a392b254c78d2b

                SHA1

                cad5a1251bd48d7385ae68d8241cbc3d297f089b

                SHA256

                0607cd0895f95e80c076cb867e5eae4bd5228f16fcad10d416d76524ea4d43e6

                SHA512

                2068963f5fa0820338f34ad66ff3a17583ab3407c1cefbd16085dbfddc3feee8695e3775de97c666f6319b4f44adca26514d0a39515afad4a2b75fcca4ff90f7

              • /storage/emulated/0/360/.deviceId

                Filesize

                48B

                MD5

                1d8d16c4e3b19ebf18988530d9b9a757

                SHA1

                bc94c1cce05cd848a53271ecb9c5311e27ffebf5

                SHA256

                abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

                SHA512

                4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

              • /storage/emulated/0/360/.iddata

                Filesize

                32B

                MD5

                db5195efbfe2b5fce8110a0ab67f0adc

                SHA1

                8089f4877eed90cbcadf99175d4e245a9f925cb3

                SHA256

                1c50fee4374afaadd8d552bdfa9c758a16f86e1b8e29b8e94656b580d8065a7e

                SHA512

                305aff2c2d1733661f2f8195a4973049c4b4f195cf56f9840c44bea4e4e1dd7faa90689d237dc8e94fe8d24051af059113a61dc63e18006721ff73f91bcf9987

              • /storage/emulated/0/data/.push_deviceid

                Filesize

                32B

                MD5

                eb403fbd5b72a2e153c873fc30bd83aa

                SHA1

                0ace8f210592c950fcf23bd0c56e273c2621f18d

                SHA256

                2ce40fe10bc426d4a5e4429c202ac153686afc8d7ed98617565b707db79916f4

                SHA512

                c51f6043e19d041fbb6bf2eb248659fc1248524e3b0974f1d1af4d1c29177dde5bb5d0f90e4e2ff269f641c201aef18eb354393fe01415efe0ac16f84f2bf3f5