Overview

overview

8

Static

static

6

9eb0b27542...18.apk

android-9-x86

8

9eb0b27542...18.apk

android-13-x64

Analysis

  • max time kernel
    137s
  • max time network
    140s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    26-11-2024 00:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9eb0b2754209ae7179a15244393ebf69_JaffaCakes118.apk

  • Size

    9.3MB

  • MD5

    9eb0b2754209ae7179a15244393ebf69

  • SHA1

    b2e7c05fac2a42ec3ded73c4c0d1808eb748a9db

  • SHA256

    886fab267791342242a446080aa87671087631c6d8543e4b53d3094924e71c83

  • SHA512

    ffb05adefb3878049c1f17529db15dd134bcc194f4a2b332dfc57d9d79c21d86b57c780ebf195f493c8b9382c6a858b6506b057b4189d6ca1e56e80b2e1b4195

  • SSDEEP

    196608:NULXdHatsz/RCKf6H1/DZbf3jHDroKCk7wLRHRh6ot:NULdGMZ1SHlBPro28FHr66

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 6 IoCs
    evasion
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 12 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Requests cell location 2 TTPs 2 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 3 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 2 IoCs

Processes

  • com.yingliang.clicknews
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4257
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.yingliang.clicknews/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.yingliang.clicknews/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4289
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4612
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
        2⤵
          PID:4632
        • sh -c ps
          2⤵
            PID:4657
          • ps
            2⤵
              PID:4657
            • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
              2⤵
                PID:4700
            • com.yingliang.clicknews:pushservice
              1⤵
              • Loads dropped Dex/Jar
              • Queries information about running processes on the device
              • Queries information about active data network
              • Queries information about the current Wi-Fi connection
              • Queries the mobile country code (MCC)
              • Registers a broadcast receiver at runtime (usually for listening for system events)
              • Uses Crypto APIs (Might try to encrypt user data)
              • Checks memory information
              PID:4420

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.yingliang.clicknews/.jiagu/classes.dex
              Filesize

              5.2MB

              MD5

              0069a969000348137d2817772c633768

              SHA1

              70a1dc75c3d8df7aa97d6a9a3ee661da82a99117

              SHA256

              c5237ffdf18acbe3b3398311eaa6ebbd0f9aaa842a5e5e1c127a059503b3adf8

              SHA512

              f2ad07b0cee2e24043d811280b2f712eecf08fd1d67707cdfdd2f1f3cabd9805875bd120b930c2b1762a5bd713eecac7ecd7aa68a2d5999bcf0143abfea31a42

              Download Submit

            • /data/data/com.yingliang.clicknews/.jiagu/classes.dex!classes2.dex
              Filesize

              5.8MB

              MD5

              991d8306c7759288cbee4f3c18a96a2d

              SHA1

              0af6cff9986febe48c2e2a2dedb03d411d71f452

              SHA256

              08b35b35646926066bf5c92b846a88974b5bc0946f4083b5e34b4d883d90f7eb

              SHA512

              39cd985f3ca13bc87b9ffffa0af2b015ef410761b9a979f4a27b14e0f6a5453470de146a28cd041e3da709853c8fb9aec9a5a8114bf1ac9f82d6196f03e42f2f

              Download Submit

            • /data/data/com.yingliang.clicknews/.jiagu/classes.dex!classes3.dex
              Filesize

              1.3MB

              MD5

              7ccb3df87344c5108b720c4affa174ad

              SHA1

              1528502733328af5eefdfbc675bade5f2bff4bf8

              SHA256

              3bdba14341a389b6c5264e2524bd07d4af4f85fd53a35c6b8859ada90cc3353d

              SHA512

              9c1c9838ac17f8731836ef087d970e1539db5249be1291b774692d73e12cefe4ea89312a972d2073d4c1ed68395d03b2dd7ccfa49cf2afe3f4fc3fb72971b36b

              Download Submit

            • /data/data/com.yingliang.clicknews/.jiagu/libjiagu.so
              Filesize

              496KB

              MD5

              0be54d2d5fa1fbbe2969b0e1ab052a16

              SHA1

              327662d1f5f6625ebcc867427680c0592195179e

              SHA256

              737fe51ea6b3570ca3687670edd6026b2e889bbaa0dffdf0a2e1b167b3680c22

              SHA512

              db6c195d9fd6657a7e65caf5dfd5ab33fc076d9d2bd919b8590e7b0178f3ec9ecfb6c00d0df1d2c172a32641a3bb019374a393d62e5d678804e7757ec1c30453

              Download Submit

            • /data/data/com.yingliang.clicknews/.jiagu/tmp.dex
              Filesize

              284B

              MD5

              48888fde903100f7d5fe583d6bc540c0

              SHA1

              0b48897ee2a7490d9cde824e2d5bf31780596992

              SHA256

              9118138dd853a6788e177caf6746d95dd8e8c7602e0edef75cda6ce0ae0ed8f0

              SHA512

              9126cc1e5e6201d3b84c6213a1bb75976e06e86a0a30f3fcfb91283c1c239fd9137b3ed87b2e889ab07d3be4d6e4f9b46b68699fe320d6acc6a2d54d72a63baa

              Download Submit

            • /data/data/com.yingliang.clicknews/.jiagu/tmp.dex
              Filesize

              284B

              MD5

              f1771b68f5f9b168b79ff59ae2daabe4

              SHA1

              0df6a835559f5c99670214a12700e7d8c28e5a42

              SHA256

              9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

              SHA512

              dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              56B

              MD5

              7299a4a476b9a12e8d2d30f388007470

              SHA1

              1b205da6c52d5febccb1dba82ac4727333afebf9

              SHA256

              89f1d2e44e13c864937837c91e8fb3fbf2a71d0d575be56c123caaa705aa598b

              SHA512

              6d327ddfce46d8ef3836aa78de5244e1ef9545f5b3889637dc5753dc4a05e9ad8af78bf1297b230cabb010c5e05734dca0d19028274c5a128f9fef8b1a899001

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              56B

              MD5

              52067855d0556c3e97efd15eeb5e815f

              SHA1

              55e7fb69412ef81ca45fb375cc9d7d05e9e56b05

              SHA256

              4d9095c658c861cd7c167925b31f41ce651da50f90c7d332059f0ce98d533980

              SHA512

              b9917733f943cf25795db032f527bb1df75273c243e2675b3c16f4bc6375b179a7fe293044c22f68ad37c6a6481e23bafe69f0af848c1118c0643a862b731c96

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              84B

              MD5

              fdc761597978a3c27b7c9486797ab81d

              SHA1

              d5d9e76b691aa5a5ee0ca52f94973cdf034fd271

              SHA256

              3e70090524505701f35ab3f81957799f15a02eb2cd24eae24332361c9cc99e86

              SHA512

              86af5640bb0bbf695b69e5eba8e29569e4203223dd1d868c721708ee9485b63a2a37a44ae270921bebcd285d80b3ad1bb875e2dd4bf73ca37f82ee15613a5e05

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              84B

              MD5

              3dc39fe7d1a2478620b9e16f3772febc

              SHA1

              b47820721236090912a72a19e422c0e3ce371865

              SHA256

              a24a8a431176f68438811154c3337c7172d14a5d205b994482a5e3e3eb6ac605

              SHA512

              be4c31a0a0625c84438bb9615a50892a6dd3a9b7d6ff046f69831bbfa10d88642e42b9be815f648498c5226a01e7f051f8f48eb48825df8d828011b0eac974e9

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              84B

              MD5

              44144ed73e07b11c23cfef22313e7e21

              SHA1

              a69dc18c3fa47e1551392a6cfd1c2e4ee06a95db

              SHA256

              5e676531048ac1f615bdf56a70771605e1160a66bf8f22ca579a6a77d9243de8

              SHA512

              b9744a1e9009c3b0a1cf23f7d5254774c7a9eeec50f7c14b85daa345c934426f1ceb79ba9c9bda3cb8d32db1336104ef9e06879c73b97db11fa4d237a149671e

              Download Submit

            • /data/data/com.yingliang.clicknews/app_tbs/core_private/download_upload
              Filesize

              84B

              MD5

              138f58f13499d28ef5a8896151ad0bb9

              SHA1

              bb01a51d62700ae2bc0a0bc0644f37e61087b98b

              SHA256

              eeab615e8753c79eb59d1118af46a47df1cee32b872e491a1d6885471a4fbe67

              SHA512

              0b7d37cfeede99ba18c5d9952f5e7dc067e397f4e665ee86597852880c56eba82fa5b174e917df076ad4c06e48a82e4ea7b9fd6a39621a67fd6c26e4b3f6be17

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db
              Filesize

              36KB

              MD5

              5d7ea1a23af19b4340cc8d90f28297d5

              SHA1

              4cfe95b23a9e98378d69c4290af81b51fbe76aea

              SHA256

              474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

              SHA512

              33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db
              Filesize

              36KB

              MD5

              ce6135aa1b1fe4f2c2db2a546d2a5558

              SHA1

              79b59582154017aadab783dc266fcb158c252940

              SHA256

              7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

              SHA512

              2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db-journal
              Filesize

              512B

              MD5

              11020691b206a5d504d5f06f50465fee

              SHA1

              c301c5e05dcdf6f14d63339bec04ffde97954565

              SHA256

              2cc789e00e6364d7334b270955a5d32b5cc441e5697ce877201443ebe8cae717

              SHA512

              ce6e72d8e6b78491fbbc33a48d48490a1a69885d79904d47146b892d5435f35a35c13ad8435692905cb09349552a166ee3f6e42f1d474ec66dc672baa9608306

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db-shm
              Filesize

              32KB

              MD5

              bb7df04e1b0a2570657527a7e108ae23

              SHA1

              5188431849b4613152fd7bdba6a3ff0a4fd6424b

              SHA256

              c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

              SHA512

              768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db-wal
              Filesize

              48KB

              MD5

              9d77e2d93de90df7abe84af63bf8f8ad

              SHA1

              ce2f2e553fda6c8ff106ff852f24c3547b49380e

              SHA256

              3ec5bde16e2d358214c9397710841ee0ad18760b9e0bfc979d8d14604715adc5

              SHA512

              6cbfe3a626fad9a4a4c27b3ded01de106c4857f21583250e998a4d390b4fce8094f8aa38fb53360fb072744dc0bd876965a9774d8c06e4ad57beeab3f274bbc3

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/cc/cc.db-wal
              Filesize

              16KB

              MD5

              78fad473a18bb7ce2e5e9cb0f178688a

              SHA1

              fd06a65f84c6e85707dc6dc151cf0862ed615997

              SHA256

              01b30847b471f7f270128520455b04b825640df2adbb76f986a79ed3fd9c0189

              SHA512

              9355ece7816660c848a6eaca6b5c00c5b8e0a394b5c7c1cb6e2446dba779e969a2618a084aadf65b41f0fd8ff244f9dff62106253022402ad9a166a7c1c58f73

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/pri_wxop_tencent_analysis.db
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/pri_wxop_tencent_analysis.db-journal
              Filesize

              512B

              MD5

              32c534dc0005691fca676cd6a416ca99

              SHA1

              4cc8be1712fa7a7be6f25cb5333b052ce7a52d66

              SHA256

              00c62bdff02a4f84f6a5945d02e8d328956495c0b66f3a4c9a8c69aea853b06a

              SHA512

              491259856b5da1f8630a737d044b2299a8513bd90ca81a21feae82055f79c00ea5424b07ff0b7cfd662e7db9472ca6da454dbe8ea137e7984a066533618a82be

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/pri_wxop_tencent_analysis.db-wal
              Filesize

              56KB

              MD5

              afd5a9758f165dd0899ac945e9dc1c0f

              SHA1

              176ff44098edb454849f53cf59e477bea06d4def

              SHA256

              663fdeafe9bcc97b4c5ca7bec6bcd8d1a996f164cc894071f26c38e399991f44

              SHA512

              ae9dee87003317ce993c744b70fc3a7bfd9ea63dfc97737ed110434c2f64f02607e9cea07f95e19e361d392d302719019efe4ddf69d7a21f67832cccfb97541a

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db
              Filesize

              32KB

              MD5

              31447c0b4f7047ff182f74680e3c1fa1

              SHA1

              3f532060f6b3c5aeadda78c4dfcb3c3e8c37e7c7

              SHA256

              805b6e055845f7599d1a81d1d76a7b496fa28f3878accf96df34a12b99af897a

              SHA512

              c2600ae837195702f204d320fb2a609bbb51a69cfc549723f18ad26c95502df01b68a29dabe8256ddf67712dd42d744b4d4318bddea999aafbcdddcc2e51b39b

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db
              Filesize

              32KB

              MD5

              d604a3bf1f8d992cc320ea5b1f7609bd

              SHA1

              247f88df0b55c7d523ea5398637711a0e4a483a4

              SHA256

              329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

              SHA512

              67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db
              Filesize

              16KB

              MD5

              2fbdab0fc30d1bdb95d8ac3b58cc7836

              SHA1

              ff073478745816ffa2b952dc130db4225b98e686

              SHA256

              89168e3f51ce46486f596432ed4043aa7dc311cf32885132c483da8b0b3c7db8

              SHA512

              35d4d3873f2fc960f4ab401d8149a6dd69857f10993f255f15d22cbfca23edd19505e9a25bc5d9959c6b4546687aa2e776350a5a70ee1edf5a6459a262f1ed52

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db
              Filesize

              16KB

              MD5

              44e964a1f9c70eb77fccbee59b8405e5

              SHA1

              99846b9a5ac246071f0a3e6e043e823977c394cb

              SHA256

              906ce97cb8cc16b8b036b67c8d6610f900757ab531b781c73b52388c49c8557f

              SHA512

              332541e3a9c29c363ce25284da717d2f48694ce717fe6acf313604409f6298487dc59f60ebabb80db69911fe6d4318401dc87af4141c59d50cb0fd24a59baec4

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db-journal
              Filesize

              512B

              MD5

              6fa0c63e119ab718b8cfe0ef07a1e3c6

              SHA1

              7f6bfe35b979f7993821b58181ae4946e7dffeca

              SHA256

              f56960171851fdca0789f40ed1db974a936572f1c81c40074019e04640b560cc

              SHA512

              56464b26fe402aad5e588c37f941d93dee0a3ba354b0e6e123e5a03f5de9cc34da8be6f5b5d7e53985b3dcac0de1c85bef21d37f066b8ea30cf759774f53f80e

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db-wal
              Filesize

              56KB

              MD5

              4511fc43b02b6ec19e01dfef4bb80db9

              SHA1

              8014a794ec5ba25907805762f4bcb1fedc87917d

              SHA256

              cc24923f07c1bf9058922a296fcae82cf9624d4caadb8ec7a97ccb5c4def30e2

              SHA512

              32b21d037f06375cb73cee4b0485f3674eed63baac8705b2dd870d44c220d1fa18d88337847e0c09c8e5bc605ee80921755aac1533588f75e08a8fcf878462da

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db-wal
              Filesize

              8KB

              MD5

              e7b1dc5c9251b1744140f1c3b042bce9

              SHA1

              ad525de4762630a0e3362f344d8b6b1092055b89

              SHA256

              30ec42089ff0e518d788466552eb5b196aa3362523e6a8dcea07d8b3b2028bdb

              SHA512

              dbb7569e70bbd9a8d3af17ae534b41fa50f637d06048ff29aca235ca6af240922f469b6e0d93fd5f2542a7c429540d6e4e9a67b1045af4ebcc8595986dc39fe8

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db-wal
              Filesize

              4KB

              MD5

              6624afc62a032246328658b7f1fd5d46

              SHA1

              9270cdb4c8cbb8498e98e93cafd0ff95feca01b1

              SHA256

              6c9d786a9fdfa25be4cb3edc53d8d8885c9c644403d13dcb66b71ec91fe61f3e

              SHA512

              ac22b679649a39e344f2cfb8bfc1de27c35710ed4f49340fa68c6a4119bbfca9eaf0e9035e4874cbb04b56c64148401bd83479e3148aaf441cfecd2fd879220a

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/ua.db-wal
              Filesize

              4KB

              MD5

              7a9db680ce44f85394f38c7b5ce29361

              SHA1

              0b466bb3827147b101b1b3c1acf139d869a3b465

              SHA256

              8b05f18eb02c67747d01459671075973ec8f43696ede23f15852e81fe79d6eaf

              SHA512

              b4352cb7f23d70b98e43340b3e64906520ca68e87a2a37de0330d02059f8e2da9a50b06999cd0c7ba78fc571d96dd154ed32f41c7c2b5da8a71a8b6902cfde67

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/wxop_tencent_analysis.db-journal
              Filesize

              512B

              MD5

              092ef96fd97869279c3d2058aafe1224

              SHA1

              01418faf2981ce774cce815cda8dbea9323102a5

              SHA256

              350a826d98bf36e90652f79762a426710faaa9666f32372c4242ba37631cec2a

              SHA512

              a87f111eafcd0dc971edaf2d2d5de8a1f56af9afa7ba89716f1a8689bb39001efb8470cbd49ffe5b220188fb43e95be4a61bf725577d2b8ce6ecc30a05aac3d9

              Download Submit

            • /data/data/com.yingliang.clicknews/databases/wxop_tencent_analysis.db-wal
              Filesize

              104KB

              MD5

              14e79718ee283bb4c693a2ad6a9aa473

              SHA1

              56d413aff1bf25d19c932c66d23ac8fdb222d89f

              SHA256

              706d07f1a08c3d1ffc60fa7b3950de588c677f6d0c6a64add2de8b76d7dfdfc8

              SHA512

              050a1cf8fac90c80d386bf16a240004ea5dc6cf3c85e5ec439e4349aba5e9890cfe479c02360a407d299070bc805899c9323a7adb6b61eab861f9838c7f28cb6

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.ac
              Filesize

              40B

              MD5

              37ba496bcb5ca57794bf1d19502c4e80

              SHA1

              7a2e80edd0e9c5fff02df27b73b5a086f45eaa67

              SHA256

              11e6563f0ebd7c2381eef13a99622d635a0891138ebf891d62288ef45649cf99

              SHA512

              ef8f418edfbf88d119587899893aef538d7dc695ba12bd7a0179650c0e7630571b81773cdfe2990fbebef6199dbdea3ee3faa75a894769710e9ee442d827cceb

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.ac
              Filesize

              28KB

              MD5

              73a70a2988823c6d774d14cb4492f7c0

              SHA1

              405d0b706659ff57dacf53286f17a9f8843bdc93

              SHA256

              6962a42791ec6c1cb2f3196f9b2c963521664b4c8356c66bf3516d78429ca4fa

              SHA512

              2184f15c435f231520925d9ab971514e8bcaa299ed1cc02bd725118324babf942d9de9968423b88656dbdf6b9a41e11c5a5804da82535c0be9c637839caec6f3

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.di
              Filesize

              40KB

              MD5

              4773f85d378c3e3155c8e9b362e7bf4e

              SHA1

              273f197813cf8dac83abcfa011fce81f32c002d7

              SHA256

              df27fcef9428050e908a14c0e9edfe2530b6e2fe1dbc83123f4f189b44ba3dac

              SHA512

              2b84cc328ccd6714c15ab6c8ac75840030067ba21b847a46013d5a4e9f5647db0169a372f036c896c994ab9e5c8c9b48e10124e49bbd4487240623025ca8913b

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.di
              Filesize

              340B

              MD5

              429d96e74d9c1e1377178623586d0d59

              SHA1

              9b2319832cede729010ef3f4d64db65913fce5d1

              SHA256

              a5e44d25e4ebb4ea0a348adc544f3468de84b56b06cdeb7965f2a805a50da36a

              SHA512

              36dcdcca870b36cc4d06f52108a79a4fa9d3fa66f79ae5b0f83bb640b8c049ee27ab8704ceddc7d0a0349283cce79fa382d5e687554632f83720e64c5f533c87

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.ic
              Filesize

              512B

              MD5

              8f6a7cc0421e0619db3e17e9cd24c4f7

              SHA1

              ef9890f127db2ba5d7d9314bee6821e1fd0d6438

              SHA256

              8af49e98c7cc72d551f09376071ae9860fae5cf8f2116fe3e957dde133e42dbc

              SHA512

              cb7516b25cb8a67907de258db00464c93f13833ee85cfe7d8a61bc85510fa2b34fb7fbaa65f20fb6acc51ec261b72cd1620f8cdfd29b6f96011dad8b98f751d2

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.li
              Filesize

              100B

              MD5

              80aea29e1d20a0877b7d889b323952cd

              SHA1

              851b73adb995ab1971a8e4a419afac9c5d0609f6

              SHA256

              fa7a4ac2ad1dbfa45b7e89232af8b55abc0dac102b3582e58223141cd77bba6c

              SHA512

              cdf93c94f704d93526d5c472cbcb5c95d4bf7940fb99807356bf4d9140491b58ec05b924a98d29fb2da9764c100e4ecf1efa8fbdb6591cce62ebd754d96a03cc

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.rd
              Filesize

              196B

              MD5

              0a49a5df47bdf5dc7733d0966fbfb66e

              SHA1

              4fd7b8e0dcadb67dfc69bb5901f35209f8723e84

              SHA256

              324701b68e7f3151704ebb780fa8461b02d9bf404a4ce34c5f2fcb32c516ee9b

              SHA512

              58d7649392be2b2f7c31de5b8431657aa8a0709a35d1ceef01b1b26441d99b96e9d3a544ba60612f81892bf6afcbc8e0d1afdf0caf222f213969a0fb60898f69

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jglogs/.jg.ri
              Filesize

              314B

              MD5

              1154493deacfad3cdc69e3bd6e34cbbf

              SHA1

              9c589eff522f1b3a2c1380a46682656e74af2af2

              SHA256

              c45d73d9140f26645611b50d18b6ec6a61e1a9bbf56ce9caa59aacc9d3cdd980

              SHA512

              3f3e2ac9366b7fb15700c3a6bea1055466118654317287b0cfaf45e5b3d01d477378e97836f58900dac87079fcc4f956d3c2ad2a5b8d43af6174327c8e8480e7

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.jiagu.lock
              Filesize

              27B

              MD5

              038febe72b597008cffa5303fbefff73

              SHA1

              8ec018aa52d51999e0453c3c2a15f42756f7f06a

              SHA256

              c3e7ff4592822a28798ff5bdb478f238bb1059f5b6a26bd01e9589bf431ed399

              SHA512

              fdd2169991d9c79a7acace8eb0298607a6e6972b22a73f1f26d317fc5d7be57e2187fc09bf1b9620e76246e53d68ec5e0986be84e48e6eb4cdc19157abb61e9f

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.um/um_cache_1732579650298.env
              Filesize

              1KB

              MD5

              aadb1865111c92e456f5f5b05b307e02

              SHA1

              b2082e15b11afbc5a34069b996153b3b1272835e

              SHA256

              80e96425cedea02852ad300768746c409fdb86fe451958ffdac36f315c02dbcd

              SHA512

              12e9ff1e8411f968d17f5d6f7b254be100bc3fd317757610402df09c5393fe377fd7448a7aaf7613fb15e4c86369fff33f00bdea3a5e177720f06af0f91ec2f7

              Download Submit

            • /data/data/com.yingliang.clicknews/files/.umeng/exchangeIdentity.json
              Filesize

              162B

              MD5

              48cdaf2f2d82f11a877b53a8f5a3f7c6

              SHA1

              88ea419f70988cd80f32b4a121bcb576664bfc69

              SHA256

              ac3a93cc2d24331e2a380961b3e0bf949c64b20c6dd0c79309f66464d175fe12

              SHA512

              b40c9645ae46f44860a161aa8fd93acf8285a72fca76dbba1e907cc9d445d85a6fa70eb7500866b451460859074cea6abec37c7d6cb073d16b288412743ac413

              Download Submit

            • /data/data/com.yingliang.clicknews/files/exid.dat
              Filesize

              61B

              MD5

              232c7cb66026fab3e8ba0d280753f94a

              SHA1

              e19be2710816bb6367b68b9716073bb1f63e3bdc

              SHA256

              a5f2be5520172dec17ee2c5ab2e7d62a3a77b9a7a14ccefe6ef51fc85556b59c

              SHA512

              1d5e9fc4ae95465d4f78a3465ef4741c7670861c02d443ee82739f26ce8800e036015de3442730df82089149881114697e1c38269719c3957d3f539a83155a30

              Download Submit

            • /data/data/com.yingliang.clicknews/files/mipush_region
              Filesize

              5B

              MD5

              ae54a5c026f31ada088992587d92cb3a

              SHA1

              d2eaf2aa1512d6596e0a5bae633537c6b8e779a3

              SHA256

              10436829032f361a3de50048de41755140e581467bc1895e6c1a17f423e42d10

              SHA512

              d6afe88ac526c5e817a9877009da962246da51846e688dfc5f40f45ef8c2fa97b8cbb3f2972e70fd1e9d5f612e1d788b1f20fa81e412bac00a1688c0d31fc059

              Download Submit

            • /data/data/com.yingliang.clicknews/files/sllak/core/finalcore.jar
              Filesize

              108KB

              MD5

              036c1d91555f71d141fded831b7060b9

              SHA1

              8848f30afba238581420a22c267ee48de425f26c

              SHA256

              b3391347fceb2a7ee182f9f13fd168b2f990044d866a7e765bdc21e79c2cc330

              SHA512

              8eda9af8144e10ee9bf339385e814204a6a0e43f9a9597948f63e931d917d997d7985569f1850ec14c0df75ddd3d92a55abe8fd0c42fd2bf3897c525502d6afd

              Download Submit

            • /data/data/com.yingliang.clicknews/files/sllak/core/oat/finalcore.jar.cur.prof
              Filesize

              196B

              MD5

              778e487fca90038e12c461591290cc6c

              SHA1

              80af0c5d5ecd1a9bb25268945954e55d6a1516f5

              SHA256

              49a169633e8b07ac4274a76506a0dc589e93de0ee2126fb8adbbb627f497b6d4

              SHA512

              13a282c0e18500289375907ab048d2accc9d1a462095a8d1b52db1794defa9d6ce644d5173ac31d8537614c92b0211f4c76d6e2b91a5cfa120c9568f8dc4137c

              Download Submit

            • /data/data/com.yingliang.clicknews/files/sllak/logcache/log1732579524133
              Filesize

              2KB

              MD5

              fcc727575fda6f44edc9bb8bcce0fef9

              SHA1

              a4612cf4ad52708c3dd4fb6d45067c02856781f9

              SHA256

              464f15a9c56d364219d2f27195c990ff9c0fb52829e00a101e452aa5e9c287e9

              SHA512

              3d4554b43864c6ec124de2cbfa7881850b8d175d86e0bdf1d9d792c9363c8cbc643b002e3341d4358dd2c179f06286fed7120b650895edcf49850cd3ec2509f3

              Download Submit

            • /data/data/com.yingliang.clicknews/files/tiny_data.data
              Filesize

              196B

              MD5

              9e241f8061b2bc68718dad7808afc467

              SHA1

              f4ce90401db6eda601fae971c2a6f9901ebdbace

              SHA256

              621989a2a888c4e2a1117dfa7a0a0e6545e0726ed53c977cc8056263ea8def8d

              SHA512

              59b16a7ceb9c12b25c5ef7d6a076899f799129312605389127b26f5c7d40141df49644b89ea85d800ab5fe5fc066312caa1d46bd3ef141ad9aa4eafa97a45d0b

              Download Submit

            • /data/data/com.yingliang.clicknews/files/tiny_data.data
              Filesize

              196B

              MD5

              729067dc70671363ced316b3727fd2e4

              SHA1

              5b96b14ce6768117f91cd6a81a28a0d5f9244b9b

              SHA256

              db3b66d24104333878766955e3e9f225e983a2710839cca89a46f74150250247

              SHA512

              94f5db3c636e8d16f9162f0ebeb44b7c5dd16a97ede6da56804210d3ddcad8d352727ac80f5a3899837051fab49559ddf536b5160ddfd89b7904b79b04c368fb

              Download Submit

            • /data/data/com.yingliang.clicknews/files/tiny_data.data
              Filesize

              196B

              MD5

              f3dc5a98729d0338f9b7d285ed3914b7

              SHA1

              a972d826f064ddfda9dcbecdaaf93397818859b3

              SHA256

              b137a06e052c610d660a7d1d4eee354c7082fe3be2c3deb9bbe194bd6770b3e3

              SHA512

              7e97eb02a16c5135a473738acb5727830cea8f117dd69d1a14458274117e958994e119b05d067bab8bd48d5af14643f6df2a034f34e81ff9ed8d5f4c5ac88af8

              Download Submit

            • /data/data/com.yingliang.clicknews/files/umeng_it.cache
              Filesize

              498B

              MD5

              edb7da667500ab404c425414e2efcb70

              SHA1

              4114437ba8caa8e1299be8d92df87d186362be34

              SHA256

              2fb7493b0dd64fd7c3242c941b7696c7917ad49c1711e3050daf77e7e26c1a6d

              SHA512

              395f6c4e7119628488af10884f90411ce4ef9215deafc68a7d6b68f25c6388e9d3d79333f22f7d113bb0d74987f778bebf760e7eafcae9bc03ac6671b784f966

              Download Submit

            • /data/user/0/com.yingliang.clicknews/files/sllak/core/finalcore.jar
              Filesize

              250KB

              MD5

              8373bf886e46c115ba70fee3d6065bdd

              SHA1

              87b8230d411f12b602d8817d3f8e618ec2b32f9b

              SHA256

              6e796e309af4c61c112ba210e9e02401ab7afcd9585a25bf8e325883771ce68a

              SHA512

              d417910dc826908be61ea6270401d85d7de91bb53aa87b370496d5c5ed30c48988e040fe40f11308859a1038238e4df81dd8be8d89ebd21fe3c7d075ea5722fe

              Download Submit

            • /storage/emulated/0/.DataStorage/ContextData.xml
              Filesize

              111B

              MD5

              eea12cac82577efe771e7a3b02e1b284

              SHA1

              43b307194f90b2b2657304e21ae29627276b2a4e

              SHA256

              e7b03bd56260966e6d691eed131b4a75db1ab7cd08ffacbc2490a2a9ad38e5d5

              SHA512

              6b16ab3377e6f07e6acf99d1c4e0658e9b7b5e3059b90c692904dcb20857412eab071a7efdaa73393935559aaee9d14a908e5bebb8216cbc02d9dc0ad10274a3

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              65B

              MD5

              9781ca003f10f8d0c9c1945b63fdca7f

              SHA1

              4156cf5dc8d71dbab734d25e5e1598b37a5456f4

              SHA256

              3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

              SHA512

              25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              111B

              MD5

              a19b9ea08e291922adbe61454042d402

              SHA1

              a562e120a9baa3d84cd5016fbf1758462fd22f32

              SHA256

              08c71af709ee14ed414b68cd579675ee601b6524ca445d74c69d2da460a2a9ee

              SHA512

              a4201d822dea4f527c18eee918a7dfe06765414447c70bdb8daa35ede487061b94c19021c5894b238c9aca7adc583ecd6fc91d1bfb416869e9d146daabf818dd

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              381B

              MD5

              5c539149a9df78e6d8ea738906ad4f8c

              SHA1

              0ee0183157237de00b885821931eea099e45abce

              SHA256

              bc27bf4acf26c9b1f5a655b24a55e69e573084692f87476f5285a26bada299c7

              SHA512

              1aa3ccca6215601834473df42cc6a06992522ad8166b18048216bed6fff235fa022a0ed2800094b609c75780cc1bef80d6611c3c678da8eb3a76cf6f4eb33d8f

              Download Submit

            • /storage/emulated/0/.sfp/.sfp
              Filesize

              83B

              MD5

              51ab08114c427c2eb635f3a038784df5

              SHA1

              554928df77e37c4d3215f383fa3aa2239c843c86

              SHA256

              4a872931c57b1ceb2ae52b36510c4cca0b85f71c9b53898739cb614c0bb9dca7

              SHA512

              72d7d16608096d545f2afc010d073aa56e2db4efb5ca12fbe20dc660d96893d6f8c33b20799396d9b99b54f8b9d8067c9ed4e124550dea084e18c54958ed0c96

              Download Submit

            • /storage/emulated/0/360/.deviceId
              Filesize

              48B

              MD5

              1d8d16c4e3b19ebf18988530d9b9a757

              SHA1

              bc94c1cce05cd848a53271ecb9c5311e27ffebf5

              SHA256

              abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

              SHA512

              4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

              Download Submit

            • /storage/emulated/0/360/.iddata
              Filesize

              32KB

              MD5

              36d4fa22ac268562c383f98f800971a7

              SHA1

              3cfd090695e9cadbcda6b9e18a62e370a9579831

              SHA256

              53130600e6d1521cac4a715d3b75d39b582262f9872c9d09aeeeecb0c9697c50

              SHA512

              08f14de13af7af7220fb3c36c4819a3911f7ceae53cfbcf85dae9dbee6ca3bb99e46396b5556ae2693feba572a0131347c1aa84e11e2adce00778e765d8c9da5

              Download Submit

            • /storage/emulated/0/Android/data/com.yingliang.clicknews/files/MiPushLog/log1.txt
              Filesize

              1KB

              MD5

              36941052fb26f3fc28a1ae21edb9b1cc

              SHA1

              11332b4f7124993446fb9e32aa2274f9d226d55a

              SHA256

              ff9d8c2d3553d458f123cd70bce16405c7e5daeb2afa63248ed969689cacf2d9

              SHA512

              59d72a3aa5497efd306a6427198af1ff7ea6ce2ea7c4756bcf3569378744091066bc9bf8f79f5bad9e84f2ea921315b095778736b9a572c7be2c593f7a402d6d

              Download Submit

            • /storage/emulated/0/Android/data/com.yingliang.clicknews/files/MiPushLog/log1.txt
              Filesize

              240B

              MD5

              4740b5fc9394f6b98b6e5d61cda01e4b

              SHA1

              b719c795419ec9ef9186d1ca93d022d35385a2b9

              SHA256

              9d7f21615ca94c1d09c5ec52092d3c055bcb531a066396aaf87e8b79ea24925f

              SHA512

              8e367e7f22ea0edc7dee1478fd791d30daa9f98303cfa44d928767562976e0aed1bbebf74f6e7fe3f1d98f177b686da6599c6e874b45ffb66fce8614986e5adc

              Download Submit

            • /storage/emulated/0/Android/data/com.yingliang.clicknews/files/tbslog/tbslog.txt
              Filesize

              12KB

              MD5

              bebbae9fad37ea5c09dfd2b4b640f0a4

              SHA1

              4512e0add98eba07e7353bbd564305c262e3a676

              SHA256

              082fcff8f57ff9746bb67e795c6c8779e98c1ab8ff000a550a4552926b366339

              SHA512

              713e2cb9a114a482d411db6d0a80702c08de843d2078171a02f8e5350a85a1ffda82fa43dc4d7c87a082479760d143ea8a8d0eaa964aab6b4e07593074cbd4e5

              Download Submit

            • /storage/emulated/0/Android/data/com.yingliang.clicknews/files/tbslog/tbslog.txt
              Filesize

              16KB

              MD5

              3c204aab198afadf6236a2667bbab6d1

              SHA1

              ebf5c705db876359e8421f2accc6532e8dc83c53

              SHA256

              ac1767e6c366ae1a48e85a3baff1db653d100c8ae5558eb7641cc8bc2a9f1fd8

              SHA512

              4823865c03e43bfe6e0752508efdf17acea1cb068cdb3ee301682971724b0148b8bac6961b65d4149357ce1432779f1932341910c7732e73641a8a0f7294deb6

              Download Submit