Loading ...

Play interactive tourEdit tour

Android Analysis Report re4PfGl5Lc.zip

Overview

General Information

Sample Name:re4PfGl5Lc.zip
Analysis ID:1575559
MD5:03f51334546586d0b56ee81d3df9fd7a
SHA1:b45ff7ff0126a88d6782d6871c472577cb7b103c
SHA256:efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7
Infos:

Most interesting Screenshot:

Detection

S.O.V.A.
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected S.O.V.A.
Multi AV Scanner detection for submitted file
Antivirus / Scanner detection for submitted sample
Found detection on Joe Sandbox Cloud Basic
Loads a dropped dex file via MultiDexApplication
Removes its application launcher (likely to stay hidden)
Tries to disable the administrator user
Tries to download files via HTTP but all files are no longer available
May check the online IP address of the machine
Found large list of e-Banking application (likely related to e-Banking fraud)
Protects itself from removal
Checks if taint analysis is available
Uses accessibility services (likely to control other applications)
Has permission to write to the SMS storage
Scans for WIFI networks
Checks if a SIM card is installed
Queries the SIM provider numeric MCC+MNC (mobile country code + mobile network code)
May query (preferred) Access Point Name (APN)
Queries list of running processes/tasks
Starts an activity on phone boot (autostart)
Tries to detect QEMU emulator
Queries the SIM provider name (SPN - Service Provider Name)
Obfuscates method names
Has permission to read the SMS storage
Contains package name strings related to banking (usually for identifying banking APKs)
Installs a new wake lock (to get activate on phone screen on)
Found suspicious command strings (may be related to BOT commands)
Sends SMS using SmsManager
Checks an internet connection is available
Queries list of installed packages
Found very long method strings
Queries package code path (often used for patching other applications)
Checks if phone is rooted (checks for su binary)
Has permission to record audio in the background
Creates SMS data (e.g. PDU)
Requests potentially dangerous permissions
Has an unnatural receiver priority (often indicator for malware)
Requests root access
Potential date aware sample found
Has permission to perform phone calls in the background
Tries to detect Virtualbox
Registers a clipboard change listener (to get access to clipboard data)
Queries the phones location (GPS)
Opens an internet connection
Queries the network operator name
May access the Android keyguard (lock screen)
Parses SMS data (e.g. originating address)
Has permission to receive SMS in the background
Lists and deletes files in the same context
Has permission to read contacts
Queries the network operator ISO country code
Has permission to draw over other applications or user interfaces
Queries the unqiue device ID (IMEI, MEID or ESN)
Accesses /proc
Has permission to read the phones state (phone number, device IDs, active call ect.)
Kills/terminates processes
Queries the SIM provider ISO country code
Might use exploit to break dedexer tools
Accesses android OS build fields
Executes native commands
Queries the network MAC address
Performs DNS lookups (Java API)
Queries the network operator numeric MCC+MNC (mobile country code + mobile network code)
Queries several sensitive phone informations
Has permission to send SMS in the background
Checks CPU details
Queries the unique operating system id (ANDROID_ID)
Sets an intent to the APK data type (used to install other APKs)
Queries the WIFI MAC address
Has permission to execute code after phone reboot
Uses reflection

Classification

Yara Overview

No yara matches

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: re4PfGl5Lc.zipVirustotal: Detection: 42%Perma Link
Source: re4PfGl5Lc.zipReversingLabs: Detection: 40%
Antivirus / Scanner detection for submitted sampleShow sources
Source: re4PfGl5Lc.zipAvira: detected
Source: com.alipay.edge.b.c;->b:86API Call: android.telephony.TelephonyManager.getCellLocation
Source: com.alipay.edge.b.c;->c:120API Call: android.location.LocationManager.getLastKnownLocation
Source: com.alipay.edge.b.c;->c:122API Call: android.location.LocationManager.getLastKnownLocation
Source: com.alipay.edge.b.c;->c:123API Call: android.location.Location.getLongitude
Source: com.alipay.edge.b.c;->c:126API Call: android.location.Location.getLatitude
Source: com.loc.df$b;->run:32API Call: android.location.Location.getLatitude
Source: com.loc.df$b;->run:36API Call: android.location.Location.getLongitude
Source: com.loc.dp;-><init>:11API Call: android.telephony.TelephonyManager.getCellLocation
Source: com.loc.dp;->p:290API Call: android.telephony.TelephonyManager.getCellLocation
Source: re4PfGl5Lc.zipCode Location: Li/p0/j/n;.a(ZLi/p0/j/n$b;)Z
Source: Lcom/ali/alihadeviceevaluator/j;->a()ZMethod string: "/system/bin/su"
Source: Lcom/ali/alihadeviceevaluator/j;->a()ZMethod string: "/system/xbin/su"
Source: unknownHTTPS traffic detected: 54.243.51.135:443 -> 192.168.1.122:52784 version: TLS 1.2
Source: com.meizu.cloud.pushsdk.notification.a.d;->a:22API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.apmobilesecuritysdk.apdid.a;->b:65API Call: android.os.Environment.getExternalStorageDirectory
Source: com.huawei.hms.availableupdate.e;->a:24API Call: android.os.Environment.getExternalStorageState
Source: com.meizu.cloud.pushsdk.handler.a.b.a;->a:41API Call: android.os.Environment.getExternalStorageDirectory
Source: com.meizu.cloud.pushsdk.handler.a.b.b;->a:58API Call: android.os.Environment.getExternalStorageDirectory
Source: com.meizu.cloud.pushsdk.b.b;-><init>:9API Call: android.os.Environment.getExternalStorageDirectory
Source: com.meizu.cloud.pushsdk.b.j;->a:19API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.security.mobile.module.b.b;->c:25API Call: android.os.Environment.getExternalStorageState
Source: com.alipay.security.mobile.module.b.b;->c:28API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.security.mobile.module.b.b;->j:188API Call: android.os.Environment.getExternalStorageState
Source: com.alipay.security.mobile.module.b.b;->j:191API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.security.mobile.module.c.c;->a:2API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.security.mobile.module.c.c;->a:8API Call: android.os.Environment.getExternalStorageState
Source: com.alipay.security.mobile.module.c.c;->a:14API Call: android.os.Environment.getExternalStorageDirectory
Source: com.ta.audid.collect.DeviceInfo2;->getAvailableSize:58API Call: android.os.Environment.getExternalStorageDirectory
Source: com.ta.audid.collect.DeviceInfo2;->getTotalExternalMemorySize:235API Call: android.os.Environment.getExternalStorageDirectory
Source: com.alipay.apmobilesecuritysdk.e.c;->a:45API Call: android.os.Environment.getExternalStorageDirectory
Source: com.loc.ff;->E:25API Call: android.os.Environment.getExternalStorageState
Source: com.loc.ff;->E:27API Call: android.os.Environment.getExternalStorageDirectory
Source: com.loc.ff;->d:357API Call: android.os.Environment.getExternalStorageDirectory
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;-><init>:7API Call: android.os.Environment.getExternalStorageState
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;->getRootFolder:126API Call: android.os.Environment.getExternalStorageDirectory
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;->commit:180API Call: android.os.Environment.getExternalStorageState
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;->reload:330API Call: android.os.Environment.getExternalStorageState
Source: com.nirvana.tools.logger.storage.FileStorage;->isBaseDirExist:9API Call: android.os.Environment.getExternalStorageState
Source: com.nirvana.tools.logger.storage.FileStorage;->isBaseDirExist:12API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nirvana.tools.logger.storage.FileStorage;->newBaseDir:24API Call: android.os.Environment.getExternalStorageState
Source: com.nirvana.tools.logger.storage.FileStorage;->newBaseDir:27API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nirvana.tools.logger.storage.FileStorage;->createNewFile:46API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nirvana.tools.logger.storage.FileStorage;->firstFileName:60API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nirvana.tools.logger.storage.FileStorage;->isFileExist:73API Call: android.os.Environment.getExternalStorageDirectory
Source: com.ta.audid.upload.UtdidKeyFile;->getUtdidSdcardRootFileDir:158API Call: android.os.Environment.getExternalStorageDirectory
Source: com.tmall.android.dai.internal.util.StatFsHelper;->b:17API Call: android.os.Environment.getExternalStorageDirectory

Networking:

barindex
Tries to download files via HTTP but all files are no longer availableShow sources
Source: HTTP HeaderHTTP: All HTTP requests resultet into 404 Not Found
May check the online IP address of the machineShow sources
Source: unknownDNS query: name: api.ipify.org
Source: unknownDNS query: name: api.ipify.org
Source: unknownDNS query: name: api.ipify.org
Source: com.loc.dr;->p:65API Call: android.net.wifi.WifiManager.getScanResults
Source: com.loc.dr;->r:97API Call: android.net.wifi.WifiManager.startScan
Source: com.loc.ff;->l:469API Call: android.net.wifi.WifiManager.getScanResults
Source: g.a.a.o.d;->m8277e091:96API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: g.d.a.i$c;->onReceive:20API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: g.d.a.i$a;->handleMessage:83API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: g.d.a.i$a;->handleMessage:90API Call: android.net.NetworkInfo.isConnected
Source: g.d.a.i$a;->handleMessage:144API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: g.d.a.r;->g:48API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.hms.android.SystemUtils;->getNetType:13API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.hms.android.SystemUtils;->getNetType:14API Call: android.net.NetworkInfo.isAvailable
Source: com.alipay.apmobilesecuritysdk.apdid.a;->a:215API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.alipay.apmobilesecuritysdk.apdid.a;->a:216API Call: android.net.NetworkInfo.isConnected
Source: com.alipay.edge.b.c;->d:150API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.alipay.security.mobile.module.b.b;->k:217API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.alipay.security.mobile.module.b.b;->o:261API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.alipay.security.mobile.module.b.b;->o:262API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.alipay.security.mobile.module.b.b;->t:465API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.ta.audid.collect.NetworkInfo;->getBssid:8API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.ta.audid.collect.NetworkInfo;->getRssi:39API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.ta.audid.collect.NetworkInfo;->isStrongSemaphore:60API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->getDnsServerIpsFromConnectionManager:8API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->getDnsServerIpsFromConnectionManager:10API Call: android.net.ConnectivityManager.getNetworkInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->getNetworkInfo:139API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->getNetworkStatus:154API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->getNetworkStatus:155API Call: android.net.NetworkInfo.getDetailedState
Source: com.huawei.hms.framework.common.NetworkUtil;->getNetworkType:176API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.hms.framework.common.NetworkUtil;->getWifiRssi:213API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.huawei.hms.framework.common.NetworkUtil;->isNetworkAvailable:233API Call: android.net.NetworkInfo.isConnected
Source: com.meizu.cloud.pushsdk.e.c;->a:3API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.meizu.cloud.pushsdk.e.c;->b:6API Call: android.net.NetworkInfo.isConnected
Source: com.meizu.cloud.pushsdk.e.b;->d:131API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.meizu.cloud.pushsdk.d.f.e;->a:46API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.meizu.cloud.pushsdk.d.f.e;->a:47API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.hms.hatool.h;->a:18API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.hms.hatool.h;->a:19API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.updatesdk.a.a.d.i.a;->a:1API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.updatesdk.a.a.d.i.a;->a:5API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.updatesdk.a.a.d.i.a;->d:14API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.huawei.updatesdk.a.a.d.i.a;->d:15API Call: android.net.NetworkInfo.isConnected
Source: com.loc.dr;->q:84API Call: android.net.wifi.WifiManager.getWifiState
Source: com.loc.dr;->a:156API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.loc.dr;->a:158API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.loc.dr;->c:180API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.loc.ee;->a:91API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.loc.eo;->a:15API Call: android.net.NetworkInfo.isAvailable
Source: com.loc.eo;->a:16API Call: android.net.NetworkInfo.isConnected
Source: com.loc.eo;->d:236API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: com.loc.eo;->h:275API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.loc.eo;->i:285API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: com.loc.ff;->L:164API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.loc.ff;->k:458API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.loc.ff;->k:459API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.loc.ff;->l:468API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.loc.ff;->m:492API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.loc.ff;->r:522API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.loc.ff;->v:558API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.taobao.mediaplay.MediaController$2;->onReceive:7API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.taobao.mediaplay.MediaController$2;->onReceive:9API Call: android.net.NetworkInfo.isAvailable
Source: anet.channel.status.NetworkStatusHelper;->i:39API Call: android.net.NetworkInfo.isConnected
Source: anet.channel.status.b;->b:54API Call: android.net.NetworkInfo.isConnected
Source: anet.channel.status.b;->c:73API Call: android.net.NetworkInfo.isConnected
Source: anet.channel.status.b;->c:75API Call: android.net.NetworkInfo.isConnected
Source: anet.channel.status.b;->c:78API Call: android.net.NetworkInfo.isAvailable
Source: anet.channel.status.b;->d:125API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: anet.channel.status.b;->g:151API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.tmall.b;->a:9API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.tmall.b;->a:10API Call: android.net.NetworkInfo.isConnected
Source: com.tmall.android.dai.internal.util.NetworkUtil;->a:5API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.tmall.android.dai.internal.util.NetworkUtil;->a:6API Call: android.net.NetworkInfo.isAvailable
Source: com.tmall.android.dai.internal.util.NetworkUtil;->a:7API Call: android.net.ConnectivityManager.getNetworkInfo
Source: com.tmall.android.dai.internal.util.NetworkUtil;->a:8API Call: android.net.NetworkInfo.getState
Source: com.tmall.android.dai.internal.util.o;->a:132API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.tmall.android.dai.internal.util.o;->a:133API Call: android.net.NetworkInfo.isAvailable
Source: com.ta.audid.utils.NetworkInfoUtils;->getNetworkState:49API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.ta.audid.utils.NetworkInfoUtils;->getNetworkState:50API Call: android.net.NetworkInfo.isConnected
Source: com.ta.audid.utils.NetworkInfoUtils;->getNetworkType:70API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.ta.audid.utils.NetworkInfoUtils;->getNetworkType:71API Call: android.net.NetworkInfo.isConnected
Source: com.ta.audid.utils.NetworkInfoUtils;->getWifiIpAddress:82API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.ta.audid.utils.NetworkInfoUtils;->isConnectInternet:95API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.ta.audid.utils.NetworkInfoUtils;->isConnectInternet:96API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.hms.utils.NetWorkUtil;->a:2API Call: android.net.NetworkInfo.isConnected
Source: com.huawei.hms.utils.NetWorkUtil;->a:9API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.taobao.alimama.component.view.video.CpmVideoView;->startVideo:72API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.meizu.cloud.pushsdk.a.a.a;->d:67API Call: java.net.URL.openConnection (not executed)
Source: com.meizu.cloud.pushsdk.a.a.b;->b:71API Call: java.net.URL.openConnection (not executed)
Source: com.tmall.a.a$a;->a:12API Call: java.net.URL.openConnection (not executed)
Source: com.huawei.hms.framework.network.grs.d.a.a;->a:3API Call: java.net.URL.openConnection (not executed)
Source: anet.channel.strategy.a.d;->a:25API Call: java.net.URL.openConnection (not executed)
Source: com.huawei.hms.availableupdate.k;->a:39API Call: java.net.URL.openConnection (not executed)
Source: com.tmall.android.dai.b.b;->a:9API Call: java.net.URL.openConnection (not executed)
Source: com.tmall.android.dai.b.b;->a:10API Call: java.net.URL.openConnection (not executed)
Source: com.huawei.updatesdk.a.a.b.b;->a:3API Call: java.net.URL.openConnection (not executed)
Source: com.meizu.cloud.pushsdk.c.c.h;->a:80API Call: java.net.URL.openConnection (not executed)
Source: com.nirvana.tools.crash.CrashUploadUtils;->post:107API Call: java.net.URL.openConnection (not executed)
Source: com.huawei.hms.hatool.a0;->a:72API Call: java.net.URL.openConnection (not executed)
Source: com.squareup.okhttp.internal.f$a;->a:16API Call: java.net.Socket.connect (not executed)
Source: com.squareup.okhttp.internal.f;->a:81API Call: java.net.Socket.connect (not executed)
Source: anet.channel.l.b;->b:357API Call: java.net.URL.openConnection (not executed)
Source: anet.channel.l.b;->b:358API Call: java.net.URL.openConnection (not executed)
Source: i.p0.l.b;->e:80API Call: java.net.Socket.connect (not executed)
Source: i.p0.l.h;->e:113API Call: java.net.Socket.connect (not executed)
Source: com.loc.ac;->a:295API Call: java.net.URL.openConnection (not executed)
Source: com.loc.ac;->a:296API Call: java.net.URL.openConnection (not executed)
Source: com.airbnb.lottie.network.b;->d:71API Call: java.net.URL.openConnection (not executed)
Source: com.huawei.hms.opendevice.d;->a:64API Call: java.net.URL.openConnection (not executed)
Source: com.ta.audid.upload.HttpUtils;->sendRequest:15API Call: java.net.URL.openConnection (not executed)
Source: g.c.a.a0.a0.o$o;->a:6API Call: java.net.InetAddress.getByName (not executed)
Source: anet.channel.detect.ExceptionDetector;->a:5API Call: java.net.InetAddress.getByName (not executed)
Source: i.s;->a:6API Call: java.net.InetAddress.getAllByName (not executed)
Source: anet.channel.n.m;-><clinit>:4API Call: java.net.InetAddress.getAllByName (not executed)
Source: anet.channel.n.m;->a:9API Call: java.net.Inet4Address.getByName (not executed)
Source: anet.channel.n.m;->k:160API Call: java.net.InetAddress.getByName (not executed)
Source: com.squareup.okhttp.r;->a:2API Call: java.net.InetAddress.getAllByName (not executed)
Source: anet.channel.strategy.h;->run:3API Call: java.net.InetAddress.getByName (not executed)
Source: unknownNetwork traffic detected: HTTP traffic on port 52784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52784
Source: unknownNetwork traffic detected: HTTP traffic on port 52144 -> 443
Source: com.tmall.a.a$a;->a:18API Call: java.net.HttpURLConnection.connect
Source: com.huawei.hms.framework.network.grs.c.i;->call:16API Call: javax.net.ssl.HttpsURLConnection.connect
Source: com.huawei.hms.framework.network.grs.c.j;->call:21API Call: javax.net.ssl.HttpsURLConnection.connect
Source: com.huawei.updatesdk.b.d.c;->a:77API Call: javax.net.ssl.HttpsURLConnection.connect
Source: anet.channel.l.b;->b:157API Call: java.net.HttpURLConnection.connect
Source: com.loc.ac;->a:69API Call: java.net.HttpURLConnection.connect
Source: com.airbnb.lottie.network.b;->d:74API Call: java.net.HttpURLConnection.connect
Source: com.ta.audid.upload.HttpUtils;->sendRequest:81API Call: java.net.HttpURLConnection.connect
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.234
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: openrestyDate: Fri, 10 Sep 2021 17:48:35 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 273Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 70 69 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 36 20 53 65 72 76 65 72 20 61 74 20 61 30 35 34 35 31 39 33 2e 78 73 70 68 2e 72 75 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /api was not found on this server.</p><hr><address>Apache/2.4.6 Server at a0545193.xsph.ru Port 80</address></body></html>
Source: classes.dexString found in binary or memory: http://127.0.0.1:
Source: classes.dexString found in binary or memory: http://127.0.0.1:.http://abroad.apilocate.amap.com/mobile/binary
Source: classes.dex, androidString found in binary or memory: http://abroad.apilocate.amap.com/mobile/binary
Source: 66666692.appinfo.jsonString found in binary or memory: http://alipay-rmsdeploy-image.cn-hangzhou.alipay.aliyun-inc.com/jet-dev/AP_66666692/u7dirm6ha3s/
Source: classes.dex, androidString found in binary or memory: http://apilocate.amap.com/mobile/binary
Source: classes.dexString found in binary or memory: http://apilocate.amap.com/mobile/binaryBhttp://cgicol.amap.com/collection/collectData?src=baseCol&ve
Source: classes.dex, androidString found in binary or memory: http://cgicol.amap.com/collection/collectData?src=baseCol&ver=v74&
Source: updatesdkcas.bksString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: updatesdkcas.bksString found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: classes.dex, androidString found in binary or memory: http://dualstack-restsdk.amap.com/v3/geocode/regeo
Source: classes.dex, androidString found in binary or memory: http://dualstack.apilocate.amap.com/mobile/binary
Source: triver_iconfont.ttf, AlipayNumber.ttfString found in binary or memory: http://fontello.com
Source: AlipayNumber.ttfString found in binary or memory: http://fontello.comhttp://fontello.com
Source: androidString found in binary or memory: http://google.com/
Source: classes.dex, androidString found in binary or memory: http://mobilegw-1-64.test.alipay.net/mgw.htm
Source: classes.dexString found in binary or memory: http://mobilegw-1-64.test.alipay.net/mgw.htm&http://mobilegw.aaa.alipay.net/mgw.htm)http://mobilegw.
Source: classes.dex, androidString found in binary or memory: http://mobilegw.aaa.alipay.net/mgw.htm
Source: classes.dex, androidString found in binary or memory: http://mobilegw.stable.alipay.net/mgw.htm
Source: classes.dexString found in binary or memory: http://restsdk.amap.com
Source: classes.dex, androidString found in binary or memory: http://restsdk.amap.com/v3/config/district?
Source: classes.dexString found in binary or memory: http://restsdk.amap.com/v3/config/district?(http://restsdk.amap.com/v3/geocode/regeo$http://restsdk.
Source: classes.dex, androidString found in binary or memory: http://restsdk.amap.com/v3/geocode/regeo
Source: classes.dex, androidString found in binary or memory: http://restsdk.amap.com/v3/iasdkauth
Source: classes.dex, androidString found in binary or memory: http://restsdk.amap.com/v3/place/around?
Source: classes.dex, androidString found in binary or memory: http://restsdk.amap.com/v3/place/text?
Source: trade_test_address.xmlString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: notification_template_part_chronometer.xml, notification_bg.xml, AndroidManifest.xmlString found in binary or memory: http://schemas.android.com/apk/res/android
Source: classes.dex, androidString found in binary or memory: http://xmlpull.org/v1/doc/features.html#indent-output
Source: classes.dexString found in binary or memory: https://0https://api-push.in.meizu.com/garcia/api/client/-https://api-push.meizu.com/garcia/api/clie
Source: 66666692.appinfo.jsonString found in binary or memory: https://66666692.hybrid.miniapp.taobao.com
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://amc201710.alipay.com/amc-h5-polyfill.css
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://amc201710.alipay.com/amc-h5-polyfill.js
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://amc201710.alipay.com/amc-h5.js
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://amc201710.alipay.com/amc.css
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://amc201710.alipay.com/amc.js
Source: classes.dex, androidString found in binary or memory: https://api-push.in.meizu.com/garcia/api/client/
Source: classes.dex, androidString found in binary or memory: https://api-push.meizu.com/garcia/api/client/
Source: classes.dex, androidString found in binary or memory: https://api-push.meizu.com/garcia/api/client/log/upload
Source: classes.dex, androidString found in binary or memory: https://api-push.meizu.com/garcia/api/server/getPublicKey
Source: androidString found in binary or memory: https://api.ipify.org
Source: androidString found in binary or memory: https://api.telegram.org
Source: classes.dex, androidString found in binary or memory: https://audid-api.taobao.com/v2.0/a/audid/req/
Source: QUICKPAY@frontpay-limit-query-flex.htmlString found in binary or memory: https://csmobile.alipay.com/router.htm?scene=app_zkxesm
Source: grs_sdk_global_route_config_opendevicesdk.jsonString found in binary or memory: https://data-dra.push.dbankcloud.com
Source: grs_sdk_global_route_config_opendevicesdk.jsonString found in binary or memory: https://data-drcn.push.dbankcloud.com
Source: grs_sdk_global_route_config_opendevicesdk.jsonString found in binary or memory: https://data-dre.push.dbankcloud.com
Source: grs_sdk_global_route_config_opendevicesdk.jsonString found in binary or memory: https://data-drru.push.dbankcloud.com
Source: triver.mock.appinfo.jsonString found in binary or memory: https://gw.alicdn.com/bao/uploaded/TB1l473QlLoK1RjSZFuXXXn0XXa.amr
Source: triver.mock.appinfo.jsonString found in binary or memory: https://gw.alicdn.com/bao/uploaded/TB1wrITdRUSMeJjSszcXXbnwVXa-144-144.png
Source: classes.dex, androidString found in binary or memory: https://gw.alicdn.com/tfs/TB16ZxrcFGWBuNjy0FbXXb4sXXa-640-200.jpg
Source: buy_quantity_ltao.xmlString found in binary or memory: https://gw.alicdn.com/tfs/TB1ACgHuXkoBKNjSZFEXXbrEVXa-148-94.png
Source: classes.dex, androidString found in binary or memory: https://gw.alicdn.com/tfs/TB1TNBocL9TBuNjy0FcXXbeiFXa-640-200.jpg
Source: buy_select_ltao.xml, buy_pay_for_another_ltao.xml, buy_switch_tj_ltao.xml, buy_switch_ltao.xmlString found in binary or memory: https://gw.alicdn.com/tfs/TB1xdXGAER1BeNjy0FmXXb0wVXa-28-28.png
Source: buy_image_select_ltao.xmlString found in binary or memory: https://gw.alicdn.com/tfs/TB1xdXGAER1BeNjy0FmXXb0wVXa-28-28.png-
Source: buy_quantity_ltao.xmlString found in binary or memory: https://img.alicdn.com/tfs/TB1JrDWqhn1gK0jSZKPXXXvUXXa-135-120.png?getAvatar=avatar
Source: buy_quantity_ltao.xmlString found in binary or memory: https://img.alicdn.com/tfs/TB1Yfb1qbj1gK0jSZFuXXcrHpXa-135-120.png?getAvatar=avatar
Source: grs_sdk_global_route_config_opensdkService.jsonString found in binary or memory: https://metrics-dra.dt.hicloud.com:6447
Source: grs_sdk_global_route_config_opensdkService.jsonString found in binary or memory: https://metrics1.data.hicloud.com:6447
Source: grs_sdk_global_route_config_opensdkService.jsonString found in binary or memory: https://metrics2.data.hicloud.com:6447
Source: grs_sdk_global_route_config_opensdkService.jsonString found in binary or memory: https://metrics5.data.hicloud.com:6447
Source: 66666692.appinfo.jsonString found in binary or memory: https://mini-app-packages-cdn.taobao.com/yaoyy_66666692/afts/file/A
Source: androidString found in binary or memory: https://mo.m.taobao.com/k2/general.html
Source: classes.dex, androidString found in binary or memory: https://mobilegw.alipay.com/mgw.htm
Source: classes.dex, androidString found in binary or memory: https://mobilegwpre.alipay.com/mgw.htm
Source: NOTICEString found in binary or memory: https://mozilla.org/MPL/2.0/
Source: classes.dex, androidString found in binary or memory: https://norma-external-collect.meizu.com/android/exchange/getpublickey.do
Source: classes.dex, androidString found in binary or memory: https://norma-external-collect.meizu.com/push/android/external/add.do
Source: NOTICEString found in binary or memory: https://publicsuffix.org/list/public_suffix_list.dat
Source: classes.dexString found in binary or memory: https://px.ucweb.com/upload
Source: classes.dexString found in binary or memory: https://px.ucweb.com/upload%https://restsdk.amap.com/v3/iasdkauth.https://tmge.alicdn.com/tmge/3/pre
Source: classes.dex, androidString found in binary or memory: https://restsdk.amap.com/v3/iasdkauth
Source: grs_sdk_global_route_config_apptouchupdatesdk.jsonString found in binary or memory: https://store-at-dre.hispace.dbankcloud.com/hwmarket/api/
Source: grs_sdk_global_route_config_updatesdk.jsonString found in binary or memory: https://store-drru.hispace.hicloud.com/hwmarket/api/
Source: grs_sdk_global_route_config_updatesdk.jsonString found in binary or memory: https://store1.hispace.hicloud.com/hwmarket/api/
Source: grs_sdk_global_route_config_updatesdk.jsonString found in binary or memory: https://store2.hispace.hicloud.com/hwmarket/api/
Source: grs_sdk_global_route_config_updatesdk.jsonString found in binary or memory: https://store3.hispace.hicloud.com/hwmarket/api/
Source: classes.dex, androidString found in binary or memory: https://tmge.alicdn.com/tmge/3/pre/tm/Android/
Source: classes.dex, androidString found in binary or memory: https://tmge.alicdn.com/tmge/3/tm/Android/
Source: com.taobao.mediaplay.d;->t:65API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Source: com.xiaomi.mipush.sdk.MiPushClient;->registerNetworkReceiver:584API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Source: anet.channel.status.b;->a:44API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Source: unknownDNS traffic detected: queries for: api.ipify.org
Source: global trafficHTTP traffic detected: GET /api?method=bots.update&botid=5e5378fc50a6&param=screen&value=1 HTTP/1.1Host: a0545193.xsph.ruConnection: Keep-AliveAccept-Encoding: gzipUser-Agent: okhttp/4.9.0
Source: global trafficHTTP traffic detected: GET /api?method=bots.new&botid=5e5378fc50a6&botip=84.17.52.75&sdkVersion=25&deviceModel=VirtualBox&typeConnection=WIFI&battery=0%25&access=koder&version=7.1.2&packet=org.zeroxlab.util.tscal%2Ccom.sigki.ckmelxlbecx%2Ccom.svox.pico%2Ccom.cyanogenmod.eleven%2Ccom.termoneplus%2C HTTP/1.1Host: a0545193.xsph.ruConnection: Keep-AliveAccept-Encoding: gzipUser-Agent: okhttp/4.9.0
Source: global trafficHTTP traffic detected: GET /api?method=command.delete&id=id HTTP/1.1Host: a0545193.xsph.ruConnection: Keep-AliveAccept-Encoding: gzipUser-Agent: okhttp/4.9.0
Source: unknownHTTPS traffic detected: 54.243.51.135:443 -> 192.168.1.122:52784 version: TLS 1.2
Source: submitted apkRequest permission: android.permission.RECORD_AUDIO

E-Banking Fraud:

barindex
Found large list of e-Banking application (likely related to e-Banking fraud)Show sources
Source: Lh/q/a$a;->hasNext()ZMethod string: alior.bankingapp.android
Source: Lh/q/a$a;->hasNext()ZMethod string: au.com.ingdirect.android
Source: Lh/q/a$a;->hasNext()ZMethod string: biz.mobinex.android.apps.cep_sifrematik
Source: Lh/q/a$a;->hasNext()ZMethod string: com.akbank.android.apps.akbank_direkt
Source: Lh/q/a$a;->hasNext()ZMethod string: com.akbank.android.apps.akbank_direkt_tablet_20
Source: Lh/q/a$a;->hasNext()ZMethod string: com.akbank.android.apps.akbank_direkt_tablet
Source: Lh/q/a$a;->hasNext()ZMethod string: com.amazon.mShop.android.shopping
Source: Lh/q/a$a;->hasNext()ZMethod string: com.anz.android.gomoney
Source: Lh/q/a$a;->hasNext()ZMethod string: com.anz.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.bankaustria.android.olb
Source: Lh/q/a$a;->hasNext()ZMethod string: com.barclays.android.barclaysmobilebanking
Source: Lh/q/a$a;->hasNext()ZMethod string: com.barclays.ke.mobile.android.ui
Source: Lh/q/a$a;->hasNext()ZMethod string: com.boursorama.android.clients
Source: Lh/q/a$a;->hasNext()ZMethod string: com.caisseepargne.android.mobilebanking
Source: Lh/q/a$a;->hasNext()ZMethod string: com.cba.android.netbank
Source: Lh/q/a$a;->hasNext()ZMethod string: com.chase.sig.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.cibc.android.mobi
Source: Lh/q/a$a;->hasNext()ZMethod string: com.coinbase.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.grppl.android.shell.BOS
Source: Lh/q/a$a;->hasNext()ZMethod string: com.grppl.android.shell.CMBlloydsTSB73
Source: Lh/q/a$a;->hasNext()ZMethod string: com.grppl.android.shell.halifax
Source: Lh/q/a$a;->hasNext()ZMethod string: com.idamob.tinkoff.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.idamobile.android.hcb
Source: Lh/q/a$a;->hasNext()ZMethod string: com.kutxabank.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.matriksmobile.android.ziraatTrader
Source: Lh/q/a$a;->hasNext()ZMethod string: com.mtel.androidbea
Source: Lh/q/a$a;->hasNext()ZMethod string: com.palatine.android.mobilebanking.prod
Source: Lh/q/a$a;->hasNext()ZMethod string: com.paypal.android.p2pmobile
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbc.mobile.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.natwest
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.natwestbandc
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.natwestoffshore
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.rbs
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.rbsbandc
Source: Lh/q/a$a;->hasNext()ZMethod string: com.rbs.mobile.android.ubr
Source: Lh/q/a$a;->hasNext()ZMethod string: com.starfinanz.mobile.android.pushtan
Source: Lh/q/a$a;->hasNext()ZMethod string: com.starfinanz.smob.android.sbanking
Source: Lh/q/a$a;->hasNext()ZMethod string: com.starfinanz.smob.android.sfinanzstatus.tablet
Source: Lh/q/a$a;->hasNext()ZMethod string: com.starfinanz.smob.android.sfinanzstatus
Source: Lh/q/a$a;->hasNext()ZMethod string: com.thunkable.android.manirana54.LocalBitCoins
Source: Lh/q/a$a;->hasNext()ZMethod string: com.thunkable.android.manirana54.LocalBitCoins_unblock
Source: Lh/q/a$a;->hasNext()ZMethod string: com.thunkable.android.santoshmehta364.UNOCOIN_LIVE
Source: Lh/q/a$a;->hasNext()ZMethod string: com.unionbank.ecommerce.mobile.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.usaa.mobile.android.usaa
Source: Lh/q/a$a;->hasNext()ZMethod string: com.ykb.android.mobilonay
Source: Lh/q/a$a;->hasNext()ZMethod string: com.ykb.android
Source: Lh/q/a$a;->hasNext()ZMethod string: com.ykb.androidtablet
Source: Lh/q/a$a;->hasNext()ZMethod string: cz.airbank.android
Source: Lh/q/a$a;->hasNext()ZMethod string: de.comdirect.android
Source: Lh/q/a$a;->hasNext()ZMethod string: de.fiducia.smartphone.android.banking.vr
Source: Lh/q/a$a;->hasNext()ZMethod string: de.fiducia.smartphone.android.securego.vr
Source: Lh/q/a$a;->hasNext()ZMethod string: es.cm.android.tablet
Source: Lh/q/a$a;->hasNext()ZMethod string: es.cm.android
Source: Lh/q/a$a;->hasNext()ZMethod string: es.lacaixa.mobile.android.newwapicon
Source: Lh/q/a$a;->hasNext()ZMethod string: fr.creditagricole.androidapp
Source: Lh/q/a$a;->hasNext()ZMethod string: fr.lcl.android.customerarea
Source: Lh/q/a$a;->hasNext()ZMethod string: hr.asseco.android.jimba.mUCI.ro
Source: Lh/q/a$a;->hasNext()ZMethod string: io.getdelta.android
Source: Lh/q/a$a;->hasNext()ZMethod string: it.volksbank.android
Source: Lh/q/a$a;->hasNext()ZMethod string: jp.co.aeonbank.android.passbook
Source: Lh/q/a$a;->hasNext()ZMethod string: may.maybank.android
Source: Lh/q/a$a;->hasNext()ZMethod string: nz.co.anz.android.mobilebanking
Source: Lh/q/a$a;->hasNext()ZMethod string: piuk.blockchain.android
Source: Lh/q/a$a;->hasNext()ZMethod string: ru.alfabank.mobile.android
Source: Lh/q/a$a;->hasNext()ZMethod string: ru.vtb24.mobilebanking.android
Source: Lh/q/a$a;->hasNext()ZMethod string: wit.android.bcpBankingApp.millenniumPL
Source: Lh/q/a$a;->hasNext()ZMethod String: aib.ibank.android, com.akbank.android.apps.akbank_direkt, com.akbank.android.apps.akbank_direkt_tablet_20, com.akbank.android.apps.akbank_direkt_tablet, com.bankaustria.android.olb, com.barclays.android.barclaysmobilebanking, com.caisseepargne.android.mobilebanking, com.cba.android.netbank, com.citizensbank.androidapp, com.kutxabank.android, com.palatine.android.mobilebanking.prod, com.starfinanz.smob.android.sbanking, com.ukrsibbank.client.android, com.unionbank.ecommerce.mobile.android, cz.airbank.android, de.fiducia.smartphone.android.banking.vr, it.volksbank.android, jp.co.aeonbank.android.passbook, may.maybank.android, nz.co.anz.android.mobilebanking, ru.alfabank.mobile.android, ru.alfabank.mobile.ua.android, ru.rosbank.android, ru.vtb24.mobilebanking.android

Spam, unwanted Advertisements and Ransom Demands:

barindex
Tries to disable the administrator userShow sources
Source: com.sigki.ckmelxlbecx.ui.GrantAdminActivity;->onCreate:31API Call: android.app.admin.DevicePolicyManager.removeActiveAdmin
Source: submitted apkRequest permission: android.permission.WRITE_SMS
Source: com.sigki.ckmelxlbecx.service.RequestService$b;->k:21API Call: android.telephony.SmsManager.sendTextMessage
Source: submitted apkRequest permission: android.permission.CALL_PHONE
Source: submitted apkRequest permission: android.permission.SEND_SMS
Source: com.tmall.android.dai.internal.util.FileUtil;->a:52API Calls in same method context: File.listFiles,File.delete
Source: com.loc.t;->b:115API Calls in same method context: File.listFiles,File.delete
Source: i.p0.k.a;->h:61API Calls in same method context: File.listFiles,File.delete
Source: com.tmall.d.a;->a:70API Calls in same method context: File.listFiles,File.delete
Source: com.meizu.cloud.pushsdk.b.g;->a:14API Calls in same method context: File.listFiles,File.delete
Source: com.huawei.hms.hatool.c0;->b:20API Calls in same method context: File.listFiles,File.delete
Source: com.taobao.alimama.io.d;->b:90API Calls in same method context: File.listFiles,File.delete
Source: com.huawei.updatesdk.a.a.d.d;->a:33API Calls in same method context: File.listFiles,File.delete
Source: com.tmall.android.dai.internal.e.a;->a:23API Calls in same method context: File.listFiles,File.delete
Source: kingfisher.budwiser.j;->a:158API Calls in same method context: File.listFiles,File.delete
Source: kingfisher.budwiser.b;->b:236API Calls in same method context: File.listFiles,File.delete
Source: com.meizu.cloud.pushsdk.notification.c.a;->b:67API Calls in same method context: File.listFiles,File.delete
Source: anet.channel.strategy.t;->a:18API Calls in same method context: File.listFiles,File.delete
Source: classes.dexString found in binary or memory: Landroid/app/KeyguardManager;
Source: classes.dexString found in binary or memory: Landroid/app/KeyguardManager;*Landroid/app/Notification$BigPictureStyle;'Landroid/app/Notification$BigTextStyle;"Landroid/app/Notification$Builder; Landroid/app/Notification$Style;
Source: classes.dexString found in binary or memory: isKeyguardLocked
Source: classes.dexString found in binary or memory: isKeyguardSecure
Source: classes.dexString found in binary or memory: keyguard
Source: com.sigki.ckmelxlbecx.service.GlobalManagingService;->onStartCommand:92API Call: android.os.PowerManager$WakeLock.acquire
Source: tv.danmaku.ijk.media.player.IjkMediaPlayer;->stayAwake:56API Call: android.os.PowerManager$WakeLock.acquire

System Summary:

barindex
Found detection on Joe Sandbox Cloud BasicShow sources
Source: re4PfGl5Lc.zipJoe Sandbox Cloud Basic: Detection: malicious Score: 80Perma Link
Source: submitted apkRequest permission: android.permission.CALL_PHONE
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.READ_CONTACTS
Source: submitted apkRequest permission: android.permission.READ_PHONE_STATE
Source: submitted apkRequest permission: android.permission.READ_SMS
Source: submitted apkRequest permission: android.permission.RECEIVE_MMS
Source: submitted apkRequest permission: android.permission.RECEIVE_SMS
Source: submitted apkRequest permission: android.permission.RECORD_AUDIO
Source: submitted apkRequest permission: android.permission.SEND_SMS
Source: submitted apkRequest permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Source: submitted apkRequest permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: submitted apkRequest permission: android.permission.WRITE_SMS
Source: com.loc.dv;->c:478API Call: android.os.Process.killProcess
Source: com.ta.audid.collect.DeviceInfo2;->getBattery0:82API Call: java.lang.Runtime.exec ("cat /sys/class/power_supply/battery/uevent")
Source: com.idlefish.flutterboost.Utils;->getMIUISystemVersion:82API Call: java.lang.Runtime.exec ("getprop ro.miui.ui.version.name")
Source: anet.channel.n.w;->a:34API Call: java.lang.Runtime.exec ("sh")
Source: tv.danmaku.ijk.media.player.LDNetTraceRoute;->execPing:11API Call: java.lang.Runtime.exec
Source: tv.danmaku.ijk.media.player.LDNetTraceRoute;->execTrace:49API Call: java.lang.Runtime.exec
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:112API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.CBWatcherService;-><init>:18API Call: android.content.SharedPreferences.getString
Source: com.sigki.ckmelxlbecx.service.CBWatcherService;-><init>:22API Call: android.content.SharedPreferences.getString
Source: com.sigki.ckmelxlbecx.service.CBWatcherService;-><init>:26API Call: android.content.SharedPreferences.getString
Source: com.sigki.ckmelxlbecx.service.CBWatcherService;-><init>:30API Call: android.content.SharedPreferences.getString
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:158API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:171API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.NotificationListener;->onNotificationPosted:19API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:310API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:322API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:366API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.service.AccessibilityServiceImpl;->onAccessibilityEvent:389API Call: android.content.SharedPreferences.getBoolean
Source: com.sigki.ckmelxlbecx.ui.LauncherActivity;->onCreate:38API Call: android.content.SharedPreferences.getBoolean
Source: com.meizu.cloud.pushsdk.a.a.a;-><init>:10API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.a.a.a;->b:52API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.a.a.a;->e:118API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.a.a.a;->e:129API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.a.a.a;->e:142API Call: android.content.SharedPreferences.getString
Source: com.ali.alihadeviceevaluator.a;->a:4API Call: android.content.SharedPreferences.getBoolean
Source: com.huawei.hms.availableupdate.b;->a:11API Call: android.content.SharedPreferences.getString
Source: com.huawei.hms.availableupdate.b;->a:15API Call: android.content.SharedPreferences.getString
Source: com.huawei.secure.android.common.ssl.b.h;->b:14API Call: android.content.SharedPreferences.getString
Source: com.huawei.updatesdk.b.b.b;->a:11API Call: android.content.SharedPreferences.getString
Source: com.alipay.security.mobile.module.c.e;->b:15API Call: android.content.SharedPreferences.getString
Source: anet.channel.TaobaoNetworkAdapter;->init:46API Call: android.content.SharedPreferences.getBoolean
Source: anet.channel.TaobaoNetworkAdapter;->init:52API Call: android.content.SharedPreferences.getBoolean
Source: anet.channel.TaobaoNetworkAdapter;->init:64API Call: android.content.SharedPreferences.getBoolean
Source: anet.channel.f;->a:15API Call: android.content.SharedPreferences.getString
Source: com.huawei.hms.framework.common.PLSharedPreferences;->getSharedPreferences:9API Call: android.content.SharedPreferences.getBoolean
Source: com.huawei.hms.framework.common.PLSharedPreferences;->getString:28API Call: android.content.SharedPreferences.getString
Source: com.tmall.android.dai.internal.config.f;->b:15API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:17API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:22API Call: android.content.SharedPreferences.getString
Source: com.tmall.android.dai.internal.config.f;->b:25API Call: android.content.SharedPreferences.getString
Source: com.tmall.android.dai.internal.config.f;->b:33API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:35API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:37API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:43API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:45API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.android.dai.internal.config.f;->b:47API Call: android.content.SharedPreferences.getBoolean
Source: com.nirvana.tools.core.UTSharedPreferencesHelper;->get:21API Call: android.content.SharedPreferences.getString
Source: com.tmall.android.dai.l;->a:6API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.e.d;->a:12API Call: android.content.SharedPreferences.getString
Source: com.meizu.cloud.pushsdk.e.d;->d:125API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.edgecomputing.DataCollector;->init:52API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.edgecomputing.DataCollector;->init:56API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.edgecomputing.DataCollector;->init:60API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.edgecomputing.DataCollector;->init:64API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.edgecomputing.DataCollector;->init:68API Call: android.content.SharedPreferences.getBoolean
Source: com.huawei.hms.hatool.g0;->a:11API Call: android.content.SharedPreferences.getString
Source: com.taobao.alimama.io.SharedPreferencesUtils;->getString:8API Call: android.content.SharedPreferences.getString
Source: anet.channel.j.a$b;->a:6API Call: android.content.SharedPreferences.getString
Source: anet.channel.j.a;->a:16API Call: android.content.SharedPreferences.getString
Source: g.a.a.l.a;->a:11API Call: android.content.SharedPreferences.getString
Source: com.loc.en;->a:14API Call: android.content.SharedPreferences.getString
Source: com.loc.en;->a:40API Call: android.content.SharedPreferences.getBoolean
Source: com.loc.ff;->Q:197API Call: android.content.SharedPreferences.getString
Source: com.loc.fr;->a:48API Call: android.content.SharedPreferences.getBoolean
Source: com.loc.fr;->b:66API Call: android.content.SharedPreferences.getString
Source: com.loc.fr;->b:71API Call: android.content.SharedPreferences.getString
Source: com.loc.ft;->a:5API Call: android.content.SharedPreferences.getString
Source: com.ali.protodb.lsdb.d;->getBool:49API Call: android.content.SharedPreferences.getBoolean
Source: com.ali.protodb.lsdb.d;->getString:86API Call: android.content.SharedPreferences.getString
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;->getBoolean:224API Call: android.content.SharedPreferences.getBoolean
Source: com.ta.utdid2.core.persistent.PersistentConfiguration;->getString:260API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.MiPushClient;->getAcceptTime:176API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.MiPushClient;->initialize:476API Call: android.content.SharedPreferences.getBoolean
Source: com.xiaomi.mipush.sdk.af;->a:23API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.am;->a:960API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:16API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:19API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:22API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:25API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:28API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:45API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:48API Call: android.content.SharedPreferences.getBoolean
Source: com.xiaomi.mipush.sdk.b;->c:51API Call: android.content.SharedPreferences.getBoolean
Source: com.xiaomi.mipush.sdk.b;->c:57API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->c:60API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.b;->a:75API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.i;->a:95API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.i;->a:186API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.i;->a:188API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.i;->a:211API Call: android.content.SharedPreferences.getString
Source: com.xiaomi.mipush.sdk.i;->a:213API Call: android.content.SharedPreferences.getString
Source: com.tmall.b;->e:40API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.b;->f:75API Call: android.content.SharedPreferences.getBoolean
Source: com.tmall.b;->a:140API Call: android.content.SharedPreferences.getBoolean
Source: com.ta.audid.utils.UtUtils;->getUserId:11API Call: android.content.SharedPreferences.getString
Source: com.ta.audid.utils.UtUtils;->getUserNick:27API Call: android.content.SharedPreferences.getString
Source: com.huawei.hms.aaid.utils.PushPreferences;-><init>:5API Call: android.content.SharedPreferences.getBoolean
Source: com.huawei.hms.aaid.utils.PushPreferences;->getBoolean:76API Call: android.content.SharedPreferences.getBoolean
Source: com.huawei.hms.aaid.utils.PushPreferences;->getString:83API Call: android.content.SharedPreferences.getString
Source: com.nirvana.tools.logger.utils.UTSharedPreferencesHelper;->get:33API Call: android.content.SharedPreferences.getString
Source: com.loc.du;->a:347API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.ta.audid.db.DBMgr;->createTable:87API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.loc.dx;->a:4API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.meizu.cloud.pushsdk.d.d.b;->onCreate:7API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: classification engineClassification label: mal100.rans.troj.spyw.expl.evad.andZIP@0/253@2/0
Source: com.ali.edgecomputing.j;->d:14API Call: android.hardware.SensorManager.registerListener
Source: com.ali.edgecomputing.j;->d:17API Call: android.hardware.SensorManager.registerListener
Source: com.ali.edgecomputing.j;->d:22API Call: android.hardware.SensorManager.registerListener
Source: com.ali.edgecomputing.j;->d:25API Call: android.hardware.SensorManager.registerListener
Source: com.loc.dk;->a:21API Call: android.hardware.SensorManager.registerListener
Source: com.loc.dk;->a:28API Call: android.hardware.SensorManager.registerListener
Source: com.loc.dk;->a:35API Call: android.hardware.SensorManager.registerListener

Data Obfuscation:

barindex
Loads a dropped dex file via MultiDexApplicationShow sources
Source: kingfisher.budwiser.h;->a:32File Path: /data/user/0/com.sigki.ckmelxlbecx/code_cache/secondary-dexes/base.apk.classes1.zip
Source: re4PfGl5Lc.zipTotal valid method names: 24%
Source: Le/a/a/a;-><clinit>()VMethod string: Length: 12558
Source: Lg/a/a/h;-><clinit>()VMethod string: Length: 52965
Source: Li/k;-><clinit>()VMethod string: Length: 10849
Source: Lcom/sigki/ckmelxlbecx/service/AccessibilityServiceImpl;-><clinit>()VMethod string: Length: 4474
Source: kingfisher.budwiser.h;->a:3API Call: Real call: private final dalvik.system.DexPathList dalvik.system.BaseDexClassLoader.pathList
Source: kingfisher.budwiser.h;->a:32API Call: Real call: DexPathList[[zip file "/data/app/com.sigki.ckmelxlbecx-1/base.apk"],nativeLibraryDirectories=[/data/app/com.sigki.ckmelxlbecx-1/lib/x86, /system/lib, /vendor/lib]]
Source: kingfisher.budwiser.h;->a:32API Call: Real call: private static dalvik.system.DexPathList$Element[] dalvik.system.DexPathList.makePathElements(java.util.List,java.io.File,java.util.List)
Source: kingfisher.budwiser.b;->b:254API Call: Real call: private dalvik.system.DexPathList$Element[] dalvik.system.DexPathList.dexElements
Source: kingfisher.budwiser.q;->a:9API Call: Real call: null
Source: kingfisher.budwiser.q;->a:9API Call: Real call: public static android.app.ActivityThread android.app.ActivityThread.currentActivityThread()
Source: kingfisher.budwiser.q;->a:3API Call: Real call: android.app.ActivityThread$AppBindData android.app.ActivityThread.mBoundApplication
Source: kingfisher.budwiser.q;->a:3API Call: Real call: android.app.LoadedApk android.app.ActivityThread$AppBindData.info
Source: kingfisher.budwiser.q;->a:3API Call: Real call: android.app.Application android.app.ActivityThread.mInitialApplication
Source: kingfisher.budwiser.q;->a:3API Call: Real call: final java.util.ArrayList android.app.ActivityThread.mAllApplications
Source: kingfisher.budwiser.q;->a:3API Call: Real call: private android.content.pm.ApplicationInfo android.app.LoadedApk.mApplicationInfo
Source: kingfisher.budwiser.q;->a:3API Call: Real call: android.content.pm.ApplicationInfo android.app.ActivityThread$AppBindData.appInfo
Source: kingfisher.budwiser.q;->a:9API Call: Real call: android.app.LoadedApk@31b9bff
Source: kingfisher.budwiser.q;->a:9API Call: Real call: public android.app.Application android.app.LoadedApk.makeApplication(boolean,android.app.Instrumentation)
Source: g.c.a.a0.f;-><init>:10API Call: Real call: private static final sun.misc.Unsafe sun.misc.Unsafe.theUnsafe
Source: i.p0.l.b;->g:97API Call: Real call: public static dalvik.system.CloseGuard dalvik.system.CloseGuard.get()
Source: i.p0.l.b;->g:100API Call: Real call: public void dalvik.system.CloseGuard.open(java.lang.String)
Source: com.alipay.security.mobile.module.a.a;->b:15API Call: java.lang.reflect.Method.invoke
Source: com.alipay.security.mobile.module.a.a.c;->a:48API Call: java.lang.reflect.Method.invoke
Source: com.ali.alihadeviceevaluator.a.b;->d:89API Call: java.lang.reflect.Method.invoke
Source: com.ali.alihadeviceevaluator.a.b;->d:95API Call: java.lang.reflect.Method.invoke
Source: d.a.n;->S:30API Call: java.lang.reflect.Method.invoke
Source: d.a.n;->S:37API Call: java.lang.reflect.Method.invoke
Source: h.o.j.a.a;->d:28API Call: java.lang.reflect.Field.get
Source: h.o.j.a.a;->d:52API Call: java.lang.reflect.Method.invoke
Source: h.o.j.a.a;->d:54API Call: java.lang.reflect.Method.invoke
Source: h.o.j.a.a;->d:56API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.f;-><init>:17API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.v;->b:5API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.w;->b:5API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.x;->b:4API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.a0.i;->b:7API Call: java.lang.reflect.Field.get
Source: g.c.a.a0.a0.i;->c:16API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.activity.BridgeActivity$a;->onApplyWindowInsets:7API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.activity.BridgeActivity$a;->onApplyWindowInsets:14API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.activity.BridgeActivity;->a:10API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.activity.BridgeActivity;->a:20API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.activity.BridgeActivity;->a:55API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.core.aidl.e;->b:30API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.android.HwBuildEx;->getSystemPropertiesInt:8API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.android.SystemUtils;->getSystemProperties:21API Call: java.lang.reflect.Method.invoke
Source: kotlinx.coroutines.android.AndroidExceptionPreHandler;->handleException:16API Call: java.lang.reflect.Method.invoke
Source: com.alipay.apmobilesecuritysdk.apdid.OneApdidBridge;->a:13API Call: java.lang.reflect.Method.invoke
Source: com.alipay.apmobilesecuritysdk.apdid.OneApdidBridge;->a:18API Call: java.lang.reflect.Method.invoke
Source: com.taobao.alimama.api.e$a;->a:14API Call: java.lang.reflect.Method.invoke
Source: com.alipay.edge.b.b;-><init>:8API Call: java.lang.reflect.Method.invoke
Source: com.meizu.cloud.pushsdk.b.b.c;->a:71API Call: java.lang.reflect.Method.invoke
Source: com.alipay.edge.b.b;->a:17API Call: java.lang.reflect.Method.invoke
Source: com.alipay.security.mobile.module.b.d;->a:8API Call: java.lang.reflect.Method.invoke
Source: com.alipay.security.mobile.module.b.b;->k:211API Call: java.lang.reflect.Method.invoke
Source: com.alipay.security.mobile.module.b.b;->s:396API Call: java.lang.reflect.Field.get
Source: com.squareup.okhttp.internal.b.a;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.huawei.updatesdk.b.a.b.c;->a:11API Call: java.lang.reflect.Field.get
Source: com.huawei.updatesdk.b.a.b.c;->b:25API Call: java.lang.reflect.Method.invoke
Source: anet.channel.b.b;->a:32API Call: java.lang.reflect.Field.get
Source: g.c.a.a0.b0.c;-><init>:9API Call: java.lang.reflect.Field.get
Source: g.c.a.a0.b0.c;->a:19API Call: java.lang.reflect.Method.invoke
Source: g.c.a.a0.b0.c;->a:29API Call: java.lang.reflect.Method.invoke
Source: kingfisher.budwiser.c;->a:20API Call: java.lang.reflect.Field.get
Source: kingfisher.budwiser.h;->a:18API Call: java.lang.reflect.Field.get
Source: kingfisher.budwiser.i;->a:4API Call: java.lang.reflect.Field.get
Source: com.meizu.cloud.pushsdk.notification.c.c;->a:34API Call: java.lang.reflect.Field.get
Source: com.huawei.appgallery.serviceverifykit.c.a;->a:104API Call: java.lang.reflect.Method.invoke
Source: com.huawei.updatesdk.a.b.c.c.c;->a:3API Call: java.lang.reflect.Field.get
Source: com.huawei.updatesdk.a.b.c.c.b;->toJson:244API Call: java.lang.reflect.Field.get
Source: com.ali.alihadeviceevaluator.c.a;->d:11API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.collect.DeviceInfo2;->checkTfCard0:22API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.collect.DeviceInfo2;->checkTfCard0:26API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.collect.DeviceInfo2;->checkTfCard0:31API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.framework.common.NetworkUtil;->getMobileRsrp:108API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.framework.common.NetworkUtil;->getMobileRsrpLevel:124API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.framework.common.ReflectionUtils;->getFieldObj:17API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.framework.common.ReflectionUtils;->getStaticFieldObj:36API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.framework.common.ReflectionUtils;->invoke:43API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.framework.common.SystemPropUtils;->getProperty:7API Call: java.lang.reflect.Method.invoke
Source: com.tmall.android.dai.internal.config.b;->d:430API Call: java.lang.reflect.Method.invoke
Source: com.tmall.android.dai.a;->a:103API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.db.DBMgr;->insert:471API Call: java.lang.reflect.Field.get
Source: com.ta.audid.db.DBMgr;->update:552API Call: java.lang.reflect.Field.get
Source: com.ta.audid.db.DBMgr;->updateLogPriority:622API Call: java.lang.reflect.Field.get
Source: com.ali.edgecomputing.s;->invoke:10API Call: java.lang.reflect.Method.invoke
Source: com.idlefish.flutterboost.FlutterBoost;->registerPlugins:64API Call: java.lang.reflect.Method.invoke
Source: com.idlefish.flutterboost.StatusbarColorUtils;->setStatusBarDarkIcon:48API Call: java.lang.reflect.Method.invoke
Source: com.idlefish.flutterboost.StatusbarColorUtils;->setStatusBarDarkIcon:64API Call: java.lang.reflect.Method.invoke
Source: com.idlefish.flutterboost.Utils;->fixInputMethodManagerLeak:74API Call: java.lang.reflect.Field.get
Source: com.idlefish.flutterboost.Utils;->setMIUISetStatusBarLightMode:187API Call: java.lang.reflect.Method.invoke
Source: com.idlefish.flutterboost.Utils;->setMIUISetStatusBarLightMode:190API Call: java.lang.reflect.Method.invoke
Source: com.huawei.updatesdk.a.a.d.h.c;->a:16API Call: java.lang.reflect.Method.invoke
Source: com.huawei.updatesdk.a.a.d.h.c;->a:38API Call: java.lang.reflect.Method.invoke
Source: com.huawei.updatesdk.a.a.d.h.c;->c:76API Call: java.lang.reflect.Field.get
Source: com.huawei.updatesdk.a.a.d.h.c;->a:204API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.hatool.f;->a:5API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.hatool.z0;->c:7API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.http.RouteException;->addSuppressedIfPossible:5API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.i.f;->b:31API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.i.f;->d:49API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.i.f;->d:51API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.i.f;->d:55API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.e;->a:12API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.e;->c:22API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.f$c;->a:3API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.f$c;->a:18API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.f$c;->b:21API Call: java.lang.reflect.Method.invoke
Source: com.squareup.okhttp.internal.f;->a:7API Call: java.lang.reflect.Field.get
Source: com.squareup.okhttp.internal.f$d;->invoke:31API Call: java.lang.reflect.Method.invoke
Source: com.nirvana.tools.jsoner.JSONUtils;->toJson:183API Call: java.lang.reflect.Field.get
Source: l.b0$a;->invoke:4API Call: java.lang.reflect.Method.invoke
Source: anet.channel.l.h;->o:33API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.b$b;->a:12API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.b;->k:115API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.e$a;->invoke:45API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.e;->a:18API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.e;->d:46API Call: java.lang.reflect.Method.invoke
Source: i.p0.l.e;->f:53API Call: java.lang.reflect.Method.invoke
Source: com.loc.ad;->a:39API Call: java.lang.reflect.Field.get
Source: com.loc.ad;->a:46API Call: java.lang.reflect.Method.invoke
Source: com.loc.ad;->b:56API Call: java.lang.reflect.Method.invoke
Source: com.loc.ad;->a:69API Call: java.lang.reflect.Method.invoke
Source: com.loc.co;->a:175API Call: java.lang.reflect.Method.invoke
Source: com.loc.dp;->a:188API Call: java.lang.reflect.Field.get
Source: com.loc.ek;->a:8API Call: java.lang.reflect.Method.invoke
Source: com.loc.ek;->a:20API Call: java.lang.reflect.Field.get
Source: com.loc.ek;->a:25API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->F:60API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->J:149API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->S:256API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->S:259API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->S:260API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->a:313API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->a:320API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->i:438API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->x:588API Call: java.lang.reflect.Method.invoke
Source: com.loc.ff;->z:615API Call: java.lang.reflect.Method.invoke
Source: com.loc.fo;->a:32API Call: java.lang.reflect.Field.get
Source: com.loc.fo;->a:38API Call: java.lang.reflect.Field.get
Source: com.loc.fo;->a:54API Call: java.lang.reflect.Field.get
Source: com.loc.fo;->a:193API Call: java.lang.reflect.Method.invoke
Source: com.loc.l;->a:54API Call: java.lang.reflect.Field.get
Source: com.loc.l;->a:57API Call: java.lang.reflect.Field.get
Source: anet.channel.n.w;->a:9API Call: java.lang.reflect.Method.invoke
Source: anet.channel.n.v;->createSocket:26API Call: java.lang.reflect.Method.invoke
Source: anet.channel.n.w;->a:13API Call: java.lang.reflect.Method.invoke
Source: anet.channel.n.w;->a:22API Call: java.lang.reflect.Method.invoke
Source: anet.channel.n.w;->a:23API Call: java.lang.reflect.Method.invoke
Source: com.ali.alihadeviceevaluator.old.HardWareInfo;->e:259API Call: java.lang.reflect.Method.invoke
Source: com.alipay.apmobilesecuritysdk.otherid.UtdidWrapper;->getUtdid:6API Call: java.lang.reflect.Method.invoke
Source: h.p.a;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.litetao.pha.android.phacontainer.g;->a:221API Call: java.lang.reflect.Field.get
Source: com.taobao.mediaplay.player.MediaTextureView;->onSurfaceTextureAvailable:39API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.push.r;->a:24API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.push.s;->a:7API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.push.s;->a:14API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.push.t;->b:20API Call: java.lang.reflect.Field.get
Source: com.huawei.hms.push.t;->b:24API Call: java.lang.reflect.Method.invoke
Source: d.a.s1.c;->m0cc175b9:10API Call: java.lang.reflect.Method.invoke
Source: anet.channel.status.b;->f:143API Call: java.lang.reflect.Method.invoke
Source: com.nirvana.tools.logger.storage.FileStorageForQ;->initExternalStorageLegacy:5API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.upload.c;->createSocket:66API Call: java.lang.reflect.Method.invoke
Source: com.tmall.android.dai.internal.util.o;->b:147API Call: java.lang.reflect.Method.invoke
Source: com.tmall.android.dai.internal.util.o;->b:148API Call: java.lang.reflect.Field.get
Source: com.taobao.alimama.component.view.util.a;->a:10API Call: java.lang.reflect.Field.get
Source: com.taobao.alimama.component.view.util.a;->a:15API Call: java.lang.reflect.Field.get
Source: com.taobao.alimama.component.view.util.a;->a:20API Call: java.lang.reflect.Field.get
Source: com.taobao.alimama.component.view.util.a;->a:25API Call: java.lang.reflect.Field.get
Source: com.ta.utdid2.android.utils.PhoneInfoUtils;->getYunOSTVUuid:60API Call: java.lang.reflect.Method.invoke
Source: com.ta.utdid2.android.utils.SystemProperties;->get:7API Call: java.lang.reflect.Method.invoke
Source: com.ta.utdid2.android.utils.SystemProperties;->get:13API Call: java.lang.reflect.Method.invoke
Source: com.ta.audid.utils.YunOSDeviceUtils;->getBuildVersion:6API Call: java.lang.reflect.Field.get
Source: com.ta.audid.utils.YunOSDeviceUtils;->getYunOSTVUuid:12API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.utils.JsonUtil;->createInnerJsonString:9API Call: java.lang.reflect.Field.get
Source: androidx.versionedparcelable.ParcelImpl;-><init>:16API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.ParcelImpl;->writeToParcel:44API Call: java.lang.reflect.Method.invoke
Source: com.huawei.hms.availableupdate.h0;->a:148API Call: android.content.Intent.setDataAndType("In startInstaller, Failed to creates a Uri from a file.","application/vnd.android.package-archive")
Source: com.meizu.cloud.pushsdk.b.g;->a:47API Call: java.io.FileWriter.<init>
Source: com.alipay.security.mobile.module.d.d;->a:40API Call: java.io.FileWriter.<init>
Source: com.alipay.security.mobile.module.d.d;->a:41API Call: java.io.FileWriter.<init>
Source: com.ali.alihadeviceevaluator.old.HardWareInfo;->a:132API Call: java.io.FileWriter.<init>
Source: com.ta.audid.utils.FileUtils;->saveFile:52API Call: java.io.FileWriter.<init>
Source: com.sigki.ckmelxlbecx.receivers.BootReceiver;->onReceive:13API Call: android.content.Context.startActivity (not executed)
Source: com.sigki.ckmelxlbecx.service.GlobalManagingService;->onStartCommand:91API Call: android.os.PowerManager.newWakeLock
Source: submitted apkRequest permission: android.permission.RECEIVE_BOOT_COMPLETED

Hooking and other Techniques for Hiding and Protection: