分析类型 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|
文件 (apk) | 2019-08-14 10:41:25 | 2019-08-14 10:46:31 | 306 秒 |
2019-08-14 10:42:17,832 [root] INFO: Starting analyzer from: /data/local/tmp/twhwejf 2019-08-14 10:42:17,848 [root] INFO: Storing results at: /data/local/tmp/hupkywyi 2019-08-14 10:42:17,852 [root] INFO: Target is: /data/local/tmp/____.apk 2019-08-14 10:42:17,858 [root] INFO: No analysis package specified, trying to detect it automagically 2019-08-14 10:42:17,868 [root] INFO: Automatically selected analysis package "apk" 2019-08-14 10:42:20,346 [root] INFO: Started auxiliary module FileCollector 2019-08-14 10:42:20,375 [root] INFO: Started auxiliary module Screenshots 2019-08-14 10:42:20,397 [root] INFO: Started auxiliary module TouchSimulator 2019-08-14 10:42:20,585 [root] INFO: installing sample on emulator: pm install /data/local/tmp/____.apk 2019-08-14 10:42:26,319 [root] INFO: Success 2019-08-14 10:42:26,327 [root] INFO: finished 2019-08-14 10:42:26,338 [root] INFO: executing sample on emulator:adb shell am start -n com.Sgtgggxxddo.s6keesdddo/com.phone2.stop.activity.MainActivity 2019-08-14 10:46:27,688 [root] INFO: Analysis timeout hit, terminating analysis 2019-08-14 10:46:27,885 [root] INFO: Analysis completed
图标 | 应用程序包(Package) | 主活动(Main Activity) |
---|---|---|
com.Sgtgggxxddo.s6keesdddo |
com.phone2.stop.activity.MainActivity |
文件名 | 中国移动.apk |
---|---|
文件大小 | 212135 字节 |
文件类型 | Zip archive data, at least v1.0 to extract |
MD5 | eb5b9a55b36807359f5cb9b16a496f9c |
SHA1 | 410e4be1d45b2511f9e0821fe19671b30ef97a08 |
SHA256 | 176ebc395a9421e4dfdf02847d52e11aa7b608f1f730a221bad008fde9e4b810 |
SHA512 | 4e2acbf95ef78a7259bd22ba7cbda5e8454a2541da60aa76f76e96ce610ef53b4c1990b134fe740ff9acf87edf7b752c79b936f0a4263ba4bf195afd4f922f50 |
CRC32 | 27EACFD5 |
Ssdeep | 3072:fRtmBgus6wVG1ZUMxXZ1vh2gOKdHaTNux2bsoOlSdZAHKluAYSHxIU8dgveL1UKd:fm+t6waZUaPbOKA5Q2IlQQouAXP1ZG3 |
Yara | 无规则匹配 |
样本下载 |
res/xml/devicepolicymanager_permission.xml |
md5:
8ca9bccc69074f800543828e7e83b152 type: Android binary XML name: res/xml/devicepolicymanager_permission.xml size: 392 |
|||||
res/layout/activity_aa.xml |
md5:
75895187f44f3e08380380093ac967f6 type: Android binary XML name: res/layout/activity_aa.xml size: 488 |
|||||
AndroidManifest.xml |
md5:
80b5c533e9e87f5806de6209950f2fbd type: Android binary XML name: AndroidManifest.xml size: 9768 |
|||||
res/layout/activity_main.xml |
md5:
be1b1a133764daa46df7e5925ec49019 type: Android binary XML name: res/layout/activity_main.xml size: 372 |
动态API调用 | getDeviceId() |
Query | content://sms | |||||
Query | content://com.android.contacts/data/phones | |||||
Query | content://sms/inbox | |||||
Query | NOT CACHED |
动态API调用 | android.telephony.SmsManager->sendTextMessage |
动态API调用 |
component_name:
com.Sgtgggxxddo.s6keesdddo/com.phone2.stop.activity.MainActivity component_new_state: COMPONENT_ENABLED_STATE_DISABLED |
灰名单 | smtp.163.com |
android.permission.RECEIVE_WAP_PUSH | Allows application to receive and process WAP messages. Malicious applications may monitor your messages or delete them without showing them to you. | |||||
android.permission.WRITE_EXTERNAL_STORAGE | Allows an application to write to the SD card. | |||||
android.permission.READ_CONTACTS | Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people. | |||||
android.permission.INTERNET | Allows an application to create network sockets. | |||||
android.permission.READ_PHONE_STATE | Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on. | |||||
android.permission.READ_SMS | Allows application to read SMS messages stored on your phone or SIM card. Malicious applications may read your confidential messages. | |||||
android.permission.RECEIVE_SMS | Allows application to receive and process SMS messages. Malicious applications may monitor your messages or delete them without showing them to you. | |||||
android.permission.GET_TASKS | Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications. | |||||
android.permission.WRITE_SMS | Allows application to write to SMS messages stored on your phone or SIM card. Malicious applications may delete your messages. | |||||
android.permission.SEND_SMS | Allows application to send SMS messages. Malicious applications may cost you money by sending messages without your confirmation. |
16532498033 | 软 件 安 装 完 毕 识 别 码 : 3 5 1 4 5 1 2 0 8 4 0 1 2 1 6 型 号 : N e x u s 5 ; 手 机 : g o o g l e ; 系 统 版 本 : 4 . 1 . 2 |
黑名单 | 220.181.12.16 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 220.181.12.16 | 中国 |
域名 | 安全评级 | 响应 |
---|---|---|
smtp.163.com |
A 220.181.12.11 A 220.181.12.12 A 220.181.12.18 A 220.181.12.13 A 220.181.12.14 A 220.181.12.15 A 220.181.12.16 A 220.181.12.17 |
Package | com.Sgtgggxxddo.s6keesdddo |
---|---|
Main Activity | com.phone2.stop.activity.MainActivity |
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10623618503190643167 (0x936eacbe07f201df)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android/emailAddress=android@android.com
Validity
Not Before: Feb 29 01:33:46 2008 GMT
Not After : Jul 17 01:33:46 2035 GMT
Subject: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android/emailAddress=android@android.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d6:93:19:04:de:c6:0b:24:b1:ed:c7:62:e0:d9:
d8:25:3e:3e:cd:6c:eb:1d:e2:ff:06:8c:a8:e8:bc:
a8:cd:6b:d3:78:6e:a7:0a:a7:6c:e6:0e:bb:0f:99:
35:59:ff:d9:3e:77:a9:43:e7:e8:3d:4b:64:b8:e4:
fe:a2:d3:e6:56:f1:e2:67:a8:1b:bf:b2:30:b5:78:
c2:04:43:be:4c:72:18:b8:46:f5:21:15:86:f0:38:
a1:4e:89:c2:be:38:7f:8e:be:cf:8f:ca:c3:da:1e:
e3:30:c9:ea:93:d0:a7:c3:dc:4a:f3:50:22:0d:50:
08:07:32:e0:80:97:17:ee:6a:05:33:59:e6:a6:94:
ec:2c:b3:f2:84:a0:a4:66:c8:7a:94:d8:3b:31:09:
3a:67:37:2e:2f:64:12:c0:6e:6d:42:f1:58:18:df:
fe:03:81:cc:0c:d4:44:da:6c:dd:c3:b8:24:58:19:
48:01:b3:25:64:13:4f:bf:de:98:c9:28:77:48:db:
f5:67:6a:54:0d:81:54:c8:bb:ca:07:b9:e2:47:55:
33:11:c4:6b:9a:f7:6f:de:ec:cc:8e:69:e7:c8:a2:
d0:8e:78:26:20:94:3f:99:72:7d:3c:04:fe:72:99:
1d:99:df:9b:ae:38:a0:b2:17:7f:a3:1d:5b:6a:fe:
e9:1f
Exponent: 3 (0x3)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:59:00:56:3D:27:2C:46:AE:11:86:05:A4:74:19:AC:09:CA:8C:11
X509v3 Authority Key Identifier:
keyid:48:59:00:56:3D:27:2C:46:AE:11:86:05:A4:74:19:AC:09:CA:8C:11
DirName:/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com
serial:93:6E:AC:BE:07:F2:01:DF
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
7a:af:96:8c:eb:50:c4:41:05:51:18:d0:da:ab:af:01:5b:8a:
76:5a:27:a7:15:a2:c2:b4:4f:22:14:15:ff:da:ce:03:09:5a:
bf:a4:2d:f7:07:08:72:6c:20:69:e5:c3:6e:dd:ae:04:00:be:
29:45:2c:08:4b:c2:7e:b6:a1:7e:ac:9d:be:18:2c:20:4e:b1:
53:11:f4:55:d8:24:b6:56:db:e4:dc:22:40:91:2d:75:86:fe:
88:95:1d:01:a8:fe:b5:ae:5a:42:60:53:5d:f8:34:31:05:24:
22:46:8c:36:e2:2c:2a:5e:f9:94:d6:1d:d7:30:6a:e4:c9:f6:
95:1b:a3:c1:2f:1d:19:14:dd:c6:1f:1a:62:da:2d:f8:27:f6:
03:fe:a5:60:3b:2c:54:0d:bd:7c:01:9c:36:ba:b2:9a:42:71:
c1:17:df:52:3c:db:c5:f3:81:7a:49:e0:ef:a6:0c:bd:7f:74:
17:7e:7a:4f:19:3d:43:f4:22:07:72:66:6e:4c:4d:83:e1:bd:
5a:86:08:7c:f3:4f:2d:ec:21:e2:45:ca:6c:2b:b0:16:e6:83:
63:80:50:d2:c4:30:ee:a7:c2:6a:1c:49:d3:76:0a:58:ab:7f:
1a:82:cc:93:8b:48:31:38:43:24:bd:04:01:fa:12:16:3a:50:
57:0e:68:4d
resources.arsc |
md5
f53cb3e9f67d6ab7665aa46dd02716f4 type data name resources.arsc size 1820 |
javamail.smtp.provider |
md5
7d1dbd60899090c7361afe80d964f81a type ASCII text name javamail.smtp.provider size 251 |
javamail.charset.map |
md5
ab2e19ec7ebd8b50e4715e5bfe0c7410 type ASCII text name javamail.charset.map size 1296 |
res/xml/devicepolicymanager_permission.xml |
md5
8ca9bccc69074f800543828e7e83b152 type Android binary XML name res/xml/devicepolicymanager_permission.xml size 392 |
META-INF/MANIFEST.MF |
md5
d357920e6e86c3cdbf3ee9a14453127b type ASCII text, with CRLF line terminators name META-INF/MANIFEST.MF size 1473 |
mimetypes.default |
md5
331db016d0dda7b270725d6831e53826 type ASCII text name mimetypes.default size 581 |
mailcap.default |
md5
6b097cd00752fc9fe349d8a002a4129a type ASCII text name mailcap.default size 292 |
mailcap |
md5
258341c7303cb61d00d690c38e07f8fe type ASCII text name mailcap size 720 |
res/layout/activity_aa.xml |
md5
75895187f44f3e08380380093ac967f6 type Android binary XML name res/layout/activity_aa.xml size 488 |
javamail.smtp.address.map |
md5
fbe316c00a93e82d16a04fa30ef2e108 type ASCII text name javamail.smtp.address.map size 12 |
META-INF/CERT.RSA |
md5
1b375e46d680cec84527143545d7be27 type data name META-INF/CERT.RSA size 1714 |
dsn.mf |
md5
9d61230f3455256d22351dbc6c342dc1 type ASCII text name dsn.mf size 357 |
res/drawable-hdpi/app_logo.png |
md5
6506dc43c96577742ee251c29d5425a1 type PNG image data, 112 x 112, 8-bit/color RGB, non-interlaced name res/drawable-hdpi/app_logo.png size 16298 |
javamail.pop3.provider |
md5
9a8770ed87879a5e34301a37b0cad16d type ASCII text name javamail.pop3.provider size 236 |
javamail.default.providers |
md5
c569bccc1908a349f400339ac12549b4 type ASCII text name javamail.default.providers size 721 |
classes.dex |
md5
206190260a871eeef72d28191dadec8a type Dalvik dex file version 035 name classes.dex size 423452 |
javamail.imap.provider |
md5
db2ef6cf54f2498ba3b38e9a26314f03 type ASCII text name javamail.imap.provider size 235 |
res/drawable-hdpi/icon.png |
md5
32c19675461f97980a0337af16a89fef type PNG image data, 80 x 80, 8-bit colormap, non-interlaced name res/drawable-hdpi/icon.png size 114 |
AndroidManifest.xml |
md5
80b5c533e9e87f5806de6209950f2fbd type Android binary XML name AndroidManifest.xml size 9768 |
META-INF/CERT.SF |
md5
6169318e4a97128b9d6d00f305cdac54 type ASCII text, with CRLF line terminators name META-INF/CERT.SF size 1526 |
res/layout/activity_main.xml |
md5
be1b1a133764daa46df7e5925ec49019 type Android binary XML name res/layout/activity_main.xml size 372 |
javamail.default.address.map |
md5
fbe316c00a93e82d16a04fa30ef2e108 type ASCII text name javamail.default.address.map size 12 |
content://sms |
content://com.android.contacts/data/phones |
content://sms/inbox |
NOT CACHED |
键 | 值 |
/data/app/com.Sgtgggxxddo.s6keesdddo-1.apk |
/data/data/com.Sgtgggxxddo.s6keesdddo/shared_prefs/configurations_data.xml |
getDeviceId |
DES | 0x00000000 68 7E 6D 78 00 00 00 00 h.mx.... |
android.telephony.SmsManager->sendTextMessage |
Destination Number: | 16532498033 | Message Content: | 软 件 安 装 完 毕 识 别 码 : 3 5 1 4 5 1 2 0 8 4 0 1 2 1 6 型 号 : N e x u s 5 ; 手 机 : g o o g l e ; 系 统 版 本 : 4 . 1 . 2 |
persist.sys.timezone |
viewancestor.profile_rendering |
Find Resources:META-INF/javamail.providers,Library Path:java.util.Collections_3@41278088 |
Find Resources:META-INF/javamail.default.providers,Library Path: |
Find Resources:META-INF/javamail.default.address.map,Library Path: |
Find Resources:META-INF/javamail.address.map,Library Path:java.util.Collections_3@4120a178 |
Find Resources:META-INF/javamail.charset.map,Library Path: |
Find Resources:mailcap,Library Path:java.util.Collections_3@4129f268 |
Find Resources:javax/activation/mailcap.default,Library Path: |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 220.181.12.16 | 中国 |
域名 | 安全评级 | 响应 |
---|---|---|
smtp.163.com |
A 220.181.12.11 A 220.181.12.12 A 220.181.12.18 A 220.181.12.13 A 220.181.12.14 A 220.181.12.15 A 220.181.12.16 A 220.181.12.17 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
220.181.12.16 | 25 | 10.0.2.15 | | 45919 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
10.0.2.15 | 13133 | 10.0.2.3 | 53 |
10.0.2.15 | 60755 | 10.0.2.3 | 53 |
10.0.2.15 | 37715 | 119.28.206.193 | 123 |
未发现HTTP请求.
无ICMP流量.
无IRC请求.
请求 | 应答 |
---|