Loading ...

Play interactive tourEdit tour

Analysis Report Food4U #U901f#U98df#U5916#U8ce3_v3.2_apkpure.com.apk

Overview

General Information

Joe Sandbox Version:26.0.0 Aquamarine
Analysis ID:151562
Start date:12.07.2019
Start time:10:37:35
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 6m 45s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:Food4U #U901f#U98df#U5916#U8ce3_v3.2_apkpure.com.apk
Cookbook file name:defaultandroidfilecookbook.jbs
Analysis system description:Android 6.0
APK Instrumentation enabled:true
Detection:MAL
Classification:mal42.spyw.evad.andAPK@0/251@2/0
Warnings:
Show All
  • Excluded IPs from analysis (whitelisted): 172.217.168.3, 172.217.168.8, 172.217.168.78, 216.58.215.238, 172.217.168.14, 172.217.168.46
  • Excluded domains from analysis (whitelisted): connectivitycheck.gstatic.com, ssl.google-analytics.com, android.clients.google.com, android.l.google.com, ssl-google-analytics.l.google.com
  • No dynamic data available
  • No interacted views
  • Not all non-executed APIs are in report
  • Not all resource files were parsed
  • Not all resource strings were parsed
  • Report size exceeded maximum capacity and may have missing behavior information.
  • Report size exceeded maximum capacity and may have missing disassembly code.
  • Report size exceeded maximum capacity and may have missing dynamic data code.

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold420 - 100falsemalicious

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold50 - 5false
ConfidenceConfidence


Classification

Analysis Advice

Unable to instrument or execute APK, no dynamic information has been logged



Mitre Att&ck Matrix

Signature Overview

Click to jump to signature section


Location Tracking:

barindex
Queries the phones location (GPS)Show sources
Source: com.corey.restaurant.ui.CenterActivity$1;->onLocationChanged:6API Call: android.location.LocationManager.getLastKnownLocation
Source: com.corey.restaurant.ui.CenterActivity$1;->onLocationChanged:7API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.CenterActivity$1;->onLocationChanged:9API Call: android.location.Location.getLongitude
Source: com.corey.restaurant.ui.CenterActivity$1;->onLocationChanged:13API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.CenterActivity$1;->onLocationChanged:18API Call: android.location.Location.getLongitude
Source: com.corey.restaurant.ui.CenterActivity;->dingWei:34API Call: android.location.LocationManager.getLastKnownLocation
Source: com.corey.restaurant.ui.CenterActivity;->dingWei:35API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.CenterActivity;->dingWei:37API Call: android.location.Location.getLongitude
Source: com.corey.restaurant.ui.CenterActivity;->dingWei:40API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.CenterActivity;->dingWei:44API Call: android.location.Location.getLongitude
Source: com.corey.restaurant.ui.LocationActivity;->onCreate:37API Call: android.location.LocationManager.getLastKnownLocation
Source: com.corey.restaurant.ui.LocationActivity;->onLocationChanged:39API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.LocationActivity;->onLocationChanged:41API Call: android.location.Location.getLongitude
Source: com.corey.restaurant.ui.LocationActivity;->onMyLocationButtonClick:66API Call: android.location.Location.getLatitude
Source: com.corey.restaurant.ui.LocationActivity;->onMyLocationButtonClick:68API Call: android.location.Location.getLongitude
Source: cn.jpush.android.a.b;->h:49API Call: android.telephony.TelephonyManager.getCellLocation
Source: cn.jpush.android.a.b;->b:95API Call: android.telephony.TelephonyManager.getCellLocation
Source: cn.jpush.android.a.b;->c:133API Call: android.telephony.TelephonyManager.getCellLocation
Source: cn.jpush.android.a.b;->c:153API Call: android.telephony.TelephonyManager.getCellLocation
Source: cn.jpush.android.a.g;->a:14API Call: android.location.Location.getLatitude
Source: cn.jpush.android.a.g;->a:15API Call: android.location.Location.getLongitude
Source: cn.jpush.android.a.g;->b:52API Call: android.location.LocationManager.getLastKnownLocation
Source: com.aps.a;->a:62API Call: android.telephony.TelephonyManager.getCellLocation
Source: com.aps.a;->a:974API Call: com.amap.api.location.AMapLocation.getLatitude
Source: com.aps.a;->a:975API Call: com.amap.api.location.AMapLocation.getLongitude
Source: com.aps.af;->a:40API Call: android.location.Location.getLongitude
Source: com.aps.af;->a:41API Call: android.location.Location.getLatitude
Source: com.aps.ai;->c:221API Call: android.telephony.TelephonyManager.getCellLocation
Source: com.aps.ao;->a:5API Call: android.location.Location.getLatitude
Source: com.aps.ao;->a:6API Call: android.location.Location.getLatitude
Source: com.aps.ao;->a:7API Call: android.location.Location.getLongitude
Source: com.aps.ao;->a:8API Call: android.location.Location.getLongitude
Source: com.aps.as;->onGpsStatusChanged:107API Call: android.location.LocationManager.getLastKnownLocation
Source: com.amap.api.location.core.d;->a:41API Call: com.amap.api.location.AMapLocation.getLatitude
Source: com.amap.api.location.core.d;->a:46API Call: com.amap.api.location.AMapLocation.getLongitude
Source: com.facebook.GraphRequest;->newPlacesSearchRequest:275API Call: android.location.Location.getLatitude
Source: com.facebook.GraphRequest;->newPlacesSearchRequest:277API Call: android.location.Location.getLongitude
Source: com.facebook.places.internal.LocationScannerImpl;->getLastLocation:31API Call: android.location.LocationManager.getLastKnownLocation
Source: com.amap.api.location.LocationManagerProxy;->getLastKnownLocation:158API Call: android.location.LocationManager.getLastKnownLocation
Source: com.amap.api.location.e;->onLocationChanged:31API Call: android.location.Location.getLatitude
Source: com.amap.api.location.e;->onLocationChanged:32API Call: android.location.Location.getLongitude
Source: com.amap.api.location.e;->onLocationChanged:34API Call: android.location.Location.getLongitude
Source: com.amap.api.location.e;->onLocationChanged:35API Call: android.location.Location.getLatitude
Source: com.facebook.places.PlaceManager;->getCurrentPlaceParameters:28API Call: android.location.Location.getLatitude
Source: com.facebook.places.PlaceManager;->getCurrentPlaceParameters:31API Call: android.location.Location.getLongitude
Source: com.facebook.places.PlaceManager;->newPlaceSearchRequestForLocation:177API Call: android.location.Location.getLatitude
Source: com.facebook.places.PlaceManager;->newPlaceSearchRequestForLocation:179API Call: android.location.Location.getLongitude

Spreading:

barindex
Has permission to change the WIFI configuration including connecting and disconnectingShow sources
Source: submitted apkRequest permission: android.permission.CHANGE_WIFI_STATE
Accesses external storage locationShow sources
Source: com.corey.restaurant.ui.NewRegistActivity;->onClick:369API Call: android.os.Environment.getExternalStorageDirectory
Source: com.corey.restaurant.util.FileUtils;->saveBitToSD:4API Call: android.os.Environment.getExternalStorageDirectory
Source: com.corey.restaurant.util.PicUtil;->downloadImage:2API Call: android.os.Environment.getExternalStorageState
Source: com.corey.restaurant.util.PicUtil;->freeSpaceOnSd:39API Call: android.os.Environment.getExternalStorageDirectory
Source: com.corey.restaurant.util.PicUtil;->getImagePath:48API Call: android.os.Environment.getExternalStorageDirectory
Source: com.corey.restaurant.util.PicUtil;->hasSDCard:64API Call: android.os.Environment.getExternalStorageState
Source: com.aps.af;->a:135API Call: android.os.Environment.getExternalStorageDirectory
Source: com.aps.af;->c:165API Call: android.os.Environment.getExternalStorageState
Source: com.aps.af;->c:168API Call: android.os.Environment.getExternalStorageDirectory
Source: com.aps.af;->d:202API Call: android.os.Environment.getExternalStorageState
Source: com.aps.af;->e:255API Call: android.os.Environment.getExternalStorageState
Source: com.aps.af;->f:279API Call: android.os.Environment.getExternalStorageState
Source: com.aps.av;->b:29API Call: android.os.Environment.getExternalStorageState
Source: com.aps.d;->b:117API Call: android.os.Environment.getExternalStorageState
Source: com.facebook.internal.Utility;->externalStorageExists:76API Call: android.os.Environment.getExternalStorageState
Source: com.facebook.internal.Utility;->refreshAvailableExternalStorage:317API Call: android.os.Environment.getExternalStorageDirectory
Source: com.facebook.internal.Utility;->refreshTotalExternalStorage:348API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.service.DownloadService;->onHandleIntent:310API Call: android.os.Environment.getExternalStorageState
Source: cn.jpush.android.util.b;->a:473API Call: android.os.Environment.getExternalStorageState
Source: cn.jpush.android.util.b;->e:764API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.util.p;->a:23API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.util.p;->b:78API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.util.p;->b:98API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.util.p;->d:160API Call: android.os.Environment.getExternalStorageDirectory
Source: cn.jpush.android.util.p;->e:205API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nostra13.universalimageloader.utils.StorageUtils;->getCacheDirectory:4API Call: android.os.Environment.getExternalStorageState
Source: com.nostra13.universalimageloader.utils.StorageUtils;->getExternalCacheDir:20API Call: android.os.Environment.getExternalStorageDirectory
Source: com.nostra13.universalimageloader.utils.StorageUtils;->getOwnCacheDirectory:44API Call: android.os.Environment.getExternalStorageState
Source: com.nostra13.universalimageloader.utils.StorageUtils;->getOwnCacheDirectory:47API Call: android.os.Environment.getExternalStorageDirectory

Networking:

barindex
Checks an internet connection is availableShow sources
Source: com.corey.restaurant.util.ExampleUtil;->isConnected:22API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.corey.restaurant.util.ExampleUtil;->isConnected:23API Call: android.net.NetworkInfo.isConnected
Source: com.corey.restaurant.util.HttpUtils;->isInternetConnected:17API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.corey.restaurant.util.HttpUtils;->isInternetConnected:18API Call: android.net.NetworkInfo.isConnected
Source: com.corey.restaurant.util.HttpUtils;->isMobileDataEnable:21API Call: android.net.ConnectivityManager.getNetworkInfo
Source: com.corey.restaurant.util.HttpUtils;->isMobileDataEnable:22API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: com.corey.restaurant.util.HttpUtils;->isWifiDataEnable:25API Call: android.net.ConnectivityManager.getNetworkInfo
Source: com.corey.restaurant.util.HttpUtils;->isWifiDataEnable:26API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: cn.jpush.android.a.d;->e:61API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: cn.jpush.android.a.j;->a:19API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: cn.jpush.android.a.j;->a:65API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.aps.a$a;->onReceive:25API Call: android.net.wifi.WifiManager.getWifiState
Source: com.aps.a;->a:196API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.aps.a;->h:637API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.a;->m:788API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.aps.a;->m:791API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.a;->s:838API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.aps.ai;-><init>:25API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.ai;-><init>:27API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.ai;->d:225API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.aps.ai;->p:315API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.ai;->p:317API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.aps.av;->a:41API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.aps.av;->a:42API Call: android.net.NetworkInfo.isConnected
Source: com.aps.l;->a:2API Call: android.net.NetworkInfo.isAvailable
Source: com.aps.l;->a:3API Call: android.net.NetworkInfo.isConnected
Source: com.aps.t;->b:80API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.aps.y;->a:160API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.aps.y;->a:161API Call: android.net.NetworkInfo.isConnected
Source: com.amap.api.location.core.c;->f:261API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.amap.api.location.core.d;->a:127API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.amap.api.location.core.d;->a:128API Call: android.net.NetworkInfo.getState
Source: com.google.firebase.iid.FirebaseInstanceIdService;->zzct:86API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.iid.FirebaseInstanceIdService;->zzct:87API Call: android.net.NetworkInfo.isConnected
Source: com.facebook.places.internal.WifiScannerImpl;->getConnectedWifi:77API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.facebook.places.internal.WifiScannerImpl;->initAndCheckEligibility:117API Call: android.net.wifi.WifiManager.isWifiEnabled
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->isConnected:8API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->isConnected:9API Call: android.net.NetworkInfo.isConnected
Source: cn.jpush.android.service.PushReceiver;->onReceive:301API Call: android.net.NetworkInfo.getState
Source: cn.jpush.android.service.PushReceiver;->onReceive:307API Call: android.net.NetworkInfo.getState
Source: cn.jpush.android.service.PushReceiver;->onReceive:312API Call: android.net.NetworkInfo.getState
Source: com.google.android.gms.tagmanager.zzct;->zzRh:14API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.tagmanager.zzct;->zzRh:15API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.tagmanager.zzde;->zzQF:75API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.tagmanager.zzde;->zzQF:76API Call: android.net.NetworkInfo.isConnected
Source: cn.jpush.android.util.b;->b:658API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: cn.jpush.android.util.b;->b:659API Call: android.net.NetworkInfo.isConnected
Source: cn.jpush.android.util.b;->c:697API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: cn.jpush.android.util.b;->d:743API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: cn.jpush.android.util.b;->g:861API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: cn.jpush.android.util.b;->r:1321API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: cn.jpush.android.util.s;->a:274API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Connects to IPs without corresponding DNS lookupsShow sources
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.143.188
Loads a webpage with cache disabledShow sources
Source: cn.jpush.android.util.b;->a:470API Call: android.webkit.WebSettings.setCacheMode
Opens an internet connectionShow sources
Source: com.corey.restaurant.util.BitmapUtil;->getBitmapFromUrl:25API Call: java.net.URL.openConnection (not executed)
Source: com.corey.restaurant.util.PicUtil;->downloadImage:9API Call: java.net.URL.openConnection (not executed)
Source: com.corey.restaurant.util.UploadUtil;->multipartRequest:28API Call: java.net.URL.openConnection (not executed)
Source: com.corey.restaurant.util.UploadUtil;->multipartRequest:132API Call: java.net.URL.openConnection (not executed)
Source: bolts.WebViewAppLinkResolver$3;->call:6API Call: java.net.URL.openConnection (not executed)
Source: com.bumptech.glide.load.data.HttpUrlFetcher$DefaultHttpUrlConnectionFactory;->build:3API Call: java.net.URL.openConnection (not executed)
Source: com.nostra13.universalimageloader.core.download.BaseImageDownloader;->createConnection:8API Call: java.net.URL.openConnection (not executed)
Source: com.facebook.GraphRequest;->createConnection:97API Call: java.net.URL.openConnection (not executed)
Source: org.jsoup.helper.HttpConnection$Response;->createConnection:10API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.ads.identifier.zza;->zzu:3API Call: java.net.URL.openConnection (not executed)
Source: org.apache.commons.io.input.XmlStreamReader;-><init>:46API Call: java.net.URL.openConnection (not executed)
Source: com.facebook.internal.ImageDownloader;->download:22API Call: java.net.URL.openConnection (not executed)
Source: org.apache.commons.io.FileUtils;->copyURLToFile:333API Call: java.net.URL.openConnection (not executed)
Source: org.apache.commons.io.IOUtils;->toByteArray:270API Call: java.net.URL.openConnection (not executed)
Source: org.apache.http.impl.pool.BasicConnFactory;->create:52API Call: java.net.Socket.connect (not executed)
Source: cn.jpush.android.service.b;->a:344API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.tagmanager.zzde$1;->zzd:2API Call: java.net.URL.openConnection (not executed)
Source: com.android.volley.toolbox.HurlStack;->createConnection:68API Call: java.net.URL.openConnection (not executed)
Source: cn.jpush.android.util.s;->a:167API Call: java.net.URL.openConnection (not executed)
Source: cn.jpush.android.util.s;->a:287API Call: java.net.URL.openConnection (not executed)
Source: cn.jpush.android.util.s;->a:288API Call: java.net.URL.openConnection (not executed)
Source: cn.jpush.android.util.s;->b:321API Call: java.net.URL.openConnection (not executed)
Performs DNS lookups (Java API)Show sources
Source: com.google.gson.jpush.internal.a.am;->a:6API Call: java.net.InetAddress.getByName (not executed)
Source: com.google.gson.internal.bind.TypeAdapters$17;->read:7API Call: java.net.InetAddress.getByName (not executed)
Source: com.google.android.gms.cast.CastDevice;-><init>:8API Call: java.net.InetAddress.getByName (not executed)
Source: cn.jpush.android.helpers.ConnectingHelper;->a:177API Call: java.net.InetAddress.getByName (not executed)
Source: cn.jpush.android.helpers.a;->run:23API Call: java.net.InetAddress.getByName (not executed)
Source: cn.jpush.android.util.ah;->a:77API Call: java.net.InetAddress.getByName (not executed)
Scans for WIFI networksShow sources
Source: cn.jpush.android.a.d;->e:64API Call: android.net.wifi.WifiManager.startScan
Source: cn.jpush.android.a.e;->onReceive:20API Call: android.net.wifi.WifiManager.startScan
Source: cn.jpush.android.a.j;->a:36API Call: android.net.wifi.WifiManager.getScanResults
Source: cn.jpush.android.a.j;->a:54API Call: android.net.wifi.WifiManager.getScanResults
Source: com.aps.a$a;->onReceive:11API Call: android.net.wifi.WifiManager.getScanResults
Source: com.aps.a;->o:798API Call: android.net.wifi.WifiManager.startScan
Source: com.aps.a;->a:912API Call: android.net.wifi.WifiManager.getScanResults
Source: com.aps.ai;->z:138API Call: android.net.wifi.WifiManager.startScan
Source: com.aps.am;->onReceive:15API Call: android.net.wifi.WifiManager.getScanResults
Source: com.aps.an;->run:8API Call: android.net.wifi.WifiManager.startScan
Source: com.facebook.places.internal.WifiScannerImpl;->getActiveScanResults:23API Call: android.net.wifi.WifiManager.startScan
Source: com.facebook.places.internal.WifiScannerImpl;->getCachedScanResults:34API Call: android.net.wifi.WifiManager.getScanResults
Found strings which match to known social media urlsShow sources
Source: androidString found in binary or memory: cannot be within the range reserved by the Facebook SDK. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: .facebook.com equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: A ContentProvider for this app was not set up in the AndroidManifest.xml, please add %s as a provider to your AndroidManifest.xml file. See https://developers.facebook.com/docs/sharing/android for more info. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: A valid Facebook app id must be set in the AndroidManifest.xml or set by calling FacebookSdk.setApplicationId before initializing the sdk. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Attempting to present the AppInviteDialog with an outdated Facebook app on the device equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Attempting to present the Like Dialog with an outdated Facebook app on the device equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Cannot present this dialog. This likely means that the Facebook app is not installed. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Continue with Facebook equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: FACEBOOK equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Facebook App ID cannot be determined equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Facebook SDK not initialized. Make sure you call sdkInitialize inside your Application\'s onCreate method. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Facebook equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: FacebookActivity is declared incorrectly in the AndroidManifest.xml, please add com.facebook.FacebookActivity to your AndroidManifest.xml file. See https://developers.facebook.com/docs/android/getting-started for more info. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: FacebookActivity is not declared in the AndroidManifest.xml, please add com.facebook.FacebookActivity to your AndroidManifest.xml file. See https://developers.facebook.com/docs/android/getting-started for more info. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Failed to auto initialize the Facebook SDK equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Login with your Facebook equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: The Facebook sdk must be initialized before calling activateApp equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: Unable to show the provided content via the web or the installed version of the Facebook app. Some dialogs are only supported starting API 14. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: User logged in as different Facebook user. equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.AccessTokenManager.CachedAccessToken equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.AccessTokenManager.SharedPreferences equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.CustomTabActivity equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.FacebookActivity equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.LikeActionController.CONTROLLER_STORE_KEY equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.LoginFragment:Request equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.LoginFragment:Result equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.NativeAppCallAttachmentStore.files equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.ProfileManager.CachedProfile equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.SharedPreferencesTokenCachingStrategy.DEFAULT_KEY equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.AccessTokenSource equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.ApplicationId equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.DeclinedPermissions equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.ExpirationDate equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.IsSSO equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.LastRefreshDate equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.Permissions equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.TokenCachingStrategy.Token equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.all.All equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.app.FacebookContentProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.AnalyticsUserIDStore.userID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.AppEventsLogger$AccessTokenAppIdPair$SerializationProxyV1 equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.AppEventsLogger$AppEvent$SerializationProxyV1 equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SessionInfo.interruptionCount equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SessionInfo.sessionEndTime equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SessionInfo.sessionId equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SessionInfo.sessionStartTime equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SourceApplicationInfo.callingApplicationPackage equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.appevents.SourceApplicationInfo.openedByApplink equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.applinks.AppLinks equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.arstudio.player equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.auth.login equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.core.Core equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.internal.APP_SETTINGS.%s equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.internal.preferences.APP_SETTINGS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.katana equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.katana.ProxyAuth equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.katana.platform.TokenRefreshService equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.katana.provider.AttributionIdProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.lite equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.lite.platform.LoginGDPDialogActivity equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.login.AuthorizationClient.WebViewAuthHandler.TOKEN_STORE_KEY equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.login.Login equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.loginManager equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.messenger.Messenger equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.category.PLATFORM_THREAD_20150314 equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.APPLICATION_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.EXTERNAL_URI equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.IS_COMPOSE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.IS_REPLY equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.METADATA equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.PARTICIPANTS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.PROTOCOL_VERSION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.orca.extra.THREAD_TOKEN equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.places.Places equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.APPLINK_ARGS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.APPLINK_NATIVE_CLASS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.APPLINK_NATIVE_URL equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.APPLINK_TAP_TIME_UTC equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.PLATFORM_ACTIVITY equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.PLATFORM_SERVICE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.APPINVITES_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.CAMERA_EFFECT equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.FEED_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.LIKE_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.MESSAGE_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.OGACTIONPUBLISH_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.action.request.OGMESSAGEPUBLISH_DIALOG equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.ACCESS_TOKEN equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.ACTION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.ACTION_TYPE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.APPLICATION_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.APPLICATION_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.COMPLETION_GESTURE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.DATA_FAILURES_FATAL equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.DESCRIPTION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.EXPIRES_SECONDS_SINCE_EPOCH equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.EXTRA_TOAST_DURATION_MS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.FRIENDS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.GRAPH_API_VERSION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.IMAGE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.LIKE_COUNT_STRING_WITHOUT_LIKE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.LIKE_COUNT_STRING_WITH_LIKE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.LINK equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.LOGGER_REF equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.OBJECT_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.OBJECT_IS_LIKED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PERMISSIONS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PHOTOS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PLACE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.POST_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PREVIEW_PROPERTY_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_FIRST_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_LAST_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_LINK equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_MIDDLE_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_NAME equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.PROFILE_USER_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.REF equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.SOCIAL_SENTENCE_WITHOUT_LIKE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.SOCIAL_SENTENCE_WITH_LIKE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.TITLE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.UNLIKE_TOKEN equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.extra.USER_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.BRIDGE_ARGS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.CALL_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.METHOD_ARGS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.PROTOCOL_ACTION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.PROTOCOL_VERSION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.protocol.RESULT_ARGS equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.status.ERROR_DESCRIPTION equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.platform.status.ERROR_TYPE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.ACTION_CURRENT_PROFILE_CHANGED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.APP_EVENTS_FLUSHED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.APP_EVENTS_FLUSH_RESULT equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.APP_EVENTS_NUM_EVENTS_FLUSHED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.ApplicationId equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.ApplicationName equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.AutoLogAppEventsEnabled equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.CallbackOffset equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.ClientToken equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.EXTRA_NEW_ACCESS_TOKEN equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.EXTRA_NEW_PROFILE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.EXTRA_OLD_ACCESS_TOKEN equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.EXTRA_OLD_PROFILE equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.LikeActionController.DID_ERROR equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.LikeActionController.DID_RESET equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.LikeActionController.OBJECT_ID equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.LikeActionController.UPDATED equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.WebDialogTheme equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.appEventPreferences equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.sdk.attributionTracking equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.share.Share equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.share.internal.LikeActionController.version equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.wakizashi equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: com.facebook.wakizashi.provider.AttributionIdProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: content://com.facebook.app.FacebookContentProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: content://com.facebook.katana.provider.AttributionIdProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: content://com.facebook.orca.provider.MessengerPlatformProvider/versions equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: content://com.facebook.wakizashi.provider.AttributionIdProvider equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: facebook equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: facebook.com equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: http://developers.facebook.com/android equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: http://play.google.com/store/apps/details?id=com.facebook.orca equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: https://.facebook.com equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: https://facebook.com equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: https://facebook.com/device?user_code=%1$s&qr=1 equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: https://tw.yahoo.com/ equals www.yahoo.com (Yahoo)
Source: androidString found in binary or memory: https://www.facebook.com equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: market://details?id=com.facebook.orca equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: res/drawable-mdpi-v4/facebook.png equals www.facebook.com (Facebook)
Source: androidString found in binary or memory: twitter.com equals www.twitter.com (Twitter)
Monitors network connection stateShow sources
Source: com.aps.a;->f:603API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Source: com.google.android.gms.tagmanager.zzbt;->zzcb:30API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Performs DNS lookupsShow sources
Source: unknownDNS traffic detected: queries for: graph.facebook.com
Urls found in memory or binary dataShow sources
Source: androidString found in binary or memory: http://apiinit.amap.com/v3/log/init
Source: androidString found in binary or memory: http://apilocate.amap.com/mobile/binary
Source: androidString found in binary or memory: http://app.food4u.cc/
Source: androidString found in binary or memory: http://app.food4u.cc//open_store.php
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/layout.api-splash?deviceid=%s&token=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/order.api-order?lang=%s&shop_id=%s&access_token=%s&uid=%s&dish_ids=%s&
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/shop.api-apply?lang=%s&access_token=%s&uid=%s&email=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/shop.api-comments?pageIndex=%s&shop_id=%s&access_token=%s&lang=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/sync_order_update.php?uid=%s&lang=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-authkey?user_name=%s&password=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-getArea?lang=%s&access_token=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-getNotify?access_token=%s&uid=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-regist?user_name=%s&password=%s&birthday=%s&sex=%s&code=%s
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-regist?user_name=%s&password=%s&birthday=%s&sex=%s&code=%s&ni
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-updatepassword?lang=%s&access_token=%s&password=%s&user_name=
Source: androidString found in binary or memory: http://app.food4u.cc/json.php/user.api-updatepassword?user_name=%s&password=%s
Source: androidString found in binary or memory: http://app.food4u.cc/privacy.htm
Source: androidString found in binary or memory: http://app.food4u.cc/sync_detail_comment.php?hotid=
Source: androidString found in binary or memory: http://app.food4u.cc/sync_update_address.php?uid=%s&address=%s&area=%s
Source: androidString found in binary or memory: http://app.food4u.cc/sync_update_firstdata.php?uid=%s&address=%s&area=%s&nickname=%s
Source: androidString found in binary or memory: http://app.food4u.cc/sync_update_username.php?uid=%s&user_name=%s
Source: androidString found in binary or memory: http://cgicol.amap.com/collection/writedata?ver=v1.0_ali&
Source: libjpush174.soString found in binary or memory: http://gcc.gnu.org/bugs.html):
Source: androidString found in binary or memory: http://goo.gl/8Rd3yj
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/Promo.api-getPromoByCode/?uid=%s&lang=%s&promo_code=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/Promo.api-getPromoByCode/?uid=%s&lang=%s&promo_id=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-order?lang=%s&shop_id=%s&uid=%s&shopping_cart=%s&delivery_fe
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-order_paynow
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-order_paynow?lang=%s&shop_id=%s&uid=%s&shopping_cart=%s&deli
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-orderlist?access_token=%s&uid=%s&is_shop=%s&pageIndex=%s&pag
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-rechargeFoodDollar?lang=%s&uid=%s&id=%s&credit_num=%s&expire
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-to_hkd?price=%s&food_dollar=%s&shop_id=%s&uid=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/order.api-tocontent?uid=%s&order_id=%s&star=%s&content=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/shop.api-homelist/?lang=%s&lng=%s&lat=%s&dev_env=3
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/shop.api-info?lang=%s&shop_id=%s&access_token=%s&lng=%s&lat=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/shop.api-pageContent?dish_id=%s&lang=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/shop.api-shoplist?lang=%s&lng=%s&lat=%s&search_name=%s&areaid=%s&shopt
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-addAddress?uid=%s&area=%s&address=%s&default=%s&lang=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-checkUser/
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-deleteAddress?uid=%s&id=%s&lang=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-foodDollarHistroy?lang=%s&uid=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-foodDollarShopList?lang=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-getBaseInfonByUid/?uid=%s&access_token=%s&lang=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-login?user_name=%s&password=%s&country_code=%s&lang=%s&token=
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-logout/?uid=%s&token=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-regist
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-updateAddressNew?uid=%s&id=%s&area=%s&address=%s&default=%s&l
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-updateBaseInfoByUid?uid=%s&sex=%s&birthday=%s&nick_name=%s
Source: androidString found in binary or memory: http://new.food4u.cc/json.php/user.api-updateRecommendPromoSetting/?uid=%s&is_recommendPromo=%s
Source: androidString found in binary or memory: http://new.food4u.cc/signup_sms_code.php
Source: androidString found in binary or memory: http://play.google.com/store/apps/details?id=com.facebook.orca
Source: androidString found in binary or memory: http://restapi.amap.com/v3/weather/weatherInfo?
Source: androidString found in binary or memory: http://schemas.android.com/apk/lib/com.google.android.gms.plus
Source: row_expired_promo.xmlString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: item_menus_type.xml, abc_slide_in_top.xml, cast_ic_mini_controller_stop_large.xmlString found in binary or memory: http://schemas.android.com/apk/res/android
Source: abc_dialog_title_material.xmlString found in binary or memory: http://schemas.android.com/apk/res/android00android.support.v7.widget.FitWindowsLinearLayout
Source: version.propertiesString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: androidString found in binary or memory: https://accounts.google.com
Source: androidString found in binary or memory: https://food4u-push-notify.firebaseio.com
Source: androidString found in binary or memory: https://graph-video.%s
Source: androidString found in binary or memory: https://graph.%s
Source: androidString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Source: androidString found in binary or memory: https://play.google.com/store/apps/details?id=
Source: androidString found in binary or memory: https://play.google.com/store/apps/details?id=com.corey.restaurant
Source: androidString found in binary or memory: https://play.google.com/store/apps/details?id=com.efun.twszqy
Source: androidString found in binary or memory: https://plus.google.com/
Source: androidString found in binary or memory: https://shouji.baidu.com/software/23291202.html
Source: androidString found in binary or memory: https://tw.yahoo.com/
Source: androidString found in binary or memory: https://www.googleapis.com/auth/drive
Source: androidString found in binary or memory: https://www.googleapis.com/auth/drive.appdata
Source: androidString found in binary or memory: https://www.googleapis.com/auth/drive.apps
Source: androidString found in binary or memory: https://www.googleapis.com/auth/drive.file
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.activity.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.activity.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.blood_glucose.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.blood_glucose.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.blood_pressure.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.blood_pressure.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.body.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.body.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.body_temperature.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.body_temperature.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.location.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.location.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.nutrition.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.nutrition.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.oxygen_saturation.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.oxygen_saturation.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.reproductive_health.read
Source: androidString found in binary or memory: https://www.googleapis.com/auth/fitness.reproductive_health.write
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games.firstparty
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games_lite
Source: androidString found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: androidString found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: androidString found in binary or memory: https://www.googletagmanager.com
Uses HTTP for connecting to the internetShow sources
Source: com.corey.restaurant.util.BitmapUtil;->getBitmapFromUrl:27API Call: java.net.HttpURLConnection.connect
Source: com.aps.l;->a:135API Call: org.apache.http.client.HttpClient.execute
Source: com.aps.l;->a:232API Call: org.apache.http.client.HttpClient.execute
Source: com.aps.l;->a:330API Call: org.apache.http.client.HttpClient.execute
Source: com.bumptech.glide.load.data.HttpUrlFetcher;->loadDataWithRedirects:48API Call: java.net.HttpURLConnection.connect
Source: org.jsoup.helper.HttpConnection$Response;->execute:58API Call: java.net.HttpURLConnection.connect
Source: com.android.volley.toolbox.HttpClientStack;->performRequest:71API Call: org.apache.http.client.HttpClient.execute
Uses HTTPSShow sources
Source: unknownNetwork traffic detected: HTTP traffic on port 52274 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57813
Source: unknownNetwork traffic detected: HTTP traffic on port 45247 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 34256
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 41811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52274
Source: unknownNetwork traffic detected: HTTP traffic on port 57813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 34256 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 40176 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40176
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 45247
Source: unknownNetwork traffic detected: HTTP traffic on port 41811 -> 443

Key, Mouse, Clipboard, Microphone and Screen Capturing:

barindex
Has permission to take photosShow sources
Source: submitted apkRequest permission: android.permission.CAMERA

E-Banking Fraud:

barindex
Has functionality to send UDP packetsShow sources
Source: cn.jpush.android.helpers.ConnectingHelper;->a:183API Call: java.net.DatagramSocket.send
Has permission to query the list of currently running applicationsShow sources
Source: submitted apkRequest permission: android.permission.GET_TASKS
Loads a webpage with cache disabledShow sources
Source: cn.jpush.android.util.b;->a:470API Call: android.webkit.WebSettings.setCacheMode

Spam, unwanted Advertisements and Ransom Demands:

barindex
May use Google Cloud Messaging (GCM) or Google's Cloud to Device Messaging (C2DM) servicesShow sources
Source: submitted apkRequest permission: com.corey.restaurant.permission.C2D_MESSAGE
Loads advertisementShow sources
Source: androidString found in binary or memory: googleads.g.doubleclick.net

Operating System Destruction:

barindex
Lists and deletes files in the same contextShow sources
Source: com.facebook.internal.FileLruCache$BufferFile;->deleteAll:6API Calls in same method context: File.listFiles,File.delete
Source: cn.jpush.android.util.r;->a:56API Calls in same method context: File.listFiles,File.delete
Source: com.nostra13.universalimageloader.cache.disc.impl.BaseDiscCache;->clear:13API Calls in same method context: File.listFiles,File.delete
Source: com.android.volley.toolbox.DiskBasedCache;->clear:114API Calls in same method context: File.listFiles,File.delete
Source: com.bumptech.glide.disklrucache.Util;->deleteContents:16API Calls in same method context: File.listFiles,File.delete
Source: com.android.volley.toolbox.DiskBasedCache;->initialize:169API Calls in same method context: File.listFiles,File.delete
Source: com.facebook.internal.FileLruCache;->trim:71API Calls in same method context: File.listFiles,File.delete
Source: com.aps.s;->a:16API Calls in same method context: File.listFiles,File.delete
Source: com.nostra13.universalimageloader.cache.disc.impl.ext.Util;->deleteContents:16API Calls in same method context: File.listFiles,File.delete
Source: com.facebook.internal.Utility;->deleteDirectory:73API Calls in same method context: File.listFiles,File.delete

Change of System Appearance:

barindex
May access the Android keyguard (lock screen)Show sources
Source: androidString found in binary or memory: keyguard
Acquires a wake lockShow sources
Source: cn.jpush.android.util.b;->k:993API Call: android.os.PowerManager$WakeLock.acquire

System Summary:

barindex
Executes native commandsShow sources
Source: org.apache.commons.io.FileSystemUtils;->openProcess:150API Call: java.lang.Runtime.exec
Source: cn.jpush.android.util.b;->g:868API Call: java.lang.Runtime.exec
Requests potentially dangerous permissionsShow sources
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_MOCK_LOCATION
Source: submitted apkRequest permission: android.permission.CAMERA
Source: submitted apkRequest permission: android.permission.CHANGE_NETWORK_STATE
Source: submitted apkRequest permission: android.permission.CHANGE_WIFI_STATE
Source: submitted apkRequest permission: android.permission.GET_TASKS
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS
Source: submitted apkRequest permission: android.permission.READ_CONTACTS
Source: submitted apkRequest permission: android.permission.READ_LOGS
Source: submitted apkRequest permission: android.permission.READ_PHONE_STATE
Source: submitted apkRequest permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Source: submitted apkRequest permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: submitted apkRequest permission: android.permission.WRITE_SETTINGS
Classification labelShow sources
Source: classification engineClassification label: mal42.spyw.evad.andAPK@0/251@2/0
Loads native librariesShow sources
Source: cn.jpush.android.api.JPushInterface;->init:340API Call: java.lang.System.loadLibrary
Source: cn.jpush.android.service.PushProtocol;-><clinit>:6API Call: java.lang.System.loadLibrary
Reads shares settingsShow sources
Source: com.corey.restaurant.base.BaseActivity;->setPromoUsableTimes:232API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.base.Food4UService;->onStart:66API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.base.Food4UService;->onStart:72API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.base.Food4UService;->onStart:78API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.firebaseMessageService.MyFirebaseMessagingService;->setPromoUsableTimes:47API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment$23;->onResponse:19API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:481API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:487API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:494API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:501API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:507API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:514API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.HomeFragment;->onCreateView:521API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment$3;->onResponse:19API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment$3;->onResponse:44API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment$3;->onResponse:58API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->clearUserData:20API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->iniView:140API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->logout:167API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->logout:173API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->updateRecommendPromoSetting:190API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->afterRechargeSuccess:206API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->getUserInfo:220API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->getUserInfo:226API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->onCreateView:288API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->onCreateView:294API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->onResume:303API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.MineFragment;->onResume:312API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.OrderFragment;->onCreateView:125API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.OrderFragment;->onCreateView:131API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.PromoAbleToUseFragment;->getUsablePromoData:31API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.fragment.PromoExpiredFragment;->getExpiredPromoData:18API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.AliPayTenPayActivity$JsInteration;->onSumResult:45API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.AliPayTenPayActivity;->onCreate:382API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.AliPayTenPayActivity;->onCreate:416API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.CenterActivity;->onCreate:104API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.CenterActivity;->onCreate:111API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.CenterActivity;->onCreate:121API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.CenterActivity;->onCreate:128API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.CommentActivity;->onCreate:55API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.DetailShopActivity2;->onCreate:107API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.DetailShopActivity2;->onCreate:113API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.DetailShopActivity2;->onCreate:119API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.DetailShopActivity2;->updateCart:136API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FDHistoryActivity;->onCreate:150API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:67API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:73API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:79API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:85API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:91API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:97API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.FirstDataActivity;->onCreate:103API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.HelloweenLoginActivity;->getData:7API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.HelloweenLoginActivity;->getData:22API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->login:128API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onCreate:460API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onCreate:466API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onCreate:472API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onCreate:493API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onResume:516API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.LoginAcitivity;->onResume:525API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:60API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:66API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:72API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:78API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:84API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineAddressActivity;->onCreate:90API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineEmailActivity;->onCreate:36API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineEmailActivity;->onCreate:42API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineEmailActivity;->onCreate:48API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineEmailActivity;->onCreate:54API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineNameActivity;->onCreate:48API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineNameActivity;->onCreate:54API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineNameActivity;->onCreate:60API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MineNameActivity;->onCreate:66API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MinePassActivity;->onCreate:55API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MinePassActivity;->onCreate:61API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MinePassActivity;->onCreate:67API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MinePassActivity;->onCreate:73API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MinePassActivity;->onCreate:79API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyAddressActivity;->getAddressData:56API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyAddressActivity;->saveNewAccount:126API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyAddressActivity;->onCreate:194API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyFoodDollarActivity;->onCreate:40API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyPhoneAndNicknameActivity;->initView:14API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyPhoneAndNicknameActivity;->onCreate:52API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyPromoActivity$4;->onResponse:19API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.MyPromoActivity;->addPromo:16API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1540API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1547API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1554API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1560API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1567API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1574API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1580API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1586API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1592API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.NewDetailShopActivity;->onCreate:1598API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->getUsablePromo:318API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->recommend_promo:503API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->onCreate:1014API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->onCreate:1020API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->onCreate:1026API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayActivity;->onCreate:1032API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayTypeActivity$6;->onResponse:19API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayTypeActivity;->onClick:699API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayTypeActivity;->onCreate:719API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayTypeActivity;->onCreate:757API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PayTypeActivity;->onCreate:763API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PublishCommentActivity;->onCreate:68API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.PublishCommentActivity;->onCreate:74API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateMyAddressActivity;->prepareAreaItemData:156API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateMyAddressActivity;->saveNewAccount:199API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateMyAddressActivity;->onCreate:315API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateOrderActivity;->onCreate:240API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateOrderActivity;->onCreate:246API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UpdateOrderActivity;->onCreate:252API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UserDataActivity;->onCreate:238API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UserDataActivity;->onCreate:244API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UserDataActivity;->onCreate:256API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.UserDataActivity;->onCreate:262API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.VisaMasterPayActivity$3;->onResponse:17API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.VisaMasterPayActivity;->onCreate:517API Call: android.content.SharedPreferences.getString
Source: com.corey.restaurant.ui.VisaMasterPayActivity;->onCreate:536API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:413API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:418API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:423API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:428API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:433API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:438API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:443API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:448API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:453API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:458API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:463API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:491API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:495API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:499API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:503API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.a;->p:508API Call: android.content.SharedPreferences.getString
Source: com.facebook.appevents.AnalyticsUserIDStore;->initAndWait:30API Call: android.content.SharedPreferences.getString
Source: com.facebook.appevents.AppEventsLogger;->getAnonymousAppDeviceGUID:87API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:140API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:144API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:150API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:154API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:158API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:162API Call: android.content.SharedPreferences.getString
Source: com.amap.api.location.core.d;->b:166API Call: android.content.SharedPreferences.getString
Source: com.facebook.AccessTokenCache;->getCachedAccessToken:9API Call: android.content.SharedPreferences.getString
Source: com.facebook.FacebookSdk;->getLimitEventAndDataUsage:64API Call: android.content.SharedPreferences.getBoolean
Source: com.facebook.LegacyTokenHelper;->deserializeKey:13API Call: android.content.SharedPreferences.getString
Source: com.facebook.ProfileCache;->load:12API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.cast.framework.IntroductoryOverlay$zza;->zzav:8API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.ads.identifier.AdvertisingIdClient;->getAdvertisingIdInfo:10API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.iid.zzd;->get:52API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.iid.zzd;->get:67API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.iid.zzd;->zzh:164API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zze;->zzabS:7API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zze;->zzjt:16API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zze;->zzjx:41API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzh;->zzeI:93API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzh;->zzeI:97API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzh;->zzjy:135API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzh;->zzu:160API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.flags.impl.zza$zza$1;->zzbX:7API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.flags.impl.zza$zzd$1;->zzbY:6API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.auth.api.signin.internal.zzn;->zzcB:55API Call: android.content.SharedPreferences.getString
Source: com.facebook.share.internal.LikeActionController;->handleOnActivityResult:146API Call: android.content.SharedPreferences.getString
Source: com.facebook.appevents.internal.SessionInfo;->getStoredSessionInfo:24API Call: android.content.SharedPreferences.getString
Source: com.facebook.appevents.internal.SourceApplicationInfo;->getStoredSourceApplicatioInfo:16API Call: android.content.SharedPreferences.getString
Source: com.facebook.appevents.internal.SourceApplicationInfo;->getStoredSourceApplicatioInfo:18API Call: android.content.SharedPreferences.getBoolean
Source: com.facebook.internal.FetchedAppSettingsManager$1;->run:6API Call: android.content.SharedPreferences.getString
Source: com.facebook.login.LoginManager;->isExpressLoginAllowed:65API Call: android.content.SharedPreferences.getBoolean
Source: com.facebook.login.WebLoginMethodHandler;->loadCookieToken:17API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.tagmanager.zzbf;->zzO:13API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.tagmanager.zzbf;->zzr:37API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.ak;->b:51API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.ak;->b:62API Call: android.content.SharedPreferences.getBoolean
Source: cn.jpush.android.util.al;->a:17API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.b;->A:232API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.b;->y:1496API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.i;->c:37API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.i;->d:44API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->a:28API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:55API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:57API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:59API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:61API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:63API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:65API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:67API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:69API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:71API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.o;->b:73API Call: android.content.SharedPreferences.getString
Source: cn.jpush.android.util.p;->e:203API Call: android.content.SharedPreferences.getString
Registers a Sensor listener (to get data about accelerometer, gyrometer etc.)Show sources
Source: com.google.android.gms.ads.internal.overlay.zzx;->start:28API Call: android.hardware.SensorManager.registerListener

Data Obfuscation:

barindex
Obfuscates method namesShow sources
Source: Food4U #U901f#U98df#U5916#U8ce3_v3.2_apkpure.com.apkTotal valid method names: 58%
Uses reflectionShow sources
Source: cn.jpush.android.b.a.d;->a:244API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.a.b;->c:229API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.a.b;->c:231API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.a.b;->c:233API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.a.b;->c:239API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.a.b;->c:241API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.jpush.internal.a.r;->a:12API Call: java.lang.reflect.Field.get
Source: com.google.gson.jpush.internal.a.r;->a:20API Call: java.lang.reflect.Field.get
Source: cn.jpush.android.api.JPushInterface;->requestPermission:413API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.api.m;->a:172API Call: java.lang.reflect.Method.invoke
Source: com.aps.af;->c:198API Call: java.lang.reflect.Method.invoke
Source: com.aps.n;->a:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1;->write:10API Call: java.lang.reflect.Field.get
Source: bolts.MeasurementEvent;->sendBroadcast:95API Call: java.lang.reflect.Method.invoke
Source: bolts.MeasurementEvent;->sendBroadcast:104API Call: java.lang.reflect.Method.invoke
Source: com.amap.api.location.core.d;->a:84API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.dynamic.zzd;->zzF:10API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->zzH:37API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->zzH:40API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->zzb:172API Call: java.lang.reflect.Field.get
Source: com.google.firebase.FirebaseApp;->zza:154API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.FieldAttributes;->get:18API Call: java.lang.reflect.Field.get
Source: com.nostra13.universalimageloader.core.imageaware.ImageViewAware;->getImageViewFieldValue:5API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.UnsafeAllocator$1;->newInstance:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$2;->newInstance:3API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$3;->newInstance:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator;->create:7API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.UnsafeAllocator;->create:18API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.jpush.internal.UnsafeAllocator;->create:7API Call: java.lang.reflect.Field.get
Source: com.google.gson.jpush.internal.UnsafeAllocator;->create:14API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.jpush.internal.aj;->newInstance:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.jpush.internal.ak;->newInstance:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.jpush.internal.al;->newInstance:3API Call: java.lang.reflect.Method.invoke
Source: com.facebook.appevents.internal.InAppPurchaseEventManager;->getPurchaseDetails:34API Call: java.lang.reflect.Method.invoke
Source: com.facebook.appevents.internal.InAppPurchaseEventManager;->getServiceInterface:70API Call: java.lang.reflect.Method.invoke
Source: com.facebook.internal.Utility;->invokeMethodQuietly:186API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->createSymbolicLink:34API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->createSymbolicLink:37API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->createSymbolicLink:39API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->createSymbolicLink:41API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->delete:45API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->delete:47API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->exists:51API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->exists:54API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->isSymLink:59API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->isSymLink:61API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->readSymbolicLink:66API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->readSymbolicLink:68API Call: java.lang.reflect.Method.invoke
Source: org.apache.commons.io.Java7Support;->readSymbolicLink:70API Call: java.lang.reflect.Method.invoke
Source: com.google.firebase.messaging.zzc;->zza:100API Call: java.lang.reflect.Method.invoke
Source: com.google.firebase.messaging.zzc;->zza:395API Call: java.lang.reflect.Method.invoke
Source: com.google.firebase.messaging.zzc;->zzaI:406API Call: java.lang.reflect.Field.get
Source: com.google.firebase.messaging.zzc;->zzab:412API Call: java.lang.reflect.Field.get
Source: com.google.firebase.messaging.zzc;->zzac:417API Call: java.lang.reflect.Field.get
Source: com.google.firebase.messaging.zzc;->zzb:429API Call: java.lang.reflect.Method.invoke
Source: com.google.firebase.messaging.zzc;->zzc:452API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzb;->zzV:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzb;->zza:23API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzb;->zzb:36API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzb;->zzm:50API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzb;->zzn:65API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.ads.internal.purchase.zzd;->zziK:89API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.security.ProviderInstaller;->installIfNeeded:17API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.service.s;->a:12API Call: java.lang.reflect.Method.invoke
Source: cn.jpush.android.service.s;->a:21API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.zzz;->zza:26API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.zzz;->zza:34API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.zzz;->zza:42API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.zzz;->zza:49API Call: java.lang.reflect.Method.invoke
Source: org.apache.http.util.ExceptionUtils;->initCause:7API Call: java.lang.reflect.Method.invoke

Boot Survival:

barindex
Has permission to execute code after phone rebootShow sources
Source: submitted apkRequest permission: android.permission.RECEIVE_BOOT_COMPLETED
Installs a new wake lock (to get activate on phone screen on)Show sources
Source: cn.jpush.android.util.b;->k:984API Call: android.os.PowerManager.newWakeLock

Hooking and other Techniques for Hiding and Protection:

barindex
Removes its application launcher (likely to stay hidden)Show sources
Source: cn.jpush.android.service.ServiceInterface;->b:223API Call: android.content.pm.PackageManager.setComponentEnabledSetting
Source: cn.jpush.android.service.ServiceInterface;->b:224API Call: android.content.pm.PackageManager.setComponentEnabledSetting
Aborts a broadcast event (this is often done to hide phone events such as incoming SMS)Show sources
Source: cn.jpush.android.service.PushReceiver;->onReceive:190API Call: cn.jpush.android.service.PushReceiver.abortBroadcast
Has permission to draw over other applications or user interfacesShow sources
Source: submitted apkRequest permission: android.permission.SYSTEM_ALERT_WINDOW
Has permission to query the list of currently running applicationsShow sources
Source: submitted apkRequest permission: android.permission.GET_TASKS
Queries list of running processes/tasksShow sources
Source: com.google.android.gms.gcm.zza;->zzbu:128API Call: android.app.ActivityManager.getRunningAppProcesses
Source: com.google.firebase.messaging.zza;->zzaca:154API Call: android.app.ActivityManager.getRunningAppProcesses
Source: cn.jpush.android.ui.PushActivity;->b:88API Call: android.app.ActivityManager.getRunningTasks
Source: cn.jpush.android.ui.PushActivity;->b:91API Call: android.app.ActivityManager.getRunningTasks
Source: cn.jpush.android.util.aj;->a:27API Call: android.app.ActivityManager.getRunningAppProcesses
Uses Crypto APIsShow sources
Source: com.facebook.appevents.AppEvent;->md5Checksum:77API Call: java.security.MessageDigest.getInstance
Source: com.facebook.appevents.AppEvent;->md5Checksum:80API Call: java.security.MessageDigest.update
Source: com.facebook.appevents.AppEvent;->md5Checksum:81API Call: java.security.MessageDigest.digest
Source: com.aps.b;-><init>:13API Call: javax.crypto.Cipher.getInstance
Source: com.aps.b;-><init>:15API Call: javax.crypto.Cipher.init
Source: com.aps.b;->a:40API Call: javax.crypto.Cipher.doFinal
Source: com.aps.p;->c:27API Call: java.security.MessageDigest.getInstance
Source: com.aps.p;->c:30API Call: java.security.MessageDigest.update
Source: com.aps.p;->c:31API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator;->getSafeKey:7API Call: java.security.MessageDigest.getInstance
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator;->getSafeKey:9API Call: java.security.MessageDigest.digest
Source: com.amap.api.location.core.c;->c:54API Call: java.security.MessageDigest.getInstance
Source: com.amap.api.location.core.c;->c:55API Call: java.security.MessageDigest.digest
Source: com.amap.api.location.core.c;->a:153API Call: javax.crypto.KeyGenerator.generateKey
Source: com.amap.api.location.core.e;->a:45API Call: javax.crypto.Cipher.getInstance
Source: com.amap.api.location.core.e;->a:46API Call: javax.crypto.Cipher.init
Source: com.amap.api.location.core.e;->a:47API Call: javax.crypto.Cipher.doFinal
Source: com.amap.api.location.core.e;->a:50API Call: javax.crypto.Cipher.getInstance
Source: com.amap.api.location.core.e;->a:51API Call: javax.crypto.Cipher.init
Source: com.amap.api.location.core.e;->a:52API Call: javax.crypto.Cipher.doFinal
Source: com.amap.api.location.core.e;->a:56API Call: javax.crypto.Cipher.getInstance
Source: com.amap.api.location.core.e;->a:57API Call: javax.crypto.Cipher.init
Source: com.amap.api.location.core.e;->a:58API Call: javax.crypto.Cipher.doFinal
Source: com.amap.api.location.core.e;->b:62API Call: java.security.MessageDigest.getInstance
Source: com.amap.api.location.core.e;->b:65API Call: java.security.MessageDigest.update
Source: com.amap.api.location.core.e;->b:66API Call: java.security.MessageDigest.digest
Source: com.amap.api.location.core.g;->a:65API Call: java.security.MessageDigest.getInstance
Source: com.amap.api.location.core.g;->a:68API Call: java.security.MessageDigest.update
Source: com.amap.api.location.core.g;->a:69API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:166API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:167API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:173API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:179API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:185API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:191API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.EngineKey;->updateDiskCacheKey:197API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.OriginalKey;->updateDiskCacheKey:17API Call: java.security.MessageDigest.update
Source: com.facebook.FacebookSdk;->getApplicationSignature:34API Call: java.security.MessageDigest.getInstance
Source: com.facebook.FacebookSdk;->getApplicationSignature:37API Call: java.security.MessageDigest.update
Source: com.facebook.FacebookSdk;->getApplicationSignature:38API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.iid.InstanceID;->zza:24API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.iid.InstanceID;->zza:25API Call: java.security.MessageDigest.digest
Source: com.google.firebase.iid.FirebaseInstanceId;->zza:46API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.iid.FirebaseInstanceId;->zza:47API Call: java.security.MessageDigest.digest
Source: com.facebook.internal.Utility;->hashBytes:171API Call: java.security.MessageDigest.update
Source: com.facebook.internal.Utility;->hashBytes:172API Call: java.security.MessageDigest.digest
Source: com.facebook.internal.Utility;->hashWithAlgorithm:183API Call: java.security.MessageDigest.getInstance
Source: com.nostra13.universalimageloader.cache.disc.naming.Md5FileNameGenerator;->getMD5:3API Call: java.security.MessageDigest.getInstance
Source: com.nostra13.universalimageloader.cache.disc.naming.Md5FileNameGenerator;->getMD5:4API Call: java.security.MessageDigest.update
Source: com.nostra13.universalimageloader.cache.disc.naming.Md5FileNameGenerator;->getMD5:5API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.signature.MediaStoreSignature;->updateDiskCacheKey:16API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.MediaStoreSignature;->updateDiskCacheKey:20API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.StringSignature;->updateDiskCacheKey:22API Call: java.security.MessageDigest.update
Source: org.apache.james.mime4j.storage.CipherStorageProvider$CipherStorage;->getInputStream:9API Call: javax.crypto.Cipher.getInstance
Source: org.apache.james.mime4j.storage.CipherStorageProvider$CipherStorage;->getInputStream:11API Call: javax.crypto.Cipher.init
Source: org.apache.james.mime4j.storage.CipherStorageProvider$CipherStorageOutputStream;-><init>:2API Call: javax.crypto.Cipher.getInstance
Source: org.apache.james.mime4j.storage.CipherStorageProvider$CipherStorageOutputStream;-><init>:3API Call: javax.crypto.Cipher.init
Source: org.apache.james.mime4j.storage.CipherStorageProvider;->getSecretKeySpec:8API Call: javax.crypto.KeyGenerator.generateKey
Source: com.google.android.gms.tagmanager.zzar;->zzf:12API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.tagmanager.zzar;->zzf:13API Call: java.security.MessageDigest.update
Source: com.google.android.gms.tagmanager.zzar;->zzf:14API Call: java.security.MessageDigest.digest
Source: cn.jpush.android.util.a;->a:13API Call: javax.crypto.Cipher.getInstance
Source: cn.jpush.android.util.a;->a:16API Call: javax.crypto.Cipher.init
Source: cn.jpush.android.util.a;->a:18API Call: javax.crypto.Cipher.doFinal
Source: cn.jpush.android.util.an;->b:15API Call: java.security.MessageDigest.getInstance
Source: cn.jpush.android.util.an;->b:17API Call: java.security.MessageDigest.update
Source: cn.jpush.android.util.an;->b:18API Call: java.security.MessageDigest.digest
Source: cn.jpush.android.util.b;->a:366API Call: java.security.MessageDigest.getInstance
Source: cn.jpush.android.util.b;->a:368API Call: java.security.MessageDigest.digest
Source: cn.jpush.android.util.b;->a:378API Call: java.security.MessageDigest.getInstance
Source: cn.jpush.android.util.b;->a:379API Call: java.security.MessageDigest.digest
Source: cn.jpush.android.util.b;->b:538API Call: java.security.MessageDigest.getInstance
Source: cn.jpush.android.util.b;->b:541API Call: java.security.MessageDigest.digest
Source: cn.jpush.android.util.i;->o:59API Call: javax.crypto.Cipher.getInstance
Source: cn.jpush.android.util.i;->o:62API Call: javax.crypto.Cipher.init
Source: cn.jpush.android.util.i;->o:64API Call: javax.crypto.Cipher.doFinal
Source: cn.jpush.android.util.k;->a:35API Call: java.security.MessageDigest.getInstance
Source: cn.jpush.android.util.k;->a:37API Call: java.security.MessageDigest.update
Source: cn.jpush.android.util.k;->a:39API Call: java.security.MessageDigest.digest

Malware Analysis System Evasion:

barindex
Accesses android OS build fieldsShow sources
Source: com.aps.ai;-><init>:9Field Access: android.os.Build.MODEL
Source: com.aps.ai;->f:231Field Access: android.os.Build.MODEL
Source: com.aps.t;->b:73Field Access: android.os.Build$VERSION.SDK
Source: com.amap.api.location.core.c;->d:81Field Access: android.os.Build$VERSION.RELEASE
Source: com.amap.api.location.core.c;->e:82Field Access: android.os.Build.MODEL
Source: com.google.android.gms.fitness.data.Device;->getLocalDevice:13Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.fitness.data.Device;->getLocalDevice:14Field Access: android.os.Build.MODEL
Source: com.google.android.gms.fitness.data.Device;->getLocalDevice:15Field Access: android.os.Build$VERSION.RELEASE
Source: com.facebook.devicerequests.internal.DeviceRequestsHelper;->getDeviceInfo:27Field Access: android.os.Build.DEVICE
Source: com.facebook.devicerequests.internal.DeviceRequestsHelper;->getDeviceInfo:30Field Access: android.os.Build.MODEL
Source: com.facebook.internal.FacebookSignatureValidator;->validateSignature:18Field Access: android.os.Build.BRAND
Source: com.facebook.internal.Utility;->setAppEventExtendedDeviceInfoParameters:388Field Access: android.os.Build$VERSION.RELEASE
Source: com.facebook.internal.Utility;->setAppEventExtendedDeviceInfoParameters:390Field Access: android.os.Build.MODEL
Source: com.google.android.gms.tagmanager.zzac;->zzZ:5Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.tagmanager.zzac;->zzZ:6Field Access: android.os.Build.MODEL
Source: com.google.android.gms.tagmanager.zzan;->version:1Field Access: android.os.Build$VERSION.SDK
Source: com.google.android.gms.tagmanager.zzan;->version:4Field Access: android.os.Build$VERSION.SDK
Source: com.google.android.gms.tagmanager.zzcf;->zzZ:5Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.tagmanager.zzde;-><init>:7Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.tagmanager.zzde;-><init>:10Field Access: android.os.Build.MODEL
Source: com.google.android.gms.tagmanager.zzde;-><init>:11Field Access: android.os.Build.ID
Source: cn.jpush.android.util.af;->a:159Field Access: android.os.Build$VERSION.SDK
Source: cn.jpush.android.util.b;->a:312Field Access: android.os.Build$VERSION.RELEASE
Source: cn.jpush.android.util.b;->a:319Field Access: android.os.Build.MODEL
Source: cn.jpush.android.util.b;->a:323Field Access: android.os.Build.DEVICE
Source: cn.jpush.android.util.b;->b:505Field Access: android.os.Build$VERSION.RELEASE
Source: cn.jpush.android.util.b;->b:512Field Access: android.os.Build.MODEL
Source: cn.jpush.android.util.b;->b:516Field Access: android.os.Build.DEVICE
Source: cn.jpush.android.util.b;->w:1470Field Access: android.os.Build.MODEL
Source: cn.jpush.android.util.o;->c:148Field Access: android.os.Build$VERSION.RELEASE
Source: cn.jpush.android.util.o;->c:152Field Access: android.os.Build.MODEL
Source: cn.jpush.android.util.s;->a:72Field Access: android.os.Build$VERSION.SDK
Source: cn.jpush.android.util.s;->a:174Field Access: android.os.Build$VERSION.SDK
Source: cn.jpush.android.util.s;->b:328Field Access: android.os.Build$VERSION.SDK
Source: com.google.android.gms.common.util.zzj;->zzzd:39Field Access: android.os.Build.TYPE
Potential date aware sample foundShow sources
Source: com.facebook.AccessToken;->isExpired:241API Call: java.util.Date.after
Queries several sensitive phone informationsShow sources
Source: Lbolts/BoltsExecutors;->isAndroidRuntime()ZMethod string: "android"
Source: Lbolts/AppLinkNavigation;->sendAppLinkNavigateEventBroadcast(Landroid/content/Context;Landroid/content/Intent;Lbolts/AppLinkNavigation$NavigationResult;Lorg/json/JSONException;)VMethod string: "type"
Source: Lorg/apache/http/message/BasicStatusLine;-><init>(Lorg/apache/http/ProtocolVersion;ILjava/lang/String;)VMethod string: "version"
Source: Lcom/aps/o;->a()[BMethod string: "sid"
Source: Lcom/aps/ai;->h()Ljava/lang/String;Method string: "phone"
Source: Lcom/amap/api/location/core/d;->a(Landroid/content/Context;Lcom/amap/api/location/AMapLocation;)VMethod string: "time"
Queries the unique operating system id (ANDROID_ID)Show sources
Source: com.google.android.gms.fitness.data.Device;->zzbn:32API Call: android.provider.Settings$Secure.getString
Source: com.google.android.gms.tagmanager.zzab;->zzbU:11API Call: android.provider.Settings$Secure.getString
Source: com.google.android.gms.tagmanager.zzbs;->zzbU:11API Call: android.provider.Settings$Secure.getString

Language, Device and Operating System Detection:

barindex
Queries the WIFI MAC addressShow sources
Source: com.aps.a;->i:730API Call: android.net.wifi.WifiInfo.getMacAddress
Source: com.aps.ai;-><init>:28API Call: android.net.wifi.WifiInfo.getMacAddress
Source: com.aps.ai;->p:318API Call: android.net.wifi.WifiInfo.getMacAddress
Source: cn.jpush.android.util.b;->g:862API Call: android.net.wifi.WifiInfo.getMacAddress
Queries the network operator nameShow sources
Source: cn.jpush.android.a.b;->c:157API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Source: com.amap.api.location.core.c;->b:207API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Source: com.amap.api.location.core.c;->c:249API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Source: com.facebook.internal.Utility;->refreshCarrierName:335API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Queries the network operator numeric MCC+MNC (mobile country code + mobile network code)Show sources
Source: cn.jpush.android.a.b;->h:51API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: cn.jpush.android.a.b;->b:97API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: cn.jpush.android.a.b;->c:181API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: com.aps.ai;->b:115API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: com.aps.t;->a:61API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: cn.jpush.android.helpers.ConnectingHelper;->a:250API Call: android.telephony.TelephonyManager.getNetworkOperator
Queries the unqiue device ID (IMEI, MEID or ESN)Show sources
Source: com.corey.restaurant.ui.HelloweenLoginActivity;->getData:30API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.corey.restaurant.util.ExampleUtil;->getImei:16API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.aps.a;->a:174API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.aps.a;->a:186API Call: android.telephony.TelephonyManager.getSubscriberId
Source: com.aps.ai;-><init>:21API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.aps.ai;-><init>:23API Call: android.telephony.TelephonyManager.getSubscriberId
Source: com.aps.ai;->g:242API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.aps.ai;->h:253API Call: android.telephony.TelephonyManager.getSubscriberId
Source: com.amap.api.location.core.c;->b:181API Call: android.telephony.TelephonyManager.getDeviceId
Source: com.amap.api.location.core.c;->b:183API Call: android.telephony.TelephonyManager.getSubscriberId
Source: cn.jpush.android.helpers.j;->a:15API Call: android.telephony.TelephonyManager.getSubscriberId
Source: cn.jpush.android.util.b;->i:926API Call: android.telephony.TelephonyManager.getSimSerialNumber
Source: cn.jpush.android.util.b;->j:968API Call: android.telephony.TelephonyManager.getDeviceId
Source: cn.jpush.android.util.b;->k:974API Call: android.telephony.TelephonyManager.getSubscriberId

Stealing of Sensitive Information:

barindex
Checks if a SIM card is installedShow sources
Source: com.aps.ai;->c:218API Call: android.telephony.TelephonyManager.getSimState
Has permission to read contactsShow sources
Source: submitted apkRequest permission: android.permission.READ_CONTACTS
Has permission to read low-level log files (spy personal data)Show sources
Source: submitted apkRequest permission: android.permission.READ_LOGS
Has permission to read the phones state (phone number, device IDs, active call ect.)Show sources
Source: submitted apkRequest permission: android.permission.READ_PHONE_STATE
May query (preferred) Access Point Name (APN)Show sources
Source: com.corey.restaurant.util.HttpUtils;-><clinit>:4API Call: android.net.Uri.parse("content://telephony/carriers")
Source: com.aps.l;->a:15API Call: android.net.Uri.parse("content://telephony/carriers/preferapn")
May take a camera pictureShow sources
Source: com.corey.restaurant.ui.NewRegistActivity;->onClick:388API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Queries a list of installed applicationsShow sources
Source: com.aps.ai;->b:103API Call: android.content.pm.PackageManager.getInstalledApplications
Source: cn.jpush.android.util.aj;->a:35API Call: android.content.pm.PackageManager.getInstalledApplications
Queries camera informationShow sources
Source: com.google.android.gms.vision.CameraSource;->zzTK:8API Call: android.hardware.Camera.open
Source: com.google.android.gms.vision.CameraSource;->zza:97API Call: android.hardware.Camera.getCameraInfo
Source: com.google.android.gms.vision.CameraSource;->zznP:124API Call: android.hardware.Camera.getNumberOfCameras
Source: com.google.android.gms.vision.CameraSource;->zznP:125API Call: android.hardware.Camera.getCameraInfo
Queries list of installed packagesShow sources
Source: cn.jpush.android.util.v;->a:3API Call: android.content.pm.PackageManager.getInstalledPackages
Queries media storage location fieldShow sources
Source: com.corey.restaurant.util.BitmapUtil;->getPath:50Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Queries stored mail and application accounts (e.g. Gmail or Whatsup)Show sources
Source: com.google.android.gms.appinvite.AppInviteInvitation$IntentBuilder;->setAccount:40API Call: android.accounts.Account.type
Source: com.google.android.gms.auth.zze;->zzc:114API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.zze;->zzc:119API Call: android.accounts.Account.type
Source: com.google.android.gms.auth.api.credentials.IdentityProviders;->getIdentityProviderForAccount:5API Call: android.accounts.Account.type
Source: com.google.android.gms.auth.api.credentials.IdentityProviders;->getIdentityProviderForAccount:9API Call: android.accounts.Account.type
Source: com.google.android.gms.common.internal.zzg;->getAccountName:20API Call: android.accounts.Account.name
Source: com.google.android.gms.location.places.internal.zzh;-><init>:11API Call: android.accounts.Account.name
Source: com.google.android.gms.location.places.internal.zzn;-><init>:5API Call: android.accounts.Account.name
Source: com.google.android.gms.plus.Plus$1;->zza:5API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.api.signin.GoogleSignInOptions;->zzri:74API Call: android.accounts.Account.name
Source: com.android.volley.toolbox.AndroidAuthenticator;->invalidateAuthToken:32API Call: android.accounts.Account.type
Has permission to query the current locationShow sources
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION

Remote Access Functionality:

barindex
Found suspicious command strings (may be related to BOT commands)Show sources
Source: Lorg/jsoup/nodes/Attribute;-><clinit>()VMethod string: "reversed"
Source: Lorg/apache/commons/io/comparator/ReverseComparator;-><init>(Ljava/util/Comparator;)VInstruction: "iput-object p1, p0, lorg/apache/commons/io/comparator/reversecomparator;->delegate:ljava/util/comparator;"
Source: Lcom/corey/restaurant/ui/SendSMSActivity;-><init>()VInstruction: "iput-object v0, p0, lcom/corey/restaurant/ui/sendsmsactivity;->on_country_code_click:landroid/view/view$onclicklistener;"
Source: Lcom/corey/restaurant/ui/NewRegistActivity;->onClick(Landroid/view/View;)VInstruction: "lcom/corey/restaurant/ui/newregistactivity;->uploadfile()v"
Has permission to mount or unmount file systems (removable storage)Show sources
Source: submitted apkRequest permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Antivirus and Machine Learning Detection

Initial Sample

SourceDetectionScannerLabelLink
Food4U #U901f#U98df#U5916#U8ce3_v3.2_apkpure.com.apk2%virustotalBrowse

Dropped Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
app.food4u.cc2%virustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://app.food4u.cc/json.php/layout.api-splash?deviceid=%s&token=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-addAddress?uid=%s&area=%s&address=%s&default=%s&lang=%s0%Avira URL Cloudsafe
http://app.food4u.cc/2%virustotalBrowse
http://app.food4u.cc/0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-updateBaseInfoByUid?uid=%s&sex=%s&birthday=%s&nick_name=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/shop.api-pageContent?dish_id=%s&lang=%s0%Avira URL Cloudsafe
http://app.food4u.cc/sync_detail_comment.php?hotid=0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-order?lang=%s&shop_id=%s&uid=%s&shopping_cart=%s&delivery_fe0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/sync_order_update.php?uid=%s&lang=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/Promo.api-getPromoByCode/?uid=%s&lang=%s&promo_id=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-tocontent?uid=%s&order_id=%s&star=%s&content=%s0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-getNotify?access_token=%s&uid=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-to_hkd?price=%s&food_dollar=%s&shop_id=%s&uid=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-checkUser/1%virustotalBrowse
http://new.food4u.cc/json.php/user.api-checkUser/0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-regist1%virustotalBrowse
http://new.food4u.cc/json.php/user.api-regist0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-updateAddressNew?uid=%s&id=%s&area=%s&address=%s&default=%s&l0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-getArea?lang=%s&access_token=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-login?user_name=%s&password=%s&country_code=%s&lang=%s&token=0%Avira URL Cloudsafe
http://app.food4u.cc/sync_update_username.php?uid=%s&user_name=%s1%virustotalBrowse
http://app.food4u.cc/sync_update_username.php?uid=%s&user_name=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-logout/?uid=%s&token=%s0%Avira URL Cloudsafe
http://new.food4u.cc/signup_sms_code.php1%virustotalBrowse
http://new.food4u.cc/signup_sms_code.php0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-updatepassword?lang=%s&access_token=%s&password=%s&user_name=0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/shop.api-apply?lang=%s&access_token=%s&uid=%s&email=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-getBaseInfonByUid/?uid=%s&access_token=%s&lang=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-orderlist?access_token=%s&uid=%s&is_shop=%s&pageIndex=%s&pag0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/shop.api-comments?pageIndex=%s&shop_id=%s&access_token=%s&lang=%s0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-regist?user_name=%s&password=%s&birthday=%s&sex=%s&code=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-order_paynow1%virustotalBrowse
http://new.food4u.cc/json.php/order.api-order_paynow0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-authkey?user_name=%s&password=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/shop.api-shoplist?lang=%s&lng=%s&lat=%s&search_name=%s&areaid=%s&shopt0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-updatepassword?user_name=%s&password=%s0%Avira URL Cloudsafe
http://app.food4u.cc/privacy.htm0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/order.api-order_paynow?lang=%s&shop_id=%s&uid=%s&shopping_cart=%s&deli0%Avira URL Cloudsafe
http://app.food4u.cc/sync_update_firstdata.php?uid=%s&address=%s&area=%s&nickname=%s1%virustotalBrowse
http://app.food4u.cc/sync_update_firstdata.php?uid=%s&address=%s&area=%s&nickname=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/Promo.api-getPromoByCode/?uid=%s&lang=%s&promo_code=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-updateRecommendPromoSetting/?uid=%s&is_recommendPromo=%s0%Avira URL Cloudsafe
http://app.food4u.cc//open_store.php1%virustotalBrowse
http://app.food4u.cc//open_store.php0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-foodDollarShopList?lang=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/shop.api-info?lang=%s&shop_id=%s&access_token=%s&lng=%s&lat=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-foodDollarHistroy?lang=%s&uid=%s0%Avira URL Cloudsafe
http://app.food4u.cc/sync_update_address.php?uid=%s&address=%s&area=%s1%virustotalBrowse
http://app.food4u.cc/sync_update_address.php?uid=%s&address=%s&area=%s0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/shop.api-homelist/?lang=%s&lng=%s&lat=%s&dev_env=30%Avira URL Cloudsafe
http://app.food4u.cc/json.php/order.api-order?lang=%s&shop_id=%s&access_token=%s&uid=%s&dish_ids=%s&0%Avira URL Cloudsafe
http://app.food4u.cc/json.php/user.api-regist?user_name=%s&password=%s&birthday=%s&sex=%s&code=%s&ni0%Avira URL Cloudsafe
http://new.food4u.cc/json.php/user.api-deleteAddress?uid=%s&id=%s&lang=%s0%Avira URL Cloudsafe

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Joe Sandbox View / Context

IPs

MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
74.125.143.188EqWjUgHkUfGet hashmaliciousBrowse
    popcorntime.apkGet hashmaliciousBrowse
      VF0XUN5M8NGet hashmaliciousBrowse
        i5HJPVy2q9Get hashmaliciousBrowse
          6O5SGEaMpWGet hashmaliciousBrowse
            com.fingersoft.hillclimb_2019-03-19.apkGet hashmaliciousBrowse
              WDrt3DVjpDGet hashmaliciousBrowse
                com.nplongxl.pikachuonet2017_2017-07-05.apkGet hashmaliciousBrowse
                  7stt8o1uAAGet hashmaliciousBrowse
                    OuUKGvT3t9Get hashmaliciousBrowse
                      VbsW4MizXk.dmsGet hashmaliciousBrowse
                        com.iosstore.ioslauncher.iphonexlauncher.ilauncher.apkGet hashmaliciousBrowse
                          dGDDbCF98AGet hashmaliciousBrowse
                            TuAoxoPjb5.apkGet hashmaliciousBrowse
                              rror.com.apkGet hashmaliciousBrowse
                                2SGqeRay84Get hashmaliciousBrowse
                                  pc4ru.apkGet hashmaliciousBrowse
                                    UYf1LLxtHTGet hashmaliciousBrowse
                                      hdeVxfEvxpGet hashmaliciousBrowse
                                        Sc4DMFu1vVGet hashmaliciousBrowse
                                          185.60.216.15https://strawberrypianist.com/ertyjuluiytrdgfhjuhytygu/owa/normalof/normalof/office/New/Get hashmaliciousBrowse
                                            persistent_malware.apkGet hashmaliciousBrowse
                                              Gcinc Proposals II.pdfGet hashmaliciousBrowse
                                                17Mai.exeGet hashmaliciousBrowse
                                                  app-release-v2.1.9.4-291-2018_11_20_13_03_06.apkGet hashmaliciousBrowse
                                                    com.cootek.smartinputv5_2019-05-24.apkGet hashmaliciousBrowse
                                                      tiempo.apkGet hashmaliciousBrowse
                                                        com.cootek.smartinputv5_2019-05-01.apkGet hashmaliciousBrowse
                                                          EvaJXMgKt6.apkGet hashmaliciousBrowse
                                                            http://tkfl777.comGet hashmaliciousBrowse
                                                              mobi.ifunny_2019-06-27.apkGet hashmaliciousBrowse
                                                                http://www.cooltourspain.comGet hashmaliciousBrowse
                                                                  Super Phone Cleaner Virus Cleaner Phone Cleaner_v1.5.0_apkpure.com.apkGet hashmaliciousBrowse
                                                                    cpb.apkGet hashmaliciousBrowse
                                                                      cimb-clicks-malaysia.apkGet hashmaliciousBrowse
                                                                        http://demo2.aurorapro.co/Download/US_us/Invoice-for-you&amp;data=02|01||447072d204914f25042208d6077443fb|1a407a2d76754d178692b3ac285306e4|0|0|636704593269411757&amp;sdata=1bJ9B7e/nHSkZxTPSrTtNw1nYhl4ZkhcBHYLd4Noe44=&amp;reserved=0Get hashmaliciousBrowse
                                                                          http://www.medicalmushrooms.netGet hashmaliciousBrowse
                                                                            com.sivan.calling_2018-12-24.apkGet hashmaliciousBrowse
                                                                              FoDFXPQo.apkGet hashmaliciousBrowse
                                                                                CJOEHjjYVK.apkGet hashmaliciousBrowse

                                                                                  Domains

                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                  star.c10r.facebook.comhttp://csq1.orgGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  me.everything.launcher_2018-06-27.apkGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  http://l.e.crainalerts.com/rts/go2.aspx?h=136632&tp=i-H43-Dt-2p1-CVvtZ-1o-4Npx-1c-CW37P-1Rcir&x=2249754Get hashmaliciousBrowse
                                                                                  • 157.240.20.15
                                                                                  https://strawberrypianist.com/ertyjuluiytrdgfhjuhytygu/owa/normalof/normalof/office/New/Get hashmaliciousBrowse
                                                                                  • 185.60.216.15
                                                                                  LittleSaigon-hockeyDev-debug.apkGet hashmaliciousBrowse
                                                                                  • 31.13.75.8
                                                                                  tiempo.apkGet hashmaliciousBrowse
                                                                                  • 157.240.20.15
                                                                                  360 Security Free Antivirus Booster Cleaner_v5.1.8.3904_apkpure.com.apkGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  com.giantssoftware.fs18.google_1.4.0.1-APK_Award.apkGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  88d57021-2946-42c2-b397-05d278b11ec8.apkGet hashmaliciousBrowse
                                                                                  • 31.13.75.8
                                                                                  com.app.chat.messenger.apkGet hashmaliciousBrowse
                                                                                  • 31.13.75.8
                                                                                  persistent_malware.apkGet hashmaliciousBrowse
                                                                                  • 185.60.216.15
                                                                                  Gcinc Proposals II.pdfGet hashmaliciousBrowse
                                                                                  • 185.60.216.15
                                                                                  http://examwriting.blogspot.com/2015/02/describe-person-your-best-friend.htmlGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  ApeUfoGames.apkGet hashmaliciousBrowse
                                                                                  • 157.240.20.15
                                                                                  tiempo.apkGet hashmaliciousBrowse
                                                                                  • 157.240.20.15
                                                                                  PrivateZone&Bing.apkGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  com.escape.room.door.word.prison.puzzle.adventure_2019-01-09.apkGet hashmaliciousBrowse
                                                                                  • 31.13.75.8
                                                                                  apkpure-WordsStoryAddictiveWordGame_v1.4.6_apkpure.com.apkGet hashmaliciousBrowse
                                                                                  • 31.13.86.8
                                                                                  com.tenqube.qlip_2018-10-18.apkGet hashmaliciousBrowse
                                                                                  • 31.13.64.16
                                                                                  art.filter.editor.imge_102_apkplz.net.apkGet hashmaliciousBrowse
                                                                                  • 31.13.75.8

                                                                                  ASN

                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                  unknownrequest.docGet hashmaliciousBrowse
                                                                                  • 192.168.0.44
                                                                                  FERK444259.docGet hashmaliciousBrowse
                                                                                  • 192.168.0.44
                                                                                  b392e93a5753601db564e6f2dc6a945aac3861bc31e2c1e5e7f3cd4e5bb150a4.jsGet hashmaliciousBrowse
                                                                                  • 192.168.0.40
                                                                                  Setup.exeGet hashmaliciousBrowse
                                                                                  • 192.168.0.40
                                                                                  base64.pdfGet hashmaliciousBrowse
                                                                                  • 192.168.0.40
                                                                                  file.pdfGet hashmalicious