Loading ...

General Information

Joe Sandbox Version:28.0.0 Lapis Lazuli
Analysis ID:232581
Start date:23.05.2020
Start time:03:58:24
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 6m 17s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:bdsmlr-3-512.apk
Cookbook file name:defaultandroidfilecookbook.jbs
Analysis system description:Android 6.0
APK Instrumentation enabled:true
Detection:MAL
Classification:mal48.spyw.evad.andAPK@0/253@0/0
Warnings:
Show All
  • An application runtime error occurred
  • Excluded IPs from analysis (whitelisted): 216.58.205.227, 216.58.205.232, 172.217.18.110, 172.217.23.110, 216.58.212.142, 172.217.22.78, 172.217.21.206, 216.58.212.174, 172.217.23.142, 216.58.205.238, 216.58.206.14, 172.217.18.14, 172.217.18.174, 216.58.207.78, 172.217.16.142, 216.58.210.14, 172.217.16.174
  • Excluded domains from analysis (whitelisted): connectivitycheck.gstatic.com, ssl.google-analytics.com, android.clients.google.com, android.l.google.com, ssl-google-analytics.l.google.com
  • No interacted views
  • No simulation commands forwarded to apk
  • Not all executed log events are in report (maximum 10 identical API calls)
  • Not all non-executed APIs are in report
  • Not all resource files were parsed
  • Not all resource strings were parsed
  • Report size exceeded maximum capacity and may have missing behavior information.
  • Report size exceeded maximum capacity and may have missing disassembly code.
  • Report size exceeded maximum capacity and may have missing dynamic data code.
Errors:
  • Execution failed: Runtime error External Dependency Missing

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold480 - 100falsemalicious

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold50 - 5false
ConfidenceConfidence


Classification Spiderchart

Analysis Advice




Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Remote ManagementWinlogon Helper DLLPort MonitorsObfuscated Files or Information1Access Stored Application Data1System Network Connections Discovery1Application Deployment SoftwareLocation Tracking1Data CompressedData ObfuscationEavesdrop on Insecure Network Communication1Remotely Track Device Without AuthorizationGenerate Fraudulent Advertising Revenue1
Replication Through Removable MediaService ExecutionPort MonitorsAccessibility FeaturesBinary PaddingNetwork SniffingLocation Tracking1Remote ServicesAccess Stored Application Data1Exfiltration Over Other Network MediumFallback ChannelsExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDelete Device Data1
External Remote ServicesWindows Management InstrumentationAccessibility FeaturesPath InterceptionRootkitInput CaptureSystem Information Discovery1Windows Remote ManagementNetwork Information Discovery1Automated ExfiltrationCustom Cryptographic ProtocolExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Drive-by CompromiseScheduled TaskSystem FirmwareDLL Search Order HijackingObfuscated Files or InformationCredentials in FilesProcess Discovery1Logon ScriptsInput CaptureData EncryptedMultiband CommunicationSIM Card SwapPremium SMS Toll Fraud

Signature Overview

Click to jump to signature section


Location Tracking:

barindex
Queries the phones location (GPS)Show sources
Source: com.google.android.gms.internal.ads.zzafs;->a:877API Call: android.location.Location.getLatitude
Source: com.google.android.gms.internal.ads.zzafs;->a:879API Call: android.location.Location.getLongitude
Source: androidx.appcompat.app.TwilightManager;->a:6API Call: android.location.LocationManager.getLastKnownLocation
Source: androidx.appcompat.app.TwilightManager;->a:19API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->a:20API Call: android.location.Location.getLongitude
Source: androidx.appcompat.app.TwilightManager;->a:22API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->a:23API Call: android.location.Location.getLongitude
Source: androidx.appcompat.app.TwilightManager;->a:25API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->a:26API Call: android.location.Location.getLongitude
Source: com.onesignal.LocationGMS;->c:104API Call: android.location.Location.getLatitude
Source: com.onesignal.LocationGMS;->c:110API Call: android.location.Location.getLongitude
Source: com.onesignal.LocationGMS;->c:116API Call: android.location.Location.getLatitude
Source: com.onesignal.LocationGMS;->c:118API Call: android.location.Location.getLongitude

Spreading:

barindex
Accesses external storage locationShow sources
Source: com.google.android.gms.internal.ads.zzhs;->c:37API Call: android.os.Environment.getExternalStorageDirectory
Source: com.google.android.gms.internal.ads.zzmx;->call:3API Call: android.os.Environment.getExternalStorageState
Source: com.google.android.gms.internal.ads.zznn;->a:77API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.content.FileProvider;->parsePathStrategy:63API Call: android.os.Environment.getExternalStorageDirectory
Source: com.mr.flutter.plugin.filepicker.FilePickerDelegate;->b:21API Call: android.os.Environment.getExternalStorageDirectory
Source: com.mr.flutter.plugin.filepicker.FileUtils;->b:163API Call: android.os.Environment.getExternalStorageDirectory
Source: io.flutter.plugins.imagepicker.FileUtils;->getPathFromLocalUri:24API Call: android.os.Environment.getExternalStorageDirectory
Source: com.javih.multimediapicker.FileUtils;->b:26API Call: android.os.Environment.getExternalStorageDirectory

Networking:

barindex
Checks an internet connection is availableShow sources
Source: com.google.firebase.iid.zzaz;->run:71API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.iid.zzaz;->run:71API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.internal.ads.zzafn;->a:85API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.internal.ads.zzagb;->b:88API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.internal.ads.zzagb;->b:90API Call: android.net.NetworkInfo.getDetailedState
Source: io.flutter.plugins.connectivity.Connectivity;->getNetworkTypeLegacy:3API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: io.flutter.plugins.connectivity.Connectivity;->getNetworkTypeLegacy:4API Call: android.net.NetworkInfo.isConnected
Source: io.flutter.plugins.connectivity.Connectivity;->getWifiInfo:11API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: io.flutter.plugins.connectivity.Connectivity;->getWifiIPAddress:26API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.google.firebase.iid.zzaz;->b:50API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.iid.zzaz;->b:51API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.measurement.internal.zzej;->v:43API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.measurement.internal.zzej;->v:44API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.measurement.internal.zzhl;->t:39API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.measurement.internal.zzhl;->t:40API Call: android.net.NetworkInfo.isConnected
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->a:22API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->a:23API Call: android.net.NetworkInfo.isConnected
Source: com.onesignal.OSUtils;->e:202API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.exoplayer2.scheduler.Requirements;->d:31API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.exoplayer2.scheduler.Requirements;->d:32API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.exoplayer2.util.Util;->b:146API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.exoplayer2.util.Util;->b:147API Call: android.net.NetworkInfo.isConnected
Opens an internet connectionShow sources
Source: com.google.android.gms.internal.ads.zzafn;->a:175API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.internal.ads.zzanf;->a:10API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.internal.ads.zzaqn;->a:111API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.internal.ads.zzaqx;->b:116API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.internal.ads.zzas;->b:48API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.internal.ads.zzasj;->e:29API Call: java.net.URL.openConnection (not executed)
Source: com.bumptech.glide.load.data.HttpUrlFetcher$DefaultHttpUrlConnectionFactory;->a:2API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.ads.internal.gmsg.HttpClient;->zza:3API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.ads.identifier.zza;->run:16API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzej;->a:12API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzhl;->a:12API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzjt;->connect:9API Call: javax.net.ssl.SSLSocket.connect (not executed)
Source: com.google.android.gms.measurement.internal.zzjt;->connect:11API Call: javax.net.ssl.SSLSocket.connect (not executed)
Source: com.onesignal.GenerateNotification;->c:578API Call: java.net.URL.openConnection (not executed)
Source: com.onesignal.OneSignalRestClient;->a:16API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.exoplayer2.upstream.DefaultHttpDataSource;->a:57API Call: java.net.URL.openConnection (not executed)
Performs DNS lookups (Java API)Show sources
Source: com.google.gson.internal.bind.TypeAdapters$23;->a:7API Call: java.net.InetAddress.getByName (not executed)
Source: com.google.android.exoplayer2.upstream.UdpDataSource;->a:12API Call: java.net.InetAddress.getByName (not executed)
Connects to IPs without corresponding DNS lookupsShow sources
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Source: unknownTCP traffic detected without corresponding DNS query: 173.194.76.188
Monitors network connection stateShow sources
Source: com.google.android.exoplayer2.scheduler.RequirementsWatcher;->a:52API Call: android.content.IntentFilter.addAction android.net.conn.CONNECTIVITY_CHANGE
Urls found in memory or binary dataShow sources
Source: LICENSEString found in binary or memory: http://casper.beckman.uiuc.edu/~c-tsai4
Source: LICENSEString found in binary or memory: http://code.google.com/p/lao-dictionary
Source: LICENSEString found in binary or memory: http://drifty.com/)
Source: CupertinoIcons.ttfString found in binary or memory: http://fontforge.sf.net)
Source: CupertinoIcons.ttfString found in binary or memory: http://fontforge.sf.net)Created
Source: CupertinoIcons.ttfString found in binary or memory: http://fontforge.sf.net)CupertinoIconsCupertinoIconsMediumMediumFontForge
Source: LICENSEString found in binary or memory: http://git.chromium.org/gitweb/?p=webm/libwebp.git
Source: LICENSEString found in binary or memory: http://lao-dictionary.googlecode.com/git/Lao-Dictionary-LICENSE.txt
Source: LICENSEString found in binary or memory: http://lao-dictionary.googlecode.com/git/Lao-Dictionary.txt
Source: LICENSEString found in binary or memory: http://llvm.org
Source: LICENSEString found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: LICENSEString found in binary or memory: http://opensource.org/licenses/bsd-license.php
Source: LICENSEString found in binary or memory: http://result42.com
Source: avd_show_password.xmlString found in binary or memory: http://schemas.android.com/aapt
Source: detail_item.xml, abc_tint_seek_thumb.xml, design_appbar_state_list_animator.xmlString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: abc_screen_simple.xml, detail_item.xml, abc_edit_text_material.xml, avd_show_password.xml, mtrl_fab_transformation_sheet_expand_spec.xml, abc_tint_seek_thumb.xml, abc_btn_colored_material.xml, thumb_item.xml, abc_ic_arrow_drop_right_black_24dp.xml, drawable_detail_gradient.xml, abc_alert_dialog_button_bar_material.xml, design_layout_snackbar.xml, common_google_signin_btn_text_dark_normal.xml, design_snackbar_in.xml, design_appbar_state_list_animator.xml, design_navigation_item.xml, design_text_input_password_icon.xml, androidString found in binary or memory: http://schemas.android.com/apk/res/android
Source: LICENSEString found in binary or memory: http://source.icu-project.org/repos/icu/
Source: LICENSEString found in binary or memory: http://svn.apache.org/repos/asf/xmlgraphics/batik/trunk
Source: LICENSEString found in binary or memory: http://www.OpenSSL.org/)
Source: LICENSEString found in binary or memory: http://www.apache.org/licenses
Source: LICENSEString found in binary or memory: http://www.apache.org/licenses/
Source: LICENSEString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: LICENSEString found in binary or memory: http://www.ecma-international.org/publications/techreports/E-TR-098.htm.
Source: LICENSEString found in binary or memory: http://www.faqs.org/faqs/jpeg-faq
Source: androidString found in binary or memory: http://www.google.com
Source: libapp.soString found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd
Source: libapp.soString found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd8
Source: LICENSEString found in binary or memory: http://www.ijg.org/files/.
Source: LICENSEString found in binary or memory: http://www.ijg.org/files/Wallace.JPEG.pdf.
Source: LICENSEString found in binary or memory: http://www.ijg.org/files/jfif.ps.gz.
Source: LICENSEString found in binary or memory: http://www.ijg.org/files/jfif.txt.gz
Source: LICENSEString found in binary or memory: http://www.jcraft.com/jzlib/
Source: LICENSEString found in binary or memory: http://www.limbicsoftware.com/quickpvr.html
Source: LICENSEString found in binary or memory: http://www.opensource.org/licenses/bsd-license.php)
Source: LICENSEString found in binary or memory: http://www.openssl.org/)
Source: LICENSEString found in binary or memory: http://www.unicode.org/Public/
Source: LICENSEString found in binary or memory: http://www.unicode.org/Public/.
Source: LICENSEString found in binary or memory: http://www.unicode.org/cldr/data/
Source: libflutter.soString found in binary or memory: http://www.unicode.org/copyright.html
Source: LICENSEString found in binary or memory: http://www.unicode.org/copyright.html.
Source: LICENSEString found in binary or memory: http://www.unicode.org/reports/
Source: LICENSEString found in binary or memory: http://www.unicode.org/utility/trac/browser/.
Source: LICENSEString found in binary or memory: http://www.winimage.com/zLibDll/minizip.html
Source: libflutter.soString found in binary or memory: https://android.googlesource.com/toolchain/clang
Source: libflutter.soString found in binary or memory: https://android.googlesource.com/toolchain/llvm
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/activity/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/activity/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addAudioPost
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addAudioPost8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addImagePost
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addImagePost8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewChat
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewChat8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewLink
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewLink8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewQuote
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addNewQuote8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addTextPost
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addTextPost8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addVideoPosttwo
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/addVideoPosttwo8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/ask/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/ask/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/block/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/block/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/blockChat/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/blockChat/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/blog/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeBlog/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeBlog/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeEndTime/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeEndTime/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeStartTime/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changeStartTime/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changelrfnotifications
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/changelrfnotifications8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/chatlist
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/chatlist8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/checkLogin
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/checkLogin8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePost/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePost/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePostDraft/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePostDraft/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePostQueue/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deletePostQueue/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deleteThread/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/deleteThread/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/draft/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/draft/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/editPostDraft/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/editPostDraft/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/editPostQueue/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/editPostQueue/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/follow/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/follow/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/followers/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/followers/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/following/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/following/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/frontpage/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/frontpage/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/getUrls
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/getUrls8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/getblogs
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/getblogs8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/like/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/likes/0/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/likes/0/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/lrfnotifications
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/lrfnotifications8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/messages/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/messages/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newThread/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newThread/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newcomment/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newcomment/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newimage
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newimage8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newmessage/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/newmessage/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notes/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notes/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notesAll/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notesAll/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notifications
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/notifications8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/plid
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/plid8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/publishPost/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/publishPost/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/publishPostDraft/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/publishPostDraft/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/queue/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/queue/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/reblog/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/reblog/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/reportPost/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/reportPost/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/search/0/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/search/0/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/searchBlogs/0/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/searchBlogs/0/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/singlepost/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/singlepost/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/timeChange/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/timeChange/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/unfollow/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/unfollow/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/unlike/
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/unlike/8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/user/login
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/user/login8
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/api/user/register
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/logout
Source: libapp.soString found in binary or memory: https://api.bdsmlr.com/logout8
Source: libapp.soString found in binary or memory: https://api.flutter.dev/flutter/material/Scaffold/of.html
Source: libapp.soString found in binary or memory: https://api.flutter.dev/flutter/material/Scaffold/of.html8
Source: androidString found in binary or memory: https://api.onesignal.com/
Source: androidString found in binary or memory: https://app-measurement.com/a
Source: libapp.soString found in binary or memory: https://bdsmlr.com/
Source: libapp.soString found in binary or memory: https://bdsmlr.com/8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad12.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad12.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad14.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad3.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad3.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad7.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad7.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad8.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad8.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad9.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/bdsmlrad9.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/ga.html
Source: libapp.soString found in binary or memory: https://bdsmlr.com/va/ads/ga.html8
Source: libapp.soString found in binary or memory: https://bdsmlr.com:8443
Source: libapp.soString found in binary or memory: https://bdsmlr.com:84438
Source: androidString found in binary or memory: https://bdsmlr.firebaseio.com
Source: LICENSEString found in binary or memory: https://bitbucket.org/jthlim/pvrtccompressor
Source: libapp.soString found in binary or memory: https://cdn02.bdsmlr.com/
Source: libapp.soString found in binary or memory: https://cdn02.bdsmlr.com/8
Source: libapp.soString found in binary or memory: https://cdn07.bdsmlr.com
Source: androidString found in binary or memory: https://csi.gstatic.com/csi
Source: libapp.soString found in binary or memory: https://flutter.dev/go/remove-fab-accent-theme-dependency.
Source: fa-regular-400.ttfString found in binary or memory: https://fontawesome.com
Source: fa-regular-400.ttf, fa-solid-900.ttfString found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont
Source: LICENSEString found in binary or memory: https://github.com/Sh1d0w)
Source: libflutter.soString found in binary or memory: https://github.com/dart-lang/sdk/blob/master/runtime/docs/compiler/aot/entry_point_pragma.md
Source: androidString found in binary or memory: https://github.com/flutter/flutter/issues/2897).It
Source: androidString found in binary or memory: https://github.com/flutter/flutter/wiki/Upgrading-pre-1.12-Android-projects
Source: LICENSEString found in binary or memory: https://github.com/imaya/zlib.js
Source: LICENSEString found in binary or memory: https://github.com/mit-plv/fiat-crypto/blob/master/AUTHORS).
Source: LICENSEString found in binary or memory: https://github.com/notmasteryet/jpgjs
Source: libapp.soString found in binary or memory: https://github.com/rrousselGit/provider/issues
Source: libapp.soString found in binary or memory: https://github.com/tekartik/sqflite_common/blob/master/sqflite_common/doc/supported_types.md
Source: androidString found in binary or memory: https://goo.gl/J1sWQy
Source: androidString found in binary or memory: https://goo.gl/NAOOOI
Source: androidString found in binary or memory: https://goo.gl/NAOOOI.
Source: androidString found in binary or memory: https://google.com/search?
Source: androidString found in binary or memory: https://google.github.io/ExoPlayer/faqs.html#what-do-player-is-accessed-on-the-wrong-thread-warnings
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_banner.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_expanded_banner.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_interstitial.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/native_ads.html
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/production/native_ads.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/production/sdk-core-v40-impl.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/sdk-core-v40.html
Source: androidString found in binary or memory: https://imasdk.googleapis.com/admob/sdkloader/native_video.html
Source: libapp.soString found in binary or memory: https://img.bdsmlr.com/timthumb.php?src=/assets/images/default_avatar.png&w=50&h=50
Source: libapp.soString found in binary or memory: https://img.bdsmlr.com/timthumb.php?src=/assets/images/default_avatar.png&w=50&h=508
Source: LICENSEString found in binary or memory: https://mozilla.org/MPL/2.0/.
Source: androidString found in binary or memory: https://onesignal.com/android_frame.html
Source: androidString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204
Source: androidString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Source: androidString found in binary or memory: https://plus.google.com/
Source: LICENSEString found in binary or memory: https://ratel.com.tr)
Source: androidString found in binary or memory: https://support.google.com/dfp_premium/answer/7160685#push
Source: LICENSEString found in binary or memory: https://www.freetype.org
Source: androidString found in binary or memory: https://www.google.com
Source: androidString found in binary or memory: https://www.google.com/dfp/debugSignals
Source: androidString found in binary or memory: https://www.google.com/dfp/inAppPreview
Source: androidString found in binary or memory: https://www.google.com/dfp/linkDevice
Source: androidString found in binary or memory: https://www.google.com/dfp/sendDebugData
Source: androidString found in binary or memory: https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games_lite
Source: LICENSEString found in binary or memory: https://www.openssl.org/source/license.html
Source: LICENSEString found in binary or memory: https://www.unicode.org/copyright.html.
Uses HTTP for connecting to the internetShow sources
Source: com.bumptech.glide.load.data.HttpUrlFetcher;->a:48API Call: java.net.HttpURLConnection.connect
Source: com.google.android.gms.measurement.internal.zzen;->run:35API Call: java.net.HttpURLConnection.connect
Source: com.google.android.exoplayer2.upstream.DefaultHttpDataSource;->a:102API Call: java.net.HttpURLConnection.connect
Source: com.google.android.exoplayer2.upstream.DefaultHttpDataSource;->a:106API Call: java.net.HttpURLConnection.connect

Key, Mouse, Clipboard, Microphone and Screen Capturing:

barindex
Has permission to take photosShow sources
Source: submitted apkRequest permission: android.permission.CAMERA

E-Banking Fraud:

barindex
Has functionalty to add an overlay to other appsShow sources
Source: androidx.appcompat.app.AppCompatDelegateImpl;->a:63API Call: WindowManager.addView
Source: androidx.appcompat.widget.TooltipPopup;->a:86API Call: WindowManager.addView

Spam, unwanted Advertisements and Ransom Demands:

barindex
May dial phone numberShow sources
Source: com.google.android.gms.internal.ads.zzmw;->a:13API Call: android.net.Uri.parse("tel:")
May use Google Cloud Messaging (GCM) or Google's Cloud to Device Messaging (C2DM) servicesShow sources
Source: submitted apkRequest permission: com.bdsmlr.bdsmlr.permission.C2D_MESSAGE
Loads advertisementShow sources
Source: androidString found in binary or memory: .doubleclick.net
Source: androidString found in binary or memory: ad.doubleclick.net
Source: androidString found in binary or memory: googleads.g.doubleclick.net
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_banner.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_expanded_banner.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_interstitial.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/native_ads.html
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/production/native_ads.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/production/sdk-core-v40-impl.js
Source: androidString found in binary or memory: https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/sdk-core-v40.html

Operating System Destruction:

barindex
Lists and deletes files in the same contextShow sources
Source: com.mr.flutter.plugin.filepicker.FileUtils;->a:102API Calls in same method context: File.listFiles,File.delete
Source: com.bumptech.glide.disklrucache.Util;->a:10API Calls in same method context: File.listFiles,File.delete
Source: com.google.android.exoplayer2.upstream.cache.SimpleCache;->b:32API Calls in same method context: File.listFiles,File.delete
Source: com.google.firebase.iid.zzx;->a:116API Calls in same method context: File.listFiles,File.delete
Source: androidx.multidex.MultiDexExtractor;->a:148API Calls in same method context: File.listFiles,File.delete
Source: androidx.multidex.MultiDex;->b:267API Calls in same method context: File.listFiles,File.delete
Source: com.google.android.gms.internal.ads.zzam;->f:189API Calls in same method context: File.listFiles,File.delete
Source: io.flutter.embedding.engine.loader.ResourceCleaner$CleanTask;->deleteRecursively:5API Calls in same method context: File.listFiles,File.delete
Source: com.google.android.gms.internal.ads.zzaqn;->a:323API Calls in same method context: File.listFiles,File.delete

Change of System Appearance:

barindex
May access the Android keyguard (lock screen)Show sources
Source: androidString found in binary or memory: keyguard
Source: androidString found in binary or memory: is_keyguard_locked
Acquires a wake lockShow sources
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->a:24API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->b:28API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.legacy.content.WakefulBroadcastReceiver;->b:32API Call: android.os.PowerManager$WakeLock.acquire
Source: com.google.firebase.iid.zzaz;->run:56API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->enqueueWork:29API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->serviceProcessingFinished:31API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->serviceProcessingStarted:35API Call: android.os.PowerManager$WakeLock.acquire

System Summary:

barindex
APK is signed by a suspicious certificateShow sources
Source: APK CertificateAPK Parser: CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown
Executes native commandsShow sources
Source: com.onesignal.shortcutbadger.impl.OPPOHomeBader;->b:43API Call: java.lang.Runtime.exec
Requests potentially dangerous permissionsShow sources
Source: submitted apkRequest permission: android.permission.CAMERA
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Source: submitted apkRequest permission: android.permission.WRITE_EXTERNAL_STORAGE
Classification labelShow sources
Source: classification engineClassification label: mal48.spyw.evad.andAPK@0/253@0/0
Creates SQLiteDatabase tableShow sources
Source: com.onesignal.OneSignalDbHelper;->b:60API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.onesignal.OneSignalDbHelper;->onCreate:122API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.ko2ic.imagedownloader.ImageDownloaderPlugin$TemporaryDatabase;->onCreate:15API Call: android.database.sqlite.SQLiteDatabase.execSQL
Loads native librariesShow sources
Source: io.flutter.embedding.engine.loader.FlutterLoader;->startInitialization:168API Call: java.lang.System.loadLibrary ("flutter")
Reads shares settingsShow sources
Source: com.google.firebase.auth.internal.zzav;->a:108API Call: "com.google.firebase.auth.FIREBASE_USER": null
Source: com.google.firebase.auth.internal.zzas;->a:59API Call: "firebaseAppName":
Source: com.google.firebase.iid.zzax;->a:60API Call: "|T|503627228143|*": null
Source: com.google.firebase.iid.zzx;->a:60API Call: "|S||P|": null
Source: com.google.firebase.iid.zzx;->a:63API Call: "|S||K|": null
Source: com.google.android.gms.internal.ads.zzake;->d:21API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.ads.zzake;->d:29API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.ads.zzake;->d:37API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zzake;->d:45API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.ads.zzake;->d:53API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.ads.zzake;->d:61API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zzake;->d:77API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zzake;->d:124API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zzamo;->call:7API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zzamp;->call:15API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zznb;->a:5API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.ads.zznf;->a:4API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.ads.zztw;->a:249API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.ads.identifier.zzb;->a:16API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.ads.identifier.zzb;->a:22API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.iid.FirebaseInstanceId$zza;->b:16API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.iid.zzax;->a:65API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzx;->b:152API Call: android.content.SharedPreferences.getString
Source: io.flutter.plugins.imagepicker.ImagePickerCache;->getCacheMap:17API Call: android.content.SharedPreferences.getString
Source: io.flutter.plugins.imagepicker.ImagePickerCache;->getCacheMap:27API Call: android.content.SharedPreferences.getString
Source: io.flutter.plugins.imagepicker.ImagePickerCache;->getCacheMap:37API Call: android.content.SharedPreferences.getString
Source: io.flutter.plugins.imagepicker.ImagePickerCache;->getCacheMap:47API Call: android.content.SharedPreferences.getString
Source: io.flutter.plugins.imagepicker.ImagePickerCache;->retrievePendingCameraMediaUriPath:72API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.auth.api.signin.internal.Storage;->b:35API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeq;->a:12API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzes;->a:47API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeo;->c:118API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzev;->a:6API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeo;->s:141API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzeo;->t:156API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeo;->u:160API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeo;->v:167API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzeo;->x:199API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzeo;->y:204API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeo;->z:218API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.auth.internal.zzas;->a:67API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.internal.zzas;->a:72API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.internal.zzas;->a:74API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.internal.zzas;->a:77API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.internal.zzas;->a:110API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.internal.zzav;->b:145API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.internal.DataCollectionConfigStorage;->b:18API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.measurement.zzz;->i:102API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.measurement.zzz;->i:105API Call: android.content.SharedPreferences.getBoolean
Source: com.onesignal.OneSignalPrefs;->a:20API Call: android.content.SharedPreferences.getString
Source: com.onesignal.OneSignalPrefs;->a:23API Call: android.content.SharedPreferences.getBoolean
Registers a Sensor listener (to get data about accelerometer, gyrometer etc.)Show sources
Source: com.google.android.gms.internal.ads.zzapr;->a:21API Call: android.hardware.SensorManager.registerListener

Data Obfuscation:

barindex
Obfuscates method namesShow sources
Source: bdsmlr-3-512.apkTotal valid method names: 20%
Uses reflectionShow sources
Source: com.google.firebase.auth.api.internal.zzan;->a:6API Call: Real call: public static java.lang.String android.os.SystemProperties.get(java.lang.String)
Source: androidx.activity.ImmLeaksCleaner;->a:20API Call: java.lang.reflect.Field.get
Source: androidx.activity.ImmLeaksCleaner;->a:22API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.ads.zzaiy;->a:27API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->a:37API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->a:61API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->b:71API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->c:204API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->j:268API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzaiy;->j:273API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzamu;->h:215API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzamu;->h:219API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzazr;->a:28API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.ads.zzbba;->a:5API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzbbo;->a:76API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzbcj;->a:13API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzbel;->run:4API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.ads.zzbfj;->a:45API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.ads.zzbfj;->a:64API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzbfj;->a:72API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzcg;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzcg;->a:118API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzcg;->b:376API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzde;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdl;->a:11API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdm;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdn;->a:11API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdo;->a:48API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdp;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdq;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdr;->a:3API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzds;->a:22API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdu;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdv;->a:8API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdw;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdx;->a:6API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdy;->a:10API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzdz;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzea;->a:4API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzeb;->a:4API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzec;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzed;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzee;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.ads.zzef;->a:9API Call: java.lang.reflect.Method.invoke
Source: io.flutter.embedding.android.FlutterActivity;->registerPlugins:33API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator$3;->run:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator$3;->run:13API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator;->a:20API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->a:22API Call: java.lang.reflect.Field.get
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->a:10API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->a:22API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.NotificationCompatJellybean;->a:34API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->a:67API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->a:71API Call: java.lang.reflect.Method.invoke
Source: androidx.legacy.app.ActionBarDrawerToggle;->b:16API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ActionBarDrawerToggleHoneycomb;->a:7API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.AppCompatViewInflater$DeclaredOnClickListener;->onClick:43API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ResourcesFlusher;->a:19API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->b:32API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->c:45API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->d:58API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->d:71API Call: java.lang.reflect.Field.get
Source: com.google.android.exoplayer2.audio.AudioTrackPositionTracker;->g:36API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1;->a:7API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1;->a:16API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->a:15API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->a:23API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->a:24API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->e:52API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->a:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->b:53API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.dynamic.ObjectWrapper;->z:10API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->a:27API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->a:30API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->a:74API Call: java.lang.reflect.Field.get
Source: io.flutter.embedding.engine.FlutterEngine;->registerPlugins:62API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.firebase_auth.zzie;->a:19API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.firebase_auth.zzjc;->a:13API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.firebase_auth.zzlf;->run:4API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.firebase_messaging.zzn;->a:28API Call: java.lang.reflect.Field.get
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->a:7API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->a:22API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->a:38API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->a:32API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi28Impl;->a:9API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->a:25API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->a:31API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->b:34API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatBaseImpl;->a:6API Call: java.lang.reflect.Field.get
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->c:43API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->a:103API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.shortcutbadger.impl.OPPOHomeBader;->a:6API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:24API Call: java.lang.reflect.Field.get
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:30API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzdy;->G:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzdy;->G:12API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzgp;->a:82API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzs;->v:212API Call: java.lang.reflect.Method.invoke
Source: com.google.android.material.internal.DrawableUtils;->b:11API Call: java.lang.reflect.Method.invoke
Source: com.google.firebase.auth.api.internal.zzfl;->a:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$1;->b:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$2;->b:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$3;->b:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator;->a:7API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.UnsafeAllocator;->a:14API Call: java.lang.reflect.Method.invoke
Source: androidx.webkit.internal.WebViewGlueCommunicator;->e:21API Call: java.lang.reflect.Method.invoke
Source: androidx.webkit.internal.WebViewGlueCommunicator;->f:25API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.DebugMetadataKt;->c:40API Call: java.lang.reflect.Field.get
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->a:27API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->a:29API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->a:31API Call: java.lang.reflect.Method.invoke
Source: kotlin.internal.PlatformImplementations;->a:8API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->a:5API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->a:7API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->a:9API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.AppMeasurement;->b:23API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzej;->a:8API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzex;->a:49API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzey;->a:56API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzfv;->a:13API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzhx;->run:4API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.measurement.zzi;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzi;->c:38API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zziv;->a:48API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.measurement.zziv;->a:67API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zziv;->a:75API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzz;->b:67API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.view.menu.MenuItemWrapperICS;->a:13API Call: java.lang.reflect.Method.invoke
Source: androidx.multidex.MultiDex$V14;->a:20API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->a:4API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V4;->a:5API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->a:19API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->a:33API Call: java.lang.reflect.Method.invoke
Source: androidx.multidex.MultiDex;->b:285API Call: java.lang.reflect.Field.get
Source: com.onesignal.GoogleApiClientCompatProxy;->a:7API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.GoogleApiClientCompatProxy;->b:13API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.GenerateNotification;->a:173API Call: java.lang.reflect.Field.get
Source: com.onesignal.GenerateNotification;->a:179API Call: java.lang.reflect.Field.get
Source: com.onesignal.GenerateNotification;->a:183API Call: java.lang.reflect.Field.get
Source: com.onesignal.GenerateNotification;->a:187API Call: java.lang.reflect.Field.get
Source: com.onesignal.OSObservable$1;->run:5API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.OSObservable;->c:20API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackFirebaseAnalytics;->a:5API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackAmazonPurchase;-><init>:6API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackAmazonPurchase;-><init>:15API Call: java.lang.reflect.Field.get
Source: com.onesignal.TrackAmazonPurchase;->a:31API Call: java.lang.reflect.Field.get
Source: com.onesignal.TrackGooglePurchase$1;->onServiceConnected:7API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackGooglePurchase$2;->run:22API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackFirebaseAnalytics;->a:60API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackFirebaseAnalytics;->b:89API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackGooglePurchase;->a:37API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.TrackFirebaseAnalytics;->b:113API Call: java.lang.reflect.Method.invoke
Source: io.flutter.plugin.platform.SingleViewPresentation$WindowManagerHandler;->invoke:41API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->c:12API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->b:30API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->b:40API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.server.response.FastJsonResponse;->a:34API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.security.ProviderInstaller;->a:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->a:17API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->a:26API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->b:38API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.GhostViewApi21;->a:4API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.GhostViewApi21;->a:19API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ImageViewUtils;->a:22API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewGroupUtilsApi14;->a:10API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewGroupUtilsApi18;->a:13API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi19;->a:20API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi19;->b:26API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi22;->a:19API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi21;->a:25API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi21;->b:30API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsApi21;->c:35API Call: java.lang.reflect.Method.invoke
Source: com.google.android.exoplayer2.upstream.DefaultHttpDataSource;->a:134API Call: java.lang.reflect.Method.invoke
Source: org.chromium.support_lib_boundary.util.BoundaryInterfaceReflectionUtil$InvocationHandlerWithDelegateGetter;->invoke:6API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->a:53API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->a:75API Call: java.lang.reflect.Method.invoke
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getChildId:45API Call: java.lang.reflect.Method.invoke
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getChildId:52API Call: java.lang.reflect.Field.get
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getChildId:54API Call: java.lang.reflect.Method.invoke
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getParentNodeId:62API Call: java.lang.reflect.Method.invoke
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getRecordSourceNodeId:71API Call: java.lang.reflect.Method.invoke
Source: io.flutter.view.AccessibilityViewEmbedder$ReflectionAccessors;->getSourceNodeId:77API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.KeyEventDispatcher;->a:7API Call: java.lang.reflect.Field.get
Source: androidx.core.view.KeyEventDispatcher;->a:12API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->I:27API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewConfigurationCompat;->d:21API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->m:227API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->n:235API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.view.SupportMenuInflater$InflatedOnMenuItemClickListener;->onMenuItemClick:21API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.view.SupportMenuInflater$InflatedOnMenuItemClickListener;->onMenuItemClick:25API Call: java.lang.reflect.Method.invoke
Source: io.flutter.plugins.webviewflutter.DisplayListenerProxy;->yoinkDisplayListeners:6API Call: java.lang.reflect.Field.get
Source: io.flutter.plugins.webviewflutter.DisplayListenerProxy;->yoinkDisplayListeners:11API Call: java.lang.reflect.Field.get
Source: io.flutter.plugins.webviewflutter.DisplayListenerProxy;->yoinkDisplayListeners:20API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.CompoundButtonCompat;->a:11API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.PopupWindowCompat;->a:10API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.TextViewCompat$OreoCallback;->a:48API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.AppCompatTextViewAutoSizeHelper;->a:61API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.AppCompatTextViewAutoSizeHelper;->a:99API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.DrawableUtils;->c:30API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->a:41API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->c:51API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->show:231API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.MenuPopupWindow;->c:21API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->a:16API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->a:19API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->b:21API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ViewUtils;->a:12API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ViewUtils;->b:22API Call: java.lang.reflect.Method.invoke
Source: androidx.slidingpanelayout.widget.SlidingPaneLayout;->d:96API Call: java.lang.reflect.Method.invoke

Boot Survival:

barindex
Has permission to execute code after phone rebootShow sources
Source: submitted apkRequest permission: android.permission.RECEIVE_BOOT_COMPLETED
Installs a new wake lock (to get activate on phone screen on)Show sources
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:20API Call: android.os.PowerManager.newWakeLock
Source: androidx.legacy.content.WakefulBroadcastReceiver;->b:30API Call: android.os.PowerManager.newWakeLock
Source: com.google.firebase.iid.zzaz;-><init>:6API Call: android.os.PowerManager.newWakeLock
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;-><init>:20API Call: android.os.PowerManager.newWakeLock

Hooking and other Techniques for Hiding and Protection:

barindex
Aborts a broadcast event (this is often done to hide phone events such as incoming SMS)Show sources
Source: com.onesignal.GcmBroadcastReceiver;->b:26API Call: android.content.BroadcastReceiver.abortBroadcast
Queries list of running processes/tasksShow sources
Source: com.google.android.gms.internal.ads.zzakk;->g:472API Call: android.app.ActivityManager.getRunningAppProcesses
Source: com.google.android.gms.internal.ads.zzakk;->l:508API Call: android.app.ActivityManager.getRunningTasks
Source: com.google.android.gms.internal.ads.zzgk;->e:75API Call: android.app.ActivityManager.getRunningAppProcesses
Source: com.google.android.gms.ads.internal.gmsg.zzae;->a:82API Call: android.app.ActivityManager.getRunningAppProcesses
Uses Crypto APIsShow sources
Source: com.google.firebase.iid.zzam;->a:27API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.iid.FirebaseInstanceId;->m:78API Call: java.security.MessageDigest.digest
Source: com.google.firebase.iid.FirebaseInstanceId;->m:78API Call: java.security.MessageDigest.digest
Source: com.google.firebase.iid.FirebaseInstanceId;->m:78API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.internal.ads.zzamu;->a:21API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzamu;->a:23API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzamu;->a:26API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.internal.ads.zzamu;->c:187API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzamu;->c:188API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzamu;->c:189API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzamu;->c:190API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.internal.ads.zzayh;->a:18API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzayh;->a:19API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayi;-><init>:7API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzayi;-><init>:9API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzayi;-><init>:10API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayi;->a:16API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayi;->a:17API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayi;->a:18API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayi;->a:28API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzayi;->a:30API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzayi;->a:34API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzayi;->a:37API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzayi;->a:38API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzayj;->a:11API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzayj;->a:13API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzaza;->a:2API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzaza;->a:3API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzazf;->a:2API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzazf;->a:3API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzbk;->a:44API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzbk;->a:46API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.internal.ads.zzbm;->run:4API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzck;->a:7API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.gms.internal.ads.zzck;->a:13API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzck;->a:15API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzck;->a:46API Call: javax.crypto.Cipher.init
Source: com.google.android.gms.internal.ads.zzck;->a:48API Call: javax.crypto.Cipher.doFinal
Source: com.google.android.gms.internal.ads.zzgq;->a:7API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.internal.ads.zzgv;->a:18API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzgv;->a:20API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.internal.ads.zzgz;->a:11API Call: java.security.MessageDigest.update
Source: com.google.android.gms.internal.ads.zzgz;->a:13API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.resource.bitmap.CenterCrop;->a:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.CenterInside;->a:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.CircleCrop;->a:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.FitCenter;->a:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.Rotate;->a:6API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.Rotate;->a:10API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.RoundedCorners;->a:6API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.RoundedCorners;->a:10API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$1;->a:3API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$1;->a:11API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$2;->a:3API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$2;->a:11API Call: java.security.MessageDigest.update
Source: com.google.android.exoplayer2.upstream.cache.CachedContentIndex;->e:22API Call: javax.crypto.Cipher.init
Source: com.google.android.exoplayer2.upstream.cache.CachedContentIndex;->f:58API Call: javax.crypto.Cipher.init
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator$1;->a:3API Call: java.security.MessageDigest.getInstance
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator;->b:11API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.common.zzm;->a:12API Call: java.security.MessageDigest.digest
Source: com.google.android.exoplayer2.upstream.crypto.AesFlushingCipher;-><init>:3API Call: javax.crypto.Cipher.getInstance
Source: com.google.android.exoplayer2.upstream.crypto.AesFlushingCipher;-><init>:14API Call: javax.crypto.Cipher.init
Source: com.bumptech.glide.load.engine.ResourceCacheKey;->a:23API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.ResourceCacheKey;->a:29API Call: java.security.MessageDigest.update
Source: com.google.android.exoplayer2.source.hls.Aes128DataSource;->a:8API Call: javax.crypto.Cipher.init
Source: com.google.android.exoplayer2.source.hls.Aes128DataSource;->b:20API Call: javax.crypto.Cipher.getInstance
Source: com.google.firebase.iid.zzam;->a:28API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzeo;->b:95API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzjo;->a:231API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzjs;->t:231API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.measurement.internal.zzjs;->a:253API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.model.GlideUrl;->a:35API Call: java.security.MessageDigest.update
Source: com.onesignal.OSUtils;->a:15API Call: java.security.MessageDigest.getInstance
Source: com.onesignal.OSUtils;->a:18API Call: java.security.MessageDigest.update
Source: com.onesignal.OSUtils;->a:19API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.signature.MediaStoreSignature;->a:5API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.MediaStoreSignature;->a:9API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.ObjectKey;->a:7API Call: java.security.MessageDigest.update
Source: com.google.android.gms.common.util.AndroidUtilsLight;->a:2API Call: java.security.MessageDigest.getInstance

Malware Analysis System Evasion:

barindex
Accesses android OS build fieldsShow sources
Source: com.google.android.gms.internal.ads.zzadb;->a:32Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.internal.ads.zzadb;->a:38Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.internal.ads.zzadb;->a:39Field Access: android.os.Build.MODEL
Source: com.google.android.gms.internal.ads.zzagb;-><init>:25Field Access: android.os.Build.FINGERPRINT
Source: com.google.android.gms.internal.ads.zzagb;-><init>:26Field Access: android.os.Build.DEVICE
Source: com.google.android.gms.internal.ads.zzafs;->a:553Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.internal.ads.zzafs;->a:556Field Access: android.os.Build.MODEL
Source: com.google.android.gms.internal.ads.zzakk;->b:321Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.internal.ads.zzakk;->b:322Field Access: android.os.Build.MODEL
Source: com.google.android.gms.internal.ads.zzakk;->d:420Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.internal.ads.zzakk;->d:423Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.internal.ads.zzakk;->d:429Field Access: android.os.Build.DEVICE
Source: com.google.android.gms.internal.ads.zzakk;->d:432Field Access: android.os.Build.DEVICE
Source: com.google.android.gms.internal.ads.zzakk;->d:434Field Access: android.os.Build.DISPLAY
Source: com.google.android.gms.internal.ads.zzakk;->d:437Field Access: android.os.Build.DISPLAY
Source: com.google.android.gms.internal.ads.zzamu;->a:98Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.internal.ads.zzamu;->a:149Field Access: android.os.Build.DEVICE
Source: com.google.android.gms.internal.ads.zzcz;->a:99Field Access: android.os.Build$VERSION.SDK
Source: com.google.android.gms.internal.ads.zzcz;->b:165Field Access: android.os.Build$VERSION.SDK
Source: com.google.android.gms.internal.ads.zznm;-><init>:16Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.internal.ads.zznm;-><init>:20Field Access: android.os.Build$VERSION.SDK
Source: com.example.awsome_video_player.AwsomeVideoPlayerPlugin;->onMethodCall:25Field Access: android.os.Build$VERSION.RELEASE
Source: com.bumptech.glide.load.resource.bitmap.TransformationUtils;-><clinit>:35Field Access: android.os.Build.MODEL
Source: io.flutter.plugin.editing.InputConnectionAdaptor;->isSamsung:27Field Access: android.os.Build.MANUFACTURER
Source: io.flutter.plugin.editing.TextInputPlugin;->isRestartAlwaysRequired:51Field Access: android.os.Build.MANUFACTURER
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:74Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.measurement.internal.zzeo;->y:207Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzhp;->a:105Field Access: android.os.Build.MODEL
Source: com.google.android.gms.measurement.internal.zzhp;->a:109Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzgp;->K:701Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzjg;->b:1593Field Access: android.os.Build.MODEL
Source: com.google.android.gms.measurement.internal.zzjg;->b:1598Field Access: android.os.Build$VERSION.RELEASE
Source: io.flutter.embedding.engine.loader.ResourceExtractor;->getSupportedAbis:36Field Access: android.os.Build.CPU_ABI
Source: com.onesignal.OneSignal;->ma:1041Field Access: android.os.Build$VERSION.RELEASE
Source: com.onesignal.OneSignal;->ma:1058Field Access: android.os.Build.MODEL
Source: com.onesignal.shortcutbadger.ShortcutBadger;->a:70Field Access: android.os.Build.MANUFACTURER
Source: com.onesignal.shortcutbadger.ShortcutBadger;->a:74Field Access: android.os.Build.MANUFACTURER
Source: com.onesignal.shortcutbadger.ShortcutBadger;->a:78Field Access: android.os.Build.MANUFACTURER
Source: com.tekartik.sqflite.SqflitePlugin;->onMethodCall:666Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.exoplayer2.util.Util;-><clinit>:1Field Access: android.os.Build.DEVICE
Source: com.google.android.exoplayer2.util.Util;-><clinit>:2Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.exoplayer2.util.Util;-><clinit>:3Field Access: android.os.Build.MODEL
Source: com.google.android.gms.common.util.DeviceProperties;->a:3Field Access: android.os.Build.TYPE
Checks CPU detailsShow sources
Source: Lcom/bumptech/glide/load/engine/executor/RuntimeCompat;->b()IMethod string: "/sys/devices/system/cpu/"
Queries several sensitive phone informationsShow sources
Source: Lcom/onesignal/OSInAppMessageController$1;-><init>()VMethod string: "android"
Source: Lio/flutter/embedding/engine/systemchannels/SystemChannel;->sendMemoryPressureWarning()VMethod string: "type"
Source: Lcom/onesignal/OSUtils;->b()Ljava/lang/String;Method string: "phone"
Source: Lcom/onesignal/flutter/OneSignalPlugin;->b(Lio/flutter/plugin/common/MethodCall;Lio/flutter/plugin/common/MethodChannel$Result;)VMethod string: "appid"
Source: Lcom/javih/multimediapicker/ExifDataCopier;->a(Ljava/lang/String;Ljava/lang/String;)VMethod string: "model"
Source: Lcom/onesignal/OneSignal;->ma()VMethod string: "sdk"
Source: Lcom/onesignal/OSSessionManager;->c()Lorg/json/JSONArray;Method string: "time"
Source: Landroidx/localbroadcastmanager/content/LocalBroadcastManager;->a(Landroid/content/Intent;)ZMethod string: "category"
Queries the unique operating system id (ANDROID_ID)Show sources
Source: com.google.android.gms.internal.ads.zzamu;->a:16API Call: android.provider.Settings$Secure.getString
Source: com.google.android.gms.internal.ads.zzamu;->b:161API Call: android.provider.Settings$Secure.getString
Source: com.google.android.gms.measurement.internal.zzjg;->b:1572API Call: android.provider.Settings$Secure.getString

HIPS / PFW / Operating System Protection Evasion:

barindex
Uses the DexClassLoader (often used for code injection)Show sources
Source: com.google.android.gms.internal.ads.zzcz;->a:52API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: com.google.android.gms.internal.ads.zzeg;->b:19API Call: dalvik.system.DexClassLoader.loadClass (not executed)

Language, Device and Operating System Detection:

barindex
Checks if phone is rooted (checks for su binary)Show sources
Source: Lcom/onesignal/RootToolsInternalMethods;->a()ZMethod string: "/sbin/", "su" and API call "File.exists" in same context
Queries the network operator ISO country codeShow sources
Source: com.google.android.exoplayer2.util.Util;->a:58API Call: android.telephony.TelephonyManager.getNetworkCountryIso
Queries the network operator nameShow sources
Source: com.onesignal.OSUtils;->b:177API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Queries the network operator numeric MCC+MNC (mobile country code + mobile network code)Show sources
Source: com.google.android.gms.internal.ads.zzagb;->b:82API Call: android.telephony.TelephonyManager.getNetworkOperator

Stealing of Sensitive Information:

barindex
May take a camera pictureShow sources
Source: io.flutter.plugins.imagepicker.ImagePickerDelegate;->launchTakeImageWithCameraIntent:98API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Source: com.javih.multimediapicker.MultiMediaPickerDelegate;->h:149API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Source: com.sangcomz.fishbun.util.CameraUtil;->a:21API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Queries media storage location fieldShow sources
Source: com.sangcomz.fishbun.ui.album.AlbumController$LoadAlbumList;->a:9Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.sangcomz.fishbun.ui.album.AlbumController$LoadAlbumList;->a:33Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.mr.flutter.plugin.filepicker.FileUtils;->b:212Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.ko2ic.imagedownloader.ImageDownloaderPlugin$CallbackImpl;->a:27Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.ko2ic.imagedownloader.ImageDownloaderPlugin$CallbackImpl;->a:31Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.ko2ic.imagedownloader.ImageDownloaderPlugin;->b:52Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: io.flutter.plugins.imagepicker.FileUtils;->getPathFromLocalUri:45Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.javih.multimediapicker.FileUtils;->b:47Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.sangcomz.fishbun.ui.picker.PickerController;->a:17Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Source: com.sangcomz.fishbun.ui.picker.PickerController;->a:41Field access: android.provider.MediaStore$Images$Media.EXTERNAL_CONTENT_URI
Queries stored mail and application accounts (e.g. Gmail or Whatsup)Show sources
Source: com.google.android.gms.signin.internal.SignInClientImpl;->a:62API Call: android.accounts.Account.name
Reads pictures stored on the deviceShow sources
Source: com.sangcomz.fishbun.ui.album.AlbumController$LoadAlbumList;->a:11API Call: android.content.ContentResolver.query
Source: com.sangcomz.fishbun.ui.picker.PickerController;->a:21API Call: android.content.ContentResolver.query

Remote Access Functionality:

barindex
Found suspicious command strings (may be related to BOT commands)Show sources
Source: Landroidx/recyclerview/widget/RecyclerView$Recycler;->b(Landroidx/recyclerview/widget/RecyclerView$ViewHolder;)VMethod string: "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle."
Source: Landroidx/recyclerview/widget/GridLayoutManager;->b(Z)VMethod string: "gridlayoutmanager does not support stack from end. consider using reverse layout"
Source: Lcom/onesignal/OneSignal$AppEntryAction;-><clinit>()VMethod string: "app_open"
Source: Landroidx/recyclerview/widget/RecyclerView$Recycler;->b(Landroidx/recyclerview/widget/RecyclerView$ViewHolder;)VInstruction: "const-string v1, "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle.""
Source: Landroidx/recyclerview/widget/GridLayoutManager;->b(Z)VInstruction: "const-string v0, "gridlayoutmanager does not support stack from end. consider using reverse layout""
Source: Lcom/onesignal/OneSignal$AppEntryAction;-><clinit>()VInstruction: "const-string v1, "app_open""
Uses DownloadManager to fetch additional componentsShow sources
Source: com.google.android.gms.internal.ads.zzaaf;->onClick:14API Call: android.app.DownloadManager.enqueue
Source: com.ko2ic.imagedownloader.Downloader;->a:128API Call: android.app.DownloadManager.enqueue

Malware Configuration

No configs have been found

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
bdsmlr-3-512.apk0%VirustotalBrowse
bdsmlr-3-512.apk0%MetadefenderBrowse
bdsmlr-3-512.apk0%ReversingLabs

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://api.flutter.dev/flutter/material/Scaffold/of.html80%Avira URL Cloudsafe
http://www.ijg.org/files/Wallace.JPEG.pdf.0%Avira URL Cloudsafe
https://fontawesome.comhttps://fontawesome.comFont0%Avira URL Cloudsafe
http://www.ijg.org/files/jfif.txt.gz0%VirustotalBrowse
http://www.ijg.org/files/jfif.txt.gz0%Avira URL Cloudsafe
http://www.limbicsoftware.com/quickpvr.html0%Avira URL Cloudsafe
https://flutter.dev/go/remove-fab-accent-theme-dependency.0%Avira URL Cloudsafe
https://google.github.io/ExoPlayer/faqs.html#what-do-player-is-accessed-on-the-wrong-thread-warnings0%Avira URL Cloudsafe
http://lao-dictionary.googlecode.com/git/Lao-Dictionary-LICENSE.txt0%VirustotalBrowse
http://lao-dictionary.googlecode.com/git/Lao-Dictionary-LICENSE.txt0%Avira URL Cloudsafe
http://www.ijg.org/files/jfif.ps.gz.0%Avira URL Cloudsafe
https://app-measurement.com/a1%VirustotalBrowse
https://app-measurement.com/a0%Avira URL Cloudsafe

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Sigma Overview

No Sigma rule has matched

Joe Sandbox View / Context

IPs

MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
173.194.76.188app-debug.apkGet hashmaliciousBrowse
    app-debug.apkGet hashmaliciousBrowse
      app-debug.apkGet hashmaliciousBrowse
        com.sita.clean.macropinch.nova_232_apktada.com (1).apkGet hashmaliciousBrowse
          8k9ZcMp5b2Get hashmaliciousBrowse
            metroZONE_v58.6.6069.apkGet hashmaliciousBrowse
              ynhsumknjtd.hphsefyntauykl.hauqklysedjjnuksoGet hashmaliciousBrowse
                MyJio_android_25feb2020.apkGet hashmaliciousBrowse
                  9fDofZezkb.apkGet hashmaliciousBrowse
                    bdsmlr-3-4.apkGet hashmaliciousBrowse
                      #Ud654#Ub048#Ud1a1.apkGet hashmaliciousBrowse
                        SafeSecurityLiteBoosterCleanerAppLock_v1.5.9.3081_apkpure.com.apkGet hashmaliciousBrowse
                          #U5168#U6c11#U6f02#U79fb.apkGet hashmaliciousBrowse
                            awesomeapp.apkGet hashmaliciousBrowse
                              black-market.apkGet hashmaliciousBrowse
                                1M3QHB4Vc3Get hashmaliciousBrowse
                                  DRhktO0FYbGet hashmaliciousBrowse
                                    XHD6mbfCOv.apkGet hashmaliciousBrowse
                                      qTbvXqreEL.apkGet hashmaliciousBrowse
                                        Advanced Battery Saver_1apk.co_13.0.1.apkGet hashmaliciousBrowse

                                          Domains

                                          No context

                                          ASN

                                          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                          unknownFamily and Medical Leave of Act 22.04.docGet hashmaliciousBrowse
                                          • 10.0.0.0
                                          Family and Medical Leave of Act 22.04.docGet hashmaliciousBrowse
                                          • 10.0.0.0
                                          https://onedrive.live.com/redir?resid=269266D9B0D3235C%21104&authkey=%21AIle69G4psW_o7E&page=View&wd=target%28Untitled%20Section.one%7C41ff8c0f-109c-47f1-8e0d-842ecff31ceb%2FPROPOSAL%20DOCUMENTS%20SHARED%20WITH%20YOU%7Cee8c828b-40ba-44de-b141-387a9bfdc9f4%2F%29Get hashmaliciousBrowse
                                          • 104.18.48.232
                                          Family and Medical Leave of Act 22.04.docGet hashmaliciousBrowse
                                          • 10.0.0.0
                                          https://sites.google.com/view/amamam54566/%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9-%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9Get hashmaliciousBrowse
                                          • 216.58.212.161
                                          https://sites.google.com/view/amamam54566/%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9-%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9Get hashmaliciousBrowse
                                          • 216.58.212.161
                                          http://www.hncelectric.com/upload/Software/HCP_Works(En)V2.26.01.92012.rarGet hashmaliciousBrowse
                                          • 50.62.160.161
                                          http://helpcenter.creatorlink.net/render/INTROGet hashmaliciousBrowse
                                          • 31.13.92.36
                                          Docord}_69254.xlsGet hashmaliciousBrowse
                                          • 160.153.138.53
                                          order_26493.xlsGet hashmaliciousBrowse
                                          • 160.153.138.53
                                          51143184.dllGet hashmaliciousBrowse
                                          • 5.62.44.22
                                          Docord}_69254.xlsGet hashmaliciousBrowse
                                          • 160.153.138.53
                                          https://www.surveygizmo.com/s3/5560282/Get hashmaliciousBrowse
                                          • 99.86.154.86
                                          order_26493.xlsGet hashmaliciousBrowse
                                          • 160.153.138.53
                                          https://archbee.io/doc/lLhiZEKrhXpxTwYDFfeD0/S5WRbTUBHSfgd5iGZN5PkGet hashmaliciousBrowse
                                          • 104.16.132.229
                                          FileZilla_3.48.1_win64_sponsored-setup.exeGet hashmaliciousBrowse
                                          • 5.62.44.233
                                          https://newpage.blob.core.windows.net/online/important.html?sp=r&st=2020-05-22T17:58:11Z&se=2020-05-30T01:58:11Z&spr=https&sv=2019-10-10&sr=b&sig=28i5ZfHi4WQpm3TmaQgLgpVGYnKRJux03cGQIq5xUTU%3DGet hashmaliciousBrowse
                                          • 151.101.12.193
                                          https://fbproject4df3409fkl342ef043.el.r.appspot.com/#weblink-self-service-forms@softerware.comGet hashmaliciousBrowse
                                          • 192.229.221.185
                                          http://mirrors.gigenet.com/HirensBootCD/Hirens.BootCD.15.2.zipGet hashmaliciousBrowse
                                          • 69.65.16.171
                                          files.05.22.2020.docGet hashmaliciousBrowse
                                          • 45.10.88.132

                                          JA3 Fingerprints

                                          No context

                                          Dropped Files

                                          No context

                                          Screenshots

                                          Thumbnails

                                          This section contains all screenshots as thumbnails, including those not shown in the slideshow.