Analysis Report CoronaWarnApp.apk

Overview

General Information

Sample Name: CoronaWarnApp.apk
Analysis ID: 336565
MD5: de2060e42c95d4dddbf19d85d6da1cd7
SHA1: 8ebf29e56545925e5d2aa8af413de35cd973eb26
SHA256: 0d5ec7d8ea87fc80887fa6238dd49572182be98c8b02d9c5dda350a026f16eb7

Most interesting Screenshot:

Detection

Anubis
Score: 100
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected Anubis BankBot ransomware / banking trojan
Multi AV Scanner detection for submitted file
Deletes other packages
Found large list of e-Banking application (likely related to e-Banking fraud)
Found potential keylogger
Protects itself from removal
Removes its application launcher (likely to stay hidden)
Requests to ignore battery optimizations
Tries to detect Android x86
Tries to detect the analysis device (e.g. the Android emulator)
Tries to disable the administrator user
Uses accessibility services (likely to control other applications)
Accesses android OS build fields
Checks an internet connection is available
Checks if the device administrator is active
Contains package name strings related to banking (usually for identifying banking APKs)
Creates SMS data (e.g. PDU)
Detected TCP or UDP traffic on non-standard ports
Dials phone numbers
Executes logcat command
Executes native commands
Found parser code for incoming SMS (may be used to act on incoming SMS, BOT)
Found suspicious command strings (may be related to BOT commands)
Found very long method strings
Has permission to draw over other applications or user interfaces
Has permission to execute code after phone reboot
Has permission to perform phone calls in the background
Has permission to query the list of currently running applications
Has permission to read contacts
Has permission to read the SMS storage
Has permission to read the phones state (phone number, device IDs, active call ect.)
Has permission to receive SMS in the background
Has permission to record audio in the background
Has permission to send SMS in the background
Has permission to write to the SMS storage
Installs a new wake lock (to get activate on phone screen on)
Lists and deletes files in the same context
May access the Android keyguard (lock screen)
May check for popular installed apps
May query for the most recent running application (usually for UI overlaying)
Monitors incoming SMS
Opens an internet connection
Queries SMS data
Queries a list of installed applications
Queries list of running processes/tasks
Queries phone contact information
Queries the network operator ISO country code
Queries the network operator name
Queries the phones location (GPS)
Queries the unique operating system id (ANDROID_ID)
Queries the unqiue device ID (IMEI, MEID or ESN)
Reads logcat
Records audio/media
Redirects camera/video feed
Requests permissions only permitted to signed APKs
Requests potentially dangerous permissions
Sends SMS using SmsManager
Starts/registers a service/receiver on phone boot (autostart)
Tries to add a new device administrator
Uses reflection
Uses the DexClassLoader (often used for code injection)

Classification

AV Detection:

barindex
Antivirus / Scanner detection for submitted sample
Source: CoronaWarnApp.apk Avira: detected
Multi AV Scanner detection for submitted file
Source: CoronaWarnApp.apk Virustotal: Detection: 35% Perma Link

Location Tracking:

barindex
Queries the phones location (GPS)
Source: anubis.bot.myapplication.ServiceGeolocationGPS;->formatLocation:6 API Call: android.location.Location.getLatitude
Source: anubis.bot.myapplication.ServiceGeolocationGPS;->formatLocation:8 API Call: android.location.Location.getLongitude
Source: anubis.bot.myapplication.ServiceGeolocationNetwork;->formatLocation:7 API Call: android.location.Location.getLatitude
Source: anubis.bot.myapplication.ServiceGeolocationNetwork;->formatLocation:9 API Call: android.location.Location.getLongitude

Privilege Escalation:

barindex
Checks if the device administrator is active
Source: anubis.bot.myapplication.API.Admin.ClassAdmin;->ISS:12 API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:64 API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:163 API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.StartWhileRequest;->onHandleIntent:59 API Call: android.app.admin.DevicePolicyManager.isAdminActive
Tries to add a new device administrator
Source: anubis.bot.myapplication.API.Admin.ActivityAdmin;->onCreate:11 API Call: android.content.Intent.<init> android.app.action.ADD_DEVICE_ADMIN
Source: Lanubis/bot/myapplication/API/Admin/ActivityAdmin;->onCreate(Landroid/os/Bundle;)V Method string: "android.app.action.ADD_DEVICE_ADMIN"
Source: anubis.bot.myapplication.ServiceCryptFiles;->onHandleIntent:63 API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.ServiceFindFiles;->onHandleIntent:44 API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.ServiceRAT;->onHandleIntent:69 API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:931 API Call: android.os.Environment.getExternalStorageState
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:937 API Call: android.os.Environment.getExternalStorageState
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:941 API Call: android.os.Environment.getExternalStorageDirectory

Networking:

barindex
Checks an internet connection is available
Source: anubis.bot.myapplication.UtilsClass;->getNetworkInfo:52 API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: anubis.bot.myapplication.UtilsClass;->isConnectedMobile:1250 API Call: android.net.NetworkInfo.isConnected
Source: anubis.bot.myapplication.UtilsClass;->isConnectedWifi:1253 API Call: android.net.NetworkInfo.isConnected
Detected TCP or UDP traffic on non-standard ports
Source: global traffic TCP traffic: 192.168.2.30:55938 -> 8.8.4.4:853
Source: global traffic TCP traffic: 192.168.2.30:44518 -> 8.8.8.8:853
Opens an internet connection
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:29 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:67 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.ServiceModuleNotification$generatePictureStyle;->doInBackground:13 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass$ParseURL;->doInBackground:6 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass$TwitterParseTask;->doInBackground:10 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass;->inputFile:1112 API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass;->inputFile2:1144 API Call: java.net.URL.openConnection (not executed)
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.67
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.67
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown DNS traffic detected: queries for: time.android.com
Source: classes.dex String found in binary or memory: http://10.0.3.2/injclientup
Source: classes.dex String found in binary or memory: http://101.99.95.109/inj
Source: classes.dex String found in binary or memory: http://en.utrace.de
Source: classes.dex, android String found in binary or memory: http://ktosdelaetskrintotpidor.com
Source: activity_inj.xml String found in binary or memory: http://schemas.android.com/apk/res-auto
Source: classes.dex String found in binary or memory: http://schemas.android.com/apk/res/android
Source: classes.dex String found in binary or memory: http://sositehuypidarasi.com
Source: classes.dex String found in binary or memory: https://app-de-rki.xyz
Source: classes.dex, android String found in binary or memory: https://jsonplaceholder.typicode.com/posts
Source: classes.dex String found in binary or memory: https://jsonplaceholder.typicode.com/postsRhttps://support.google.com/calendar/answer/6261951?hl=en&
Source: classes.dex, android String found in binary or memory: https://support.google.com/calendar/answer/6261951?hl=en&co=GENIE.Platform=Android
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:45 API Call: javax.net.ssl.HttpsURLConnection.connect
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:83 API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.ServiceModuleNotification$generatePictureStyle;->doInBackground:15 API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.UtilsClass$ParseURL;->doInBackground:11 API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.UtilsClass$TwitterParseTask;->doInBackground:15 API Call: java.net.HttpURLConnection.connect
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 48754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 44164
Source: unknown Network traffic detected: HTTP traffic on port 44164 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 48754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41662 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41662

Key, Mouse, Clipboard, Microphone and Screen Capturing:

barindex
Found potential keylogger
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iget-boolean v11, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iget-boolean v0, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iget-object v0, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iget-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iput-boolean v4, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V Instruction: "iput-boolean v12, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->writeFile(Ljava/lang/String;Ljava/lang/String;)V Instruction: "iput-object v0, p0, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Has permission to record audio in the background
Source: submitted apk Request permission: android.permission.RECORD_AUDIO
Records audio/media
Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:69 API Call: android.media.MediaRecorder.start
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:76 API Call: android.media.MediaRecorder.start
Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:58 API Call: android.media.MediaRecorder.<init>
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:64 API Call: android.media.MediaRecorder.<init>

E-Banking Fraud:

barindex
Detected Anubis BankBot ransomware / banking trojan
Source: Lanubis/bot/myapplication/UtilsClass;->InitializationData(Landroid/content/Context;)V Method string: htmllocker
Source: Lanubis/bot/myapplication/ServiceCommands;->readCommand()V Method string: htmllocker
Source: Lanubis/bot/myapplication/ServiceCommands;->readCommand()V Method string: ERROR -> htmllocker
Source: Lanubis/bot/myapplication/API/Spam/ServiceSpamSMS;->onHandleIntent(Landroid/content/Intent;)V Method string: |Ended balance, SMS spam stopped!|
Source: Lanubis/bot/myapplication/ServiceCryptFiles;->getDir(Ljava/io/File;)V Method string: .AnubisCrypt
Source: Lanubis/bot/myapplication/ServiceCryptFiles;->openDir(Ljava/io/File;)V Method string: .AnubisCrypt
Source: Lanubis/bot/myapplication/Activity/ActivityScreenLocker;->onCreate(Landroid/os/Bundle;)V Method string: htmllocker
Found large list of e-Banking application (likely related to e-Banking fraud)
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.spardat.bcrmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.spardat.netbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bankaustria.android.olb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bmo.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cibc.android.mobi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbc.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.scotiabank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.td
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: cz.airbank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.inmite.prj.kb.mobilbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bankinter.launcher
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.kutxabank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rsi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.tecnocom.cajalaboral
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.bancopopular.nbmpopular
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.evobanco.bancamovil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.lacaixa.mobile.android.newwapicon
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.dbs.hk.dbsmbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.FubonMobileClient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.hangseng.rbmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.MobileTreeApp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.mtel.androidbea
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.scb.breezebanking.hk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: hk.com.hsbc.hsbchkmobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.aff.otpdirekt
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ideomobile.hapoalim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.infrasofttech.indianBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.mobikwik_new
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.oxigen.oxigenwallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.co.aeonbank.android.passbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.co.netbk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.co.rakuten_bank.rakutenbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.co.sevenbank.AppPassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.co.smbc.direct
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: jp.mufg.bk.applisp.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.barclays.ke.mobile.android.ui
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: nz.co.anz.android.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: nz.co.asb.asbmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: nz.co.bnz.droidbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: nz.co.kiwibank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.getingroup.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.eleader.mobilebanking.pekao.firm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.eleader.mobilebanking.pekao
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.eleader.mobilebanking.raiffeisen
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bzwbk.bzwbk24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.ipko.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.mbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: alior.bankingapp.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.comarch.mobile.banking.bgzbnpparibas.biznes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.comarch.security.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.empik.empikapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.empik.empikfoto
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.finanteq.finance.ca
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.orangefinansek
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.eleader.mobilebanking.invest
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.aliorbank.aib
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.allegro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bosbank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bph
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bps.bankowoscmobilna
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bzwbk.ibiznes24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.bzwbk.mobile.tab.bzwbk24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.ceneo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.com.rossmann.centauros
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.fmbank.smart
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.ideabank.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.ing.mojeing
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.millennium.corpApp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.orange.mojeorange
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.pkobp.iko
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: pl.pkobp.ipkobiznes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.kuveytturk.mobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.magiclick.odeabank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.mobillium.papara
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.pozitron.albarakaturk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.teb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ccom.tmob.denizbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.tmob.tabletdeniz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.vakifbank.mobilel
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: tr.com.sekerbilisim.mbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: wit.android.bcpBankingApp.millenniumPL
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.idamobile.android.hcb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.openbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.sberbank_sbbol
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.simpls.brs2.mobbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.tinkoff.sme
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.alfabank.oavdo.amc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.advantage.RaiffeisenBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: hr.asseco.android.jimba.mUCI.ro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: may.maybank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ro.btrl.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.amazon.mShop.android.shopping
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.amazon.windowshop
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ebay.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.sberbankmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.sberbank.spasibo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.sberbank.mobileoffice
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.sberbank.sberbankir
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.alfabank.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: by.st.alfa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.alfabank.sense
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.alfadirect.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.mw
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.idamob.tinkoff.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.tcsbank.c2c
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.tinkoff.mgp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.tinkoff.goabroad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.vtb24.mobilebanking.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: ru.bm.mbm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.vtb.mobilebank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bssys.VTBClient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bssys.vtb.mobileclient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.akbank.android.apps.akbank_direkt
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.akbank.android.apps.akbank_direkt_tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.akbank.softotp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.akbank.android.apps.akbank_direkt_tablet_20
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.fragment.akbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ykb.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ykb.android.mobilonay
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ykb.avm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ykb.androidtablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.veripark.ykbaz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.softtech.iscek
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.yurtdisi.iscep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.softtech.isbankasi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.monitise.isbankmoscow
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.finansbank.mobile.cepsube
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: finansbank.enpara
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.magiclick.FinansPOS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.matriksdata.finansyatirim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: finansbank.enpara.sirketim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.vipera.ts.starter.QNB
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.redrockdigimark
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.garanti.cepsubesi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.garanti.cepbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.garantibank.cepsubesiro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: biz.mobinex.android.apps.cep_sifrematik
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.garantiyatirim.fx
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.tmobtech.halkbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.SifrebazCep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: eu.newfrontier.iBanking.mobile.Halk.Retail
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: tr.com.tradesoft.tradingsystem.gtpmobile.halk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.DijitalSahne.EnYakinHalkbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ziraat.ziraatmobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ziraat.ziraattablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.matriksmobile.android.ziraatTrader
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.matriksdata.ziraatyatirim.pad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.comdirect.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.commerzbanking.mobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.consorsbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.db.mm.deutschebank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.dkb.portalapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.de.dkb.portalapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ing.diba.mbbr2
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.postbank.finanzassistent
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: mobile.santander.de
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.fiducia.smartphone.android.banking.vr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.creditagricole.androidapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.axa.monaxa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.banquepopulaire.cyberplus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: net.bnpparibas.mescomptes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.boursorama.android.clients
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.caisseepargne.android.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.lcl.android.customerarea
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.paypal.android.p2pmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.wf.wellsfargomobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.wf.wellsfargomobile.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.wellsFargo.ceomobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.usbank.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.usaa.mobile.android.usaa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.suntrust.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.moneybookers.skrillpayments.neteller
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.moneybookers.skrillpayments
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.clairmail.fth
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.konylabs.capitalone
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.yinzcam.facilities.verizon
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.chase.sig.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.infonow.bofa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bankofamerica.cashpromobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: uk.co.bankofscotland.businessbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.grppl.android.shell.BOS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.natwestoffshore
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.natwest
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.natwestbandc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.investisir
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.phyder.engage
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.rbs
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.rbsbandc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: uk.co.santander.santanderUK
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: uk.co.santander.businessUK.bb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.sovereign.santander
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ifs.banking.fiid4202
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.fi6122.godough
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.rbs.mobile.android.ubr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.htsu.hsbcpersonalbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.grppl.android.shell.halifax
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.grppl.android.shell.CMBlloydsTSB73
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.barclays.android.barclaysmobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.unionbank.ecommerce.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.unionbank.ecommerce.mobile.commercial.legacy
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.snapwork.IDBI
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.idbibank.abhay_card
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: src.com.idbi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.idbi.mpassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.ing.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.snapwork.hdfc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.sbi.SBIFreedomPlus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: hdfcbank.hdfcquickbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.csam.icici.bank.imobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: in.co.bankofbaroda.mpassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.axis.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: cz.csob.smartbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: cz.sberbankcz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: sk.sporoapps.accounts
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: sk.sporoapps.skener
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cleverlance.csas.servis24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: org.westpac.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: nz.co.westpac
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.suncorp.SuncorpBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: org.stgeorge.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: org.banksa.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.newcastlepermanent
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.nab.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.mebank.banking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.ingdirect.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: MyING.be
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.imb.banking2
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.fusion.ATMLocator
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.cua.mb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.commbank.netbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cba.android.netbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.citibank.mobile.au
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.citibank.mobile.uk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.citi.citimobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: org.bom.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bendigobank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: me.doubledutch.hvdnz.cbnationalconference2016
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: au.com.bankwest.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bankofqueensland.boq
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.anz.android.gomoney
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.anz.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.anz.SingaporeDigitalBanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.anzspot.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.crowdcompass.appSQ0QACAcYJ
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.arubanetworks.atmanz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.quickmobile.anzirevents15
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.volksbank.volksbankmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: it.volksbank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: it.secservizi.mobile.atime.bpaa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.fiducia.smartphone.android.securego.vr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.isis_papyrus.raiffeisen_pay_eyewdg
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.easybank.mbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.easybank.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.easybank.securityapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.bawag.mbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bawagpsk.securityapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: at.psa.app.bawag
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.pozitron.iscep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.vakifbank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.pozitron.vakifbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.starfinanz.smob.android.sfinanzstatus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.starfinanz.mobile.android.pushtan
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.entersekt.authapp.sparkasse
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.starfinanz.smob.android.sfinanzstatus.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.starfinanz.smob.android.sbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.palatine.android.mobilebanking.prod
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.laposte.lapostemobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: fr.laposte.lapostetablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cm_prod.bad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cm_prod.epasal
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cm_prod_tablet.bad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.cm_prod.nosactus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: mobi.societegenerale.mobile.lappli
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bbva.netcash
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bbva.bbvacontigo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bbva.bbvawallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.bancosantander.apps
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.santander.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.cm.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: es.cm.android.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bankia.wallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.btcturk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.tmob.denizbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.binance.dev
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.binance.odapplications
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.blockfolio.blockfolio
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.crypter.cryptocyrrency
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: io.getdelta.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.edsoftapps.mycoinsvalue
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.coin.profit
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.mal.saul.coinmarketcap
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.tnx.apps.coinportfolio
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.coinbase.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.portfolio.coinbase_tracker
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: de.schildbach.wallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: piuk.blockchain.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: info.blockchain.merchant
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.jackpf.blockchainsearch
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.unocoin.unocoinwallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.unocoin.unocoinmerchantPoS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.thunkable.android.santoshmehta364.UNOCOIN_LIVE
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: wos.com.zebpay
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.localbitcoinsmbapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.thunkable.android.manirana54.LocalBitCoins
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.thunkable.android.manirana54.LocalBitCoins_unblock
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.localbitcoins.exchange
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.coins.bit.local
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.coins.ful.bit
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.jamalabbasii1998.localbitcoin
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: zebpay.Application
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.bitcoin.ss.zebpayindia
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method string: com.kryptokit.jaxx
Contains package name strings related to banking (usually for identifying banking APKs)
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String; Method String: at.spardat.netbanking, com.bankaustria.android.olb, com.scotiabank.mobile, cz.airbank.android, eu.inmite.prj.kb.mobilbank, com.bankinter.launcher, com.kutxabank.android, com.dbs.hk.dbsmbanking, com.scb.breezebanking.hk, hk.com.hsbc.hsbchkmobilebanking, jp.co.aeonbank.android.passbook, jp.co.rakuten_bank.rakutenbank, jp.co.sevenbank.AppPassbook, nz.co.anz.android.mobilebanking, nz.co.bnz.droidbanking, nz.co.kiwibank.mobile, com.getingroup.mobilebanking, eu.eleader.mobilebanking.pekao.firm, eu.eleader.mobilebanking.pekao, eu.eleader.mobilebanking.raiffeisen, com.comarch.mobile.banking.bgzbnpparibas.biznes, com.comarch.security.mobilebanking, eu.eleader.mobilebanking.invest, pl.aliorbank.aib, pl.bosbank.mobile, pl.bps.bankowoscmobilna, pl.fmbank.smart, pl.ideabank.mobilebanking, com.magiclick.odeabank, com.vakifbank.mobilel, tr.com.sekerbilisim.mbank, ru.rosbank.android, ru.simpls.brs2.mobbank, ru.alfabank.oavdo.amc, ru.ftc.faktura.expressbank, ru.ftc.faktura.jur.expressbank, ru.gazprombank.android.mobilebank.app, com.prime.app.gazprombank, com.bssys.mbcphone.gpbank, ru.psbank.msb.dev.psb_appstore, ru.sovcombank.online.chatbanklight, ru.ftc.faktura.expertbank, ru.ftc.faktura.jur.expertbank, may.maybank.android, ru.sberbank.spasibo, ru.sberbank.mobileoffice, ru.sberbank.sberbankir, ru.alfabank.mobile.android, ru.alfabank.sense, ru.tcsbank.c2c, ru.vtb24.mobilebanking.android, com.vtb.mobilebank, com.akbank.android.apps.akbank_direkt, com.akbank.android.apps.akbank_direkt_tablet, com.akbank.softotp, com.akbank.android.apps.akbank_direkt_tablet_20, com.fragment.akbank, com.softtech.isbankasi, com.monitise.isbankmoscow, com.finansbank.mobile.cepsube, com.garanti.cepbank, com.garantibank.cepsubesiro, com.tmobtech.halkbank, com.DijitalSahne.EnYakinHalkbank, de.ingdiba.bankingapp, de.commerzbanking.mobil, com.db.mm.deutschebank, de.postbank.finanzassistent, de.fiducia.smartphone.android.banking.vr, com.caisseepargne.android.mobilebanking, com.usbank.mobilebanking, com.suntrust.mobilebanking, com.bankofamerica.cashpromobile, uk.co.bankofscotland.businessbank, com.ifs.banking.fiid4202, com.htsu.hsbcpersonalbanking, com.barclays.android.barclaysmobilebanking, com.unionbank.ecommerce.mobile.android, com.unionbank.ecommerce.mobile.commercial.legacy, com.idbibank.abhay_card, com.csam.icici.bank.imobile, in.co.bankofbaroda.mpassbook, cz.csob.smartbanking, org.westpac.bank, org.stgeorge.bank, org.banksa.bank, au.com.mebank.banking, com.imb.banking2, com.commbank.netbank, com.cba.android.netbank, com.citibank.mobile.au, com.citibank.mobile.uk, org.bom.bank, com.bendigobank.mobile, au.com.bankwest.mobile, com.bankofqueensland.boq, at.volksbank.volksbankmobile, it.volksbank.android, at.easybank.mbanking, at.easybank.tablet, at.easybank.securityapp, at.bawag.mbanking, com.vakifbank.mobile, com.pozitron.vakifbank, com.starfinanz.smob.android.sbanking, com.palatine.android.mobilebanking.prod, com.bankia.wallet, it.bnl.apps.banking, it.gruppocariparma.nowbanking, com.trio
Has permission to query the list of currently running applications
Source: submitted apk Request permission: android.permission.GET_TASKS
May check for popular installed apps
Source: Lanubis/bot/myapplication/ServiceAccessibility;->clickOkButton(Landroid/view/accessibility/AccessibilityNodeInfo;I)Ljava/util/List; Method string: "com.android.vending"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V Method string: "com.imo.android.imoim,com.twitter.android"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V Method string: "com.imo.android.imoim,com.twitter.android"
May query for the most recent running application (usually for UI overlaying)
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp getRunningTasks and getPackageName invocations in same method: anubis.bot.myapplication.ServiceInjections;->getTopApp:8, anubis.bot.myapplication.ServiceInjections;->getTopApp:13
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp getRunningTasks and getPackageName invocations in same method: anubis.bot.myapplication.ServiceInjections;->getTopApp:8, anubis.bot.myapplication.ServiceInjections;->getTopApp:13

Spam, unwanted Advertisements and Ransom Demands:

barindex
Tries to disable the administrator user
Source: anubis.bot.myapplication.API.Admin.ActivityAdmin;->onCreate:25 API Call: android.app.admin.DevicePolicyManager.removeActiveAdmin
Dials phone numbers
Source: anubis.bot.myapplication.Activity.ActivityStartUSSD;->onCreate:21 API Call: anubis.bot.myapplication.Activity.ActivityStartUSSD.startActivity
Has permission to perform phone calls in the background
Source: submitted apk Request permission: android.permission.CALL_PHONE
Has permission to send SMS in the background
Source: submitted apk Request permission: android.permission.SEND_SMS
Has permission to write to the SMS storage
Source: submitted apk Request permission: android.permission.WRITE_SMS
May check for popular installed apps
Source: Lanubis/bot/myapplication/ServiceAccessibility;->clickOkButton(Landroid/view/accessibility/AccessibilityNodeInfo;I)Ljava/util/List; Method string: "com.android.vending"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V Method string: "com.imo.android.imoim,com.twitter.android"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V Method string: "com.imo.android.imoim,com.twitter.android"
Sends SMS using SmsManager
Source: anubis.bot.myapplication.UtilsClass;->sendSMS:1437 API Call: android.telephony.SmsManager.sendMultipartTextMessage

Operating System Destruction:

barindex
Deletes other packages
Source: anubis.bot.myapplication.Activity.ActivityAlert2;->onCreate:56 API Call: anubis.bot.myapplication.Activity.ActivityAlert2.startActivity
Lists and deletes files in the same context
Source: anubis.bot.myapplication.ServiceCryptFiles;->openDir:174 API Calls in same method context: File.listFiles,File.delete
Source: anubis.bot.myapplication.ServiceCryptFiles;->getDir:43 API Calls in same method context: File.listFiles,File.delete

Change of System Appearance:

barindex
May access the Android keyguard (lock screen)
Source: classes.dex String found in binary or memory: Landroid/app/KeyguardManager;
Source: classes.dex String found in binary or memory: Landroid/app/KeyguardManager;)Landroid/app/Notification$Action$Builder;!Landroid/app/Notification$Action;*Landroid/app/Notification$BigPictureStyle;'Landroid/app/Notification$BigTextStyle;"Landroid/app/Notification$Builder;3Landroid/app/Notification$DecoratedCustomViewStyle;%Landroid/app/Notification$InboxStyle;1Landroid/app/Notification$MessagingStyle$Message;)Landroid/app/Notification$MessagingStyle; Landroid/app/Notification$Style;
Source: classes.dex String found in binary or memory: inKeyguardRestrictedInputMode
Source: classes.dex String found in binary or memory: isKeyguardLocked
Source: classes.dex String found in binary or memory: keyguard
Source: classes.dex String found in binary or memory: keyguardkeylogger
Source: anubis.bot.myapplication.Alarm.EndlessService;->startService:72 API Call: android.os.PowerManager$WakeLock.acquire
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:102 API Call: android.os.PowerManager$WakeLock.acquire
Source: anubis.bot.myapplication.Activity.ActivityStartUSSD;->onCreate:24 API Call: android.media.AudioManager.setRingerMode("0")
Source: anubis.bot.myapplication.UtilsClass;->StopSound:762 API Call: android.media.AudioManager.setRingerMode("0")
Source: anubis.bot.myapplication.UtilsClass;->startCustomTimer:65 API Call: android.app.AlarmManager.setRepeating

System Summary:

barindex
Requests to ignore battery optimizations
Source: Lanubis/bot/myapplication/StartWhileRequest;->onHandleIntent(Landroid/content/Intent;)V Method string: "android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
Source: Lanubis/bot/myapplication/Receiver/ReceiverAlarm;->StartReceive(Landroid/content/Context;Landroid/content/Intent;)V Method string: "android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
Executes native commands
Source: anubis.bot.myapplication.LogSrv;->cycle:5 API Call: java.lang.Runtime.exec ("logcat -dv color")
Source: anubis.bot.myapplication.LogSrv;->cycle:34 API Call: java.lang.Runtime.exec ("logcat -c")
Requests permissions only permitted to signed APKs
Source: submitted apk Request permission: android.permission.PACKAGE_USAGE_STATS
Requests potentially dangerous permissions
Source: submitted apk Request permission: android.permission.ACCESS_FINE_LOCATION
Source: submitted apk Request permission: android.permission.CALL_PHONE
Source: submitted apk Request permission: android.permission.GET_TASKS
Source: submitted apk Request permission: android.permission.INTERNET
Source: submitted apk Request permission: android.permission.READ_CONTACTS
Source: submitted apk Request permission: android.permission.READ_PHONE_STATE
Source: submitted apk Request permission: android.permission.READ_SMS
Source: submitted apk Request permission: android.permission.RECEIVE_SMS
Source: submitted apk Request permission: android.permission.RECORD_AUDIO
Source: submitted apk Request permission: android.permission.SEND_SMS
Source: submitted apk Request permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apk Request permission: android.permission.WAKE_LOCK
Source: submitted apk Request permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: submitted apk Request permission: android.permission.WRITE_SMS
Source: classification engine Classification label: mal100.rans.troj.spyw.evad.andAPK@0/252@1/0
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "Interval": null
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "swspacket": null
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "interval": 10000
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "time_work": 0
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "urls": NzNkZDUwNGQ4NDhlMWEzYTNhOGM5N2JjZjM1NjI4YzExMzE3YzA3MzFkYTU=
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "isAccessbility": false
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "startRequest": Access=0Perm=0
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "screen": on
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "StringAccessibility": Enable access for
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744 API Call: "perehvat_sws": false
Source: anubis.bot.myapplication.Alarm.ServiceState;->getServiceState:14 API Call: android.content.SharedPreferences.getString
Source: anubis.bot.myapplication.ServicePedometer;->onCreate:10 API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onSensorChanged:15 API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onSensorChanged:18 API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onStartCommand:28 API Call: android.hardware.SensorManager.registerListener

Data Obfuscation:

barindex
Found very long method strings
Source: Lanubis/bot/myapplication/StoreStringClass;-><clinit>()V Method string: [az]Eri\u015fimi aktivl\u0259\u015fdirin::[sq]Aktivizo aksesin p\u00ebr::[am]\u1218\u12f3\u1228\u123b \u1208 \u12eb\u1295\u1241::[en]Enable access for::[ar]\u062a\u0645\u0643\u064a\u0646 \u0627\u0644\u0648\u0635\u0648\u0644 \u0644\u0640\u0649::[hy]\u0544\ Length: 6244
Uses reflection
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:486 API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:517 API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:551 API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:588 API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->readFromParcel:56 API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->writeToParcel:117 API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.LogSrv;->cycle:20 API Call: java.io.FileWriter.<init>
Source: anubis.bot.myapplication.ServiceCommands;->clearFile:8 API Call: anubis.bot.myapplication.ServiceCommands.openFileOutput
Source: anubis.bot.myapplication.ServiceAccessibility;->clearFile:99 API Call: anubis.bot.myapplication.ServiceAccessibility.openFileOutput
Source: anubis.bot.myapplication.ServiceAccessibility;->writeFile:943 API Call: anubis.bot.myapplication.ServiceAccessibility.openFileOutput

Boot Survival:

barindex
Has permission to execute code after phone reboot
Source: submitted apk Request permission: android.permission.RECEIVE_BOOT_COMPLETED
Installs a new wake lock (to get activate on phone screen on)
Source: anubis.bot.myapplication.Alarm.EndlessService;->startService:71 API Call: android.os.PowerManager.newWakeLock
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:101 API Call: android.os.PowerManager.newWakeLock
Starts/registers a service/receiver on phone boot (autostart)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:55 API Call: anubis.bot.myapplication.MainApplication.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->R_CWC:26 API Call: android.content.Context.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:52 API Call: android.content.Context.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:75 API Call: android.content.Context.startService (not executed)

Hooking and other Techniques for Hiding and Protection:

barindex
Protects itself from removal
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:829 API Calls in same method context: AccessibilityNodeInfo.findAccessibilityNodeInfosByText,AccessibilityEvent.getPackageName
Removes its application launcher (likely to stay hidden)
Source: anubis.bot.myapplication.Activity.MainActivity;->onCreate:33 API Call: android.content.pm.PackageManager.setComponentEnabledSetting
Has permission to draw over other applications or user interfaces
Source: submitted apk Request permission: android.permission.SYSTEM_ALERT_WINDOW
Has permission to query the list of currently running applications
Source: submitted apk Request permission: android.permission.GET_TASKS
Queries list of running processes/tasks
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp:8 API Call: android.app.ActivityManager.getRunningTasks
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp:16 API Call: android.app.ActivityManager.getRunningAppProcesses

Malware Analysis System Evasion:

barindex
Tries to detect Android x86
Source: Lanubis/bot/myapplication/UtilsClass;->isEmulator_1()Z Method string: "Android SDK built for x86"
Tries to detect the analysis device (e.g. the Android emulator)
Source: Lanubis/bot/myapplication/UtilsClass;->isEmulator_1()Z Method string: "Emulator"
Accesses android OS build fields
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:30 Field Access: android.os.Build$VERSION.RELEASE
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:32 Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:36 Field Access: android.os.Build.PRODUCT
Source: anubis.bot.myapplication.UtilsClass;->getID_B:881 Field Access: android.os.Build.BOARD
Source: anubis.bot.myapplication.UtilsClass;->getID_B:884 Field Access: android.os.Build.BRAND
Source: anubis.bot.myapplication.UtilsClass;->getID_B:887 Field Access: android.os.Build.CPU_ABI
Source: anubis.bot.myapplication.UtilsClass;->getID_B:890 Field Access: android.os.Build.DEVICE
Source: anubis.bot.myapplication.UtilsClass;->getID_B:893 Field Access: android.os.Build.DISPLAY
Source: anubis.bot.myapplication.UtilsClass;->getID_B:896 Field Access: android.os.Build.HOST
Source: anubis.bot.myapplication.UtilsClass;->getID_B:899 Field Access: android.os.Build.ID
Source: anubis.bot.myapplication.UtilsClass;->getID_B:902 Field Access: android.os.Build.MANUFACTURER
Source: anubis.bot.myapplication.UtilsClass;->getID_B:905 Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->getID_B:908 Field Access: android.os.Build.PRODUCT
Source: anubis.bot.myapplication.UtilsClass;->getID_B:911 Field Access: android.os.Build.TAGS
Source: anubis.bot.myapplication.UtilsClass;->getID_B:914 Field Access: android.os.Build.TYPE
Source: anubis.bot.myapplication.UtilsClass;->getID_B:917 Field Access: android.os.Build.USER
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1281 Field Access: android.os.Build.FINGERPRINT
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1284 Field Access: android.os.Build.FINGERPRINT
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1287 Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1290 Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1293 Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1296 Field Access: android.os.Build.MANUFACTURER
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1299 Field Access: android.os.Build.BRAND
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1301 Field Access: android.os.Build.DEVICE
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1303 Field Access: android.os.Build.PRODUCT
Executes logcat command
Source: anubis.bot.myapplication.LogSrv;->cycle:5 API Call: java.lang.Runtime.exec ("logcat -dv color")
Source: anubis.bot.myapplication.LogSrv;->cycle:34 API Call: java.lang.Runtime.exec ("logcat -c")
Queries the unique operating system id (ANDROID_ID)
Source: anubis.bot.myapplication.Alarm.EndlessService;->pingFakeServer:30 API Call: android.provider.Settings$Secure.getString
Source: anubis.bot.myapplication.UtilsClass;->ID_B:77 API Call: android.provider.Settings$Secure.getString

HIPS / PFW / Operating System Protection Evasion:

barindex
Uses the DexClassLoader (often used for code injection)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:481 API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:483 API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:511 API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:513 API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:545 API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:547 API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:582 API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:584 API Call: dalvik.system.DexClassLoader.loadClass (not executed)

Language, Device and Operating System Detection:

barindex
Queries the network operator ISO country code
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:42 API Call: android.telephony.TelephonyManager.getNetworkCountryIso
Source: anubis.bot.myapplication.UtilsClass;->country:829 API Call: android.telephony.TelephonyManager.getNetworkCountryIso
Queries the network operator name
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:50 API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Queries the unqiue device ID (IMEI, MEID or ESN)
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:55 API Call: android.telephony.TelephonyManager.getLine1Number

Stealing of Sensitive Information:

barindex
Uses accessibility services (likely to control other applications)
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:561 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:587 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:595 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:618 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:641 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:658 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:683 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:693 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:707 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:717 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:725 API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Creates SMS data (e.g. PDU)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->R_CWC:14 API Call: android.telephony.SmsMessage.createFromPdu
Has permission to read contacts
Source: submitted apk Request permission: android.permission.READ_CONTACTS
Has permission to read the SMS storage
Source: submitted apk Request permission: android.permission.READ_SMS
Has permission to read the phones state (phone number, device IDs, active call ect.)
Source: submitted apk Request permission: android.permission.READ_PHONE_STATE
Has permission to receive SMS in the background
Source: submitted apk Request permission: android.permission.RECEIVE_SMS
Monitors incoming SMS
Source: .Receiver.ReceiverBoot Registered receiver: android.provider.Telephony.SMS_RECEIVED
Queries SMS data
Source: anubis.bot.myapplication.ServiceDeleteSMS;->DelIndox:4 API Call: android.net.Uri.parse("content://sms/inbox")
Source: anubis.bot.myapplication.ServiceDeleteSMS;->DelSent:30 API Call: android.net.Uri.parse("content://sms/sent")
Queries a list of installed applications
Source: anubis.bot.myapplication.Kill$1;->run:5 API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.StoreStringClass;->GetAPP:165 API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.UtilsClass;->getApps:849 API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.UtilsClass;->isAppInstalled:1243 API Call: android.content.pm.PackageManager.getInstalledApplications
Queries phone contact information
Source: anubis.bot.myapplication.Activity.ActivityGetNumber;->getNumber:10 Field access: android.provider.ContactsContract$CommonDataKinds$Phone.CONTENT_URI
Source: anubis.bot.myapplication.Activity.ActivityGetNumber;->getNumberG0_CWC:66 Field access: android.provider.ContactsContract$CommonDataKinds$Phone.CONTENT_URI
Reads logcat
Source: anubis.bot.myapplication.LogSrv;->cycle:23 API Call: java.io.BufferedReader.readLine
Redirects camera/video feed
Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:65 API Call: android.media.MediaRecorder.setOutputFile
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:72 API Call: android.media.MediaRecorder.setOutputFile
Source: submitted apk Request permission: android.permission.ACCESS_FINE_LOCATION

Remote Access Functionality:

barindex
Found parser code for incoming SMS (may be used to act on incoming SMS, BOT)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:79 API Call: java.lang.String.equals android.provider.Telephony.SMS_RECEIVED
Found suspicious command strings (may be related to BOT commands)
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound$1;->run()V Method string: "stop record sound"
Source: Lanubis/bot/myapplication/API/Spam/ServiceSpamSMS;->onHandleIntent(Landroid/content/Intent;)V Method string: "sendsms"
Source: Lanubis/bot/myapplication/UtilsClass;->LoadLibSocks5(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V Method string: "socksstart"
Source: Lanubis/bot/myapplication/StoreStringClass;-><init>()V Method string: "android.permission.send_sms"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound;->recordAudio(Landroid/content/Context;Ljava/lang/String;I)V Method string: "start record sound"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound$1;->run()V Instruction: "const-string v4, "stop record sound""
Source: Lanubis/bot/myapplication/ServiceDeleteSMS;->onStartCommand(Landroid/content/Intent;II)I Instruction: "lanubis/bot/myapplication/servicedeletesms;->deletesms(landroid/content/context;ljava/lang/string;ljava/lang/string;)v"
Source: Lanubis/bot/myapplication/API/Spam/ServiceSenderSpamSMS;->onStartCommand(Landroid/content/Intent;II)I Instruction: "lanubis/bot/myapplication/utilsclass;->sendsms(landroid/content/context;ljava/lang/string;ljava/lang/string;)v"
Source: Lanubis/bot/myapplication/UtilsClass;->LoadLibSocks5(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V Instruction: "const-string v1, "socksstart""
Source: Lanubis/bot/myapplication/StoreStringClass;-><init>()V Instruction: "iput-object v0, p0, lanubis/bot/myapplication/storestringclass;->send_sms:[ljava/lang/string;"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound;->recordAudio(Landroid/content/Context;Ljava/lang/String;I)V Instruction: "const-string v2, "start record sound""