Loading ...

Play interactive tourEdit tour

Analysis Report dhl.apk

Overview

General Information

Sample Name:dhl.apk
Analysis ID:392149
MD5:4c0268f7d44fa22d004d2e2258864b64
SHA1:8f601646042740654749826b180fabd77b6288f0
SHA256:0200e9808eaf16dac5fc211ecabba17de0f961377af8101c324fb5fed9b488ba
Infos:

Most interesting Screenshot:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Access the class loader (often done to load a new code)
Accesses android OS build fields
Checks an internet connection is available
Checks if a SIM card is installed
Detected TCP or UDP traffic on non-standard ports
Has permission to perform phone calls in the background
Has permission to read contacts
Has permission to read the SMS storage
Has permission to read the phones state (phone number, device IDs, active call ect.)
Has permission to receive SMS in the background
Has permission to send SMS in the background
Has permission to terminate background processes of other applications
Has permission to write to the SMS storage
Installs a new wake lock (to get activate on phone screen on)
Installs an application shortcut on the screen
Lists and deletes files in the same context
May access the Android keyguard (lock screen)
May take a camera picture
Obfuscates method names
Queries camera information
Queries package code path (often used for patching other applications)
Queries several sensitive phone informations
Queries stored mail and application accounts (e.g. Gmail or Whatsup)
Queries system settings
Queries the Googlemail Account Name
Queries the SIM provider ISO country code
Queries the SIM provider name (SPN - Service Provider Name)
Queries the SIM provider numeric MCC+MNC (mobile country code + mobile network code)
Queries the network operator name
Queries the network operator numeric MCC+MNC (mobile country code + mobile network code)
Requests potentially dangerous permissions
Uses reflection

Classification

Yara Overview

No yara matches

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: dhl.apkVirustotal: Detection: 22%Perma Link
Source: com.whatsapp.backup.google.GoogleBackupService;->A04:258API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.backup.google.GoogleBackupService;->A04:298API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.backup.google.GoogleBackupService;->A06:418API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.backup.google.GoogleBackupService;->A06:465API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.backup.google.GoogleBackupService;->onHandleIntent:588API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.registration.RegisterName;->A0Y:177API Call: android.os.Environment.getExternalStorageState
Source: com.whatsapp.messaging.CaptivePortalActivity;->onCreate:41API Call: android.net.wifi.WifiManager.getConnectionInfo
Source: com.whatsapp.registration.EULA;->lambda$onCreate$2112$EULA:87API Call: android.net.NetworkInfo.isConnected
Source: global trafficTCP traffic: 192.168.2.30:56068 -> 8.8.4.4:853
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.42
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.27.188
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.214.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: $avd_show_password__2.xmlString found in binary or memory: http://schemas.android.com/aapt
Source: abc_screen_toolbar.xmlString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: mtrl_outlined_stroke_color.xml, abc_screen_simple.xml, mtrl_fab_transformation_sheet_expand_spec.xml, abc_btn_check_material_anim.xml, $avd_show_password__2.xml, abc_btn_default_mtrl_shape.xml, abc_ic_arrow_drop_right_black_24dp.xml, btn_checkbox_checked_to_unchecked_mtrl_animation.xml, btn_checkbox_to_checked_box_outer_merged_animation.xml, abc_alert_dialog_title_material.xml, abc_screen_toolbar.xml, design_text_input_start_icon.xml, mtrl_extended_fab_state_list_animator.xml, mtrl_calendar_month.xml, mtrl_alert_dialog_actions.xml, mtrl_fab_show_motion_spec.xml, abc_dialog_title_material.xml, abc_seekbar_thumb_material.xml, btn_radio_off_to_on_mtrl_animation.xml, mtrl_calendar_months.xml, androidString found in binary or memory: http://schemas.android.com/apk/res/android
Source: androidString found in binary or memory: http://www.google.com/settings/storage?emr=0&authuser=-1&utm_source=whatsapp
Source: libfolly_futures.so, libjsijniprofiler.soString found in binary or memory: https://android.googlesource.com/toolchain/clang
Source: libfolly_futures.so, libjsijniprofiler.soString found in binary or memory: https://android.googlesource.com/toolchain/llvm
Source: classes4.dexString found in binary or memory: https://chat.whatsapp.com/
Source: androidString found in binary or memory: https://wa.me
Source: androidString found in binary or memory: https://wa.me/message/
Source: classes4.dexString found in binary or memory: https://wa.me/qr/
Source: classes4.dexString found in binary or memory: https://wa.me/qr/.https://www.whatsapp.com/legal/#privacy-policy0https://www.whatsapp.com/legal/#ter
Source: androidString found in binary or memory: https://whatsapp.com/dl/
Source: androidString found in binary or memory: https://www.whatsapp.com/legal/
Source: classes4.dex, androidString found in binary or memory: https://www.whatsapp.com/legal/#privacy-policy
Source: classes4.dex, androidString found in binary or memory: https://www.whatsapp.com/legal/#terms-of-service
Source: unknownNetwork traffic detected: HTTP traffic on port 39602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 42776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 42776
Source: unknownNetwork traffic detected: HTTP traffic on port 50458 -> 443
Source: submitted apkRequest permission: android.permission.CALL_PHONE
Source: submitted apkRequest permission: android.permission.SEND_SMS
Source: submitted apkRequest permission: android.permission.WRITE_SMS
Source: com.whatsapp.profile.WebImagePicker;->onCreate:92API Calls in same method context: File.listFiles,File.delete
Source: androidString found in binary or memory: keyguard
Source: com.whatsapp.notification.PopupNotification;->A04:89API Call: android.os.PowerManager$WakeLock.acquire
Source: com.whatsapp.push.WAFbnsPreloadReceiver;->onReceive:10API Call: android.os.PowerManager$WakeLock.acquire
Source: submitted apkRequest permission: android.permission.CALL_PHONE
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.READ_CONTACTS
Source: submitted apkRequest permission: android.permission.READ_PHONE_STATE
Source: submitted apkRequest permission: android.permission.READ_SMS
Source: submitted apkRequest permission: android.permission.RECEIVE_SMS
Source: submitted apkRequest permission: android.permission.SEND_SMS
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Source: submitted apkRequest permission: android.permission.WRITE_SMS
Source: classification engineClassification label: mal52.spyw.evad.andAPK@0/255@0/0
Source: com.whatsapp.AbstractAppShell;->attachBaseContext:244API Call: java.lang.System.loadLibrary
Source: com.whatsapp.authentication.AppAuthSettingsActivity;->onResume:152API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.authentication.AppAuthSettingsActivity;->onResume:156API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.blocklist.BlockConfirmationDialogFragment;->A0p:35API Call: android.content.SharedPreferences.getString
Source: org.npci.commonlibrary.GetCredential;->onCreate:159API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.qrcode.contactqr.ContactQrActivity;->onCreate:6API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.qrcode.contactqr.QrScanCodeFragment;->A0Z:16API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.conversationslist.ArchiveNotificationSettingActivity;->onCreate:14API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.conversationslist.ArchiveNotificationSettingActivity;->onCreate:22API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.data.ConversationDeleteService;->A03:84API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.directmigration.MigrationContentProvider;->query:279API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.directmigration.MigrationContentProvider;->query:292API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.ephemeral.EphemeralNUXDialog;->A00:9API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.ephemeral.EphemeralNUXDialog;->A0e:21API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.GoogleBackupService;->A01:82API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.GoogleBackupService;->onHandleIntent:614API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.GoogleBackupService;->onHandleIntent:1092API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.GoogleBackupService;->onHandleIntent:1147API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.backup.google.GoogleBackupService;->onHandleIntent:1154API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->A0i:378API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.SettingsGoogleDrive;->onCreate:567API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->onNewIntent:899API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->onNewIntent:922API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->onNewIntent:928API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->onNewIntent:930API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->onNewIntent:949API Call: android.content.SharedPreferences.getBoolean
Source: org.pjsip.PjCameraInfo;->createFromRawInfo:26API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.push.RegistrationIntentService;->A05:57API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.push.RegistrationIntentService;->A05:64API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.push.RegistrationIntentService;->A05:182API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.ChangeNumber;->onCreate:385API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.ChangeNumber;->onPause:451API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.RegisterName;->A0Y:175API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.RegisterName;->onActivityResult:310API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.RegisterPhone;->onCreate:325API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.EULA;->onCreate:218API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.RegisterPhone;->onResume:573API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.RegisterPhone;->onResume:575API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifySms;->A0V:75API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.RegisterPhone;->onResume:585API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifySms;->A0V:77API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifySms;->A0V:83API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.RegisterPhone;->onResume:622API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifyTwoFactorAuth;->onCreate:145API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifyTwoFactorAuth;->onCreate:147API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.registration.VerifySms;->A0g:231API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.VerifySms;->A1D:794API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.VerifySms;->AEA:1266API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.VerifySms;->lambda$onCreate$2138$VerifySms:1606API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.VerifySms;->lambda$onCreate$2138$VerifySms:1618API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.registration.VerifySms;->onActivityResult:1661API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.Conversation;->onCreate:2689API Call: android.content.SharedPreferences.getBoolean
Source: com.whatsapp.Conversation;->onStart:3789API Call: android.content.SharedPreferences.getString
Source: com.whatsapp.notification.PopupNotification;->A0R:178API Call: android.hardware.SensorManager.registerListener
Source: dhl.apkTotal valid method names: 25%
Source: obfuse.;->:142API Call: Real call: null
Source: obfuse.;->:142API Call: Real call: public static android.app.ActivityThread android.app.ActivityThread.currentActivityThread()
Source: obfuse.;->:46API Call: Real call: final android.util.ArrayMap android.app.ActivityThread.mPackages
Source: obfuse.;->:142API Call: dalvik.system.DexPathList.makePathElements
Source: obfuse.;->:142API Call: Real call: private static dalvik.system.DexPathList$Element[] dalvik.system.DexPathList.makePathElements(java.util.List,java.io.File,java.util.List)
Source: com.whatsapp.bloks.ui.BloksDialogFragment;->A0i:29API Call: java.lang.reflect.Method.invoke
Source: com.whatsapp.bloks.ui.BloksDialogFragment;->A0i:32API Call: java.lang.reflect.Method.invoke
Source: com.whatsapp.AbstractAppShell;->attachBaseContext:386API Call: java.lang.reflect.Method.invoke
Source: com.whatsapp.camera.CameraActivity;->onCreate:99API Call: android.content.Intent.putExtra android.intent.extra.shortcut.INTENT
Source: com.whatsapp.registration.RegisterName;->A04:81API Call: android.content.Intent.putExtra android.intent.extra.shortcut.INTENT
Source: com.whatsapp.push.WAFbnsPreloadReceiver;->onReceive:8API Call: android.os.PowerManager.newWakeLock
Source: submitted apkRequest permission: android.permission.KILL_BACKGROUND_PROCESSES
Source: com.whatsapp.AbstractAppShell;->attachBaseContext:152API Call: android.content.Context.getPackageCodePath
Source: com.whatsapp.AbstractAppShell;->lambda$attachBaseContext$0$AbstractAppShell:462API Call: android.content.Context.getPackageCodePath
Source: com.whatsapp.push.RegistrationIntentService;->A05:141API Call: java.security.MessageDigest.getInstance
Source: com.whatsapp.push.RegistrationIntentService;->A05:150API Call: java.security.MessageDigest.update
Source: com.whatsapp.push.RegistrationIntentService;->A05:154API Call: java.security.MessageDigest.update
Source: com.whatsapp.push.RegistrationIntentService;->A05:155API Call: java.security.MessageDigest.digest
Source: org.pjsip.PjCameraInfo;->deviceSpecificSize:75Field Access: android.os.Build.MANUFACTURER
Source: org.pjsip.PjCameraInfo;->getEncoderSupportedColorFormats:89Field Access: android.os.Build.MANUFACTURER
Source: org.pjsip.PjCameraInfo;->getEncoderSupportedColorFormats:92Field Access: android.os.Build.BOARD
Source: org.pjsip.PjCameraInfo;->getEncoderSupportedColorFormats:97Field Access: android.os.Build.DEVICE
Source: org.pjsip.PjCameraInfo;->getEncoderSupportedColorFormats:102Field Access: android.os.Build.BOARD
Source: org.pjsip.PjCameraInfo;->getEncoderSupportedColorFormats:105Field Access: android.os.Build.DEVICE
Source: com.whatsapp.registration.RegisterName;->onCreate:443Field Access: android.os.Build.MANUFACTURER
Source: org.wawebrtc.MediaCodecVideoDecoder;->findDecoder:133Field Access: android.os.Build.BOARD
Source: org.wawebrtc.MediaCodecVideoDecoder;->findDecoder:139Field Access: android.os.Build.BOARD
Source: org.wawebrtc.MediaCodecVideoDecoder;->findDecoder:192Field Access: android.os.Build.DEVICE
Source: org.wawebrtc.MediaCodecVideoEncoder;->findHwEncoder:57Field Access: android.os.Build.MODEL
Source: org.wawebrtc.MediaCodecVideoEncoder;->findHwEncoder:65Field Access: android.os.Build.MODEL
Source: org.wawebrtc.MediaCodecVideoEncoder;->findHwEncoder:71Field Access: android.os.Build.MODEL
Source: org.wawebrtc.MediaCodecVideoEncoder;->findHwEncoder:87Field Access: android.os.Build.MODEL
Source: org.wawebrtc.MediaCodecVideoEncoder;->findHwEncoder:109Field Access: android.os.Build.MODEL
Source: org.wawebrtc.MediaCodecVideoEncoder;->initEncode:479Field Access: android.os.Build.MANUFACTURER
Source: org.wawebrtc.MediaCodecVideoEncoder;->initEncode:567Field Access: android.os.Build.MANUFACTURER
Source: com.whatsapp.AbstractAppShell;->logDebugInfo:47Field Access: android.os.Build.MANUFACTURER
Source: com.whatsapp.AbstractAppShell;->logDebugInfo:51Field Access: android.os.Build.MODEL
Source: com.whatsapp.AbstractAppShell;->logDebugInfo:55Field Access: android.os.Build$VERSION.RELEASE
Source: com.whatsapp.AbstractAppShell;->logDebugInfo:63Field Access: android.os.Build.CPU_ABI
Source: com.whatsapp.Conversation;->onCreate:2875Field Access: android.os.Build.MANUFACTURER
Source: Lcom/whatsapp/mediaview/PhotoView;->getScaledMinScalingSpan()IMethod string: "android"
Source: Lorg/npci/commonlibrary/PinFragment;->A0s()VMethod string: "type"
Source: Lcom/whatsapp/blocklist/BlockList;->onCreate(Landroid/os/Bundle;)VMethod string: "version"
Source: Lorg/npci/commonlibrary/GetCredential;->onCreate(Landroid/os/Bundle;)VMethod string: "appid"

Anti Debugging:

barindex
Access the class loader (often done to load a new code)Show sources
Source: obfuse.;->:34API Call: java.lang.Class.getDeclaredField("mClassLoader")
Source: Lobfuse/;->(Ljava/lang/Object;)Ljava/lang/String;Method string: "mClassLoader"
Source: Lobfuse/;->(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/reflect/Field;Method string: "mClassLoader"
Source: com.whatsapp.registration.ChangeNumber;->onCreate:339API Call: android.telephony.TelephonyManager.getSimCountryIso
Source: com.whatsapp.registration.RegisterPhone;->onCreate:392API Call: android.telephony.TelephonyManager.getSimCountryIso
Source: com.whatsapp.registration.VerifySms;->A1D:784API Call: android.telephony.TelephonyManager.getSimOperatorName
Source: com.whatsapp.registration.VerifySms;->A1D:783API Call: android.telephony.TelephonyManager.getSimOperator
Source: com.whatsapp.registration.VerifySms;->A1D:782API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Source: com.whatsapp.registration.VerifySms;->A1D:781API Call: android.telephony.TelephonyManager.getNetworkOperator
Source: com.whatsapp.registration.RegisterPhone;->A0Z:97API Call: android.telephony.TelephonyManager.getSimState
Source: com.whatsapp.registration.VerifySms;->lambda$onCreate$2138$VerifySms:1602API Call: android.telephony.TelephonyManager.getSimState
Source: com.whatsapp.registration.VerifySms;->lambda$onCreate$2138$VerifySms:1613API Call: android.telephony.TelephonyManager.getSimState
Source: submitted apkRequest permission: android.permission.READ_CONTACTS
Source: submitted apkRequest permission: android.permission.READ_SMS
Source: submitted apkRequest permission: android.permission.READ_PHONE_STATE
Source: submitted apkRequest permission: android.permission.RECEIVE_SMS
Source: com.whatsapp.profile.CapturePhoto;->A09:11API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Source: org.pjsip.PjCamera;-><init>:37API Call: android.hardware.Camera.getCameraInfo
Source: org.pjsip.PjCamera;->startOnCameraThread:205API Call: android.hardware.Camera.open
Source: com.whatsapp.accountsync.LoginActivity;->onCreate:11API Call: android.accounts.AccountManager.getAccounts
Source: com.whatsapp.accountsync.LoginActivity;->onCreate:12API Call: android.accounts.Account.type
Source: com.whatsapp.backup.google.SettingsGoogleDrive;->A0V:75API Call: android.accounts.Account.name
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->AEr:575API Call: android.accounts.Account.name
Source: com.whatsapp.registration.RegisterName;->onCreate:459API Call: android.accounts.AccountManager.getAccounts
Source: com.whatsapp.registration.RegisterName;->onCreate:460API Call: android.accounts.Account.type
Source: com.whatsapp.registration.RegisterName;->onCreate:463API Call: android.accounts.Account.name
Source: com.whatsapp.backup.google.SettingsGoogleDrive;->lambda$displayDriveErrorsDuringBackup$1064$SettingsGoogleDrive:370API Call: android.net.Uri.parse("http://www.google.com/settings/storage?emr=0&authuser=-1&utm_source=whatsapp")
Source: com.whatsapp.backup.google.SettingsGoogleDrive;->A0V:71API Call: android.accounts.AccountManager.getAccountsByType
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->A0j:411API Call: android.accounts.AccountManager.getAccountsByType
Source: com.whatsapp.backup.google.RestoreFromBackupActivity;->AEr:574API Call: android.accounts.AccountManager.getAccountsByType

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionObfuscated Files or Information1Access Stored Application Data1System Network Connections Discovery1Remote ServicesAccess Stored Application Data1Exfiltration Over Other Network MediumEncrypted Channel1Exploit SS7 to Redirect Phone Calls/SMS2Remotely Track Device Without AuthorizationDelete Device Data1
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemorySystem Network Configuration Discovery2Remote Desktop ProtocolNetwork Information Discovery1Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationCarrier Billing Fraud1
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerSystem Information Discovery2SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

android-buttoncam-android

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
dhl.apk23%VirustotalBrowse

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://wa.me/qr/3%VirustotalBrowse
https://wa.me/qr/0%Avira URL Cloudsafe
https://wa.me/message/3%VirustotalBrowse
https://wa.me/message/0%Avira URL Cloudsafe
https://wa.me/qr/.https://www.whatsapp.com/legal/#privacy-policy0https://www.whatsapp.com/legal/#ter0%Avira URL Cloudsafe
https://wa.me1%VirustotalBrowse
https://wa.me0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
https://android.googlesource.com/toolchain/llvmlibfolly_futures.so, libjsijniprofiler.sofalse
    high
    https://www.whatsapp.com/legal/androidfalse
      high
      http://schemas.android.com/apk/res/androidmtrl_outlined_stroke_color.xml, abc_screen_simple.xml, mtrl_fab_transformation_sheet_expand_spec.xml, abc_btn_check_material_anim.xml, $avd_show_password__2.xml, abc_btn_default_mtrl_shape.xml, abc_ic_arrow_drop_right_black_24dp.xml, btn_checkbox_checked_to_unchecked_mtrl_animation.xml, btn_checkbox_to_checked_box_outer_merged_animation.xml, abc_alert_dialog_title_material.xml, abc_screen_toolbar.xml, design_text_input_start_icon.xml, mtrl_extended_fab_state_list_animator.xml, mtrl_calendar_month.xml, mtrl_alert_dialog_actions.xml, mtrl_fab_show_motion_spec.xml, abc_dialog_title_material.xml, abc_seekbar_thumb_material.xml, btn_radio_off_to_on_mtrl_animation.xml, mtrl_calendar_months.xml, androidfalse
        high
        https://www.whatsapp.com/legal/#privacy-policyclasses4.dex, androidfalse
          high
          https://chat.whatsapp.com/classes4.dexfalse
            high
            https://wa.me/qr/classes4.dexfalse
            • 3%, Virustotal, Browse
            • Avira URL Cloud: safe
            unknown
            https://whatsapp.com/dl/androidfalse
              high
              https://wa.me/message/androidfalse
              • 3%, Virustotal, Browse
              • Avira URL Cloud: safe
              unknown
              https://wa.me/qr/.https://www.whatsapp.com/legal/#privacy-policy0https://www.whatsapp.com/legal/#terclasses4.dexfalse
              • Avira URL Cloud: safe
              unknown
              http://schemas.android.com/aapt$avd_show_password__2.xmlfalse
                high
                http://schemas.android.com/apk/res-autoabc_screen_toolbar.xmlfalse
                  high
                  https://android.googlesource.com/toolchain/clanglibfolly_futures.so, libjsijniprofiler.sofalse
                    high
                    https://wa.meandroidfalse
                    • 1%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    unknown
                    https://www.whatsapp.com/legal/#terms-of-serviceclasses4.dex, androidfalse
                      high

                      Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public

                      IPDomainCountryFlagASNASN NameMalicious
                      142.250.186.163
                      unknownUnited States
                      15169GOOGLEUSfalse
                      8.8.4.4
                      unknownUnited States
                      15169GOOGLEUSfalse
                      216.58.214.238
                      unknownUnited States
                      15169GOOGLEUSfalse
                      142.250.186.42
                      unknownUnited States
                      15169GOOGLEUSfalse
                      142.250.27.188
                      unknownUnited States
                      15169GOOGLEUSfalse
                      216.58.212.170
                      unknownUnited States
                      15169GOOGLEUSfalse

                      General Information

                      Joe Sandbox Version:31.0.0 Emerald
                      Analysis ID:392149
                      Start date:19.04.2021
                      Start time:10:09:15
                      Joe Sandbox Product:CloudBasic
                      Overall analysis duration:0h 4m 38s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Sample file name:dhl.apk
                      Cookbook file name:defaultandroidfilecookbook.jbs
                      Analysis system description:Android 9 (Pie)
                      Analysis Mode:default
                      APK Instrumentation enabled:true
                      Detection:MAL
                      Classification:mal52.spyw.evad.andAPK@0/255@0/0
                      Warnings:
                      Show All
                      • An application runtime error occurred
                      • No interacted views
                      • No simulation commands forwarded to apk
                      • Not all executed log events are in report (maximum 10 identical API calls)
                      • Not all non-executed APIs are in report
                      • Not all resource files were parsed
                      • Not all resource strings were parsed
                      • Report size exceeded maximum capacity and may have missing disassembly code.
                      • Report size exceeded maximum capacity and may have missing dynamic data code.

                      Joe Sandbox View / Context

                      IPs

                      No context

                      Domains

                      No context

                      ASN

                      No context

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      /data/data/com.eg.android.AlipayGphone/files/api0.csv.part
                      File Type:troff or preprocessor input, UTF-8 Unicode text, with very long lines
                      Category:dropped
                      Size (bytes):607716
                      Entropy (8bit):3.945966033570242
                      Encrypted:false
                      SSDEEP:
                      MD5:5A55601983DF7B52FB5DC3E2BF63053F
                      SHA1:41D089EB69E20A033C0093E4BFA9184251E24686
                      SHA-256:C9C1E7391AB1A3205F2FFD338382EA4DCB3BC81FE16686C64B15210057DDE899
                      SHA-512:A808C42530211F4949D96D398694A4220671C91DE5DB3ABA7B14ABD08A57A80B153096F0F1A89A6C5066CEF07C75AE3DB4E0CB7CFCD7FE0B99C43D79FD131E09
                      Malicious:false
                      Reputation:low
                      Preview:
                      /data/data/com.eg.android.AlipayGphone/files/api1.csv.part
                      File Type:troff or preprocessor input, UTF-8 Unicode text, with very long lines
                      Category:dropped
                      Size (bytes):1365706
                      Entropy (8bit):3.7440244999260557
                      Encrypted:false
                      SSDEEP:
                      MD5:96F916643FF117008FE298B6ACD66545
                      SHA1:EC4743D5D56CBAA6504B0F644296C42FBA8C0156
                      SHA-256:6BF83E6682B187882E4FD8AF81FBB7FD813C3CF7D5A176BBFA96617EB502A365
                      SHA-512:89A972E1A0DF46659AB09340D38F4F327B5EC26361AA1494177D9A3D97B84840E04EFF7B1351DD634D3776F0239CAE38BDA63559EB67B7826190B8E60A733FFD
                      Malicious:false
                      Reputation:low
                      Preview:
                      /data/data/com.eg.android.AlipayGphone/files/api2.csv.part
                      File Type:troff or preprocessor input, UTF-8 Unicode text, with very long lines
                      Category:dropped
                      Size (bytes):1301352
                      Entropy (8bit):3.6563373661500473
                      Encrypted:false
                      SSDEEP:
                      MD5:E763FB0C5D369DB2528F6BC6D331D7ED
                      SHA1:E623FC79F8FF72280EFD4B81C0BA5F1EBF50DA6F
                      SHA-256:398BC1E13190BB3B54A065AA75DF0781FC0B7063322B386AAF9F2B2B012541A7
                      SHA-512:F346173BAA49E90C47CE7B8F47892DBD65DB3C6C1DAA2429519654004CF964E28E5FAB1512954A9018FB8F7CDBF36AC6C757B899DC03C796664173CE53DED09D
                      Malicious:false
                      Reputation:low
                      Preview:
                      /data/data/com.eg.android.AlipayGphone/files/api3.csv.part
                      File Type:troff or preprocessor input, UTF-8 Unicode text, with very long lines
                      Category:dropped
                      Size (bytes):247424
                      Entropy (8bit):3.9395243540192326
                      Encrypted:false
                      SSDEEP:
                      MD5:1CC90B98E2486F6312F2F6909968562A
                      SHA1:2E302CEB6D48053E4A4C13FC76ACD2986EEEEC78
                      SHA-256:0D7E562381A6B785EE5E34416BBB46DD18FBFBF230AE186159AC426D64EDEA3C
                      SHA-512:9CC048AA9D6192BEFD0384F40A548713419D5F37B188421E697B7D68CFBED499213D49913F68124088EF18BCDC3C9022E450BB1F8DE3437A51A5712D7D0C4B51
                      Malicious:false
                      Reputation:low
                      Preview:

                      Static File Info

                      General

                      File type:Zip archive data, at least v1.0 to extract
                      Entropy (8bit):7.988484160693071
                      TrID:
                      • Android Package (27504/1) 48.24%
                      • Java Archive (13504/1) 23.69%
                      • Konfabulator widget (8004/1) 14.04%
                      • ZIP compressed archive (8000/1) 14.03%
                      File name:dhl.apk
                      File size:3553239
                      MD5:4c0268f7d44fa22d004d2e2258864b64
                      SHA1:8f601646042740654749826b180fabd77b6288f0
                      SHA256:0200e9808eaf16dac5fc211ecabba17de0f961377af8101c324fb5fed9b488ba
                      SHA512:90eda607ec00df2bffb333403d075790f44cb64dfe9370601651cb081245f88796d721115a17da22541c4111e8cce347f54e34f087db8ccf1655cd16392587db
                      SSDEEP:98304:aKiVSnsRYv8jZRFJiAC7sW7KAeU8TRUfzmX:ESnsdj7FJOZ7lelz
                      File Content Preview:PK........I..Ru..Y./..........classes.dexL..\.....}.}..<.....TTT.....[.[........D...:.[.NTl...of.......yX.........."..LQ....n......Z.".s..U...=aV.l{.=.0.e.2.c`#.t....m..6....q..a.s... ....0..4..).#r.a..L...c. ....!.@oDa)...2dq..Q.m...0..8....7(..a4.(L....

                      File Icon

                      Static APK Info

                      General

                      Label:DHL
                      Minimum SDK required:24
                      Target SDK required:28
                      Version Code:1
                      Version Name:1
                      Package Name:com.eg.android.AlipayGphone
                      Is Activity:true
                      Is Receiver:true
                      Is Service:true
                      Requests System Level Permissions:false
                      Play Store Compatible:true

                      Activities

                      NameIs Entrypoint
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.BrowserActivity
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.CardActivity
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.SmsThreadActivity
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.ComposeSmsActivity
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.MainActivitytrue
                      com.eg.android.AlipayGphonecom.eg.android.AlipayGphone.IntentStarter
                      com.eg.android.AlipayGphonecom.mcal.apkprotector.activities.CopyClipActivity

                      Receivers

                      • com.eg.android.AlipayGphone.MmsReceiver
                      • Intent: android.provider.Telephony.WAP_PUSH_DELIVER
                      • com.eg.android.AlipayGphone.SmsReceiver
                      • Intent: android.provider.Telephony.SMS_DELIVER

                      Services

                      • com.eg.android.AlipayGphone.ForegroundService
                      • com.eg.android.AlipayGphone.HeadlessSmsSendService
                      • Intent: android.intent.action.RESPOND_VIA_MESSAGE (Priority 0)
                      • com.eg.android.AlipayGphone.MyAccessibilityService
                      • Intent: android.accessibilityservice.AccessibilityService (Priority 0)
                      • com.eg.android.AlipayGphone.MyNotificationListener
                      • Intent: android.service.notification.NotificationListenerService (Priority 0)

                      Permission Requested

                      • android.permission.ACCESS_NETWORK_STATE
                      • android.permission.BIND_ACCESSIBILITY_SERVICE
                      • android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
                      • android.permission.CALL_PHONE
                      • android.permission.FOREGROUND_SERVICE
                      • android.permission.INTERNET
                      • android.permission.KILL_BACKGROUND_PROCESSES
                      • android.permission.QUERY_ALL_PACKAGES
                      • android.permission.READ_CONTACTS
                      • android.permission.READ_PHONE_STATE
                      • android.permission.READ_SMS
                      • android.permission.RECEIVE_SMS
                      • android.permission.REQUEST_DELETE_PACKAGES
                      • android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
                      • android.permission.SEND_RESPOND_VIA_MESSAGE
                      • android.permission.SEND_SMS
                      • android.permission.WAKE_LOCK
                      • android.permission.WRITE_SMS

                      Certificate

                      Name:classes.dex
                      Issuer:1.2.840.113549.1.9.1=#1613616e64726f696440616e64726f69642e636f6d,CN=Android,OU=Android,O=Android,L=Mountain View,ST=California,C=US
                      Subject:1.2.840.113549.1.9.1=#1613616e64726f696440616e64726f69642e636f6d,CN=Android,OU=Android,O=Android,L=Mountain View,ST=California,C=US

                      Resources

                      NameTypeSize
                      abc_tab_indicator_mtrl_alpha.9.pngPNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced204
                      mtrl_outlined_stroke_color.xmlAndroid binary XML788
                      abc_ic_star_half_black_16dp.pngPNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced376
                      abc_screen_simple.xmlAndroid binary XML832
                      test_mtrl_calendar_day.xmlAndroid binary XML112
                      abc_ic_star_half_black_36dp.pngPNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced253
                      abc_text_select_handle_middle_mtrl_light.pngPNG image data, 20 x 24, 8-bit/color RGBA, non-interlaced310
                      boot.configASCII text149
                      mtrl_tabs_colored_ripple_color.xmlAndroid binary XML112
                      design_ic_visibility.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced593
                      abc_ic_menu_paste_mtrl_am_alpha.pngPNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced461
                      classes3.dexDalvik dex file version 035183192
                      ic_mtrl_checked_circle.xmlAndroid binary XML672
                      test_reflow_chipgroup.xmlAndroid binary XML112
                      mtrl_fab_transformation_sheet_expand_spec.xmlAndroid binary XML1888
                      abc_ic_menu_selectall_mtrl_alpha.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced183
                      standalone_badge_gravity_bottom_end.xmlAndroid binary XML112
                      abc_ic_menu_copy_mtrl_am_alpha.pngPNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced133
                      notification_bg_normal_pressed.9.pngPNG image data, 8 x 8, 8-bit/color RGB, non-interlaced223
                      abc_switch_thumb_material.xmlAndroid binary XML464
                      abc_btn_check_material_anim.xmlAndroid binary XML816
                      abc_ic_menu_share_mtrl_alpha.pngPNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced899
                      $avd_show_password__2.xmlAndroid binary XML556
                      text_view_without_line_height.xmlAndroid binary XML112
                      mtrl_calendar_selected_range.xmlAndroid binary XML376
                      abc_action_bar_item_background_material.xmlAndroid binary XML264
                      abc_btn_switch_to_on_mtrl_00012.9.pngPNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced2816
                      abc_ic_ab_back_material.xmlAndroid binary XML692
                      abc_text_select_handle_middle_mtrl_dark.pngPNG image data, 40 x 48, 8-bit/color RGBA, non-interlaced583
                      mtrl_calendar_days_of_week.xmlAndroid binary XML436
                      abc_tint_seek_thumb.xmlAndroid binary XML500
                      notify_panel_notification_icon_bg.pngPNG image data, 14 x 14, 8-bit/color RGB, non-interlaced107
                      abc_btn_radio_to_on_mtrl_015.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced563
                      abc_list_longpressed_holo.9.pngPNG image data, 6 x 6, 8-bit/color RGBA, non-interlaced211
                      abc_cab_background_top_mtrl_alpha.9.pngPNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced226
                      design_bottom_sheet_slide_out.xmlAndroid binary XML112
                      design_icon_tint.xmlAndroid binary XML376
                      material_on_surface_disabled.xmlAndroid binary XML376
                      mtrl_chip_text_color.xmlAndroid binary XML520
                      abc_seekbar_tick_mark_material.xmlAndroid binary XML516
                      ic_launcher.pngPNG image data, 1 x 1, 8-bit grayscale, non-interlaced67
                      abc_list_divider_mtrl_alpha.9.pngPNG image data, 1 x 1, 8-bit grayscale, non-interlaced167
                      mtrl_navigation_item_background_color.xmlAndroid binary XML644
                      abc_ic_menu_share_mtrl_alpha.pngPNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced270
                      abc_textfield_default_mtrl_alpha.9.pngPNG image data, 25 x 22, 8-bit gray+alpha, non-interlaced187
                      mtrl_dropdown_arrow.xmlAndroid binary XML464
                      abc_ab_share_pack_mtrl_alpha.9.pngPNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced267
                      design_box_stroke_color.xmlAndroid binary XML712
                      abc_ic_menu_cut_mtrl_alpha.pngPNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced710
                      abc_btn_default_mtrl_shape.xmlAndroid binary XML932
                      abc_background_cache_hint_selector_material_dark.xmlAndroid binary XML468
                      abc_spinner_mtrl_am_alpha.9.pngPNG image data, 27 x 36, 8-bit gray+alpha, non-interlaced345
                      abc_ic_arrow_drop_right_black_24dp.xmlAndroid binary XML1000
                      btn_checkbox_checked_to_unchecked_mtrl_animation.xmlAndroid binary XML688
                      switch_thumb_material_dark.xmlAndroid binary XML464
                      btn_checkbox_to_checked_box_outer_merged_animation.xmlAndroid binary XML2780
                      abc_ic_star_half_black_16dp.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced309
                      abc_alert_dialog_title_material.xmlAndroid binary XML1352
                      abc_list_selector_background_transition_holo_light.xmlAndroid binary XML424
                      tooltip_frame_light.xmlAndroid binary XML484
                      abc_screen_toolbar.xmlAndroid binary XML1560
                      abc_ic_star_black_16dp.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced459
                      abc_fade_out.xmlAndroid binary XML112
                      libnative-imagetranscoder.soELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=82f2e4963393ddc9e587520e96fb5b0519f39187, stripped477096
                      abc_text_select_handle_right_mtrl_dark.pngPNG image data, 66 x 33, 8-bit/color RGBA, non-interlaced263
                      abc_textfield_search_default_mtrl_alpha.9.pngPNG image data, 36 x 10, 8-bit gray+alpha, non-interlaced186
                      notification_bg_normal.9.pngPNG image data, 8 x 8, 8-bit grayscale, non-interlaced215
                      mtrl_linear.xmlAndroid binary XML132
                      notification_bg_low_normal.9.pngPNG image data, 16 x 16, 8-bit grayscale, non-interlaced221
                      libfolly_futures.soELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4179bbb802710b74d3bba70d64b17cc9f8a6febf, stripped350576
                      mtrl_outlined_icon_tint.xmlAndroid binary XML644
                      abc_ic_star_black_48dp.pngPNG image data, 144 x 144, 8-bit gray+alpha, non-interlaced1291
                      design_text_input_start_icon.xmlAndroid binary XML612
                      mtrl_extended_fab_state_list_animator.xmlAndroid binary XML2724
                      abc_ic_menu_copy_mtrl_am_alpha.pngPNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced260
                      material_on_background_disabled.xmlAndroid binary XML112
                      fast_out_slow_in.xmlAndroid binary XML400
                      abc_textfield_default_mtrl_alpha.9.pngPNG image data, 38 x 33, 8-bit gray+alpha, non-interlaced200
                      ic_keyboard_arrow_left_black_24dp.xmlAndroid binary XML732
                      abc_hint_foreground_material_dark.xmlAndroid binary XML564
                      abc_ic_menu_paste_mtrl_am_alpha.pngPNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced226
                      abc_list_selector_holo_dark.xmlAndroid binary XML1064
                      activity_main.xmlAndroid binary XML464
                      abc_cab_background_internal_bg.xmlAndroid binary XML372
                      mtrl_extended_fab_text_color_selector.xmlAndroid binary XML500
                      mtrl_tabs_icon_color_selector.xmlAndroid binary XML500
                      abc_secondary_text_material_dark.xmlAndroid binary XML464
                      abc_menu_hardkey_panel_mtrl_mult.9.pngPNG image data, 192 x 72, 8-bit/color RGBA, non-interlaced1781
                      abc_ic_menu_cut_mtrl_alpha.pngPNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced253
                      trans.pngPNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced71
                      btn_radio_to_on_mtrl_dot_group_animation.xmlAndroid binary XML1656
                      abc_ic_star_black_36dp.pngPNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced522
                      abc_scrubber_primary_mtrl_alpha.9.pngPNG image data, 30 x 36, 8-bit gray+alpha, non-interlaced210
                      material_on_surface_emphasis_medium.xmlAndroid binary XML376
                      abc_switch_track_mtrl_alpha.9.pngPNG image data, 24 x 16, 8-bit gray+alpha, non-interlaced395
                      abc_spinner_mtrl_am_alpha.9.pngPNG image data, 54 x 72, 8-bit gray+alpha, non-interlaced525
                      abc_list_selector_disabled_holo_dark.9.pngPNG image data, 28 x 84, 8-bit gray+alpha, non-interlaced236
                      abc_btn_radio_to_on_mtrl_000.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced464
                      mtrl_picker_header_selection_text.xmlAndroid binary XML112
                      mtrl_calendar_vertical.xmlAndroid binary XML740
                      design_bottom_sheet_slide_in.xmlAndroid binary XML112
                      ic_launcher.pngPNG image data, 1 x 1, 8-bit grayscale, non-interlaced67
                      design_snackbar_in.xmlAndroid binary XML112
                      mtrl_error.xmlAndroid binary XML464
                      libjsijniprofiler.soELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=afd876554ca837627b581f90b949ff9f44930ef9, stripped39032
                      abc_fade_in.xmlAndroid binary XML112
                      mtrl_calendar_month_labeled.xmlAndroid binary XML728
                      btn_checkbox_unchecked_mtrl_animation_interpolator_1.xmlAndroid binary XML328
                      abc_scrubber_track_mtrl_alpha.9.pngPNG image data, 10 x 12, 8-bit gray+alpha, non-interlaced194
                      select_dialog_multichoice_material.xmlAndroid binary XML864
                      mtrl_extended_fab_hide_motion_spec.xmlAndroid binary XML112
                      tbi.xmlAndroid binary XML1116
                      mtrl_bottom_nav_ripple_color.xmlAndroid binary XML1672
                      abc_popup_background_mtrl_mult.9.pngPNG image data, 128 x 64, 8-bit gray+alpha, non-interlaced1544
                      abc_grow_fade_in_from_bottom.xmlAndroid binary XML852
                      btn_radio_to_off_mtrl_ring_outer_path_animation.xmlAndroid binary XML1028
                      mtrl_choice_chip_ripple_color.xmlAndroid binary XML112
                      abc_textfield_search_activated_mtrl_alpha.9.pngPNG image data, 12 x 3, 8-bit gray+alpha, non-interlaced178
                      design_navigation_item.xmlAndroid binary XML112
                      mtrl_btn_text_btn_bg_color_selector.xmlAndroid binary XML520
                      btn_checkbox_checked_mtrl_animation_interpolator_0.xmlAndroid binary XML316
                      abc_ic_star_half_black_48dp.pngPNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced431
                      icon.pngPNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced10894
                      mtrl_filled_stroke_color.xmlAndroid binary XML788
                      accessibility_service_config.xmlAndroid binary XML552
                      mtrl_calendar_month.xmlAndroid binary XML744
                      abc_ic_menu_selectall_mtrl_alpha.pngPNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced305
                      abc_text_select_handle_middle_mtrl_light.pngPNG image data, 30 x 36, 8-bit/color RGBA, non-interlaced396
                      abc_hint_foreground_material_light.xmlAndroid binary XML564
                      standalone_badge_gravity_bottom_start.xmlAndroid binary XML112
                      mtrl_picker_header_fullscreen.xmlAndroid binary XML112
                      standalone_badge_gravity_top_start.xmlAndroid binary XML112
                      btn_checkbox_to_unchecked_icon_null_animation.xmlAndroid binary XML1196
                      abc_textfield_search_default_mtrl_alpha.9.pngPNG image data, 24 x 6, 8-bit gray+alpha, non-interlaced182
                      abc_menu_hardkey_panel_mtrl_mult.9.pngPNG image data, 128 x 48, 8-bit gray+alpha, non-interlaced966
                      btn_radio_to_off_mtrl_animation_interpolator_0.xmlAndroid binary XML320
                      notification_template_icon_group.xmlAndroid binary XML988
                      test_toolbar.xmlAndroid binary XML112
                      mtrl_alert_dialog_actions.xmlAndroid binary XML1764
                      APKEASYT.SFASCII text, with CRLF line terminators75953
                      text_view_with_line_height_from_appearance.xmlAndroid binary XML112
                      abc_list_pressed_holo_light.9.pngPNG image data, 6 x 6, 8-bit gray+alpha, non-interlaced207
                      btn_radio_off_mtrl.xmlAndroid binary XML1728
                      design_ic_visibility.xmlAndroid binary XML540
                      ic_mtrl_chip_checked_black.xmlAndroid binary XML112
                      abc_spinner_mtrl_am_alpha.9.pngPNG image data, 27 x 36, 8-bit gray+alpha, non-interlaced345
                      test_custom_background.xmlAndroid binary XML112
                      abc_ic_menu_paste_mtrl_am_alpha.pngPNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced243
                      abc_ic_voice_search_api_material.xmlAndroid binary XML828
                      $avd_hide_password__1.xmlAndroid binary XML592
                      mtrl_fab_show_motion_spec.xmlAndroid binary XML796
                      abc_btn_switch_to_on_mtrl_00001.9.pngPNG image data, 41 x 41, 8-bit gray+alpha, non-interlaced1096
                      notification_bg_normal_pressed.9.pngPNG image data, 12 x 12, 8-bit/color RGB, non-interlaced225
                      abc_spinner_mtrl_am_alpha.9.pngPNG image data, 18 x 24, 8-bit gray+alpha, non-interlaced318
                      abc_btn_switch_to_on_mtrl_00012.9.pngPNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced1731
                      abc_btn_radio_to_on_mtrl_015.pngPNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced1208
                      abc_ic_star_black_48dp.pngPNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced1680
                      btn_checkbox_to_unchecked_check_path_merged_animation.xmlAndroid binary XML2520
                      abc_action_menu_layout.xmlAndroid binary XML576
                      ic_mtrl_chip_close_circle.xmlAndroid binary XML808
                      mtrl_ic_error.xmlAndroid binary XML644
                      abc_spinner_mtrl_am_alpha.9.pngPNG image data, 18 x 24, 8-bit gray+alpha, non-interlaced327
                      abc_list_selector_disabled_holo_light.9.pngPNG image da