Open enovella opened 4 years ago
Describe the detection issue Possible version of bangcle, secneo or other chinese protectors
import com.bangcle.everisk.Agent; import com.bangcle.everisk.checkers.p.a.a; import com.bangcle.everisk.util.n;
Assets RiskStub.dex
RiskStub.dex
APKiD current results...
[20:05 edu@xps Downloads] > apkid 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk [+] APKiD 2.1.0 :: from RedNaga :: rednaga.io [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!assets/RiskStub.dex |-> anti_debug : Debug.isDebuggerConnected() check |-> anti_vm : Build.BOARD check, Build.BRAND check, Build.DEVICE check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, emulator file check, possible Build.SERIAL check, possible ro.secure check, ro.kernel.qemu check, ro.product.device check, subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes.dex |-> anti_debug : Debug.isDebuggerConnected() check |-> anti_vm : Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, SIM operator check, network operator name check, possible VM check, possible ro.secure check, subscriber ID check |-> compiler : dx (possible dexmerge) |-> manipulator : dexmerge [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes10.dex |-> anti_vm : Build.MANUFACTURER check, network operator name check, possible Build.SERIAL check, subscriber ID check |-> compiler : dx (possible dexmerge) |-> manipulator : dexmerge [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes2.dex |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes3.dex |-> anti_vm : Build.BOARD check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, possible Build.SERIAL check, subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes4.dex |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, SIM operator check, device ID check, emulator file check, network operator name check, possible Build.SERIAL check, possible VM check, possible ro.secure check, ro.kernel.qemu check, ro.product.device check, subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes5.dex |-> anti_vm : Build.BOARD check, Build.MANUFACTURER check, SIM operator check, network operator name check, possible Build.SERIAL check, subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes6.dex |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.TAGS check, SIM operator check, network operator name check, possible Build.SERIAL check, subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes7.dex |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes8.dex |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, SIM operator check, device ID check, network operator name check, possible ro.secure check, subscriber ID check |-> compiler : dx (possible dexmerge) |-> manipulator : dexmerge [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!classes9.dex |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check, possible Build.SERIAL check |-> compiler : dx (possible dexmerge) |-> manipulator : dexmerge [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libAPSE_1.1.5.so |-> anti_vm : emulator file check [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libdeviceid_1.0.so |-> anti_vm : emulator file check [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libservicefakedex.so!classes.dex |-> compiler : unknown (please file detection issue!) [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libsgavmp.so!classes.dex |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libsgmain.so!classes.dex |-> anti_vm : subscriber ID check |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libsgnocaptcha.so!classes.dex |-> compiler : dx [*] 6fb26804f020048b93b033728def59dc093f99c664b8a408a4e237bbed36de4e.apk!lib/armeabi/libsgsecuritybody.so!classes.dex |-> compiler : dx
@apkunpacker Do you have any INTEL in this sample?
Describe the detection issue Possible version of bangcle, secneo or other chinese protectors
Assets
RiskStub.dex
APKiD current results...