search

rednaga / APKiD

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Other
2.02k stars 297 forks source link

[DETECTION] Youtube false positive with DexGuard #275

Open enovella opened 2 years ago

enovella commented 2 years ago 
[20:12 edu@xps tmp] >  apkid YouTube.apk 
[+] APKiD 2.1.2 :: from RedNaga :: rednaga.io
[*] YouTube.apk
 |-> anti_disassembly : illegal class name
 |-> obfuscator : DexGuard
enovella commented 2 years ago

Another potential FP:

apkid 105a2646e8acf45afcd606f4d47af68a8218e0ae7d8c9646d0048cbf32df7a73.apk 
[+] APKiD 2.1.2 :: from RedNaga :: rednaga.io
[*] 105a2646e8acf45afcd606f4d47af68a8218e0ae7d8c9646d0048cbf32df7a73.apk!assets/audience_network.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : possible Build.SERIAL check
 |-> compiler : unknown (please file detection issue!)
[*] 105a2646e8acf45afcd606f4d47af68a8218e0ae7d8c9646d0048cbf32df7a73.apk!classes.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, SIM operator check, network operator name check, possible Build.SERIAL check, possible VM check, ro.kernel.qemu check
 |-> compiler : dexlib 2.x
 |-> obfuscator : DexGuard