magis-tv-para-celular.apk
This report is generated from a file or URL submitted to this webservice on July 26th 2023 21:15:18 (UTC)
Report generated by
Falcon Sandbox v10.1.7 © Hybrid Analysis
Incident Response
MITRE ATT&CK™ Techniques Detection
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Malicious Indicators 1
-
Installation/Persistence
-
Has the ability to execute code after reboot
- details
- Permission request for "android.permission.RECEIVE_BOOT_COMPLETED"
- source
- Static Parser
- relevance
- 10/10
- ATT&CK ID
- T1402 (Show technique in the MITRE ATT&CK™ matrix)
-
Has the ability to execute code after reboot
-
Suspicious Indicators 3
-
Environment Awareness
-
Possibly tries to implement anti-virtualization techniques
- details
-
"SHA-256-Digest: QiolnKcu3fbvbOxlH5I0wm6Jygbiqs1cj6olND9P40U=" (Indicator: "vbox") in Source: MAGISOTT.SF
"SHA-256-Digest: 6BbcCZj07pDXtjDxfhb8wuctkQeMUxWtqsS8LaTCJtc=" (Indicator: "qemu") in Source: MANIFEST.MF - source
- File/Memory
- relevance
- 4/10
- ATT&CK ID
- T1497 (Show technique in the MITRE ATT&CK™ matrix)
-
Possibly tries to implement anti-virtualization techniques
-
General
-
Requires permissions that could be uesd for malicious intents
- details
-
Permission request for "android.permission.INTERNET"
Permission request for "android.permission.CHANGE_NETWORK_STATE"
Permission request for "android.permission.WRITE_EXTERNAL_STORAGE"
Permission request for "android.permission.WAKE_LOCK"
Permission request for "android.permission.GET_TASKS"
Permission request for "android.permission.CAMERA"
Permission request for "android.permission.RECEIVE_BOOT_COMPLETED"
Permission request for "android.permission.BLUETOOTH"
Permission request for "android.permission.CHANGE_WIFI_MULTICAST_STATE"
Permission request for "android.permission.CHANGE_WIFI_STATE"
Permission request for "android.permission.ACCESS_COARSE_LOCATION"
Permission request for "android.permission.READ_PHONE_STATE" - source
- Static Parser
- relevance
- 10/10
-
Requires permissions that could be uesd for malicious intents
-
Pattern Matching
-
YARA signature match - Uses Minhook library for hooking
- details
-
YARA signature for Minhook library matched on file "libhoudini_hook.so_"
YARA signature for Minhook library matched on file "libhoudini_hook.so"
YARA signature for Minhook library matched on file "libijm_linker.so"
YARA signature for Minhook library matched on file "libijm_linker.so_" - source
- YARA Signature
- relevance
- 3/10
- ATT&CK ID
- T1014 (Show technique in the MITRE ATT&CK™ matrix)
-
YARA signature match - Uses Minhook library for hooking
-
Informative 8
-
Cryptographic Related
-
Sample file has high entropy (likely encrypted/compressed content)
- details
- Sample file "sample.bin" has high entropy 7.990645695695333
- source
- Binary File
- relevance
- 1/10
- ATT&CK ID
- T1027 (Show technique in the MITRE ATT&CK™ matrix)
-
Sample file has high entropy (likely encrypted/compressed content)
-
External Systems
-
Sample was identified as clean by Antivirus engines
- details
- 0/64 Antivirus vendors marked sample as malicious (0% detection rate)
- source
- External System
- relevance
- 10/10
-
Sample was identified as clean by Antivirus engines
-
General
-
Found a reference to a known community page
- details
- Found string "withyoutube.com" (Indicator: "youtube"; File: "magis-tv-para-celular.apk.bin")
- source
- File/Memory
- relevance
- 2/10
-
Found a reference to a known community page
-
Installation/Persistence
-
Dropped files
- details
-
"libijkffmpeg.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libhoudini_hook.so_1690406149152" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked BuildID[sha1]=d616e7cb6af0eece286b07148ab03f54abeb6613 stripped"- [targetUID: N/A]
"libranger-jni.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libranger-jni.so_1690406149150" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libRSSupport.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[md5/uuid]=32ea64bd60e3c74c4296aa26e917aad0 stripped"- [targetUID: N/A]
"libexec_x86.so" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libexec.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libcrashsdk.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker BuildID[sha1]=6d263471fc14dd8e18ca6ef5ef0a5c249997186c stripped"- [targetUID: N/A]
"libcrashsdk.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker BuildID[sha1]=9f2efd8e9549a288b3882c0477b8c28838187df2 stripped"- [targetUID: N/A]
"libcrashlytics-common.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=84cb30153f92336df90fe769c148197a29a1e929 stripped"- [targetUID: N/A]
"libijm_linker.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=25770b3bf362235d1cf3425fe7ecf4e9020df718 stripped"- [targetUID: N/A]
"MAGISOTT.SF" has type "ASCII text with CRLF line terminators"- [targetUID: N/A]
"MANIFEST.MF" has type "ASCII text with CRLF line terminators"- [targetUID: N/A]
"libtnet-3.1.14.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker BuildID[sha1]=148c1e4424b44acf1daf8b8fe97d2834a493bee9 stripped"- [targetUID: N/A]
"libtnet-3.1.14.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker BuildID[sha1]=e4710adeb1bd476ee7532060347232cb49626674 stripped"- [targetUID: N/A]
"libijkplayer.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libijksdl.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libhtsfx.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libumeng-spy.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=57ba14987e1ec1f4c4763441cd0b1b72ea89aeda stripped"- [targetUID: N/A]
"libumeng-spy.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=6ff1495013dcb913b11db4e401bb9846d30a2c78 stripped"- [targetUID: N/A]
"libexecmain.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libhtsfx.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libexecmain_x86.so" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libclassify.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=f3581fa5cb115569a45a0d7272e243d41b914aee with debug_info not stripped"- [targetUID: N/A]
"libcrashlytics.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=69ff62ffa7f85c2463e799165e4ad202979b02c8 stripped"- [targetUID: N/A]
"libed25519.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=6206fcef2d4eac8d679f820db068691da964f1b5 stripped"- [targetUID: N/A]
"libcrashlytics-handler.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=da3830370a5bd98f43f6d097b26e12d0a8f8ec11 stripped"- [targetUID: N/A]
"librsjni.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[md5/uuid]=b23c23135fbe112c85fa7a7f808fcca2 stripped"- [targetUID: N/A]
"librsjni_androidx.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[md5/uuid]=b44b05375193b80e83ddcde39e4a56e7 stripped"- [targetUID: N/A]
"AndroidManifest.xml" has type "Android binary XML"- [targetUID: N/A]
"kotlin-stdlib.kotlin_module" has type "data"- [targetUID: N/A]
"libcrashlytics-trampoline.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker BuildID[sha1]=6421dbc8dd181b343ff3b94996e68e59df1ae992 stripped"- [targetUID: N/A]
"kotlin-stdlib-common.kotlin_module" has type "data"- [targetUID: N/A]
"MAGISOTT.RSA" has type "data"- [targetUID: N/A]
"kotlin-stdlib-coroutines.kotlin_module" has type "data"- [targetUID: N/A]
"DEPENDENCIES" has type "ASCII text"- [targetUID: N/A]
"kotlin-stdlib-common-coroutines.kotlin_module" has type "data"- [targetUID: N/A]
"app_magismobileRelease.kotlin_module" has type "data"- [targetUID: N/A]
"play-services-measurement-sdk-api.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-measurement-connector.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-measurement-base.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-installations-interop.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-measurement-impl.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-cloud-messaging.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-measurement-api.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-measurement-sdk.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-cast-framework.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-auth-api-phone.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-ads-identifier.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-dynamic-links-ktx.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-measurement.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-crashlytics-ndk.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-auth-base.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-basement.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-datatransport.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-encoders-json.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-ads-lite.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-ads-base.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-messaging-ktx.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-installations.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-dynamic-links.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-auth-interop.properties" has type "ASCII text"- [targetUID: N/A]
"com.google.firebase-firebase-dynamic-links-ktx.kotlin_module" has type "data"- [targetUID: N/A]
"transport-backend-cct.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-iid-interop.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-crashlytics.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-annotations.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-flags.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-stats.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-components.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-common-ktx.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-tasks.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-auth.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-messaging.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-base.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-analytics.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-cast.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-gass.properties" has type "ASCII text"- [targetUID: N/A]
"play-services-ads.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-encoders.properties" has type "ASCII text"- [targetUID: N/A]
"transport-runtime.properties" has type "ASCII text"- [targetUID: N/A]
"firebase-common.properties" has type "ASCII text"- [targetUID: N/A]
"com.google.firebase-firebase-messaging-ktx.kotlin_module" has type "data"- [targetUID: N/A]
"firebase-iid.properties" has type "ASCII text"- [targetUID: N/A]
"transport-api.properties" has type "ASCII text"- [targetUID: N/A]
"kotlin-stdlib-jdk7.kotlin_module" has type "data"- [targetUID: N/A]
"preference-ktx_release.kotlin_module" has type "data"- [targetUID: N/A]
"AdvertLib_release.kotlin_module" has type "data"- [targetUID: N/A]
"com.google.firebase-firebase-common-ktx.kotlin_module" has type "data"- [targetUID: N/A]
"androidsupportmultidexversion.txt" has type "ASCII text"- [targetUID: N/A]
"retrofit.kotlin_module" has type "data"- [targetUID: N/A]
"BigBee_release.kotlin_module" has type "data"- [targetUID: N/A]
"lib-core_release.kotlin_module" has type "data"- [targetUID: N/A]
"baselibrary-mobile_release.kotlin_module" has type "data"- [targetUID: N/A]
"androidx.lifecycle_lifecycle-runtime.version" has type "ASCII text"- [targetUID: N/A]
"androidx.preference_preference.version" has type "ASCII text"- [targetUID: N/A]
"androidx.loader_loader.version" has type "ASCII text"- [targetUID: N/A]
"androidx.core_core.version" has type "ASCII text"- [targetUID: N/A]
"androidx.lifecycle_lifecycle-livedata-core.version" has type "ASCII text"- [targetUID: N/A]
"androidx.lifecycle_lifecycle-viewmodel.version" has type "ASCII text"- [targetUID: N/A]
"com.google.dagger_dagger.version" has type "ASCII text"- [targetUID: N/A]
"libijkffmpeg.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libhoudini_hook.so" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked BuildID[sha1]=d616e7cb6af0eece286b07148ab03f54abeb6613 stripped"- [targetUID: N/A]
"libexec_x86.so_1690406149152" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libexec.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libijm_linker.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=25770b3bf362235d1cf3425fe7ecf4e9020df718 stripped"- [targetUID: N/A]
"libijkplayer.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libijksdl.so" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked interpreter /system/bin/linker stripped"- [targetUID: N/A]
"libexecmain.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libexecmain_x86.so_1690406149152" has type "ELF 32-bit LSB shared object Intel 80386 version 1 (SYSV) dynamically linked not stripped"- [targetUID: N/A]
"libclassify.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=f3581fa5cb115569a45a0d7272e243d41b914aee with debug_info not stripped"- [targetUID: N/A]
"libed25519.so_1690406149152" has type "ELF 32-bit LSB shared object ARM EABI5 version 1 (SYSV) dynamically linked BuildID[sha1]=6206fcef2d4eac8d679f820db068691da964f1b5 stripped"- [targetUID: N/A]
"AdvertMobile_release.kotlin_module" has type "data"- [targetUID: N/A]
"RequestFrame-mobile_release.kotlin_module" has type "data"- [targetUID: N/A]
"ijkplayer-mobile-sub_release.kotlin_module" has type "data"- [targetUID: N/A]
"SocialPlatform-mobile_release.kotlin_module" has type "data"- [targetUID: N/A]
"androidx.versionedparcelable_versionedparcelable.version" has type "ASCII text"- [targetUID: N/A]
"androidx.legacy_legacy-support-core-ui.version" has type "ASCII text"- [targetUID: N/A]
"androidx.print_print.version" has type "ASCII text"- [targetUID: N/A]
"androidx.interpolator_interpolator.version" has type "ASCII text"- [targetUID: N/A]
"androidx.recyclerview_recyclerview.version" has type "ASCII text"- [targetUID: N/A]
"androidx.viewpager2_viewpager2.version" has type "ASCII text"- [targetUID: N/A]
"androidx.mediarouter_mediarouter.version" has type "ASCII text"- [targetUID: N/A]
"com.google.android.material_material.version" has type "ASCII text"- [targetUID: N/A]
"androidx.documentfile_documentfile.version" has type "ASCII text"- [targetUID: N/A]
"androidx.appcompat_appcompat-resources.version" has type "ASCII text"- [targetUID: N/A]
"androidx.transition_transition.version" has type "ASCII text"- [targetUID: N/A]
"androidx.legacy_legacy-support-core-utils.version" has type "ASCII text"- [targetUID: N/A]
"androidx.savedstate_savedstate.version" has type "ASCII text"- [targetUID: N/A]
"androidx.browser_browser.version" has type "ASCII text"- [targetUID: N/A]
"androidx.cardview_cardview.version" has type "ASCII text"- [targetUID: N/A]
"androidx.preference_preference-ktx.version" has type "ASCII text"- [targetUID: N/A]
"androidx.vectordrawable_vectordrawable.version" has type "ASCII text"- [targetUID: N/A]
"androidx.fragment_fragment.version" has type "ASCII text"- [targetUID: N/A]
"androidx.customview_customview.version" has type "ASCII text"- [targetUID: N/A]
"androidx.coordinatorlayout_coordinatorlayout.version" has type "ASCII text"- [targetUID: N/A]
"androidx.swiperefreshlayout_swiperefreshlayout.version" has type "ASCII text"- [targetUID: N/A]
"androidx.palette_palette.version" has type "ASCII text"- [targetUID: N/A]
"androidx.appcompat_appcompat.version" has type "ASCII text"- [targetUID: N/A]
"androidx.drawerlayout_drawerlayout.version" has type "ASCII text"- [targetUID: N/A]
"androidx.asynclayoutinflater_asynclayoutinflater.version" has type "ASCII text"- [targetUID: N/A]
"androidx.activity_activity.version" has type "ASCII text"- [targetUID: N/A]
"androidx.slidingpanelayout_slidingpanelayout.version" has type "ASCII text"- [targetUID: N/A]
"androidx.localbroadcastmanager_localbroadcastmanager.version" has type "ASCII text"- [targetUID: N/A]
"androidx.lifecycle_lifecycle-livedata.version" has type "ASCII text"- [targetUID: N/A]
"androidx.media_media.version" has type "ASCII text"- [targetUID: N/A]
"androidx.vectordrawable_vectordrawable-animated.version" has type "ASCII text"- [targetUID: N/A]
"androidx.arch.core_core-runtime.version" has type "ASCII text"- [targetUID: N/A]
"androidx.legacy_legacy-support-v4.version" has type "ASCII text"- [targetUID: N/A]
"androidx.cursoradapter_cursoradapter.version" has type "ASCII text"- [targetUID: N/A]
"androidx.exifinterface_exifinterface.version" has type "ASCII text"- [targetUID: N/A]
"androidx.viewpager_viewpager.version" has type "ASCII text"- [targetUID: N/A] - source
- Binary File
- relevance
- 3/10
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Drops XML files
- details
- "AndroidManifest.xml" has type "Android binary XML"
- source
- Binary File
- relevance
- 1/10
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Dropped files
-
Network Related
-
Found potential URL in binary/memory
- details
-
Heuristic match: "waw.pl"
Heuristic match: "is-a-libertarian.com"
Heuristic match: "sanok.pl"
Heuristic match: "is-a-therapist.com"
Heuristic match: "simple-url.com"
Heuristic match: "is-a-lawyer.com"
Heuristic match: "numazu.shizuoka.jp"
Heuristic match: "dev-myqnapcloud.com"
Heuristic match: "is-a-cubicle-slave.com"
Heuristic match: "glogow.pl"
Heuristic match: "mail.pl"
Heuristic match: "is-a-liberal.com"
Heuristic match: "stalowa-wola.pl"
Heuristic match: "isa-geek.com"
Heuristic match: "us.com"
Pattern match: "www.ro"
Heuristic match: "lukow.pl"
Heuristic match: "shimizu.shizuoka.jp"
Heuristic match: "us-1.evennode.com"
Heuristic match: "olkusz.pl"
Heuristic match: "grajewo.pl"
Heuristic match: "logoip.com"
Heuristic match: "mishima.shizuoka.jp"
Heuristic match: "from-id.com"
Heuristic match: "githubcloud.com"
Heuristic match: "morimachi.shizuoka.jp"
Heuristic match: "gsm.pl"
Heuristic match: "is-a-rockstar.com"
Heuristic match: "from-ca.com"
Heuristic match: "s3.dualstack.us-east-1.amazonaws.com"
Heuristic match: "ext.githubcloud.com"
Heuristic match: "is-a-green.com"
Heuristic match: "1kapp.com"
Heuristic match: "is-a-guru.com"
Heuristic match: "qa2.com"
Heuristic match: "notogawa.shiga.jp"
Heuristic match: "sa.com"
Heuristic match: "operaunite.com"
Heuristic match: "outsystemscloud.com"
Heuristic match: "moriyama.shiga.jp"
Heuristic match: "us.gov.pl"
Heuristic match: "uw.gov.pl"
Heuristic match: "is-with-theband.com"
Heuristic match: "pa.gov.pl"
Heuristic match: "is-a-blogger.com"
Heuristic match: "alpha.bounty-full.com"
Heuristic match: "hikawa.shimane.jp"
Heuristic match: "s3-website.us-east-2.amazonaws.com"
Heuristic match: "tamayu.shimane.jp"
Heuristic match: "from-md.com"
Heuristic match: "s3-ap-southeast-1.amazonaws.com"
Heuristic match: "s3-us-east-2.amazonaws.com"
Heuristic match: "gotdns.com"
Heuristic match: "unnan.shimane.jp"
Heuristic match: "is-an-anarchist.com"
Heuristic match: "pomorze.pl"
Heuristic match: "s3-eu-west-1.amazonaws.com"
Heuristic match: "blogsyte.com"
Heuristic match: "lezajsk.pl"
Heuristic match: "sells-for-less.com"
Heuristic match: "withyoutube.com"
Heuristic match: "tarnobrzeg.pl"
Heuristic match: "ug.gov.pl"
Heuristic match: "yatsuka.shimane.jp"
Heuristic match: "atami.shizuoka.jp"
Heuristic match: "gda.pl"
Heuristic match: "sa.gov.pl"
Heuristic match: "wlocl.pl"
Heuristic match: "googlecode.com"
Heuristic match: "umig.gov.pl"
Heuristic match: "kwp.gov.pl"
Heuristic match: "gniezno.pl"
Heuristic match: "coop.py"
Heuristic match: "konskowola.pl"
Heuristic match: "kr.com"
Heuristic match: "from-nh.com"
Heuristic match: "gorlice.pl"
Heuristic match: "s3-website.eu-central-1.amazonaws.com"
Heuristic match: "s3.dualstack.ap-southeast-2.amazonaws.com"
Heuristic match: "homelinux.com"
Heuristic match: "aid.pl"
Heuristic match: "blogspot.com"
Heuristic match: "torahime.shiga.jp"
Heuristic match: "is-a-llama.com"
Heuristic match: "applinzi.com"
Heuristic match: "dynns.com"
Heuristic match: "from-al.com"
Heuristic match: "fujikawa.shizuoka.jp"
Heuristic match: "akagi.shimane.jp"
Heuristic match: "bydgoszcz.pl"
Heuristic match: "servebeer.com"
Heuristic match: "sells-for-u.com"
Heuristic match: "blogspot.com.mt"
Heuristic match: "przeworsk.pl"
Heuristic match: "pila.pl"
Heuristic match: "kikugawa.shizuoka.jp"
Heuristic match: "s3-ap-southeast-2.amazonaws.com"
Heuristic match: "servemp3.com"
Heuristic match: "s3-fips-us-gov-west-1.amazonaws.com"
Heuristic match: "shop.pl"
Heuristic match: "suwalki.pl"
Heuristic match: "mup.gov.pl"
Heuristic match: "psse.gov.pl"
Heuristic match: "wsa.gov.pl"
Heuristic match: "dyndns-work.com"
Heuristic match: "hamamatsu.shizuoka.jp"
Heuristic match: "mazowsze.pl"
Heuristic match: "toyosato.shiga.jp"
Heuristic match: "is-leet.com"
Heuristic match: "api.githubcloud.com"
Heuristic match: "appspot.com"
Heuristic match: "bedzin.pl"
Heuristic match: "info.pl"
Heuristic match: "gb.com"
Heuristic match: "s3.dualstack.ap-northeast-2.amazonaws.com"
Heuristic match: "codespot.com"
Heuristic match: "mragowo.pl"
Heuristic match: "witd.gov.pl"
Heuristic match: "iamallama.com"
Heuristic match: "blogspot.com.ng"
Heuristic match: "ostrowiec.pl"
Heuristic match: "stargard.pl"
Heuristic match: "yoshida.shizuoka.jp"
Heuristic match: "gdynia.pl"
Heuristic match: "s3-website.ca-central-1.amazonaws.com"
Heuristic match: "higashiizu.shizuoka.jp"
Heuristic match: "priv.pl"
Heuristic match: "dyndns-web.com"
Heuristic match: "firewall-gateway.com"
Heuristic match: "dyndns-free.com"
Heuristic match: "from-va.com"
Heuristic match: "olsztyn.pl"
Heuristic match: "zagan.pl"
Heuristic match: "katowice.pl"
Heuristic match: "ustka.pl"
Heuristic match: "kppsp.gov.pl"
Heuristic match: "rzeszow.pl"
Heuristic match: "s3-sa-east-1.amazonaws.com"
Heuristic match: "maibara.shiga.jp"
Heuristic match: "s3.dualstack.ap-southeast-1.amazonaws.com"
Heuristic match: "rybnik.pl"
Heuristic match: "shimoda.shizuoka.jp"
Heuristic match: "compute.amazonaws.com.cn"
Heuristic match: "isa-hockeynut.com"
Heuristic match: "karpacz.pl"
Heuristic match: "on-aptible.com"
Heuristic match: "dyndns-at-home.com"
Heuristic match: "is-a-photographer.com"
Heuristic match: "omaezaki.shizuoka.jp"
Heuristic match: "is-a-student.com"
Heuristic match: "from-nv.com"
Heuristic match: "is-a-anarchist.com"
Heuristic match: "piw.gov.pl"
Heuristic match: "meteorapp.com"
Heuristic match: "elb.amazonaws.com"
Heuristic match: "from-mi.com"
Heuristic match: "swiebodzin.pl"
Heuristic match: "kmpsp.gov.pl"
Heuristic match: "cieszyn.pl"
Heuristic match: "eu-1.evennode.com"
Heuristic match: "is.gov.pl"
Heuristic match: "s3-ap-south-1.amazonaws.com"
Heuristic match: "nishinoshima.shimane.jp"
Heuristic match: "is-a-republican.com"
Heuristic match: "zarow.pl"
Heuristic match: "misato.shimane.jp"
Heuristic match: "net-freaks.com"
Heuristic match: "s3-ap-northeast-1.amazonaws.com"
Heuristic match: "point2this.com"
Heuristic match: "uzs.gov.pl"
Heuristic match: "from-ak.com"
Heuristic match: "minamiizu.shizuoka.jp"
Heuristic match: "edu.pl"
Heuristic match: "s3.dualstack.eu-west-1.amazonaws.com"
Heuristic match: "nagahama.shiga.jp"
Heuristic match: "ic.gov.pl"
Heuristic match: "shizuoka.shizuoka.jp"
Heuristic match: "is-a-designer.com"
Heuristic match: "myqnapcloud.com"
Heuristic match: "gist.githubcloud.com"
Heuristic match: "otsu.shiga.jp"
Heuristic match: "jgora.pl"
Heuristic match: "starachowice.pl"
Heuristic match: "malopolska.pl"
Heuristic match: "s3.dualstack.ap-northeast-1.amazonaws.com"
Heuristic match: "higashiomi.shiga.jp"
Heuristic match: "s3.eu-central-1.amazonaws.com"
Heuristic match: "gdansk.pl"
Heuristic match: "xen.prgmr.com"
Heuristic match: "net.sh"
Heuristic match: "s3-website-us-west-2.amazonaws.com"
Heuristic match: "servecounterstrike.com"
Heuristic match: "dyndns-at-work.com"
Heuristic match: "is-a-democrat.com"
Heuristic match: "nishiazai.shiga.jp"
Heuristic match: "gov.pl"
Heuristic match: "from-sd.com"
Heuristic match: "mil.sh"
Heuristic match: "psp.gov.pl"
Heuristic match: "from-pr.com"
Heuristic match: "cloudcontrolapp.com"
Heuristic match: "from-wy.com"
Heuristic match: "googleapis.com"
Heuristic match: "is-a-hard-worker.com"
Heuristic match: "edu.py"
Heuristic match: "fujinomiya.shizuoka.jp"
Heuristic match: "uy.com"
Heuristic match: "rzgw.gov.pl"
Heuristic match: "yolasite.com"
Heuristic match: "s3-external-1.amazonaws.com"
Heuristic match: "nysa.pl"
Heuristic match: "hikimi.shimane.jp"
Heuristic match: "beta.bounty-full.com"
Heuristic match: "s3-ca-central-1.amazonaws.com"
Heuristic match: "s3.dualstack.ap-south-1.amazonaws.com"
Heuristic match: "uppo.gov.pl"
Heuristic match: "mex.com"
Heuristic match: "s3-website-ap-southeast-2.amazonaws.com"
Heuristic match: "hk.com"
Heuristic match: "art.pl"
Heuristic match: "podlasie.pl"
Heuristic match: "s3.dualstack.us-east-2.amazonaws.com"
Heuristic match: "kosei.shiga.jp"
Heuristic match: "from-mt.com"
Heuristic match: "ugim.gov.pl"
Heuristic match: "is-a-socialist.com"
Heuristic match: "dyndns-office.com"
Heuristic match: "s3-website.ap-south-1.amazonaws.com"
Heuristic match: "geekgalaxy.com"
Heuristic match: "konan.shiga.jp"
Heuristic match: "s3.dualstack.eu-central-1.amazonaws.com"
Heuristic match: "from-vt.com"
Heuristic match: "malbork.pl"
Heuristic match: "from-ar.com"
Heuristic match: "gov.py"
Heuristic match: "kannami.shizuoka.jp"
Heuristic match: "is-into-anime.com"
Heuristic match: "s3.us-east-2.amazonaws.com"
Heuristic match: "tychy.pl"
Heuristic match: "bialowieza.pl"
Heuristic match: "okuizumo.shimane.jp"
Heuristic match: "beep.pl"
Heuristic match: "miasta.pl"
Heuristic match: "s3.dualstack.eu-west-2.amazonaws.com"
Heuristic match: "wroc.pl"
Heuristic match: "biz.pl"
Heuristic match: "pc.pl"
Heuristic match: "s3-ap-northeast-2.amazonaws.com"
Heuristic match: "dyn-o-saur.com"
Heuristic match: "gotpantheon.com"
Heuristic match: "krakow.pl"
Heuristic match: "hikone.shiga.jp"
Heuristic match: "s3.eu-west-2.amazonaws.com"
Heuristic match: "blogspot.com.tr"
Heuristic match: "s3-website-ap-southeast-1.amazonaws.com"
Heuristic match: "zakopane.pl"
Heuristic match: "mil.py"
Heuristic match: "est-a-la-masion.com"
Heuristic match: "pagefrontapp.com"
Heuristic match: "gov.sh"
Heuristic match: "podhale.pl"
Heuristic match: "eu.com"
Heuristic match: "mil.pl"
Heuristic match: "s3-website-us-west-1.amazonaws.com"
Heuristic match: "kusatsu.shiga.jp"
Heuristic match: "ar.com"
Heuristic match: "homesecuritymac.com"
Heuristic match: "space-to-rent.com"
Heuristic match: "vipsinaapp.com"
Heuristic match: "dyndns-server.com"
Heuristic match: "ohda.shimane.jp"
Heuristic match: "ryuoh.shiga.jp"
Heuristic match: "warmia.pl"
Heuristic match: "blogspot.com.uy"
Heuristic match: "sr.gov.pl"
Heuristic match: "homeunix.com"
Heuristic match: "apps.fbsbx.com"
Heuristic match: "zgora.pl"
Heuristic match: "is-a-teacher.com"
Heuristic match: "prochowice.pl"
Heuristic match: "pinb.gov.pl"
Heuristic match: "is-an-accountant.com"
Heuristic match: "mazury.pl"
Heuristic match: "is-a-conservative.com"
Heuristic match: "kazimierz-dolny.pl"
Heuristic match: "atm.pl"
Pattern match: "www.ck"
Heuristic match: "sosnowiec.pl"
Heuristic match: "from-ok.com"
Heuristic match: "githubusercontent.com"
Heuristic match: "s3-website-ap-northeast-1.amazonaws.com"
Heuristic match: "ito.shizuoka.jp"
Heuristic match: "ostrowwlkp.pl"
Heuristic match: "kaszuby.pl"
Heuristic match: "ostroda.pl"
Heuristic match: "is-slick.com"
Heuristic match: "babia-gora.pl"
Heuristic match: "is-an-entertainer.com"
Heuristic match: "izumo.shimane.jp"
Heuristic match: "bielawa.pl"
Heuristic match: "szczecin.pl"
Heuristic match: "nieruchomosci.pl"
Heuristic match: "haibara.shizuoka.jp"
Heuristic match: "wuoz.gov.pl"
Heuristic match: "from-ma.com"
Heuristic match: "from-ri.com"
Heuristic match: "swidnica.pl"
Heuristic match: "ownprovider.com"
Heuristic match: "elasticbeanstalk.cn-north-1.amazonaws.com.cn"
Heuristic match: "qc.com"
Heuristic match: "elk.pl"
Heuristic match: "sklep.pl"
Heuristic match: "s3.dualstack.sa-east-1.amazonaws.com"
Heuristic match: "eu.meteorapp.com"
Heuristic match: "from-ms.com"
Heuristic match: "kartuzy.pl"
Heuristic match: "kobierzyce.pl"
Heuristic match: "est-a-la-maison.com"
Heuristic match: "ritto.shiga.jp"
Heuristic match: "mielno.pl"
Heuristic match: "se.com"
Heuristic match: "media.pl"
Heuristic match: "appchizi.com"
Heuristic match: "zachpomor.pl"
Heuristic match: "serveftp.com"
Heuristic match: "wegrow.pl"
Heuristic match: "pgfog.com"
Heuristic match: "freeboxos.com"
Heuristic match: "susono.shizuoka.jp"
Heuristic match: "from-dc.com"
Heuristic match: "s3.cn-north-1.amazonaws.com.cn"
Heuristic match: "dyndns-ip.com"
Heuristic match: "neat-url.com"
Heuristic match: "rackmaze.com"
Heuristic match: "ap.gov.pl"
Heuristic match: "africa.com"
Heuristic match: "hashbang.sh"
Heuristic match: "matsue.shimane.jp"
Heuristic match: "dnsalias.com"
Heuristic match: "czest.pl"
Heuristic match: "po.gov.pl"
Heuristic match: "from-wi.com"
Heuristic match: "kosai.shizuoka.jp"
Heuristic match: "is-a-caterer.com"
Heuristic match: "dyndns-mail.com"
Heuristic match: "zgorzelec.pl"
Heuristic match: "is-a-painter.com"
Heuristic match: "starostwo.gov.pl"
Heuristic match: "no.com"
Heuristic match: "izunokuni.shizuoka.jp"
Heuristic match: "takatsuki.shiga.jp"
Heuristic match: "saves-the-whales.com"
Heuristic match: "townnews-staging.com"
Heuristic match: "withgoogle.com"
Heuristic match: "hamada.shimane.jp"
Heuristic match: "szkola.pl"
Heuristic match: "s3-website-eu-west-1.amazonaws.com"
Heuristic match: "s3.dualstack.ca-central-1.amazonaws.com"
Heuristic match: "bialystok.pl"
Heuristic match: "securitytactics.com"
Heuristic match: "wzmiuw.gov.pl"
Heuristic match: "org.sh"
Heuristic match: "is-a-cpa.com"
Heuristic match: "poznan.pl"
Heuristic match: "servesarcasm.com"
Heuristic match: "ama.shimane.jp"
Heuristic match: "opole.pl"
Heuristic match: "from-ct.com"
Heuristic match: "shimada.shizuoka.jp"
Heuristic match: "is-uberleet.com"
Heuristic match: "quicksytes.com"
Heuristic match: "czeladz.pl"
Heuristic match: "wodzislaw.pl"
Heuristic match: "s3.ca-central-1.amazonaws.com"
Heuristic match: "compute-1.amazonaws.com"
Heuristic match: "myshopblocks.com"
Heuristic match: "fuji.shizuoka.jp"
Heuristic match: "wroclaw.pl"
Heuristic match: "yaizu.shizuoka.jp"
Heuristic match: "ru.com"
Heuristic match: "from-ia.com"
Heuristic match: "gotemba.shizuoka.jp"
Heuristic match: "is-a-geek.com"
Heuristic match: "nom.pl"
Heuristic match: "serveirc.com"
Heuristic match: "lubin.pl"
Heuristic match: "mw.gov.pl"
Heuristic match: "iwata.shizuoka.jp"
Heuristic match: "now.sh"
Heuristic match: "serveexchange.com"
Heuristic match: "bytom.pl"
Heuristic match: "cn.com"
Heuristic match: "is-an-actor.com"
Heuristic match: "is-into-cartoons.com"
Heuristic match: "health-carereform.com"
Heuristic match: "kwpsp.gov.pl"
Heuristic match: "dyndns-wiki.com"
Heuristic match: "dyndns-home.com"
Heuristic match: "doesntexist.com"
Heuristic match: "unusualperson.com"
Heuristic match: "arai.shizuoka.jp"
Heuristic match: "griw.gov.pl"
Heuristic match: "kolobrzeg.pl"
Heuristic match: "masuda.shimane.jp"
Heuristic match: "from-ne.com"
Heuristic match: "ilawa.pl"
Heuristic match: "slask.pl"
Heuristic match: "net.py"
Heuristic match: "blogdns.com"
Heuristic match: "sex.pl"
Heuristic match: "tourism.pl"
Heuristic match: "servegame.com"
Heuristic match: "org.py"
Heuristic match: "cns.joyent.com"
Heuristic match: "homesecuritypc.com"
Heuristic match: "oum.gov.pl"
Heuristic match: "us-east-1.amazonaws.com"
Heuristic match: "from-in.com"
Heuristic match: "net.pl"
Heuristic match: "upow.gov.pl"
Heuristic match: "naklo.pl"
Heuristic match: "publishproxy.com"
Heuristic match: "teaches-yoga.com"
Heuristic match: "hobby-site.com"
Heuristic match: "org.pl"
Heuristic match: "stufftoread.com"
Heuristic match: "is-an-artist.com"
Heuristic match: "dlugoleka.pl"
Heuristic match: "beskidy.pl"
Heuristic match: "is-not-certified.com"
Heuristic match: "realestate.pl"
Heuristic match: "selfip.com"
Heuristic match: "betainabox.com"
Heuristic match: "lapy.pl"
Heuristic match: "xenapponazure.com"
Heuristic match: "dreamhosters.com"
Heuristic match: "from-ks.com"
Heuristic match: "com.py"
Heuristic match: "from-ky.com"
Heuristic match: "fukuroi.shizuoka.jp"
Heuristic match: "limanowa.pl"
Heuristic match: "lomza.pl"
Heuristic match: "kakegawa.shizuoka.jp"
Heuristic match: "lebork.pl"
Heuristic match: "mielec.pl"
Heuristic match: "tgory.pl"
Heuristic match: "tsuwano.shimane.jp"
Heuristic match: "bieszczady.pl"
Heuristic match: "from-wa.com"
Heuristic match: "kalisz.pl"
Heuristic match: "com.pl"
Heuristic match: "szczytno.pl"
Heuristic match: "from-hi.com"
Heuristic match: "doomdns.com"
Heuristic match: "sinaapp.com"
Heuristic match: "konin.pl"
Heuristic match: "servepics.com"
Heuristic match: "gmina.pl"
Heuristic match: "nfshost.com"
Heuristic match: "augustow.pl"
Heuristic match: "is-a-hunter.com"
Heuristic match: "wiw.gov.pl"
Heuristic match: "izu.shizuoka.jp"
Heuristic match: "walbrzych.pl"
Heuristic match: "dynalias.com"
Heuristic match: "servequake.com"
Heuristic match: "aisho.shiga.jp"
Heuristic match: "com.sh"
Heuristic match: "likescandy.com"
Heuristic match: "de.com"
Heuristic match: "s3.ap-south-1.amazonaws.com"
Heuristic match: "hu.com"
Heuristic match: "githubcloudusercontent.com"
Heuristic match: "mysecuritycamera.com"
Heuristic match: "from-pa.com"
Heuristic match: "med.pl"
Heuristic match: "from-or.com"
Heuristic match: "rhcloud.com"
Heuristic match: "from-nd.com"
Heuristic match: "alpha-myqnapcloud.com"
Heuristic match: "um.gov.pl"
Heuristic match: "matsuzaki.shizuoka.jp"
Heuristic match: "jpn.com"
Heuristic match: "olecko.pl"
Heuristic match: "3utilities.com"
Heuristic match: "travel.pl"
Heuristic match: "gotsu.shimane.jp"
Heuristic match: "from-nm.com"
Heuristic match: "pomorskie.pl"
Heuristic match: "wielun.pl"
Heuristic match: "compute.amazonaws.com"
Heuristic match: "flynnhub.com"
Heuristic match: "onthewifi.com"
Heuristic match: "from-sc.com"
Heuristic match: "is-a-nurse.com"
Heuristic match: "is-an-engineer.com"
Heuristic match: "pisz.pl"
Heuristic match: "sopot.pl"
Heuristic match: "pup.gov.pl"
Heuristic match: "fujieda.shizuoka.jp"
Heuristic match: "lowicz.pl"
Heuristic match: "myasustor.com"
Heuristic match: "tm.pl"
Heuristic match: "from-wv.com"
Heuristic match: "polkowice.pl"
Heuristic match: "herokussl.com"
Heuristic match: "konsulat.gov.pl"
Heuristic match: "s3-website-sa-east-1.amazonaws.com"
Heuristic match: "s3.amazonaws.com"
Heuristic match: "wiih.gov.pl"
Heuristic match: "co.pl"
Heuristic match: "s3-website-us-east-1.amazonaws.com"
Heuristic match: "swinoujscie.pl"
Heuristic match: "dsmynas.com"
Heuristic match: "est-le-patron.com"
Heuristic match: "opoczno.pl"
Heuristic match: "wloclawek.pl"
Heuristic match: "yasu.shiga.jp"
Heuristic match: "getmyip.com"
Heuristic match: "is-a-musician.com"
Heuristic match: "platform.sh"
Heuristic match: "firebaseapp.com"
Heuristic match: "cechire.com"
Heuristic match: "dyndns-remote.com"
Heuristic match: "from-fl.com"
Heuristic match: "from-de.com"
Heuristic match: "is-a-bookkeeper.com"
Heuristic match: "rel.pl"
Heuristic match: "winb.gov.pl"
Heuristic match: "omihachiman.shiga.jp"
Heuristic match: "jaworzno.pl"
Heuristic match: "kakinoki.shimane.jp"
Heuristic match: "s3-us-west-1.amazonaws.com"
Heuristic match: "sos.pl"
Heuristic match: "s3-website.eu-west-2.amazonaws.com"
Heuristic match: "blogspot.com.ar"
Heuristic match: "blogspot.com.au"
Heuristic match: "ciscofreak.com"
Heuristic match: "higashiizumo.shimane.jp"
Heuristic match: "gliwice.pl"
Heuristic match: "nishiizu.shizuoka.jp"
Heuristic match: "mydrobo.com"
Heuristic match: "rawa-maz.pl"
Heuristic match: "workisboring.com"
Heuristic match: "kawanehon.shizuoka.jp"
Heuristic match: "is-a-doctor.com"
Heuristic match: "warszawa.pl"
Heuristic match: "yakumo.shimane.jp"
Heuristic match: "dyndns-blog.com"
Heuristic match: "turek.pl"
Heuristic match: "from-nc.com"
Heuristic match: "s3-us-west-2.amazonaws.com"
Heuristic match: "radom.pl"
Heuristic match: "blogspot.com.by"
Heuristic match: "gamo.shiga.jp"
Heuristic match: "klodzko.pl"
Heuristic match: "remotewd.com"
Heuristic match: "is-a-landscaper.com"
Heuristic match: "blogspot.com.br"
Heuristic match: "is-gone.com"
Heuristic match: "koka.shiga.jp"
Heuristic match: "skoczow.pl"
Heuristic match: "br.com"
Heuristic match: "servehumour.com"
Heuristic match: "eu-2.evennode.com"
Heuristic match: "powiat.pl"
Heuristic match: "okinoshima.shimane.jp"
Heuristic match: "is-a-bulls-fan.com"
Heuristic match: "bloxcms.com"
Heuristic match: "from-oh.com"
Heuristic match: "myvnc.com"
Heuristic match: "from-tn.com"
Heuristic match: "s3-eu-west-2.amazonaws.com"
Heuristic match: "ostroleka.pl"
Heuristic match: "zp.gov.pl"
Heuristic match: "sejny.pl"
Heuristic match: "slupsk.pl"
Heuristic match: "blogspot.com.cy"
Heuristic match: "kawazu.shizuoka.jp"
Heuristic match: "ditchyourip.com"
Heuristic match: "bounty-full.com"
Heuristic match: "makinohara.shizuoka.jp"
Heuristic match: "uk.com"
Heuristic match: "servehttp.com"
Heuristic match: "blogspot.com.co"
Heuristic match: "dyndns-pics.com"
Heuristic match: "is-a-chef.com"
Heuristic match: "0emm.com"
Heuristic match: "freebox-os.com"
Heuristic match: "myactivedirectory.com"
Heuristic match: "writesthisblog.com"
Heuristic match: "is-a-techie.com"
Heuristic match: "koto.shiga.jp"
Heuristic match: "4u.com"
Heuristic match: "boleslawiec.pl"
Heuristic match: "likes-pie.com"
Heuristic match: "agro.pl"
Heuristic match: "familyds.com"
Heuristic match: "is-a-financialadvisor.com"
Heuristic match: "is-a-nascarfan.com"
Heuristic match: "us-2.evennode.com"
Heuristic match: "wios.gov.pl"
Heuristic match: "elasticbeanstalk.com"
Heuristic match: "is-into-cars.com"
Heuristic match: "is-a-player.com"
Heuristic match: "s3-eu-central-1.amazonaws.com"
Heuristic match: "za.com"
Heuristic match: "targi.pl"
Heuristic match: "from-nj.com"
Heuristic match: "legnica.pl"
Heuristic match: "wolomin.pl"
Heuristic match: "takashima.shiga.jp"
Heuristic match: "blogspot.com.eg"
Heuristic match: "servebbs.com"
Heuristic match: "dnsdojo.com"
Heuristic match: "from-mo.com"
Heuristic match: "from-il.com"
Heuristic match: "kutno.pl"
Heuristic match: "pagespeedmobilizer.com"
Heuristic match: "sko.gov.pl"
Heuristic match: "s3.ap-northeast-2.amazonaws.com"
Heuristic match: "blogspot.com.ee"
Heuristic match: "elblag.pl"
Pattern match: "http://www.apache.org/licenses/LICENSE-2.0"
Heuristic match: "oirm.gov.pl"
Heuristic match: "pruszkow.pl"
Heuristic match: "sdn.gov.pl"
Heuristic match: "wskr.gov.pl"
Heuristic match: "from-mn.com"
Heuristic match: "pulawy.pl"
Heuristic match: "blogspot.com.es"
Heuristic match: "from-ut.com"
Heuristic match: "issmarterthanyou.com"
Heuristic match: "wif.gov.pl"
Heuristic match: "ketrzyn.pl"
Heuristic match: "is-a-personaltrainer.com"
Heuristic match: "shimane.shimane.jp"
Heuristic match: "co.com"
Heuristic match: "gr.com"
Heuristic match: "dnsiskinky.com"
Heuristic match: "kepno.pl"
Heuristic match: "servehalflife.com"
Heuristic match: "from-tx.com"
Heuristic match: "auto.pl"
Heuristic match: "cloudcontrolled.com"
Heuristic match: "jelenia-gora.pl"
Heuristic match: "ddnsking.com"
Heuristic match: "nowaruda.pl"
Heuristic match: "est-mon-blogueur.com"
Heuristic match: "s3-us-gov-west-1.amazonaws.com"
Heuristic match: "is-into-games.com"
Heuristic match: "dontexist.com"
Heuristic match: "yasugi.shimane.jp"
Heuristic match: "herokuapp.com"
Heuristic match: "is-an-actress.com"
Heuristic match: "s3-website.ap-northeast-2.amazonaws.com"
Heuristic match: "turystyka.pl"
Heuristic match: "elb.amazonaws.com.cn"
Heuristic match: "from-ga.com"
Heuristic match: "servep2p.com"
Heuristic match: "so.gov.pl"
Heuristic match: "damnserver.com"
Heuristic match: "is-certified.com"
Heuristic match: "olawa.pl"
Heuristic match: "(R1.DO"
Heuristic match: "JDn.Tg"
Heuristic match: "b0.CC"
Heuristic match: "M-.NL"
Heuristic match: "j.).ws"
Heuristic match: "v}.vE"
Heuristic match: "TT]_.NA"
Heuristic match: "Nx.mo"
Heuristic match: "assets/ijm_lib/%s/libexec.so"
Heuristic match: "assets/ijm_lib/%s/libexecmain.so"
Heuristic match: "libexec.so"
Heuristic match: "libexecmain.so"
Heuristic match: "/lib64/libart.so"
Heuristic match: "/lib64/libaoc.so"
Heuristic match: "/libexec.so"
Heuristic match: "/libexecmain.so"
Pattern match: "http://gcc.gnu.org/bugs.html"
Pattern match: "https://android.googlesource.com/toolchain/llvm-project"
Pattern match: "https://android.googlesource.com/toolchain/clang"
Heuristic match: "Name: META-INF/androidx.localbroadcastmanager_localbroadcastmanager.ve"
Heuristic match: "Name: assets/gomediad.so"
Heuristic match: "Name: lib/armeabi/libclassify.so"
Heuristic match: "Name: lib/armeabi/libcrashsdk.so"
Heuristic match: "Name: lib/armeabi/libed25519.so"
Heuristic match: "Name: lib/armeabi/libexec.so"
Heuristic match: "Name: lib/armeabi/libexec_x86.so"
Heuristic match: "Name: lib/armeabi/libexecmain.so"
Heuristic match: "Name: lib/armeabi/libexecmain_x86.so"
Heuristic match: "Name: lib/armeabi/libhoudini_hook.so"
Heuristic match: "Name: lib/armeabi/libhtsfx.so"
Heuristic match: "Name: lib/armeabi/libijkffmpeg.so"
Heuristic match: "Name: lib/armeabi/libijkplayer.so"
Heuristic match: "Name: lib/armeabi/libijksdl.so"
Heuristic match: "Name: lib/armeabi/libijm_linker.so"
Heuristic match: "Name: lib/armeabi/libranger-jni.so"
Heuristic match: "Name: lib/armeabi/libtnet-3.1.14.so"
Heuristic match: "Name: lib/armeabi/libumeng-spy.so"
Heuristic match: "Name: res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.pn"
Heuristic match: "Name: res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.pn"
Heuristic match: "Name: res/drawable-hdpi-v4/abc_text_select_handle_middle_mtrl_light.pn"
Heuristic match: "Name: res/drawable-hdpi-v4/cast_abc_scrubber_control_off_mtrl_alpha.pn"
Heuristic match: "Name: res/drawable-hdpi-v4/quantum_ic_play_circle_filled_grey600_36.pn"
Heuristic match: "Name: res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.pn"
Heuristic match: "Name: res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.pn"
Heuristic match: "Name: res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.pn"
Heuristic match: "Name: res/drawable-mdpi-v4/abc_text_select_handle_middle_mtrl_light.pn"
Heuristic match: "Name: res/drawable-mdpi-v4/cast_abc_scrubber_control_off_mtrl_alpha.pn"
Heuristic match: "Name: res/drawable-mdpi-v4/quantum_ic_play_circle_filled_grey600_36.pn"
Heuristic match: "Name: res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.pn"
Heuristic match: "Name: res/drawable-xhdpi-v4/abc_text_select_handle_middle_mtrl_dark.pn"
Heuristic match: "Name: res/drawable-xhdpi-v4/abc_text_select_handle_right_mtrl_light.pn"
Heuristic match: "Name: res/drawable-xhdpi-v4/quantum_ic_keyboard_arrow_down_white_36.pn"
Heuristic match: "Name: res/drawable-xhdpi-v4/quantum_ic_pause_circle_filled_white_36.pn"
Heuristic match: "Name: res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_dark.9.pn"
Heuristic match: "Name: res/drawable-xxhdpi-v4/abc_text_select_handle_left_mtrl_light.pn"
Heuristic match: "Name: res/drawable-xxhdpi-v4/abc_text_select_handle_right_mtrl_dark.pn"
Heuristic match: "Name: res/drawable-xxhdpi-v4/cast_abc_scrubber_primary_mtrl_alpha.9.pn"
Heuristic match: "Name: res/drawable-xxhdpi-v4/quantum_ic_play_circle_filled_white_36.pn"
Heuristic match: "Name: res/drawable-xxxhdpi-v4/abc_text_select_handle_left_mtrl_dark.pn" - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential URL in binary/memory
-
Pattern Matching
-
YARA signature match - AES Encryption
- details
-
YARA signature for AES encryption matched on file "libijkffmpeg.so_"
YARA signature for AES encryption matched on file "libijkffmpeg.so" - source
- YARA Signature
- relevance
- 5/10
- ATT&CK ID
- T1027 (Show technique in the MITRE ATT&CK™ matrix)
-
YARA signature match - AES Encryption
-
Spyware/Information Retrieval
-
Contains CRYPTO related strings
- details
-
file/memory contains long string with (Indicator: "aes"; File: "libumeng-spy.so")
file/memory contains long string with (Indicator: "aes"; File: "libumeng-spy.so_1690406149152")
file/memory contains long string with (Indicator: "3des"; File: "libclassify.so")
Found string "SHA-256-Digest: OtPY9TlAEsvX9EmimcJrWNrkBirNtB5rpyv8IN7M1tk=" (Indicator: "aes"; File: "MAGISOTT.SF")
Found string "SHA-256-Digest: CutHnA4x7U+TTfprCWqvBNvpv3xHjRe5tte6dGaEssU=" (Indicator: "aes"; File: "MAGISOTT.SF")
Found string "SHA-256-Digest: a8XAAdT/gPK6Oe1zaes1AIVtAYRKTwnCwJ0o19B2Big=" (Indicator: "aes"; File: "MAGISOTT.SF")
Found string "SHA-256-Digest: SBL0hnXjMj+lp2V7ZWiIQHDEbZwnsYTi1YAEsLsoRHc=" (Indicator: "aes"; File: "MAGISOTT.SF")
Found string "SHA-256-Digest: xm+aeSKqlhA7OpL9+hNHgNzNXAcI6oRgXI7xdf9SMUg=" (Indicator: "aes"; File: "MAGISOTT.SF")
Found string "SHA-256-Digest: LO7FNu0+ueC7dHCHO1PSbdUufFbTqI50gCvjAEskwEo=" (Indicator: "aes"; File: "MAGISOTT.SF")
file/memory contains long string with (Indicator: "aes"; File: "MANIFEST.MF")
Found string "SHA-256-Digest: NVNVxIYLBrJctjMWyqIHO+c9AES7NOPgsluvouGGQ20=" (Indicator: "aes"; File: "MANIFEST.MF")
Found string "SHA-256-Digest: AEsXaAyXlRSD9TcEV8rQJZyrz/IlgY7PPMLpNbQBl3w=" (Indicator: "aes"; File: "MANIFEST.MF")
Found string "SHA-256-Digest: TSPQ/1aELraesQel7/apZXWUWbM4mrQQX+PYrM7VI3c=" (Indicator: "aes"; File: "MANIFEST.MF") - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1027 (Show technique in the MITRE ATT&CK™ matrix)
-
Contains CRYPTO related strings
File Details
magis-tv-para-celular.apk
- Filename
- magis-tv-para-celular.apk
- Size
- 35MiB (36303095 bytes)
- Type
- android
- Description
- Zip archive data, at least v2.0 to extract
- Architecture
- SHA256
- cd63e2f923f3b171b7310fc97ea0194569fadcec36e85494c0f4bdc4cbc6af92
- MD5
- f37e8a135299be599182e1f199bbfee2
- SHA1
- 14f9dfbccef6fc03d0dbace198aa8a141dd0f451
- ssdeep
- 786432:vU5xzWq3IfxsV7SzWq3IfDAZCJFQ6ptM7HG6LtM7C0iJbu4XvJxsADy9oy99pdg8:s5dn3esBen3EAZCM6ptM7HG6LtM7C0iK
Version Info
- Minimum SDK
- 18 (Jelly Bean MR2)
- Target SDK
- 28 ()
- Version Code
- 50402
- Version Name
- 5.4.2
- Package Name
- com.msandroid.mobile
- Entrypoint
- com.msandroid.mobilecom.mobile.brasiltv.activity.SplashAty
Classification (TrID)
- 52.8% (.APK) Android Package
- 21.9% (.JAR) Java Archive
- 17.0% (.SH3D) Sweet Home 3D design (generic)
- 6.5% (.ZIP) ZIP compressed archive
- 1.6% (.PG/BIN) PrintFox/Pagefox bitmap (640x800)
File Permissions
Permission | Description |
---|---|
android.permission.INTERNET | Allows applications to open network sockets. |
android.permission.ACCESS_NETWORK_STATE | Allows applications to access information about networks. |
android.permission.CHANGE_NETWORK_STATE | Allows applications to change network connectivity state. |
android.permission.ACCESS_WIFI_STATE | Allows applications to access information about Wi-Fi networks. |
android.permission.WRITE_EXTERNAL_STORAGE | Allows an application to write to external storage. |
android.permission.BROADCAST_STICKY | Allows an application to broadcast sticky intents. |
android.permission.WAKE_LOCK | Allows using PowerManager WakeLocks to keep processor from sleeping or screen from dimming. |
android.permission.VIBRATE | Allows access to the vibrator. |
android.permission.GET_TASKS | This constant was deprecated in API level 21. No longer enforced. |
android.permission.CAMERA | Required to be able to access the camera device. |
android.permission.REQUEST_INSTALL_PACKAGES | Allows an application to request installing packages. |
android.permission.RECEIVE_BOOT_COMPLETED | Allows an application to receive the ACTION_BOOT_COMPLETED that is broadcast after the system finishes booting. |
android.permission.FOREGROUND_SERVICE | - |
android.permission.MANAGE_EXTERNAL_STORAGE | - |
android.permission.READ_EXTERNAL_STORAGE | Allows an application to read from external storage. |
android.permission.READ_MEDIA_IMAGES | - |
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE | - |
com.google.android.c2dm.permission.RECEIVE | - |
android.permission.BLUETOOTH | Allows applications to connect to paired bluetooth devices. |
android.permission.CHANGE_WIFI_MULTICAST_STATE | Allows applications to enter Wi-Fi Multicast mode. |
android.permission.CHANGE_WIFI_STATE | Allows applications to change Wi-Fi connectivity state. |
android.permission.ACCESS_COARSE_LOCATION | Allows an app to access approximate location. |
android.permission.READ_PHONE_STATE | Allows read only access to phone state. |
com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION | - |
android.permission.BIND_JOB_SERVICE | - |
File Activities
Activity | Description |
---|---|
com.msandroid.mobilecom.mobile.brasiltv.activity.MyFavListActivity | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SplashAty | Entrypoint |
com.msandroid.mobilecom.mobile.brasiltv.activity.MainAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.RecordsAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.WebViewAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ScanLoginActivity | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.PlayAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.OrderAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SettingLanguageAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.TransitionLanguageAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.LoginAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SelectNationAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.SettingAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.AboutAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ExperienceCastPlayAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.FindPwdByPhoneAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SearchAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.IntroduceAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.Search1Aty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ColumnListAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.AccountAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.EmailAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.ChangePwdAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.ForgetPasswordAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.ScanLoginAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.RedemptionAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.PhoneBindAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SetPassWordAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.PhoneBindSuccessAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.PhoneAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SendEmailAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ResetAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.VIPMemberActivity | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.EmailManagerAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.AccountBindAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.BindEmailSucAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SetPwdOnBeAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SetPwdOnResetAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ResetPwdSucAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.ChangeEmailAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.MyBenefitsAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.NotificationSettingAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SingleColumnAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.CastDeviceAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.CastModeAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.FreeGameCenterAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.AccountSwitchAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SpecialAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.OrderConfirmAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.MsgBoxAty | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.SubtitleAty | - |
com.msandroid.mobilecom.mobile.brasiltv.mine.activity.PlaylistActivity | - |
com.msandroid.mobilecom.mobile.brasiltv.activity.TopTenActivity | - |
com.msandroid.mobilecom.google.android.gms.auth.api.signin.internal.SignInHubActivity | - |
com.msandroid.mobilecom.google.android.gms.ads.AdActivity | - |
com.msandroid.mobilecom.google.android.gms.common.api.GoogleApiActivity | - |
com.msandroid.mobilecom.hpplay.sdk.source.permission.PermissionBridgeActivity | - |
com.msandroid.mobilecom.umeng.message.notify.UPushMessageNotifyActivity | - |
com.msandroid.mobilecom.umeng.message.UPushBoardActivity | - |
File Receivers
Receiver | Intents |
---|---|
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver | - |
com.google.android.gms.cast.framework.media.MediaIntentReceiver | - |
com.google.android.gms.measurement.AppMeasurementReceiver | - |
com.google.firebase.iid.FirebaseInstanceIdReceiver | com.google.android.c2dm.intent.RECEIVE |
com.mobile.brasiltv.receiver.BootReceiver | android.intent.action.BOOT_COMPLETED |
com.qiniu.android.dns.NetworkReceiver |
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT |
com.taobao.accs.EventReceiver |
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE android.intent.action.USER_PRESENT android.intent.action.PACKAGE_REMOVED |
com.taobao.accs.ServiceReceiver |
com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO |
com.taobao.agoo.AgooCommondReceiver |
com.msandroid.mobile.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED |
com.umeng.message.NotificationProxyBroadcastReceiver | - |
File Certificates
Owner | Issuer | Validity | Hashes (MD5, SHA1) |
---|---|---|---|
Serial: |
Extracted Strings
Extracted Files
Displaying 20 extracted file(s). The remaining 132 file(s) are available in the full version and XML/JSON reports.
-
Informative Selection 20
-
-
libijkffmpeg.so_1690406149152
- Size
- 5.5MiB (5758208 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, stripped
- MD5
- 2104e176508d2d6a8b31952f3ac92b63
- SHA1
- 6a37f5d197dbe92f262c5eb0ab7ca2684dbe2314
- SHA256
- fb441f9f72c760623cf000de403bfcecc38b7dbd4e465808f0ec4897c10a7976
-
libhoudini_hook.so_1690406149152
- Size
- 5.1MiB (5370724 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d616e7cb6af0eece286b07148ab03f54abeb6613, stripped
- MD5
- 310ebe76acac89c8595cd978ccdf6e8d
- SHA1
- 1c3043e3222d9de612f8e9e280f644384bfdf767
- SHA256
- edc3f15bd437906a9723f09c5a7ac96c46f97af50b5f2a4e923ac75b5f2d700f
-
libranger-jni.so
- Size
- 2MiB (2143260 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped
- MD5
- 04d461c355a45c2a65c977ca88cc8bb1
- SHA1
- acccdd099c38647c3bd4a8921aff0178c4335010
- SHA256
- 84bc30bca03aa2652b37e413ea387394a9907709cbb5ff6e606e10eecc3d93be
-
libranger-jni.so_1690406149150
- Size
- 2MiB (2143260 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped
- MD5
- 3790f1b1cf728b0f05b9292539e6f9aa
- SHA1
- a321e25cd61bef8a3c6549ecdda99de368a221e5
- SHA256
- 395e3e5b8216a8719220b71e6699e95ebf97daf4beefa60888587038298d5736
-
libRSSupport.so
- Size
- 1.7MiB (1783824 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[md5/uuid]=32ea64bd60e3c74c4296aa26e917aad0, stripped
- MD5
- 29710555119f5793e3840c02c9790053
- SHA1
- 9faa8660621475c4e4678398b350d9ecd469a50c
- SHA256
- dc5d5eaa5079c624df21553468e6eb22598da43e506d9aa1b47b02871d0397c0
-
libexec_x86.so
- Size
- 513KiB (524876 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, not stripped
- MD5
- 472999d94e424b4531f4c51b1bb65704
- SHA1
- 3c735a0cb08795ccb1976c973c8d928f58f43f12
- SHA256
- 00faf258467cc4e87f53392f14f4546fa5e4c175f43ace3b5f4929d165bdd2e7
-
libexec.so_1690406149152
- Size
- 501KiB (512744 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped
- MD5
- 24c39c39292e0f970dd875e5be311be0
- SHA1
- f1dea55a759bed2f815f14691536be398e7e1151
- SHA256
- bb34c343ac4d9551f987691dd9a608b3e7bae34488d47be63f89a9bd92b5ef8f
-
libcrashsdk.so_1690406149152
- Size
- 488KiB (499904 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, BuildID[sha1]=6d263471fc14dd8e18ca6ef5ef0a5c249997186c, stripped
- MD5
- 59264ed98da3e827db32818f489eee23
- SHA1
- 3a0516fa1b2504e5f493b650be214cf80aa04b16
- SHA256
- f4cd2ae6e34b881edf1807de1f29e8a99fc711b34dee36c05147265572c7bfdf
-
libcrashsdk.so
- Size
- 480KiB (491764 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, BuildID[sha1]=9f2efd8e9549a288b3882c0477b8c28838187df2, stripped
- MD5
- 84be1735236918c812dde36004d62fc4
- SHA1
- 9fcd1f68a5aef65730182215045ff0c1375f5bb4
- SHA256
- d2ceb434e4ead30a139abadc4c8d354d029b5a74caaee6413b338da5fe84f222
-
libcrashlytics-common.so
- Size
- 451KiB (462184 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=84cb30153f92336df90fe769c148197a29a1e929, stripped
- MD5
- b01ba1708eb851a671c476a69ca5d9d6
- SHA1
- fdcb45858f6cdce1e3037cbb27bf600368152091
- SHA256
- de901977761d9c54904a7d17b81060b71be39061f1919b56636f40abc18b0c52
-
libijm_linker.so
- Size
- 415KiB (425428 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=25770b3bf362235d1cf3425fe7ecf4e9020df718, stripped
- MD5
- c3a5470c483030b054f3d7a704412484
- SHA1
- 886d2951b2e001d4b3b567889e0e677635078950
- SHA256
- c5870c7a8349e1ea71541bae6d75da839f8707b9f3b8187826c8c402f968e8c2
-
MAGISOTT.SF
- Size
- 394KiB (403744 bytes)
- Type
- text
- Description
- ASCII text, with CRLF line terminators
- MD5
- 83ceb615c0d78e3efc91a33ed9c1ce64
- SHA1
- 3ed5e8a7346d024d86eb43f1ef50939cae446eb1
- SHA256
- 2f5e4a5b6bf0f8453c2f2f167c95d4829a056b97dfc5a9e5b4c43014d9db436b
-
MANIFEST.MF
- Size
- 394KiB (403620 bytes)
- Type
- text
- Description
- ASCII text, with CRLF line terminators
- MD5
- 90fb67eef42e415d1438289a45ac674c
- SHA1
- 76946036247be8e9e0306e1314313ac6cfa092f9
- SHA256
- ca771e034a233639d2295bbce7386f27ae63509dfb28c4ff8f61c10a3c618016
-
libtnet-3.1.14.so_1690406149152
- Size
- 264KiB (270724 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, BuildID[sha1]=148c1e4424b44acf1daf8b8fe97d2834a493bee9, stripped
- MD5
- 9f34f46db37a2126a545036723e04494
- SHA1
- 7b5057608767e3b4710e903b605f046700264adc
- SHA256
- 5726312666f41329025652907bbbd9757bc17eb6d0c09ba0db89ac4951b93d4a
-
libtnet-3.1.14.so
- Size
- 244KiB (250244 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, BuildID[sha1]=e4710adeb1bd476ee7532060347232cb49626674, stripped
- MD5
- f89e2a68f93bcfa05396e479774fe97d
- SHA1
- 47809658a91cb9c51620534499bf098c99889b5a
- SHA256
- e3efe1e247caf1343c42f1f4dc4b60e1b989006ba1618c1005fdd7490723f422
-
libijkplayer.so_1690406149152
- Size
- 239KiB (244308 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, stripped
- MD5
- dff763fdd4baee7fa4ec628329688358
- SHA1
- 169309ca81cd6aa87f3e654472dbedd4d8d0344e
- SHA256
- 3e2b572f26f5842321084b991153a736379ed4284207899cc36ed4e4126a2be8
-
libijksdl.so_1690406149152
- Size
- 210KiB (214528 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /system/bin/linker, stripped
- MD5
- 3dd03a305fdc47f20f08c4e0959c337f
- SHA1
- 14a554eae43791c26afb9d0940a122e069953a83
- SHA256
- 0d4a0930d729bb5f79904fe61d424a9c5126f04e4970ea1d3b4452a71a0be415
-
libhtsfx.so_1690406149152
- Size
- 165KiB (169257 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped
- MD5
- 41e489bbdcdfaf5f61b78ea42d5f8219
- SHA1
- 978677832ab331cd82e863084c1de308a84c6a01
- SHA256
- 059ec1c0f9b413a586c62c1e8cdf12d8b614f165bc5c154dc4c8fe54b04c0513
-
libumeng-spy.so
- Size
- 138KiB (141024 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=57ba14987e1ec1f4c4763441cd0b1b72ea89aeda, stripped
- MD5
- 9905adc5a796144bd5091938817fe692
- SHA1
- ae32532edf45c0e1cca8fdef1de2cbbba2a7a60a
- SHA256
- ab92c511688407feb86e949bbe76d539c6bce6eff296f53bbc305bd0c96a40ab
-
libumeng-spy.so_1690406149152
- Size
- 138KiB (141024 bytes)
- Type
- elf executable
- Description
- ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=6ff1495013dcb913b11db4e401bb9846d30a2c78, stripped
- MD5
- c732ccd8327a63e20fb9eea8a22fe0bc
- SHA1
- 4ee7ecb0f866d8e996c95f14b5114dfe1452c799
- SHA256
- 1f9bbb652f0b83eaab6e535526863c7ffd39f68aefc08f31ec76827423f090a2
-