ID: 196310 Sample Name: it.gruppopellegrini.tiristoriamo_1575400267.apk Cookbook: defaultandroidfilecookbook.jbs Time: 09:36:14 Date: 16/12/2019 Version: 28.0.0 Lapis Lazuli Table of Contents
Table of Contents 2 Analysis Report it.gruppopellegrini.tiristoriamo_1575400267.apk 4 Overview 4 General Information 4 Detection 4 Confidence 5 Classification 5 Analysis Advice 6 Mitre Att&ck Matrix 6 Signature Overview 7 Privilege Escalation: 7 Networking: 7 Key, Mouse, Clipboard, Microphone and Screen Capturing: 7 E-Banking Fraud: 7 Operating System Destruction: 7 Change of System Appearance: 7 System Summary: 7 Data Obfuscation: 8 Persistence and Installation Behavior: 8 Boot Survival: 8 Hooking and other Techniques for Hiding and Protection: 8 Malware Analysis System Evasion: 8 Anti Debugging: 8 Language, Device and Operating System Detection: 8 Stealing of Sensitive Information: 8 Malware Configuration 8 Antivirus, Machine Learning and Genetic Malware Detection 9 Initial Sample 9 Dropped Files 9 Domains 9 URLs 9 Yara Overview 9 Initial Sample 9 PCAP (Network Traffic) 9 Dropped Files 9 Sigma Overview 9 Joe Sandbox View / Context 9 IPs 9 Domains 11 ASN 11 JA3 Fingerprints 12 Dropped Files 13 Screenshots 13 Thumbnails 13 Created / dropped Files 14 Domains and IPs 15 Contacted Domains 15 URLs from Memory and Binaries 15 Contacted IPs 15 Public 16 Static File Info 16 General 16 File Icon 16 Static APK Info 17 General 17 Activities 17 Receivers 17 Services 17 Permission Requested 17 Copyright Joe Security LLC 2019 Page 2 of 36 Certificate 17 Resources 17 Network Behavior 29 Network Port Distribution 29 TCP Packets 29 UDP Packets 30 DNS Queries 31 DNS Answers 32 HTTPS Packets 32 APK Behavior 34 Installation 34 Miscellaneous 36 System Calls 36 By Permission (executed) 36 By Permission (non-executed) 36 Disassembly 36 0 Executed Methods 36 0 Non-Executed Methods 36
Copyright Joe Security LLC 2019 Page 3 of 36 Analysis Report it.gruppopellegrini.tiristoriamo_1575400267.apk
Overview
General Information
Joe Sandbox Version: 28.0.0 Lapis Lazuli Analysis ID: 196310 Start date: 16.12.2019 Start time: 09:36:14 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 11m 49s Hypervisor based Inspection enabled: false Report type: light Sample file name: it.gruppopellegrini.tiristoriamo_1575400267.apk Cookbook file name: defaultandroidfilecookbook.jbs Analysis system description: Android 6.0 APK Instrumentation enabled: true Detection: MAL Classification: mal48.evad.andAPK@0/253@4/0 Warnings: Show All An application runtime error occurred TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 172.217.21.227, 74.125.206.188, 172.217.22.78, 172.217.16.138, 173.194.187.8, 216.58.205.234, 172.217.21.195, 172.217.16.168, 172.217.16.131, 74.125.173.39, 172.217.23.170, 216.58.207.46, 216.58.207.78, 172.217.23.110, 172.217.16.174, 216.58.208.46, 172.217.16.142, 172.217.22.110, 216.58.210.14, 172.217.16.206, 172.217.21.238, 216.58.205.238, 172.217.22.14, 172.217.18.14, 172.217.18.110, 216.58.207.67, 172.217.18.106, 216.58.208.42, 172.217.18.170, 216.58.207.42, 74.125.173.41, 74.125.110.105 Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, www.googleadservices.com, android.googleapis.com, r3---sn- 4g5e6ns6.gvt1.com, r3.sn-4g5e6nlk.gvt1.com, r4--- sn-4g5ednsr.gvt1.com, mobile-gtalk.l.google.com, r1---sn-4g5e6nlk.gvt1.com, phonedeviceverification-pa.googleapis.com, dl.google.com, cloudconfig.googleapis.com, play.googleapis.com, ssl-google- analytics.l.google.com, www.gstatic.com, digitalassetlinks.googleapis.com, mtalk.google.com, fonts.gstatic.com, r4.sn- 4g5ednsr.gvt1.com, pagead2.googlesyndication.com, www.googleapis.com, r3---sn-4g5e6nlk.gvt1.com, r1.sn-4g5e6nlk.gvt1.com, connectivitycheck.gstatic.com, ssl.google- analytics.com, youtubei.googleapis.com, crashlytics.l.google.com, youtube-ui.l.google.com, instantmessaging-pa.googleapis.com, r3.sn- 4g5e6ns6.gvt1.com No interacted views No simulation commands forwarded to apk Not all executed log events are in report (maximum 10 identical API calls) Not all non-executed APIs are in report Not all resource files were parsed Report size exceeded maximum capacity and may have missing disassembly code. Report size exceeded maximum capacity and may have missing dynamic data code. Errors: Execution failed: Runtime error External Dependency Missing
Detection
Copyright Joe Security LLC 2019 Page 4 of 36 Strategy Score Range Reporting Whitelisted Detection
Threshold 48 0 - 100 false
Confidence
Strategy Score Range Further Analysis Required? Confidence
Threshold 5 0 - 5 false
Classification
Copyright Joe Security LLC 2019 Page 5 of 36 Ransomware
Miner Spreading
mmaallliiiccciiioouusss
malicious
Evader Phishing
sssuusssppiiiccciiioouusss
suspicious
cccllleeaann
clean
Exploiter Banker
Spyware Trojan / Bot
Adware
Analysis Advice
Unable to instrument or execute APK, runtime error occurred
Mitre Att&ck Matrix
Remote Initial Privilege Defense Credential Lateral Command Network Service Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration and Control Effects Effects Impact Valid Windows Winlogon Port Obfuscated Access System Application Access Data Standard Eavesdrop on Remotely Delete Accounts Remote Helper DLL Monitors Files or Stored Network Deployment Stored Compressed Cryptographic Insecure Track Device Device Management Information 1 Application Connections Software Application Protocol 1 Network Without Data Data 1 Discovery 1 Data 1 Communication Authorization Replication Service Port Accessibility Binary Network System Remote Network Exfiltration Standard Exploit SS7 to Remotely Device Through Execution Monitors Features Padding Sniffing Information Services Information Over Other Non- Redirect Phone Wipe Data Lockout Removable Discovery 1 Discovery 1 Network Application Calls/SMS Without Media Medium Layer Authorization Protocol 1
Copyright Joe Security LLC 2019 Page 6 of 36 Remote Initial Privilege Defense Credential Lateral Command Network Service Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration and Control Effects Effects Impact External Windows Accessibility Path Rootkit Input Process Windows Data from Automated Standard Exploit SS7 to Obtain Delete Remote Management Features Interception Capture Discovery 1 Remote Network Exfiltration Application Track Device Device Device Services Instrumentation Management Shared Layer Location Cloud Data Drive Protocol 2 Backups
Signature Overview
• Privilege Escalation • Networking • Key, Mouse, Clipboard, Microphone and Screen Capturing • E-Banking Fraud • Operating System Destruction • Change of System Appearance • System Summary • Data Obfuscation • Persistence and Installation Behavior • Boot Survival • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion • Anti Debugging • Language, Device and Operating System Detection • Stealing of Sensitive Information
Click to jump to signature section
Privilege Escalation:
Requests root access
Networking:
Checks an internet connection is available
Opens an internet connection
Connects to IPs without corresponding DNS lookups
Performs DNS lookups
Urls found in memory or binary data
Uses HTTP for connecting to the internet
Uses HTTPS
Key, Mouse, Clipboard, Microphone and Screen Capturing:
Has permission to take photos
E-Banking Fraud:
Has functionalty to add an overlay to other apps
Operating System Destruction:
Lists and deletes files in the same context
Change of System Appearance:
Acquires a wake lock
System Summary:
Copyright Joe Security LLC 2019 Page 7 of 36 Requests potentially dangerous permissions
Classification label
Loads native libraries
Reads shares settings
Data Obfuscation:
Obfuscates method names
Uses reflection
Persistence and Installation Behavior:
Creates files
Boot Survival:
Installs a new wake lock (to get activate on phone screen on)
Hooking and other Techniques for Hiding and Protection:
Queries list of running processes/tasks
Queries package code path (often used for patching other applications)
Uses Crypto APIs
Malware Analysis System Evasion:
Tries to detect Android x86
Tries to detect the analysis device (e.g. the Android emulator)
Accesses /proc
Accesses android OS build fields
Queries several sensitive phone informations
Queries the unique operating system id (ANDROID_ID)
Tries to detect Virtualbox
Anti Debugging:
Checks if debugger is running
Language, Device and Operating System Detection:
Checks if phone is rooted (checks for Superuser.apk)
Checks if phone is rooted (checks for test-keys build tags)
Stealing of Sensitive Information:
Queries camera information
Queries stored mail and application accounts (e.g. Gmail or Whatsup)
Reads boot loader settings of the device
Malware Configuration
No configs have been found
Copyright Joe Security LLC 2019 Page 8 of 36 Antivirus, Machine Learning and Genetic Malware Detection
Initial Sample
Source Detection Scanner Label Link it.gruppopellegrini.tiristoriamo_1575400267.apk 0% Virustotal Browse
Dropped Files
No Antivirus matches
Domains
No Antivirus matches
URLs
Source Detection Scanner Label Link http://fontforge.sf.net) 0% Avira URL Cloud safe https://app-measurement.com/a 0% Virustotal Browse https://app-measurement.com/a 0% URL Reputation safe https://api.flutter.dev/flutter/material/Scaffold/of.html8 0% Avira URL Cloud safe http://fontforge.sf.net)CupertinoIconsCupertinoIconsMediumMediumFontForge 0% Avira URL Cloud safe http://fontforge.sf.net)Created 0% Avira URL Cloud safe https://api.flutter.dev/flutter/material/Scaffold/of.html 0% Avira URL Cloud safe
Yara Overview
Initial Sample
No yara matches
PCAP (Network Traffic)
No yara matches
Dropped Files
No yara matches
Sigma Overview
No Sigma rule has matched
Joe Sandbox View / Context
IPs
Match Associated Sample Name / URL SHA 256 Detection Link Context 172.217.22.46 https://tiny.ie/zrswjNG Get hash malicious Browse crl.pki.go og/GTSGIAG 3.crl E11B4F25FC4534A73579C1CB6F2F8CEEA355A03D Get hash malicious Browse crl.pki.go og/GTSGIAG 3.crl
Copyright Joe Security LLC 2019 Page 9 of 36 Match Associated Sample Name / URL SHA 256 Detection Link Context 27mai.exe Get hash malicious Browse ipv4.googl e.com/sorr y/index?co ntinue=htt p://www.go ogle.com/s earch%3Fhl %3Den%26ie %3DUTF-8%2 6oe%3DUTF- 8%26q%3Dbr yson.demon .co.uk%2Bm ail%26num% 3D50&hl=en &q=EgQXgUB nGO6T09YFI hkA8aeDSz9 B1RTfNN1fR MBwo_nTnpo thy37MgFy .exe Get hash malicious Browse ipv4.googl e.com/sorr y/index?co ntinue=htt p://www.go ogle.com/s earch%3Fhl %3Den%26ie %3DUTF-8%2 6oe%3DUTF- 8%26q%3Dma ilto%2Bsrc .dec.com%2 6num%3D100 &hl=en&q=EgQ- 2wMvGM_ cw9YFIhkA8 aeDSyI5yOM 8q9-kXHCV8- FXg0wKdfd- MgFy
user78698.7ci.ru Get hash malicious Browse crl.pki.go og/GTSGIAG 3.crl Payment Details.doc Get hash malicious Browse google.com /newbuild/t.php? stats=send&thr ead=0 www.who.int Get hash malicious Browse ocsp.pki.g oog/GTSGIA G3/MEkwRzB FMEMwQTAJB gUrDgMCGgU ABBT27bBjY jKBmjX2jXW gnQJKEapsr QQUd8K4UJp ndnaxLcKG0 IOgfqZ%2Bu ksCCB6lT5Y lBV1%2B 172.217.16.130 https://www.avast.com/antivirus Get hash malicious Browse http://176.114.9.149:8081/offer?sid=MixEU_k2&keys= Get hash malicious Browse spinnaker+helm+artifact&lan=en&redir=http%3A%2F%2F 149.202.65.142%2FmxJV5f%3Fsub_id_1%3DMixEU_k2_tb https://wawa.tk/shannon/quiz-only-people-with-iq-range-140-1 Get hash malicious Browse 49-know-the-meaning-of-these-17-words?experiment=TQUIZ https://onedrive.live.com/?authkey=%21ABfQBc2symcH Get hash malicious Browse kcU&cid=411AE82266F5C82F&id=411AE82266F5 C82F%21111&parId=root&o=OneUp bsowcheck.docx Get hash malicious Browse bsowcheck.docx Get hash malicious Browse https://linkprotect.cudasvc.com/url?a=https%3a%2f% Get hash malicious Browse 2fmicrosofyyqr3p7y2bcmwnn.z13.web.core.windows.net %2findex.php%3fc%3dhhh019ah05ah0h2hhhh01 ah2h04ah01ah3h013ah011ah3h013ah0h015ah2h 3h010a.h01ah3h09a&c=E,1,NHQmjTJv7AkskGmJ X_mgzYN_9WuSZMCxZOQbU6wIpugnkZV-TY3R6f9R SlaRc1MZVuPkJof5TnPmMoCdY9y1o27CboQWR7BX _MMqUGAQOv2z&typo=1 Image File.doc Get hash malicious Browse https://www.theglobaljio.com/uss/new/ Get hash malicious Browse
Copyright Joe Security LLC 2019 Page 10 of 36 Match Associated Sample Name / URL SHA 256 Detection Link Context https://od.lk/f/OF8xNTM3NzgzMDVf Get hash malicious Browse http://ihelenkimberlyg37.linkpc.net/ Get hash malicious Browse http://lw2k6k.fun/587p7s Get hash malicious Browse https://protect-eu.mimecast.com/s/v68aCO7mzSp8JJzB Get hash malicious Browse tErub5 iasJ9Sb73f.apk Get hash malicious Browse http://yobit.com/ Get hash malicious Browse
Domains
Match Associated Sample Name / URL SHA 256 Detection Link Context reports.crashlytics.com it.gruppopellegrini.tiristoriamo_1575400267.apk Get hash malicious Browse 50.17.219.143 HMA VPN.apk Get hash malicious Browse 23.23.203.202 com.fingersoft.hillclimb_2019-03-19.apk Get hash malicious Browse 54.225.166.59 com.arcsoft.perfect365_2019-06-06.apk Get hash malicious Browse 54.235.95.228 Mono1_v1.apk Get hash malicious Browse 23.21.167.116 Mono1_v1.apk Get hash malicious Browse 54.204.12.79 test.apk Get hash malicious Browse 54.243.35.64 apkpure-FindTheDifferencesTheDetective_v1.3.7_apkp Get hash malicious Browse 23.23.95.26 ure.com.apk com.escape.room.door.word.prison.puzzle.adventure_2019- Get hash malicious Browse 54.221.211.151 01-09.apk com.puzzles.game.halloweeen.one_2018-11-27.apk Get hash malicious Browse 54.243.228.36 CM Browser Ad Blocker Fast Download Privacy_v5.22. Get hash malicious Browse 107.22.248.149 17.0011_apkpure.com.apk Quick n Lite Fashion Reader_v0.2.5_apkpure.com.apk Get hash malicious Browse 54.243.68.183 RhhopHXgNk.apk Get hash malicious Browse 23.23.88.219
ASN
Match Associated Sample Name / URL SHA 256 Detection Link Context unknown https://2hwnz.app.link/ Get hash malicious Browse 198.143.16 4.252
http://mmc.conferencing.com/ium/pdf/InterCall_Cust Get hash malicious Browse 3.3.0.2 omer%20Support.pdf http://ducvinhqb.com/service.html Get hash malicious Browse 176.32.96.8 OErZmV24Gj.exe Get hash malicious Browse 108.184.9.44 https://www.linkedin.com/redirect?url=https://0793.to&urlhas Get hash malicious Browse 152.199.23.37 h=wWcH http://franklingelderland.nl/val/netease/[email protected] Get hash malicious Browse 193.189.139.95 om.sg https://merrilledge.tt.omtrdc.net/m2/merrilledge/ubox/image? Get hash malicious Browse 104.25.23.21 mbox=optOut&profile.throttle_value=999&mboxDefault =https://is.gd/fid3IJ DHL Invoice_jpg.exe Get hash malicious Browse 185.140.53.134 http://dolohen.com/afu.php Get hash malicious Browse 206.54.165.187 https://us5.mailchimp.com/mctx/click?url=https://www.coparte Get hash malicious Browse 107.6.137.30 s.com/live&xid=41d5c6b9f8&uid=561719813&pool=&subj ect=#YXl1MTdAa3BtZy5jb20uYXU%3D https://jasonfowell.com/wpcontent Get hash malicious Browse 107.180.51.82 https://opendoorcdn.com/setting/min.min.js Get hash malicious Browse 124.156.216.20 https://clck.ru/KwDyT Get hash malicious Browse 185.82.126.66 https://jaygill.000webhostapp.com/wp-content/uploa Get hash malicious Browse 127.0.0.1 ds/2019/12/news/537877/537877.zip https://www.virustotal.com/intelligence/download/? Get hash malicious Browse 74.125.34.46 hash=32de66a467db22cf0f5b65d1a9f4e19c&apikey=8ff39 c8f441bc2a07896448d96eadcfd34fc64b2750cdf7b74ebfc6 e63975a7c http://107.189.10.174 Get hash malicious Browse 107.189.10.174 SK1gbpRgLG.exe Get hash malicious Browse 212.8.242.104 https://github.com/NetSPI/MicroBurst/archive/master.zip Get hash malicious Browse 140.82.113.10 http://cloudatlas.io/cgi-bin/XHlHld7wfi_P1I4QUdMES Get hash malicious Browse 113.61.76.239 _disk/security_9lJw6B0_U0QQT1zTtRps/zoi2prvane5w4a w_4uuwvx2716/ http://express-kleidi.gr/images/fifl_x5ngkz_box/open_area/17 Get hash malicious Browse 95.216.244.172 6022905_1SvBtONN7/ unknown https://2hwnz.app.link/ Get hash malicious Browse 198.143.16 4.252 http://mmc.conferencing.com/ium/pdf/InterCall_Cust Get hash malicious Browse 3.3.0.2 omer%20Support.pdf Copyright Joe Security LLC 2019 Page 11 of 36 Match Associated Sample Name / URL SHA 256 Detection Link Context http://ducvinhqb.com/service.html Get hash malicious Browse 176.32.96.8 OErZmV24Gj.exe Get hash malicious Browse 108.184.9.44 https://www.linkedin.com/redirect?url=https://0793.to&urlhas Get hash malicious Browse 152.199.23.37 h=wWcH http://franklingelderland.nl/val/netease/[email protected] Get hash malicious Browse 193.189.139.95 om.sg https://merrilledge.tt.omtrdc.net/m2/merrilledge/ubox/image? Get hash malicious Browse 104.25.23.21 mbox=optOut&profile.throttle_value=999&mboxDefault =https://is.gd/fid3IJ DHL Invoice_jpg.exe Get hash malicious Browse 185.140.53.134 http://dolohen.com/afu.php Get hash malicious Browse 206.54.165.187 https://us5.mailchimp.com/mctx/click?url=https://www.coparte Get hash malicious Browse 107.6.137.30 s.com/live&xid=41d5c6b9f8&uid=561719813&pool=&subj ect=#YXl1MTdAa3BtZy5jb20uYXU%3D https://jasonfowell.com/wpcontent Get hash malicious Browse 107.180.51.82 https://opendoorcdn.com/setting/min.min.js Get hash malicious Browse 124.156.216.20 https://clck.ru/KwDyT Get hash malicious Browse 185.82.126.66 https://jaygill.000webhostapp.com/wp-content/uploa Get hash malicious Browse 127.0.0.1 ds/2019/12/news/537877/537877.zip https://www.virustotal.com/intelligence/download/? Get hash malicious Browse 74.125.34.46 hash=32de66a467db22cf0f5b65d1a9f4e19c&apikey=8ff39 c8f441bc2a07896448d96eadcfd34fc64b2750cdf7b74ebfc6 e63975a7c http://107.189.10.174 Get hash malicious Browse 107.189.10.174 SK1gbpRgLG.exe Get hash malicious Browse 212.8.242.104 https://github.com/NetSPI/MicroBurst/archive/master.zip Get hash malicious Browse 140.82.113.10 http://cloudatlas.io/cgi-bin/XHlHld7wfi_P1I4QUdMES Get hash malicious Browse 113.61.76.239 _disk/security_9lJw6B0_U0QQT1zTtRps/zoi2prvane5w4a w_4uuwvx2716/ http://express-kleidi.gr/images/fifl_x5ngkz_box/open_area/17 Get hash malicious Browse 95.216.244.172 6022905_1SvBtONN7/
JA3 Fingerprints
Match Associated Sample Name / URL SHA 256 Detection Link Context f8a5929f8949e846267b582072e35f84 Ti RistoriAMO_v1.9.1_apkpure.com.apk Get hash malicious Browse 172.217.22.46 RailtelV5.19(Build-41).apk Get hash malicious Browse 172.217.22.46 RailtelV5.19(Build-38).apk Get hash malicious Browse 172.217.22.46 pivaa.apk Get hash malicious Browse 172.217.22.46 subreddit.android.appstore_9200.apk Get hash malicious Browse 172.217.22.46 com.btcontract.wallet_52.apk Get hash malicious Browse 172.217.22.46 MdecService (1).apk Get hash malicious Browse 172.217.22.46 PostaElettronicaCertificata.apk Get hash malicious Browse 172.217.22.46 com.okta.android.mobile.oktamobile_2019-11-20.apk Get hash malicious Browse 172.217.22.46 MdecService.apk Get hash malicious Browse 172.217.22.46 MdecService.apk Get hash malicious Browse 172.217.22.46 com.hichip_630_apps.evozi.com.apk Get hash malicious Browse 172.217.22.46 Pornhub Mod v5.1.3 (AndroidApkData.net).apk Get hash malicious Browse 172.217.22.46
rootme1.apk Get hash malicious Browse 172.217.22.46 8Q9s4u0xCi.apk Get hash malicious Browse 172.217.22.46 czSzTBWQnu.apk Get hash malicious Browse 172.217.22.46 4xfyoWzKcd.apk Get hash malicious Browse 172.217.22.46 Y1NiaKR0as.apk Get hash malicious Browse 172.217.22.46 BxOFfhVspL.apk Get hash malicious Browse 172.217.22.46 4jwuWnRumJ.apk Get hash malicious Browse 172.217.22.46 6ec2896feff5746955f700c0023f5804 it.gruppopellegrini.tiristoriamo_1575400267.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 com.tdo.showbox_5.35.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 U4c2kX5V7Q Get hash malicious Browse 172.217.16.130 172.217.23.98 AdupsFota-new.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 com.io.freeup_12.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 com.io.freeup-0.41-sameapk.com.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 do4pQCCh2n.apk Get hash malicious Browse 172.217.16.130 172.217.23.98
Copyright Joe Security LLC 2019 Page 12 of 36 Match Associated Sample Name / URL SHA 256 Detection Link Context Ef72cwsXia.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 7EZX61SYPF.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 DIY Locker DIY Photo_v1.6.5.5_apkpure.com.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 MOGA Pivot_v1.25_apkpure.com.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 base.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 3Lzfhx0XLd Get hash malicious Browse 172.217.16.130 172.217.23.98 7GJqknrsET.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 jHe5SEEwRv.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 #Uc378#Ud1a1.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 jiajia-v6-jiajia-official-61.7.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 enemy1.apk Get hash malicious Browse 172.217.16.130 172.217.23.98 hooq stream watch movies tv series more .apk Get hash malicious Browse 172.217.16.130 172.217.23.98 mt0PjtV4Fz.apk Get hash malicious Browse 172.217.16.130 172.217.23.98
Dropped Files
No context
Screenshots
Thumbnails This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Copyright Joe Security LLC 2019 Page 13 of 36 Created / dropped Files
/data/user/0/it.gruppopellegrini.tiristoriamo/no_backup/com.google.InstanceId.properties File Type: ASCII text, with very long lines Size (bytes): 2079 Entropy (8bit): 6.001922607010231 Encrypted: false MD5: 36BAA227D268A53109B025FCD171A8BF SHA1: 397E23C89E3FD78ACF99118779F224A0667D59D5 SHA-256: 3DDF8F90CC35FC71346B60D89EA58B1DF43EA2975E4AD43D01FA84C667EFE3D3 SHA-512: 6E05672883C59461CF010FD9FF8438B3FBBBC5C59AFFAB9F01DB13487D74814C562560757E1E24824F4172740A7C 0A20378DAF974C20EF8407AF0FA25867FEDF Malicious: false Reputation: low Preview:
/data/user/0/it.gruppopellegrini.tiristoriamo/no_backup/com.google.android.gms.appid-no-backup File Type: empty Size (bytes): 0 Entropy (8bit): 0.0 Encrypted: false MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D287 7EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: high, very likely benign file
Copyright Joe Security LLC 2019 Page 14 of 36 /data/user/0/it.gruppopellegrini.tiristoriamo/no_backup/com.google.android.gms.appid-no-backup Preview:
Domains and IPs
Contacted Domains
Name IP Active Malicious Antivirus Detection Reputation reports.crashlytics.com 54.235.139.252 true false high pagead46.l.doubleclick.net 172.217.16.130 true false high pagead.l.doubleclick.net 172.217.23.98 true false high googlehosted.l.googleusercontent.com 172.217.18.1 true false high settings.crashlytics.com unknown unknown false high www.youtube.com unknown unknown false high lh3.googleusercontent.com unknown unknown false high
URLs from Memory and Binaries
Name Source Malicious Antivirus Detection Reputation http://www.apache.org/licenses/LICENSE-2.0 io.fabric.sdk.android.fabric.properties false high http://fontforge.sf.net) CupertinoIcons.ttf false Avira URL Cloud: safe low https://app-measurement.com/a android false 0%, Virustotal, Browse unknown URL Reputation: safe https://settings.crashlytics.com/spi/v2/platforms/android/ap android false high ps/%s/settings https://reports.crashlytics.com/spi/v1/platforms/android/app android false high s/it.gruppopellegrini.tiristoriamo/repor http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd libapp.so false high http://www.unicode.org/copyright.html libflutter.so false high https://reports.crashlytics.com/sdk-api/v1/platforms/android android false high /apps/it.gruppopellegrini.tiristoriamo/m https://api.flutter.dev/flutter/material/Scaffold/of.html8 libapp.so false Avira URL Cloud: safe unknown https://goo.gl/NAOOOI android false high https://android.googlesource.com/toolchain/clang libflutter.so false high https://goo.gl/NAOOOI. android false high http://fontforge.sf.net)CupertinoIconsCupertinoIco CupertinoIcons.ttf false Avira URL Cloud: safe low nsMediumMediumFontForge http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd8 libapp.so false high https://ti-ristoriamo.firebaseio.com android false high https://android.googlesource.com/toolchain/llvm libflutter.so false high https://github.com/flutter/flutter/issues/2897).It android false high https://github.com/dart-lang/sdk/blob/master/runtime/docs/co libflutter.so false high mpiler/aot/entry_point_pragma.md http://schemas.android.com/apk/res/android select_dialog_multichoice_material.xml, false high abc_tint_btn_checkable.xml, notification _action_background.xml, abc_se arch_view.xml, abc_seekbar_thu mb_material.xml, abc_action_me nu_item_layout.xml, abc_alert_dialog_tit le_material.xml, abc_alert_dialog_button _bar_material.xml, abc_select_ dialog_material.xml, abc_casca ding_menu_item_layout.xml, android https://e.crashlytics.com/spi/v2/events android false high https://api.crashlytics.com/spi/v1/platforms/android/apps/it android false high .gruppopellegrini.tiristoriamo http://fontforge.sf.net)Created CupertinoIcons.ttf false Avira URL Cloud: safe low https://api.flutter.dev/flutter/material/Scaffold/of.html libapp.so false Avira URL Cloud: safe unknown
https://settings.crashlytics.com/spi/v2/platforms/android/ap android false high ps/it.gruppopellegrini.tiristoriamo/sett http://schemas.android.com/apk/res-auto abc_tint_btn_checkable.xml, ab false high c_select_dialog_material.xml
Contacted IPs
Copyright Joe Security LLC 2019 Page 15 of 36 No. of IPs < 25%
25% < No. of IPs < 50% 50% < No. of IPs < 75% 75% < No. of IPs
Public
IP Country Flag ASN ASN Name Malicious 172.217.23.98 United States 15169 unknown false 172.217.22.46 United States 15169 unknown false 172.217.16.130 United States 15169 unknown false 172.217.16.195 United States 15169 unknown false 54.235.139.252 United States 14618 unknown false
Static File Info
General File type: Java archive data (JAR) Entropy (8bit): 7.9865335708806695 TrID: Android Package (19004/1) 46.91% Java Archive (13504/1) 33.34% ZIP compressed archive (8000/1) 19.75% File name: it.gruppopellegrini.tiristoriamo_1575400267.apk File size: 25143147 MD5: 01448c8504ee64b5120259502714df43 SHA1: 27660072d73ac08ea75f8f6752a94d2a10c062b8 SHA256: f94d874e897ac775002a7d204f20f5e7bbd5c2a0ab263ad 460b985e50c836f54 SHA512: 2759163bdbfefe4d28c56c8284dbc5fb2df452f435e928d7 d45231e95f1ae01e8dc1323dac87983c8ddb90f21803513 0aa54d02c4c8dbb4f570f07497a4f3cb1 SSDEEP: 393216:bLl5O+WTZ0faDKd9nMxUiQHVohC0p3DHUcY 8XaNBqy4Vq3rUL0A+iHUu5dytS5d+:bLlQ+WTZTW9nI UN1mC0RDHq8Xarqyb3T File Content Preview: PK...... A].Wx....'...... AndroidManifest.xml.....Z[o[...... X.d[.e;..#K....G.u..V%[.zsiR..$E...$F. @...h...E..AQ..(..0 ....(...... S..T...... ~;g..\.).d.%.....|3;3.g.Ba.P.q....7.#.A...P.... .x.8...... w.O...... [email protected]`....s...... :p.k@....)...-......
File Icon
Copyright Joe Security LLC 2019 Page 16 of 36 Static APK Info
General Label: Ti ristoriAMO Minimum SDK required: 21 Target SDK required: 29 Version Code: 1575400267 Version Name: 1575400267 Package Name: it.gruppopellegrini.tiristoriamo Is Activity: true Is Receiver: true Is Service: true Requests System Level Permissions: false Play Store Compatible: true
Activities
Name Is Entrypoint it.gruppopellegrini.tiristoriamoit.gruppopellegrini.tiristoriamo.MainActivity true it.gruppopellegrini.tiristoriamocom.google.android.gms.common.api.GoogleApiActivity
Receivers
com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver Intent: com.android.vending.INSTALL_REFERRER com.google.android.gms.measurement.AppMeasurementReceiver com.google.firebase.iid.FirebaseInstanceIdReceiver Intent: com.google.android.c2dm.intent.RECEIVE
Services
com.google.android.gms.measurement.AppMeasurementJobService com.google.android.gms.measurement.AppMeasurementService com.google.firebase.components.ComponentDiscoveryService com.google.firebase.iid.FirebaseInstanceIdService Intent: com.google.firebase.INSTANCE_ID_EVENT (Priority -500)
Permission Requested
android.permission.ACCESS_NETWORK_STATE android.permission.ACCESS_WIFI_STATE android.permission.BIND_JOB_SERVICE android.permission.CAMERA android.permission.FLASHLIGHT android.permission.INTERNET android.permission.VIBRATE android.permission.WAKE_LOCK com.google.android.c2dm.permission.RECEIVE com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
Certificate
Name: classes.dex Issuer: CN=Ivan Caserini,OU=Ti RistoriAMO,O=Gruppo Pellegrini S.p.A.,L=Milano,ST=Milano,C=IT Subject: CN=Ivan Caserini,OU=Ti RistoriAMO,O=Gruppo Pellegrini S.p.A.,L=Milano,ST=Milano,C=IT
Resources
Name Type Size common_google_signin_btn_icon_lig Android binary XML 104 ht_focused.xml abc_text_select_handle_right_mtrl_li PNG image data, 176 x 88, 8-bit colormap, non-interlaced 513 ght.png abc_btn_switch_to_on_mtrl_00001.9 PNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced 1526 .png libapp.so ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped 11891348 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 253
Copyright Joe Security LLC 2019 Page 17 of 36 Name Type Size common_google_signin_btn_text_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png abc_ic_menu_selectall_mtrl_alpha.p PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 262 ng notify_panel_notification_icon_bg.pn PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced 107 g notification_bg_normal_pressed.9.pn PNG image data, 8 x 8, 8-bit/color RGB, non-interlaced 223 g select_dialog_multichoice_material.x Android binary XML 864 ml abc_btn_switch_to_on_mtrl_00012.9 PNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced 2816 .png abc_ic_clear_material.xml Android binary XML 684 abc_ic_star_half_black_16dp.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 235 abc_ic_star_black_48dp.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 467 abc_ic_star_half_black_16dp.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 376 abc_btn_switch_to_on_mtrl_00012.9 PNG image data, 27 x 27, 8-bit gray+alpha, non-interlaced 825 .png abc_tint_btn_checkable.xml Android binary XML 728 androidx.vectordrawable_vectordraw ASCII text 6 able-animated.version abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 325 png abc_ic_star_black_48dp.png PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced 1680 abc_list_pressed_holo_dark.9.png PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 abc_textfield_default_mtrl_alpha.9.p PNG image data, 12 x 11, 8-bit gray+alpha, non-interlaced 178 ng abc_ab_share_pack_mtrl_alpha.9.pn PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 280 g androidx.localbroadcastmanager_loc ASCII text 6 albroadcastmanager.version common_google_signin_btn_icon_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png ic_launcher.png PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced 31613 notification_action_background.xml Android binary XML 1180 abc_screen_simple.xml Android binary XML 104 abc_search_view.xml Android binary XML 3472 abc_scrubber_control_to_pressed_m PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 267 trl_000.png abc_text_select_handle_middle_mtrl PNG image data, 30 x 36, 8-bit/color RGBA, non-interlaced 396 _light.png abc_scrubber_control_to_pressed_m PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced 145 trl_000.png abc_list_selector_disabled_holo_ligh PNG image data, 21 x 63, 8-bit gray+alpha, non-interlaced 229 t.9.png abc_tint_btn_checkable.xml Android binary XML 624 abc_popup_menu_header_item_layo Android binary XML 848 ut.xml abc_btn_switch_to_on_mtrl_00001.9 PNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced 2505 .png common_google_signin_btn_text_da Android binary XML 104 rk.xml notification_bg_low_pressed.9.png PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced 252 abc_seekbar_thumb_material.xml Android binary XML 1100 common_full_open_on_phone.png PNG image data, 128 x 128, 8-bit colormap, non-interlaced 489 abc_scrubber_track_mtrl_alpha.9.pn PNG image data, 20 x 24, 8-bit gray+alpha, non-interlaced 198 g abc_btn_switch_to_on_mtrl_00001.9 PNG image data, 27 x 27, 8-bit gray+alpha, non-interlaced 754 .png abc_ic_menu_cut_mtrl_alpha.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 492 libapp.so ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, not stripped 12174336 abc_text_select_handle_middle_mtrl PNG image data, 40 x 48, 8-bit/color RGBA, non-interlaced 583 _dark.png CupertinoIcons.ttf TrueType Font data, 16 tables, 1st "FFTM", 14 names, Macintosh 97680 abc_spinner_mtrl_am_alpha.9.png PNG image data, 36 x 48, 8-bit gray+alpha, non-interlaced 448 abc_spinner_mtrl_am_alpha.9.png PNG image data, 72 x 96, 8-bit gray+alpha, non-interlaced 430 abc_list_divider_mtrl_alpha.9.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 167 abc_btn_check_to_on_mtrl_015.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 432 abc_tab_indicator_mtrl_alpha.9.png PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced 186 abc_edit_text_material.xml Android binary XML 1172
Copyright Joe Security LLC 2019 Page 18 of 36 Name Type Size abc_textfield_activated_mtrl_alpha.9 PNG image data, 38 x 33, 8-bit gray+alpha, non-interlaced 199 .png androidx.viewpager_viewpager.versi ASCII text 6 on abc_tint_default.xml Android binary XML 1224 notify_panel_notification_icon_bg.pn PNG image data, 15 x 15, 8-bit/color RGB, non-interlaced 98 g libflutter.so ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[xxHash]=5865b880d5f73053, stripped 6066036 firebase-ml-vision.properties ASCII text 74 abc_ic_star_half_black_16dp.png PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced 146 abc_menu_hardkey_panel_mtrl_mult PNG image data, 64 x 24, 8-bit gray+alpha, non-interlaced 541 .9.png abc_cab_background_top_material.x Android binary XML 336 ml abc_popup_background_mtrl_mult.9. PNG image data, 96 x 48, 8-bit gray+alpha, non-interlaced 1098 png AssetManifest.json ASCII text, with very long lines, with no line terminators 1759 notification_media_action.xml Android binary XML 564 common_google_signin_btn_icon_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png resources.arsc data 387912 abc_text_select_handle_right_mtrl_d PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced 319 ark.png abc_list_selector_disabled_holo_dar PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 k.9.png abc_action_menu_item_layout.xml Targa image data - RLE 360 x 65536 x 15 +1 +28 "" 768 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 400 notification_template_big_media_cu Android binary XML 3044 stom.xml abc_list_divider_mtrl_alpha.9.png PNG image data, 2 x 2, 8-bit grayscale, non-interlaced 171 play-services-ads- ASCII text 94 identifier.properties abc_ic_star_black_16dp.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 459 abc_btn_radio_to_on_mtrl_000.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 651 notification_bg_low_normal.9.png PNG image data, 12 x 12, 8-bit grayscale, non-interlaced 212 abc_action_bar_up_container.xml Android binary XML 104 switch_thumb_material_light.xml Android binary XML 464 notification_bg_low_normal.9.png PNG image data, 8 x 8, 8-bit grayscale, non-interlaced 215 CERT.RSA data 1440 common_google_signin_btn_icon_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png abc_text_select_handle_right_mtrl_d PNG image data, 44 x 22, 8-bit/color RGBA, non-interlaced 187 ark.png common_google_signin_btn_text_lig Android binary XML 104 ht.xml abc_textfield_activated_mtrl_alpha.9 PNG image data, 19 x 16, 8-bit gray+alpha, non-interlaced 186 .png abc_btn_switch_to_on_mtrl_00012.9 PNG image data, 81 x 81, 8-bit gray+alpha, non-interlaced 2834 .png sensori-affluenza-bianco.png PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced 18143 notification_bg_low_pressed.9.png PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced 225 abc_ic_star_black_36dp.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 364 firebase-analytics.properties ASCII text 74 abc_spinner_mtrl_am_alpha.9.png PNG image data, 72 x 96, 8-bit gray+alpha, non-interlaced 437 abc_screen_toolbar.xml Android binary XML 104 abc_text_select_handle_middle_mtrl PNG image data, 60 x 72, 8-bit/color RGBA, non-interlaced 753 _light.png abc_list_focused_holo.9.png PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced 244 abc_scrubber_control_to_pressed_m PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 415 trl_000.png abc_spinner_mtrl_am_alpha.9.png PNG image data, 18 x 24, 8-bit gray+alpha, non-interlaced 327 abc_scrubber_control_off_mtrl_alpha PNG image data, 18 x 48, 8-bit gray+alpha, non-interlaced 201 .png abc_ic_menu_cut_mtrl_alpha.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 404 splash.png PNG image data, 480 x 164, 8-bit colormap, non-interlaced 5237 common_google_signin_btn_icon_da Android binary XML 104 rk_focused.xml abc_tint_edittext.xml Android binary XML 772 androidx.core_core.version ASCII text 6
Copyright Joe Security LLC 2019 Page 19 of 36 Name Type Size common_google_signin_btn_icon_da Android binary XML 104 rk_normal.xml menu-del-giorno-bianco.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 14679 abc_textfield_search_default_mtrl_al PNG image data, 12 x 3, 8-bit gray+alpha, non-interlaced 178 pha.9.png abc_list_selector_disabled_holo_ligh PNG image data, 42 x 126, 8-bit gray+alpha, non-interlaced 258 t.9.png abc_tab_indicator_mtrl_alpha.9.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 204 notification_icon_background.xml Android binary XML 372 abc_spinner_mtrl_am_alpha.9.png PNG image data, 54 x 72, 8-bit gray+alpha, non-interlaced 524 abc_list_divider_mtrl_alpha.9.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 167 notification_template_big_media_nar Android binary XML 1824 row.xml abc_btn_switch_to_on_mtrl_00001.9 PNG image data, 81 x 81, 8-bit gray+alpha, non-interlaced 2463 .png abc_alert_dialog_title_material.xml Android binary XML 1516 abc_ic_menu_selectall_mtrl_alpha.p PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 305 ng abc_text_select_handle_right_mtrl_li PNG image data, 66 x 33, 8-bit/color RGBA, non-interlaced 262 ght.png abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 127 png notification_template_big_media.xml Android binary XML 1696 abc_list_selector_background_transi Android binary XML 424 tion_holo_light.xml androidx.loader_loader.version ASCII text 6 com.crashlytics.sdk.android.beta.pro ASCII text 98 perties common_google_signin_btn_icon_lig Android binary XML 104 ht_normal.xml abc_ratingbar_small_material.xml Android binary XML 704 abc_scrubber_control_to_pressed_m PNG image data, 27 x 27, 8-bit gray+alpha, non-interlaced 272 trl_005.png abc_text_select_handle_left_mtrl_lig PNG image data, 132 x 66, 8-bit colormap, non-interlaced 420 ht.png firebase-analytics-impl.properties ASCII text 84 abc_spinner_textfield_background_ Android binary XML 1160 material.xml abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 133 png abc_btn_default_mtrl_shape.xml Android binary XML 932 abc_list_pressed_holo_dark.9.png PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 abc_list_pressed_holo_dark.9.png PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 abc_list_selector_disabled_holo_dar PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 k.9.png common_google_signin_btn_text_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png abc_list_focused_holo.9.png PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced 244 common_google_signin_btn_text_lig Android binary XML 104 ht.xml splash.png PNG image data, 960 x 316, 8-bit colormap, non-interlaced 10373 androidx.lifecycle_lifecycle- ASCII text 6 viewmodel.version prenotazioni-nero.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 6719 notification_action_tombstone.xml Android binary XML 1228 abc_ic_star_half_black_16dp.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 197 abc_list_longpressed_holo.9.png PNG image data, 6 x 6, 8-bit/color RGBA, non-interlaced 211 common_google_signin_btn_icon_da Android binary XML 104 rk.xml abc_dialog_material_background.xm Android binary XML 716 l play-services-basement.properties ASCII text 82 abc_ic_commit_search_api_mtrl_alp PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 228 ha.png abc_text_select_handle_right_mtrl_d PNG image data, 176 x 88, 8-bit colormap, non-interlaced 513 ark.png notification_bg_normal_pressed.9.pn PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced 247 g abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 178 png abc_search_url_text.xml Android binary XML 588
Copyright Joe Security LLC 2019 Page 20 of 36 Name Type Size androidx.lifecycle_lifecycle- ASCII text 6 livedata.version common_google_signin_btn_icon_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png firebase-iid.properties ASCII text 62 play-services-flags.properties ASCII text 76 abc_btn_check_to_on_mtrl_015.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 593 abc_switch_track_mtrl_alpha.9.png PNG image data, 24 x 16, 8-bit gray+alpha, non-interlaced 395 abc_btn_check_to_on_mtrl_015.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 321 androidx.legacy_legacy-support- ASCII text 6 v4.version abc_ab_share_pack_mtrl_alpha.9.pn PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced 267 g abc_ic_star_half_black_48dp.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 548 abc_screen_simple_overlay_action_ Android binary XML 104 mode.xml abc_ic_star_half_black_48dp.png PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced 991 notification_bg_normal.9.png PNG image data, 16 x 16, 8-bit grayscale, non-interlaced 221 abc_spinner_mtrl_am_alpha.9.png PNG image data, 36 x 48, 8-bit gray+alpha, non-interlaced 417 abc_ic_star_black_36dp.png PNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced 522 googleg_standard_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 androidx.arch.core_core- ASCII text 6 runtime.version googleg_standard_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 strumenti-bianco.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 7224 abc_textfield_search_default_mtrl_al PNG image data, 18 x 5, 8-bit gray+alpha, non-interlaced 178 pha.9.png abc_alert_dialog_button_bar_materia Android binary XML 1208 l.xml abc_ic_menu_paste_mtrl_am_alpha. PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 226 png abc_menu_hardkey_panel_mtrl_mult PNG image data, 96 x 36, 8-bit gray+alpha, non-interlaced 738 .9.png notification_template_custom_big.x Android binary XML 2456 ml abc_switch_track_mtrl_alpha.9.png PNG image data, 35 x 25, 8-bit gray+alpha, non-interlaced 484 customer-satisfaction-nero.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 7012 abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 263 png abc_spinner_mtrl_am_alpha.9.png PNG image data, 27 x 36, 8-bit gray+alpha, non-interlaced 345 abc_select_dialog_material.xml Android binary XML 976 abc_scrubber_control_off_mtrl_alpha PNG image data, 24 x 64, 8-bit gray+alpha, non-interlaced 267 .png libflutter.so ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[xxHash]=4a38ebe7e1985362, stripped 8614896 abc_spinner_mtrl_am_alpha.9.png PNG image data, 27 x 36, 8-bit gray+alpha, non-interlaced 345 abc_list_selector_disabled_holo_ligh PNG image data, 13 x 41, 8-bit gray+alpha, non-interlaced 217 t.9.png abc_text_select_handle_left_mtrl_da PNG image data, 176 x 88, 8-bit colormap, non-interlaced 513 rk.png abc_cascading_menu_item_layout.x Android binary XML 1868 ml abc_btn_check_to_on_mtrl_015.png PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced 476 googleg_disabled_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 abc_btn_radio_to_on_mtrl_000.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 464 abc_text_select_handle_right_mtrl_li PNG image data, 132 x 66, 8-bit colormap, non-interlaced 422 ght.png abc_btn_radio_to_on_mtrl_000.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 984 abc_btn_radio_to_on_mtrl_000.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 324 splash.png PNG image data, 320 x 110, 8-bit colormap, non-interlaced 3788 abc_scrubber_control_to_pressed_m PNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced 595 trl_005.png googleg_disabled_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 io.fabric.sdk.android.fabric.properties ASCII text 682 abc_slide_out_bottom.xml Android binary XML 104 select_dialog_singlechoice_material. Android binary XML 864 xml abc_textfield_activated_mtrl_alpha.9 PNG image data, 12 x 11, 8-bit gray+alpha, non-interlaced 181 .png abc_cab_background_top_mtrl_alph PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 229 a.9.png
Copyright Joe Security LLC 2019 Page 21 of 36 Name Type Size abc_textfield_search_activated_mtrl PNG image data, 12 x 3, 8-bit gray+alpha, non-interlaced 178 _alpha.9.png abc_ic_star_black_48dp.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 887 gradimento-bianco.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 8819 abc_cab_background_internal_bg.x Android binary XML 372 ml androidx.versionedparcelable_versio ASCII text 6 nedparcelable.version androidx.cursoradapter_cursoradapt ASCII text 6 er.version notification_template_big_media_nar Android binary XML 3216 row_custom.xml abc_text_select_handle_left_mtrl_lig PNG image data, 66 x 33, 8-bit/color RGBA, non-interlaced 278 ht.png abc_ic_star_half_black_48dp.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 310 abc_ab_share_pack_mtrl_alpha.9.pn PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 286 g abc_textfield_search_activated_mtrl PNG image data, 24 x 6, 8-bit gray+alpha, non-interlaced 184 _alpha.9.png common_google_signin_btn_text_lig Android binary XML 104 ht_focused.xml androidx.legacy_legacy-support- ASCII text 6 core-ui.version common_google_signin_btn_text_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png androidx.vectordrawable_vectordraw ASCII text 6 able.version abc_btn_radio_to_on_mtrl_000.png PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced 785 notification_tile_bg.xml Android binary XML 304 abc_ic_star_half_black_48dp.png PNG image data, 144 x 144, 8-bit gray+alpha, non-interlaced 789 common_google_signin_btn_icon_lig Android binary XML 104 ht.xml abc_list_longpressed_holo.9.png PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced 212 abc_scrubber_control_off_mtrl_alpha PNG image data, 36 x 96, 8-bit gray+alpha, non-interlaced 322 .png gradimento-nero.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 8576 abc_scrubber_track_mtrl_alpha.9.pn PNG image data, 15 x 18, 8-bit gray+alpha, non-interlaced 196 g googleg_standard_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 play-services-base.properties ASCII text 74 abc_tint_default.xml Android binary XML 1120 abc_vector_test.xml Android binary XML 612 abc_list_selector_disabled_holo_dar PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 k.9.png abc_primary_text_material_dark.xml Android binary XML 464 notification_template_media_custom Android binary XML 2756 .xml abc_grow_fade_in_from_bottom.xml Android binary XML 852 abc_ic_commit_search_api_mtrl_alp PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 171 ha.png abc_ic_star_black_48dp.png PNG image data, 144 x 144, 8-bit gray+alpha, non-interlaced 1291 abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 260 png logo.png PNG image data, 842 x 1043, 8-bit/color RGBA, non-interlaced 16495 common_google_signin_btn_text_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png abc_list_pressed_holo_light.9.png PNG image data, 6 x 6, 8-bit gray+alpha, non-interlaced 207 abc_secondary_text_material_dark.x Android binary XML 464 ml abc_ic_menu_cut_mtrl_alpha.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 705 abc_textfield_search_default_mtrl_al PNG image data, 36 x 10, 8-bit gray+alpha, non-interlaced 186 pha.9.png abc_ic_star_half_black_36dp.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 421 abc_ic_star_half_black_36dp.png PNG image data, 144 x 144, 8-bit gray+alpha, non-interlaced 760 abc_ic_voice_search_api_material.x Android binary XML 828 ml abc_alert_dialog_title_material.xml Android binary XML 1352 abc_ratingbar_material.xml Android binary XML 704 googleg_disabled_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 abc_color_highlight_material.xml Android binary XML 544
Copyright Joe Security LLC 2019 Page 22 of 36 Name Type Size abc_text_select_handle_left_mtrl_da PNG image data, 44 x 22, 8-bit/color RGBA, non-interlaced 203 rk.png abc_list_pressed_holo_light.9.png PNG image data, 9 x 9, 8-bit gray+alpha, non-interlaced 208 abc_ic_menu_selectall_mtrl_alpha.p PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 215 ng abc_ic_menu_overflow_material.xml Android binary XML 792 MaterialIcons-Regular.ttf Material I 134640 notification_bg_normal.9.png PNG image data, 8 x 8, 8-bit grayscale, non-interlaced 215 abc_ic_menu_share_mtrl_alpha.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 389 abc_btn_radio_material.xml Android binary XML 464 abc_ic_menu_share_mtrl_alpha.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 700 common_google_signin_btn_text_da Android binary XML 104 rk_focused.xml abc_textfield_search_activated_mtrl PNG image data, 36 x 10, 8-bit gray+alpha, non-interlaced 187 _alpha.9.png abc_btn_check_to_on_mtrl_000.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 227 abc_screen_toolbar.xml Android binary XML 104 abc_ic_menu_paste_mtrl_am_alpha. PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 348 png abc_ic_star_black_36dp.png PNG image data, 144 x 144, 8-bit gray+alpha, non-interlaced 1269 abc_tooltip_exit.xml Android binary XML 388 androidx.exifinterface_exifinterface.v ASCII text 6 ersion androidx.asynclayoutinflater_asyncla ASCII text 6 youtinflater.version abc_tint_spinner.xml Android binary XML 772 abc_text_select_handle_right_mtrl_li PNG image data, 44 x 22, 8-bit/color RGBA, non-interlaced 186 ght.png abc_popup_menu_item_layout.xml Android binary XML 2072 abc_expanded_menu_layout.xml Android binary XML 104 abc_text_select_handle_left_mtrl_da PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced 336 rk.png abc_tint_spinner.xml Android binary XML 668 splash.png PNG image data, 1280 x 427, 8-bit colormap, non-interlaced 14481 ic_launcher.png PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced 3998 abc_ic_arrow_drop_right_black_24dp Android binary XML 1000 .xml androidx.lifecycle_lifecycle-livedata- ASCII text 6 core.version play-services-vision- ASCII text 92 common.properties notification_action.xml Android binary XML 1052 abc_ic_menu_paste_mtrl_am_alpha. PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 461 png OpenSans-Regular.ttf TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google 96428 Corporation.Open SansRegular1.10;1ASC;OpenSans-R abc_cab_background_top_mtrl_alph PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 226 a.9.png firebase-iid-interop.properties ASCII text 78 abc_ic_star_black_36dp.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 652 abc_switch_track_mtrl_alpha.9.png PNG image data, 47 x 32, 8-bit gray+alpha, non-interlaced 618 crashlytics-build.properties ASCII text 367 abc_ic_menu_share_mtrl_alpha.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 899 play-services-measurement- ASCII text 96 api.properties abc_ic_menu_cut_mtrl_alpha.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 251 it.json UTF-8 Unicode text 14353 abc_seekbar_tick_mark_material.xm Android binary XML 516 l abc_text_select_handle_middle_mtrl PNG image data, 40 x 48, 8-bit/color RGBA, non-interlaced 585 _light.png abc_seekbar_track_material.xml Android binary XML 1408 abc_text_select_handle_middle_mtrl PNG image data, 20 x 24, 8-bit/color RGBA, non-interlaced 310 _light.png abc_ic_star_half_black_48dp.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 431 abc_textfield_default_mtrl_alpha.9.p PNG image data, 19 x 16, 8-bit gray+alpha, non-interlaced 192 ng abc_text_cursor_material.xml Android binary XML 516 abc_textfield_activated_mtrl_alpha.9 PNG image data, 25 x 22, 8-bit gray+alpha, non-interlaced 189 .png
Copyright Joe Security LLC 2019 Page 23 of 36 Name Type Size androidx.interpolator_interpolator.ver ASCII text 6 sion MANIFEST.MF ASCII text, with CRLF line terminators 65340 abc_action_menu_layout.xml Android binary XML 576 abc_ic_star_half_black_36dp.png PNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced 577 abc_text_select_handle_middle_mtrl PNG image data, 60 x 72, 8-bit/color RGBA, non-interlaced 752 _dark.png androidx.customview_customview.v ASCII text 6 ersion abc_activity_chooser_view_list_item. Android binary XML 104 xml common_google_signin_btn_text_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png notification_template_lines_media.x Android binary XML 2872 ml abc_btn_borderless_material.xml Android binary XML 588 abc_text_select_handle_left_mtrl_lig PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced 335 ht.png abc_text_select_handle_right_mtrl_li PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced 318 ght.png menu-del-giorno-nero.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 12986 abc_switch_track_mtrl_alpha.9.png PNG image data, 71 x 48, 8-bit gray+alpha, non-interlaced 851 abc_scrubber_control_to_pressed_m PNG image data, 18 x 18, 8-bit gray+alpha, non-interlaced 196 trl_000.png common_full_open_on_phone.png PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced 681 abc_scrubber_track_mtrl_alpha.9.pn PNG image data, 30 x 36, 8-bit gray+alpha, non-interlaced 207 g abc_ic_menu_share_mtrl_alpha.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 480 abc_spinner_mtrl_am_alpha.9.png PNG image data, 54 x 72, 8-bit gray+alpha, non-interlaced 525 abc_ic_star_black_16dp.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 263 androidx.slidingpanelayout_slidingpa ASCII text 6 nelayout.version abc_btn_check_to_on_mtrl_000.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 281 androidx.fragment_fragment.version ASCII text 6 common_google_signin_btn_icon_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png play-services-phenotype.properties ASCII text 84 abc_text_select_handle_left_mtrl_lig PNG image data, 44 x 22, 8-bit/color RGBA, non-interlaced 203 ht.png abc_list_selector_holo_light.xml Android binary XML 1064 androidx.coordinatorlayout_coordinat ASCII text 6 orlayout.version androidx.documentfile_documentfile. ASCII text 6 version abc_scrubber_primary_mtrl_alpha.9. PNG image data, 20 x 24, 8-bit gray+alpha, non-interlaced 208 png abc_alert_dialog_button_bar_materia Targa image data - RLE 440 x 65536 x 20 +1 +28 "" 1536 l.xml abc_textfield_default_mtrl_alpha.9.p PNG image data, 38 x 33, 8-bit gray+alpha, non-interlaced 200 ng common_google_signin_btn_icon_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png notification_template_icon_group.xm Android binary XML 988 l common_google_signin_btn_tint.xml Android binary XML 104 splash.png PNG image data, 720 x 246, 8-bit colormap, non-interlaced 8090 abc_list_selector_background_transi Android binary XML 104 tion_holo_dark.xml abc_textfield_search_material.xml Android binary XML 756 googleg_standard_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 prenotazioni-bianco.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 6727 abc_btn_check_material.xml Android binary XML 464 abc_slide_out_top.xml Android binary XML 104 notification_template_media.xml Android binary XML 1292 abc_secondary_text_material_light.x Android binary XML 464 ml notification_bg_low.xml Android binary XML 532 AndroidManifest.xml Android binary XML 10000 common_google_signin_btn_icon_di Android binary XML 104 sabled.xml
Copyright Joe Security LLC 2019 Page 24 of 36 Name Type Size abc_spinner_mtrl_am_alpha.9.png PNG image data, 18 x 24, 8-bit gray+alpha, non-interlaced 318 abc_list_focused_holo.9.png PNG image data, 6 x 6, 8-bit/color RGBA, non-interlaced 222 play-services-clearcut.properties ASCII text 82 abc_btn_colored_text_material.xml Android binary XML 104 androidx.media_media.version ASCII text 6 abc_ic_commit_search_api_mtrl_alp PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 224 ha.png firebase-measurement- ASCII text 98 connector.properties abc_popup_background_mtrl_mult.9. PNG image data, 64 x 32, 8-bit gray+alpha, non-interlaced 776 png abc_list_pressed_holo_light.9.png PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced 209 abc_fade_out.xml Android binary XML 104 abc_background_cache_hint_select Android binary XML 468 or_material_light.xml firebase-core.properties ASCII text 64 abc_btn_colored_material.xml Android binary XML 1716 googleg_disabled_color_18.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 67 abc_btn_radio_to_on_mtrl_015.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 785 common_google_signin_btn_text_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png abc_control_background_material.x Android binary XML 304 ml com.crashlytics.sdk.android.answers ASCII text 100 .properties abc_list_selector_holo_dark.xml Android binary XML 104 androidx.lifecycle_lifecycle- ASCII text 6 runtime.version abc_menu_hardkey_panel_mtrl_mult PNG image data, 192 x 72, 8-bit/color RGBA, non-interlaced 1779 .9.png abc_btn_colored_text_material.xml Android binary XML 104 abc_ic_search_api_material.xml Android binary XML 812 abc_text_select_handle_left_mtrl_da PNG image data, 132 x 66, 8-bit colormap, non-interlaced 420 rk.png abc_item_background_holo_light.xm Android binary XML 1012 l notification_bg.xml Android binary XML 532 abc_popup_enter.xml Android binary XML 508 abc_background_cache_hint_select Android binary XML 104 or_material_dark.xml notification_bg_normal.9.png PNG image data, 12 x 12, 8-bit grayscale, non-interlaced 212 abc_scrubber_control_to_pressed_m PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 403 trl_000.png abc_ic_menu_paste_mtrl_am_alpha. PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 152 png abc_list_divider_material.xml Android binary XML 516 abc_tab_indicator_mtrl_alpha.9.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 202 en.json ASCII text 13088 abc_ic_menu_selectall_mtrl_alpha.p PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 139 ng abc_scrubber_control_to_pressed_m PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 391 trl_005.png abc_text_select_handle_left_mtrl_lig PNG image data, 176 x 88, 8-bit colormap, non-interlaced 513 ht.png abc_text_select_handle_middle_mtrl PNG image data, 20 x 24, 8-bit/color RGBA, non-interlaced 311 _dark.png notification_template_part_time.xml Android binary XML 440 common_google_signin_btn_text_da Android binary XML 104 rk_normal.xml abc_scrubber_control_to_pressed_m PNG image data, 18 x 18, 8-bit gray+alpha, non-interlaced 197 trl_005.png common_google_signin_btn_text_da PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 rk_normal_background.9.png abc_list_pressed_holo_light.9.png PNG image data, 18 x 18, 8-bit gray+alpha, non-interlaced 212 libflutter.so ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[xxHash]=c6e5aa8329e72f1c, stripped 9420872 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 905 abc_list_selector_disabled_holo_ligh PNG image data, 28 x 84, 8-bit gray+alpha, non-interlaced 235 t.9.png abc_screen_content_include.xml Android binary XML 104
Copyright Joe Security LLC 2019 Page 25 of 36 Name Type Size abc_alert_dialog_button_bar_materia Android binary XML 1584 l.xml launch_background.xml Android binary XML 548 notification_template_part_chronome Android binary XML 440 ter.xml abc_activity_chooser_view.xml Android binary XML 104 firebase-common.properties ASCII text 68 abc_text_select_handle_middle_mtrl PNG image data, 30 x 36, 8-bit/color RGBA, non-interlaced 398 _dark.png LICENSE UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators 749356 notify_panel_notification_icon_bg.pn PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced 138 g notification_media_cancel_action.xm Android binary XML 744 l abc_cab_background_top_mtrl_alph PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 237 a.9.png abc_tint_seek_thumb.xml Android binary XML 604 play-services-stats.properties ASCII text 76 abc_ic_star_black_16dp.png PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced 193 abc_btn_colored_borderless_text_m Android binary XML 464 aterial.xml customer-satisfaction-bianco.png PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced 5059 abc_textfield_default_mtrl_alpha.9.p PNG image data, 25 x 22, 8-bit gray+alpha, non-interlaced 187 ng abc_tint_edittext.xml Android binary XML 668 abc_ic_star_black_16dp.png PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced 599 abc_alert_dialog_material.xml Android binary XML 2476 abc_item_background_holo_dark.xm Android binary XML 104 l androidx.appcompat_appcompat.ver ASCII text 6 sion notification_bg_normal_pressed.9.pn PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced 225 g abc_ic_menu_share_mtrl_alpha.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 270 abc_list_selector_disabled_holo_dar PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 k.9.png com.crashlytics.sdk.android.crashlyti ASCII text 104 cs.properties ic_launcher.png PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced 6998 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 494 play-services-measurement- ASCII text 98 base.properties abc_btn_check_to_on_mtrl_000.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 307 abc_btn_check_to_on_mtrl_000.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 214 abc_tab_indicator_mtrl_alpha.9.png PNG image data, 18 x 18, 8-bit gray+alpha, non-interlaced 190 database_12.db SQLite 3.x database, last written using SQLite version 3029000 73728 abc_popup_exit.xml Android binary XML 508 abc_ic_star_black_16dp.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 333 common_google_signin_btn_text_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png abc_ic_ab_back_material.xml Android binary XML 692 abc_scrubber_track_mtrl_alpha.9.pn PNG image data, 10 x 12, 8-bit gray+alpha, non-interlaced 194 g abc_text_select_handle_right_mtrl_d PNG image data, 132 x 66, 8-bit colormap, non-interlaced 422 ark.png switch_thumb_material_dark.xml Android binary XML 104 firebase-ml-common.properties ASCII text 74 abc_hint_foreground_material_dark.x Android binary XML 564 ml com.crashlytics.sdk.android.crashlyti ASCII text 109 cs-core.properties abc_action_bar_item_background_m Android binary XML 264 aterial.xml abc_dialog_title_material.xml Android binary XML 104 common_google_signin_btn_icon_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png common_google_signin_btn_text_lig Android binary XML 104 ht_normal.xml abc_btn_colored_borderless_text_m Android binary XML 500 aterial.xml
Copyright Joe Security LLC 2019 Page 26 of 36 Name Type Size abc_textfield_search_activated_mtrl PNG image data, 18 x 5, 8-bit gray+alpha, non-interlaced 178 _alpha.9.png abc_tint_seek_thumb.xml Android binary XML 500 abc_scrubber_primary_mtrl_alpha.9. PNG image data, 30 x 36, 8-bit gray+alpha, non-interlaced 210 png abc_ic_star_half_black_16dp.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 309 abc_primary_text_disable_only_mat Android binary XML 464 erial_dark.xml androidx.legacy_legacy-support- ASCII text 6 core-utils.version abc_menu_hardkey_panel_mtrl_mult PNG image data, 128 x 48, 8-bit gray+alpha, non-interlaced 966 .9.png abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 327 png abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 199 png abc_switch_thumb_material.xml Android binary XML 464 abc_scrubber_control_to_pressed_m PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 631 trl_005.png abc_btn_check_to_on_mtrl_000.png PNG image data, 128 x 128, 4-bit colormap, non-interlaced 275 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 710 abc_primary_text_disable_only_mat Android binary XML 464 erial_light.xml abc_slide_in_top.xml Android binary XML 104 abc_tab_indicator_mtrl_alpha.9.png PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 194 notification_bg_low_pressed.9.png PNG image data, 8 x 8, 8-bit/color RGB, non-interlaced 223 FontManifest.json ASCII text, with no line terminators 289 abc_ic_star_half_black_36dp.png PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 253 abc_list_focused_holo.9.png PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced 245 play-services-tasks.properties ASCII text 76 ic_launcher.png PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced 10758 androidx.swiperefreshlayout_swipere ASCII text 6 freshlayout.version abc_ic_star_black_48dp.png PNG image data, 72 x 72, 8-bit gray+alpha, non-interlaced 668 play-services-vision-image- ASCII text 102 label.properties tooltip_frame_dark.xml Android binary XML 484 abc_btn_radio_to_on_mtrl_015.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 563 abc_btn_radio_to_on_mtrl_015.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 1208 abc_btn_radio_to_on_mtrl_015.png PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 356 abc_list_longpressed_holo.9.png PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced 214 abc_scrubber_primary_mtrl_alpha.9. PNG image data, 15 x 18, 8-bit gray+alpha, non-interlaced 205 png abc_list_menu_item_radio.xml Android binary XML 532 abc_list_divider_mtrl_alpha.9.png PNG image data, 1 x 1, 8-bit grayscale, non-interlaced 167 abc_list_menu_item_layout.xml Android binary XML 104 abc_ic_star_black_36dp.png PNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced 983 abc_shrink_fade_out_from_bottom.x Android binary XML 852 ml classes.dex Dalvik dex file version 035 2523188 abc_list_menu_item_icon.xml Android binary XML 684 abc_ic_go_search_api_material.xml Android binary XML 640 abc_action_mode_close_item_mater Android binary XML 840 ial.xml abc_action_bar_title_item.xml Android binary XML 872 abc_primary_text_material_light.xml Android binary XML 464 common_google_signin_btn_text_da Android binary XML 104 rk.xml abc_slide_in_bottom.xml Android binary XML 104 abc_ic_commit_search_api_mtrl_alp PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced 173 ha.png tooltip_frame_light.xml Android binary XML 484 libapp.so ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, not stripped 11817984 common_google_signin_btn_text_di Android binary XML 104 sabled.xml play-services-auth-base.properties ASCII text 84 select_dialog_item_material.xml Android binary XML 640 androidx.drawerlayout_drawerlayout. ASCII text 6 version
Copyright Joe Security LLC 2019 Page 27 of 36 Name Type Size abc_btn_radio_to_on_mtrl_015.png PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced 946 abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced 202 png abc_tooltip_enter.xml Android binary XML 388 abc_btn_switch_to_on_mtrl_00012.9 PNG image data, 41 x 41, 8-bit gray+alpha, non-interlaced 1243 .png androidx.print_print.version ASCII text 6 abc_tooltip.xml Android binary XML 1056 abc_switch_track_mtrl_alpha.9.png PNG image data, 94 x 64, 8-bit gray+alpha, non-interlaced 813 abc_popup_background_mtrl_mult.9. PNG image data, 128 x 64, 8-bit gray+alpha, non-interlaced 1544 png abc_list_pressed_holo_dark.9.png PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 abc_fade_in.xml Android binary XML 104 common_google_signin_btn_icon_lig PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced 77 ht_normal_background.9.png abc_text_select_handle_left_mtrl_da PNG image data, 66 x 33, 8-bit/color RGBA, non-interlaced 278 rk.png ic_launcher.png PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced 20106 abc_tab_indicator_material.xml Android binary XML 468 abc_hint_foreground_material_light.x Android binary XML 564 ml abc_tint_switch_track.xml Targa image data - RLE 240 x 65536 x 10 +1 +28 "" 768 abc_ic_menu_cut_mtrl_alpha.png PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced 910 abc_action_mode_bar.xml Android binary XML 104 logo-appbar.png PNG image data, 480 x 164, 8-bit/color RGBA, non-interlaced 7887 abc_text_select_handle_right_mtrl_d PNG image data, 66 x 33, 8-bit/color RGBA, non-interlaced 263 ark.png abc_btn_switch_to_on_mtrl_00012.9 PNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced 1731 .png notification_bg_low_normal.9.png PNG image data, 16 x 16, 8-bit grayscale, non-interlaced 221 abc_popup_background_mtrl_mult.9. PNG image data, 192 x 96, 8-bit gray+alpha, non-interlaced 2305 png abc_scrubber_control_off_mtrl_alpha PNG image data, 12 x 32, 8-bit gray+alpha, non-interlaced 159 .png abc_textfield_search_default_mtrl_al PNG image data, 24 x 6, 8-bit gray+alpha, non-interlaced 182 pha.9.png play-services-vision.properties ASCII text 78 support_simple_spinner_dropdown_it Android binary XML 464 em.xml abc_btn_switch_to_on_mtrl_00001.9 PNG image data, 41 x 41, 8-bit gray+alpha, non-interlaced 1096 .png abc_list_menu_item_checkbox.xml Android binary XML 528 abc_ic_menu_selectall_mtrl_alpha.p PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 183 ng firebase-measurement-connector- ASCII text 108 impl.properties abc_ic_menu_copy_mtrl_am_alpha. PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 178 png abc_scrubber_primary_mtrl_alpha.9. PNG image data, 10 x 12, 8-bit gray+alpha, non-interlaced 203 png abc_ic_menu_paste_mtrl_am_alpha. PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 243 png abc_list_longpressed_holo.9.png PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced 221 abc_tint_switch_track.xml Android binary XML 664 abc_search_dropdown_item_icons_2 Android binary XML 1916 line.xml abc_ab_share_pack_mtrl_alpha.9.pn PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 272 g abc_ic_star_half_black_36dp.png PNG image data, 54 x 54, 8-bit gray+alpha, non-interlaced 328 abc_cab_background_top_mtrl_alph PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced 216 a.9.png abc_btn_check_to_on_mtrl_015.png PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced 404 CERT.SF ASCII text, with CRLF line terminators 65402 abc_ratingbar_indicator_material.xml Android binary XML 704 abc_dialog_material_background.xm Android binary XML 372 l com.google.android.gms.appid-no- empty 0 backup.dr com.google.InstanceId.properties.dr ASCII text, with very long lines 2079
Copyright Joe Security LLC 2019 Page 28 of 36 Network Behavior
Network Port Distribution
Total Packets: 78 • 53 (DNS) • 443 (HTTPS)
TCP Packets
Timestamp Source Port Dest Port Source IP Dest IP Dec 16, 2019 09:36:40.925416946 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:40.950613976 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:40.950999022 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.028676987 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.053843021 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.060964108 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.061012030 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.061031103 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.061043978 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.061077118 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.336376905 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.345207930 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.361540079 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.362724066 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.364408970 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.364569902 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.370305061 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.372078896 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.374281883 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.390028000 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.390078068 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.399509907 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.399686098 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.399753094 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.400067091 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.401783943 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.426996946 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.428212881 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.456804991 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.456845045 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.456856966 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.456866026 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.456887960 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.456921101 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.456986904 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.457040071 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.496887922 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.513468981 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.513542891 CET 52669 443 192.168.2.10 172.217.22.46 Copyright Joe Security LLC 2019 Page 29 of 36 Timestamp Source Port Dest Port Source IP Dest IP Dec 16, 2019 09:36:41.514702082 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.520699978 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.520759106 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.520822048 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.520957947 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.538706064 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.538718939 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.543986082 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.561093092 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.580491066 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.582051992 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.605638981 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.605726957 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.606965065 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.607153893 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.617727041 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.617814064 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.617876053 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.618000031 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.618076086 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.618119001 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.632204056 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.632514000 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.632597923 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.633074045 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.637944937 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.638070107 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.638122082 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.638238907 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.638731956 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.652415037 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.652513027 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.652524948 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.652566910 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.652618885 CET 443 33315 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.652684927 CET 33315 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.662825108 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.662885904 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.663073063 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663220882 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663309097 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663321018 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663332939 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663346052 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663383961 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.663815975 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.688045025 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.701611996 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.701678991 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.701839924 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:36:41.702418089 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.702465057 CET 443 60398 172.217.22.46 192.168.2.10 Dec 16, 2019 09:36:41.705751896 CET 60398 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:14.859900951 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:14.885030031 CET 443 52669 172.217.22.46 192.168.2.10 Dec 16, 2019 09:37:14.885183096 CET 52669 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:16.644140959 CET 53889 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:16.669392109 CET 443 53889 172.217.22.46 192.168.2.10 Dec 16, 2019 09:37:16.669552088 CET 53889 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:16.670697927 CET 53889 443 192.168.2.10 172.217.22.46 Dec 16, 2019 09:37:16.695804119 CET 443 53889 172.217.22.46 192.168.2.10
UDP Packets
Copyright Joe Security LLC 2019 Page 30 of 36 Timestamp Source Port Dest Port Source IP Dest IP Dec 16, 2019 09:36:38.249500036 CET 43443 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:38.274786949 CET 53 43443 8.8.8.8 192.168.2.10 Dec 16, 2019 09:36:38.598499060 CET 55806 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:38.634300947 CET 53 55806 8.8.8.8 192.168.2.10 Dec 16, 2019 09:36:39.974217892 CET 61051 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:40.028019905 CET 33944 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:40.029892921 CET 53 61051 8.8.8.8 192.168.2.10 Dec 16, 2019 09:36:40.069727898 CET 53 33944 8.8.8.8 192.168.2.10 Dec 16, 2019 09:36:41.555569887 CET 43184 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:41.589128017 CET 53 43184 8.8.8.8 192.168.2.10 Dec 16, 2019 09:36:41.878541946 CET 61796 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:36:41.920211077 CET 53 61796 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:15.421664000 CET 64785 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:15.463473082 CET 53 64785 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:15.745327950 CET 41485 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:15.774147987 CET 63152 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:15.786858082 CET 53 41485 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:15.799388885 CET 53 63152 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:24.976331949 CET 47368 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:25.010162115 CET 53 47368 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:28.889936924 CET 6559 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:28.942712069 CET 53 6559 8.8.8.8 192.168.2.10 Dec 16, 2019 09:37:56.027776003 CET 5454 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:37:56.069267988 CET 53 5454 8.8.8.8 192.168.2.10 Dec 16, 2019 09:38:10.794708014 CET 13991 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:38:10.838259935 CET 53 13991 8.8.8.8 192.168.2.10 Dec 16, 2019 09:38:13.405693054 CET 3278 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:38:13.430958986 CET 53 3278 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:10.359882116 CET 23215 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:10.401525021 CET 53 23215 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:10.550883055 CET 30153 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:10.592478037 CET 53 30153 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:10.892987013 CET 32789 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:10.926855087 CET 53 32789 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:11.253700972 CET 9486 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:11.294950962 CET 53 9486 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:11.371715069 CET 14148 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:11.416837931 CET 53 14148 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:12.800605059 CET 4082 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:12.842010975 CET 53 4082 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:14.562211990 CET 9029 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:14.603667974 CET 53 9029 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:16.353914022 CET 22687 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:16.395705938 CET 53 22687 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:23.174201012 CET 4663 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:23.208000898 CET 53 4663 8.8.8.8 192.168.2.10 Dec 16, 2019 09:39:33.278644085 CET 1281 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:39:33.312398911 CET 53 1281 8.8.8.8 192.168.2.10 Dec 16, 2019 09:40:53.480549097 CET 54931 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:40:53.522227049 CET 53 54931 8.8.8.8 192.168.2.10 Dec 16, 2019 09:40:53.649808884 CET 63074 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:40:53.649969101 CET 42284 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:40:53.691446066 CET 53 63074 8.8.8.8 192.168.2.10 Dec 16, 2019 09:40:53.691488028 CET 53 42284 8.8.8.8 192.168.2.10 Dec 16, 2019 09:40:58.665324926 CET 45486 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:40:58.698961020 CET 53 45486 8.8.8.8 192.168.2.10 Dec 16, 2019 09:41:23.562242031 CET 68 67 192.168.2.10 192.168.2.1 Dec 16, 2019 09:41:23.562407970 CET 67 68 192.168.2.1 192.168.2.10 Dec 16, 2019 09:43:33.534080982 CET 44590 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:43:33.575776100 CET 53 44590 8.8.8.8 192.168.2.10 Dec 16, 2019 09:45:55.059756041 CET 31686 53 192.168.2.10 8.8.8.8 Dec 16, 2019 09:45:55.093609095 CET 53 31686 8.8.8.8 192.168.2.10
DNS Queries
Copyright Joe Security LLC 2019 Page 31 of 36 Timestamp Source IP Dest IP Trans ID OP Code Name Type Class Dec 16, 2019 09:37:24.976331949 CET 192.168.2.10 8.8.8.8 0xb3fa Standard query lh3.google A (IP address) IN (0x0001) (0) usercontent.com Dec 16, 2019 09:37:56.027776003 CET 192.168.2.10 8.8.8.8 0x3413 Standard query settings.c A (IP address) IN (0x0001) (0) rashlytics.com Dec 16, 2019 09:38:13.405693054 CET 192.168.2.10 8.8.8.8 0x49e9 Standard query reports.cr A (IP address) IN (0x0001) (0) ashlytics.com Dec 16, 2019 09:39:11.371715069 CET 192.168.2.10 8.8.8.8 0x5cf7 Standard query www.youtub A (IP address) IN (0x0001) (0) e.com
DNS Answers
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class Dec 16, 2019 8.8.8.8 192.168.2.10 0xb3fa No error (0) lh3.google googlehosted.l.googleuse CNAME IN (0x0001) 09:37:25.010162115 usercontent.com rcontent.com (Canonical CET name) Dec 16, 2019 8.8.8.8 192.168.2.10 0xb3fa No error (0) googlehost 172.217.18.1 A (IP address) IN (0x0001) 09:37:25.010162115 ed.l.googl CET euserconte nt.com Dec 16, 2019 8.8.8.8 192.168.2.10 0x3413 No error (0) settings.c crashlytics.l.google.com CNAME IN (0x0001) 09:37:56.069267988 rashlytics.com (Canonical CET name) Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.235.139.252 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.225.172.132 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.235.101.8 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.235.144.228 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.225.169.13 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.243.137.15 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.243.251.238 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x49e9 No error (0) reports.cr 54.243.36.151 A (IP address) IN (0x0001) 09:38:13.430958986 ashlytics.com CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x763c No error (0) pagead46.l 172.217.16.130 A (IP address) IN (0x0001) 09:39:10.592478037 .doubleclick.net CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x4dcd No error (0) pagead.l.d 172.217.23.98 A (IP address) IN (0x0001) 09:39:11.294950962 oubleclick.net CET Dec 16, 2019 8.8.8.8 192.168.2.10 0x5cf7 No error (0) www.youtub youtube-ui.l.google.com CNAME IN (0x0001) 09:39:11.416837931 e.com (Canonical CET name)
HTTPS Packets
Source Dest Not Not JA3 SSL Client Timestamp Source IP Port Dest IP Port Subject Issuer Before After Fingerprint JA3 SSL Client Digest Dec 16, 2019 172.217.22.46 443 192.168.2.10 52669 CN=*.google.com, O=Google CN=GTS CA 1O1, Wed Wed 771,49195- f8a5929f8949e846267b58 09:36:41.061043978 LLC, L=Mountain View, O=Google Trust Nov 13 Feb 05 49196-49199- 2072e35f84 CET ST=California, C=US Services, C=US 10:08:44 10:08:44 49200-158-159- CN=GTS CA 1O1, O=Google CN=GlobalSign, CET CET 49161-49162- Trust Services, C=US O=GlobalSign, 2019 2020 49171-49172-51- OU=GlobalSign Thu Jun Wed 57-49159-49169- Root CA - R2 15 Dec 15 156-157-47-53-5- 02:00:42 01:00:42 255,0-23-13-11- CEST CET 10,23-24-25,0 2017 2021 CN=GTS CA 1O1, O=Google CN=GlobalSign, Thu Jun Wed Trust Services, C=US O=GlobalSign, 15 Dec 15 OU=GlobalSign 02:00:42 01:00:42 Root CA - R2 CEST CET 2017 2021
Copyright Joe Security LLC 2019 Page 32 of 36 Source Dest Not Not JA3 SSL Client Timestamp Source IP Port Dest IP Port Subject Issuer Before After Fingerprint JA3 SSL Client Digest Dec 16, 2019 172.217.22.46 443 192.168.2.10 53889 CN=*.google.com, O=Google CN=GTS CA 1O1, Wed Wed 771,49195- ebfe4f0cec13952528734e 09:37:16.703507900 LLC, L=Mountain View, O=Google Trust Nov 13 Feb 05 49199-158- e57d6200c9 CET ST=California, C=US Services, C=US 10:08:44 10:08:44 49162-49161- CN=GTS CA 1O1, O=Google CN=GlobalSign, CET CET 49171-49172- Trust Services, C=US O=GlobalSign, 2019 2020 49159-49169-51- OU=GlobalSign Thu Jun Wed 57-156-47-53-5- Root CA - R2 15 Dec 15 255,0-23-35-13- 02:00:42 01:00:42 16-11-10,23-24- CEST CET 25,0 2017 2021 CN=GTS CA 1O1, O=Google CN=GlobalSign, Thu Jun Wed Trust Services, C=US O=GlobalSign, 15 Dec 15 OU=GlobalSign 02:00:42 01:00:42 Root CA - R2 CEST CET 2017 2021 Dec 16, 2019 172.217.22.46 443 192.168.2.10 54375 CN=*.google.com, O=Google CN=GTS CA 1O1, Wed Wed 771,49195- ebfe4f0cec13952528734e 09:37:55.354680061 LLC, L=Mountain View, O=Google Trust Nov 13 Feb 05 49199-158- e57d6200c9 CET ST=California, C=US Services, C=US 10:08:44 10:08:44 49162-49161- CN=GTS CA 1O1, O=Google CN=GlobalSign, CET CET 49171-49172- Trust Services, C=US O=GlobalSign, 2019 2020 49159-49169-51- OU=GlobalSign Thu Jun Wed 57-156-47-53-5- Root CA - R2 15 Dec 15 255,0-23-35-13- 02:00:42 01:00:42 16-11-10,23-24- CEST CET 25,0 2017 2021 CN=GTS CA 1O1, O=Google CN=GlobalSign, Thu Jun Wed Trust Services, C=US O=GlobalSign, 15 Dec 15 OU=GlobalSign 02:00:42 01:00:42 Root CA - R2 CEST CET 2017 2021 Dec 16, 2019 54.235.139.252 443 192.168.2.10 59692 CN=*.crashlytics.com, CN=COMODO RSA Wed Tue Apr 771,49195- cad0d99275c692e82c0ac 09:38:13.733289003 OU=COMODO SSL Wildcard, Domain Validation Mar 15 07 49196-49199- 8d74cb16db9 CET OU=Domain Control Validated Secure Server CA, 01:00:00 01:59:59 49200-158-159- CN=COMODO RSA Domain O=COMODO CA CET CEST 49161-49162- Validation Secure Server CA, Limited, L=Salford, 2017 2020 49171-49172-51- O=COMODO CA Limited, ST=Greater Wed Mon Feb 57-49159-49169- L=Salford, ST=Greater Manchester, C=GB Feb 12 12 156-157-47-53-5- Manchester, C=GB CN=COMODO RSA 01:00:00 00:59:59 255,0-23-35-13- CN=COMODO RSA Certification CET CET 16-11-10,23-24- Certification Authority, Authority, 2014 2029 25,0 O=COMODO CA Limited, O=COMODO CA Tue May Sat May L=Salford, ST=Greater Limited, L=Salford, 30 30 Manchester, C=GB ST=Greater 12:48:38 12:48:38 CN=AddTrust External CA Manchester, C=GB CEST CEST Root, OU=AddTrust External CN=AddTrust 2000 2020 TTP Network, O=AddTrust External CA Root, Tue May Sat May AB, C=SE OU=AddTrust 30 30 External TTP 12:48:38 12:48:38 Network, CEST CEST O=AddTrust AB, 2000 2020 C=SE CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE CN=COMODO RSA Domain CN=COMODO RSA Wed Mon Feb Validation Secure Server CA, Certification Feb 12 12 O=COMODO CA Limited, Authority, 01:00:00 00:59:59 L=Salford, ST=Greater O=COMODO CA CET CET Manchester, C=GB Limited, L=Salford, 2014 2029 ST=Greater Manchester, C=GB CN=COMODO RSA CN=AddTrust Tue May Sat May Certification Authority, External CA Root, 30 30 O=COMODO CA Limited, OU=AddTrust 12:48:38 12:48:38 L=Salford, ST=Greater External TTP CEST CEST Manchester, C=GB Network, 2000 2020 O=AddTrust AB, C=SE CN=AddTrust External CA CN=AddTrust Tue May Sat May Root, OU=AddTrust External External CA Root, 30 30 TTP Network, O=AddTrust OU=AddTrust 12:48:38 12:48:38 AB, C=SE External TTP CEST CEST Network, 2000 2020 O=AddTrust AB, C=SE
Copyright Joe Security LLC 2019 Page 33 of 36 Source Dest Not Not JA3 SSL Client Timestamp Source IP Port Dest IP Port Subject Issuer Before After Fingerprint JA3 SSL Client Digest Dec 16, 2019 172.217.16.130 443 192.168.2.10 34999 CN=*.g.doubleclick.net, CN=GTS CA 1O1, Wed Wed 771,49195- 6ec2896feff5746955f700c 09:39:10.681272984 O=Google LLC, L=Mountain O=Google Trust Nov 13 Feb 05 49196-52393- 0023f5804 CET View, ST=California, C=US Services, C=US 10:01:13 10:01:13 49199-49200- CN=GTS CA 1O1, O=Google CN=GlobalSign, CET CET 52392-49161- Trust Services, C=US O=GlobalSign, 2019 2020 49162-49171- OU=GlobalSign Thu Jun Wed 49172-156-157- Root CA - R2 15 Dec 15 47-53,0-23- 02:00:42 01:00:42 65281-10-11-35- CEST CET 16-5-13,29-23- 2017 2021 24,0 CN=GTS CA 1O1, O=Google CN=GlobalSign, Thu Jun Wed Trust Services, C=US O=GlobalSign, 15 Dec 15 OU=GlobalSign 02:00:42 01:00:42 Root CA - R2 CEST CET 2017 2021 Dec 16, 2019 172.217.23.98 443 192.168.2.10 55726 CN=www.googleadservices.c CN=GTS CA 1O1, Wed Wed 771,49195- 6ec2896feff5746955f700c 09:39:11.355372906 om, O=Google LLC, O=Google Trust Nov 13 Feb 05 49196-52393- 0023f5804 CET L=Mountain View, Services, C=US 10:08:27 10:08:27 49199-49200- ST=California, C=US CN=GlobalSign, CET CET 52392-49161- CN=GTS CA 1O1, O=Google O=GlobalSign, 2019 2020 49162-49171- Trust Services, C=US OU=GlobalSign Thu Jun Wed 49172-156-157- Root CA - R2 15 Dec 15 47-53,0-23- 02:00:42 01:00:42 65281-10-11-35- CEST CET 16-5-13,29-23- 2017 2021 24,0 CN=GTS CA 1O1, O=Google CN=GlobalSign, Thu Jun Wed Trust Services, C=US O=GlobalSign, 15 Dec 15 OU=GlobalSign 02:00:42 01:00:42 Root CA - R2 CEST CET 2017 2021
APK Behavior
Installation
Installation Messages
Name Is Error >>>>>> START com.android.internal.os.RuntimeInit uid 0 <<<<<< true CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF
Copyright Joe Security LLC 2019 Page 34 of 36 NamCealling main entry com.android.commands.am.Am Is Error Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Shutting down VM NOTE: attach of thread 'Binder_2' failed FATAL EXCEPTION: main Process: it.gruppopellegrini.tiristoriamo, PID: 3974 java.lang.UnsatisfiedLinkError: dlopen failed: "/data/app/it.gruppopellegrini.tiristoriamo-1/lib/arm/libflutter.so" has unexpected e_machine: 40 at android.app.ActivityThread.-wrap1(ActivityThread.java) at java.lang.reflect.Method.invoke(Native Method) >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher Shutting down VM >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.am.Am Shutting down VM NOTE: attach of thread 'Binder_2' failed >>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<< CheckJNI is OFF Calling main entry com.android.commands.uiautomator.Launcher Shutting down VM handleGenericException(class=java.lang.System,method=loadLibrary,p=[flutter],e=java.lang.UnsatisfiedLinkError: Library flutter not found tried [/vendor/lib/libflutter.so, /system/lib/libflutter.so],e.getClass=class java.lang.UnsatisfiedLinkError,e.cause=null, funcsig: Ljava/lang/System ->loadLibrary(Ljava/lang/String )V) Trace: java.lang.UnsatisfiedLinkError: Library flutter not found tried [/vendor/lib/libflutter.so, /system/lib/libflutter.so] Copyright Joe Security LLC 2019 Page 35 of 36 NamReeceived UnsatisfiedLinkError for library flutter Is Error
Started Services
Intent { act=com.google.android.c2dm.intent.REGISTER pkg=com.google.android.gms (has extras) }
Registered Receivers
null (Intent: android.content.IntentFilter@49c5038) Action: android.intent.action.BATTERY_CHANGED com.crashlytics.android.e.w$a@3aaad76 (Intent: android.content.IntentFilter@fc9ff77) Action: android.intent.action.ACTION_POWER_CONNECTED com.crashlytics.android.e.w$b@1e237e4 (Intent: android.content.IntentFilter@8b1744d) Action: android.intent.action.ACTION_POWER_DISCONNECTED
Miscellaneous
External Library Dependencies
flutter
System Calls
By Permission (executed)
By Permission (non-executed)
Disassembly
0 Executed Methods
0 Non-Executed Methods
Copyright Joe Security LLC 2019
Copyright Joe Security LLC 2019 Page 36 of 36