Meta Seal.apk分析结果

温馨提示：APP静态检测会有结果不完整的现象，如有疑问或建议，可加入我们的微信群讨论

APP图标

下载APP

文件信息

文件名 2hVTBWuYzANcY6m6.apk
文件大小 96.6MB
MD5值 7716f0ae93579db169be880b766910bb
SHA1值 5d9a7820c12ae93a3aff2b784e1b199a2f06f87c
SHA256值 7f1ca8ff3f332482ecc4ba108b4f1c0b7edcdbc7ebec4b6fb9e8233ec2c323f9

APK信息

APK名称 Meta Seal
包名 com.startower.chian
主活动 com.hdwallet.app.MainActivity
安卓版本名称 1.0.3

域名线索 49 条

查看

URL线索 36 条

查看

邮箱线索 6 条

查看

手机号线索 3 条

查看

域名线索

域名	ip	地区
grs.dbankcloud.asia	121.36.117.149	China - Beijing
api-ropsten.etherscan.io	31.13.86.21	Italy - Lombardia
paulbakaus.com	167.172.18.193	United States of America - New Jersey
test-bootstrapprofile-c-1.oss-cn-beijing.aliyuncs.com	123.125.18.57	China - Beijing
journeyapps.com	18.65.168.90	Japan - Tokyo
registry.npmjs.org	104.16.26.34	United States of America - California
127.0.0.1	127.0.0.1	- - -
example.com	96.7.128.175	United States of America - California
dev.w3.org	104.18.22.19	United States of America - California
api-rinkeby.etherscan.io	202.160.129.6	Singapore - Singapore
xml.org	104.239.142.8	United States of America - Texas
grs.dbankcloud.com	60.28.193.195	China - Tianjin
api.trongrid.io	54.254.86.84	Singapore - Singapore
feross.org	50.116.11.184	United States of America - California
play.google.com	46.82.174.69	Germany - Niedersachsen
www.tronlink.org	162.125.32.6	United States of America - California
grs.dbankcloud.eu	没有ip信息	没有地区信息
www.gnu.org	209.51.188.116	United States of America - Massachusetts
a.app.qq.com	60.28.219.32	China - Tianjin
manger.tronlending.org	没有ip信息	没有地区信息
developer.android.com	142.251.215.238	United States of America - California
www.w3.org	104.18.23.19	United States of America - California
links.ethers.org	3.164.143.58	United States of America - Washington
stats.cn.ronghub.com	47.94.172.98	China - Zhejiang
stackoverflow.com	104.18.32.7	United States of America - California
test-bootstrapprofile-b-2.s3.ap-southeast-1.amazonaws.com	3.5.148.68	Singapore - Singapore
app.mi.com	123.125.102.202	China - Beijing
sun.tronex.io	52.15.86.168	United States of America - Ohio
www.example.com	173.222.248.144	Japan - Tokyo
api.flutter.dev	199.36.158.100	United States of America - California
api.etherscan.io	173.236.182.137	United States of America - California
api.devnet.solana.com	162.125.2.3	United States of America - California
www.unicode.org	64.182.27.164	United States of America - Texas
s3.amazonaws.com	16.15.177.108	United States of America - Washington
feedback.rong-edge.com	47.93.244.185	China - Zhejiang
infura.io	13.35.202.118	India - Telangana
developer.mozilla.org	34.111.97.67	United States of America - Missouri
list.tronlink.org	162.125.7.1	United States of America - California
www.google.com	31.13.106.4	Ireland - Dublin
api.mainnet-beta.solana.com	31.13.94.37	Argentina - Ciudad Autonoma de Buenos Aires
dartbug.com	216.239.38.21	United States of America - Virginia
api-goerli.etherscan.io	118.184.78.78	China - Shanghai
docs.flutter.dev	199.36.158.100	United States of America - California
api.testnet.solana.com	31.13.70.33	United States of America - California
github.com	20.205.243.166	Singapore - Singapore
api-kovan.etherscan.io	199.59.150.40	United States of America - California
web3.gastracker.io	没有ip信息	没有地区信息
grs.dbankcloud.cn	124.70.116.153	China - Guangdong
cloudcontrol.rongcloud.net	47.94.224.40	China - Zhejiang

URL线索

URL信息	Url所在文件
https://github.com/Baseflow/flutter-permission-handler/issues	com/baseflow/permissionhandler/PermissionManager.java
https://a.app.qq.com/o/simple.jsp?pkgname=	com/example/r_upgrade/common/tasks/CheckTencentStoreVersionTask.java
https://app.mi.com/details?id=	com/example/r_upgrade/common/tasks/CheckXiaoMiStoreVersionTask.java
https://app.mi.com	com/example/r_upgrade/common/tasks/CheckXiaoMiStoreVersionTask.java
https://play.google.com/store/apps/details?id=	com/example/r_upgrade/common/tasks/CheckGooglePlayVersionTask.java
http://www.google.com	com/example/r_upgrade/common/tasks/CheckGooglePlayVersionTask.java
http://www.example.com	com/pichillilorenzo/flutter_inappwebview_android/chrome_custom_tabs/CustomTabsHelper.java
https://)([\\s\\S]+)	com/huawei/hms/scankit/p/C0093bd.java
https://docs.flutter.dev/deployment/android	io/flutter/embedding/engine/loader/FlutterLoader.java
https://developer.android.com/guide/topics/permissions/overview	io/flutter/plugin/platform/PlatformPlugin.java
https://developer.android.com/reference/javax/net/ssl/SSLSocket	io/flutter/plugins/videoplayer/VideoPlayerPlugin.java
https://feedback.rong-edge.com	io/rong/common/dlog/LogEntity.java
https://feedback.rong-edge.com	io/rong/common/rlog/RLogConfig.java
http://s3.amazonaws.com/doc/2006-03-01/	io/rong/imlib/filetransfer/MinioSliceCompleteRequest.java
http://s3.amazonaws.com/doc/2006-03-01/	io/rong/imlib/filetransfer/StcSliceCompleteRequest.java
http://cloudcontrol.rongcloud.net/v1/config	io/rong/imlib/cloudcontroller/CloudUpdater.java
http://xml.org/sax/features/external-general-entities	io/rong/imlib/common/ParserFactory.java
http://xml.org/sax/features/external-parameter-entities	io/rong/imlib/common/ParserFactory.java
https://test-bootstrapprofile-c-1.oss-cn-beijing.aliyuncs.com/	io/rong/imlib/url/StaticConfigManager.java
https://test-bootstrapprofile-b-2.s3.ap-southeast-1.amazonaws.com/	io/rong/imlib/url/StaticConfigManager.java
https://stats.cn.ronghub.com	io/rong/libcore/BuildConfig.java
http://undefined/	org/jsoup/helper/HttpConnection.java
https://journeyapps.com/	摸瓜V1引擎
https://github.com/journeyapps/zxing-android-embedded	摸瓜V1引擎
https://grs.dbankcloud.com	摸瓜V2引擎
https://grs.dbankcloud.cn	摸瓜V2引擎
https://grs.dbankcloud.eu	摸瓜V2引擎
https://grs.dbankcloud.asia	摸瓜V2引擎
https://github.com/nodeca/pica	摸瓜V2引擎
http://paulbakaus.com/tutorials/html5/web-audio-on-ios/	摸瓜V2引擎
http://stackoverflow.com/questions/24119684	摸瓜V2引擎
https://www.gnu.org/licenses/>.	摸瓜V2引擎
https://www.gnu.org/licenses/>.	摸瓜V2引擎
https://www.gnu.org/licenses/>.	摸瓜V2引擎
http://api.devnet.solana.com	摸瓜V2引擎
http://api.testnet.solana.com	摸瓜V2引擎
http://api.mainnet-beta.solana.com/	摸瓜V2引擎
https://api.devnet.solana.com	摸瓜V2引擎
https://api.testnet.solana.com	摸瓜V2引擎
https://api.mainnet-beta.solana.com/	摸瓜V2引擎
https://github.com/uuidjs/uuid	摸瓜V2引擎
https://links.ethers.org/v5-errors-	摸瓜V2引擎
https://github.com/indutny/elliptic/issues	摸瓜V2引擎
https://github.com/indutny/elliptic	摸瓜V2引擎
http://feross.org>	摸瓜V2引擎
https://api.etherscan.io	摸瓜V2引擎
https://api-ropsten.etherscan.io	摸瓜V2引擎
https://api-rinkeby.etherscan.io	摸瓜V2引擎
https://api-kovan.etherscan.io	摸瓜V2引擎
https://api-goerli.etherscan.io	摸瓜V2引擎
https://infura.io)	摸瓜V2引擎
http://localhost:8545	摸瓜V2引擎
https://web3.gastracker.io	摸瓜V2引擎
https://web3.gastracker.io/morden	摸瓜V2引擎
https://www.tronlink.org/phishing.html?href=	摸瓜V2引擎
https://github.com/indutny/elliptic/issues	摸瓜V2引擎
https://github.com/indutny/elliptic	摸瓜V2引擎
https://feross.org>	摸瓜V2引擎
https://manger.tronlending.org	摸瓜V2引擎
https://github.com/crypto-browserify/crypto-browserify	摸瓜V2引擎
https://github.com/emn178/js-sha3	摸瓜V2引擎
https://api.trongrid.io	摸瓜V2引擎
https://sun.tronex.io	摸瓜V2引擎
https://list.tronlink.org	摸瓜V2引擎
https://github.com/crypto-browserify/crypto-browserify	摸瓜V2引擎
https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz	摸瓜V2引擎
https://github.com/indutny/elliptic/issues	摸瓜V2引擎
https://github.com/indutny/elliptic	摸瓜V2引擎
https://example.com	摸瓜V2引擎
http://localhost:8545	摸瓜V2引擎
https://github.com/richtr/NoSleep.js/issues/15	摸瓜V2引擎
https://developer.mozilla.org/en-US/docs/Web/API/WakeLockSentinel/released)	摸瓜V2引擎
https://api.flutter.dev/flutter/material/Scaffold/of.html	lib/arm64-v8a/libapp.so
http://www.unicode.org/copyright.html	lib/arm64-v8a/libflutter.so
https://docs.flutter.dev/release/breaking-changes/android-surface-plugins	lib/arm64-v8a/libflutter.so
https://github.com/flutter/flutter/issues.	lib/arm64-v8a/libflutter.so
https://dartbug.com/52121.	lib/arm64-v8a/libflutter.so

邮箱线索

邮箱地址	所在文件
superstruct@0.11	摸瓜V2引擎
git@github.com	摸瓜V2引擎
fedor@indutny.com	摸瓜V2引擎
feross@feross.org	摸瓜V2引擎
git@github.com	摸瓜V2引擎
fedor@indutny.com	摸瓜V2引擎
me@ricmoo.com	摸瓜V2引擎
emn178@gmail.com	摸瓜V2引擎
fedor@indutny.com	摸瓜V2引擎
git@github.com	摸瓜V2引擎
appro@openssl.org	lib/arm64-v8a/libRongIMLib.so
appro@openssl.org	lib/arm64-v8a/libflutter.so

手机线索

手机号	所在文件
19919152923	摸瓜V2引擎
19919152923	摸瓜V2引擎
19919152923	摸瓜V2引擎

代码反编译

AndroidManifest配置查看

Java源代码查看 -- 下载

APK文件会员可下载

签名证书

APK已签名
v1 签名: True
v2 签名: True
v3 签名: False
找到 1 个唯一证书
主题: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown
签名算法: rsassa_pkcs1v15
有效期自: 2024-04-10 03:45:46+00:00
有效期至: 2051-08-27 03:45:46+00:00
发行人: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown
序列号: 0x299e07e346a3433e
哈希算法: sha256
md5值: 9a593b02890b1dc439e1b5610fdf47af
sha1值: 7e4cf2e6d22c967011800fe3268d5e043216ff95
sha256值: 0b3e33ff9484b6c2e7002122f26d5742d174215e03825f02f1ed487b1b430a48
sha512值: 1b004e6a6759b46a8605d5cf9072b499a8188e76d8d106aa70acb73b21e5909ac39404a4f99b6678e28ee644619fbf172be9b87857d64462bc21bb74f3afc431
公钥算法: rsa
密钥长度: 2048
指纹: 8538e7f2d3967565db19dfdd246dcbb50c3e87aa79c0c13ed1ba1fc0de0389b0

硬编码敏感信息

"library_zxingandroidembedded_author" : "JourneyApps"
"library_zxingandroidembedded_authorWebsite" : "https://journeyapps.com/"

加壳分析

会员可查看

第三方插件

会员可查看

危险动作

向手机申请的权限	是否危险	类型	详细情况
android.permission.INTERNET	正常	互联网接入	允许应用程序创建网络套接字
android.permission.CAMERA	危险	拍照和录像	允许应用程序用相机拍照和录像。这允许应用程序收集相机随时看到的图像
android.permission.READ_EXTERNAL_STORAGE	危险	读取外部存储器内容	允许应用程序从外部存储读取
android.permission.WRITE_EXTERNAL_STORAGE	危险	读取/修改/删除外部存储内容	允许应用程序写入外部存储
android.permission.REQUEST_INSTALL_PACKAGES	危险	允许应用程序请求安装包。	恶意应用程序可以利用它来尝试诱骗用户安装其他恶意软件包。
android.permission.VIBRATE	正常	可控震源	允许应用程序控制振动器
android.permission.USE_BIOMETRIC	正常		允许应用使用设备支持的生物识别模式。
android.permission.MODIFY_AUDIO_SETTINGS	正常	更改您的音频设置	允许应用程序修改全局音频设置,例如音量和路由
android.permission.RECORD_AUDIO	危险	录音	允许应用程序访问音频记录路径
android.permission.ACCESS_FINE_LOCATION	危险	精细定位（GPS）	访问精细位置源,例如手机上的全球定位系统,如果可用。恶意应用程序可以使用它来确定您的位置,并可能消耗额外的电池电量
android.permission.ACCESS_NETWORK_STATE	正常	查看网络状态	允许应用程序查看所有网络的状态
android.permission.ACCESS_WIFI_STATE	正常	查看Wi-Fi状态	允许应用程序查看有关 Wi-Fi 状态的信息
android.permission.POST_NOTIFICATIONS	未知		调用了未知的操作
android.permission.READ_MEDIA_IMAGES	未知		调用了未知的操作
android.permission.READ_MEDIA_VIDEO	未知		调用了未知的操作
android.permission.WAKE_LOCK	正常	防止手机睡眠	允许应用程序防止手机进入睡眠状态
com.startower.chian.permission.RONG_ACCESS_RECEIVER	未知		调用了未知的操作
com.startower.chian.permission.RONG_BRIDGE_ACTIVITY	未知		调用了未知的操作
android.permission.BLUETOOTH	正常	创建蓝牙连接	允许应用程序连接到配对的蓝牙设备
android.permission.USE_FINGERPRINT	正常	allow use of指纹	该常量在 API 级别 28 中已被弃用。应用程序应改为请求 USE_BIOMETRIC
com.startower.chian.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION	未知		调用了未知的操作