温馨提示:APP静态检测会有结果不完整的现象,如有疑问或建议, 可加入我们的微信群讨论
文件信息
文件名 4_5798820944751366281.apk文件大小 36.12MB
MD5值 f19cd538837c94d99f8274ae4e821444
SHA1值 3c2685ddae7eaf673f6cb7e8d3358633f19552f2
SHA256值 7cf3afea9272229d2d2dee65e9cb8f0d84755b66f733861978b4d9ebd3d174f2
APK信息
APK名称 快柠檬包名 com.falemon.fastlemon
主活动 com.faultyworld.walkthrough.MainActivity
安卓版本名称 1.09.0102
域名线索
| 域名 | 查询域名 | ip | 地区 | 查询地区 |
|---|---|---|---|---|
| falm.shop | 172.67.165.250 | United States of America - California | ||
| vm483584.stark-industries.solutions | 没有ip信息 | 没有地区信息 | ||
| www.google.com | 199.59.148.20 | United States of America - California | ||
| 172-105-201-193.ip.linodeusercontent.com | 172.105.201.193 | Japan - Tokyo | ||
| schemas.microsoft.com | 13.107.246.74 | United States of America - Washington | ||
| vm485596.stark-industries.solutions | 没有ip信息 | 没有地区信息 | ||
| api.falm.cc | 172.67.156.39 | United States of America - California | ||
| knmvd.com | 104.21.96.127 | United States of America - California | ||
| aomedia.org | 199.59.150.39 | United States of America - California | ||
| dashif.org | 185.199.109.153 | United States of America - Pennsylvania | ||
| api.flutter.dev | 199.36.158.100 | United States of America - California | ||
| 139-144-123-209.ip.linodeusercontent.com | 139.144.123.209 | Singapore - Singapore | ||
| ghproxy.com | 144.24.81.189 | Korea (Republic of) - Gangwon-do | ||
| client.relay.crisp.chat | 159.65.139.183 | Singapore - Singapore | ||
| connectivitycheck.gstatic.com | 203.208.43.98 | China - Beijing | ||
| vm869667.stark-industries.solutions | 没有ip信息 | 没有地区信息 | ||
| pub.dev | 34.36.0.14 | United States of America - Missouri | ||
| knmva.store | 103.224.212.109 | Australia - Victoria | ||
| exoplayer.dev | 185.199.109.153 | United States of America - Pennsylvania | ||
| 172-105-212-236.ip.linodeusercontent.com | 172.105.212.236 | Japan - Tokyo | ||
| developer.android.com | 142.250.73.78 | United States of America - California | ||
| www.google-analytics.com | 216.239.34.178 | United States of America - California | ||
| www.gstatic.com | 203.208.50.34 | China - Beijing | ||
| www.w3.org | 104.18.23.19 | United States of America - California | ||
| knmvb.site | 172.67.195.209 | United States of America - California | ||
| default.url | 没有ip信息 | 没有地区信息 | ||
| c.tenor.com | 108.160.169.171 | United States of America - California | ||
| client.crisp.chat | 104.18.29.104 | United States of America - California | ||
| abs.twimg.com | 151.101.88.159 | United States of America - California | ||
| main-so-b9gyd9ejdhe4f3gj.z01.azurefd.net | 13.107.246.74 | United States of America - Washington | ||
| static.cloudflareinsights.com | 104.16.80.73 | United States of America - California | ||
| developer.apple.com | 17.253.87.198 | Hong Kong - Hong Kong | ||
| vm496390.stark-industries.solutions | 没有ip信息 | 没有地区信息 | ||
| flutter.dev | 199.36.158.100 | United States of America - California | ||
| 127.0.0.1 | 127.0.0.1 | - - - | ||
| cs510.wpc.edgecastcdn.net | 208.43.170.231 | United States of America - Texas | ||
| vm496402.stark-industries.solutions | 没有ip信息 | 没有地区信息 | ||
| raw.githubusercontent.com | 185.199.109.133 | United States of America - Pennsylvania | ||
| ns.adobe.com | 没有ip信息 | 没有地区信息 | ||
| www.googletagmanager.com | 114.250.67.41 | China - Beijing | ||
| github.com | 20.205.243.166 | Singapore - Singapore | ||
| twitter.com | 174.36.228.136 | United States of America - District of Columbia | ||
| www.jsdelivr.com | 172.67.208.113 | United States of America - California | ||
| googlehosted.l.googleusercontent.com | 142.250.69.161 | United States of America - California | ||
| 172-104-64-244.ip.linodeusercontent.com | 172.104.64.244 | Japan - Tokyo | ||
| falm.cc | 172.67.156.39 | United States of America - California | ||
| 121.196.147.118 | 121.196.147.118 | China - Zhejiang |
URL线索
邮箱线索
| 邮箱地址 | 所在文件 |
|---|---|
|
_httpparser@13463476.responsepa |
lib/armeabi-v7a/libapp.so |
|
_double@0150898.fromintege |
lib/armeabi-v7a/libapp.so |
|
._future@4048458.immediate |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal |
lib/armeabi-v7a/libapp.so |
|
_link@14069316.fromrawpat |
lib/armeabi-v7a/libapp.so |
|
c_growablelist@0150898.withcapaci |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal6 |
lib/armeabi-v7a/libapp.so |
|
_receiveportimpl@1026248.fromrawrec |
lib/armeabi-v7a/libapp.so |
|
-_list@0150898._ofarray |
lib/armeabi-v7a/libapp.so |
|
z_timer@1026248.periodic |
lib/armeabi-v7a/libapp.so |
|
m_growablelist@0150898._literal2 |
lib/armeabi-v7a/libapp.so |
|
g_bigintimpl@0150898.from |
lib/armeabi-v7a/libapp.so |
|
_list@0150898.empty |
lib/armeabi-v7a/libapp.so |
|
_directory@14069316.fromrawpat |
lib/armeabi-v7a/libapp.so |
|
_casterror@0150898._create |
lib/armeabi-v7a/libapp.so |
|
l_invocationmirror@0150898._withtype |
lib/armeabi-v7a/libapp.so |
|
i_rawsocket@14069316._writepipe |
lib/armeabi-v7a/libapp.so |
|
5_nativesocket@14069316.watchsigna |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal1 |
lib/armeabi-v7a/libapp.so |
|
4_uri@0150898.file |
lib/armeabi-v7a/libapp.so |
|
q_imagefilter@16065589.blur |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal4 |
lib/armeabi-v7a/libapp.so |
|
bb_growablelist@0150898._ofgrowabl |
lib/armeabi-v7a/libapp.so |
|
x_growablelist@0150898.of |
lib/armeabi-v7a/libapp.so |
|
_nativesocket@14069316.pipe |
lib/armeabi-v7a/libapp.so |
|
velocitytrackermixin@340039605.withkind |
lib/armeabi-v7a/libapp.so |
|
_cookie@13463476.fromsetcoo |
lib/armeabi-v7a/libapp.so |
|
authenticationscheme@13463476.fromstring |
lib/armeabi-v7a/libapp.so |
|
_list@0150898.of |
lib/armeabi-v7a/libapp.so |
|
_list@0150898.generate |
lib/armeabi-v7a/libapp.so |
|
n_typeerror@0150898._create |
lib/armeabi-v7a/libapp.so |
|
_list@0150898._ofgrowabl |
lib/armeabi-v7a/libapp.so |
|
_list@0150898._ofefficie |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._ofarray |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal3 |
lib/armeabi-v7a/libapp.so |
|
u_growablelist@0150898._ofother |
lib/armeabi-v7a/libapp.so |
|
_timer@1026248._internal |
lib/armeabi-v7a/libapp.so |
|
_growablelist@0150898._literal5 |
lib/armeabi-v7a/libapp.so |
|
_rawsocket@14069316._readpipe |
lib/armeabi-v7a/libapp.so |
|
storationinformation@1155124995.fromserial |
lib/armeabi-v7a/libapp.so |
|
_socket@14069316._readpipe |
lib/armeabi-v7a/libapp.so |
|
_list@0150898._ofother |
lib/armeabi-v7a/libapp.so |
|
eo_bytebuffer@7027147._new |
lib/armeabi-v7a/libapp.so |
|
ngstreamsubscription@4048458.zoned |
lib/armeabi-v7a/libapp.so |
|
_assertionerror@0150898._create |
lib/armeabi-v7a/libapp.so |
|
av_nativesocket@14069316.normal |
lib/armeabi-v7a/libapp.so |
|
lectiontoolbarbutton@879113492.text |
lib/armeabi-v7a/libapp.so |
|
_uri@0150898.directory |
lib/armeabi-v7a/libapp.so |
|
qd_growablelist@0150898._literal8 |
lib/armeabi-v7a/libapp.so |
|
v_file@14069316.fromrawpat |
lib/armeabi-v7a/libapp.so |
|
lectiontoolbarbutton@759392285.text |
lib/armeabi-v7a/libapp.so |
|
gh_growablelist@0150898.generate |
lib/armeabi-v7a/libapp.so |
|
_uri@0150898.notsimple |
lib/armeabi-v7a/libapp.so |
|
7u_growablelist@0150898._literal7 |
lib/armeabi-v7a/libapp.so |
|
__growablelist@0150898._ofefficie |
lib/armeabi-v7a/libapp.so |
|
_future@4048458.immediatee |
lib/armeabi-v7a/libapp.so |
|
go-tun2socks@v1.16 |
lib/armeabi-v7a/libgojni.so |
签名证书
APK已签名
v1 签名: True
v2 签名: True
v3 签名: False
找到 1 个唯一证书
主题: C=FL, ST=FL, L=FL, O=falemon, OU=FastLemon, CN=Fast
签名算法: rsassa_pkcs1v15
有效期自: 2022-03-26 13:07:39+00:00
有效期至: 2049-08-11 13:07:39+00:00
发行人: C=FL, ST=FL, L=FL, O=falemon, OU=FastLemon, CN=Fast
序列号: 0x67925f1f70b5feb7
哈希算法: sha256
md5值: 1f2034d8cfdb65b43fe2514aca7b7c5e
sha1值: 3973a1e660139ec572534fbb90b5204913b64f0f
sha256值: bbd8137e15cb07363f71c25d2b72875c179d534c27f73391820a72f2586b4a83
sha512值: 61bf5e5a5391cd23bc3fdc4d1a09d2f8fa10aaa04dbeeccec3c2bc3cab966af5db8ec96c89590187c4cbbddcccd5ccaf312480bbc40304f16cbcb62a836b24f4
公钥算法: rsa
密钥长度: 2048
指纹: 5520b2afa346e5d33a749d118774128a454da7c42ad5744af09808fca51751e3硬编码敏感信息
"password" : "Password"
"verify_certificate" : "Verify Certificate"
加壳分析
第三方插件
危险动作
| 向手机申请的权限 | 是否危险 | 类型 | 详细情况 |
|---|---|---|---|
| android.permission.INTERNET | 正常 | 互联网接入 | 允许应用程序创建网络套接字 |
| android.permission.WRITE_EXTERNAL_STORAGE | 危险 | 读取/修改/删除外部存储内容 | 允许应用程序写入外部存储 |
| android.permission.READ_EXTERNAL_STORAGE | 危险 | 读取外部存储器内容 | 允许应用程序从外部存储读取 |
| android.permission.CAMERA | 危险 | 拍照和录像 | 允许应用程序用相机拍照和录像。这允许应用程序收集相机随时看到的图像 |
| android.permission.REQUEST_INSTALL_PACKAGES | 危险 | 允许应用程序请求安装包。 | 恶意应用程序可以利用它来尝试诱骗用户安装其他恶意软件包。 |
| android.permission.POST_NOTIFICATIONS | 未知 | 调用了未知的操作 | |
| android.permission.ACCESS_NETWORK_STATE | 正常 | 查看网络状态 | 允许应用程序查看所有网络的状态 |
| android.permission.WAKE_LOCK | 正常 | 防止手机睡眠 | 允许应用程序防止手机进入睡眠状态 |
| android.permission.RECEIVE_BOOT_COMPLETED | 正常 | 开机时自动启动 | 允许应用程序在系统完成启动后立即启动。这可能会使启动手机需要更长的时间,并允许应用程序通过始终运行来减慢整个手机的速度 |
| android.permission.FOREGROUND_SERVICE | 正常 | 允许常规应用程序使用 Service.startForeground。 | |
| com.falemon.fastlemon.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION | 未知 | 调用了未知的操作 | |
| android.permission.INSTALL_PACKAGES | 系统需要 | 直接安装应用程序 | 允许应用程序安装新的或更新的 Android 包。恶意应用程序可以使用它来添加具有任意强大权限的新应用程序 |