Reminder: The static detection of the APP may result in incomplete findings. If you have any doubts or suggestions, contact us.

File Information

File name com.hrzq.hrzq.apk
Size 63.2MB
MD5 f48905a1e82d6cb9a0924c0944005e90
SHA1 10cbdb772ff595d3195e26d39bac3fbb749e9481
SHA256 307d6fceb960d950008c24d1d2269e536f88ec7508b8acf34b9ec1065092d292

APK Information

App name 翰荣证券
Package name com.hrzq.hrzq
Main activity io.dcloud.PandoraEntry
Version 24.07.15
Domain Clues 21 records
View
URL Clues 24 records
View
Email Clues 0 records
View
Phone Clues 0 records
View

Domain Clues

Domain Domain query IP Location Location query
api.m.taobao.com 140.205.162.6 China - Zhejiang
api.orzudtcua.cn 0.0.0.0 - - -
npms.io 172.67.152.251 United States of America - California
www.apache.org 151.101.2.132 United States of America - California
er.dcloud.net.cn 43.142.62.113 China - Beijing
m3w.cn 116.196.152.179 China - Zhejiang
at.alicdn.com 125.38.11.206 China - Tianjin
apis.map.qq.com 116.130.223.114 China - Beijing
www.baidu.com 110.242.68.3 China - Hebei
www.google.com 199.16.158.9 United States of America - California
ns.adobe.com No information No locations
www.w3.org 104.18.22.19 United States of America - California
github.com 20.205.243.166 Singapore - Singapore
er.dcloud.io No information No locations
ask.dcloud.net.cn 101.72.254.86 China - Hebei
api.rhpvnjitz.cn 0.0.0.0 - - -
schemas.android.com No information No locations
matomo.ybmall.net No information No locations
api.xkagcehry.cn 0.0.0.0 - - -
quilljs.com 172.66.43.93 United States of America - California
service.dcloud.net.cn 111.229.199.57 China - Beijing

URL Clues

URL File path
http://ns.adobe.com/xap/1.0/\u0000
io/dcloud/common/util/ExifInterface.java
http://localhost
io/dcloud/common/util/PdrUtil.java
https://localhost
io/dcloud/common/util/PdrUtil.java
https://m3w.cn/s/
io/dcloud/common/util/ShortCutUtil.java
https://ask.dcloud.net.cn/article/282
io/dcloud/common/constant/DOMException.java
https://er.dcloud.io/sc
io/dcloud/feature/gg/dcloud/ADHandler.java
https://er.dcloud.net.cn/sc
io/dcloud/feature/gg/dcloud/ADHandler.java
https://ask.dcloud.net.cn/article/35058
io/dcloud/feature/audio/AudioRecorderMgr.java
http://localhost
io/dcloud/feature/weex/adapter/DefaultWebSocketAdapter.java
https://ask.dcloud.net.cn/article/35627
io/dcloud/e/b/a.java
https://ask.dcloud.net.cn/article/35877
io/dcloud/e/b/a.java
http://localhost
io/dcloud/e/b/e.java
https://er.dcloud.io/rv
io/dcloud/e/c/h/b.java
https://er.dcloud.net.cn/rv
io/dcloud/e/c/h/b.java
https://ask.dcloud.net.cn/article/283
io/dcloud/g/b.java
https://ask.dcloud.net.cn/article/287
io/dcloud/share/IFShareApi.java
http://schemas.android.com/apk/res/android
pl/droidsonroids/gif/GifViewUtils.java
http://schemas.android.com/apk/res/android
pl/droidsonroids/gif/GifTextureView.java
http://schemas.android.com/apk/res/android
pl/droidsonroids/gif/GifTextView.java
https://github.com/L-JINBIN/ApkSignatureKillerEx
bin/mt/signature/KillerApplication.java
https://ask.dcloud.net.cn/article/36199
摸瓜V1引擎
https://apis.map.qq.com/jsapi?qt=translate&type=1&points=
摸瓜V2引擎
https://apis.map.qq.com/uri/v1/routeplan?type=drive&to=
摸瓜V2引擎
https://www.google.com/maps/?daddr=
摸瓜V2引擎
https://www.google.com/maps/
摸瓜V2引擎
https://quilljs.com/
摸瓜V2引擎
https://quilljs.com
摸瓜V2引擎
https://npms.io/search?q=ponyfill.
摸瓜V2引擎
https://matomo.ybmall.net
摸瓜V2引擎
http://localhost
摸瓜V2引擎
https://www.baidu.com
摸瓜V2引擎
https://$
摸瓜V2引擎
https://api.m.taobao.com/rest/api3.do?api=mtop.common.getTimestamp
摸瓜V2引擎
https://api.rhpvnjitz.cn
摸瓜V2引擎
https://api.xkagcehry.cn
摸瓜V2引擎
https://api.orzudtcua.cn
摸瓜V2引擎
https://at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf)
摸瓜V2引擎
https://service.dcloud.net.cn/uniapp/feedback.html
摸瓜V2引擎
http://www.apache.org/licenses/LICENSE-2.0
摸瓜V2引擎
https://github.com/ecomfe/zrender/blob/master/LICENSE.txt
摸瓜V2引擎

Email Clues

Phone Clues

Code Decompile

AndroidManifest View
Java Source View -- Download

Signature Certificate

No information

Leaked Information

"dcloud_common_user_refuse_api" : "the user denies access to the API"
"dcloud_io_without_authorization" : "not authorized"
"dcloud_oauth_authentication_failed" : "failed to obtain authorization to log in to the authentication service"
"dcloud_oauth_empower_failed" : "the Authentication Service operation to obtain authorized logon failed"
"dcloud_oauth_logout_tips" : "not logged in or logged out"
"dcloud_oauth_oauth_not_empower" : "oAuth authorization has not been obtained"
"dcloud_oauth_token_failed" : "failed to get token"
"dcloud_permissions_reauthorization" : "reauthorize"
"dcloud_common_user_refuse_api" : "用户拒绝该API访问"
"dcloud_io_without_authorization" : "没有获得授权"
"dcloud_oauth_authentication_failed" : "获取授权登录认证服务操作失败"
"dcloud_oauth_empower_failed" : "获取授权登录认证服务操作失败"
"dcloud_oauth_logout_tips" : "未登录或登录已注销"
"dcloud_oauth_oauth_not_empower" : "尚未获取oauth授权"
"dcloud_oauth_token_failed" : "获取token失败"
"dcloud_permissions_reauthorization" : "重新授权"

Shells Analysis

Plugins Analysis

Dangerous Actions

Permissions Is Dangerous Category Information
android.permission.INTERNET Normal 互联网接入 允许应用程序创建网络套接字
android.permission.REQUEST_INSTALL_PACKAGES Dangerous 允许应用程序请求安装包。 恶意应用程序可以利用它来尝试诱骗用户安装其他恶意软件包。
android.permission.READ_MEDIA_IMAGES unknown unknown
android.permission.READ_MEDIA_VIDEO unknown unknown
android.permission.CAMERA Dangerous 拍照和录像 允许应用程序用相机拍照和录像。这允许应用程序收集相机随时看到的图像
android.permission.CHANGE_NETWORK_STATE Normal 更改网络连接 允许应用程序更改网络连接状态。
android.permission.MOUNT_UNMOUNT_FILESYSTEMS Dangerous 装载和卸载文件系统 允许应用程序为可移动存储安装和卸载文件系统
android.permission.VIBRATE Normal 可控震源 允许应用程序控制振动器
android.permission.READ_LOGS Dangerous 读取敏感日志数据 允许应用程序从系统读小号各种日志文件。这使它能够发现有关您使用手机做什么的一般信息,可能包括个人或私人信息
android.permission.ACCESS_WIFI_STATE Normal 查看Wi-Fi状态 允许应用程序查看有关 Wi-Fi 状态的信息
android.permission.ACCESS_NETWORK_STATE Normal 查看网络状态 允许应用程序查看所有网络的状态
android.permission.GET_ACCOUNTS Dangerous 列出帐户 允许访问账户服务中的账户列表
android.permission.CHANGE_WIFI_STATE Normal 更改Wi-Fi状态 允许应用程序连接和断开 Wi-Fi 接入点,并对配置的 Wi-Fi 网络进行更改
android.permission.WAKE_LOCK Normal 防止手机睡眠 允许应用程序防止手机进入睡眠状态
android.permission.FLASHLIGHT Normal 控制手电筒 允许应用程序控制手电筒
android.permission.WRITE_SETTINGS Dangerous 修改全局系统设置 允许应用程序修改系统设定数据。恶意应用可能会损坏你的系统的配置。
android.permission.WRITE_EXTERNAL_STORAGE Dangerous 读取/修改/删除外部存储内容 允许应用程序写入外部存储
android.permission.READ_EXTERNAL_STORAGE Dangerous 读取外部存储器内容 允许应用程序从外部存储读取
android.permission.READ_MEDIA_VISUAL_USER_SELECTED unknown unknown
com.huawei.android.launcher.permission.CHANGE_BADGE Normal 在应用程序上显示通知计数 在华为手机的应用程序启动图标上显示通知计数或徽章。
com.vivo.notification.permission.BADGE_ICON unknown unknown
com.asus.msa.SupplementaryDID.ACCESS unknown unknown
freemme.permission.msa unknown unknown