000559ec6b8c343da04516aefaaffcab2b16567965b15ac43135b4010dfdbdda.json

{
  "sha256": "000559ec6b8c343da04516aefaaffcab2b16567965b15ac43135b4010dfdbdda",
  "droidbox": {
    "dexclass": [
      {
        "path": "/data/app/com.yr.sx-1.apk",
        "pid": 844,
        "time": 0.248648,
        "processname": "com.yr.sx",
        "tid": 1073870640
      },
      {
        "path": "/data/app/com.yr.sx-1.apk",
        "pid": 883,
        "time": 9.639985,
        "processname": "com.snowfish.a.a.bg",
        "tid": 1073870640
      },
      {
        "path": ".",
        "pid": 899,
        "time": 55.838325,
        "processname": "zygote",
        "tid": 1073870640
      }
    ],
    "recvnet": [
      {
        "data": "HTTP/1.1 403 Forbidden\r\nServer: nginx\r\nDate: Mon, 01 Feb 2016 05:52:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 564\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body bgcolor=\"white\">\r\n<center><",
        "tid": 704926992,
        "time": 9.903549,
        "processname": "com.yr.sx",
        "srcport": 80,
        "pid": 844,
        "srchost": "count.lingte.cc"
      },
      {
        "data": "HTTP/1.1 200 OK\r\nServer: Tengine\r\nDate: Mon, 01 Feb 2016 05:52:42 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 143\r\nConnection: close\r\nDPOOL_HEADER: tyr106\r\nSINA-LB:aGEuMTIxLmcyLnlmLmxiLnNpbmFub2RlLmNvbQ==\r\nSINA-TS:OWJmMjk2Y2UgMCAwIDAgNCAwCg==\r\n\r\n{\"ret\":1,\"start\":-1,\"end\":-1,\"country\":\"\\u8377\\u5170\",\"province\":\"Noord-Holland\",\"city\":\"Amsterdam\",\"district\":\"\",\"isp\":\"\",\"type\":\"\",\"desc\":\"\"}",
        "tid": 704926992,
        "time": 7.436009,
        "processname": "com.yr.sx",
        "srcport": 80,
        "pid": 844,
        "srchost": "int.dpool.sina.com.cn"
      }
    ],
    "phonecalls": [],
    "fileswritten": [
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<long name=\"start_time\" value=\"1426266937670\" />\n<int name=\"update_enabled\" value=\"0\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.713412,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/upay_pay.xml"
      },
      {
        "data": "eb00000037010000000000000000000000000000c7000000230000002b010000a600000000000000000000004100000016000000bb0000000600000029000000ef000000000000000000000000000000000000001d000000000000000a010000b4000000fe0000008c000000740000005800000094000000b80000006700000000000000030100000000000092000000000000009b0000000000000000000000000000000000000070000000d300000080000000ff00000031000000e300000000000000c200000030000000c900000081000000ec000000f600000000000000cb0000005f01000008010000c1000000000000000000000022000000ce000000d9000000520000000000000015010000d7000000530100003e0000000000000014010000000000000000000073010000000000000b010000750000003101000046000000cc000000a8000000970000003c00000021000000000000001e00000000000000e200000000000000000000004401000000000000a3000000380100008501000095010000000000006d01000084010000b70000004d0100003301000077000000de0000001301000000000000710100006b0100009e0000005400000030010000000000005c000000120100003c01000087000000000000008a010000720100003d010000a0000000e8000000920100000d0100003f01000023010000",
        "tid": 1073870640,
        "time": 10.746386,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<boolean name=\"exceptionanalysisflag\" value=\"true\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.524162,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/__Baidu_Stat_SDK_SendRem.xml"
      },
      {
        "data": "1c8088e2049080e2050000ea033084e0080055e10460c3e5041184e50861c4e5a0ffff0aff0051e30130a0e10160f5e501108112f4ffff1a0c3194e5102194e503a1c4e50900a0e133ff2fe1242194e50110a0e3012082e00030a0e3242184e5e9ffffea745e9fe5041190e505508fe00a8085e200a0a0e3049080e2050000ea033084e0080055e10460c3e5041184e50861c4e51f06000aff0051e30130a0e10160d5e401108112f4ffff1a0c3194e5102194e503a1c4e50900a0e133ff2fe1242194e50110a0e3012082e00030a0e3242184e5e9ffffea041e9fe518a08de2042097e501108fe00a00a0e186c3ffeb0a00a0e17ec3ffeb007050e26cffff0a0050a0e3041194e50580a0e1049084e2060000ea015085e2033084e0070055e10460c3e5041184e50861c4e560ffff0aff0051e30130a0e10560dae701108112f3ffff1a0c3194e5102194e50381c4e50900a0e133ff2fe1242194e50110a0e3012082e00030a0e3242184e5e8ffffea041190e50450d7e5ff0051e301308112b107000a011084e00450c1e5043184e50851c4e546ffffea041091e56e0900eb0400a0e1081097e56b0900eb40ffffea083091e5002093e5330052e33fffff1a082093e5002092e5340052e33bffff1a041093e5e90d00eb0400a0e1041097e5650900eb083097e50400a0e1083093e5041093e5e10d00ebe81c9fe50400a0e1",
        "tid": 1073870640,
        "time": 21.582,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "4cff000034ff000034ff000018482de90400a0e30cb08de228409fe53d0400eb24309fe504408fe0033094e7083083e2003080e514309fe5031094e710309fe5032094e7b0fcffeb14ff0000dcffffffe0ffffffe4ffffff30482de90050a0e10cb08de20c00a0e32a0400eb0510a0e10040a0e1590200eb1c109fe50400a0e118209fe501109fe702209fe79efcffeb0400a0e1680400eb2af8ffeb9cfe00009cfe00001c309fe510402de903308fe00040a0e1083083e2003080e580f9ffeb0400a0e11080bde84cf8000010402de90040a0e1f2ffffeb0400a0e113f8ffeb0400a0e11080bde8040090e51eff2fe1041090e578209fe510402de902209fe70040a0e16c309fe50c0041e208d04de2020050e103308fe0083083e2003084e50400001a0400a0e165f9ffeb0400a0e108d08de21080bde8041041e20030e0e35ff07ff59f2f91e103c082e09c2f81e1000032e3faffff1a03204ce05ff07ff5000052e3eeffffca04108de2fdf0ffebebffffea18fd0000fcf7000010402de90040a0e1d9ffffeb0400a0e1e7f7ffeb0400a0e11080bde838402de90040a0e138309fe503308fe0083083e2043080e462f5ffeb0400a0e13880bde80050a0e10400a0e10140a0e13df9ffeb010074e30000000adbf7ffeb0500a0e1f90400eb6cf70000040090e51eff2fe1040090e51eff2fe1041090e578209fe510402de9",
        "tid": 1073870640,
        "time": 18.158458,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "756d655f6f725f52657468726f77005f556e77696e645f436f6d706c657465005f556e77696e645f44656c657465457863657074696f6e005f5f676e755f556e77696e645f4261636b7472616365005f5f726573746f72655f636f72655f72656773005f5f5f556e77696e645f5261697365457863657074696f6e005f556e77696e645f5261697365457863657074696f6e005f5f5f556e77696e645f526573756d65005f556e77696e645f526573756d65005f5f5f556e77696e645f526573756d655f6f725f52657468726f77005f556e77696e645f526573756d655f6f725f52657468726f77005f5f5f556e77696e645f466f72636564556e77696e64005f556e77696e645f466f72636564556e77696e64005f5f5f556e77696e645f4261636b7472616365005f556e77696e645f4261636b7472616365005f5f676e755f756e77696e645f6672616d65005f556e77696e645f476574526567696f6e5374617274005f556e77696e645f4765744c616e6775616765537065636966696344617461005f556e77696e645f4765744461746152656c42617365005f556e77696e645f4765745465787452656c42617365006d656d6d6f7665006d656d636d70006d656d636872005f5f6378615f626567696e5f6361746368005f5f6378615f656e645f6361746368005f5f6378615f656e645f636c65616e7570005f5a64",
        "tid": 1073870640,
        "time": 9.103979,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "7f454c4601010100000000000000000003002800010000000000000034000000600102000000000534002000070028001700160006000000340000003400000034000000e0000000e000000004000000040000000100000000000000000000000000000084e8010084e8010005000000001000000100000028ed010028fd010028fd0100e81200003562000006000000001000000200000014fd0100140d0200140d0200f8000000f8000000060000000400000051e574640000000000000000000000000000000000000000060000000000000001000070f0a90100f0a90100f0a90100980d0000980d0000040000000400000052e5746428ed010028fd010028fd0100d8120000d812000006000000080000000000000000000000000000000000000001000000000000000000000012000000100000000000000000000000120000001d00000048b3000000000000120007002a00000024b4000020000000120007003a000000d5700000c000000012000700480000000000000000000000120000004f00000000000000000000001200000054000000000000000000000012000000590000000000000000000000120000006000000088b701004200000011000a0065000000f4bc000008000000120007007c000000957100001c0000001200070085000000b1710000ec00000012000700930000000000000000000000",
        "tid": 1073870640,
        "time": 7.120721,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<string name=\"setchannelwithcodevalue\">sxmn_FE300769</string>\n<boolean name=\"exceptionanalysisflag\" value=\"true\" />\n<boolean name=\"setchannelwithcode\" value=\"true\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.613878,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/__Baidu_Stat_SDK_SendRem.xml"
      },
      {
        "data": "120007006c1a0000a8f700001c00000012000700801a0000c4f600001800000012000700941a000034e401000d00000011000a00a51a0000100402000800000011000d00b61a000044e401001200000011000a00cc1a0000300402000c00000011000d00e21a0000f0e301002000000011000a00061b000010e401002400000011000a002e1b0000400c02002c00000011000d00541b0000880802002c00000011000d007d1b0000400601002000000012000700901b0000000000000000000012000000a31b0000000000000000000012000000b71b0000000000000000000012000000cb1b0000000000000000000012000000de1b0000300201001c00000012000700f01b0000cc0101003800000012000700131c00000c1002000400000011001100391c00002002010010000000120007005d1c0000081002000400000011001100841c00004c0201002c000000120007009d1c0000780201002c00000012000700b71c00003c220100e400000012000700cc1c0000b0030100b400000012000700da1c0000640401002800000012000700071d0000280802002000000011000d00331d00008c0401001c00000012000700601d00006404010028000000120007008d1d000084e501002800000011000a00b91d0000480802000c00000011000d00e51d0000900402001000000021000d00ee1d00006008020024000000",
        "tid": 1073870640,
        "time": 7.824106,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<string name=\"setchannelwithcodevalue\">sxmn_FE300769</string>\n<boolean name=\"exceptionanalysisflag\" value=\"true\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.58049,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/__Baidu_Stat_SDK_SendRem.xml"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<string name=\"province\">Noord-Holland</string>\n<string name=\"channel\">sxmn_FE300769</string>\n<boolean name=\"first\" value=\"false\" />\n<string name=\"mac\">357242043237</string>\n</map>\n",
        "tid": 704926992,
        "time": 7.835795,
        "processname": "com.yr.sx",
        "dataleak": [
          "TAINT_IMEI"
        ],
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/settings.xml"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<long name=\"prefetchTime\" value=\"1426266935215\" />\n<string name=\"startTime\">1426266935129</string>\n<string name=\"startTimeString\">2015-03-13 18:15:35</string>\n<string name=\"appId\">0632ca88c540d9fed56002796c721030</string>\n<string name=\"channelCode\">200000</string>\n<long name=\"serviceStartTime\" value=\"1426266937255\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.257822,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/wiipay.xml"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<string name=\"startTime\">1426266935129</string>\n<string name=\"channelCode\">200000</string>\n<string name=\"startTimeString\">2015-03-13 18:15:35</string>\n<string name=\"appId\">0632ca88c540d9fed56002796c721030</string>\n</map>\n",
        "tid": 1073870640,
        "time": 4.164149,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/wiipay.xml"
      },
      {
        "data": "21000d00cd200000b0e401000400000021000a00d5200000300702000800000021000d00db200000200702001000000021000d00e2200000ace401000300000021000a00e9200000a8e401000200000021000a00ef200000380702001000000021000d00f7200000a4e401000400000021000a00ff200000580702000800000021000d0005210000480702001000000021000d000c210000a0e401000300000021000a00132100009ce401000200000021000a0019210000600702001000000021000d002221000094e401000500000021000a002b210000800702000800000021000d0032210000700702001000000021000d003a21000090e401000400000021000a00422100008ce401000300000021000a0049210000880702001000000021000d005221000084e401000500000021000a005b210000a80702000800000021000d0062210000980702001000000021000d006a21000080e401000400000021000a00722100007ce401000300000021000a0079210000b00702001000000021000d008121000078e401000400000021000a0089210000d00702000800000021000d008f210000c00702001000000021000d009621000074e401000300000021000a009d21000070e401000200000021000a00a3210000d80702001000000021000d00ab2100006ce401000400000021000a00b3210000f807020008000000",
        "tid": 1073870640,
        "time": 8.24033,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "12000700c81400001cc100006c00000012000700dc14000088c100002000000012000700fb140000a8c1000004000000120007000c150000acc10000200000001200070024150000ccc10000c0000000120007003b1500008cc2000014000000120007004f15000080c3000024000000120007006815000080c3000024000000120007007f150000a4c30000240000001200070090150000a4c3000024000000120007009f150000c8c300002400000012000700bb150000c8c300002400000012000700d5150000ecc300002400000012000700ec150000ecc3000024000000120007000116000010c4000024000000120007001516000010c4000024000000120007002716000020c8000040000000120007003a16000060c800002c00000012000700511600008cc80000380000001200070071160000c4c80000080000001200070088160000ccc8000008000000120007009f160000000000000000000012000000a7160000000000000000000012000000ae160000000000000000000012000000b5160000fcf40000d800000012000700c7160000d4f50000d800000012000700d716000048f100000000000012000700e91600003cf100000c00000012000700f1160000b8f30000ac0000001200070003170000acf400004800000012000700141700003c0402000800000011000d003c1700001008020010000000",
        "tid": 1073870640,
        "time": 7.59403,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<long name=\"start_time\" value=\"1426266937670\" />\n</map>\n",
        "tid": 1073870640,
        "time": 6.679712,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/upay_pay.xml"
      },
      {
        "data": "726f72005f5f676e755f6378783a3a5f5f636f6e63757272656e63655f756e6c6f636b5f6572726f720000007465726d696e6174652063616c6c6564207265637572736976656c790a0000007465726d696e6174652063616c6c6564206166746572207468726f77696e6720616e20696e7374616e6365206f66202700000000270a00007465726d696e6174652063616c6c656420776974686f757420616e2061637469766520657863657074696f6e0a00000020207768617428293a2020005f474c4f42414c5f0000000028616e6f6e796d6f7573206e616d6573706163652900000073740000636c00006474000070740000737472696e67206c69746572616c0000737464003a3a00004a417272617900005b5d0000767461626c6520666f72200056545420666f722000000000636f6e737472756374696f6e20767461626c6520666f7220000000002d696e2d0000000074797065696e666f20666f722000000074797065696e666f206e616d6520666f7220000074797065696e666f20666e20666f7220000000006e6f6e2d7669727475616c207468756e6b20746f200000007669727475616c207468756e6b20746f20000000636f76617269616e742072657475726e207468756e6b20746f2000006a61766120436c61737320666f7220006775617264207661726961626c6520666f7220007265666572656e63",
        "tid": 1073870640,
        "time": 26.693277,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "300c23f01246632cc6630156602dbec676ecc65e1cc23924cd663b711d4aa106eaa119ee43673c8ee11883c978174bf005bec54eecc7219c8679976d4031944205d4434b3c889e7812cf610ca6622eb2b0093fe30f9cc245a4bc9764f2e15a944479a4a229daa0037a630846e055bc8559588835d884edd88b833881cbc8f57e9229881b5016b57017ee41570cc04b9882d9988f2c6cc4cf388833489ac338b80915510fadd00eddd00783f112c6230373b0189f6203b66317fec0319c47e48324530025702b2aa03aeaa3051e4657f4c5403c8757f11666e13d6cc4519cc4795c463097638c16688d7678045d9186c7310043311ce3310d0bb104cbb0129f630dbec78ff8057fe014cee33292e7b19f911f85511c25510615510db5d0140fa1179ec6308cc4688cc344646026e660013ec627f8123fe1226e9e9f649ae03e74c1a3e88bfe781acfe20dccc4427c8c35f816dbf11376e37ff80347700a177005291f72cda0008aa0044aa20c2aa22a52510f8dd10cadd0160fe06174460ff4423f0cc0100cc748bc82b1988074bc8dd9f8000bb014ebf135bec5f7f819bb7118c7710aff20be807b24ae4749dc82db5113edf008baa1179ec4603c8797301ae33013ef62013ec632acc467588db5d8815fb007ffc3ef3881cbc8bb907b0c4aa32a1aa0295aa13dbaa33f9ec3ab781d53f00e3ec0c7f81cabb10e7f22f923b607",
        "tid": 1073870640,
        "time": 36.111775,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": ""
      },
      {
        "data": "840302001700000090030200170000009403020017000000a003020017000000a403020017000000b003020017000000b403020017000000d003020017000000e003020017000000e403020017000000f003020017000000f4030200170000000004020017000000040402001700000008040200170000000c04020017000000100402001700000014040200170000001c040200170000002004020017000000240402001700000028040200170000003004020017000000340402001700000038040200170000003c0402001700000040040200170000004c04020017000000500402001700000054040200170000005804020017000000640402001700000068040200170000006c0402001700000070040200170000007c04020017000000800402001700000084040200170000008804020017000000900402001700000094040200170000009c04020017000000a004020017000000a404020017000000ac04020017000000b004020017000000b404020017000000b804020017000000bc04020017000000c404020017000000c804020017000000cc04020017000000d404020017000000d804020017000000dc04020017000000e004020017000000e404020017000000ec04020017000000f004020017000000f404020017000000fc04020017000000000502001700000004050200170000000805020017000000",
        "tid": 1073870640,
        "time": 11.10542,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      },
      {
        "data": "504b03040a0000080000556cb946000000000000000000000000090004004d4554412d494e462ffeca0000504b03040a0000080800546cb94671c4bf185900000067000000140000004d4554412d494e462f4d414e49464553542e4d46f34dcccb4c4b2d2ed10d4b2d2acecccfb35230d433e0e572cc4312712c484cce4855008a01252df48c79b99c8b52134b5253749d2aadc04206f14606ba4946660a1afe4589c939a90acef94505f945892540fd9abc5cbc5c00504b03040a00000808005c67b946a947769e040000000200000008000000434f4d502e56455233330500504b03040a0000080800556cb946dd4b393cd3940100cc7f03000b000000636c61737365732e646578849d077c54c5fbf567b62421045842111030092df4000141414251ba52420d202288460809127a176901044540400cbd187a557a952e22bd97d0420dbd26ff333367930bbfecfbe2e7eb79669ee93377eebdbb93a453e73ebe21152a8a492f0f17b99cebded2dabb827f2b5f72e7d17a4bdb84ba3aad5c7760b05d440b21fab408f517fc971371e3bc848edf2b85989b4f88e7d03d8142b4b00bd1b38a10dde12f1c2ec45da4993112694fdb44db7942e4df6d1305411028028a8332a002a8063e014d4004f80a4483be601018057e066bc001700c5c0249e019b0ff6d1359415ef01e0802a54008f8007c0cea82d5e02fb01dec05ff80",
        "tid": 1073870640,
        "time": 14.683769,
        "processname": "com.snowfish.a.a.bg",
        "pid": 883,
        "name": "/data/data/com.yr.sx/app_Sonnenblume/res.apk.u"
      },
      {
        "data": "<?xml version='1.0' encoding='utf-8' standalone='yes' ?>\n<map>\n<long name=\"prefetchTime\" value=\"1426266935215\" />\n<string name=\"startTime\">1426266935129</string>\n<string name=\"startTimeString\">2015-03-13 18:15:35</string>\n<string name=\"appId\">0632ca88c540d9fed56002796c721030</string>\n<string name=\"channelCode\">200000</string>\n</map>\n",
        "tid": 1073870640,
        "time": 4.21748,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/shared_prefs/wiipay.xml"
      },
      {
        "data": "00c090e510402de90040a0e10cc01ce50c0051e10600008a0cc061e00030a0e302005ce10c20a03176feffeb0400a0e11080bde804009fe500008fe0e90b00ebe8fd0000f0472de90070a0e1004090e508d04de20180a0e10260a0e10350a0e10cc014e50c0051e14e00008afc2f0fe3ff2f43e302206ce0020053e14600008a040056e10500003a0cc084e00c0056e10200008a042014e5000052e3070000da0700a0e10810a0e10020a0e30630a0e100508de5affeffeb08d08de2f087bde80020a0e3064064e04efeffeb002097e5041082e008a082e0053081e003005ae11700002a0a0051e10d00002a0a9061e0010059e31d00000a0a00a0e10920a0e178e4ffeb052069e009008ae0010052e305108ae01100000a72e4ffeb0700a0e1e4ffffea010055e31300000a0a00a0e10310a0e10520a0e16ae4ffeb0700a0e1dcffffea010055e30f00000a0a00a0e10520a0e163e4ffeb0700a0e1d5ffffea0530dae70700a0e10930cae7d1ffffea0430d2e70830c2e7e1ffffea0530d1e70700a0e10830c2e7caffffea0430d2e70700a0e10830c2e7c6ffffea10009fe500008fe0710b00eb08009fe500008fe08c0b00eb68fc00005cfc000070402de90050a0e10200a0e10240a0e10160a0e147e4ffeb0610a0e10420a0e10030a0e10500a0e17040bde895ffffea002092e510402de90c4012e508c09de5040053e1",
        "tid": 1073870640,
        "time": 16.279993,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/data/com.yr.sx/app_zhifulibs/libunicompurcore.so"
      }
    ],
    "dns": [
      {
        "hostname": "sdk.wiipay.cn",
        "ip": "122.144.133.237"
      },
      {
        "hostname": "int.dpool.sina.com.cn",
        "ip": "180.149.136.219"
      },
      {
        "hostname": "count.lingte.cc",
        "ip": "122.226.102.99"
      },
      {
        "hostname": "sdk.wiipay.cn",
        "ip": "122.144.133.236"
      },
      {
        "hostname": "sdk.wiipay.cn",
        "ip": "122.144.133.230"
      },
      {
        "hostname": "sdk.wiipay.cn",
        "ip": "122.144.133.235"
      }
    ],
    "cryptousage": [],
    "filesread": [
      {
        "data": "MemTotal:         604776 kB\nMemFree:          346396 kB\nBuffers:               0 kB\nCached:           135068 kB\nSwapCached:            0 kB\nActive:           139148 kB\nInactive:         100736 kB\nActive(anon):     108480 kB\nInactive(anon):        0 kB\nActive(file):      30668 kB\nInactive(file):   100736 kB\nUnevictable:           0 kB\nMlocked:               0 kB\nSwapTotal:             0 kB\nSwapFree:              0 kB\nDirty:                 0 kB\nWriteback:             0 kB\nAnonPages:        104832 kB\nMapped:            48880 kB\nSlab:               6144 kB\nSReclaimable:       1628 kB\nSUnreclaim:         4516 kB\nPageTables:         5236 kB\nNFS_Unstable:          0 kB\nBounce:                0 kB\nWritebackTmp:          0 kB\nCommitLimit:      302388 kB\nCommitted_AS:    2483568 kB\nVmallocTotal:     360448 kB\nVmallocUsed:       27704 kB\nVmallocChunk:     322564 kB\n",
        "tid": 1073870640,
        "time": 6.304294,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/proc/meminfo"
      },
      {
        "data": "3\n",
        "tid": 1073870640,
        "time": 3.943645,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/sys/devices/virtual/net/sit0/ifindex"
      },
      {
        "data": "00000000000000000000000000000001 01 80 10 80       lo\nfe80000000000000505400fffe123456 02 40 20 80     eth0\n",
        "tid": 1073870640,
        "time": 3.80907,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/proc/844/net/if_inet6"
      },
      {
        "data": "504b050600000000bf00bf00743c000086c81d000000504b01021400140008080800c923c246449abc8d961700001f4100001400000000000000000000000000000000004d4554412d494e462f4d414e49464553542e4d46504b01021400140008080800c923c246f2c9b2f009180000984100000f00000000000000000000000000d81700004d4554412d494e462f5a5a572e5346504b01021400140008080800c923c246dc03d90711040000ee04000010000000000000000000000000001e3000004d4554412d494e462f5a5a572e525341504b01020a000a00000800002188c1461e2febb8de960100de9601001a000000000000000000000000006d3400006173736574732f536f6e6e656e626c756d652f7265732e62696e504b01020a000a00000800002188c14650063a9868000000680000002e0000000000000000000000000083cb01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f6c6f63616c2e64617461504b01020a000a00000800002188c146055407213b0000003b000000310000000000000000000000000037cc01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f736e6f77666973682e64617461504b010214001400080808002188c146853aa0b676e90000f80402002f00000000000000000000000000",
        "tid": 1073870640,
        "time": 4.403092,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "1\n",
        "tid": 1073870640,
        "time": 3.782817,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/sys/devices/virtual/net/lo/ifindex"
      },
      {
        "data": "0000e1aaa0f0e4dc20ec8390231933ce08b9e83ac0777db21290be1e5393bef0ac680219c3972647ccb4084e106665cdfe92b6a13242faeb4956821c61f3bbc22d1260c9558266ce8cf79f5a1a5513ec2d434c487ba758934d5e3a21d16be5d7fcee6e6a9fffe4dc2029",
        "tid": 1073870640,
        "time": 6.17438,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "504b050600000000bf00bf00743c000086c81d000000504b01021400140008080800c923c246449abc8d961700001f4100001400000000000000000000000000000000004d4554412d494e462f4d414e49464553542e4d46504b01021400140008080800c923c246f2c9b2f009180000984100000f00000000000000000000000000d81700004d4554412d494e462f5a5a572e5346504b01021400140008080800c923c246dc03d90711040000ee04000010000000000000000000000000001e3000004d4554412d494e462f5a5a572e525341504b01020a000a00000800002188c1461e2febb8de960100de9601001a000000000000000000000000006d3400006173736574732f536f6e6e656e626c756d652f7265732e62696e504b01020a000a00000800002188c14650063a9868000000680000002e0000000000000000000000000083cb01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f6c6f63616c2e64617461504b01020a000a00000800002188c146055407213b0000003b000000310000000000000000000000000037cc01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f736e6f77666973682e64617461504b010214001400080808002188c146853aa0b676e90000f80402002f00000000000000000000000000",
        "tid": 1073870640,
        "time": 1.943264,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "504b050600000000bf00bf00743c000086c81d000000504b01021400140008080800c923c246449abc8d961700001f4100001400000000000000000000000000000000004d4554412d494e462f4d414e49464553542e4d46504b01021400140008080800c923c246f2c9b2f009180000984100000f00000000000000000000000000d81700004d4554412d494e462f5a5a572e5346504b01021400140008080800c923c246dc03d90711040000ee04000010000000000000000000000000001e3000004d4554412d494e462f5a5a572e525341504b01020a000a00000800002188c1461e2febb8de960100de9601001a000000000000000000000000006d3400006173736574732f536f6e6e656e626c756d652f7265732e62696e504b01020a000a00000800002188c14650063a9868000000680000002e0000000000000000000000000083cb01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f6c6f63616c2e64617461504b01020a000a00000800002188c146055407213b0000003b000000310000000000000000000000000037cc01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f736e6f77666973682e64617461504b010214001400080808002188c146853aa0b676e90000f80402002f00000000000000000000000000",
        "tid": 1073870640,
        "time": 0.32742,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "2\n",
        "tid": 1073870640,
        "time": 3.888529,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/sys/devices/platform/smc91x.0/net/eth0/ifindex"
      },
      {
        "data": "504b03040a0000080000556cb946000000000000000000000000090004004d4554412d494e462ffeca0000504b03040a0000080800546cb94671c4bf185900000067000000140000004d4554412d494e462f4d414e49464553542e4d46f34dcccb4c4b2d2ed10d4b2d2acecccfb35230d433e0e572cc4312712c484cce4855008a01252df48c79b99c8b52134b5253749d2aadc04206f14606ba4946660a1afe4589c939a90acef94505f945892540fd9abc5cbc5c00504b03040a00000808005c67b946a947769e040000000200000008000000434f4d502e56455233330500504b03040a0000080800556cb946dd4b393cd3940100cc7f03000b000000636c61737365732e646578849d077c54c5fbf567b62421045842111030092df4000141414251ba52420d202288460809127a176901044540400cbd187a557a952e22bd97d0420dbd26ff333367930bbfecfbe2e7eb79669ee93377eebdbb93a453e73ebe21152a8a492f0f17b99cebded2dabb827f2b5f72e7d17a4bdb84ba3aad5c7760b05d440b21fab408f517fc971371e3bc848edf2b85989b4f88e7d03d8142b4b00bd1b38a10dde12f1c2ec45da4993112694fdb44db7942e4df6d1305411028028a8332a002a8063e014d4004f80a4483be601018057e066bc001700c5c0249e019b0ff6d1359415ef01e0802a54008f8007c0cea82d5e02fb01dec05ff80",
        "tid": 706381048,
        "time": 14.510812,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "5f73656c6563746f722e786d6c504b01021400140008080800d388c146468b404f6d010000a00300002500000000000000000000000000b74305007265732f6472617761626c652f70617965636f5f706c7567696e5f706f705f62672e786d6c504b01021400140008080800d388c146ef8cc105d4010000500400002a00000000000000000000000000774505007265732f6472617761626c652f70617965636f5f706c7567696e5f70726f67726573736261722e786d6c504b01021400140008080800d388c146a709279504010000940200002f00000000000000000000000000a34705007265732f6472617761626c652f70617965636f5f706c7567696e5f726164696f62745f73656c6563746f722e786d6c504b01021400140008080800d388c146478c743fc0000000b40100002800000000000000000000000000044905007265732f6472617761626c652f70617965636f5f706c7567696e5f736f6c6964677261792e786d6c504b01021400140008080800d388c1464459c276c1000000b40100002a000000000000000000000000001a4a05007265732f6472617761626c652f70617965636f5f706c7567696e5f736f6c696479656c6c6f772e786d6c504b01020a000a0000080000d388c14698b83828dc020000dc0200002b00000000000000000000000000334b05007265732f6472617761626c652f7061",
        "tid": 1073870640,
        "time": 4.883032,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "00000000000000000000000000000001 01 80 10 80       lo\nfe80000000000000505400fffe123456 02 40 20 80     eth0\n",
        "tid": 1073870640,
        "time": 3.983439,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/proc/844/net/if_inet6"
      },
      {
        "data": "504b050600000000bf00bf00743c000086c81d000000504b01021400140008080800c923c246449abc8d961700001f4100001400000000000000000000000000000000004d4554412d494e462f4d414e49464553542e4d46504b01021400140008080800c923c246f2c9b2f009180000984100000f00000000000000000000000000d81700004d4554412d494e462f5a5a572e5346504b01021400140008080800c923c246dc03d90711040000ee04000010000000000000000000000000001e3000004d4554412d494e462f5a5a572e525341504b01020a000a00000800002188c1461e2febb8de960100de9601001a000000000000000000000000006d3400006173736574732f536f6e6e656e626c756d652f7265732e62696e504b01020a000a00000800002188c14650063a9868000000680000002e0000000000000000000000000083cb01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f6c6f63616c2e64617461504b01020a000a00000800002188c146055407213b0000003b000000310000000000000000000000000037cc01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f736e6f77666973682e64617461504b010214001400080808002188c146853aa0b676e90000f80402002f00000000000000000000000000",
        "tid": 1073870640,
        "time": 9.662931,
        "processname": "com.snowfish.a.a.bg",
        "pid": 883,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "040000000200000008000000434f4d502e56455233330500504b03040a0000080800556cb946dd4b393cd3940100cc7f03000b000000636c61737365732e646578849d077c54c5fbf567b62421045842111030092df4000141414251ba52420d202288460809127a176901044540400cbd187a557a952e22bd97d0420dbd26ff333367930bbfecfbe2e7eb79669ee93377eebdbb93a453e73ebe21152a8a492f0f17b99cebded2dabb827f2b5f72e7d17a4bdb84ba3aad5c7760b05d440b21fab408f517fc971371e3bc848edf2b85989b4f88e7d03d8142b4b00bd1b38a10dde12f1c2ec45da4993112694fdb44db7942e4df6d1305411028028a8332a002a8063e014d4004f80a4483be601018057e066bc001700c5c0249e019b0ff6d1359415ef01e0802a54008f8007c0cea82d5e02fb01dec05ff80e3e02cb80292c07df002c83d36e10dfc803fc80782407110022a81aaa026a8073e05cd417bd0197c0b62405f3018fc00c680716002980cfe0659f6da443bd005c480fe601018014683b5e032c8b9cf261a802e6034f8036c06dbc02eb00ffc038e8133e002480437c07df01ce4dd8fb682e9e004c879c026de018120045407e1200e6c07ff0179d0264a8232a03ce80162c15030128c0793c16f602eb802ae819be03e78085e0079c8267c4036901b140001a0082803de0761a016a8031a8356e00b10097a824160",
        "tid": 706381048,
        "time": 19.848515,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "504b050600000000bf00bf00743c000086c81d000000504b01021400140008080800c923c246449abc8d961700001f4100001400000000000000000000000000000000004d4554412d494e462f4d414e49464553542e4d46504b01021400140008080800c923c246f2c9b2f009180000984100000f00000000000000000000000000d81700004d4554412d494e462f5a5a572e5346504b01021400140008080800c923c246dc03d90711040000ee04000010000000000000000000000000001e3000004d4554412d494e462f5a5a572e525341504b01020a000a00000800002188c1461e2febb8de960100de9601001a000000000000000000000000006d3400006173736574732f536f6e6e656e626c756d652f7265732e62696e504b01020a000a00000800002188c14650063a9868000000680000002e0000000000000000000000000083cb01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f6c6f63616c2e64617461504b01020a000a00000800002188c146055407213b0000003b000000310000000000000000000000000037cc01006173736574732f536f6e6e656e626c756d652f7a795f636f6d6d6f6e5f636f6e6669675f736e6f77666973682e64617461504b010214001400080808002188c146853aa0b676e90000f80402002f00000000000000000000000000",
        "tid": 1073870640,
        "time": 12.138221,
        "processname": "com.snowfish.a.a.bg",
        "pid": 883,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "504b03040a0000080000556cb946000000000000000000000000090004004d4554412d494e462ffeca0000504b03040a0000080800546cb94671c4bf185900000067000000140000004d4554412d494e462f4d414e49464553542e4d46f34dcccb4c4b2d2ed10d4b2d2acecccfb35230d433e0e572cc4312712c484cce4855008a01252df48c79b99c8b52134b5253749d2aadc04206f14606ba4946660a1afe4589c939a90acef94505f945892540fd9abc5cbc5c00504b03040a00000808005c67b946a947769e040000000200000008000000434f4d502e56455233330500504b03040a0000080800556cb946dd4b393cd3940100cc7f03000b000000636c61737365732e646578849d077c54c5fbf567b62421045842111030092df4000141414251ba52420d202288460809127a176901044540400cbd187a557a952e22bd97d0420dbd26ff333367930bbfecfbe2e7eb79669ee93377eebdbb93a453e73ebe21152a8a492f0f17b99cebded2dabb827f2b5f72e7d17a4bdb84ba3aad5c7760b05d440b21fab408f517fc971371e3bc848edf2b85989b4f88e7d03d8142b4b00bd1b38a10dde12f1c2ec45da4993112694fdb44db7942e4df6d1305411028028a8332a002a8063e014d4004f80a4483be601018057e066bc001700c5c0249e019b0ff6d1359415ef01e0802a54008f8007c0cea82d5e02fb01dec05ff80",
        "tid": 1073870640,
        "time": 14.591793,
        "processname": "com.snowfish.a.a.bg",
        "pid": 883,
        "name": "/data/app/com.yr.sx-1.apk"
      },
      {
        "data": "00000000000000000000000000000001 01 80 10 80       lo\nfe80000000000000505400fffe123456 02 40 20 80     eth0\n",
        "tid": 1073870640,
        "time": 3.904113,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/proc/844/net/if_inet6"
      },
      {
        "data": "0ffc038e8133e002480437c07df01ce4dd8fb682e9e004c879c026de018120045407e1200e6c07ff0179d0264a8232a03ce80162c15030128c0793c16f602eb802ae819be03e78085e0079c8267c4036901b140001a0082803de0761a016a8031a8356e00b10097a824160149800a68115200914fd07f3007e02674122b80d0000",
        "tid": 706381048,
        "time": 17.526469,
        "processname": "com.yr.sx",
        "pid": 844,
        "name": "/data/app/com.yr.sx-1.apk"
      }
    ],
    "sendsms": [],
    "servicestart": [
      {
        "time": 4.308524,
        "name": "com.bx.pay.WpaySmsService",
        "pid": 844,
        "processname": "com.yr.sx",
        "tid": 1073870640
      }
    ],
    "sendnet": [
      {
        "destport": 80,
        "data": "GET /IsInterface.php?ri=sxmn_FE300769&op=install&mac=357242043237&vs=95&tm=1426266937554&key=423bffbe94c7b758d22a66b1526eabea&dq={\"ret\":1,\"start\":-1,\"end\":-1,\"country\":\"\\u8377\\u5170\",\"province\":\"Noord-Holland\",\"city\":\"Amsterdam\",\"district\":\"\",\"isp\":\"\",\"type\":\"\",\"desc\":\"\"}&sc=320.0*480.0&os=4.1.1&jrs=Android&ss=1&sd=0 HTTP/1.1\r\naccept: */*\r\nconnection: Keep-Alive\r\nuser-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)\r\nHost: count.lingte.cc\r\nAccept-Encoding: gzip\r\n\r\n",
        "tid": 704926992,
        "time": 9.374126,
        "processname": "com.yr.sx",
        "dataleak": [
          "TAINT_IMEI"
        ],
        "pid": 844,
        "desthost": "count.lingte.cc"
      },
      {
        "destport": 80,
        "data": "GET /iplookup/iplookup.php?format=json HTTP/1.1\r\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.1.1; SAMSUNG GT-I9100 Build/JRO03R)\r\nHost: int.dpool.sina.com.cn\r\nConnection: Keep-Alive\r\nAccept-Encoding: gzip\r\n\r\n",
        "tid": 704926992,
        "time": 7.003617,
        "processname": "com.yr.sx",
        "pid": 844,
        "desthost": "int.dpool.sina.com.cn"
      }
    ],
    "libraries": [
      {
        "time": 55.253488,
        "name": "libjavacore.so",
        "pid": 899,
        "tid": 1073870640
      },
      {
        "time": 55.440572,
        "name": "libnativehelper.so",
        "pid": 899,
        "tid": 1073870640
      }
    ]
  },
  "cuckoo": {
    "target": {
      "file": {
        "md5": "6ccd0d782d954cec41a67389e5ffb181",
        "sha512": "a01c3397fd4af04f9f7ea596f07fd9963fc36f618fbfc53445de2e5a512a81b007d5e932571829f6cfbedecfd4f46da5db7ee0d2208eef5709ac0b74228305d3",
        "sha256": "000559ec6b8c343da04516aefaaffcab2b16567965b15ac43135b4010dfdbdda",
        "ssdeep": "49152:S76JbKuFG7MvRPtYcbrObnO3/xY2i9q9Dtts:1JdFG70LbV/xLi9q9Dtts",
        "crc32": "19D595A2",
        "sha1": "a88cb9e898a3464024d3df1940623cf10a3fab00",
        "size": 1967376
      },
      "category": "file"
    },
    "network": {
      "irc": [],
      "domains": [
        {
          "domain": "sdk.wiipay.cn",
          "ip": "122.144.133.237"
        },
        {
          "domain": "int.dpool.sina.com.cn",
          "ip": "180.149.136.219"
        },
        {
          "domain": "count.lingte.cc",
          "ip": "122.226.102.99"
        }
      ],
      "dns": [
        {
          "answers": [],
          "request": "sdk.wiipay.cn",
          "type": "A"
        },
        {
          "answers": [
            {
              "type": "A",
              "data": "122.144.133.237"
            },
            {
              "type": "A",
              "data": "122.144.133.236"
            },
            {
              "type": "A",
              "data": "122.144.133.230"
            },
            {
              "type": "A",
              "data": "122.144.133.235"
            }
          ],
          "request": "sdk.wiipay.cn",
          "type": "A"
        },
        {
          "answers": [],
          "request": "int.dpool.sina.com.cn",
          "type": "A"
        },
        {
          "answers": [
            {
              "type": "A",
              "data": "180.149.136.219"
            }
          ],
          "request": "int.dpool.sina.com.cn",
          "type": "A"
        },
        {
          "answers": [],
          "request": "count.lingte.cc",
          "type": "A"
        },
        {
          "answers": [
            {
              "type": "A",
              "data": "122.226.102.99"
            }
          ],
          "request": "count.lingte.cc",
          "type": "A"
        }
      ],
      "hosts": [
        "122.144.133.237",
        "180.149.136.219",
        "122.226.102.99",
        "122.144.133.236",
        "122.144.133.230",
        "122.144.133.235"
      ],
      "smtp": [],
      "http": [
        {
          "port": 80,
          "body": "",
          "uri": "http://int.dpool.sina.com.cn/iplookup/iplookup.php?format=json",
          "user-agent": "Dalvik/1.6.0 (Linux; U; Android 4.1.1; SAMSUNG GT-I9100 Build/JRO03R)",
          "method": "GET",
          "host": "int.dpool.sina.com.cn",
          "version": "1.1",
          "path": "/iplookup/iplookup.php?format=json",
          "data": "GET /iplookup/iplookup.php?format=json HTTP/1.1\r\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.1.1; SAMSUNG GT-I9100 Build/JRO03R)\r\nHost: int.dpool.sina.com.cn\r\nConnection: Keep-Alive\r\nAccept-Encoding: gzip\r\n\r\n"
        },
        {
          "port": 80,
          "body": "",
          "uri": "http://count.lingte.cc/IsInterface.php?ri=sxmn_FE300769&op=install&mac=357242043237&vs=95&tm=1426266937554&key=423bffbe94c7b758d22a66b1526eabea&dq={\"ret\":1,\"start\":-1,\"end\":-1,\"country\":\"\\u8377\\u5170\",\"province\":\"Noord-Holland\",\"city\":\"Amsterdam\",\"district\":\"\",\"isp\":\"\",\"type\":\"\",\"desc\":\"\"}&sc=320.0*480.0&os=4.1.1&jrs=Android&ss=1&sd=0",
          "user-agent": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)",
          "method": "GET",
          "host": "count.lingte.cc",
          "version": "1.1",
          "path": "/IsInterface.php?ri=sxmn_FE300769&op=install&mac=357242043237&vs=95&tm=1426266937554&key=423bffbe94c7b758d22a66b1526eabea&dq={\"ret\":1,\"start\":-1,\"end\":-1,\"country\":\"\\u8377\\u5170\",\"province\":\"Noord-Holland\",\"city\":\"Amsterdam\",\"district\":\"\",\"isp\":\"\",\"type\":\"\",\"desc\":\"\"}&sc=320.0*480.0&os=4.1.1&jrs=Android&ss=1&sd=0",
          "data": "GET /IsInterface.php?ri=sxmn_FE300769&op=install&mac=357242043237&vs=95&tm=1426266937554&key=423bffbe94c7b758d22a66b1526eabea&dq={\"ret\":1,\"start\":-1,\"end\":-1,\"country\":\"\\u8377\\u5170\",\"province\":\"Noord-Holland\",\"city\":\"Amsterdam\",\"district\":\"\",\"isp\":\"\",\"type\":\"\",\"desc\":\"\"}&sc=320.0*480.0&os=4.1.1&jrs=Android&ss=1&sd=0 HTTP/1.1\r\naccept: */*\r\nconnection: Keep-Alive\r\nuser-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)\r\nHost: count.lingte.cc\r\nAccept-Encoding: gzip\r\n\r\n"
        }
      ]
    }
  },
  "androguard": {
    "urls": [
      "http://111.13.91.31:12000/feecenter/api/create_order",
      "http://&domain/function/ping.jsp",
      "http://121.52.218.66:8011/request_v2.php?",
      "http://int.dpool.sina.com.cn/iplookup/iplookup.php?format=json",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTDetial&id=",
      "http://$ip:10789/cmcc/g/online/s2sAutoChargeSMS?taskId=$taskId&pid=$pid&version=$version",
      "http://117.135.131.209:808/baidurdo/noti_url.php",
      "http://count.lingte.cc/IsInterface.php",
      "http://$queryurl/$sid",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTListAll",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTListUp&typeid=",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTUpdate&terminalType=android&version=",
      "http://link.yida558.com/update.php?ri=",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTFeedback&execType=update&body=",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTList&typeid=",
      "http://121.52.218.66:8008/request_v2.php",
      "http://$ip/normandie/first?cpparam=$cpparam&imei=$imei&imsi=$imsi&ctid=$ctid&cpid=$cpid",
      "http://$ip/cmcc/mm/single/chargeSMS?pid=$pid&imei=$imei&imsi=$imsi&chargeId=$chargeId&payId=$payId&version=$version&channelId=$channelId",
      "http://api.upay360.cn/api/",
      "http://mobads.baidu.com/ads/pa/",
      "http://link.kssgx.com/kb416.php?ri=",
      "http://117.135.131.209:808/xiyuerdo/noti_url.php",
      "http://down.upay360.cn/stat?pid=",
      "http://down.upay360.cn/stat?",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTType",
      "http://tipsdk.baidu.com",
      "http://wap.cocospay.com/order/add/001081",
      "http://$ip/cmcc/mm/online/s2sSubscribeX",
      "http://api.upay360.cn/function/client_notify.jsp?cmd_key=$cmd_key&trade_id=$trade_id&mobile=$mobile&price=$price&result=$result&error=$error",
      "http://111.13.47.76:81/open_gate/web_game_fee.php",
      "http://ospd.mmarket.com/mmwlan/applySecCertForAPPThird",
      "http://118.26.235.115:8080/rdo/services/rdo/shortNotify?channel=$channel&feeCode=$feeCode&schannel=$schannel",
      "http://$ip/cmcc/g/single/s2sChargeSMS?pid=$pid&imsi=$imsi&imei=$imei&regist=0&version=$version&payId=$payId&chargeId=$chargeId&contentId=$contentId&channelId=$channelId",
      "http://sdk.wiipay.cn",
      "http://cdn.upay360.cn/pack.dat",
      "http://wap.cmread.com",
      "http://111.13.47.76:81/open_gate/web_game_callback.php",
      "http://imgsx.lingte.cc:8080/MTProject/vidio?action=getVidio&sourceURL=",
      "http://api.upay360.cn/function/modem_pool/log.jsp",
      "http://sms2.upay360.com/geturl.php",
      "http://121.52.218.66:8012/request_v2.php",
      "http://121.52.218.66:8009/alipayto_v2.php",
      "http://xxx",
      "http://121.52.218.66:8009/alipayto_v2.php?",
      "http://fee.aiyuedu.cn:22000/feecenter/api/ver_confirm",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTListSerch&title=",
      "http://tz.hdys5.com/zhuanti/20130410/?sxmn",
      "http://ospd.mmarket.com/trusted4",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTVodList",
      "http://$ip/normandie/last?flag=$flag&id=$id",
      "http://cdn.upay360.cn/upay_properties.json",
      "http://$loginurl/$sid",
      "http://$ip/cmcc/g/online/s2sAutoRegist?imei=$imei&imsi=$imsi&chargeId=$chargeId&pid=$pid&channelId=$channelId&userToken=$userToken&payId=$payId&version=$version",
      "http://$ip/cmcc/mm/online/s2sAuthX",
      "http://121.52.218.66:8011/request_v2.php",
      "http://hmma.baidu.com/app.gif",
      "http://imgsx.lingte.cc:8080/MTProject/MTContr?action=MTVodListUp&id=",
      "http://pr.sppro.info:8887/sp?a=1",
      "http://221.179.131.90/0903?http://111.13.47.76:81/open_gate/web_game_fee.php",
      "http://m.kgame.com.cn/index.html",
      "http://$ip/cmcc/mm/online/s2sLoginX",
      "http://fee.aiyuedu.cn:22000/feecenter/api/create_order",
      "http://notify.java.jpxx.org/index.jsp"
    ],
    "functionalities": {
      "imsi": [
        {
          "method": "<init>",
          "class": "Lcom/upay/billing/UpayContext;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;"
        },
        {
          "method": "getUser",
          "class": "Lcom/upay/billing/utils/Util;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;"
        },
        {
          "method": "onSuccess",
          "class": "Lcom/upay/billing/utils/m;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;"
        }
      ],
      "runbinary": [
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/service/Service_BindApp;",
          "code": "invoke-static Ljava/lang/Runtime;->getRuntime()Ljava/lang/Runtime;"
        },
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/service/Service_BindApp;",
          "code": "invoke-virtual v2, v3, Ljava/lang/Runtime;->exec(Ljava/lang/String;)Ljava/lang/Process;"
        },
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/common/e;",
          "code": "invoke-static Ljava/lang/Runtime;->getRuntime()Ljava/lang/Runtime;"
        }
      ],
      "iccid": [
        {
          "method": "<init>",
          "class": "Lcom/upay/billing/UpayContext;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSimSerialNumber()Ljava/lang/String;"
        },
        {
          "method": "getUser",
          "class": "Lcom/upay/billing/utils/Util;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSimSerialNumber()Ljava/lang/String;"
        },
        {
          "method": "onSuccess",
          "class": "Lcom/upay/billing/utils/m;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getSimSerialNumber()Ljava/lang/String;"
        }
      ],
      "socket": [
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/a;",
          "code": "invoke-virtual v0, Ljava/net/URL;->openConnection()Ljava/net/URLConnection;"
        },
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/common/b;",
          "code": "invoke-virtual v0, Ljava/net/URL;->openConnection()Ljava/net/URLConnection;"
        },
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/common/e;",
          "code": "invoke-virtual v0, Ljava/net/URL;->openConnection()Ljava/net/URLConnection;"
        }
      ],
      "mcc": [
        {
          "method": "getOperator",
          "class": "Lcom/baidu/mobstat/CooperService;",
          "code": "invoke-virtual v2, Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;"
        },
        {
          "method": "a",
          "class": "Lcom/bx/pay/a/d;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;"
        },
        {
          "method": "a",
          "class": "Lcom/bx/pay/a/d;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;"
        }
      ],
      "SMS": [
        {
          "method": "onSuccess",
          "class": "Lcom/upay/billing/utils/m;",
          "code": "invoke-virtual/range v0 ... v5, Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V"
        },
        {
          "method": "a",
          "class": "Lcom/bx/pay/a;",
          "code": "invoke-virtual/range v0 ... v5, Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V"
        }
      ],
      "crypto": [
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/common/c;",
          "code": "invoke-virtual v0, Ljava/security/MessageDigest;->digest()[B"
        },
        {
          "method": "md5",
          "class": "Lcom/upay/billing/utils/Util;",
          "code": "invoke-virtual v0, Ljava/security/MessageDigest;->digest()[B"
        },
        {
          "method": "getMd5",
          "class": "Lcom/upay/billing/engine/dm_ddo/Main;",
          "code": "invoke-virtual v0, Ljava/security/MessageDigest;->digest()[B"
        }
      ],
      "ssl": [
        {
          "method": "<clinit>",
          "class": "Lcom/a/a/b/d/d;",
          "code": "const-string v2, 'https'"
        },
        {
          "method": "a",
          "class": "Lcom/bx/pay/netx/core/c/b;",
          "code": "const-string v0, 'https'"
        },
        {
          "method": "b",
          "class": "Lcom/bx/pay/utils/n;",
          "code": "const-string v0, 'https://'"
        }
      ],
      "phonenumber": [
        {
          "method": "a",
          "class": "Lcom/bx/pay/a/d;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getLine1Number()Ljava/lang/String;"
        }
      ],
      "dynamicbroadcastreceiver": [
        {
          "method": "windowAttached",
          "class": "Landroid/support/v4/media/TransportMediatorJellybeanMR2;",
          "code": "invoke-virtual v0, v1, v2, Landroid/content/Context;->registerReceiver(Landroid/content/BroadcastReceiver; Landroid/content/IntentFilter;)Landroid/content/Intent;"
        },
        {
          "method": "windowDetached",
          "class": "Landroid/support/v4/media/TransportMediatorJellybeanMR2;",
          "code": "invoke-virtual v0, v1, Landroid/content/Context;->unregisterReceiver(Landroid/content/BroadcastReceiver;)V"
        },
        {
          "method": "onCreate",
          "class": "Lcom/upay/billing/UpayActivity;",
          "code": "invoke-virtual v6, v0, v2, Lcom/upay/billing/UpayActivity;->registerReceiver(Landroid/content/BroadcastReceiver; Landroid/content/IntentFilter;)Landroid/content/Intent;"
        }
      ],
      "imei": [
        {
          "method": "a",
          "class": "Lcom/yongrun/app/sxmn/common/e;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;"
        },
        {
          "method": "<init>",
          "class": "Lcom/upay/billing/UpayContext;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;"
        },
        {
          "method": "getUser",
          "class": "Lcom/upay/billing/utils/Util;",
          "code": "invoke-virtual v0, Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;"
        }
      ]
    },
    "cordova": null,
    "permissions": [
      "android.permission.CHANGE_NETWORK_STATE",
      "android.permission.WRITE_APN_SETTINGS",
      "android.permission.ACCESS_COARSE_LOCATION",
      "android.permission.INTERNET",
      "android.permission.CHANGE_CONFIGURATION",
      "android.permission.ACCESS_FINE_LOCATION",
      "android.permission.SEND_SMS",
      "com.android.launcher.permission.INSTALL_SHORTCUT",
      "android.permission.WRITE_SMS",
      "android.permission.ACCESS_NETWORK_STATE",
      "android.permission.GET_TASKS",
      "android.permission.WRITE_SECURE_SETTINGS",
      "android.permission.WRITE_EXTERNAL_STORAGE",
      "android.permission.READ_EXTERNAL_STORAGE",
      "android.permission.RECEIVE_BOOT_COMPLETED",
      "android.permission.INSTALL_PACKAGES",
      "android.permission.WRITE_SETTINGS",
      "android.permission.READ_PHONE_STATE",
      "android.permission.READ_SMS",
      "android.permission.VIBRATE",
      "android.permission.SYSTEM_ALERT_WINDOW",
      "android.permission.ACCESS_WIFI_STATE",
      "android.permission.RECEIVE_MMS",
      "android.permission.WAKE_LOCK",
      "android.permission.CHANGE_WIFI_STATE",
      "android.permission.RECEIVE_SMS",
      "android.permission.MODIFY_PHONE_STATE",
      "android.permission.MOUNT_UNMOUNT_FILESYSTEMS",
      "android.permission.RESTART_PACKAGES"
    ],
    "services": [
      "com.yongrun.app.sxmn.service.Service_SaveBrief2DB",
      "com.yongrun.app.sxmn.service.Service_Update",
      "com.upay.billing.sdk.LocalService",
      "com.snowfish.a.a.s.ABGSvc",
      "com.bx.pay.WpaySmsService",
      "com.yongrun.app.sxmn.service.Service_BindApp",
      "com.zhifu.service.AppService"
    ],
    "displayed_version": "1.0",
    "dexes": {
      "classes": {
        "sha256": "2c38502ba29bd52f5e15e0ac20f0a1c870775f7dcbd54361020d87c52c774536",
        "ssdeep": "24576:QCsNXE4ruHhqXKXwFz+yoADYqUm7Iph+qPfhzogRq4CRJ:kr36XwFWUUm7IXRgL"
      }
    },
    "min_sdk_version": 9,
    "certificate": {
      "not_before": "Jun 1 00:34:02 2015 GMT",
      "serial": "03CA364E",
      "subjectDN": "/C=y/ST=y/L=y/O=y/OU=y/CN=y",
      "issuerDN": "/C=y/ST=y/L=y/O=y/OU=y/CN=y",
      "not_after": "Mar 4 00:34:02 2070 GMT",
      "sha1": "C09595E79B0368AE78AF5DDFADB51DD228BBBE27"
    },
    "max_sdk_version": null,
    "filters": [
      "android.intent.action.ACTION_SHUTDOWN",
      "android.intent.action.PACKAGE_ADDED",
      "android.intent.action.MEDIA_MOUNTED",
      "android.net.wifi.STATE_CHANGE",
      "android.intent.action.MEDIA_EJECT",
      "android.net.wifi.WIFI_STATE_CHANGED",
      "android.intent.action.SERVICE_STATE",
      "android.bluetooth.adapter.action.STATE_CHANGED",
      "android.provider.Telephony.SMS_DELIVER",
      "android.provider.Telephony.SMS_RECEIVED",
      "android.provider.Telephony.SMS_RECEIVED2",
      "com.zhifu.action.TASK",
      "android.net.conn.CONNECTIVITY_CHANGE",
      "android.intent.action.SIM_STATE_CHANGED",
      "android.intent.action.BOOT_COMPLETED",
      "LOCATION_SERVICE",
      "android.intent.action.ANY_DATA_STATE",
      "android.intent.action.MAIN",
      "com.zhifu.action.SMS_SEND",
      "android.intent.action.USER_PRESENT"
    ],
    "new_permissions": [],
    "providers": [],
    "package_name": "com.yr.sx",
    "app_name": "成人快播",
    "version_code": "95",
    "libraries": [],
    "target_sdk_version": 19,
    "api_key": {
      "com::snowfish::sdk::version": "1",
      "com::snowfish::appid": "{DEB07441-7F3C6194}"
    },
    "activities": [
      "com.yongrun.app.sxmn.ui.Activity_Detail",
      "com.payeco.android.plugin.PayecoRiskControlActivity",
      "com.yongrun.app.sxmn.ui.Activity_Classify",
      "com.yongrun.app.sxmn.ui.Activity_BootImg",
      "com.payeco.android.plugin.PayecoWebViewActivity",
      "com.upay.billing.engine.alipay.AlipayActivity",
      "com.upay.billing.UpayActivity",
      "com.payeco.android.plugin.PayecoPluginLoadingActivity",
      "com.yongrun.app.sxmn.ui.Activity_Boot",
      "com.yongrun.app.sxmn.ui.Activity_Main",
      "com.example.sdktest.MainActivity",
      "com.yongrun.app.sxmn.ui.Activity_Deal",
      "com.yongrun.app.sxmn.ui.Activity_Player",
      "com.upay.billing.engine.tenpay.TenpayActivity",
      "com.yongrun.app.sxmn.ui.Activity_Setting",
      "com.payeco.android.plugin.PayecoPayResultActivity",
      "com.yongrun.app.sxmn.ui.Activity_Collect",
      "com.yongrun.app.sxmn.ui.Activity_Suggest",
      "com.payeco.android.plugin.PayecoOrderDetailActivity",
      "com.yongrun.app.sxmn.ui.Activity_Search",
      "com.snowfish.cn.ganga.offline.helper.SFGameSplashActivity",
      "com.snowfish.a.a.s.PA",
      "com.yongrun.app.sxmn.ui.Activity_About"
    ],
    "main_activity": "com.snowfish.cn.ganga.offline.helper.SFGameSplashActivity",
    "receivers": [
      "com.bx.pay.SmsListener",
      "com.snowfish.a.a.s.ABFlt",
      "com.zhifu.receiver.AppReceiver",
      "com.yongrun.app.sxmn.broadcastreceiver.AppAddReceiver"
    ],
    "signature_name": "META-INF/ZZW.RSA"
  },
  "status": "analyzed"
}