[DETECTION] Unknown protector #362

enovella · 2023-09-14T14:31:43Z

Sample

https://play.google.com/store/apps/details?id=com.einnovation.temu&hl=en&gl=US

$ apkid ~/Downloads/Temu_\ Shop\ Like\ a\ Billionaire_2.4.1_Apkpure.apk
[+] APKiD 2.1.5 :: from RedNaga :: rednaga.io
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, possible Build.SERIAL check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes2.dex
 |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check, SIM operator check, possible Build.SERIAL check, subscriber ID check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes3.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, SIM operator check, device ID check, network operator name check, possible Build.SERIAL check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes4.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, emulator file check, possible Build.SERIAL check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes5.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, SIM operator check, network operator name check, possible Build.SERIAL check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes6.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.MANUFACTURER check
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes7.dex
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!classes8.dex
 |-> compiler : r8 without marker (suspicious)
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libUserEnv.so
 |-> anti_hook : syscalls
 |-> anti_vm : emulator file check
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libcutils_meco.so
 |-> anti_vm : emulator file check
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libdyncommon.so
 |-> anti_hook : syscalls
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libsecure_lib.so
 |-> anti_hook : syscalls
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libshook.so
 |-> anti_hook : syscalls
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libwebviewchromiummeco.so
 |-> anti_hook : syscalls
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/arm64-v8a/libxmghm.so
 |-> anti_hook : syscalls
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/armeabi-v7a/libUserEnv.so
 |-> anti_vm : emulator file check
[*] ~/Downloads/Temu_ Shop Like a Billionaire_2.4.1_Apkpure.apk!lib/armeabi-v7a/libcutils_meco.so
 |-> anti_vm : emulator file check

enovella added the detection-issue Bad detection or no detection label Sep 14, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[DETECTION] Unknown protector #362

[DETECTION] Unknown protector #362

enovella commented Sep 14, 2023

[DETECTION] Unknown protector #362

[DETECTION] Unknown protector #362

Comments

enovella commented Sep 14, 2023

Sample