com.stqq8w5y.jvkxanag5o.apk

86.66 MB

Analyzed: 2026-05-22 07:14 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
59/100
Threat scan flagged
Privacy Permissions & network
51/100
High-risk permissions HTTP URLs found
55/100
Caution
Overall trust

Facts

Threat scan 4/75 flagged, 0 suspicious
Permissions 51 requested
Network strings 55 URLs (8 HTTP, 47 HTTPS)
Target SDK Unknown
Certificate Valid until 2053-09-22 (27 years, suspicious)

Warnings

Threat scan flagged: 4/75 scanners marked this file as malicious.
Found 8 HTTP URL strings (unencrypted).
High-risk permissions detected: android.permission.REQUEST_INSTALL_PACKAGES, android.permission.SYSTEM_ALERT_WINDOW, android.permission.RECEIVE_BOOT_COMPLETED
Requests 51 permissions (review carefully).

Analysis Coverage

This report is partial. Some core metadata could not be extracted.
version
Package Name com.baidu.location.f
Version Code
Version Name
Debuggable No
Allow Backup No
Min SDK Unknown
Target SDK Unknown
Supported ABIs
arm64-v8a armeabi-v7a x86 x86_64

Certificate & Signer

Valid From 2026-05-07 01:30:17
Valid To 2053-09-22 01:30:17
Serial Number c73258c280eab85f
Thumbprint 27fc62df49ff187df98f9f40d94cbec99465e806
Issuer: C FT
Issuer: CN TaIDJGPmJfNs
Issuer: DN C:FT, CN:TaIDJGPmJfNs, L:81KgaY81AR, O:7SiIIuPxyr8l, ST:GZmOtjfyQH, OU:jyMBbdLAy7mN
Issuer: L 81KgaY81AR
Issuer: O 7SiIIuPxyr8l
Issuer: OU jyMBbdLAy7mN
Issuer: ST GZmOtjfyQH
Subject: C FT
Subject: CN TaIDJGPmJfNs
Subject: DN C:FT, CN:TaIDJGPmJfNs, L:81KgaY81AR, O:7SiIIuPxyr8l, ST:GZmOtjfyQH, OU:jyMBbdLAy7mN
Subject: L 81KgaY81AR
Subject: O 7SiIIuPxyr8l
Subject: OU jyMBbdLAy7mN
Subject: ST GZmOtjfyQH

Security Scan

4 /75
⚠️ Threats Detected
Detected by 4 vendors: AhnLab-V3 (Trojan/Android.PornAgent.1230155), BitDefenderFalx (Android.Riskware.Agent.aDMPA), Ikarus (Trojan.AndroidOS.Boomslang)
Scanned by 75 security vendors
Last scan: 2026-05-22 07:14 UTC
Malicious
4
Suspicious
0
Harmless
0
Undetected
59
Timeout
0
Failure
2

Scan Providers

75 vendors
ALYac undetected
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.780
AVG undetected
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 malicious
Trojan/Android.PornAgent.1230155
Engine 3.30.0.10666
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast undetected
No result reported
Engine 23.9.8494.0
Avast-Mobile undetected
No result reported
Engine 260521-00
Avira undetected
No result reported
Engine 8.3.3.24
BitDefender undetected
No result reported
Engine 7.2
BitDefenderFalx malicious
Android.Riskware.Agent.aDMPA
Engine 2.0.936
Bkav failure
No result reported
Engine 8.2.40(8338)
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX confirmed-timeout
No result reported
Engine 2024.8.29.1
ClamAV undetected
No result reported
Engine 1.5.2.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet undetected
No result reported
Engine 4.0.3.4
DeepInstinct type-unsupported
No result reported
Engine 5.0.0.8
DrWeb undetected
No result reported
Engine 7.0.75.2070
ESET-NOD32 undetected
No result reported
Engine 18.2.18.0
Elastic failure
No result reported
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure undetected
No result reported
Engine 18.10.1547.307
Fortinet undetected
No result reported
Engine 7.0.48.0
GData undetected
No result reported
Engine GD:27.44632AVA:64.31285
Google undetected
No result reported
Engine 1779426084
Gridinsoft undetected
No result reported
Engine 1.0.245.174
Ikarus malicious
Trojan.AndroidOS.Boomslang
Engine 6.4.16.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 14.53.59581
K7GW undetected
No result reported
Engine 14.53.59580
Kaspersky malicious
not-a-virus:HEUR:RiskTool.AndroidOS.Fakapp.ak
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.235
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14532
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26040.8
NANO-Antivirus undetected
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne type-unsupported
No result reported
Engine 7.6.2.19
Skyhigh undetected
No result reported
Engine v2021.2.0+4045
Sophos undetected
No result reported
Engine 3.5.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight type-unsupported
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-05-22.02
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.12.0
TrellixENS undetected
No result reported
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook undetected
No result reported
Engine 1.0
VBA32 undetected
No result reported
Engine 5.6.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1212
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38668
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5606
ZoneAlarm undetected
No result reported
Engine 6.25-116106941
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine 4d5a467:4d5a467:beb3574:beb3574
tehtris type-unsupported
No result reported

File Signatures

SHA-256 936cbf96b5c71d5ad835bb0c7bb658655402a74315b82bce386dfcee85ca9ee0
MD5 bfcac92cfd8603402a45d29ab835f80c
SHA-1 29709d37fdf0b5e5689bef9491cacd51898bd694
SSDEEP 1572864:VfxS/6xEGhhGZ8lDMamYzRqQT1uEFXkfHfKbWFLG3T+vHJTd6Lc7anV:VfxI6LPGZ8pRNdTAg0fXWToHJTALc7KV
TLSH T12018338FF788BA2AC87E31B2598A543722495D30DB02D347681CB72D39B79E4CB467C5
VHASH ff9969bc4e9c3d3d1b633c549027eecc

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v2.0 to extract, compression method=store File signature result from magic bytes inspection.
Magika APK File type predicted by Magika (ML-based file type detection).
TrID SPSS Extension (35.2%), Android Package (31.7%), Java Archive (15.8%), Sweet Home 3D Design (generic) (12.3%), ZIP compressed archive (4.7%) TrID file type guesses with probabilities.
dhash 0000001c1c050000 Perceptual hash used to compare visual similarity of files.
raw md5 874268134b61247171f58f386b13a86e Raw MD5 hash of the file contents.
extensions png (534), xml (285), kotlin_metadata (99), properties (16), version (15), so (10), json (7), webp (7), txt (5), kotlin_module (4), mp3 (4), dex (2), jpg (2), kotlin_builtins (2), ttf (2), attheme (1), beta-face-android (1), face-android (1), gif (1), gz (1), lst (1) File extensions found inside the APK and how many of each.
file types PNG (534), XML (285), unknown (155), JSON (7), MP3 (4), JPG (2), GIF (1) Detected embedded file types and their counts.
highest datetime 1981-01-01 01:01:02 UTC Latest timestamp found among files inside the archive.
lowest datetime 1981-01-01 01:01:02 UTC Earliest timestamp found among files inside the archive.
num children 2572 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 82 MB Estimated total size of all files after extraction.

Deep Manifest Analysis

Native Libraries (5)

libDingRtc libDingRtc.so
libclientcore libclientcore.so
libemulator_check libemulator_check.so
libproperty_get libproperty_get.so
libtmessages.31 libtmessages.31.so

Requested Permissions (51)

access approximate location only in the foreground This app can get your approximate location from location services while the app is in use. Location services for your device must be turned on for the app to get location. android.permission.ACCESS_COARSE_LOCATION
access precise location only in the foreground This app can get your precise location from location services while the app is in use. Location services for your device must be turned on for the app to get location. This may increase battery usage. android.permission.ACCESS_FINE_LOCATION
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_NOTIFICATION_POLICY Custom app or vendor permission (not publicly documented). android.permission.ACCESS_NOTIFICATION_POLICY
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
Authenticate Accounts android.permission.AUTHENTICATE_ACCOUNTS
android.permission.BIND_CHOOSER_TARGET_SERVICE Custom app or vendor permission (not publicly documented). android.permission.BIND_CHOOSER_TARGET_SERVICE
android.permission.BIND_JOB_SERVICE Custom app or vendor permission (not publicly documented). android.permission.BIND_JOB_SERVICE
android.permission.BIND_SCREENING_SERVICE Custom app or vendor permission (not publicly documented). android.permission.BIND_SCREENING_SERVICE
android.permission.BIND_TELECOM_CONNECTION_SERVICE Custom app or vendor permission (not publicly documented). android.permission.BIND_TELECOM_CONNECTION_SERVICE
pair with Bluetooth devices Allows the app to view the configuration of Bluetooth on the tablet, and to make and accept connections with paired devices. android.permission.BLUETOOTH
android.permission.BROADCAST_PACKAGE_ADDED Custom app or vendor permission (not publicly documented). android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED Custom app or vendor permission (not publicly documented). android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL Custom app or vendor permission (not publicly documented). android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED Custom app or vendor permission (not publicly documented). android.permission.BROADCAST_PACKAGE_REPLACED
send sticky broadcast Allows the app to send sticky broadcasts, which remain after the broadcast ends. Excessive use may make the tablet slow or unstable by causing it to use too much memory. android.permission.BROADCAST_STICKY
directly call phone numbers Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Note that this doesn\'t allow the app to call emergency numbers. Malicious apps may cost you money by making calls without your confirmation, or dial carrier codes which cause incoming calls to be automatically forwarded to another number. android.permission.CALL_PHONE
take pictures and videos This app can take pictures and record videos using the camera while the app is in use. android.permission.CAMERA
change network connectivity Allows the app to change the state of network connectivity. android.permission.CHANGE_NETWORK_STATE
connect and disconnect from Wi-Fi Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to device configuration for Wi-Fi networks. android.permission.CHANGE_WIFI_STATE
Flashlight android.permission.FLASHLIGHT
Foreground service Allows the app to run a foreground service. android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK Custom app or vendor permission (not publicly documented). android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK
android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION Custom app or vendor permission (not publicly documented). android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION
retrieve running apps Allows the app to retrieve information about currently and recently running tasks. This may allow the app to discover information about which applications are used on the device. android.permission.GET_TASKS
Install Packages android.permission.INSTALL_PACKAGES
android.permission.INSTALL_SHORTCUT Custom app or vendor permission (not publicly documented). android.permission.INSTALL_SHORTCUT
have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
Manage Accounts android.permission.MANAGE_ACCOUNTS
android.permission.MANAGE_OWN_CALLS Custom app or vendor permission (not publicly documented). android.permission.MANAGE_OWN_CALLS
change your audio settings Allows the app to modify global audio settings such as volume and which speaker is used for output. android.permission.MODIFY_AUDIO_SETTINGS
Modify Phone State android.permission.MODIFY_PHONE_STATE
reroute outgoing calls Allows the app to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS
App badge update Allows the app to update the launcher icon badge count on Android launchers. android.permission.READ_APP_BADGE
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE
Read Logs android.permission.READ_LOGS
read phone status and identity Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call. android.permission.READ_PHONE_STATE
Read Privileged Phone State android.permission.READ_PRIVILEGED_PHONE_STATE
Read Profile android.permission.READ_PROFILE
read sync settings Allows the app to read the sync settings for an account. For example, this can determine whether the People app is synced with an account. android.permission.READ_SYNC_SETTINGS
run at startup Allows the app to have itself started as soon as the system has finished booting. This can make it take longer to start the tablet and allow the app to slow down the overall tablet by always running. android.permission.RECEIVE_BOOT_COMPLETED
record audio android.permission.RECORD_AUDIO
reorder running apps Allows the app to move tasks to the foreground and background. The app may do this without your input. android.permission.REORDER_TASKS
android.permission.REQUEST_INSTALL_PACKAGES Custom app or vendor permission (not publicly documented). android.permission.REQUEST_INSTALL_PACKAGES
This app can appear on top of other apps This app can appear on top of other apps or other parts of the screen. This may interfere with normal app usage and change the way that other apps appear. android.permission.SYSTEM_ALERT_WINDOW
android.permission.USE_FINGERPRINT Custom app or vendor permission (not publicly documented). android.permission.USE_FINGERPRINT
control vibration Allows the app to control the vibrator. android.permission.VIBRATE
keep car screen turned on Allows the app to keep the car screen turned on. android.permission.WAKE_LOCK
modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
Write Secure Settings android.permission.WRITE_SECURE_SETTINGS
toggle sync on and off Allows an app to modify the sync settings for an account. For example, this can be used to enable sync of the People app with an account. android.permission.WRITE_SYNC_SETTINGS

URL Endpoints (70)

http://192.168.1.4:20000/ http://192.200.1.242:1999/ http://game.bjz.com/ http://ip-api.com/json/ http://m.bjz.com/ http://schemas.microsoft.com/DRM/2007/03/protocols/AcquireLicense http://www.google.com http://www.shareinstall.com.cn/js-test.html?appkey=aa717156fa6e34325d3d4a7004a6647a http://www.slf4j.org/codes.html http://www.slf4j.org/codes.html#StaticLoggerBinder http://www.slf4j.org/codes.html#loggerNameMismatch http://www.slf4j.org/codes.html#multiple_bindings http://www.slf4j.org/codes.html#no_static_mdc_binder http://www.slf4j.org/codes.html#null_LF http://www.slf4j.org/codes.html#null_MDCA http://www.slf4j.org/codes.html#replay http://www.slf4j.org/codes.html#substituteLogger http://www.slf4j.org/codes.html#unsuccessfulInit http://www.slf4j.org/codes.html#version_mismatch http://xml.apache.org/xslt}indent-amount

Submission Details

Submitted At 2026-05-22
First Submission 2026-05-22
Last Submission 2026-05-22
Stored Until 2026-06-21
Names & Tags
com.stqq8w5y.jvkxanag5o.apk encrypted apk android telephony checks-gps checks-cpu-name reflection

Other Versions

__.APK com.baidu.location.f Unknown __.APK Analyzed 2026-03-16 01:41 UTC
View report