小海豚 icon

_____4_.apk

小海豚

17.19 MB

Analyzed: 2026-06-15 17:50 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
27/100
Threat scan flagged Outdated target SDK
Privacy Permissions & network
41/100
High-risk permissions
33/100
High Risk
Overall trust

Facts

Threat scan 13/75 flagged, 0 suspicious
Permissions 42 requested
Network strings 1 URLs (0 HTTP, 1 HTTPS)
Target SDK 28
Certificate Valid until 2027-07-18

Warnings

Threat scan flagged: 13/75 scanners marked this file as malicious.
High-risk permissions detected: android.permission.REQUEST_INSTALL_PACKAGES, android.permission.WRITE_SETTINGS
Requests 42 permissions (review carefully).
Package Name uni.htgo.pqbvycm
Version Code 2026
Version Name 3.1.16
Application Name com.frezrik.jiagu.StubApp
Debuggable No
Allow Backup No
Min SDK Android 21 (Lollipop)
Target SDK Android 28 (Pie)
Supported ABIs
arm64-v8a

Certificate & Signer

Valid From 2026-06-14 16:22:34
Valid To 2027-07-18 16:22:34
Serial Number 31fed29c6faeeebb0bad73de64bcf03d5c089f02
Thumbprint da234b00f3a8f7435830da073e80828bb191b2ab
Issuer: C GA
Issuer: CN GNLKCD
Issuer: DN C:GA, CN:GNLKCD, L:MMQWRQ32, O:5PBT9W478B, ST:L8PCFBEA, OU:RRNEVMNN, email:2WRHF@A96ULZ.com
Issuer: L MMQWRQ32
Issuer: O 5PBT9W478B
Issuer: OU RRNEVMNN
Issuer: ST L8PCFBEA
Issuer: email 2WRHF@A96ULZ.com
Subject: C GA
Subject: CN GNLKCD
Subject: DN C:GA, CN:GNLKCD, L:MMQWRQ32, O:5PBT9W478B, ST:L8PCFBEA, OU:RRNEVMNN, email:2WRHF@A96ULZ.com
Subject: L MMQWRQ32
Subject: O 5PBT9W478B
Subject: OU RRNEVMNN
Subject: ST L8PCFBEA
Subject: email 2WRHF@A96ULZ.com

Security Scan

13 /75
⚠️ Threats Detected
Detected by 13 vendors: AhnLab-V3 (Dropper/Android.Agent.1293626), Avast-Mobile (Android:Evo-gen [Trj]), Avira (ANDROID/Evo.AG1543217.Gen)
Scanned by 75 security vendors
Last scan: 2026-06-15 17:50 UTC
Malicious
13
Suspicious
0
Harmless
0
Undetected
50
Timeout
4
Failure
2

Scan Providers

75 vendors
ALYac undetected
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.788
AVG timeout
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 malicious
Dropper/Android.Agent.1293626
Engine 3.30.0.10666
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast timeout
No result reported
Engine 23.9.8494.0
Avast-Mobile malicious
Android:Evo-gen [Trj]
Engine 260615-00
Avira malicious
ANDROID/Evo.AG1543217.Gen
Engine 8.3.3.24
BitDefender undetected
No result reported
Engine 7.2
BitDefenderFalx malicious
Android.Trojan.SmsSpy.AHY
Engine 2.0.936
Bkav undetected
No result reported
Engine 8.2.40(8338)
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX undetected
No result reported
Engine 2024.8.29.1
ClamAV timeout
No result reported
Engine 1.5.2.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet malicious
Malicious (score: 99)
Engine 4.0.3.4
DeepInstinct failure
No result reported
Engine 5.0.0.8
DrWeb undetected
No result reported
Engine 7.0.75.2070
ESET-NOD32 malicious
Android/Spy.Agent.BXO trojan
Engine 18.2.18.0
Elastic undetected
No result reported
Engine 4.0.265
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure malicious
Malware.ANDROID/Evo.AG1543217.Gen
Engine 18.10.1547.307
Fortinet malicious
Android/Agent.BXO!tr.spy
Engine 7.0.48.0
GData undetected
No result reported
Engine GD:27.44922AVA:64.31424
Google malicious
Detected
Engine 1781539308
Gridinsoft undetected
No result reported
Engine 1.0.248.174
Ikarus failure
No result reported
Engine 6.5.4.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 14.58.59827
K7GW malicious
Trojan ( 005ad2161 )
Engine 14.58.59828
Kaspersky malicious
HEUR:Trojan-Spy.AndroidOS.FakeApp.be
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.238
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14833
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26050.11
NANO-Antivirus undetected
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne undetected
No result reported
Engine 7.6.3.2
Skyhigh undetected
No result reported
Engine v2021.2.0+4045
Sophos malicious
Andr/Xgen2-ARW
Engine 3.5.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight undetected
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-06-15.02
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.12.0
TrellixENS timeout
No result reported
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook undetected
No result reported
Engine 1.0
VBA32 undetected
No result reported
Engine 5.6.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1228
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38731
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5622
ZoneAlarm malicious
Andr/Xgen2-ARW
Engine 6.25-116107537
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine 94bc24a:94bc24a:c825454:c825454
tehtris type-unsupported
No result reported

File Signatures

SHA-256 2598975e3cc75643a0b1ebae2e8c57db4fccc07afd76d411e11fde95ec6990ab
MD5 fae06af3ac09df914bf65ad1f4460edd
SHA-1 f3cf1ba52bb13919ce4846ab8167c64b97f02677
SSDEEP 393216:fbzfaROr1PNowL72SJGN1/f04H5kZCznptfO78icjHCu7:DzfaUr1PlyFTgZCznpRg8icjiA
TLSH T1AB073352E799E66FE5B3463A877A435762210C5C8282F3521B55F02C0DFBEC04A9BFC9
VHASH 2588c9ffdb6256b1ee89d7f3912fb2c2
PERMHASH db2db1eb6c3c76abb099d4d06578d2735740ad7a74d711877fc95fb37aed709a

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v1.0 to extract, compression method=store File signature result from magic bytes inspection.
Magika APK, ZIP_ARCHIVE File type predicted by Magika (ML-based file type detection).
TrID Android Package (49%), Java Archive (24.5%), Sweet Home 3D Design (generic) (19%), ZIP compressed archive (7.2%) TrID file type guesses with probabilities.
dhash 0000001e1e061508 Perceptual hash used to compare visual similarity of files.
raw md5 7410e3633d9549ca0b95fbe2f7e0bfc1 Raw MD5 hash of the file contents.
extensions xml (358), png (324), version (39), so (19), js (17), kotlin_builtins (8), json (6), gif (3), dex (2), gz (2), html (2), jpg (2), ttf (2), arsc (1), AutoDiscoverable (1), bin (1), BuiltInsLoader (1), CoroutineExceptionHandler (1), css (1), ExternalOverridabilityCondition (1), MainDispatcherFactory (1), MessageBodyReader (1), MessageBodyWriter (1), MetadataExtensions (1), MF (1), ogg (1), prof (1), profm (1), properties (1), Providers (1), RSA (1), SF (1), textproto (1), txt (1) File extensions found inside the APK and how many of each.
file types XML (358), PNG (324), unknown (92), ELF (19), GIF (3), HTML (2), JPG (2), JSON (2), DEX (1), Java Bytecode (1), JavaScript (1), OGG (1) Detected embedded file types and their counts.
highest datetime 2026-06-16 00:22:52 UTC Latest timestamp found among files inside the archive.
lowest datetime 2026-06-16 00:22:48 UTC Earliest timestamp found among files inside the archive.
num children 806 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 41 MB Estimated total size of all files after extraction.

Deep Manifest Analysis

Activity Intents (1)

io.dcloud.PandoraEntry
Actions
Main Activity Action: Start as a main entry point, does not expect to android.intent.action.MAIN
View Activity Action: Display the data to the user. android.intent.action.VIEW
Categories
android.intent.category.LAUNCHER android.intent.category.DEFAULT android.intent.category.BROWSABLE

Receiver Intents (1)

Profile installer Installs performance profiles to speed up app startup and hot paths. androidx.profileinstaller.ProfileInstallReceiver
Actions
Install performance profile Installs a profile that helps optimize app performance. androidx.profileinstaller.action.INSTALL_PROFILE
Skip profile install Skips profile installation for this build. androidx.profileinstaller.action.SKIP_FILE
Save performance profile Saves a profile generated during app usage. androidx.profileinstaller.action.SAVE_PROFILE
Benchmark operation Runs a profile installer benchmark operation. androidx.profileinstaller.action.BENCHMARK_OPERATION

Native Libraries (15)

lib39285EFA lib39285EFA.so
Breakpad Crash Reporter Crash reporting library that captures diagnostic minidumps. libbreakpad-core.so
libdcblur libdcblur.so
libgifimage libgifimage.so
libimagepipeline libimagepipeline.so
liblamemp3 liblamemp3.so
libnative-filters libnative-filters.so
libnative-imagetranscoder libnative-imagetranscoder.so
libpl_droidsonroids_gif libpl_droidsonroids_gif.so
libstatic-webp libstatic-webp.so
libuts-runtime libuts-runtime.so
libweexcore libweexcore.so
libweexjsb libweexjsb.so
libweexjss libweexjss.so
libweexjst libweexjst.so

Requested Permissions (48)

modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
read phone status and identity Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call. android.permission.READ_PHONE_STATE
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_MEDIA_IMAGES Custom app or vendor permission (not publicly documented). android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_VIDEO Custom app or vendor permission (not publicly documented). android.permission.READ_MEDIA_VIDEO
android.permission.READ_MEDIA_VISUAL_USER_SELECTED Custom app or vendor permission (not publicly documented). android.permission.READ_MEDIA_VISUAL_USER_SELECTED
have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
App badge update Allows the app to update the launcher icon badge count on Huawei launchers. com.huawei.android.launcher.permission.CHANGE_BADGE
App badge update Allows the app to update the launcher icon badge count on launcher launchers. com.vivo.notification.permission.BADGE_ICON
com.asus.msa.SupplementaryDID.ACCESS
take pictures and videos This app can take pictures and record videos using the camera while the app is in use. android.permission.CAMERA
Dynamic receiver access Internal app permission used to protect dynamic broadcast receivers. uni.htgo.pqbvycm.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
Install Packages android.permission.INSTALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES Custom app or vendor permission (not publicly documented). android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES Custom app or vendor permission (not publicly documented). android.permission.REQUEST_INSTALL_PACKAGES
access approximate location only in the foreground This app can get your approximate location from location services while the app is in use. Location services for your device must be turned on for the app to get location. android.permission.ACCESS_COARSE_LOCATION
access precise location only in the foreground This app can get your precise location from location services while the app is in use. Location services for your device must be turned on for the app to get location. This may increase battery usage. android.permission.ACCESS_FINE_LOCATION
Broadcast Sms android.permission.BROADCAST_SMS
directly call phone numbers Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Note that this doesn\'t allow the app to call emergency numbers. Malicious apps may cost you money by making calls without your confirmation, or dial carrier codes which cause incoming calls to be automatically forwarded to another number. android.permission.CALL_PHONE
change network connectivity Allows the app to change the state of network connectivity. android.permission.CHANGE_NETWORK_STATE
connect and disconnect from Wi-Fi Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to device configuration for Wi-Fi networks. android.permission.CHANGE_WIFI_STATE
Flashlight android.permission.FLASHLIGHT
find accounts on the device Allows the app to get the list of accounts known by the tablet. This may include any accounts created by applications you have installed. android.permission.GET_ACCOUNTS
find accounts on the device Allows the app to get the list of accounts known by the tablet. This may include any accounts created by applications you have installed. android.permission.GET_ACCOUNTS
retrieve running apps Allows the app to retrieve information about currently and recently running tasks. This may allow the app to discover information about which applications are used on the device. android.permission.GET_TASKS
change your audio settings Allows the app to modify global audio settings such as volume and which speaker is used for output. android.permission.MODIFY_AUDIO_SETTINGS
Mount Unmount Filesystems android.permission.MOUNT_UNMOUNT_FILESYSTEMS
read your contacts Allows the app to read data about your contacts stored on your tablet. Apps will also have access to the accounts on your tablet that have created contacts. This may include accounts created by apps you have installed. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. android.permission.READ_CONTACTS
read your contacts Allows the app to read data about your contacts stored on your tablet. Apps will also have access to the accounts on your tablet that have created contacts. This may include accounts created by apps you have installed. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. android.permission.READ_CONTACTS
Read Logs android.permission.READ_LOGS
Read Profile android.permission.READ_PROFILE
read your text messages (SMS or MMS) This app can read all SMS (text) messages stored on your tablet. android.permission.READ_SMS
receive text messages (MMS) Allows the app to receive and process MMS messages. This means the app could monitor or delete messages sent to your device without showing them to you. android.permission.RECEIVE_MMS
receive text messages (SMS) Allows the app to receive and process SMS messages. This means the app could monitor or delete messages sent to your device without showing them to you. android.permission.RECEIVE_SMS
record audio android.permission.RECORD_AUDIO
send and view SMS messages Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation. android.permission.SEND_SMS
android.permission.SET_ALARM Custom app or vendor permission (not publicly documented). android.permission.SET_ALARM
control vibration Allows the app to control the vibrator. android.permission.VIBRATE
keep car screen turned on Allows the app to keep the car screen turned on. android.permission.WAKE_LOCK
modify your contacts Allows the app to modify the data about your contacts stored on your tablet. This permission allows apps to delete contact data. android.permission.WRITE_CONTACTS
modify your contacts Allows the app to modify the data about your contacts stored on your tablet. This permission allows apps to delete contact data. android.permission.WRITE_CONTACTS
modify system settings Allows the app to modify the system\'s settings data. Malicious apps may corrupt your system\'s configuration. android.permission.WRITE_SETTINGS
read call log This app can read your call history. android.permission.READ_CALL_LOG
write call log Allows the app to modify your tablet\'s call log, including data about incoming and outgoing calls. Malicious apps may use this to erase or modify your call log. android.permission.WRITE_CALL_LOG
have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE

Uses Features (2)

Camera Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera
Camera Autofocus Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera.autofocus

Activities (11)

io.dcloud.PandoraEntry
io.dcloud.PandoraEntryActivity
io.dcloud.feature.nativeObj.photoview.PhotoActivity
io.dcloud.WebAppActivity
io.dcloud.ProcessMediator
io.dcloud.WebviewActivity
com.dmcbig.mediapicker.PickerActivity
com.dmcbig.mediapicker.PreviewActivity
io.dcloud.feature.gallery.imageedit.IMGEditActivity
io.dcloud.sdk.activity.WebViewActivity
uts.sdk.modules.DCloudUniMedia.SystemPickerActivity

Services (1)

io.dcloud.sdk.base.service.DownloadService

Broadcast Receivers (2)

com.taobao.weex.WXGlobalEventReceiver com.taobao.weex.WXGlobalEventReceiver
Profile installer Installs performance profiles to speed up app startup and hot paths. androidx.profileinstaller.ProfileInstallReceiver

Content Providers (3)

io.dcloud.common.util.DCloud_FileProvider
io.dcloud.sdk.base.service.provider.DCloudAdFileProvider
androidx.startup.InitializationProvider

URL Endpoints (1)

https://ask.dcloud.net.cn/article/36199

Submission Details

Submitted At 2026-06-15
First Submission 2026-06-15
Last Submission 2026-06-15
Stored Until 2026-07-15
Names & Tags
小海豚 (4).apk _____4_.apk apk contains-elf android obfuscated detect-debug-environment reflection