Public bug reported:
Search or scan a URL, IP address, domain, or file hash Sign in 1 / 61 One engine detected this file SHA-256 76e27c4b09f9c1cbbf0b414719b741d3087fc744f6de9431a282fbd976bd445a File name mssoJ77AHDuALWGu6G File size 11.78 MB Last analysis 2018-03-28 08:17:09 UTC Detection Details Relations Behavior Community VirusTotal Droidy Detailed report Network Communication HTTP Requests http://api.exc.mob.com:80/errconf http://api.share.mob.com:80/conn http://api.share.mob.com:80/snsconf https://static.yuanbaopu.com/hotcode/fidewd/ http://api.share.mob.com:80/conf4 http://api.share.mob.com:80/data2 http://api.share.mob.com:80/date http://loc.map.baidu.com/offline_loc http://loc.map.baidu.com/sdk.php http://loc.map.baidu.com/statloc DNS Resolutions loc.map.baidu.com 180.97.104.187 cdn.polyfill.io 151.101.122.109 dualstack.f3.shared.global.fastly.net 151.101.122.109 api.share.mob.com newloc.map.n.shifen.com api.exc.mob.com static.yuanbaopu.com IP Traffic 61.174.10.208:80 (TCP) 120.132.176.173:80 (TCP) 151.101.122.109:443 (TCP) 182.254.154.23:443 (TCP) 180.97.104.187:80 (TCP) File System Actions Files Opened /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/misc/keychain/pins /storage/emulated/0/ShareSDK/com.yuanbaopu.ybpmark/cache/com.yuanbaopu.ybpmark/.lock /storage/emulated/0/baidu/.cuid /proc/net/if_inet6 /sys/class/net/ip6tnl0/ifindex /sys/class/net/lo/ifindex /sys/class/net/sit0/ifindex /sys/class/net/eth0/ifindex /storage/emulated/0/ShareSDK/.dk Files Written /storage/emulated/0/baidu/tempdata/ls.db /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl_location.db /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl_statistics.db /storage/emulated/0/test.0 /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl.config /storage/emulated/0/baidu/tempdata/ller.dat /storage/emulated/0/baidu/tempdata/conlts.dat /storage/emulated/0/baidu/tempdata/grtcf.dat Files Deleted /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml.bak /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml.bak /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml /storage/emulated/0/test.0 Files Copied /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml Files Dropped 36ac59e578357746f7ab39a543f47e84260ca584534b3bbf3371bc1f4b407fd9 Process And Service Actions Permissions Checked android.permission.READ_PHONE_STATE android.permission.ACCESS_WIFI_STATE android.permission.CHANGE_WIFI_STATE android.permission.GET_TASKS Shell Commands su Services Opened com.google.android.gms.games.service.GamesIntentService (com.google.android.gms) com.google.android.gms.people.service.bg.PeopleBackgroundTasks (com.google.android.gms) Activities Started com.yuanbaopu.ybpmark.MainActivity (com.yuanbaopu.ybpmark) Synchronization Mechanisms & Signals Signals Hooked android.intent.action.PROXY_CHANGE android.intent.action.CONFIGURATION_CHANGED android.intent.action.PHONE_STATE android.intent.action.PACKAGE_ADDED android.intent.action.PACKAGE_REMOVED android.net.wifi.SCAN_RESULTS Modules Loaded Runtime Modules neh locSDK6a Invoked Methods android.os.SystemProperties.addChangeCallback android.os.SystemProperties.getLong com.fasterxml.jackson.databind.MapperFeature.values com.fasterxml.jackson.databind.DeserializationFeature.values com.fasterxml.jackson.databind.SerializationFeature.values com.android.org.conscrypt.OpenSSLCipher$Padding.values com.android.org.conscrypt.OpenSSLCipher$Mode.values android.net.wifi.SupplicantState.values android.net.wifi.WifiSsid.createFromAsciiEncoded com.nordnetab.chcp.main.model.ChcpError.values Highlighted Actions Calls Highlighted android.net.wifi.WifiInfo.getBSSID android.net.wifi.WifiInfo.getMacAddress android.net.wifi.WifiInfo.getSSID android.os.Debug.isDebuggerConnected android.telephony.TelephonyManager.getCellLocation android.telephony.TelephonyManager.getDeviceId android.telephony.TelephonyManager.getNetworkCountryIso android.telephony.TelephonyManager.getSimOperator android.telephony.TelephonyManager.getSubscriberId android.util.Base64.encode Cryptographical Algorithms Observed AES Cryptographical Keys Observed 30212102dicudiab sdk.sharesdk.sdk 14f0c07c317771a2 Encoding Algorithms Observed base64 Dataset Actions System Property Lookups debug.force_rtl debug.second-display.pkg debug.atrace.tags.enableflags sys.settings_system_version persist.sys.timezone persist.sys.ui.hw debug.layout sys.settings_secure_version viewroot.profile_rendering config.disable_media Shared Preferences Sets config_json config_json device_time device_data device_ext_data service_time lastInsertRunEventTime insertRunEventCount Content Model Observers NOT CACHED Content Model Sets exception_time exception_msg exception_level exception_md5 exception_time exception_msg exception_md5 exception_time exception_msg exception_md5 VirusTotal Contact Us How It Works Terms of Service Privacy Policy Join Us Community Join Community Vote and Comment Contributors Top Users Latest Comments Blog Tools API Scripts YARA Desktop Apps Browser Extensions Mobile App Private Services Documentation Get Started Searching Reports API Use Cases English (US) ** Affects: iputils (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to iputils in Ubuntu. https://bugs.launchpad.net/bugs/1808610 Title: chamelon Status in iputils package in Ubuntu: New Bug description: Search or scan a URL, IP address, domain, or file hash Sign in 1 / 61 One engine detected this file SHA-256 76e27c4b09f9c1cbbf0b414719b741d3087fc744f6de9431a282fbd976bd445a File name mssoJ77AHDuALWGu6G File size 11.78 MB Last analysis 2018-03-28 08:17:09 UTC Detection Details Relations Behavior Community VirusTotal Droidy Detailed report Network Communication HTTP Requests http://api.exc.mob.com:80/errconf http://api.share.mob.com:80/conn http://api.share.mob.com:80/snsconf https://static.yuanbaopu.com/hotcode/fidewd/ http://api.share.mob.com:80/conf4 http://api.share.mob.com:80/data2 http://api.share.mob.com:80/date http://loc.map.baidu.com/offline_loc http://loc.map.baidu.com/sdk.php http://loc.map.baidu.com/statloc DNS Resolutions loc.map.baidu.com 180.97.104.187 cdn.polyfill.io 151.101.122.109 dualstack.f3.shared.global.fastly.net 151.101.122.109 api.share.mob.com newloc.map.n.shifen.com api.exc.mob.com static.yuanbaopu.com IP Traffic 61.174.10.208:80 (TCP) 120.132.176.173:80 (TCP) 151.101.122.109:443 (TCP) 182.254.154.23:443 (TCP) 180.97.104.187:80 (TCP) File System Actions Files Opened /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/misc/keychain/pins /storage/emulated/0/ShareSDK/com.yuanbaopu.ybpmark/cache/com.yuanbaopu.ybpmark/.lock /storage/emulated/0/baidu/.cuid /proc/net/if_inet6 /sys/class/net/ip6tnl0/ifindex /sys/class/net/lo/ifindex /sys/class/net/sit0/ifindex /sys/class/net/eth0/ifindex /storage/emulated/0/ShareSDK/.dk Files Written /storage/emulated/0/baidu/tempdata/ls.db /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl_location.db /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl_statistics.db /storage/emulated/0/test.0 /data/data/com.yuanbaopu.ybpmark/files/ofld/ofl.config /storage/emulated/0/baidu/tempdata/ller.dat /storage/emulated/0/baidu/tempdata/conlts.dat /storage/emulated/0/baidu/tempdata/grtcf.dat Files Deleted /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml.bak /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml.bak /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml /storage/emulated/0/test.0 Files Copied /data/data/com.yuanbaopu.ybpmark/shared_prefs/chcp_plugin_config_pref.xml /data/data/com.yuanbaopu.ybpmark/shared_prefs/share_sdk_1.xml Files Dropped 36ac59e578357746f7ab39a543f47e84260ca584534b3bbf3371bc1f4b407fd9 Process And Service Actions Permissions Checked android.permission.READ_PHONE_STATE android.permission.ACCESS_WIFI_STATE android.permission.CHANGE_WIFI_STATE android.permission.GET_TASKS Shell Commands su Services Opened com.google.android.gms.games.service.GamesIntentService (com.google.android.gms) com.google.android.gms.people.service.bg.PeopleBackgroundTasks (com.google.android.gms) Activities Started com.yuanbaopu.ybpmark.MainActivity (com.yuanbaopu.ybpmark) Synchronization Mechanisms & Signals Signals Hooked android.intent.action.PROXY_CHANGE android.intent.action.CONFIGURATION_CHANGED android.intent.action.PHONE_STATE android.intent.action.PACKAGE_ADDED android.intent.action.PACKAGE_REMOVED android.net.wifi.SCAN_RESULTS Modules Loaded Runtime Modules neh locSDK6a Invoked Methods android.os.SystemProperties.addChangeCallback android.os.SystemProperties.getLong com.fasterxml.jackson.databind.MapperFeature.values com.fasterxml.jackson.databind.DeserializationFeature.values com.fasterxml.jackson.databind.SerializationFeature.values com.android.org.conscrypt.OpenSSLCipher$Padding.values com.android.org.conscrypt.OpenSSLCipher$Mode.values android.net.wifi.SupplicantState.values android.net.wifi.WifiSsid.createFromAsciiEncoded com.nordnetab.chcp.main.model.ChcpError.values Highlighted Actions Calls Highlighted android.net.wifi.WifiInfo.getBSSID android.net.wifi.WifiInfo.getMacAddress android.net.wifi.WifiInfo.getSSID android.os.Debug.isDebuggerConnected android.telephony.TelephonyManager.getCellLocation android.telephony.TelephonyManager.getDeviceId android.telephony.TelephonyManager.getNetworkCountryIso android.telephony.TelephonyManager.getSimOperator android.telephony.TelephonyManager.getSubscriberId android.util.Base64.encode Cryptographical Algorithms Observed AES Cryptographical Keys Observed 30212102dicudiab sdk.sharesdk.sdk 14f0c07c317771a2 Encoding Algorithms Observed base64 Dataset Actions System Property Lookups debug.force_rtl debug.second-display.pkg debug.atrace.tags.enableflags sys.settings_system_version persist.sys.timezone persist.sys.ui.hw debug.layout sys.settings_secure_version viewroot.profile_rendering config.disable_media Shared Preferences Sets config_json config_json device_time device_data device_ext_data service_time lastInsertRunEventTime insertRunEventCount Content Model Observers NOT CACHED Content Model Sets exception_time exception_msg exception_level exception_md5 exception_time exception_msg exception_md5 exception_time exception_msg exception_md5 VirusTotal Contact Us How It Works Terms of Service Privacy Policy Join Us Community Join Community Vote and Comment Contributors Top Users Latest Comments Blog Tools API Scripts YARA Desktop Apps Browser Extensions Mobile App Private Services Documentation Get Started Searching Reports API Use Cases English (US) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1808610/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
