[DETECTION] Add Beebyte Obfuscator
Opened this issue · 1 comments
apkunpacker commented
Hash : 53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456
File : https://koodous.com/apks/53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456/general-information
APKiD Scan -
$ apkid '53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456.apk'
[+] APKiD 2.1.4 :: from RedNaga :: rednaga.io
[*] 53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456.apk!classes.dex
|-> anti_debug : Debug.isDebuggerConnected() check
|-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, possible Build.SERIAL check, possible VM check
|-> compiler : dx (possible dexmerge)
|-> manipulator : dexmerge
Additional Info -
/assets/bin/Data/globalgamemanagers.assets
$ r2 globalgamemanagers.assets
-- Show offsets in graphs with 'e graph.offset = true'
[0x00000000]> izzq~+Beebyte
0x9988 19 18 Beebyte.Obfuscator
0x9bf8 19 18 Beebyte.Obfuscator
0xea10 19 18 Beebyte.Obfuscator
0x1b258 19 18 Beebyte.Obfuscator
https://koodous.com/rules/9jg6vOWYow1nPAel/
rule BeebyteObfuscator : Obfuscator
{
strings:
$a = {42 65 65 62 79 74 65 2E 4F 62 66 75 73 63 61 74 6F 72}
condition:
$a
}
enovella commented
Hi,
Could you provide more info about it? Does this SDK protect only the assets?