rednaga/APKiD

[DETECTION] Add Beebyte Obfuscator

Opened this issue · 1 comments

apkunpacker commented

https://www.beebyte.co.uk/

Hash : 53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456
File : https://koodous.com/apks/53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456/general-information

APKiD Scan -

$ apkid '53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456.apk'
[+] APKiD 2.1.4 :: from RedNaga :: rednaga.io
[*] 53fa7054f7112197cfe3ab8adc1afe825c6e6b4a696404f75f75eb894ae77456.apk!classes.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, possible Build.SERIAL check, possible VM check
 |-> compiler : dx (possible dexmerge)
 |-> manipulator : dexmerge

Additional Info -

/assets/bin/Data/globalgamemanagers.assets

$ r2 globalgamemanagers.assets
 -- Show offsets in graphs with 'e graph.offset = true'
[0x00000000]> izzq~+Beebyte
0x9988 19 18 Beebyte.Obfuscator
0x9bf8 19 18 Beebyte.Obfuscator
0xea10 19 18 Beebyte.Obfuscator
0x1b258 19 18 Beebyte.Obfuscator

https://koodous.com/rules/9jg6vOWYow1nPAel/

rule BeebyteObfuscator : Obfuscator
{
        strings:
        	$a = {42 65 65 62 79 74 65 2E 4F 62 66 75 73 63 61 74 6F 72}
        
        condition:
            $a
}
enovella commented

Hi,

Could you provide more info about it? Does this SDK protect only the assets?