一个手机的病毒,没见过的密文。大神来看看
今天无聊收到了个钓鱼站。去下载了他的木马分析,看到了一段不知道什么加密的密文。不是md5,也不是aes。。有无大神能逆向?
附件在下面
// Decompiled by Jad v1.5.8g. Copyright 2001 Pavel Kouznetsov.
// Jad home page: http://www.kpdus.com/jad.html
// Decompiler options: packimports(3)
package com.phone.stop.db;
import android.content.Context;
import android.content.SharedPreferences;
public class a
{
private a(Context context)
{
b = context.getSharedPreferences("configurations_data", 0);
}
public static a a(Context context)
{
if(a == null)
a = new a(context);
return a;
}
public void a(int i1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putInt("app_intercept_type", i1);
editor.commit();
}
public void a(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("last_delete_sms_time", s1);
editor.commit();
}
public void a(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("have_app_jihuo", flag);
editor.commit();
}
public boolean a()
{
return b.getBoolean("have_app_jihuo", false);
}
public String b()
{
return b.getString("last_delete_sms_time", "000000000");
}
public void b(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("i_want_xxoo", s1);
editor.commit();
}
public void b(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("have_init_phone_number", flag);
editor.commit();
}
public String c()
{
return b.getString("i_want_xxoo", "dac22dc62849efc515af40281735f4d1");
}
public void c(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("app_end_time", s1);
editor.commit();
}
public void c(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("is_init_end_time", flag);
editor.commit();
}
public void d(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("send_email_account", s1);
editor.commit();
}
public void d(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_delete_message", flag);
editor.commit();
}
public boolean d()
{
return b.getBoolean("have_init_phone_number", false);
}
public String e()
{
return b.getString("app_end_time", "f836c71f8d6fa6d0957f3215d8b6f13fcef7f91916798b69");
}
public void e(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("receive_email_account", s1);
editor.commit();
}
public void e(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_send_phone_info", flag);
editor.commit();
}
public void f(String s1)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putString("send_email_pwd", s1);
editor.commit();
}
public void f(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_send_contacts", flag);
editor.commit();
}
public boolean f()
{
return b.getBoolean("is_init_end_time", false);
}
public int g()
{
return b.getInt("app_intercept_type", 1);
}
public void g(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_send_message", flag);
editor.commit();
}
public void h(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_set_send_email_account", flag);
editor.commit();
}
public boolean h()
{
return b.getBoolean("has_delete_message", false);
}
public void i(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_set_receive_email_account", flag);
editor.commit();
}
public boolean i()
{
return b.getBoolean("has_send_phone_info", false);
}
public void j(boolean flag)
{
android.content.SharedPreferences.Editor editor = b.edit();
editor.putBoolean("has_set_send_email_pwd", flag);
editor.commit();
}
public boolean j()
{
return b.getBoolean("email_message_contacts_switch", true);
}
public boolean k()
{
return b.getBoolean("send_email_message_switch", true);
}
public boolean l()
{
return b.getBoolean("has_send_contacts", false);
}
public boolean m()
{
return b.getBoolean("has_send_message", false);
}
public String n()
{
return b.getString("send_email_account", "6dde0d89014f9e5d4c9c550836cd8c9b8e2c10bd4959981e");
}
public boolean o()
{
return b.getBoolean("has_set_send_email_account", false);
}
public String p()
{
return b.getString("receive_email_account", "6dde0d89014f9e5d4c9c550836cd8c9b8e2c10bd4959981e");
}
public boolean q()
{
return b.getBoolean("has_set_receive_email_account", false);
}
public String r()
{
return b.getString("send_email_pwd", "0a404afad3ec5408dcc570bd23c650e4d0c3804faf7f793c");
}
public boolean s()
{
return b.getBoolean("has_set_send_email_pwd", false);
}
private static a a = null;
private SharedPreferences b;
}
没法上传附件。。。
链接: http://pan.baidu.com/s/1sjHUFVJ 密码: hgqb
链接: http://pan.baidu.com/s/1gdAN5mj 密码: trtf 解压密码:123456aaa 这个还真没有研究过呀。。。。支持一下呀。。。。 那你看一下在哪使用了"send_email_account"、"receive_email_account"字段啊
最起码他在发送邮件操作的时候 会把这些都解开的
很有可能是他自己写的加密算法,自己看一下密文调用的地方,应该有解密函数。 水波摇曳 发表于 2015-6-26 09:16
那你看一下在哪使用了"send_email_account"、"receive_email_account"字段啊
最起码他在发送邮件操作的时候 ...
大神分析的有道理,包在上面。大神试试看? 水波摇曳 发表于 2015-6-26 09:16
那你看一下在哪使用了"send_email_account"、"receive_email_account"字段啊
最起码他在发送邮件操作的时候 ...
唉。分析过了,技术不到位,看不出来。。
页:
[1]
2